1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 import base64
17 import io
18 import struct
19
20 import dns.exception
21 import dns.dnssec
22 import dns.rdata
23 import dns.tokenizer
24 import dns.util
25
26 _ctype_by_value = {
27 1 : 'PKIX',
28 2 : 'SPKI',
29 3 : 'PGP',
30 253 : 'URI',
31 254 : 'OID',
32 }
33
34 _ctype_by_name = {
35 'PKIX' : 1,
36 'SPKI' : 2,
37 'PGP' : 3,
38 'URI' : 253,
39 'OID' : 254,
40 }
41
43 v = _ctype_by_name.get(what)
44 if not v is None:
45 return v
46 return int(what)
47
49 v = _ctype_by_value.get(what)
50 if not v is None:
51 return v
52 return str(what)
53
54 -class CERT(dns.rdata.Rdata):
55 """CERT record
56
57 @ivar certificate_type: certificate type
58 @type certificate_type: int
59 @ivar key_tag: key tag
60 @type key_tag: int
61 @ivar algorithm: algorithm
62 @type algorithm: int
63 @ivar certificate: the certificate or CRL
64 @type certificate: bytes
65 @see: RFC 2538"""
66
67 __slots__ = ['certificate_type', 'key_tag', 'algorithm', 'certificate']
68
69 - def __init__(self, rdclass, rdtype, certificate_type, key_tag, algorithm,
70 certificate):
76
77 - def to_text(self, origin=None, relativize=True, **kw):
78 certificate_type = _ctype_to_text(self.certificate_type)
79 return "%s %d %s %s" % (certificate_type, self.key_tag,
80 dns.dnssec.algorithm_to_text(self.algorithm),
81 dns.rdata._base64ify(self.certificate))
82
83 - def from_text(cls, rdclass, rdtype, tok, origin = None, relativize = True):
84 certificate_type = _ctype_from_text(tok.get_string())
85 key_tag = tok.get_uint16()
86 algorithm = dns.dnssec.algorithm_from_text(tok.get_string())
87 if algorithm < 0 or algorithm > 255:
88 raise dns.exception.SyntaxError("bad algorithm type")
89 chunks = []
90 while 1:
91 t = tok.get().unescape()
92 if t.is_eol_or_eof():
93 break
94 if not t.is_identifier():
95 raise dns.exception.SyntaxError
96 chunks.append(t.value)
97 b64 = ''.join(chunks)
98 certificate = base64.b64decode(b64.encode('ascii'))
99 return cls(rdclass, rdtype, certificate_type, key_tag,
100 algorithm, certificate)
101
102 from_text = classmethod(from_text)
103
104 - def to_wire(self, file, compress = None, origin = None):
105 prefix = struct.pack("!HHB", self.certificate_type, self.key_tag,
106 self.algorithm)
107 file.write(prefix)
108 file.write(self.certificate)
109
110 - def from_wire(cls, rdclass, rdtype, wire, current, rdlen, origin = None):
120
121 from_wire = classmethod(from_wire)
122
123 - def _cmp(self, other):
124 f = io.BytesIO()
125 self.to_wire(f)
126 wire1 = f.getvalue()
127 f.seek(0)
128 f.truncate()
129 other.to_wire(f)
130 wire2 = f.getvalue()
131 f.close()
132
133 return dns.util.cmp(wire1, wire2)
134