Package dns :: Module tsig
[hide private]
[frames] | no frames]

Module tsig

source code

DNS TSIG support.

Classes [hide private]
  BadTime
Raised if the current time is not within the TSIG's validity time.
  BadSignature
Raised if the TSIG signature fails to verify.
  PeerError
Base class for all TSIG errors generated by the remote peer
  PeerBadKey
Raised if the peer didn't know the key we used
  PeerBadSignature
Raised if the peer didn't like the signature we sent
  PeerBadTime
Raised if the peer didn't like the time we sent
  PeerBadTruncation
Raised if the peer didn't like amount of truncation in the TSIG we sent
Functions [hide private]
(bytes, bytes, hmac.HMAC object)
sign(wire, keyname, secret, time, fudge, original_id, error, other_data, request_mac, ctx=None, multi=False, first=True, algorithm=default_algorithm)
Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata for the input parameters, the HMAC MAC calculated by applying the TSIG signature algorithm, and the TSIG digest context.
source code
 
hmac_md5(wire, keyname, secret, time, fudge, original_id, error, other_data, request_mac, ctx=None, multi=False, first=True, algorithm=default_algorithm) source code
hmac.HMAC object
validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata, tsig_rdlen, ctx=None, multi=False, first=True)
Validate the specified TSIG rdata against the other input parameters.
source code
 
_maybe_add_hash(tsig_alg, hash_alg) source code
 
_setup_hashes() source code
(string, hash constructor)
get_algorithm(algorithm)
Returns the wire format string and the hash module to use for the specified TSIG algorithm
source code
Variables [hide private]
  HMAC_MD5 = default_algorithm
  HMAC_SHA1 = dns.name.from_text("hmac-sha1")
  HMAC_SHA224 = dns.name.from_text("hmac-sha224")
  HMAC_SHA256 = dns.name.from_text("hmac-sha256")
  HMAC_SHA384 = dns.name.from_text("hmac-sha384")
  HMAC_SHA512 = dns.name.from_text("hmac-sha512")
  default_algorithm = default_algorithm
  BADSIG = 16
  BADKEY = 17
  BADTIME = 18
  BADTRUNC = 22
  _hashes = None
hash(x)
  __package__ = 'dns'
Function Details [hide private]

sign(wire, keyname, secret, time, fudge, original_id, error, other_data, request_mac, ctx=None, multi=False, first=True, algorithm=default_algorithm)

source code 

Return a (tsig_rdata, mac, ctx) tuple containing the HMAC TSIG rdata for the input parameters, the HMAC MAC calculated by applying the TSIG signature algorithm, and the TSIG digest context.

Returns: (bytes, bytes, hmac.HMAC object)
Raises:
  • ValueError - other_data is too long
  • NotImplementedError - algorithm is not supported

validate(wire, keyname, secret, now, request_mac, tsig_start, tsig_rdata, tsig_rdlen, ctx=None, multi=False, first=True)

source code 

Validate the specified TSIG rdata against the other input parameters.

Returns: hmac.HMAC object
Raises:
  • FormError - The TSIG is badly formed.
  • BadTime - There is too much time skew between the client and the server.
  • BadSignature - The TSIG signature did not validate

get_algorithm(algorithm)

source code 

Returns the wire format string and the hash module to use for the specified TSIG algorithm

Returns: (string, hash constructor)
Raises:
  • NotImplementedError - algorithm is not supported