Class: Dnsruby::RR::IN::TLSA

Inherits:

Dnsruby::RR

• Object
• Dnsruby::RR
• Dnsruby::RR::IN::TLSA

Defined in:

lib/dnsruby/resource/TLSA.rb

Overview

Class for DNS TLSA server certificate or public key (TLSA) resource records.

RFC 6698

Constant Summary

Constants inherited from Dnsruby::RR

ClassInsensitiveTypes

Instance Attribute Summary

• #data ⇒ Object

  sec 2.1.4.

• #databin ⇒ Object

  Returns the value of attribute databin.

• #matching_type ⇒ Object

  sec 2.3.1.

• #selector ⇒ Object

  sec 2.1.2, 7.3.

• #usage ⇒ Object

  sec 2.1.1 ,7,2.

Attributes inherited from Dnsruby::RR

#klass, #name, #rdata, #ttl, #type

Class Method Summary

• .decode_rdata(msg) ⇒ Object

  :nodoc: all.

Instance Method Summary

• #cert ⇒ Object
• #encode_rdata(msg, _canonical = false) ⇒ Object

  :nodoc: all.

• #from_data(data) ⇒ Object

  :nodoc: all.

• #from_hash(hash) ⇒ Object

  Create the RR from a hash.

• #from_string(input) ⇒ Object

  Create the RR from a standard string.

• #parse_string(data) ⇒ Object
• #pkey ⇒ Object
• #rdata_to_string ⇒ Object
• #verify ⇒ Object

Methods inherited from Dnsruby::RR

#<=>, #==, #clone, create, #eql?, find_class, get_class, get_num, #hash, implemented_rrs, #init_defaults, new_from_data, new_from_hash, new_from_string, #rdlength, #sameRRset, #to_s

Instance Attribute Details

#data ⇒ Object

sec 2.1.4

# File 'lib/dnsruby/resource/TLSA.rb', line 36

def data
  @data
end

#databin ⇒ Object

Returns the value of attribute databin.

# File 'lib/dnsruby/resource/TLSA.rb', line 37

def databin
  @databin
end

#matching_type ⇒ Object

sec 2.3.1

0 Exact match on selected content 1 SHA-256 hash of selected content 2 SHA-512 hash of selected content 3-254 Unassigned 255 Private use

# File 'lib/dnsruby/resource/TLSA.rb', line 34

def matching_type
  @matching_type
end

#selector ⇒ Object

sec 2.1.2, 7.3

0 Full certificate 1 SubjectPublicKeyInfo 2-254 Unassigned 255 Private use

# File 'lib/dnsruby/resource/TLSA.rb', line 26

def selector
  @selector
end

#usage ⇒ Object

sec 2.1.1 ,7,2

0 CA constraint 1 Service certificate constraint 2 Trust anchor assertion 3 Domain-issued certificate 4-254 Unassigned 255 Private use

# File 'lib/dnsruby/resource/TLSA.rb', line 19

def usage
  @usage
end

Class Method Details

.decode_rdata(msg) ⇒ Object

:nodoc: all

# File 'lib/dnsruby/resource/TLSA.rb', line 141

def self.decode_rdata(msg) #:nodoc: all
  usage, selector, matching_type = msg.get_unpack('CCC')
  databin = msg.get_bytes
  new([usage, selector, matching_type, databin])
end

Instance Method Details

#cert ⇒ Object

# File 'lib/dnsruby/resource/TLSA.rb', line 70

def cert
  if @matching_type == 0 && @selector == 0 && @databin
    begin
      cert = OpenSSL::X509::Certificate.new(@databin)
    rescue
      raise ArgumentError, 'data is invalid cert '
    end
  end
  cert
end

#encode_rdata(msg, _canonical = false) ⇒ Object

:nodoc: all

# File 'lib/dnsruby/resource/TLSA.rb', line 136

def encode_rdata(msg, _canonical = false) #:nodoc: all
  msg.put_pack('CCC', @usage, @selector, @matching_type)
  msg.put_bytes(@databin)
end

#from_data(data) ⇒ Object

:nodoc: all

# File 'lib/dnsruby/resource/TLSA.rb', line 47

def from_data(data) #:nodoc: all
  self.usage = data[0]
  self.selector = data[1]
  self.matching_type = data[2]
  self.databin = data[3]
  verify
end

#from_hash(hash) ⇒ Object

Create the RR from a hash

# File 'lib/dnsruby/resource/TLSA.rb', line 56

def from_hash(hash)
  super(hash)
  verify
end

#from_string(input) ⇒ Object

Create the RR from a standard string

# File 'lib/dnsruby/resource/TLSA.rb', line 123

def from_string(input)
  values = input.split(' ', 4)
  self.usage = values[0].to_i
  self.selector = values[1].to_i
  self.matching_type = values[2].to_i
  self.data = values[3]
  verify
end

#parse_string(data) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/dnsruby/resource/TLSA.rb', line 98

def parse_string(data)
  buf = ''
  comment = false
  multiline = false
  data.each_char do |ch|
    case ch
    when ';' then comment = true
    when '\n'
      raise ArgumentError, 'string format error' unless multiline
      comment = false
    when '\r' then next
    when ' ' then next
    when comment then next
    when '(' then multiline = true
    when ')' then multiline = false
    else
      buf += ch
    end
  end
  raise ArgumentError, 'string format error' if multiline

  [buf].pack('H*')
end

#pkey ⇒ Object

# File 'lib/dnsruby/resource/TLSA.rb', line 81

def pkey
  pubkey = nil
  if @matching_type == 0 && @databin
    if @selector == 0
      cert = self.cert
      pubkey = cert.public_key
    elsif @selector == 1
      begin
        pubkey = OpenSSL::PKey.read(@databin)
      rescue
        raise ArgumentError, 'data is invalid pkey'
      end
    end
  end
  pubkey
end

#rdata_to_string ⇒ Object

# File 'lib/dnsruby/resource/TLSA.rb', line 132

def rdata_to_string
  "#{@usage} #{@selector} #{@matching_type} #{@data}"
end

#verify ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/dnsruby/resource/TLSA.rb', line 39

def verify
  raise ArgumentError, "usage with invalid value: #{@usage}" if @usage < 0 || @usage > 255
  raise ArgumentError, "selector with invalid value: #{@selector}" if @selector < 0 || @selector > 255
  raise ArgumentError, "matching_type with invalid value: #{@matching_type}" if @matching_type < 0 || @matching_type > 255
  raise ArgumentError, "data with invalid value: #{@data}" if (@matching_type == 1 && @databin.bytesize != 32) || (@matching_type == 2 && @databin.bytesize != 64)
  pkey if @matching_type == 0
end