class Dnsruby::RR::NSEC3PARAM
The NSEC3PARAM
RR
contains the NSEC3
parameters (hash algorithm, flags, iterations and salt) needed by authoritative servers to calculate hashed owner names. The presence of an NSEC3PARAM
RR
at a zone apex indicates that the specified parameters may be used by authoritative servers to choose an appropriate set of NSEC3
RRs for negative responses. The NSEC3PARAM
RR
is not used by validators or resolvers.
Attributes
The Flags field contains 8 one-bit flags that can be used to indicate different processing. All undefined flags must be zero. The only flag defined by the NSEC3
specification is the Opt-Out flag.
The Hash Algorithm field identifies the cryptographic hash algorithm used to construct the hash-value.
The Iterations field defines the number of additional times the hash function has been performed.
The Salt Length field defines the length of the Salt field in octets, ranging in value from 0 to 255.
Public Instance Methods
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 72 def flags=(f) if (f==0 || f==1) @flags=f else raise DecodeError.new("Unknown NSEC3 flags field - #{f}") end end
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 97 def from_string(input) if (input.length > 0) data = input.split(" ") self.hash_alg=(data[0]).to_i self.flags=(data[1]).to_i self.iterations=(data[2]).to_i self.salt=(data[3]) # self.salt_length=(data[3].length) end end
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 54 def hash_alg=(a) if (a.instance_of?String) if (a.length == 1) a = a.to_i end end begin alg = Nsec3HashAlgorithms.new(a) @hash_alg = alg rescue ArgumentError => e raise DecodeError.new(e) end end
The Salt field is appended to the original owner name before hashing in order to defend against pre-calculated dictionary attacks.
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 45 def salt return NSEC3.encode_salt(@salt) end
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 49 def salt=(s) @salt = NSEC3.decode_salt(s) @salt_length = @salt.length end
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 68 def types=(t) @types = NSEC.get_types(t) end