class Dnsruby::RR::NSEC3PARAM

The NSEC3PARAM RR contains the NSEC3 parameters (hash algorithm, flags, iterations and salt) needed by authoritative servers to calculate hashed owner names. The presence of an NSEC3PARAM RR at a zone apex indicates that the specified parameters may be used by authoritative servers to choose an appropriate set of NSEC3 RRs for negative responses. The NSEC3PARAM RR is not used by validators or resolvers.

Attributes

flags[R]

The Flags field contains 8 one-bit flags that can be used to indicate different processing. All undefined flags must be zero. The only flag defined by the NSEC3 specification is the Opt-Out flag.

hash_alg[R]

The Hash Algorithm field identifies the cryptographic hash algorithm used to construct the hash-value.

iterations[RW]

The Iterations field defines the number of additional times the hash function has been performed.

salt_length[R]

The Salt Length field defines the length of the Salt field in octets, ranging in value from 0 to 255.

Public Instance Methods

flags=(f) click to toggle source
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 72
def flags=(f)
  if (f==0 || f==1)
    @flags=f
  else
    raise DecodeError.new("Unknown NSEC3 flags field - #{f}")
  end
end
from_string(input) click to toggle source
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 97
def from_string(input)
  if (input.length > 0)
    data = input.split(" ")
    self.hash_alg=(data[0]).to_i
    self.flags=(data[1]).to_i
    self.iterations=(data[2]).to_i
    self.salt=(data[3])
    #           self.salt_length=(data[3].length)
  end
end
hash_alg=(a) click to toggle source
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 54
def hash_alg=(a)
  if (a.instance_of?String)
    if (a.length == 1)
      a = a.to_i
    end
  end
  begin
    alg = Nsec3HashAlgorithms.new(a)
    @hash_alg = alg
  rescue ArgumentError => e
    raise DecodeError.new(e)
  end
end
salt() click to toggle source

The Salt field is appended to the original owner name before hashing in order to defend against pre-calculated dictionary attacks.

# File lib/dnsruby/resource/NSEC3PARAM.rb, line 45
def salt
  return NSEC3.encode_salt(@salt)
end
salt=(s) click to toggle source
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 49
def salt=(s)
  @salt = NSEC3.decode_salt(s)
  @salt_length = @salt.length
end
types=(t) click to toggle source
# File lib/dnsruby/resource/NSEC3PARAM.rb, line 68
def types=(t)
  @types = NSEC.get_types(t)
end