| java.lang.Object
 org.xbill.DNS.TSIG
| TSIG | | public class TSIG (Code) | | Transaction signature handling. This class generates and verifies
TSIG records on messages, which provide transaction security.
See Also: TSIGRecord
author:
Brian Wellington |
| Inner Class :public static class StreamVerifier | |
| Field Summary | |
| final public static short | FUDGE
The default fudge value for outgoing packets. | | final public static Name | HMAC
The domain name representing the HMAC-MD5 algorithm (deprecated). | | final public static Name | HMAC_MD5
The domain name representing the HMAC-MD5 algorithm. | | final public static Name | HMAC_SHA1
The domain name representing the HMAC-SHA1 algorithm. | | final public static Name | HMAC_SHA256
The domain name representing the HMAC-SHA256 algorithm. |
| Constructor Summary | |
| public | TSIG(Name algorithm, Name name, byte[] key)
Creates a new TSIG key, which can be used to sign or verify a message. | | public | TSIG(Name name, byte[] key)
Creates a new TSIG key with the hmac-md5 algorithm, which can be used to
sign or verify a message. | | public | TSIG(Name algorithm, String name, String key)
Creates a new TSIG object, which can be used to sign or verify a message. | | public | TSIG(String algorithm, String name, String key)
Creates a new TSIG object, which can be used to sign or verify a message.
Parameters:
name - The name of the shared key. | | public | TSIG(String name, String key)
Creates a new TSIG object with the hmac-md5 algorithm, which can be used to
sign or verify a message. |
| Method Summary | |
| public void | apply(Message m, int error, TSIGRecord old)
Generates a TSIG record with a specific error for a message and adds it
to the message. | | public void | apply(Message m, TSIGRecord old)
| | public void | applyStream(Message m, TSIGRecord old, boolean first)
| | public static TSIG | fromString(String str)
Creates a new TSIG object with the hmac-md5 algorithm, which can be used to
sign or verify a message.
Parameters:
str - The TSIG key, in the form name:secret, name/secret,alg:name:secret, or alg/name/secret. | | public TSIGRecord | generate(Message m, byte[] b, int error, TSIGRecord old)
Generates a TSIG record with a specific error for a message that has
been rendered. | | public int | recordLength()
Returns the maximum length of a TSIG record generated by this key. | | public byte | verify(Message m, byte[] b, int length, TSIGRecord old)
Verifies a TSIG record on an incoming message. | | public int | verify(Message m, byte[] b, TSIGRecord old)
Verifies a TSIG record on an incoming message. |
| FUDGE | | final public static short FUDGE(Code) | | The default fudge value for outgoing packets. Can be overriden by the
tsigfudge option.
|
| HMAC | | final public static Name HMAC(Code) | | The domain name representing the HMAC-MD5 algorithm (deprecated).
|
| HMAC_MD5 | | final public static Name HMAC_MD5(Code) | | The domain name representing the HMAC-MD5 algorithm.
|
| HMAC_SHA1 | | final public static Name HMAC_SHA1(Code) | | The domain name representing the HMAC-SHA1 algorithm.
|
| HMAC_SHA256 | | final public static Name HMAC_SHA256(Code) | | The domain name representing the HMAC-SHA256 algorithm.
|
| TSIG | | public TSIG(Name algorithm, Name name, byte[] key)(Code) | | Creates a new TSIG key, which can be used to sign or verify a message.
Parameters:
algorithm - The algorithm of the shared key.
Parameters:
name - The name of the shared key.
Parameters:
key - The shared key's data. |
| TSIG | | public TSIG(Name name, byte[] key)(Code) | | Creates a new TSIG key with the hmac-md5 algorithm, which can be used to
sign or verify a message.
Parameters:
name - The name of the shared key.
Parameters:
key - The shared key's data. |
| TSIG | | public TSIG(Name algorithm, String name, String key)(Code) | | Creates a new TSIG object, which can be used to sign or verify a message.
Parameters:
name - The name of the shared key.
Parameters:
key - The shared key's data represented as a base64 encoded string.
throws:
IllegalArgumentException - The key name is an invalid name
throws:
IllegalArgumentException - The key data is improperly encoded |
| TSIG | | public TSIG(String algorithm, String name, String key)(Code) | | Creates a new TSIG object, which can be used to sign or verify a message.
Parameters:
name - The name of the shared key. The legal values are "hmac-md5","hmac-sha1", and "hmac-sha256".
Parameters:
key - The shared key's data represented as a base64 encoded string.
throws:
IllegalArgumentException - The key name is an invalid name
throws:
IllegalArgumentException - The key data is improperly encoded |
| TSIG | | public TSIG(String name, String key)(Code) | | Creates a new TSIG object with the hmac-md5 algorithm, which can be used to
sign or verify a message.
Parameters:
name - The name of the shared key
Parameters:
key - The shared key's data, represented as a base64 encoded string.
throws:
IllegalArgumentException - The key name is an invalid name
throws:
IllegalArgumentException - The key data is improperly encoded |
| apply | | public void apply(Message m, int error, TSIGRecord old)(Code) | | Generates a TSIG record with a specific error for a message and adds it
to the message.
Parameters:
m - The message
Parameters:
error - The error
Parameters:
old - If this message is a response, the TSIG from the request |
| apply | | public void apply(Message m, TSIGRecord old)(Code) | | Generates a TSIG record for a message and adds it to the message
Parameters:
m - The message
Parameters:
old - If this message is a response, the TSIG from the request |
| applyStream | | public void applyStream(Message m, TSIGRecord old, boolean first)(Code) | | Generates a TSIG record for a message and adds it to the message
Parameters:
m - The message
Parameters:
old - If this message is a response, the TSIG from the request |
| fromString | | public static TSIG fromString(String str)(Code) | | Creates a new TSIG object with the hmac-md5 algorithm, which can be used to
sign or verify a message.
Parameters:
str - The TSIG key, in the form name:secret, name/secret,alg:name:secret, or alg/name/secret. If an algorithm is specified, it mustbe "hmac-md5", "hmac-sha1", or "hmac-sha256".
throws:
IllegalArgumentException - The string does not contain both a nameand secret.
throws:
IllegalArgumentException - The key name is an invalid name
throws:
IllegalArgumentException - The key data is improperly encoded |
| generate | | public TSIGRecord generate(Message m, byte[] b, int error, TSIGRecord old)(Code) | | Generates a TSIG record with a specific error for a message that has
been rendered.
Parameters:
m - The message
Parameters:
b - The rendered message
Parameters:
error - The error
Parameters:
old - If this message is a response, the TSIG from the request The TSIG record to be added to the message |
| recordLength | | public int recordLength()(Code) | | Returns the maximum length of a TSIG record generated by this key.
See Also: TSIGRecord |
| verify | | public byte verify(Message m, byte[] b, int length, TSIGRecord old)(Code) | | Verifies a TSIG record on an incoming message. Since this is only called
in the context where a TSIG is expected to be present, it is an error
if one is not present.
Parameters:
m - The message
Parameters:
b - An array containing the message in unparsed form. This isnecessary since TSIG signs the message in wire format, and we can'trecreate the exact wire format (with the same name compression).
Parameters:
length - The length of the message in the array.
Parameters:
old - If this message is a response, the TSIG from the request The result of the verification (as an Rcode)
See Also: Rcode |
| verify | | public int verify(Message m, byte[] b, TSIGRecord old)(Code) | | Verifies a TSIG record on an incoming message. Since this is only called
in the context where a TSIG is expected to be present, it is an error
if one is not present.
Parameters:
m - The message
Parameters:
b - The message in unparsed form. This is necessary since TSIGsigns the message in wire format, and we can't recreate the exact wireformat (with the same name compression).
Parameters:
old - If this message is a response, the TSIG from the request The result of the verification (as an Rcode)
See Also: Rcode |
|
|