def ds_from_dnskey(zone, flags, protocol, algorithm, *key): dnspy_dnskey = DNSKEY( "IN", "DNSKEY", int(flags), int(protocol), int(algorithm), b64decode(" ".join(key)), ) return make_ds(zone, dnspy_dnskey, "SHA256").to_text()
def validate(self): # print("hey..") digest_algo_list = self.parent_data_digest() ksk_list = self.child_data_digest() for ksk in ksk_list: for p_digest, p_algo in digest_algo_list: if p_digest == sec.make_ds(name = self.query, key = ksk, algorithm = p_algo).digest: return True else: return False
def update_keys(_sox, zone, newkeys): zonestr = zone.to_text() if zonestr.endswith('.'): zonestr = zonestr[:-1] new_ds_set = [] for key in newkeys: if key.flags & 0x0001: new_ds_set.append(dnssec.make_ds(zonestr + '.', key, 'SHA256')) update_dsset(_sox, zonestr, new_ds_set)