def ds_from_dnskey(zone, flags, protocol, algorithm, *key):
dnspy_dnskey = DNSKEY(
"IN",
"DNSKEY",
int(flags),
int(protocol),
int(algorithm),
b64decode(" ".join(key)),
)
return make_ds(zone, dnspy_dnskey, "SHA256").to_text()
def validate(self):
# print("hey..")
digest_algo_list = self.parent_data_digest()
ksk_list = self.child_data_digest()
for ksk in ksk_list:
for p_digest, p_algo in digest_algo_list:
if p_digest == sec.make_ds(name = self.query, key = ksk, algorithm = p_algo).digest:
return True
else:
return False
def update_keys(_sox, zone, newkeys):
zonestr = zone.to_text()
if zonestr.endswith('.'):
zonestr = zonestr[:-1]
new_ds_set = []
for key in newkeys:
if key.flags & 0x0001:
new_ds_set.append(dnssec.make_ds(zonestr + '.', key, 'SHA256'))
update_dsset(_sox, zonestr, new_ds_set)