Module Dns.Dnskey

DNS keys

A DNS key record (DNSKEY) specifies flags, algorithm, and key data.

type algorithm =
  1. | RSA_SHA1
  2. | RSASHA1_NSEC3_SHA1
  3. | RSA_SHA256
  4. | RSA_SHA512
  5. | P256_SHA256
  6. | P384_SHA384
  7. | ED25519
  8. | MD5
  9. | SHA1
  10. | SHA224
  11. | SHA256
  12. | SHA384
  13. | SHA512
  14. | Unknown of int
    (*

    The type of currently supported DNS key algorithms.

    *)
val int_to_algorithm : int -> algorithm

int_to_algorithm i decodes i to an algorithm.

  • raises Invalid_argument

    if i does not fit in one octet.

val algorithm_to_int : algorithm -> int

algorithm_to_int a encodes a to an integer.

val pp_algorithm : algorithm Fmt.t

pp_algorithm ppf a pretty-prints the algorithm.

type flag = [
  1. | `Zone
  2. | `Revoke
  3. | `Secure_entry_point
]

The type of DNSKEY flags.

module F : Stdlib.Set.S with type elt = flag

The set of DNSKEY flags.

val decode_flags : int -> F.t

decode_flags x decodes x as a set of DNSKEY flags.

type t = {
  1. flags : F.t;
  2. algorithm : algorithm;
  3. key : string;
}

The type of a DNSKEY record.

val pp : t Fmt.t

pp ppf t pretty-prints the DNSKEY.

val compare : t -> t -> int

compare a b compares the DNSKEY a with b.

val of_string : string -> (t, [> `Msg of string ]) Stdlib.result

of_string str attempts to parse str to a dnskey. The colon character (:) is used as separator, supported format is: algorithm:keydata. Flags are not supported.

val to_string : t -> string

to_string key is a string where the colon character (:) is used as separator. The output is algorithm:keydata. Flags are not supported.

val name_key_of_string : string -> ([ `raw ] Domain_name.t * t, [> `Msg of string ]) Stdlib.result

name_key_of_string str attempts to parse str to a domain name and a dnskey. The colon character (:) is used as separator.

val name_key_to_string : ([ `raw ] Domain_name.t * t) -> string

name_key_to_string (name, key) is a string name:algorithm:keydata. The colon character (:) is used as separater.

val digest_prep : [ `raw ] Domain_name.t -> t -> string

digest_prep name key encodes name and key into a buffer, as preparation for computing its digest (for DS records).

val key_tag : t -> int

key_tag key computes the key tag (RFC 4034, Appendix B).