Navigation

Class ldns_key

Class ldns_key

class ldns.ldns_key

Key class

This class can contains all types of keys that are used in DNSSEC. Mostly used to store private keys, since public keys can also be stored in a ldns_rr with type LDNS_RR_TYPE_DNSKEY. This class can also store some variables that influence the signatures generated by signing with this key, for instance the inception date.

Usage

>>> import ldns
>>> ldns.ldns_init_random(open("/dev/random","rb"), 512/8)
>>> key = ldns.ldns_key.new_frm_algorithm(ldns.LDNS_SIGN_DSA, 512) #generate new DSA key
>>> print key
Private-key-format: v1.2
Algorithm: 3 (DSA)
Prime(p): XXXXXXXXHRQBGRflHZQriSAoLI2g+LGvZz8BlEesO+ZQg65wrFGs9IC441y/mn3nFnXfCdtX6zbN5bQuabPdlQ==
Subprime(q): XXXXXdnWs/cWsGDglhEyZRLEVA8=
Base(g): XXXXXXXqrd+dm2bcxDBdCsZRzkXQ22FxCk2ycnjgevr+s2HfA57BPk3xwqCrHUwuOBVg3Fvq4bpldrCe0sT6Og==
Private_value(x): XXXXXcVubZF33pj04z4ZoETsQW1Y=
Public_value(y): XXXXXX8t6zfOxJHoy57qteIw9sOZ/Zu0yFiPO083sPm11NlFx3b4m7TJ2k41gYicHXHLUQK1p0xXFToeZEkPGQ==
>>> fw = open("key.priv", "wb")
>>> key.print_to_file(fw) #write priv key to file
algorithm()

return the signing alg of the key

Returns:(ldns_signing_algorithm) the algorithm
dsa_key()

returns the (openssl) DSA struct contained in the key

Returns:(DSA *)
evp_key()

returns the (openssl) EVP struct contained in the key

Returns:(EVP_PKEY *) the RSA * structure in the key
expiration()

return the key’s expiration date

Returns:(uint32_t) the experiration date
flags()

return the flag of the key

Returns:(uint16_t) the flag
hmac_key()

return the hmac key data

Returns:(unsigned char *) the hmac key data
hmac_size()

return the hmac key size

Returns:(size_t) the hmac key size
inception()

return the key’s inception date

Returns:(uint32_t) the inception date
key_to_rr()

converts a ldns_key to a public key rr

Returns:(ldns_rr *) ldns_rr representation of the key
keytag()

return the keytag

Returns:(uint16_t) the keytag
static new_frm_algorithm(algorithm, size, raiseException=True)

Creates a new key based on the algorithm.

Parameters:
  • algorithm – the algorithm to use
  • size – the number of bytes for the keysize
  • raiseException – if True, an exception occurs in case a key instance can’t be created
Returns:

key instance or None. If the object can’t be created and raiseException is True, an exception occurs.
Algorithms
LDNS_SIGN_RSAMD5, LDNS_SIGN_RSASHA1, LDNS_SIGN_DSA, LDNS_SIGN_RSASHA1_NSEC3, LDNS_SIGN_RSASHA256, LDNS_SIGN_RSASHA256_NSEC3, LDNS_SIGN_RSASHA512, LDNS_SIGN_RSASHA512_NSEC3, LDNS_SIGN_DSA_NSEC3, LDNS_SIGN_HMACMD5, LDNS_SIGN_HMACSHA1, LDNS_SIGN_HMACSHA256
static new_frm_fp(file, raiseException=True)

Creates a new priv key based on the contents of the file pointed by fp.

Parameters:
  • file – a file object
  • raiseException – if True, an exception occurs in case a key instance can’t be created
Returns:

key instance or None. If the object can’t be created and raiseException is True, an exception occurs.
static new_frm_fp_l(file, raiseException=True)

Creates a new private key based on the contents of the file pointed by fp.

Parameters:
  • file – a file object
  • raiseException – if True, an exception occurs in case a key instance can’t be created
Returns:

  • key - key instance or None. If an instance can’t be created and raiseException is True, an exception occurs.
  • line - the line number (for debugging)
origttl()

return the original ttl of the key

Returns:(uint32_t) the original ttl
print_to_file(file)

print a private key to the file ouput

Parameters:file – output file pointer
pubkey_owner()

return the public key’s owner

Returns:(ldns_rdf *) the owner
rsa_key()

returns the (openssl) RSA struct contained in the key

Returns:(RSA *) the RSA * structure in the key
set_algorithm(l)

Set the key’s algorithm.

Parameters:l – the algorithm
set_dsa_key(d)

Set the key’s dsa data.

Parameters:d – the dsa data
set_evp_key(e)

Set the key’s evp key.

Parameters:e – the evp key
set_expiration(e)

Set the key’s expiration date (seconds after epoch).

Parameters:e – the expiration
set_flags(flags)

Set the key’s flags.

Parameters:flags – the flags
set_hmac_key(hmac)

Set the key’s hmac data.

Parameters:hmac – the raw key data
set_hmac_size(hmac_size)

Set the key’s hmac size.

Parameters:hmac_size – the size of the hmac data
set_inception(i)

Set the key’s inception date (seconds after epoch).

Parameters:i – the inception
set_keytag(tag)

Set the key’s key tag.

Parameters:tag – the keytag
set_origttl(t)

Set the key’s original ttl.

Parameters:t – the ttl
set_pubkey_owner(r)

Set the key’s pubkey owner.

Parameters:r – the owner
set_rsa_key(r)

Set the key’s rsa data.

Parameters:r – the rsa data
set_use(v)

set the use flag

Parameters:v – the boolean value to set the _use field to
use()

return the use flag

Returns:(bool) the boolean value of the _use field

Table Of Contents

Previous topic

Class ldns_zone

Next topic

Class ldns_key_list

Navigation

© Copyright 2009-2013, Karel Slany, Zdenek Vasicek. Last updated on Jan 29, 2014. Created using Sphinx 1.1.3.