package dns

  1. Overview
  2. Docs

DNS keys

A DNS key record (DNSKEY) specifies flags, algorithm, and key data.

type algorithm =
  1. | RSA_SHA1
  2. | RSASHA1_NSEC3_SHA1
  3. | RSA_SHA256
  4. | RSA_SHA512
  5. | P256_SHA256
  6. | P384_SHA384
  7. | ED25519
  8. | MD5
  9. | SHA1
  10. | SHA224
  11. | SHA256
  12. | SHA384
  13. | SHA512
  14. | Unknown of int
    (*

    The type of currently supported DNS key algorithms.

    *)
val int_to_algorithm : int -> algorithm

int_to_algorithm i decodes i to an algorithm.

val algorithm_to_int : algorithm -> int

algorithm_to_int a encodes a to an integer.

val pp_algorithm : algorithm Fmt.t

pp_algorithm ppf a pretty-prints the algorithm.

type flag = [
  1. | `Zone
  2. | `Revoke
  3. | `Secure_entry_point
]

The type of DNSKEY flags.

module F : Set.S with type elt = flag

The set of DNSKEY flags.

val decode_flags : int -> F.t

decode_flags x decodes x as a set of DNSKEY flags.

type t = {
  1. flags : F.t;
  2. algorithm : algorithm;
  3. key : Cstruct.t;
}

The type of a DNSKEY record.

val pp : t Fmt.t

pp ppf t pretty-prints the DNSKEY.

val compare : t -> t -> int

compare a b compares the DNSKEY a with b.

val of_string : string -> (t, [> `Msg of string ]) result

of_string str attempts to parse str to a dnskey. The colon character (:) is used as separator, supported format is: algo:keydata where keydata is a base64 string.

val name_key_of_string : string -> ([ `raw ] Domain_name.t * t, [> `Msg of string ]) result

name_key_of_string str attempts to parse str to a domain name and a dnskey. The colon character (:) is used as separator.

val pp_name_key : ([ `raw ] Domain_name.t * t) Fmt.t

pp_name_key (name, key) pretty-prints the dnskey and name pair.

val digest_prep : [ `raw ] Domain_name.t -> t -> Cstruct.t

digest_prep name key encodes name and key into a buffer, as preparation for computing its digest (for DS records).

val key_tag : t -> int

key_tag key computes the key tag (RFC 4034, Appendix B).