1 // Copyright (c) 1999-2004 Brian Wellington (bwelling (at) xbill.org) 2 3 package org.xbill.DNS; 4 5 import java.io.IOException; 6 import java.security.NoSuchAlgorithmException; 7 8 import org.xbill.DNS.utils.base16; 9 10 /** 11 * Next SECure name 3 Parameters - this record contains the parameters (hash 12 * algorithm, salt, iterations) used for a valid, complete NSEC3 chain present 13 * in a zone. Zones signed using NSEC3 must include this record at the zone apex 14 * to inform authoritative servers that NSEC3 is being used with the given 15 * parameters. 16 * 17 * @author Brian Wellington 18 * @author David Blacka 19 */ 20 21 public class NSEC3PARAMRecord extends Record { 22 23 private static final long serialVersionUID = -8689038598776316533L; 24 25 private int hashAlg; 26 private int flags; 27 private int iterations; 28 private byte salt[]; 29 30 NSEC3PARAMRecord() {} 31 32 Record getObject() { 33 return new NSEC3PARAMRecord(); 34 } 35 36 /** 37 * Creates an NSEC3PARAM record from the given data. 38 * 39 * @param name The ownername of the NSEC3PARAM record (generally the zone name). 40 * @param dclass The class. 41 * @param ttl The TTL. 42 * @param hashAlg The hash algorithm. 43 * @param flags The value of the flags field. 44 * @param iterations The number of hash iterations. 45 * @param salt The salt to use (may be null). 46 */ 47 public NSEC3PARAMRecord(Name name, int dclass, long ttl, int hashAlg, 48 int flags, int iterations, byte [] salt) 49 { 50 super(name, Type.NSEC3PARAM, dclass, ttl); 51 this.hashAlg = checkU8("hashAlg", hashAlg); 52 this.flags = checkU8("flags", flags); 53 this.iterations = checkU16("iterations", iterations); 54 55 if (salt != null) { 56 if (salt.length > 255) 57 throw new IllegalArgumentException("Invalid salt " + 58 "length"); 59 if (salt.length > 0) { 60 this.salt = new byte[salt.length]; 61 System.arraycopy(salt, 0, this.salt, 0, salt.length); 62 } 63 } 64 } 65 66 void 67 rrFromWire(DNSInput in) throws IOException { 68 hashAlg = in.readU8(); 69 flags = in.readU8(); 70 iterations = in.readU16(); 71 72 int salt_length = in.readU8(); 73 if (salt_length > 0) 74 salt = in.readByteArray(salt_length); 75 else 76 salt = null; 77 } 78 79 void 80 rrToWire(DNSOutput out, Compression c, boolean canonical) { 81 out.writeU8(hashAlg); 82 out.writeU8(flags); 83 out.writeU16(iterations); 84 85 if (salt != null) { 86 out.writeU8(salt.length); 87 out.writeByteArray(salt); 88 } else 89 out.writeU8(0); 90 } 91 92 void 93 rdataFromString(Tokenizer st, Name origin) throws IOException 94 { 95 hashAlg = st.getUInt8(); 96 flags = st.getUInt8(); 97 iterations = st.getUInt16(); 98 99 String s = st.getString(); 100 if (s.equals("-")) 101 salt = null; 102 else { 103 st.unget(); 104 salt = st.getHexString(); 105 if (salt.length > 255) 106 throw st.exception("salt value too long"); 107 } 108 } 109 110 /** Converts rdata to a String */ 111 String 112 rrToString() { 113 StringBuffer sb = new StringBuffer(); 114 sb.append(hashAlg); 115 sb.append(' '); 116 sb.append(flags); 117 sb.append(' '); 118 sb.append(iterations); 119 sb.append(' '); 120 if (salt == null) 121 sb.append('-'); 122 else 123 sb.append(base16.toString(salt)); 124 125 return sb.toString(); 126 } 127 128 /** Returns the hash algorithm */ 129 public int 130 getHashAlgorithm() { 131 return hashAlg; 132 } 133 134 /** Returns the flags */ 135 public int 136 getFlags() { 137 return flags; 138 } 139 140 /** Returns the number of iterations */ 141 public int 142 getIterations() { 143 return iterations; 144 } 145 146 /** Returns the salt */ 147 public byte [] 148 getSalt() 149 { 150 return salt; 151 } 152 153 /** 154 * Hashes a name with the parameters of this NSEC3PARAM record. 155 * @param name The name to hash 156 * @return The hashed version of the name 157 * @throws NoSuchAlgorithmException The hash algorithm is unknown. 158 */ 159 public byte [] 160 hashName(Name name) throws NoSuchAlgorithmException 161 { 162 return NSEC3Record.hashName(name, hashAlg, iterations, salt); 163 } 164 165 } 166