Class DnsSecVerifier


  • public class DnsSecVerifier
    extends java.lang.Object
    A class for performing basic DNSSEC verification. The DNSJAVA package contains a similar class. This is a reimplementation that allows us to have finer control over the validation process.
    Version:
    $Revision: 361 $
    Author:
    davidb
    • Constructor Summary

      Constructors 
      Constructor Description
      DnsSecVerifier()  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      SecurityStatus verify​(org.xbill.DNS.RRset rrset, org.xbill.DNS.DNSKEYRecord dnskey)
      Verify an RRset against a single DNSKEY.
      SecurityStatus verify​(org.xbill.DNS.RRset rrset, org.xbill.DNS.RRset keyRrset)
      Verifies an RRset.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • DnsSecVerifier

        public DnsSecVerifier()
    • Method Detail

      • verify

        public SecurityStatus verify​(org.xbill.DNS.RRset rrset,
                                     org.xbill.DNS.RRset keyRrset)
        Verifies an RRset. This routine does not modify the RRset. This RRset is presumed to be verifiable, and the correct DNSKEY rrset is presumed to have been found.
        Parameters:
        rrset - The RRset to verify.
        keyRrset - The keys to verify the signatures in the RRset to check.
        Returns:
        SecurityStatus.SECURE if the rrest verified positively, SecurityStatus.BOGUS otherwise.
      • verify

        public SecurityStatus verify​(org.xbill.DNS.RRset rrset,
                                     org.xbill.DNS.DNSKEYRecord dnskey)
        Verify an RRset against a single DNSKEY. Use this when you must be certain that an RRset signed and verifies with a particular DNSKEY (as opposed to a particular DNSKEY rrset).
        Parameters:
        rrset - The rrset to verify.
        dnskey - The DNSKEY to verify with.
        Returns:
        SecurityStatus.SECURE if the rrset verified, BOGUS otherwise.