Class: Cryptorecord::Tlsa

Inherits:
Object
  • Object
show all
Defined in:
lib/cryptorecord/tlsa.rb

Overview

Cryptorecord::Tlsa-class generates tlsa-dns-records.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(args = {}) ⇒ Tlsa

Returns a new instance of Tlsa


45
46
47
48
49
50
51
52
53
# File 'lib/cryptorecord/tlsa.rb', line 45

def initialize(args = {})
  self.mtype = args.fetch(:mtype, 1)
  self.selector = args.fetch(:selector, 0)
  @host = args.fetch(:host, 'localhost')
  @proto = args.fetch(:proto, 'tcp')
  @port = args.fetch(:port, 443)
  self.usage = args.fetch(:usage, 3)
  self.cert = args.fetch(:cert, nil)
end

Instance Attribute Details

#certObject

stores the selector stores the match-type stores the usage stores the x509 certificate


36
# File 'lib/cryptorecord/tlsa.rb', line 36

attr_reader :selector, :mtype, :usage, :cert

#hostObject

stores the fqdn for the record stores the network protocol stores the network port


43
44
45
# File 'lib/cryptorecord/tlsa.rb', line 43

def host
  @host
end

#mtypeObject

stores the selector stores the match-type stores the usage stores the x509 certificate


36
# File 'lib/cryptorecord/tlsa.rb', line 36

attr_reader :selector, :mtype, :usage, :cert

#portObject

stores the fqdn for the record stores the network protocol stores the network port


43
# File 'lib/cryptorecord/tlsa.rb', line 43

attr_accessor :host, :proto, :port

#protoObject

stores the fqdn for the record stores the network protocol stores the network port


43
# File 'lib/cryptorecord/tlsa.rb', line 43

attr_accessor :host, :proto, :port

#selectorObject

stores the selector stores the match-type stores the usage stores the x509 certificate


36
37
38
# File 'lib/cryptorecord/tlsa.rb', line 36

def selector
  @selector
end

#usageObject

stores the selector stores the match-type stores the usage stores the x509 certificate


36
# File 'lib/cryptorecord/tlsa.rb', line 36

attr_reader :selector, :mtype, :usage, :cert

Instance Method Details

#bin_to_hex(str) ⇒ Object

This helper-function converts binary data into hex

Parameters:

  • str (String)

    Binary-string


93
94
95
# File 'lib/cryptorecord/tlsa.rb', line 93

def bin_to_hex(str)
  str.each_byte.map { |b| b.to_s(16).rjust(2, '0') }.join
end

#fingerprintObject

this function creates a hash-string defined by mtype and selector


133
134
135
136
137
138
139
140
141
142
143
144
145
146
# File 'lib/cryptorecord/tlsa.rb', line 133

def fingerprint
  raise 'No certificate defined' if @cert.nil?

  case @mtype.to_i
  when 0
    return bin_to_hex(msg)
  when 1
    return OpenSSL::Digest::SHA256.new(msg).to_s
  when 2
    return OpenSSL::Digest::SHA512.new(msg).to_s
  else
    raise 'Invalid match type. Has to be 0, 1 or 2'
  end
end

#msgObject

This function selects the msg to hash using the selector

if selector = 1 it returns cert.public_key.to_der


120
121
122
123
124
125
126
127
128
129
# File 'lib/cryptorecord/tlsa.rb', line 120

def msg
  case @selector.to_i
  when 0
    return @cert.to_der
  when 1
    return @cert.public_key.to_der
  end

  raise 'Invalid selector. Has to be 0 or 1'
end

This method prints the tlsa-record to stdout


149
150
151
# File 'lib/cryptorecord/tlsa.rb', line 149

def print
  puts self
end

#read_certfile(file) ⇒ Object

This function reads in the certificate from file

Parameters:

  • file (String)

    path to certificate-file


111
112
113
114
# File 'lib/cryptorecord/tlsa.rb', line 111

def read_certfile(file)
  data = File.read(file)
  self.cert = OpenSSL::X509::Certificate.new(data)
end

#to_sObject

This method concats the tlsa-record


156
157
158
159
# File 'lib/cryptorecord/tlsa.rb', line 156

def to_s
  "_#{@port}._#{@proto}.#{@host}. IN TLSA"\
  " #{@usage} #{@selector} #{@mtype} #{fingerprint}"
end