Package org.xbill.DNS

Class SIG0

java.lang.Object
org.xbill.DNS.SIG0
public class SIG0 extends Object
Creates SIG(0) transaction signatures.
Author:
Pasi Eronen, Brian Wellington

  • Method Details

    • signMessage

      public static void signMessage(Message message, KEYRecord key, PrivateKey privkey, SIGRecord previous) throws DNSSEC.DNSSECException
      Sign a message with SIG(0). The DNS key and private key must refer to the same underlying cryptographic key.
      Parameters:
      message - The message to be signed
      key - The DNSKEY record to use as part of signing
      privkey - The PrivateKey to use when signing
      previous - If this message is a response, the SIG(0) from the query
      Throws:
      DNSSEC.DNSSECException

    • signMessage

      public static void signMessage(Message message, KEYRecord key, PrivateKey privkey, SIGRecord previous, Instant timeSigned) throws DNSSEC.DNSSECException
      Sign a message with SIG(0). The DNS key and private key must refer to the same underlying cryptographic key.
      Parameters:
      message - The message to be signed
      key - The DNSKEY record to use as part of signing
      privkey - The PrivateKey to use when signing
      previous - If this message is a response, the SIG(0) from the query
      timeSigned - The time instant when the message has been signed.
      Throws:
      DNSSEC.DNSSECException

    • verifyMessage

      public static void verifyMessage(Message message, byte[] b, KEYRecord key, SIGRecord previous) throws DNSSEC.DNSSECException
      Verify a message using SIG(0). Uses the current system clock for the date/time.
      Parameters:
      message - The message to be signed
      b - An array containing the message in unparsed form. This is necessary since SIG(0) signs the message in wire format, and we can't recreate the exact wire format (with the same name compression).
      key - The KEY record to verify the signature with.
      previous - If this message is a response, the SIG(0) from the query
      Throws:
      DNSSEC.DNSSECException

    • verifyMessage

      public static void verifyMessage(Message message, byte[] b, KEYRecord key, SIGRecord previous, Instant now) throws DNSSEC.DNSSECException
      Verify a message using SIG(0).
      Parameters:
      message - The message to be signed
      b - An array containing the message in unparsed form. This is necessary since SIG(0) signs the message in wire format, and we can't recreate the exact wire format (with the same name compression).
      key - The KEY record to verify the signature with.
      previous - If this message is a response, the SIG(0) from the query
      now - the time instant to verify the message.
      Throws:
      DNSSEC.DNSSECException