org.xbill.DNS.security
Class DNSSECVerifier

java.lang.Object
  org.xbill.DNS.security.DNSSECVerifier

All Implemented Interfaces:

Verifier

public class DNSSECVerifier
extends Object
implements Verifier

A class that verifies DNS data using digital signatures contained in DNSSEC SIG records. DNSSECVerifier stores a set of trusted keys. Each specific verification references a cache where additional secure keys may be found.

Author:

Brian Wellington

See Also:

Verifier, DNSSEC

Constructor Summary

DNSSECVerifier()
Creates a new DNSSECVerifier

Method Summary

void	addTrustedKey(DNSKEYRecord key) Adds the specified key to the set of trusted keys
void	addTrustedKey(Name name, int alg, PublicKey key) Adds the specified key to the set of trusted keys
int	verify(RRset set, Cache cache) Attempts to verify an RRset.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

DNSSECVerifier

public DNSSECVerifier()

Creates a new DNSSECVerifier

Method Detail

addTrustedKey

public void addTrustedKey(DNSKEYRecord key)

Adds the specified key to the set of trusted keys

addTrustedKey

public void addTrustedKey(Name name,
                          int alg,
                          PublicKey key)

Adds the specified key to the set of trusted keys

verify

public int verify(RRset set,
                  Cache cache)

Attempts to verify an RRset. This does not modify the set.

Specified by:

verify in interface Verifier

Parameters:

set - The RRset to verify

cache - The Cache where obtained secure keys are found (may be null)

Returns:

The new security status of the set

See Also:

RRset