Class DnsSecVerifier

java.lang.Object
org.jitsi.dnssec.validator.DnsSecVerifier

public class DnsSecVerifier extends Object
A class for performing basic DNSSEC verification. The DNSJAVA package contains a similar class. This is a reimplementation that allows us to have finer control over the validation process.
Version:
$Revision: 361 $
Author:
davidb
  • Constructor Details

    • DnsSecVerifier

      public DnsSecVerifier()
  • Method Details

    • verify

      public SecurityStatus verify(org.xbill.DNS.RRset rrset, org.xbill.DNS.RRset keyRrset)
      Verifies an RRset. This routine does not modify the RRset. This RRset is presumed to be verifiable, and the correct DNSKEY rrset is presumed to have been found.
      Parameters:
      rrset - The RRset to verify.
      keyRrset - The keys to verify the signatures in the RRset to check.
      Returns:
      SecurityStatus.SECURE if the rrest verified positively, SecurityStatus.BOGUS otherwise.
    • verify

      public SecurityStatus verify(org.xbill.DNS.RRset rrset, org.xbill.DNS.DNSKEYRecord dnskey)
      Verify an RRset against a single DNSKEY. Use this when you must be certain that an RRset signed and verifies with a particular DNSKEY (as opposed to a particular DNSKEY rrset).
      Parameters:
      rrset - The rrset to verify.
      dnskey - The DNSKEY to verify with.
      Returns:
      SecurityStatus.SECURE if the rrset verified, BOGUS otherwise.