equal
deleted
inserted
replaced
|
1 package DNSSec; |
|
2 use v5.14; |
|
3 use strict; |
|
4 use warnings; |
|
5 use Net::DNS::Keyset; |
|
6 use base 'Exporter'; |
|
7 |
|
8 our @EXPORT_OK = qw(keyset ksk keyinfo); |
|
9 |
|
10 my $resolver = Net::DNS::Resolver->new; |
|
11 $resolver->dnssec(1); |
|
12 |
|
13 sub keyset { |
|
14 my $domain = shift; |
|
15 my $keys = $resolver->query($domain => (DNSKEY => 'IN')) |
|
16 or die $resolver->errorstring; |
|
17 |
|
18 my $ks = Net::DNS::Keyset->new($keys) |
|
19 or die $Net::DNS::Keyset::keyset_err; |
|
20 return $ks; |
|
21 } |
|
22 |
|
23 sub ksk { |
|
24 return grep { $_->flags & 0x1 } @_; |
|
25 } |
|
26 |
|
27 sub keyinfo { |
|
28 my $ks = keyset shift; |
|
29 my @keyinfo; |
|
30 foreach my $k (ksk $ks->keys) { |
|
31 my %keyinfo; |
|
32 $keyinfo{key} = $k; |
|
33 $keyinfo{digest} = Net::DNS::RR::DS->create($k, digtype => 'SHA-256'); |
|
34 push @keyinfo, \%keyinfo; |
|
35 } |
|
36 return @keyinfo; |
|
37 } |
|
38 |
|
39 1; |