equal
deleted
inserted
replaced
5 use Net::DNS::SEC::Keyset; |
5 use Net::DNS::SEC::Keyset; |
6 use base 'Exporter'; |
6 use base 'Exporter'; |
7 |
7 |
8 our @EXPORT_OK = qw(keyset ksk keyinfo); |
8 our @EXPORT_OK = qw(keyset ksk keyinfo); |
9 |
9 |
10 my $resolver = Net::DNS::Resolver->new; |
|
11 $resolver->dnssec(1); |
|
12 |
10 |
13 sub keyset { |
11 sub keyset { |
|
12 my %arg = %{+shift} if ref $_[0] eq ref {}; |
14 my $domain = shift; |
13 my $domain = shift; |
|
14 |
|
15 my $resolver = Net::DNS::Resolver->new( |
|
16 $arg{-server} ? (nameservers => [$arg{-server}]) : ()); |
|
17 $resolver->dnssec(1); |
|
18 |
15 my $keys = $resolver->query($domain => (DNSKEY => 'IN')) |
19 my $keys = $resolver->query($domain => (DNSKEY => 'IN')) |
16 or die $resolver->errorstring; |
20 or die $resolver->errorstring; |
17 |
21 |
18 my $ks = Net::DNS::SEC::Keyset->new($keys) |
22 my $ks = Net::DNS::SEC::Keyset->new($keys) |
19 or die $Net::DNS::SEC::Keyset::keyset_err; |
23 or die $Net::DNS::SEC::Keyset::keyset_err; |
23 sub ksk { |
27 sub ksk { |
24 return grep { $_->flags & 0x1 } @_; |
28 return grep { $_->flags & 0x1 } @_; |
25 } |
29 } |
26 |
30 |
27 sub keyinfo { |
31 sub keyinfo { |
28 my $ks = keyset shift; |
32 my $ks = keyset @_; |
29 my @keyinfo; |
33 my @keyinfo; |
30 foreach my $k (ksk $ks->keys) { |
34 foreach my $k (ksk $ks->keys) { |
31 my %keyinfo; |
35 my %keyinfo; |
32 $keyinfo{key} = $k; |
36 $keyinfo{key} = $k; |
33 $keyinfo{digest} = Net::DNS::RR::DS->create($k, digtype => 'SHA-256'); |
37 $keyinfo{digest} = Net::DNS::RR::DS->create($k, digtype => 'SHA-256'); |