Struct hickory_server::config::dnssec::KeyConfig

pub struct KeyConfig {
    pub key_path: String,
    pub password: Option<String>,
    pub algorithm: String,
    pub signer_name: Option<String>,
    pub is_zone_signing_key: Option<bool>,
    pub is_zone_update_auth: Option<bool>,
}

Key pair configuration for DNSSEC keys for signing a zone

Fields

key_path: String

file path to the key

password: Option<String>

password to use to read the key

algorithm: String

the type of key stored, see Algorithm

signer_name: Option<String>

the name to use when signing records, e.g. ns.example.com

is_zone_signing_key: Option<bool>

specify that this key should be used for signing a zone

is_zone_update_auth: Option<bool>

specifies that this key can be used for dynamic updates in the zone

Implementations

impl KeyConfig

pub fn new( key_path: String, password: Option<String>, algorithm: Algorithm, signer_name: String, is_zone_signing_key: bool, is_zone_update_auth: bool ) -> Self

Available on crate feature dnssec only.

Return a new KeyConfig

Arguments

• key_path - file path to the key
• password - password to use to read the key
• algorithm - the type of key stored, see Algorithm
• signer_name - the name to use when signing records, e.g. ns.example.com
• is_zone_signing_key - specify that this key should be used for signing a zone
• is_zone_update_auth - specifies that this key can be used for dynamic updates in the zone

pub fn key_path(&self) -> &Path

path to the key file, either relative to the zone file, or a explicit from the root.

pub fn format(&self) -> ParseResult<KeyFormat>

Available on crate features dns-over-tls or dnssec only.

Converts key into

pub fn password(&self) -> Option<&str>

Returns the password used to read the key

pub fn algorithm(&self) -> ParseResult<Algorithm>

Available on crate feature dnssec only.

algorithm for for the key, see Algorithm for supported algorithms.

pub fn signer_name(&self) -> ParseResult<Option<Name>>

the signer name for the key, this defaults to the $ORIGIN aka zone name.

pub fn is_zone_signing_key(&self) -> bool

specifies that this key should be used to sign the zone

The public key for this must be trusted by a resolver to work. The key must have a private portion associated with it. It will be registered as a DNSKEY in the zone.

pub fn is_zone_update_auth(&self) -> bool

this is at least a public_key, and can be used for SIG0 dynamic updates.

it will be registered as a KEY record in the zone.

pub fn try_into_signer<N: IntoName>( &self, signer_name: N ) -> Result<SigSigner, String>

Available on crate feature dnssec only.

Tries to read the defined key into a Signer

Trait Implementations

impl Debug for KeyConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for KeyConfig

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq for KeyConfig

fn eq(&self, other: &KeyConfig) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for KeyConfig

impl StructuralEq for KeyConfig

impl StructuralPartialEq for KeyConfig