pub struct TSigner(_);
dnssec
only.Expand description
Struct to pass to a client for it to authenticate requests using TSIG.
Implementations
sourceimpl TSigner
impl TSigner
sourcepub fn new(
key: Vec<u8>,
algorithm: TsigAlgorithm,
signer_name: Name,
fudge: u16
) -> ProtoResult<Self>
pub fn new(
key: Vec<u8>,
algorithm: TsigAlgorithm,
signer_name: Name,
fudge: u16
) -> ProtoResult<Self>
Create a new Tsigner from its parts
Arguments
key
- cryptographic key used to authenticate exchangesalgorithm
- algorithm used to authenticate exchangessigner_name
- name of the key. Must match the name known to the serverfudge
- maximum difference between client and server time, in seconds, see fudge for details
sourcepub fn key(&self) -> &[u8]ⓘNotable traits for &'_ mut [u8]impl<'_> Write for &'_ mut [u8]impl<'_> Read for &'_ [u8]
pub fn key(&self) -> &[u8]ⓘNotable traits for &'_ mut [u8]impl<'_> Write for &'_ mut [u8]impl<'_> Read for &'_ [u8]
Return the key used for message authentication
sourcepub fn algorithm(&self) -> &TsigAlgorithm
pub fn algorithm(&self) -> &TsigAlgorithm
Return the algorithm used for message authentication
sourcepub fn signer_name(&self) -> &Name
pub fn signer_name(&self) -> &Name
Name of the key used by this signer
sourcepub fn fudge(&self) -> u16
pub fn fudge(&self) -> u16
Maximum time difference between client time when issuing a message, and server time when receiving it, in second. If time is out, the server will consider the request invalid. Longer values means more room for replay by an attacker. A few minutes are usually a good value.
sourcepub fn sign_message(
&self,
message: &Message,
pre_tsig: &TSIG
) -> ProtoResult<Vec<u8>>
pub fn sign_message(
&self,
message: &Message,
pre_tsig: &TSIG
) -> ProtoResult<Vec<u8>>
Compute authentication tag for a message
sourcepub fn verify(&self, tbv: &[u8], tag: &[u8]) -> ProtoResult<()>
pub fn verify(&self, tbv: &[u8], tag: &[u8]) -> ProtoResult<()>
Verify hmac in constant time to prevent timing attacks
sourcepub fn verify_message_byte(
&self,
previous_hash: Option<&[u8]>,
message: &[u8],
first_message: bool
) -> ProtoResult<(Vec<u8>, Range<u64>, u64)>
pub fn verify_message_byte(
&self,
previous_hash: Option<&[u8]>,
message: &[u8],
first_message: bool
) -> ProtoResult<(Vec<u8>, Range<u64>, u64)>
Verify the message is correctly signed This does not perform time verification on its own, instead one should verify current time lie in returned Range
Arguments
previous_hash
- Hash of the last message received before this one, or of the query for the first messagemessage
- byte buffer containing current messagefirst_message
- is this the first response message
Returns
Return Ok(_) on valid signature. Inner tuple contain the following values, in order:
- a byte buffer containing the hash of this message. Need to be passed back when authenticating next message
- a Range of time that is acceptable
- the time the signature was emited. It must be greater or equal to the time of previous messages, if any
Trait Implementations
sourceimpl MessageFinalizer for TSigner
impl MessageFinalizer for TSigner
sourcefn finalize_message(
&self,
message: &Message,
current_time: u32
) -> ProtoResult<(Vec<Record>, Option<MessageVerifier>)>
fn finalize_message(
&self,
message: &Message,
current_time: u32
) -> ProtoResult<(Vec<Record>, Option<MessageVerifier>)>
sourcefn should_finalize_message(&self, message: &Message) -> bool
fn should_finalize_message(&self, message: &Message) -> bool
Return whether the message require futher processing before being sent By default, returns true for AXFR and IXFR queries, and Update and Notify messages Read more
Auto Trait Implementations
impl RefUnwindSafe for TSigner
impl Send for TSigner
impl Sync for TSigner
impl Unpin for TSigner
impl UnwindSafe for TSigner
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> Instrument for T
impl<T> Instrument for T
sourcefn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
sourcefn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
fn vzip(self) -> V
sourceimpl<T> WithSubscriber for T
impl<T> WithSubscriber for T
sourcefn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self> where
S: Into<Dispatch>,
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
sourcefn with_current_subscriber(self) -> WithDispatch<Self>
fn with_current_subscriber(self) -> WithDispatch<Self>
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more