Speno's Pythonic Avocado: Calculating the keytag of a DNSKEY in Python

2009-09-24

Calculating the keytag of a DNSKEY in Python

In DNSEC, sometimes you want to know the "keytag" of a DNSKEY record. Here's a Python implementation that uses dnspython:


import struct

def keytag(dnskey):
    """
    Given a dns.rdtypes.ANY.DNSKEY dnskey, compute and return its keytag.

    For details, see RFC 2535, section 4.1.6
    """
    if dnskey.algorithm == 1:
        a = ord(dnskey.key[-3]) << 8
        b = ord(dnskey.key[-2])
        return a + b
    else:
        header = struct.pack("!HBB", dnskey.flags, dnskey.protocol, dnskey.algorithm)
        key = header + dnskey.key
        ac = 0
        for i, value in enumerate(ord(x) for x in key):
            if i % 2:
                ac += value
            else:
                ac += (value << 8)
        ac += (ac >> 16) & 0xffff
        return ac & 0xffff

1 comment:

buy rs gold said...: amazing submit... might help me a great deal,that maybe what I had been looking for! Cheers. gold for runescape; April 26, 2013 4:06 AM

Speno's Pythonic Avocado

2009-09-24

Calculating the keytag of a DNSKEY in Python

1 comment:

Latest Tweets

Blog Archive