2009-09-24

Calculating the keytag of a DNSKEY in Python

In DNSEC, sometimes you want to know the "keytag" of a DNSKEY record. Here's a Python implementation that uses dnspython:

import struct

def keytag(dnskey):
"""
Given a dns.rdtypes.ANY.DNSKEY dnskey, compute and return its keytag.

For details, see RFC 2535, section 4.1.6
"""
if dnskey.algorithm == 1:
a = ord(dnskey.key[-3]) << 8
b = ord(dnskey.key[-2])
return a + b
else:
header = struct.pack("!HBB", dnskey.flags, dnskey.protocol, dnskey.algorithm)
key = header + dnskey.key
ac = 0
for i, value in enumerate(ord(x) for x in key):
if i % 2:
ac += value
else:
ac += (value << 8)
ac += (ac >> 16) & 0xffff
return ac & 0xffff

3 comments:

buy rs gold said...

amazing submit... might help me a great deal,that maybe what I had been looking for! Cheers. gold for runescape

Wei Liu said...

Excellent all around. I'm an introvert,Sony cases probably (to borrow a word from Romney) a severe introvert.

shorryjune3 said...

I do not start to see the among this kind of community security different along with the unwarranted justifications pertaining to torture, which usually came to only kakashi cosplay costume a new community basic safety exclusion. In each case, an appropriate will be abridged (regardless of the actual character of the Miranda proper) for the reason that normally, one thing terrible will happen.