Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
Net::DNS::SEC::PrivateUser Contributed Perl DocumentaNet::DNS::SEC::Private(3)

NAME
       Net::DNS::SEC::Private -	DNSSEC Private key object

SYNOPSIS
	   use Net::DNS::SEC::Private;

	   $private = new Net::DNS::SEC::Private( $keypath );

	   $private = new Net::DNS::SEC::Private(
	       'algorithm'  => '13',
	       'keytag'	    => '26512',
	       'privatekey' => 'h/mc+iq9VDUbNAjQgi8S8JzlEX29IALchwJmNM3QYKk=',
	       'signame'    => 'example.com.'
	       );

DESCRIPTION
       Class representing private keys as read from a keyfile generated	by
       BIND dnssec-keygen. The class is	written	to be used only	in the context
       of the Net::DNS::RR::RRSIG create method. This class is not designed to
       interact	with any other system.

METHODS
   new (from private keyfile)
	   $keypath = '/home/foo/Kexample.com.+013+26512.private';
	   $private = new Net::DNS::SEC::Private( $keypath );

       The argument is the full	path to	a private key file generated by	the
       BIND dnssec-keygen tool.	 Note that the filename	contains information
       about the algorithm and keytag.

   new (from private key parameters)
	   $private = new Net::DNS::SEC::Private(
	       'algorithm'  => '13',
	       'keytag'	    => '26512',
	       'privatekey' => 'h/mc+iq9VDUbNAjQgi8S8JzlEX29IALchwJmNM3QYKk=',
	       'signame'    => 'example.com.'
	       );

       The arguments define the	private	key parameters as (name,value) pairs.
       The name	and data representation	are identical to that used in a	BIND
       private keyfile.

   private_key_format
	   $format = $private->private_key_format;

       Returns a string	which identifies the format of the private key file.

   algorithm, keytag, signame
	   $algorithm =	$private->algorithm;
	   $keytag    =	$private->keytag;
	   $signame   =	$private->signame;

       Returns the corresponding attribute determined from the filename.

   Private key attributes
	   $attribute =	$private->attribute;

       Returns the value as it appears in the private key file.	 The attribute
       names correspond	to the tag in the key file, modified to	form an
       acceptable Perl subroutine name.

   created, publish, activate
	   $created  = $private->created;
	   $publish  = $private->publish;
	   $activate = $private->activate;

       Returns a string	which represents a date	in the form 20141212123456.
       Returns undefined value for key formats older than v1.3.

RSA SPECIFIC HELPER FUNCTIONS
       These functions may be useful to	generate RSA private keys and import
       PEM format RSA private keys.

   new_rsa_priv
	   $private = Net::DNS::SEC::Private->new_rsa_priv( $keyblob,
							    $domain,
							    $flag,
							    $algorithm
						       );

       Constructor method which	creates	a Net::DNS::SEC::Private object	from
       the supplied PEM	keyblob.

       The second argument specifies the domain	name for which this key	will
       be used.

       The flag	argument should	be either 257 or 256 for SEP and non-SEP key
       respectively.

       The keyblob should include the -----BEGIN...----- and -----END...-----
       lines.  The padding is set to PKCS1_OAEP.

   dump_rsa_priv
	   $BIND_private_key = $private->dump_rsa_priv();

       Returns the content of a	BIND private keyfile (Private-key-format:
       v1.2).

   dump_rsa_pub
	   $public_key = $private->dump_rsa_pub();

       Returns the public key field of the DNSKEY resource record.

   dump_rsa_keytag
	   $keytag = $private->dump_rsa_keytag();

       Returns the keytag field	of the DNSKEY resource record.

   dump_rsa_private_pem
	   $keyblob = $private->dump_rsa_private_pem();

       Return the PEM-encoded representation of	the private key.  (Same	format
       that can	be read	with the new_rsa_priv method.)

   generate_rsa
	   $newkey = Net::DNS::SEC::Private->generate_rsa( "example.com",
					       256, 1024, $random, $algorithm );
	   print $newkey->dump_rsa_priv();
	   print $newkey->dump_rsa_pub();

       Uses Crypt::OpenSSL::RSA	generate_key to	create a keypair.

       The first argument is the name of the key.

       The flag	field takes the	value of 257 for key-signing keys and ther
       value of	256 for	zone signing keys.

       The 3rd argument	is the keysize (default	1024).

       The 4th argument, if defined, is	passed to the Crypt::OpenSSL::Random
       random_seed method (see Crypt::OpenSSL::RSA for details), not needed
       with a proper /dev/random.

       The 5th argument	specifies the algorithm	if not RSASHA1 (the default).

COPYRIGHT
       Copyright (c)2014 Dick Franks

       All Rights Reserved

LICENSE
       Permission to use, copy,	modify,	and distribute this software and its
       documentation for any purpose and without fee is	hereby granted,
       provided	that the above copyright notice	appear in all copies and that
       both that copyright notice and this permission notice appear in
       supporting documentation, and that the name of the author not be	used
       in advertising or publicity pertaining to distribution of the software
       without specific	prior written permission.

       THE SOFTWARE IS PROVIDED	"AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
       OR IMPLIED, INCLUDING BUT NOT LIMITED TO	THE WARRANTIES OF
       MERCHANTABILITY,	FITNESS	FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
       IN NO EVENT SHALL THE AUTHORS OR	COPYRIGHT HOLDERS BE LIABLE FOR	ANY
       CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN	ACTION OF CONTRACT,
       TORT OR OTHERWISE, ARISING FROM,	OUT OF OR IN CONNECTION	WITH THE
       SOFTWARE	OR THE USE OR OTHER DEALINGS IN	THE SOFTWARE.

SEE ALSO
       perl, Net::DNS, Net::DNS::SEC, Net::DNS::RR::DNSKEY, Net::DNS::RR::KEY,
       Net::DNS::RR::RRSIG, Net::DNS::RR::SIG

perl v5.24.1			  2016-08-26	     Net::DNS::SEC::Private(3)

NAME | SYNOPSIS | DESCRIPTION | METHODS | RSA SPECIFIC HELPER FUNCTIONS | COPYRIGHT | LICENSE | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=Net::DNS::SEC::Private&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help