2022-01-24 04:07:52 +00:00
|
|
|
# Copyright (C) Dnspython Contributors, see LICENSE for text of ISC license
|
|
|
|
|
2018-10-31 16:08:29 +00:00
|
|
|
# Copyright (C) 2003-2007, 2009-2011 Nominum, Inc.
|
|
|
|
#
|
|
|
|
# Permission to use, copy, modify, and distribute this software and its
|
|
|
|
# documentation for any purpose with or without fee is hereby granted,
|
|
|
|
# provided that the above copyright notice and this permission notice
|
|
|
|
# appear in all copies.
|
|
|
|
#
|
|
|
|
# THE SOFTWARE IS PROVIDED "AS IS" AND NOMINUM DISCLAIMS ALL WARRANTIES
|
|
|
|
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
|
|
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL NOMINUM BE LIABLE FOR
|
|
|
|
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
|
|
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
|
|
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
|
|
|
|
# OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
|
|
|
|
|
"""A place to store TSIG keys."""
|
|
|
|
|
|
|
|
import base64
|
2024-03-03 17:15:23 +00:00
|
|
|
from typing import Any, Dict
|
2018-10-31 16:08:29 +00:00
|
|
|
|
|
|
|
import dns.name
|
2022-11-07 18:06:49 +00:00
|
|
|
import dns.tsig
|
2018-10-31 16:08:29 +00:00
|
|
|
|
|
|
|
|
2024-03-03 17:15:23 +00:00
|
|
|
def from_text(textring: Dict[str, Any]) -> Dict[dns.name.Name, dns.tsig.Key]:
|
2022-01-24 04:07:52 +00:00
|
|
|
"""Convert a dictionary containing (textual DNS name, base64 secret)
|
|
|
|
pairs into a binary keyring which has (dns.name.Name, bytes) pairs, or
|
|
|
|
a dictionary containing (textual DNS name, (algorithm, base64 secret))
|
|
|
|
pairs into a binary keyring which has (dns.name.Name, dns.tsig.Key) pairs.
|
2018-10-31 16:08:29 +00:00
|
|
|
@rtype: dict"""
|
|
|
|
|
|
|
|
keyring = {}
|
2024-03-03 17:15:23 +00:00
|
|
|
for name, value in textring.items():
|
|
|
|
kname = dns.name.from_text(name)
|
2022-01-24 04:07:52 +00:00
|
|
|
if isinstance(value, str):
|
2024-03-03 17:15:23 +00:00
|
|
|
keyring[kname] = dns.tsig.Key(kname, value).secret
|
2022-01-24 04:07:52 +00:00
|
|
|
else:
|
|
|
|
(algorithm, secret) = value
|
2024-03-03 17:15:23 +00:00
|
|
|
keyring[kname] = dns.tsig.Key(kname, secret, algorithm)
|
2018-10-31 16:08:29 +00:00
|
|
|
return keyring
|
|
|
|
|
|
|
|
|
2024-03-03 17:15:23 +00:00
|
|
|
def to_text(keyring: Dict[dns.name.Name, Any]) -> Dict[str, Any]:
|
2022-01-24 04:07:52 +00:00
|
|
|
"""Convert a dictionary containing (dns.name.Name, dns.tsig.Key) pairs
|
|
|
|
into a text keyring which has (textual DNS name, (textual algorithm,
|
|
|
|
base64 secret)) pairs, or a dictionary containing (dns.name.Name, bytes)
|
|
|
|
pairs into a text keyring which has (textual DNS name, base64 secret) pairs.
|
2018-10-31 16:08:29 +00:00
|
|
|
@rtype: dict"""
|
|
|
|
|
|
|
|
textring = {}
|
2024-03-03 17:15:23 +00:00
|
|
|
|
2022-01-24 04:07:52 +00:00
|
|
|
def b64encode(secret):
|
|
|
|
return base64.encodebytes(secret).decode().rstrip()
|
2024-03-03 17:15:23 +00:00
|
|
|
|
|
|
|
for name, key in keyring.items():
|
|
|
|
tname = name.to_text()
|
2022-01-24 04:07:52 +00:00
|
|
|
if isinstance(key, bytes):
|
2024-03-03 17:15:23 +00:00
|
|
|
textring[tname] = b64encode(key)
|
2022-01-24 04:07:52 +00:00
|
|
|
else:
|
|
|
|
if isinstance(key.secret, bytes):
|
|
|
|
text_secret = b64encode(key.secret)
|
|
|
|
else:
|
|
|
|
text_secret = str(key.secret)
|
|
|
|
|
2024-03-03 17:15:23 +00:00
|
|
|
textring[tname] = (key.algorithm.to_text(), text_secret)
|
2018-10-31 16:08:29 +00:00
|
|
|
return textring
|