1package Net::DNS::SEC::Private; 2 3use strict; 4use warnings; 5 6our $VERSION = (qw$Id: Private.pm 1853 2021-10-11 10:40:59Z willem $)[2]; 7 8 9=head1 NAME 10 11Net::DNS::SEC::Private - DNSSEC Private key object 12 13 14=head1 SYNOPSIS 15 16 use Net::DNS::SEC::Private; 17 18 $private = Net::DNS::SEC::Private->new( $keypath ); 19 20 $private = Net::DNS::SEC::Private->new( 21 'algorithm' => '13', 22 'keytag' => '26512', 23 'privatekey' => 'h/mc+iq9VDUbNAjQgi8S8JzlEX29IALchwJmNM3QYKk=', 24 'signame' => 'example.com.' 25 ); 26 27 28=head1 DESCRIPTION 29 30Class representing private keys as read from a keyfile generated by BIND 31dnssec-keygen. The class is written to be used only in the context of the 32Net::DNS::RR::RRSIG create method. This class is not designed to interact 33with any other system. 34 35=cut 36 37 38use integer; 39use Carp; 40use File::Spec; 41use IO::File; 42 43use constant SYMLINK => defined(&CORE::readlink); # Except Win32, VMS, RISC OS 44 45 46sub new { return scalar(@_) > 2 ? &_new_params : &_new_keyfile } 47 48sub _new_keyfile { 49 my ( $class, $file ) = @_; 50 51 my ($keypath) = SYMLINK ? grep( {$_} readlink($file), $file ) : $file; 52 my ( $vol, $dir, $name ) = File::Spec->splitpath($keypath); 53 54 # Format something like: 'Kbla.foo.+001+12345.private' as created by BIND dnssec-keygen. 55 croak "$file does not appear to be a BIND private key" 56 unless $name =~ /^K([^+]+)\+(\d+)\+(\d+)\.private$/; 57 my @identifier = ( signame => $1, algorithm => 0 + $2, keytag => 0 + $3 ); 58 59 my $handle = IO::File->new( $file, '<' ) or croak qq("$file": $!); 60 61 my @content; 62 local $_; 63 while (<$handle>) { 64 chomp; 65 next if /^$/; 66 next if /^\s*[;]/; 67 s/\(.+\)//; 68 my ( $name, $value ) = split; 69 push @content, $name, $value; 70 } 71 72 return $class->_new_params( @content, @identifier ); 73} 74 75 76sub _new_params { 77 my ( $class, %parameter ) = @_; 78 my $hashref = {}; 79 80 while ( my ( $name, $value ) = each %parameter ) { 81 $name =~ tr/A-Za-z0-9\000-\377/a-za-z0-9/d; 82 $hashref->{$name} = $value; 83 } 84 85 my $self = bless sub { $hashref->{shift()} }, $class; 86 croak 'no algorithm specified' unless $self->algorithm; 87 croak 'no signame specified' unless $self->signame; 88 return $self; 89} 90 91 92our $AUTOLOAD; 93 94sub AUTOLOAD { ## Default method 95 my ($self) = @_; 96 97 my ($attribute) = $AUTOLOAD =~ m/::([^:]*)$/; 98 $attribute =~ tr/A-Za-z0-9\000-\377/a-za-z0-9/d; 99 100 # Build a method in the class 101 no strict 'refs'; ## no critic ProhibitNoStrict 102 *{$AUTOLOAD} = sub { &{shift()}($attribute) }; 103 104 # and jump to it 105 goto &{$AUTOLOAD}; 106} 107 108 1091; 110__END__ 111 112 113=head1 METHODS 114 115=head2 new (from private keyfile) 116 117 $keypath = '/home/foo/Kexample.com.+013+26512.private'; 118 $private = Net::DNS::SEC::Private->new( $keypath ); 119 120The argument is the full path to a private key file generated by the 121BIND dnssec-keygen tool. Note that the filename contains information 122about the algorithm and keytag. 123 124 125=head2 new (from private key parameters) 126 127 $private = Net::DNS::SEC::Private->new( 128 'algorithm' => '13', 129 'keytag' => '26512', 130 'privatekey' => 'h/mc+iq9VDUbNAjQgi8S8JzlEX29IALchwJmNM3QYKk=', 131 'signame' => 'example.com.' 132 ); 133 134The arguments define the private key parameters as (name,value) pairs. 135The name and data representation are identical to that used in a BIND 136private keyfile. 137 138 139=head2 private_key_format 140 141 $format = $private->private_key_format; 142 143Returns a string which identifies the format of the private key file. 144 145 146=head2 algorithm, keytag, signame 147 148 $algorithm = $private->algorithm; 149 $keytag = $private->keytag; 150 $signame = $private->signame; 151 152Returns the corresponding attribute determined from the filename. 153 154 155=head2 Private key attributes 156 157 $attribute = $private->attribute; 158 159Returns the value as it appears in the private key file. 160The attribute names correspond to the tag in the key file, modified 161to form an acceptable Perl subroutine name. 162 163 164=head2 created, publish, activate 165 166 $created = $private->created; 167 $publish = $private->publish; 168 $activate = $private->activate; 169 170Returns a string which represents a date in the form 20141212123456. 171Returns undefined value for key formats older than v1.3. 172 173 174=head1 COPYRIGHT 175 176Copyright (c)2014,2018 Dick Franks 177 178All Rights Reserved 179 180 181=head1 LICENSE 182 183Permission to use, copy, modify, and distribute this software and its 184documentation for any purpose and without fee is hereby granted, provided 185that the original copyright notices appear in all copies and that both 186copyright notice and this permission notice appear in supporting 187documentation, and that the name of the author not be used in advertising 188or publicity pertaining to distribution of the software without specific 189prior written permission. 190 191THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 192IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 193FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 194THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 195LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 196FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 197DEALINGS IN THE SOFTWARE. 198 199 200=head1 SEE ALSO 201 202L<perl>, L<Net::DNS>, L<Net::DNS::SEC>, 203L<Net::DNS::RR::DNSKEY>, L<Net::DNS::RR::RRSIG> 204 205=cut 206 207