[Opendnssec-user]DS Calculation
=?us-ascii?B?wfXLtg==?=
shuoleo at 126.com
Mon Aug 13 07:00:50 UTC 2012
Hi all,
Is there someone knows how to calculate DS RR? I find the formula in rfc 4034, but get puzzled:
"
The digest is calculated by concatenating the canonical form of the
fully qualified owner name of the DNSKEY RR with the DNSKEY RDATA,
and then applying the digest algorithm.
digest = digest_algorithm( DNSKEY owner name | DNSKEY RDATA);
"|" denotes concatenation
DNSKEY RDATA = Flags | Protocol | Algorithm | Public Key.
"
If there is a DNSKEY RR as follows:
se. 3600 IN DNSKEY 257 3 5 AwEAAZYYG1hpk8XKHNHpdO/E
Eg+r4YmIEC4Fn3x2DEsygxDuoT9d/QCi X1pz0omFGCaVfCWHvaScVvWd4xP4kNDnSDQxBzPwLEXE3l0
cLseMJ2YM QeBPf3hGhLs6VSDnGFKAzNG4fhri9EBTLv9ubL8Kx8cWQKuu3A5HRVD3 li7lZB+0kmUKq
GiIQdERKt/Ec36BkK93lyGags5RrR2VDdrXCj9Yay90 KCKITk52AbwVoMPm0OYlPbD4ViBPMk5nmh/d
PeCoZoVJxgANZ/doVQxR 5vDkMBYxuhrXuQk3CvZBB011NsXxk9yHtHvp/5gjUVJjvhdRvjRB6/xY R0
3c9owi/aM=
How to calculate ds using the formula above?
Is "1(se.|257|3|5|AwEAAZYYG1hpk8XK...)" right for sha-1 ? But I know it's wrong.
I have tried many other forms but haven't get the right result yet, is there anyone
knows how to do it?
Best regards,
Stuart
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-user/attachments/20120813/7b2c28a2/attachment.htm>
More information about the Opendnssec-user
mailing list