Thank you, I will try integrating this code. Could you take a few minutes and explain how it works? Most of it I get, but where do the values "!H" and "!HBB" come from?
On Fri, Jul 13, 2012 at 2:07 PM, Casey Deccio <[email protected]> wrote: > On Fri, Jul 13, 2012 at 10:43 AM, Adam Portier <[email protected]>wrote: > >> Hello. I am learning Python and specifically dnspython in order to write >> my own DNSSEC domain validator. I have run into an issue calculating the >> key tag value from a DNSKEY response. I was directed to RFC 4034 from a >> script I found on the web for an example in C for how to calculate the key >> tag from a wire representation of the record. I tried implementing the >> method myself and I am getting very different results than what are >> returned by drill or dnsviz.net. I am sure I am doing this wrong. Could >> someone assist me with a code snippet that takes a DNSKEY object and >> determines the key tag to be matched up against a corresponding DS record? >> >> > def key_tag(rdata): > '''Return the key_tag for the given DNSKEY rdata, > as specified in RFC 4034.''' > > if rdata.algorithm == 1: > return struct.unpack('!H', rdata.key[-3:-1])[0] > > key_str = struct.pack('!HBB', rdata.flags, rdata.protocol, > rdata.algorithm) + rdata.key > > ac = 0 > for i in range(len(key_str)): > b, = struct.unpack('B',key_str[i]) > if i & 1: > ac += b > else: > ac += (b << 8) > > ac += (ac >> 16) & 0xffff > return ac & 0xffff > -- Adam Portier
_______________________________________________ dnspython-users mailing list [email protected] http://howl.play-bow.org/mailman/listinfo/dnspython-users
