DNS.Message.Record.Data.RRSIG (DNS v0.4.1)

View Source

DNS RRSIG Record (Type 46)

The RRSIG record contains a digital signature for a set of resource records in DNSSEC. It is used to verify the authenticity and integrity of DNS data.

RFC 4034 defines the RRSIG record format:

  • Type Covered: 2 octets (RR type being signed)
  • Algorithm: 1 octet
  • Labels: 1 octet
  • Original TTL: 4 octets
  • Signature Expiration: 4 octets
  • Signature Inception: 4 octets
  • Key Tag: 2 octets
  • Signer's Name: domain name
  • Signature: variable length (base64 encoded)

Summary

Types

t()

@type t() :: %DNS.Message.Record.Data.RRSIG{
  data:
    {type_covered :: DNS.ResourceRecordType.t(), algorithm :: 0..255,
     labels :: 0..255, original_ttl :: 0..4_294_967_295,
     signature_expiration :: 0..4_294_967_295,
     signature_inception :: 0..4_294_967_295, key_tag :: 0..65535,
     signers_name :: DNS.Message.Domain.t(), signature :: binary()},
  raw: bitstring(),
  rdlength: 0..65535,
  type: DNS.ResourceRecordType.t()
}

Functions

from_iodata(raw, message \\ nil)

@spec from_iodata(bitstring(), bitstring() | nil) :: t()

new(arg)