-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtdasutils.py
60 lines (48 loc) · 2.07 KB
/
tdasutils.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
from datetime import datetime
import dns.resolver
def get_public_key(key_domain_name: str):
dns_answers = dns.resolver.resolve(key_domain_name, "TXT").rrset
if len(dns_answers) > 1:
raise Exception("DNS query for key returned more than 1 record")
txt_record = dns_answers[0].to_text()
# Clean up string for processing
txt_record = txt_record.replace("\"", "") # Get rid of double quotes
txt_record = txt_record.replace(" ", "") # Remove spaces
version = None
key_format = None
public_key = ""
begin_date = None
expiry_date = None
# Parse properties in DNS record
properties = txt_record.split(";")
for p in properties:
entries = p.split("=")
if entries[0] == "":
continue
elif entries[0] == "k": # Public key property requires special handling due to possibility of other ='s in string
for i in range(1, len(entries)):
public_key += entries[i]
continue
elif len(entries) != 2:
raise Exception("Invalid property in DNS record")
key, value = entries
if key == "v":
value = int(value.replace("TDAS", ""))
if value != 1:
raise Exception("DNS record has incompatible TDAS version")
version = value
elif key == "f":
if value != "ed25519":
raise Exception("Unknown key type in DNS record")
key_format = value
elif key == "b":
begin_date = datetime.fromtimestamp(int(value))
elif key == "e":
expiry_date = datetime.fromtimestamp(int(value))
else:
raise Exception("Unknown property in DNS record")
if version is None or key_format is None or public_key == "" or begin_date is None or expiry_date is None:
raise Exception("Required properties not all specified in DNS record")
if begin_date >= expiry_date:
raise Exception("Invalid key begin/expiry dates")
return (version, key_format, public_key + "=", begin_date, expiry_date)