hickory_proto::dnssec

Enum Algorithm

Source
#[non_exhaustive]
pub enum Algorithm { RSAMD5, DSA, RSASHA1, RSASHA1NSEC3SHA1, RSASHA256, RSASHA512, ECDSAP256SHA256, ECDSAP384SHA384, ED25519, Unknown(u8), }
Available on crate feature dnssec only.
Expand description

DNSSEC signing and validation algorithms.

For reference the iana documents have all the officially registered algorithms.

RFC 6944, DNSSEC DNSKEY Algorithm Status, April 2013


2.2.  Algorithm Implementation Status Assignment Rationale

RSASHA1 has an implementation status of Must Implement, consistent
with [RFC4034].  RSAMD5 has an implementation status of Must Not
Implement because of known weaknesses in MD5.

The status of RSASHA1-NSEC3-SHA1 is set to Recommended to Implement
as many deployments use NSEC3.  The status of RSA/SHA-256 and RSA/
SHA-512 are also set to Recommended to Implement as major deployments
(such as the root zone) use these algorithms [ROOTDPS].  It is
believed that RSA/SHA-256 or RSA/SHA-512 algorithms will replace
older algorithms (e.g., RSA/SHA-1) that have a perceived weakness.

Likewise, ECDSA with the two identified curves (ECDSAP256SHA256 and
ECDSAP384SHA384) is an algorithm that may see widespread use due to
the perceived similar level of security offered with smaller key size
compared to the key sizes of algorithms such as RSA.  Therefore,
ECDSAP256SHA256 and ECDSAP384SHA384 are Recommended to Implement.

All other algorithms used in DNSSEC specified without an
implementation status are currently set to Optional.

2.3.  DNSSEC Implementation Status Table

The DNSSEC algorithm implementation status table is listed below.
Only the algorithms already specified for use with DNSSEC at the time
of writing are listed.

 +------------+------------+-------------------+-------------------+
 |    Must    |  Must Not  |    Recommended    |      Optional     |
 |  Implement | Implement  |   to Implement    |                   |
 +------------+------------+-------------------+-------------------+
 |            |            |                   |                   |
 |   RSASHA1  |   RSAMD5   |   RSASHA256       |   Any             |
 |            |            |   RSASHA1-NSEC3   |   registered      |
 |            |            |    -SHA1          |   algorithm       |
 |            |            |   RSASHA512       |   not listed in   |
 |            |            |   ECDSAP256SHA256 |   this table      |
 |            |            |   ECDSAP384SHA384 |                   |
 +------------+------------+-------------------+-------------------+

   This table does not list the Reserved values in the IANA registry
   table or the values for INDIRECT (252), PRIVATE (253), and PRIVATEOID
   (254).  These values may relate to more than one algorithm and are
   therefore up to the implementer's discretion.  As noted, any
   algorithm not listed in the table is Optional.  As of this writing,
   the Optional algorithms are DSASHA1, DH, DSA-NSEC3-SHA1, and GOST-
   ECC, but in general, anything not explicitly listed is Optional.

2.4.  Specifying New Algorithms and Updating the Status of Existing
      Entries

   [RFC6014] establishes a parallel procedure for adding a registry
   entry for a new algorithm other than a standards track document.
   Because any algorithm not listed in the foregoing table is Optional,
   algorithms entered into the registry using the [RFC6014] procedure
   are automatically Optional.

   It has turned out to be useful for implementations to refer to a
   single document that specifies the implementation status of every
   algorithm.  Accordingly, when a new algorithm is to be registered
   with a status other than Optional, this document shall be made
   obsolete by a new document that adds the new algorithm to the table
   in Section 2.3.  Similarly, if the status of any algorithm in the
   table in Section 2.3 changes, a new document shall make this document
   obsolete; that document shall include a replacement of the table in
   Section 2.3.  This way, the goal of having one authoritative document
   to specify all the status values is achieved.

   This document cannot be updated, only made obsolete and replaced by a
   successor document.

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

RSAMD5

👎Deprecated: this is a compromised hashing function, it is here for backward compatibility

DO NOT USE, MD5 is a compromised hashing function, it is here for backward compatibility

§

DSA

👎Deprecated: this is a compromised hashing function, it is here for backward compatibility

DO NOT USE, DSA is a compromised hashing function, it is here for backward compatibility

§

RSASHA1

👎Deprecated: this is a compromised hashing function, it is here for backward compatibility

DO NOT USE, SHA1 is a compromised hashing function, it is here for backward compatibility

§

RSASHA1NSEC3SHA1

👎Deprecated: this is a compromised hashing function, it is here for backward compatibility

DO NOT USE, SHA1 is a compromised hashing function, it is here for backward compatibility

§

RSASHA256

RSA public key with SHA256 hash

§

RSASHA512

RSA public key with SHA512 hash

§

ECDSAP256SHA256

§

ECDSAP384SHA384

§

ED25519

§

Unknown(u8)

An unknown algorithm identifier

Implementations§

Source§

impl Algorithm

Source

pub fn from_u8(value: u8) -> Self

Source

pub fn is_supported(&self) -> bool

Whether this algorithm is supported by hickory’s build settings

Source

pub fn hash_len(self) -> Option<usize>

length in bytes that the hash portion of this function will produce

Source

pub fn to_str(self) -> &'static str

👎Deprecated: use as_str instead

Convert to string form

Source

pub fn as_str(self) -> &'static str

Convert to string form

Trait Implementations§

Source§

impl<'r> BinDecodable<'r> for Algorithm

Source§

fn read(decoder: &mut BinDecoder<'r>) -> Result<Self, ProtoError>

Read the type from the stream
Source§

fn from_bytes(bytes: &'r [u8]) -> Result<Self, ProtoError>

Returns the object in binary form
Source§

impl BinEncodable for Algorithm

Source§

fn emit(&self, encoder: &mut BinEncoder<'_>) -> Result<(), ProtoError>

Write the type to the stream
Source§

fn to_bytes(&self) -> Result<Vec<u8>, ProtoError>

Returns the object in binary form
Source§

impl Clone for Algorithm

Source§

fn clone(&self) -> Algorithm

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for Algorithm

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for Algorithm

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Display for Algorithm

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more
Source§

impl From<Algorithm> for &'static str

Source§

fn from(a: Algorithm) -> &'static str

Converts to this type from the input type.
Source§

impl From<Algorithm> for SupportedAlgorithms

Source§

fn from(algorithm: Algorithm) -> Self

Converts to this type from the input type.
Source§

impl From<Algorithm> for u8

Source§

fn from(a: Algorithm) -> Self

Converts to this type from the input type.
Source§

impl Hash for Algorithm

Source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl Ord for Algorithm

Source§

fn cmp(&self, other: &Algorithm) -> Ordering

This method returns an Ordering between self and other. Read more
1.21.0 · Source§

fn max(self, other: Self) -> Self
where Self: Sized,

Compares and returns the maximum of two values. Read more
1.21.0 · Source§

fn min(self, other: Self) -> Self
where Self: Sized,

Compares and returns the minimum of two values. Read more
1.50.0 · Source§

fn clamp(self, min: Self, max: Self) -> Self
where Self: Sized,

Restrict a value to a certain interval. Read more
Source§

impl PartialEq for Algorithm

Source§

fn eq(&self, other: &Algorithm) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl PartialOrd for Algorithm

Source§

fn partial_cmp(&self, other: &Algorithm) -> Option<Ordering>

This method returns an ordering between self and other values if one exists. Read more
1.0.0 · Source§

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator. Read more
1.0.0 · Source§

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator. Read more
1.0.0 · Source§

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator. Read more
1.0.0 · Source§

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator. Read more
Source§

impl Serialize for Algorithm

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl TryFrom<Algorithm> for DigestType

Source§

type Error = ProtoError

The type returned in the event of a conversion error.
Source§

fn try_from(a: Algorithm) -> Result<Self, Self::Error>

Performs the conversion.
Source§

impl Copy for Algorithm

Source§

impl Eq for Algorithm

Source§

impl StructuralPartialEq for Algorithm

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
Source§

impl<Q, K> Comparable<K> for Q
where Q: Ord + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn compare(&self, key: &K) -> Ordering

Compare self to key and return their ordering.
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
Source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

Source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

default fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> MaybeSendSync for T