pub enum Algorithm {
}
Expand description
RFC 4398, Storing Certificates in DNS, November 1987
[2.2](https://datatracker.ietf.org/doc/html/rfc4398#section-2.2). Text Representation of CERT RRs
The RDATA portion of a CERT RR has the type field as an unsigned
decimal integer or as a mnemonic symbol as listed in [Section 2.1](https://datatracker.ietf.org/doc/html/rfc4398#section-2.1),
above.
The key tag field is represented as an unsigned decimal integer.
The algorithm field is represented as an unsigned decimal integer or
a mnemonic symbol as listed in [[12](https://datatracker.ietf.org/doc/html/rfc4398#ref-12)].
[12] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose,
"Resource Records for the DNS Security Extensions", RFC 4034,
March 2005.
[RFC 4034, Resource Records for the DNS Security Extensions, March 2005][rfc4034]
https://tools.ietf.org/html/rfc4034#appendix-A.1
[A.1](https://datatracker.ietf.org/doc/html/rfc4034#appendix-A.1). DNSSEC Algorithm Types
The DNSKEY, RRSIG, and DS RRs use an 8-bit number to identify the
security algorithm being used. These values are stored in the
"Algorithm number" field in the resource record RDATA.
Some algorithms are usable only for zone signing (DNSSEC), some only
for transaction security mechanisms (SIG(0) and TSIG), and some for
both. Those usable for zone signing may appear in DNSKEY, RRSIG, and
DS RRs. Those usable for transaction security would be present in
SIG(0) and KEY RRs, as described in [RFC2931].
Zone
Value Algorithm [Mnemonic] Signing References Status
----- -------------------- --------- ---------- ---------
0 reserved
1 RSA/MD5 [RSAMD5] n [RFC2537] NOT RECOMMENDED
2 Diffie-Hellman [DH] n [RFC2539] -
3 DSA/SHA-1 [DSA] y [RFC2536] OPTIONAL
4 Elliptic Curve [ECC] TBA -
5 RSA/SHA-1 [RSASHA1] y [RFC3110] MANDATORY
252 Indirect [INDIRECT] n -
253 Private [PRIVATEDNS] y see below OPTIONAL
254 Private [PRIVATEOID] y see below OPTIONAL
255 reserved
6 - 251 Available for assignment by IETF Standards Action.
(RFC Required) Domain Name System Security (DNSSEC) Algorithm Numbers
Created: 2003-11-03, Last Updated: 2024-04-16
https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.txt
Zone
Value Algorithm [Mnemonic] Signing References
----- -------------------- --------- ----------
6 DSA-NSEC3-SHA1 [DSA-NSEC3-SHA1] Y [RFC5155][proposed standard]
7 RSASHA1-NSEC3-SHA1 [RSASHA1-NSEC3-SHA1] Y [RFC5155][proposed standard]
8 RSA/SHA-256 [RSASHA256] Y [RFC5702][proposed standard]
9 reserved
10 RSA/SHA-512 [RSASHA512] Y [RFC5702][proposed standard]
11 reserved
12 GOST R 34.10-2001 [ECC-GOST] Y [RFC5933][proposed standard]
13 ECDSA Curve P-256 with SHA-256 [ECDSAP256SHA256] Y [RFC6605][proposed standard]
14 ECDSA Curve P-384 with SHA-384 [ECDSAP384SHA384] Y [RFC6605][proposed standard]
15 Ed25519 [ED25519] Y [RFC8080][proposed standard]
16 Ed448 [ED448] Y [RFC8080][proposed standard]
17 SM2 signing with SM3 hashing [SM2SM3] Y [RFC-cuiling-dnsop-sm2-alg-15][informational]
18-22 Unassigned
23 GOST R 34.10-2012 [ECC-GOST12] Y [RFC9558][informational]
24-122 Unassigned
123-251 reserved
Variants§
Reserved(u8)
0, 9, 11, 123-251, 255 reserved
RSAMD5
1 RSA/MD5 (RFC 2537)
DH
2 Diffie-Hellman (RFC 2539)
DSA
3 DSA/SHA-1 (RFC 2536)
ECC
4 Elliptic Curve
RSASHA1
5 RSA/SHA-1 (RFC 3110)
INDIRECT
252 Indirect
PRIVATEDNS
253 Private
PRIVATEOID
254 Private
DSANSEC3SHA1
6 DSA-NSEC3-SHA1 (RFC 5155)
RSASHA1NSEC3SHA1
7 RSASHA1-NSEC3-SHA1 (RFC5155)
RSASHA256
8 RSA/SHA-256 (RFC 5702)
RSASHA512
10 RSA/SHA-512 (RFC 5702)
ECCGOST
12 GOST R 34.10-2001 (RFC 5933)
ECDSAP256SHA256
13 ECDSA Curve P-256 with SHA-256 (RFC 6605)
ECDSAP384SHA384
14 ECDSA Curve P-384 with SHA-384 (RFC 6605)
ED25519
15 Ed25519 (RFC 8080)
ED448
16 Ed448 (RFC 8080)
SM2SM3
17 SM2 signing with SM3 hashing (RFC-cuiling-dnsop-sm2-alg-15)
ECCGOST12
23 GOST R 34.10-2012 (RFC 9558)
Unassigned(u8)
18-22, 24-122 Unassigned
Trait Implementations§
Source§impl<'r> BinDecodable<'r> for Algorithm
impl<'r> BinDecodable<'r> for Algorithm
Source§fn read(decoder: &mut BinDecoder<'r>) -> Result<Self, ProtoError>
fn read(decoder: &mut BinDecoder<'r>) -> Result<Self, ProtoError>
Read the type from the stream
Source§fn from_bytes(bytes: &'r [u8]) -> Result<Self, ProtoError>
fn from_bytes(bytes: &'r [u8]) -> Result<Self, ProtoError>
Returns the object in binary form
Source§impl<'de> Deserialize<'de> for Algorithm
impl<'de> Deserialize<'de> for Algorithm
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
impl Copy for Algorithm
impl Eq for Algorithm
impl StructuralPartialEq for Algorithm
Auto Trait Implementations§
impl Freeze for Algorithm
impl RefUnwindSafe for Algorithm
impl Send for Algorithm
impl Sync for Algorithm
impl Unpin for Algorithm
impl UnwindSafe for Algorithm
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
Source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
Compare self to
key
and return true
if they are equal.