Golang dns.RR_RRSIG类(方法)实例源码

// shorten RRSIG to "miek.nl RRSIG(NS)"
func shortSig(sig *dns.RR_RRSIG) string {
	return sig.Header().Name + " RRSIG(" + dns.Rr_str[sig.TypeCovered] + ")"
}

func sign(m *dns.Msg) *dns.Msg {
	sg := new(dns.RR_RRSIG)
	sg.Hdr = dns.RR_Header{"www.example.org.", dns.TypeRRSIG, dns.ClassINET, 14400, 0}
	sg.Expiration = 1296534305  // date -u '+%s' -d"2011-02-01 04:25:05"
	sg.Inception = 1293942305   // date -u '+%s' -d"2011-01-02 04:25:05"
	sg.KeyTag = pubkey.KeyTag() // Get the keyfrom the Key
	sg.SignerName = pubkey.Hdr.Name
	sg.Algorithm = dns.AlgRSASHA256

	if len(m.Answer) > 0 {
		// sign the first record
		an := m.Answer[0]
		sg.TypeCovered = an.Header().Rrtype
		sg.Labels = dns.LabelCount(an.Header().Name)
		sg.OrigTtl = an.Header().Ttl
		switch p := privkey.(type) {
		case *rsa.PrivateKey:
			sg.Sign(p, []dns.RR{an})
		}
	}
	m.Answer = append(m.Answer, sg)
	return m
}