public void SimpleTest()
{
Assert.AreEqual <SerialNumber32>(1, 1);
Assert.AreNotEqual <SerialNumber32>(1, 2);
MoreAssert.IsBigger(1, 2);
MoreAssert.IsSmaller(2, 1);
SerialNumber32 serialNumber = 1;
serialNumber = serialNumber.Add(10);
Assert.AreEqual <SerialNumber32>(11, serialNumber);
serialNumber = serialNumber.Add(((uint)1 << 31) - 1);
Assert.AreEqual <SerialNumber32>(2147483658, serialNumber);
MoreAssert.IsSmaller <SerialNumber32>(1, serialNumber);
MoreAssert.IsBigger <SerialNumber32>(20, serialNumber);
serialNumber = serialNumber.Add(((uint)1 << 31) - 1);
Assert.AreEqual <SerialNumber32>(9, serialNumber);
Assert.IsTrue(new SerialNumber32(1) < new SerialNumber32(2));
Assert.IsTrue(new SerialNumber32(2) > new SerialNumber32(1));
// ReSharper disable EqualExpressionComparison
Assert.IsFalse(new SerialNumber32(1) < new SerialNumber32(1));
Assert.IsFalse(new SerialNumber32(1) > new SerialNumber32(1));
// ReSharper restore EqualExpressionComparison
Assert.IsTrue(new SerialNumber32(2) != new SerialNumber32(1));
Assert.IsFalse(new SerialNumber32(1) != new SerialNumber32(0).Add(1));
Assert.IsTrue(new SerialNumber32(2) == new SerialNumber32(1).Add(1));
Assert.IsFalse(new SerialNumber32(1).Equals(1.0));
Assert.AreEqual("1", new SerialNumber32(1).ToString());
}
public void OverflowAddTest()
{
SerialNumber32 serialNumber = 1;
serialNumber = serialNumber.Add((uint)1 << 31);
Assert.Fail(serialNumber.ToString());
}
/// <summary>
/// Constructs an instance out of the algorithm, inception, expiration, mode, error, key and other fields.
/// </summary>
/// <param name="algorithm">
/// Name of the algorithm in domain name syntax.
/// The algorithm determines how the secret keying material agreed to using the TKEY RR is actually used to derive the algorithm specific key.
/// </param>
/// <param name="inception">
/// Number of seconds since the beginning of 1 January 1970 GMT ignoring leap seconds treated as modulo 2**32 using ring arithmetic.
/// In messages between a DNS resolver and a DNS server where this field is meaningful,
/// it is either the requested validity interval start for the keying material asked for or
/// specify the validity interval start of keying material provided.
///
/// To avoid different interpretations of the inception time in TKEY RRs,
/// resolvers and servers exchanging them must have the same idea of what time it is.
/// One way of doing this is with the NTP protocol [RFC 2030] but that or any other time synchronization used for this purpose must be done securely.
/// </param>
/// <param name="expiration">
/// Number of seconds since the beginning of 1 January 1970 GMT ignoring leap seconds treated as modulo 2**32 using ring arithmetic.
/// In messages between a DNS resolver and a DNS server where this field is meaningful,
/// it is either the requested validity interval end for the keying material asked for or
/// specify the validity interval end of keying material provided.
///
/// To avoid different interpretations of the expiration time in TKEY RRs,
/// resolvers and servers exchanging them must have the same idea of what time it is.
/// One way of doing this is with the NTP protocol [RFC 2030] but that or any other time synchronization used for this purpose must be done securely.
/// </param>
/// <param name="mode">
/// Specifies the general scheme for key agreement or the purpose of the TKEY DNS message.
/// Servers and resolvers supporting this specification must implement the Diffie-Hellman key agreement mode and the key deletion mode for queries.
/// All other modes are optional.
/// A server supporting TKEY that receives a TKEY request with a mode it does not support returns the BADMODE error.
/// </param>
/// <param name="error">
/// When the TKEY Error Field is non-zero in a response to a TKEY query, the DNS header RCODE field indicates no error.
/// However, it is possible if a TKEY is spontaneously included in a response the TKEY RR and DNS header error field
/// could have unrelated non-zero error codes.
/// </param>
/// <param name="key">The key exchange data. The meaning of this data depends on the mode.</param>
/// <param name="other">May be used in future extensions.</param>
public DnsResourceDataTransactionKey(DnsDomainName algorithm, SerialNumber32 inception, SerialNumber32 expiration, DnsTransactionKeyMode mode,
DnsResponseCode error, DataSegment key, DataSegment other)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (other == null)
{
throw new ArgumentNullException("other");
}
if (key.Length > ushort.MaxValue)
{
throw new ArgumentOutOfRangeException("key", key.Length,
string.Format(CultureInfo.InvariantCulture, "Cannot be longer than {0}", ushort.MaxValue));
}
if (other.Length > ushort.MaxValue)
{
throw new ArgumentOutOfRangeException("other", other.Length,
string.Format(CultureInfo.InvariantCulture, "Cannot be longer than {0}", ushort.MaxValue));
}
Algorithm = algorithm;
Inception = inception;
Expiration = expiration;
Mode = mode;
Error = error;
Key = key;
Other = other;
}
public DnsResourceDataTransactionKey(DnsDomainName algorithm, SerialNumber32 inception, SerialNumber32 expiration, DnsTransactionKeyMode mode, DnsResponseCode error, DataSegment key, DataSegment other)
{
if (key == null)
{
throw new ArgumentNullException("key");
}
if (other == null)
{
throw new ArgumentNullException("other");
}
if (key.Length > (int)ushort.MaxValue)
{
throw new ArgumentOutOfRangeException("key", (object)key.Length, string.Format((IFormatProvider)CultureInfo.InvariantCulture, "Cannot be longer than {0}", new object[1]
{
(object)ushort.MaxValue
}));
}
if (other.Length > (int)ushort.MaxValue)
{
throw new ArgumentOutOfRangeException("other", (object)other.Length, string.Format((IFormatProvider)CultureInfo.InvariantCulture, "Cannot be longer than {0}", new object[1]
{
(object)ushort.MaxValue
}));
}
this.Algorithm = algorithm;
this.Inception = inception;
this.Expiration = expiration;
this.Mode = mode;
this.Error = error;
this.Key = key;
this.Other = other;
}
/// <summary>
/// Constructs an instance out of the main name server, responsible mailbox, serial, refresh, retry, expire and minimum TTL fields.
/// </summary>
/// <param name="mainNameServer">The domain-name of the name server that was the original or primary source of data for this zone.</param>
/// <param name="responsibleMailbox">A domain-name which specifies the mailbox of the person responsible for this zone.</param>
/// <param name="serial">
/// The unsigned 32 bit version number of the original copy of the zone.
/// Zone transfers preserve this value.
/// This value wraps and should be compared using sequence space arithmetic.
/// </param>
/// <param name="refresh">A 32 bit time interval before the zone should be refreshed.</param>
/// <param name="retry">A 32 bit time interval that should elapse before a failed refresh should be retried.</param>
/// <param name="expire">
/// A 32 bit time value that specifies the upper limit on the time interval that can elapse before the zone is no longer authoritative.
/// </param>
/// <param name="minimumTtl">The unsigned 32 bit minimum TTL field that should be exported with any RR from this zone.</param>
public DnsResourceDataStartOfAuthority(DnsDomainName mainNameServer, DnsDomainName responsibleMailbox,
SerialNumber32 serial, uint refresh, uint retry, uint expire, uint minimumTtl)
{
MainNameServer = mainNameServer;
ResponsibleMailbox = responsibleMailbox;
Serial = serial;
Refresh = refresh;
Retry = retry;
Expire = expire;
MinimumTtl = minimumTtl;
}
/// <summary>
/// Constructs an instance out of the type covered, algorithm, labels, original TTL, signature expiration, signature inception, key tag,
/// signer's name and signature fields.
/// </summary>
/// <param name="typeCovered">The type of the other RRs covered by this SIG.</param>
/// <param name="algorithm">The key algorithm.</param>
/// <param name="labels">
/// An unsigned count of how many labels there are in the original SIG RR owner name not counting the null label for root and not counting any initial "*" for a wildcard.
/// If a secured retrieval is the result of wild card substitution, it is necessary for the resolver to use the original form of the name in verifying the digital signature.
/// This field makes it easy to determine the original form.
///
/// If, on retrieval, the RR appears to have a longer name than indicated by "labels", the resolver can tell it is the result of wildcard substitution.
/// If the RR owner name appears to be shorter than the labels count, the SIG RR must be considered corrupt and ignored.
/// The maximum number of labels allowed in the current DNS is 127 but the entire octet is reserved and would be required should DNS names ever be expanded to 255 labels.
/// </param>
/// <param name="originalTtl">
/// The "original TTL" field is included in the RDATA portion to avoid
/// (1) authentication problems that caching servers would otherwise cause by decrementing the real TTL field and
/// (2) security problems that unscrupulous servers could otherwise cause by manipulating the real TTL field.
/// This original TTL is protected by the signature while the current TTL field is not.
///
/// NOTE: The "original TTL" must be restored into the covered RRs when the signature is verified.
/// This generaly implies that all RRs for a particular type, name, and class, that is, all the RRs in any particular RRset, must have the same TTL to start with.
/// </param>
/// <param name="signatureExpiration">
/// The last time the signature is valid.
/// Numbers of seconds since the start of 1 January 1970, GMT, ignoring leap seconds.
/// Ring arithmetic is used.
/// This time can never be more than about 68 years after the inception.
/// </param>
/// <param name="signatureInception">
/// The first time the signature is valid.
/// Numbers of seconds since the start of 1 January 1970, GMT, ignoring leap seconds.
/// Ring arithmetic is used.
/// This time can never be more than about 68 years before the expiration.
/// </param>
/// <param name="keyTag">
/// Used to efficiently select between multiple keys which may be applicable and thus check that a public key about to be used
/// for the computationally expensive effort to check the signature is possibly valid.
/// For algorithm 1 (MD5/RSA) as defined in RFC 2537,
/// it is the next to the bottom two octets of the public key modulus needed to decode the signature field.
/// That is to say, the most significant 16 of the least significant 24 bits of the modulus in network (big endian) order.
/// For all other algorithms, including private algorithms, it is calculated as a simple checksum of the KEY RR.
/// </param>
/// <param name="signersName">
/// The domain name of the signer generating the SIG RR.
/// This is the owner name of the public KEY RR that can be used to verify the signature.
/// It is frequently the zone which contained the RRset being authenticated.
/// Which signers should be authorized to sign what is a significant resolver policy question.
/// The signer's name may be compressed with standard DNS name compression when being transmitted over the network.
/// </param>
/// <param name="signature">
/// The actual signature portion of the SIG RR binds the other RDATA fields to the RRset of the "type covered" RRs with that owner name and class.
/// This covered RRset is thereby authenticated.
/// To accomplish this, a data sequence is constructed as follows:
///
/// data = RDATA | RR(s)...
///
/// where "|" is concatenation,
///
/// RDATA is the wire format of all the RDATA fields in the SIG RR itself (including the canonical form of the signer's name) before but not including the signature,
/// and RR(s) is the RRset of the RR(s) of the type covered with the same owner name and class as the SIG RR in canonical form and order.
///
/// How this data sequence is processed into the signature is algorithm dependent.
/// </param>
public DnsResourceDataSignature(DnsType typeCovered, DnsAlgorithm algorithm, byte labels, uint originalTtl, SerialNumber32 signatureExpiration,
SerialNumber32 signatureInception, ushort keyTag, DnsDomainName signersName, DataSegment signature)
{
TypeCovered = typeCovered;
Algorithm = algorithm;
Labels = labels;
OriginalTtl = originalTtl;
SignatureExpiration = signatureExpiration;
SignatureInception = signatureInception;
KeyTag = keyTag;
SignersName = signersName;
Signature = signature;
}
public static void AssertValue(this XElement element, SerialNumber32 expectedValue)
{
element.AssertValue(expectedValue.Value);
}
public static void AssertValue(this XElement element, SerialNumber32 expectedValue)
{
element.AssertValue(expectedValue.Value);
}
