/// <summary> /// Constructs an instance from the certificate type, key tag, algorithm and certificate fields. /// </summary> /// <param name="certificateType">The certificate type.</param> /// <param name="keyTag"> /// Value computed for the key embedded in the certificate, using the RRSIG Key Tag algorithm. /// This field is used as an efficiency measure to pick which CERT RRs may be applicable to a particular key. /// The key tag can be calculated for the key in question, and then only CERT RRs with the same key tag need to be examined. /// Note that two different keys can have the same key tag. /// However, the key must be transformed to the format it would have as the public key portion of a DNSKEY RR before the key tag is computed. /// This is only possible if the key is applicable to an algorithm and complies to limits (such as key size) defined for DNS security. /// If it is not, the algorithm field must be zero and the tag field is meaningless and should be zero. /// </param> /// <param name="algorithm"> /// Has the same meaning as the algorithm field in DNSKEY and RRSIG RRs, /// except that a zero algorithm field indicates that the algorithm is unknown to a secure DNS, /// which may simply be the result of the algorithm not having been standardized for DNSSEC. /// </param> /// <param name="certificate">The certificate data according to the type.</param> public DnsResourceDataCertificate(DnsCertificateType certificateType, ushort keyTag, DnsAlgorithm algorithm, DataSegment certificate) { CertificateType = certificateType; KeyTag = keyTag; Algorithm = algorithm; Certificate = certificate; }
internal override DnsResourceData CreateInstance(DataSegment data) { if (data.Length < ConstantPartLength) { return(null); } DnsCertificateType type = (DnsCertificateType)data.ReadUShort(Offset.Type, Endianity.Big); ushort keyTag = data.ReadUShort(Offset.KeyTag, Endianity.Big); DnsAlgorithm algorithm = (DnsAlgorithm)data[Offset.Algorithm]; DataSegment certificate = data.Subsegment(Offset.Certificate, data.Length - ConstantPartLength); return(new DnsResourceDataCertificate(type, keyTag, algorithm, certificate)); }