protected KeyRecordBase(DomainName name, RecordClass recordClass, int timeToLive, ushort flags, ProtocolType protocol, DnsSecAlgorithm algorithm)
: base(name, RecordType.Key, recordClass, timeToLive)
{
Flags = flags;
Protocol = protocol;
Algorithm = algorithm;
}
public static int GetPriority(this DnsSecAlgorithm algorithm)
{
switch (algorithm)
{
case DnsSecAlgorithm.RsaSha1:
return(100);
case DnsSecAlgorithm.Dsa:
return(90);
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
return(100);
case DnsSecAlgorithm.DsaNsec3Sha1:
return(90);
case DnsSecAlgorithm.RsaSha256:
return(80);
case DnsSecAlgorithm.RsaSha512:
return(70);
case DnsSecAlgorithm.EccGost:
return(110);
case DnsSecAlgorithm.EcDsaP256Sha256:
return(60);
case DnsSecAlgorithm.EcDsaP384Sha384:
return(50);
default:
throw new NotSupportedException();
}
}
/// <summary>
/// Creates a new key record.
/// </summary>
/// <param name="name">The name.</param>
/// <param name="recordClass">The record class.</param>
/// <param name="timeToLive">The time-to-live.</param>
/// <param name="flags">The flags.</param>
/// <param name="protocol">The protocol.</param>
/// <param name="algorithm">The algorithm.</param>
protected KeyRecordBase(string name, RecordClass recordClass, int timeToLive, ushort flags, ProtocolType protocol, DnsSecAlgorithm algorithm)
: base(name, RecordType.Key, recordClass, timeToLive)
{
this.Flags = flags;
this.Protocol = protocol;
this.Algorithm = algorithm;
}
public CertRecord(string name, int timeToLive, CertType type, ushort keyTag, DnsSecAlgorithm algorithm, byte[] certificate)
: base(name, RecordType.Cert, RecordClass.INet, timeToLive)
{
Type = type;
KeyTag = keyTag;
Algorithm = algorithm;
Certificate = certificate ?? new byte[] { };
}
public DnsKeyRecord(string name, RecordClass recordClass, int timeToLive, ushort flags, byte protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: base(name, RecordType.DnsKey, recordClass, timeToLive)
{
Flags = flags;
Protocol = protocol;
Algorithm = algorithm;
PublicKey = publicKey ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the NSec3ParamRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="hashAlgorithm"> Algorithm of hash </param>
/// <param name="flags"> Flags of the record </param>
/// <param name="iterations"> Number of iterations </param>
/// <param name="salt"> Binary data of salt </param>
public NSec3ParamRecord(string name, RecordClass recordClass, int timeToLive, DnsSecAlgorithm hashAlgorithm, byte flags, ushort iterations, byte[] salt)
: base(name, RecordType.NSec3Param, recordClass, timeToLive)
{
HashAlgorithm = hashAlgorithm;
Flags = flags;
Iterations = iterations;
Salt = salt ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the DsRecord class.
/// </summary>
/// <param name="name">Name of the record.</param>
/// <param name="recordClass">Class of the record.</param>
/// <param name="timeToLive">Seconds the record should be cached at most.</param>
/// <param name="keyTag">Key tag.</param>
/// <param name="algorithm">Algorithm used.</param>
/// <param name="digestType">Type of the digest.</param>
/// <param name="digest">Binary data of the digest.</param>
public DsRecord(string name, RecordClass recordClass, int timeToLive, ushort keyTag, DnsSecAlgorithm algorithm, DnsSecDigestType digestType, byte[] digest)
: base(name, RecordType.Ds, recordClass, timeToLive)
{
this.KeyTag = keyTag;
this.Algorithm = algorithm;
this.DigestType = digestType;
this.Digest = digest ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the DlvRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="algorithm"> Algorithm used </param>
/// <param name="digestType"> Type of the digest </param>
/// <param name="digest"> Binary data of the digest </param>
public DlvRecord(DomainName name, RecordClass recordClass, int timeToLive, ushort keyTag, DnsSecAlgorithm algorithm, DnsSecDigestType digestType, byte[] digest)
: base(name, RecordType.Dlv, recordClass, timeToLive)
{
KeyTag = keyTag;
Algorithm = algorithm;
DigestType = digestType;
Digest = digest ?? Array.Empty <byte>();
}
/// <summary>
/// Creates a new instance of the CDsRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="algorithm"> Algorithm used </param>
/// <param name="digestType"> Type of the digest </param>
/// <param name="digest"> Binary data of the digest </param>
public CDsRecord(DomainName name, RecordClass recordClass, int timeToLive, ushort keyTag, DnsSecAlgorithm algorithm, DnsSecDigestType digestType, byte[] digest)
: base(name, RecordType.Ds, recordClass, timeToLive)
{
KeyTag = keyTag;
Algorithm = algorithm;
DigestType = digestType;
Digest = digest ?? new byte[] { };
}
/// <summary>
/// Creates a new instace of the CertRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="type"> Type of the certificate data </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="algorithm"> Algorithm of the certificate </param>
/// <param name="certificate"> Binary data of the certificate </param>
public CertRecord(string name, int timeToLive, CertType type, ushort keyTag, DnsSecAlgorithm algorithm, byte[] certificate)
: base(name, RecordType.Cert, RecordClass.INet, timeToLive)
{
Type = type;
KeyTag = keyTag;
Algorithm = algorithm;
Certificate = certificate ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the CDsRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="algorithm"> Algorithm used </param>
/// <param name="digestType"> Type of the digest </param>
/// <param name="digest"> Binary data of the digest </param>
public CDsRecord(DomainName name, RecordClass recordClass, int timeToLive, ushort keyTag, DnsSecAlgorithm algorithm, DnsSecDigestType digestType, byte[] digest)
: base(name, RecordType.Ds, recordClass, timeToLive)
{
KeyTag = keyTag;
Algorithm = algorithm;
DigestType = digestType;
Digest = digest ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the DnsKeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol field </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
public DnsKeyRecord(string name, RecordClass recordClass, int timeToLive, ushort flags, byte protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: base(name, RecordType.DnsKey, recordClass, timeToLive)
{
Flags = flags;
Protocol = protocol;
Algorithm = algorithm;
PublicKey = publicKey ?? new byte[] { };
}
public NSec3ParamRecord(string name, RecordClass recordClass, int timeToLive, DnsSecAlgorithm hashAlgorithm, byte flags, ushort iterations, byte[] salt)
: base(name, RecordType.NSec3Param, recordClass, timeToLive)
{
HashAlgorithm = hashAlgorithm;
Flags = flags;
Iterations = iterations;
Salt = salt ?? new byte[] { };
}
/// <summary>
/// Creates a new instace of the CertRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="type"> Type of the certificate data </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="algorithm"> Algorithm of the certificate </param>
/// <param name="certificate"> Binary data of the certificate </param>
public CertRecord(DomainName name, int timeToLive, CertType type, ushort keyTag, DnsSecAlgorithm algorithm, byte[] certificate)
: base(name, RecordType.Cert, RecordClass.INet, timeToLive)
{
Type = type;
KeyTag = keyTag;
Algorithm = algorithm;
Certificate = certificate ?? Array.Empty <byte>();
}
/// <summary>
/// Creates a new instance of the DnsKeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol field </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
/// <param name="privateKey"> Binary data of the private key </param>
public CDnsKeyRecord(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, byte[] publicKey, byte[] privateKey)
: base(name, RecordType.CDnsKey, recordClass, timeToLive)
{
Flags = flags;
Protocol = protocol;
Algorithm = algorithm;
PublicKey = publicKey;
PrivateKey = privateKey;
}
/// <summary>
/// Creates a new instance of the SigRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="typeCovered">
/// <see cref="RecordType">Record type</see> that is covered by this record
/// </param>
/// <param name="algorithm">
/// <see cref="DnsSecAlgorithm">Algorithm</see> that is used for signature
/// </param>
/// <param name="labels"> Label count of original record that is covered by this record </param>
/// <param name="originalTimeToLive"> Original time to live value of original record that is covered by this record </param>
/// <param name="signatureExpiration"> Signature is valid until this date </param>
/// <param name="signatureInception"> Signature is valid from this date </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="signersName"> Domain name of generator of the signature </param>
/// <param name="signature"> Binary data of the signature </param>
public SigRecord(DomainName name, RecordClass recordClass, int timeToLive, RecordType typeCovered, DnsSecAlgorithm algorithm, byte labels, int originalTimeToLive, DateTime signatureExpiration, DateTime signatureInception, ushort keyTag, DomainName signersName, byte[] signature)
: base(name, RecordType.Sig, recordClass, timeToLive)
{
TypeCovered = typeCovered;
Algorithm = algorithm;
Labels = labels;
OriginalTimeToLive = originalTimeToLive;
SignatureExpiration = signatureExpiration;
SignatureInception = signatureInception;
KeyTag = keyTag;
SignersName = signersName ?? DomainName.Root;
Signature = signature ?? Array.Empty <byte>();
}
/// <summary>
/// Creates a new instance of the SigRecord class.
/// </summary>
/// <param name="name">Name of the record.</param>
/// <param name="recordClass">Class of the record.</param>
/// <param name="timeToLive">Seconds the record should be cached at most.</param>
/// <param name="typeCovered"><see cref="RecordType">Record type</see> that is covered by this record.</param>
/// <param name="algorithm"><see cref="DnsSecAlgorithm">Algorithm</see> that is used for signature.</param>
/// <param name="labels">Label count of original record that is covered by this record.</param>
/// <param name="originalTimeToLive">Original time to live value of original record that is covered by this record.</param>
/// <param name="signatureExpiration">Signature is valid until this date.</param>
/// <param name="signatureInception">Signature is valid from this date.</param>
/// <param name="keyTag">Key tag.</param>
/// <param name="signersName">Domain name of generator of the signature.</param>
/// <param name="signature">Binary data of the signature.</param>
public SigRecord(string name, RecordClass recordClass, int timeToLive, RecordType typeCovered, DnsSecAlgorithm algorithm, byte labels, int originalTimeToLive, DateTime signatureExpiration, DateTime signatureInception, ushort keyTag, string signersName, byte[] signature)
: base(name, RecordType.Sig, recordClass, timeToLive)
{
this.TypeCovered = typeCovered;
this.Algorithm = algorithm;
this.Labels = labels;
this.OriginalTimeToLive = originalTimeToLive;
this.SignatureExpiration = signatureExpiration;
this.SignatureInception = signatureInception;
this.KeyTag = keyTag;
this.SignersName = signersName ?? String.Empty;
this.Signature = signature ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the SigRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="typeCovered">
/// <see cref="RecordType">Record type</see> that is covered by this record
/// </param>
/// <param name="algorithm">
/// <see cref="DnsSecAlgorithm">Algorithm</see> that is used for signature
/// </param>
/// <param name="labels"> Label count of original record that is covered by this record </param>
/// <param name="originalTimeToLive"> Original time to live value of original record that is covered by this record </param>
/// <param name="signatureExpiration"> Signature is valid until this date </param>
/// <param name="signatureInception"> Signature is valid from this date </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="signersName"> Domain name of generator of the signature </param>
/// <param name="signature"> Binary data of the signature </param>
public SigRecord(string name, RecordClass recordClass, int timeToLive, RecordType typeCovered, DnsSecAlgorithm algorithm, byte labels, int originalTimeToLive, DateTime signatureExpiration, DateTime signatureInception, ushort keyTag, string signersName, byte[] signature)
: base(name, RecordType.Sig, recordClass, timeToLive)
{
TypeCovered = typeCovered;
Algorithm = algorithm;
Labels = labels;
OriginalTimeToLive = originalTimeToLive;
SignatureExpiration = signatureExpiration;
SignatureInception = signatureInception;
KeyTag = keyTag;
SignersName = signersName ?? String.Empty;
Signature = signature ?? new byte[] { };
}
public static bool IsCompatibleWithNSec3(this DnsSecAlgorithm algorithm)
{
switch (algorithm)
{
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
case DnsSecAlgorithm.DsaNsec3Sha1:
case DnsSecAlgorithm.RsaSha256:
case DnsSecAlgorithm.RsaSha512:
case DnsSecAlgorithm.EccGost:
case DnsSecAlgorithm.EcDsaP256Sha256:
case DnsSecAlgorithm.EcDsaP384Sha384:
return(true);
default:
return(false);
}
}
public static void GenerateKeypair(DnsSecAlgorithm algo, out byte[] privateKey, out byte[] publicKey)
{
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair = null;
Org.BouncyCastle.Security.SecureRandom random =
new Org.BouncyCastle.Security.SecureRandom(new Org.BouncyCastle.Crypto.Prng.CryptoApiRandomGenerator());
switch (algo)
{
case DnsSecAlgorithm.RsaMd5:
case DnsSecAlgorithm.RsaSha1:
case DnsSecAlgorithm.RsaSha256:
case DnsSecAlgorithm.RsaSha512:
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
keyPair = GenerateRsaKeyPair(random, 4096);
break;
case DnsSecAlgorithm.DiffieHellman:
keyPair = GenerateDiffieHellmanKeyPair(random, 256);
break;
case DnsSecAlgorithm.Dsa:
case DnsSecAlgorithm.DsaNsec3Sha1:
keyPair = GenerateDsaKeyPair(random, 1024); // size must be from 512 - 1024 and a multiple of 64
break;
case DnsSecAlgorithm.EcDsaP256Sha256:
case DnsSecAlgorithm.EcDsaP384Sha384:
keyPair = GenerateEcdsaKeyPair(random); // TODO: Pass curve
break;
case DnsSecAlgorithm.EccGost:
keyPair = GenerateGost3410KeyPair(random, 512); // 512 or 1024
break;
case DnsSecAlgorithm.Indirect:
case DnsSecAlgorithm.PrivateDns:
case DnsSecAlgorithm.PrivateOid:
throw new System.NotImplementedException("Indirect | PrivateDns | PrivateOid");
}
publicKey = Org.BouncyCastle.X509.SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public).GetEncoded();
privateKey = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(keyPair.Private).GetEncoded();
}
/// <summary>
/// Creates of new instance of the NSec3Record class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="hashAlgorithm"> Algorithm of hash </param>
/// <param name="flags"> Flags of the record </param>
/// <param name="iterations"> Number of iterations </param>
/// <param name="salt"> Binary data of salt </param>
/// <param name="nextHashedOwnerName"> Binary data of hash of next owner </param>
/// <param name="types"> Types of next owner </param>
public NSec3Record(string name, RecordClass recordClass, int timeToLive, DnsSecAlgorithm hashAlgorithm, byte flags, ushort iterations, byte[] salt, byte[] nextHashedOwnerName, List <RecordType> types)
: base(name, RecordType.NSec3, recordClass, timeToLive)
{
HashAlgorithm = hashAlgorithm;
Flags = flags;
Iterations = iterations;
Salt = salt ?? new byte[] { };
NextHashedOwnerName = nextHashedOwnerName ?? new byte[] { };
if ((types == null) || (types.Count == 0))
{
Types = new List <RecordType>();
}
else
{
Types = new List <RecordType>(types);
types.Sort((left, right) => ((ushort)left).CompareTo((ushort)right));
}
}
/// <summary>
/// Creates of new instance of the NSec3Record class.
/// </summary>
/// <param name="name">Name of the record.</param>
/// <param name="recordClass">Class of the record.</param>
/// <param name="timeToLive">Seconds the record should be cached at most.</param>
/// <param name="hashAlgorithm">Algorithm of hash.</param>
/// <param name="flags">Flags of the record.</param>
/// <param name="iterations">Number of iterations.</param>
/// <param name="salt">Binary data of salt.</param>
/// <param name="nextHashedOwnerName">Binary data of hash of next owner.</param>
/// <param name="types">Types of next owner.</param>
public NSec3Record(string name, RecordClass recordClass, int timeToLive, DnsSecAlgorithm hashAlgorithm, byte flags, ushort iterations, byte[] salt, byte[] nextHashedOwnerName, List<RecordType> types)
: base(name, RecordType.NSec3, recordClass, timeToLive)
{
this.HashAlgorithm = hashAlgorithm;
this.Flags = flags;
this.Iterations = iterations;
this.Salt = salt ?? new byte[] { };
this.NextHashedOwnerName = nextHashedOwnerName ?? new byte[] { };
if ((types == null) || (types.Count == 0))
{
this.Types = new List<RecordType>();
}
else
{
this.Types = new List<RecordType>(types);
types.Sort((left, right) => ((ushort) left).CompareTo((ushort) right));
}
}
/// <summary>
/// Creates of new instance of the KeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol for which the key is used </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
public KeyRecord(DomainName name, RecordClass recordClass, int timeToLive, ushort flags, ProtocolType protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: base(name, recordClass, timeToLive, flags, protocol, algorithm)
{
PublicKey = publicKey ?? Array.Empty <byte>();
}
/// <summary>
/// Creates of new instance of the KeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol for which the key is used </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
public KeyRecord(string name, RecordClass recordClass, int timeToLive, ushort flags, ProtocolType protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: base(name, recordClass, timeToLive, flags, protocol, algorithm)
{
PublicKey = publicKey ?? new byte[] { };
}
/// <summary>
/// Creates of new instance of the KeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol for which the key is used </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
public KeyRecord(string name, RecordClass recordClass, int timeToLive, ushort flags, ProtocolType protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: base(name, recordClass, timeToLive, flags, protocol, algorithm)
{
PublicKey = publicKey ?? new byte[] { };
}
/// <summary>
/// Creates a new instance of the SigRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="typeCovered">
/// <see cref="RecordType">Record type</see> that is covered by this record
/// </param>
/// <param name="algorithm">
/// <see cref="DnsSecAlgorithm">Algorithm</see> that is used for signature
/// </param>
/// <param name="labels"> Label count of original record that is covered by this record </param>
/// <param name="originalTimeToLive"> Original time to live value of original record that is covered by this record </param>
/// <param name="signatureExpiration"> Signature is valid until this date </param>
/// <param name="signatureInception"> Signature is valid from this date </param>
/// <param name="keyTag"> Key tag </param>
/// <param name="signersName"> Domain name of generator of the signature </param>
/// <param name="signature"> Binary data of the signature </param>
public SigRecord(DomainName name, RecordClass recordClass, int timeToLive, RecordType typeCovered, DnsSecAlgorithm algorithm, byte labels, int originalTimeToLive, DateTime signatureExpiration, DateTime signatureInception, ushort keyTag, DomainName signersName, byte[] signature)
: base(name, RecordType.Sig, recordClass, timeToLive)
{
TypeCovered = typeCovered;
Algorithm = algorithm;
Labels = labels;
OriginalTimeToLive = originalTimeToLive;
SignatureExpiration = signatureExpiration;
SignatureInception = signatureInception;
KeyTag = keyTag;
SignersName = signersName ?? DomainName.Root;
Signature = signature ?? new byte[] { };
}
protected KeyRecordBase(DomainName name, RecordClass recordClass, int timeToLive, ushort flags, ProtocolType protocol, DnsSecAlgorithm algorithm)
: base(name, RecordType.Key, recordClass, timeToLive)
{
Flags = flags;
Protocol = protocol;
Algorithm = algorithm;
}
/// <summary>
/// Creates a new signing key pair
/// </summary>
/// <param name="name">The name of the key or zone</param>
/// <param name="recordClass">The record class of the DnsKeyRecord</param>
/// <param name="timeToLive">The TTL in seconds to the DnsKeyRecord</param>
/// <param name="flags">The Flags of the DnsKeyRecord</param>
/// <param name="protocol">The protocol version</param>
/// <param name="algorithm">The key algorithm</param>
/// <param name="keyStrength">The key strength or 0 for default strength</param>
/// <returns></returns>
public static KeyPairRecord CreateSigningKey(DnsSecAlgorithm algorithm, DnsKeyFlags flags, int keyStrength = 0)
{
// Found in DnsKeyRecord.CreateSigningKey
KeyPairRecord rec = new KeyPairRecord();
rec.Flags = flags;
rec.Algorithm = algorithm;
Org.BouncyCastle.Security.SecureRandom _secureRandom =
new Org.BouncyCastle.Security.SecureRandom(new Org.BouncyCastle.Crypto.Prng.CryptoApiRandomGenerator());
// https://csharp.hotexamples.com/examples/Org.BouncyCastle.Crypto.Generators/DsaKeyPairGenerator/GenerateKeyPair/php-dsakeypairgenerator-generatekeypair-method-examples.html
switch (algorithm)
{
case DnsSecAlgorithm.RsaSha1:
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
case DnsSecAlgorithm.RsaSha256:
case DnsSecAlgorithm.RsaSha512:
if (keyStrength == 0)
{
keyStrength = (flags == (DnsKeyFlags.Zone | DnsKeyFlags.SecureEntryPoint)) ? 2048 : 1024;
}
Org.BouncyCastle.Crypto.Generators.RsaKeyPairGenerator rsaKeyGen = new Org.BouncyCastle.Crypto.Generators.RsaKeyPairGenerator();
rsaKeyGen.Init(new Org.BouncyCastle.Crypto.KeyGenerationParameters(_secureRandom, keyStrength));
var rsaKey = rsaKeyGen.GenerateKeyPair();
rec.KeyPair = rsaKey;
rec.PrivateKey = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKey.Private).GetDerEncoded();
var rsaPublicKey = (Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters)rsaKey.Public;
var rsaExponent = rsaPublicKey.Exponent.ToByteArrayUnsigned();
var rsaModulus = rsaPublicKey.Modulus.ToByteArrayUnsigned();
int offset = 1;
if (rsaExponent.Length > 255)
{
rec.PublicKey = new byte[3 + rsaExponent.Length + rsaModulus.Length];
EncodeUShort(rec.PublicKey, ref offset, (ushort)rec.PublicKey.Length);
}
else
{
rec.PublicKey = new byte[1 + rsaExponent.Length + rsaModulus.Length];
rec.PublicKey[0] = (byte)rsaExponent.Length;
}
EncodeByteArray(rec.PublicKey, ref offset, rsaExponent);
EncodeByteArray(rec.PublicKey, ref offset, rsaModulus);
break;
case DnsSecAlgorithm.Dsa:
case DnsSecAlgorithm.DsaNsec3Sha1:
if (keyStrength == 0)
{
keyStrength = 1024;
}
Org.BouncyCastle.Crypto.Generators.DsaParametersGenerator dsaParamsGen = new Org.BouncyCastle.Crypto.Generators.DsaParametersGenerator();
dsaParamsGen.Init(keyStrength, 12, _secureRandom);
Org.BouncyCastle.Crypto.Generators.DsaKeyPairGenerator dsaKeyGen = new Org.BouncyCastle.Crypto.Generators.DsaKeyPairGenerator();
dsaKeyGen.Init(new Org.BouncyCastle.Crypto.Parameters.DsaKeyGenerationParameters(_secureRandom, dsaParamsGen.GenerateParameters()));
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair dsaKey = dsaKeyGen.GenerateKeyPair();
rec.KeyPair = dsaKey;
rec.PrivateKey = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaKey.Private).GetDerEncoded();
var dsaPublicKey = (Org.BouncyCastle.Crypto.Parameters.DsaPublicKeyParameters)dsaKey.Public;
byte[] dsaY = dsaPublicKey.Y.ToByteArrayUnsigned();
byte[] dsaP = dsaPublicKey.Parameters.P.ToByteArrayUnsigned();
byte[] dsaQ = dsaPublicKey.Parameters.Q.ToByteArrayUnsigned();
byte[] dsaG = dsaPublicKey.Parameters.G.ToByteArrayUnsigned();
byte dsaT = (byte)((dsaY.Length - 64) / 8);
rec.PublicKey = new byte[21 + 3 * dsaY.Length];
rec.PublicKey[0] = dsaT;
dsaQ.CopyTo(rec.PublicKey, 1);
dsaP.CopyTo(rec.PublicKey, 21);
dsaG.CopyTo(rec.PublicKey, 21 + dsaY.Length);
dsaY.CopyTo(rec.PublicKey, 21 + 2 * dsaY.Length);
break;
case DnsSecAlgorithm.EccGost:
Org.BouncyCastle.Crypto.Parameters.ECDomainParameters gostEcDomainParameters = Org.BouncyCastle.Asn1.CryptoPro.ECGost3410NamedCurves.GetByOid(Org.BouncyCastle.Asn1.CryptoPro.CryptoProObjectIdentifiers.GostR3410x2001CryptoProA);
var gostKeyGen = new Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator();
gostKeyGen.Init(new Org.BouncyCastle.Crypto.Parameters.ECKeyGenerationParameters(gostEcDomainParameters, _secureRandom));
var gostKey = gostKeyGen.GenerateKeyPair();
rec.KeyPair = gostKey;
rec.PrivateKey = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(gostKey.Private).GetDerEncoded();
var gostPublicKey = (Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters)gostKey.Public;
rec.PublicKey = new byte[64];
// gostPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 32);
gostPublicKey.Q.AffineXCoord.ToBigInteger().ToByteArrayUnsigned().CopyTo(rec.PublicKey, 32);
// gostPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
gostPublicKey.Q.AffineYCoord.ToBigInteger().ToByteArrayUnsigned().CopyTo(rec.PublicKey, 0);
System.Array.Reverse(rec.PublicKey);
break;
case DnsSecAlgorithm.EcDsaP256Sha256:
case DnsSecAlgorithm.EcDsaP384Sha384:
int ecDsaDigestSize;
Org.BouncyCastle.Asn1.X9.X9ECParameters ecDsaCurveParameter;
if (algorithm == DnsSecAlgorithm.EcDsaP256Sha256)
{
ecDsaDigestSize = new Org.BouncyCastle.Crypto.Digests.Sha256Digest().GetDigestSize();
ecDsaCurveParameter = Org.BouncyCastle.Asn1.Nist.NistNamedCurves.GetByOid(Org.BouncyCastle.Asn1.Sec.SecObjectIdentifiers.SecP256r1);
}
else
{
ecDsaDigestSize = new Org.BouncyCastle.Crypto.Digests.Sha384Digest().GetDigestSize();
ecDsaCurveParameter = Org.BouncyCastle.Asn1.Nist.NistNamedCurves.GetByOid(Org.BouncyCastle.Asn1.Sec.SecObjectIdentifiers.SecP384r1);
}
Org.BouncyCastle.Crypto.Parameters.ECDomainParameters ecDsaP384EcDomainParameters = new Org.BouncyCastle.Crypto.Parameters.ECDomainParameters(
ecDsaCurveParameter.Curve,
ecDsaCurveParameter.G,
ecDsaCurveParameter.N,
ecDsaCurveParameter.H,
ecDsaCurveParameter.GetSeed());
var ecDsaKeyGen = new Org.BouncyCastle.Crypto.Generators.ECKeyPairGenerator();
ecDsaKeyGen.Init(new Org.BouncyCastle.Crypto.Parameters.ECKeyGenerationParameters(ecDsaP384EcDomainParameters, _secureRandom));
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair ecDsaKey = ecDsaKeyGen.GenerateKeyPair();
rec.KeyPair = ecDsaKey;
rec.PrivateKey = Org.BouncyCastle.Pkcs.PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecDsaKey.Private).GetDerEncoded();
var ecDsaPublicKey = (Org.BouncyCastle.Crypto.Parameters.ECPublicKeyParameters)ecDsaKey.Public;
rec.PublicKey = new byte[ecDsaDigestSize * 2];
// ecDsaPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
ecDsaPublicKey.Q.AffineXCoord.ToBigInteger().ToByteArrayUnsigned().CopyTo(rec.PublicKey, 0);
// ecDsaPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, ecDsaDigestSize);
ecDsaPublicKey.Q.AffineYCoord.ToBigInteger().ToByteArrayUnsigned().CopyTo(rec.PublicKey, ecDsaDigestSize);
break;
default:
throw new System.NotSupportedException();
}
// return new DnsKeyRecord(name, recordClass, timeToLive, flags, protocol, algorithm, rec.PublicKey, rec.PrivateKey);
return(rec);
}
/// <summary>
/// Creates a new instance of the DnsKeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol field </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
/// <param name="privateKey"> Binary data of the private key </param>
public DnsKeyRecord(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, byte[] publicKey, byte[] privateKey)
: base(name, RecordType.DnsKey, recordClass, timeToLive)
{
Flags = flags;
Protocol = protocol;
Algorithm = algorithm;
PublicKey = publicKey;
PrivateKey = privateKey;
}
/// <summary>
/// Creates a new signing key pair
/// </summary>
/// <param name="name">The name of the key or zone</param>
/// <param name="recordClass">The record class of the DnsKeyRecord</param>
/// <param name="timeToLive">The TTL in seconds to the DnsKeyRecord</param>
/// <param name="flags">The Flags of the DnsKeyRecord</param>
/// <param name="protocol">The protocol version</param>
/// <param name="algorithm">The key algorithm</param>
/// <param name="keyStrength">The key strength or 0 for default strength</param>
/// <returns></returns>
public static DnsKeyRecord CreateSigningKey(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, int keyStrength = 0)
{
byte[] privateKey;
byte[] publicKey;
switch (algorithm)
{
case DnsSecAlgorithm.RsaSha1:
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
case DnsSecAlgorithm.RsaSha256:
case DnsSecAlgorithm.RsaSha512:
if (keyStrength == 0)
keyStrength = (flags == (DnsKeyFlags.Zone | DnsKeyFlags.SecureEntryPoint)) ? 2048 : 1024;
RsaKeyPairGenerator rsaKeyGen = new RsaKeyPairGenerator();
rsaKeyGen.Init(new KeyGenerationParameters(_secureRandom, keyStrength));
var rsaKey = rsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKey.Private).GetDerEncoded();
var rsaPublicKey = (RsaKeyParameters) rsaKey.Public;
var rsaExponent = rsaPublicKey.Exponent.ToByteArrayUnsigned();
var rsaModulus = rsaPublicKey.Modulus.ToByteArrayUnsigned();
int offset = 1;
if (rsaExponent.Length > 255)
{
publicKey = new byte[3 + rsaExponent.Length + rsaModulus.Length];
DnsMessageBase.EncodeUShort(publicKey, ref offset, (ushort) publicKey.Length);
}
else
{
publicKey = new byte[1 + rsaExponent.Length + rsaModulus.Length];
publicKey[0] = (byte) rsaExponent.Length;
}
DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaExponent);
DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaModulus);
break;
case DnsSecAlgorithm.Dsa:
case DnsSecAlgorithm.DsaNsec3Sha1:
if (keyStrength == 0)
keyStrength = 1024;
DsaParametersGenerator dsaParamsGen = new DsaParametersGenerator();
dsaParamsGen.Init(keyStrength, 12, _secureRandom);
DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator();
dsaKeyGen.Init(new DsaKeyGenerationParameters(_secureRandom, dsaParamsGen.GenerateParameters()));
var dsaKey = dsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaKey.Private).GetDerEncoded();
var dsaPublicKey = (DsaPublicKeyParameters) dsaKey.Public;
var dsaY = dsaPublicKey.Y.ToByteArrayUnsigned();
var dsaP = dsaPublicKey.Parameters.P.ToByteArrayUnsigned();
var dsaQ = dsaPublicKey.Parameters.Q.ToByteArrayUnsigned();
var dsaG = dsaPublicKey.Parameters.G.ToByteArrayUnsigned();
var dsaT = (byte) ((dsaY.Length - 64) / 8);
publicKey = new byte[21 + 3 * dsaY.Length];
publicKey[0] = dsaT;
dsaQ.CopyTo(publicKey, 1);
dsaP.CopyTo(publicKey, 21);
dsaG.CopyTo(publicKey, 21 + dsaY.Length);
dsaY.CopyTo(publicKey, 21 + 2 * dsaY.Length);
break;
case DnsSecAlgorithm.EccGost:
ECDomainParameters gostEcDomainParameters = ECGost3410NamedCurves.GetByOid(CryptoProObjectIdentifiers.GostR3410x2001CryptoProA);
var gostKeyGen = new ECKeyPairGenerator();
gostKeyGen.Init(new ECKeyGenerationParameters(gostEcDomainParameters, _secureRandom));
var gostKey = gostKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(gostKey.Private).GetDerEncoded();
var gostPublicKey = (ECPublicKeyParameters) gostKey.Public;
publicKey = new byte[64];
gostPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 32);
gostPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
publicKey = publicKey.Reverse().ToArray();
break;
case DnsSecAlgorithm.EcDsaP256Sha256:
case DnsSecAlgorithm.EcDsaP384Sha384:
int ecDsaDigestSize;
X9ECParameters ecDsaCurveParameter;
if (algorithm == DnsSecAlgorithm.EcDsaP256Sha256)
{
ecDsaDigestSize = new Sha256Digest().GetDigestSize();
ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP256r1);
}
else
{
ecDsaDigestSize = new Sha384Digest().GetDigestSize();
ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP384r1);
}
ECDomainParameters ecDsaP384EcDomainParameters = new ECDomainParameters(
ecDsaCurveParameter.Curve,
ecDsaCurveParameter.G,
ecDsaCurveParameter.N,
ecDsaCurveParameter.H,
ecDsaCurveParameter.GetSeed());
var ecDsaKeyGen = new ECKeyPairGenerator();
ecDsaKeyGen.Init(new ECKeyGenerationParameters(ecDsaP384EcDomainParameters, _secureRandom));
var ecDsaKey = ecDsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecDsaKey.Private).GetDerEncoded();
var ecDsaPublicKey = (ECPublicKeyParameters) ecDsaKey.Public;
publicKey = new byte[ecDsaDigestSize * 2];
ecDsaPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
ecDsaPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, ecDsaDigestSize);
break;
default:
throw new NotSupportedException();
}
return new DnsKeyRecord(name, recordClass, timeToLive, flags, protocol, algorithm, publicKey, privateKey);
}
/// <summary>
/// Creates a new signing key pair
/// </summary>
/// <param name="name">The name of the key or zone</param>
/// <param name="recordClass">The record class of the DnsKeyRecord</param>
/// <param name="timeToLive">The TTL in seconds to the DnsKeyRecord</param>
/// <param name="flags">The Flags of the DnsKeyRecord</param>
/// <param name="protocol">The protocol version</param>
/// <param name="algorithm">The key algorithm</param>
/// <param name="keyStrength">The key strength or 0 for default strength</param>
/// <returns></returns>
public static DnsKeyRecord CreateSigningKey(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, int keyStrength = 0)
{
byte[] privateKey;
byte[] publicKey;
switch (algorithm)
{
case DnsSecAlgorithm.RsaSha1:
case DnsSecAlgorithm.RsaSha1Nsec3Sha1:
case DnsSecAlgorithm.RsaSha256:
case DnsSecAlgorithm.RsaSha512:
if (keyStrength == 0)
{
keyStrength = (flags == (DnsKeyFlags.Zone | DnsKeyFlags.SecureEntryPoint)) ? 2048 : 1024;
}
RsaKeyPairGenerator rsaKeyGen = new RsaKeyPairGenerator();
rsaKeyGen.Init(new KeyGenerationParameters(_secureRandom, keyStrength));
var rsaKey = rsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(rsaKey.Private).GetDerEncoded();
var rsaPublicKey = (RsaKeyParameters)rsaKey.Public;
var rsaExponent = rsaPublicKey.Exponent.ToByteArrayUnsigned();
var rsaModulus = rsaPublicKey.Modulus.ToByteArrayUnsigned();
int offset = 1;
if (rsaExponent.Length > 255)
{
publicKey = new byte[3 + rsaExponent.Length + rsaModulus.Length];
DnsMessageBase.EncodeUShort(publicKey, ref offset, (ushort)publicKey.Length);
}
else
{
publicKey = new byte[1 + rsaExponent.Length + rsaModulus.Length];
publicKey[0] = (byte)rsaExponent.Length;
}
DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaExponent);
DnsMessageBase.EncodeByteArray(publicKey, ref offset, rsaModulus);
break;
case DnsSecAlgorithm.Dsa:
case DnsSecAlgorithm.DsaNsec3Sha1:
if (keyStrength == 0)
{
keyStrength = 1024;
}
DsaParametersGenerator dsaParamsGen = new DsaParametersGenerator();
dsaParamsGen.Init(keyStrength, 12, _secureRandom);
DsaKeyPairGenerator dsaKeyGen = new DsaKeyPairGenerator();
dsaKeyGen.Init(new DsaKeyGenerationParameters(_secureRandom, dsaParamsGen.GenerateParameters()));
var dsaKey = dsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(dsaKey.Private).GetDerEncoded();
var dsaPublicKey = (DsaPublicKeyParameters)dsaKey.Public;
var dsaY = dsaPublicKey.Y.ToByteArrayUnsigned();
var dsaP = dsaPublicKey.Parameters.P.ToByteArrayUnsigned();
var dsaQ = dsaPublicKey.Parameters.Q.ToByteArrayUnsigned();
var dsaG = dsaPublicKey.Parameters.G.ToByteArrayUnsigned();
var dsaT = (byte)((dsaY.Length - 64) / 8);
publicKey = new byte[21 + 3 * dsaY.Length];
publicKey[0] = dsaT;
dsaQ.CopyTo(publicKey, 1);
dsaP.CopyTo(publicKey, 21);
dsaG.CopyTo(publicKey, 21 + dsaY.Length);
dsaY.CopyTo(publicKey, 21 + 2 * dsaY.Length);
break;
case DnsSecAlgorithm.EccGost:
ECDomainParameters gostEcDomainParameters = ECGost3410NamedCurves.GetByOid(CryptoProObjectIdentifiers.GostR3410x2001CryptoProA);
var gostKeyGen = new ECKeyPairGenerator();
gostKeyGen.Init(new ECKeyGenerationParameters(gostEcDomainParameters, _secureRandom));
var gostKey = gostKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(gostKey.Private).GetDerEncoded();
var gostPublicKey = (ECPublicKeyParameters)gostKey.Public;
publicKey = new byte[64];
gostPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 32);
gostPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
publicKey = publicKey.Reverse().ToArray();
break;
case DnsSecAlgorithm.EcDsaP256Sha256:
case DnsSecAlgorithm.EcDsaP384Sha384:
int ecDsaDigestSize;
X9ECParameters ecDsaCurveParameter;
if (algorithm == DnsSecAlgorithm.EcDsaP256Sha256)
{
ecDsaDigestSize = new Sha256Digest().GetDigestSize();
ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP256r1);
}
else
{
ecDsaDigestSize = new Sha384Digest().GetDigestSize();
ecDsaCurveParameter = NistNamedCurves.GetByOid(SecObjectIdentifiers.SecP384r1);
}
ECDomainParameters ecDsaP384EcDomainParameters = new ECDomainParameters(
ecDsaCurveParameter.Curve,
ecDsaCurveParameter.G,
ecDsaCurveParameter.N,
ecDsaCurveParameter.H,
ecDsaCurveParameter.GetSeed());
var ecDsaKeyGen = new ECKeyPairGenerator();
ecDsaKeyGen.Init(new ECKeyGenerationParameters(ecDsaP384EcDomainParameters, _secureRandom));
var ecDsaKey = ecDsaKeyGen.GenerateKeyPair();
privateKey = PrivateKeyInfoFactory.CreatePrivateKeyInfo(ecDsaKey.Private).GetDerEncoded();
var ecDsaPublicKey = (ECPublicKeyParameters)ecDsaKey.Public;
publicKey = new byte[ecDsaDigestSize * 2];
ecDsaPublicKey.Q.X.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, 0);
ecDsaPublicKey.Q.Y.ToBigInteger().ToByteArrayUnsigned().CopyTo(publicKey, ecDsaDigestSize);
break;
default:
throw new NotSupportedException();
}
return(new DnsKeyRecord(name, recordClass, timeToLive, flags, protocol, algorithm, publicKey, privateKey));
}
/// <summary>
/// Creates a new instance of the DnsKeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol field </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
public CDnsKeyRecord(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: this(name, recordClass, timeToLive, flags, protocol, algorithm, publicKey, null)
{
}
/// <summary>
/// Creates a new instance of the DnsKeyRecord class
/// </summary>
/// <param name="name"> Name of the record </param>
/// <param name="recordClass"> Class of the record </param>
/// <param name="timeToLive"> Seconds the record should be cached at most </param>
/// <param name="flags"> Flags of the key </param>
/// <param name="protocol"> Protocol field </param>
/// <param name="algorithm"> Algorithm of the key </param>
/// <param name="publicKey"> Binary data of the public key </param>
public DnsKeyRecord(DomainName name, RecordClass recordClass, int timeToLive, DnsKeyFlags flags, byte protocol, DnsSecAlgorithm algorithm, byte[] publicKey)
: this(name, recordClass, timeToLive, flags, protocol, algorithm, publicKey, null) {}
