1 /***************************** -*- Java -*- ********************************\
3 * Copyright (c) 2009 VeriSign, Inc. All rights reserved. *
5 * This software is provided solely in connection with the terms of the *
6 * license agreement. Any other use without the prior express written *
7 * permission of VeriSign is completely prohibited. The software and *
8 * documentation are "Commercial Items", as that term is defined in 48 *
9 * C.F.R. section 2.101, consisting of "Commercial Computer Software" and *
10 * "Commercial Computer Software Documentation" as such terms are defined *
11 * in 48 C.F.R. section 252.227-7014(a)(5) and 48 C.F.R. section *
12 * 252.227-7014(a)(1), and used in 48 C.F.R. section 12.212 and 48 C.F.R. *
13 * section 227.7202, as applicable. Pursuant to the above and other *
14 * relevant sections of the Code of Federal Regulations, as applicable, *
15 * VeriSign's publications, commercial computer software, and commercial *
16 * computer software documentation are distributed and licensed to United *
17 * States Government end users with only those rights as granted to all *
18 * other end users, according to the terms and conditions contained in the *
19 * license agreement(s) that accompany the products and software *
22 \***************************************************************************/
24 package com.verisign.tat.dnssec;
26 import org.xbill.DNS.*;
33 public class TrustAnchorStore {
34 private Map<String, SRRset> mMap;
36 public TrustAnchorStore() {
40 private String key(Name n, int dclass) {
41 return "T" + dclass + "/" + Util.nameToString(n);
44 public void store(SRRset rrset) {
46 mMap = new HashMap<String, SRRset>();
49 String k = key(rrset.getName(), rrset.getDClass());
50 rrset.setSecurityStatus(SecurityStatus.SECURE);
55 private SRRset lookup(String key) {
63 public SRRset find(Name n, int dclass) {
68 while (n.labels() > 0) {
69 String k = key(n, dclass);
82 public boolean isBelowTrustAnchor(Name n, int dclass) {
83 return find(n, dclass) != null;
86 public List<String> listTrustAnchors() {
87 List<String> res = new ArrayList<String>();
89 for (Map.Entry<String, SRRset> entry : mMap.entrySet()) {
90 for (Iterator<Record> i = entry.getValue().rrs(); i.hasNext();) {
91 DNSKEYRecord r = (DNSKEYRecord) i.next();
92 String key_desc = r.getName().toString() + "/"
93 + DNSSEC.Algorithm.string(r.getAlgorithm()) + "/"