add constants for TSIG algorithms

author: Bob Halley <halley@nominum.com> 2010-10-17 16:14:13 +0100
committer: Bob Halley <halley@nominum.com> 2010-10-17 16:14:13 +0100
commit: 8e222ad86c4aea7adb4c165953852fccb5e939ba (patch)
tree: bec9f15ec9fabbe7ce5cf48593a9af7508e0ad3f
parent: d0c486c1c4de8e30d87290c070bfe071563e3311 (diff)
download: dnspython-8e222ad86c4aea7adb4c165953852fccb5e939ba.tar.gz
4 files changed, 34 insertions, 13 deletions
diff --git a/ChangeLog b/ChangeLog
index ad226d3..7ddecae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,9 @@
-2010-10-17  Bob Halley  <halley@dnspython.org>
+2010-10-17  Robert Halley  <halley@nominum.com>
+
+	* dns/tsig.py: Added symbolic constants for the algorithm strings.
+	  E.g. you can now say dns.tsig.HMAC_MD5 instead of
+	  "HMAC-MD5.SIG-ALG.REG.INT".  Thanks to Cillian Sharkey for
+	  suggesting this improvement.
 
 	* dns/tsig.py (get_algorithm): fix hashlib compatibility; thanks to
 	  Kevin Chen for the patch.
diff --git a/dns/message.py b/dns/message.py
index a97c4cf..4284f0d 100644
--- a/dns/message.py
+++ b/dns/message.py
@@ -93,8 +93,11 @@ class Message(object):
     @type keyring: dict
     @ivar keyname: The TSIG keyname to use.  The default is None.
     @type keyname: dns.name.Name object
-    @ivar keyalgorithm: The TSIG key algorithm to use.  The default is
-    dns.tsig.default_algorithm.
+    @ivar keyalgorithm: The TSIG algorithm to use; defaults to
+    dns.tsig.default_algorithm.  Constants for TSIG algorithms are defined
+    in dns.tsig, and the currently implemented algorithms are
+    HMAC_MD5, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, and
+    HMAC_SHA512.
     @type keyalgorithm: string
     @ivar request_mac: The TSIG MAC of the request message associated with
     this message; used when validating TSIG signatures.   @see: RFC 2845 for
diff --git a/dns/tsig.py b/dns/tsig.py
index e6f2e91..7d4c3e0 100644
--- a/dns/tsig.py
+++ b/dns/tsig.py
@@ -50,7 +50,16 @@ class PeerBadTruncation(PeerError):
     """Raised if the peer didn't like amount of truncation in the TSIG we sent"""
     pass
 
-default_algorithm = "HMAC-MD5.SIG-ALG.REG.INT"
+# TSIG Algorithms
+
+HMAC_MD5 = "HMAC-MD5.SIG-ALG.REG.INT"
+HMAC_SHA1 = "hmac-sha1"
+HMAC_SHA224 = "hmac-sha224"
+HMAC_SHA256 = "hmac-sha256"
+HMAC_SHA384 = "hmac-sha384"
+HMAC_SHA512 = "hmac-sha512"
+
+default_algorithm = HMAC_MD5
 
 BADSIG = 16
 BADKEY = 17
@@ -178,12 +187,12 @@ def get_algorithm(algorithm):
     hashes = {}
     try:
         import hashlib
-        hashes[dns.name.from_text('hmac-sha224')] = hashlib.sha224
-        hashes[dns.name.from_text('hmac-sha256')] = hashlib.sha256
-        hashes[dns.name.from_text('hmac-sha384')] = hashlib.sha384
-        hashes[dns.name.from_text('hmac-sha512')] = hashlib.sha512
-        hashes[dns.name.from_text('hmac-sha1')] = hashlib.sha1
-        hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] = hashlib.md5
+        hashes[dns.name.from_text(HMAC_SHA224)] = hashlib.sha224
+        hashes[dns.name.from_text(HMAC_SHA256)] = hashlib.sha256
+        hashes[dns.name.from_text(HMAC_SHA384)] = hashlib.sha384
+        hashes[dns.name.from_text(HMAC_SHA512)] = hashlib.sha512
+        hashes[dns.name.from_text(HMAC_SHA1)] = hashlib.sha1
+        hashes[dns.name.from_text(HMAC_MD5)] = hashlib.md5
 
         import sys
         if sys.hexversion < 0x02050000:
@@ -203,8 +212,8 @@ def get_algorithm(algorithm):
 
     except ImportError:
         import md5, sha
-        hashes[dns.name.from_text('HMAC-MD5.SIG-ALG.REG.INT')] =  md5
-        hashes[dns.name.from_text('hmac-sha1')] = sha
+        hashes[dns.name.from_text(HMAC_MD5)] =  md5
+        hashes[dns.name.from_text(HMAC_SHA1)] = sha
 
     if isinstance(algorithm, (str, unicode)):
         algorithm = dns.name.from_text(algorithm)
diff --git a/dns/update.py b/dns/update.py
index 97aea18..4c1ed62 100644
--- a/dns/update.py
+++ b/dns/update.py
@@ -21,6 +21,7 @@ import dns.opcode
 import dns.rdata
 import dns.rdataclass
 import dns.rdataset
+import dns.tsig
 
 class Update(dns.message.Message):
     def __init__(self, zone, rdclass=dns.rdataclass.IN, keyring=None,
@@ -42,7 +43,10 @@ class Update(dns.message.Message):
         they know the keyring contains only one key.
         @type keyname: dns.name.Name or string
         @param keyalgorithm: The TSIG algorithm to use; defaults to
-        dns.tsig.default_algorithm
+        dns.tsig.default_algorithm.  Constants for TSIG algorithms are defined
+        in dns.tsig, and the currently implemented algorithms are
+        HMAC_MD5, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, and
+        HMAC_SHA512.
         @type keyalgorithm: string
         """
         super(Update, self).__init__()
author	Bob Halley <halley@nominum.com>	2010-10-17 16:14:13 +0100
committer	Bob Halley <halley@nominum.com>	2010-10-17 16:14:13 +0100
commit	8e222ad86c4aea7adb4c165953852fccb5e939ba (patch)
tree	bec9f15ec9fabbe7ce5cf48593a9af7508e0ad3f
parent	d0c486c1c4de8e30d87290c070bfe071563e3311 (diff)
download	dnspython-8e222ad86c4aea7adb4c165953852fccb5e939ba.tar.gz