Package com.mimecast.robin.mx.dane

Class DaneRecord

java.lang.Object

com.mimecast.robin.mx.dane.DaneRecord

public class DaneRecord
extends Object

Represents a DANE TLSA record for SMTP.

TLSA records provide certificate association data for TLS authentication.

Format: _port._protocol.hostname IN TLSA usage selector matching data

See Also:

• RFC 6698 - DANE
• RFC 7672 - DANE for SMTP

Field Summary

Fields

Modifier and Type	Field	Description
private final String	certificateData
private final String	hostname
private final int	matchingType
private final int	selector
private final String	tlsaRecord
private final int	usage

Constructor Summary

Constructors

Constructor	Description
DaneRecord(String hostname, int usage, int selector, int matchingType, String certificateData, String tlsaRecord)	Constructor.

Method Summary

Modifier and Type	Method	Description
String	getCertificateData()	Get the certificate association data (hex string).
String	getHostname()	Get the hostname this TLSA record applies to.
int	getMatchingType()	Get the matching type field.
String	getMatchingTypeDescription()	Get human-readable matching type description.
int	getSelector()	Get the selector field.
String	getSelectorDescription()	Get human-readable selector description.
String	getTlsaRecord()	Get the full TLSA record string.
int	getUsage()	Get the certificate usage field.
String	getUsageDescription()	Get human-readable usage description.
String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Details

hostname

private final String hostname

usage

private final int usage

selector

private final int selector

matchingType

private final int matchingType

certificateData

private final String certificateData

tlsaRecord

private final String tlsaRecord

Constructor Details

DaneRecord

public DaneRecord(String hostname,
 int usage,
 int selector,
 int matchingType,
 String certificateData,
 String tlsaRecord)

Constructor.

Parameters:

hostname - The MX hostname this TLSA record applies to.

usage - Certificate usage (0-3).

selector - Selector (0=full cert, 1=subject public key info).

matchingType - Matching type (0=exact, 1=SHA-256, 2=SHA-512).

certificateData - The certificate association data (hex string).

tlsaRecord - The full TLSA record string.

Method Details

getHostname

public String getHostname()

Get the hostname this TLSA record applies to.

Returns:

Hostname.

getUsage

public int getUsage()

Get the certificate usage field.

• 0 = CA constraint (PKIX-TA)
• 1 = Service certificate constraint (PKIX-EE)
• 2 = Trust anchor assertion (DANE-TA)
• 3 = Domain-issued certificate (DANE-EE)

Returns:

Usage value (0-3).

getSelector

public int getSelector()

Get the selector field.

• 0 = Full certificate
• 1 = SubjectPublicKeyInfo

Returns:

Selector value (0-1).

getMatchingType

public int getMatchingType()

Get the matching type field.

• 0 = No hash used (exact match)
• 1 = SHA-256 hash
• 2 = SHA-512 hash

Returns:

Matching type value (0-2).

getCertificateData

public String getCertificateData()

Get the certificate association data (hex string).

Returns:

Certificate data.

getTlsaRecord

public String getTlsaRecord()

Get the full TLSA record string.

Returns:

TLSA record.

getUsageDescription

public String getUsageDescription()

Get human-readable usage description.

Returns:

Usage description.

getSelectorDescription

public String getSelectorDescription()

Get human-readable selector description.

Returns:

Selector description.

getMatchingTypeDescription

public String getMatchingTypeDescription()

Get human-readable matching type description.

Returns:

Matching type description.

toString

public String toString()

Overrides:

toString in class Object