class QDnsTlsAssociationRecord

The QDnsTlsAssociationRecord class stores information about a DNS TLSA record. More

Added in version 6.8.

Synopsis

Methods

Note

This documentation may contain snippets that were automatically translated from C++ to Python. We always welcome contributions to the snippet translation. If you see an issue with the translation, you can also let us know by creating a ticket on https:/bugreports.qt.io/projects/PYSIDE

Detailed Description

When performing a text lookup, zero or more records will be returned. Each record is represented by a QDnsTlsAssociationRecord instance.

The meaning of the fields is defined in RFC 6698.

See also

QDnsLookup

class CertificateUsage

This enumeration contains valid values for the certificate usage field of TLS Association queries. The following list is up-to-date with RFC 6698 section 2.1.1 and RFC 7218 section 2.1. Please refer to those documents for authoritative instructions on interpreting this enumeration.

Constant

Description

QDnsTlsAssociationRecord.CertificateUsage.CertificateAuthorityConstrait

Indicates the record includes an association to a specific Certificate Authority that must be found in the TLS server’s certificate chain and must pass PKIX validation.

QDnsTlsAssociationRecord.CertificateUsage.ServiceCertificateConstraint

Indicates the record includes an association to a certificate that must match the end entity certificate provided by the TLS server and must pass PKIX validation.

QDnsTlsAssociationRecord.CertificateUsage.TrustAnchorAssertion

Indicates the record includes an association to a certificate that MUST be used as the ultimate trust anchor to validate the TLS server’s certificate and must pass PKIX validation.

QDnsTlsAssociationRecord.CertificateUsage.DomainIssuedCertificate

Indicates the record includes an association to a certificate that must match the end entity certificate provided by the TLS server. PKIX validation is not tested.

QDnsTlsAssociationRecord.CertificateUsage.PrivateUse

No standard meaning applied.

QDnsTlsAssociationRecord.CertificateUsage.PKIX_TA

Alias; mnemonic for Public Key Infrastructure Trust Anchor

QDnsTlsAssociationRecord.CertificateUsage.PKIX_EE

Alias; mnemonic for Public Key Infrastructure End Entity

QDnsTlsAssociationRecord.CertificateUsage.DANE_TA

Alias; mnemonic for DNS-based Authentication of Named Entities Trust Anchor

QDnsTlsAssociationRecord.CertificateUsage.DANE_EE

Alias; mnemonic for DNS-based Authentication of Named Entities End Entity

QDnsTlsAssociationRecord.CertificateUsage.PrivCert

Alias

Other values are currently reserved, but may be unreserved by future standards. This enumeration can be used for those values even if no enumerator is provided.

See also

usage()

class Selector

This enumeration contains valid values for the selector field of TLS Association queries. The following list is up-to-date with RFC 6698 section 2.1.2 and RFC 7218 section 2.2. Please refer to those documents for authoritative instructions on interpreting this enumeration.

Constant

Description

QDnsTlsAssociationRecord.Selector.FullCertificate

Indicates this record refers to the full certificate in its binary structure form.

QDnsTlsAssociationRecord.Selector.SubjectPublicKeyInfo

Indicates the record refers to the certificate’s subject and public key information, in DER-encoded binary structure form.

QDnsTlsAssociationRecord.Selector.PrivateUse

No standard meaning applied.

QDnsTlsAssociationRecord.Selector.Cert

Alias

QDnsTlsAssociationRecord.Selector.SPKI

Alias

QDnsTlsAssociationRecord.Selector.PrivSel

Alias

Other values are currently reserved, but may be unreserved by future standards. This enumeration can be used for those values even if no enumerator is provided.

See also

selector()

class MatchingType

This enumeration contains valid values for the matching type field of TLS Association queries. The following list is up-to-date with RFC 6698 section 2.1.3 and RFC 7218 section 2.3. Please refer to those documents for authoritative instructions on interpreting this enumeration.

Constant

Description

QDnsTlsAssociationRecord.MatchingType.Exact

Indicates this the certificate or SPKI data is stored verbatim in this record.

QDnsTlsAssociationRecord.MatchingType.Sha256

Indicates this a SHA-256 checksum of the the certificate or SPKI data present in this record.

QDnsTlsAssociationRecord.MatchingType.Sha512

Indicates this a SHA-512 checksum of the the certificate or SPKI data present in this record.

QDnsTlsAssociationRecord.MatchingType.PrivateUse

No standard meaning applied.

QDnsTlsAssociationRecord.MatchingType.PrivMatch

Alias

Other values are currently reserved, but may be unreserved by future standards. This enumeration can be used for those values even if no enumerator is provided.

See also

matchType()

__init__()

Constructs an empty TLS Association record.

__init__(other)
Parameters:

otherQDnsTlsAssociationRecord

Constructs a copy of other.

matchType()
Return type:

MatchingType

Returns the match type field for this record.

name()
Return type:

str

Returns the name of this record.

selector()
Return type:

Selector

Returns the selector field for this record.

swap(other)
Parameters:

otherQDnsTlsAssociationRecord

timeToLive()
Return type:

int

Returns the duration in seconds for which this record is valid.

usage()
Return type:

CertificateUsage

Returns the certificate usage field for this record.

value()
Return type:

QByteArray

Returns the binary data field for this record. The interpretation of this binary data depends on the three numeric fields provided by certificateUsage(), selector() , and matchType() .

Do note this is a binary field, even for the checksums, similar to what QCyrptographicHash::result() returns.