NAME
Data::Validate::DNS::TLSA - Validate DNS Transport Layer Security Association (TLSA) Record Values
VERSION
version 0.02
SYNOPSIS
use Data::Validate::DNS::TLSA ':all';
# Validating a TLSA port number
if (is_tlsa_port('_443', underscore => 1)) {
print 'Looks like a valid TLSA port number';
}
if (is_tlsa_port('443')) {
print 'Looks like a valid TLSA port number';
}
# Validating a TLSA protocol value
if (is_tlsa_protocol('_tcp', underscore => 1)) {
print 'Looks like a valid TLSA protocol';
}
if (is_tlsa_protocol('tcp')) {
print 'Looks like a valid TLSA protocol';
}
# Validating a TLSA domain name
if (is_tlsa_domain_name('_443._tcp.example.com')) {
print 'Looks like a valid TLSA domain name'
}
# Validating a TLSA selector
if (is_tlsa_selector('1')) {
print 'Looks like a valid TLSA selector';
}
# Validating a TLSA matching type value
if (is_tlsa_matching_type('2')) {
print 'Looks like a valid TLSA matching type';
}
# Validating a TLSA certificate usage value
if (is_tlsa_cert_usage('3')) {
print 'Looks like a valid TLSA Certificate Usage value';
}
# Validating a TLSA certificate association value
if (is_tlsa_cert_association($hash)) {
print 'Looks like a valid TLSA Certificate Assocation value';
}
# or, use the Object interface
my $v = Data::Validate::DNS::TLSA->new;
unelss ($v->is_tlsa_selector($suspect)) {
Carp::croak "$suspect is not a valid TLSA selector";
}
DESCRIPTION
This module offers functions for validating DNS Transport Level Security Association (TLSA) record fields to make input validation and untainting easier and more readable.
All of the functions return an untainted value on success and a false value (undef or empty list) on failure. In scalar context you should check that the return value is defined.
All functions can be called as methods if using the object oriented interface.
METHODS
new()
Constructor
FUNCTIONS
is_tlsa_port($value, %options)
Returns the untainted port number (without the leading underscore) if it is a valid TLSA port string.
Options:
underscore [default: false]
Require the leading underscore.
is_tlsa_protocol($value, %options)
Returns the TLSA protocol string (without the leading underscore) if it is valid.
Options:
strict [default: false]
Require the protocol value to be one of the values from RFC 6698. That is, one of
tcp
,udp
, orsctp
.underscore [default false]
Require the leading underscore.
is_tlsa_domain_name($value, %opts)
Return the untainted value if $value
is a valid looking TLSA DNS name. For example, _443._tcp.example.com
. This only checks the syntax of the first two labels (the port and protocol). %opts
are the same options that is_tlsa_port() and is_tlsa_protocol() accept. However, underscore
defaults to true
in this case.
is_tlsa_matching_type($value, %opts)
Return the untainted value if it looks like a valid TLSA matching type value.
Options:
* strict [default: false] Require the value to be one of the matching types from RFC 6698.
is_tlsa_selector($value, %opts)
Return the untainted selector if it is a valid TLSA selector value.
Options:
strict [default: false]
Require the value to be one of the TLSA Selector Values from RFC 6698.
is_tlsa_cert_usage($value, %opts)
Return the untainted value if it is a valid TLSA Certificate Usage value.
strict [default: false]
Require the value to be one of the TLSA Certificate Usage Values from RFC 6698.
is_tlsa_cert_association($value, %opts)
Return the untainted value if it is a valid TLSA Certificate Association.
SEE ALSO
SOURCE
The development version is on github at http://https://github.com/mschout/perl-data-validate-dns-tlsa and may be cloned from git://https://github.com/mschout/perl-data-validate-dns-tlsa.git
BUGS
Please report any bugs or feature requests on the bugtracker website https://github.com/mschout/perl-data-validate-dns-tlsa/issues
When submitting a bug or request, please include a test-file or a patch to an existing test-file that illustrates the bug or desired feature.
AUTHOR
Michael Schout <mschout@cpan.org>
COPYRIGHT AND LICENSE
This software is copyright (c) 2018 by Michael Schout.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.