QDnsTlsAssociationRecord Class

The QDnsTlsAssociationRecord class stores information about a DNS TLSA record. More...

Header: #include <QDnsTlsAssociationRecord>
CMake: find_package(Qt6 REQUIRED COMPONENTS Network)
target_link_libraries(mytarget PRIVATE Qt6::Network)
qmake: QT += network
Since: Qt 6.8

Public Types

enum class CertificateUsage { CertificateAuthorityConstrait, ServiceCertificateConstraint, TrustAnchorAssertion, DomainIssuedCertificate, PrivateUse, …, PrivCert }
enum class MatchingType { Exact, Sha256, Sha512, PrivateUse, PrivMatch }
enum class Selector { FullCertificate, SubjectPublicKeyInfo, PrivateUse, Cert, SPKI, PrivSel }

Public Functions

QDnsTlsAssociationRecord()
QDnsTlsAssociationRecord(const QDnsTlsAssociationRecord &other)
~QDnsTlsAssociationRecord()
QDnsTlsAssociationRecord::MatchingType matchType() const
QString name() const
QDnsTlsAssociationRecord::Selector selector() const
quint32 timeToLive() const
QDnsTlsAssociationRecord::CertificateUsage usage() const
QByteArray value() const
QDnsTlsAssociationRecord &operator=(const QDnsTlsAssociationRecord &other)

Detailed Description

When performing a text lookup, zero or more records will be returned. Each record is represented by a QDnsTlsAssociationRecord instance.

The meaning of the fields is defined in RFC 6698.

See also QDnsLookup.

Member Type Documentation

enum class QDnsTlsAssociationRecord::CertificateUsage

This enumeration contains valid values for the certificate usage field of TLS Association queries. The following list is up-to-date with RFC 6698 section 2.1.1 and RFC 7218 section 2.1. Please refer to those documents for authoritative instructions on interpreting this enumeration.

ConstantValueDescription
QDnsTlsAssociationRecord::CertificateUsage::CertificateAuthorityConstrait0Indicates the record includes an association to a specific Certificate Authority that must be found in the TLS server's certificate chain and must pass PKIX validation.
QDnsTlsAssociationRecord::CertificateUsage::ServiceCertificateConstraint1Indicates the record includes an association to a certificate that must match the end entity certificate provided by the TLS server and must pass PKIX validation.
QDnsTlsAssociationRecord::CertificateUsage::TrustAnchorAssertion2Indicates the record includes an association to a certificate that MUST be used as the ultimate trust anchor to validate the TLS server's certificate and must pass PKIX validation.
QDnsTlsAssociationRecord::CertificateUsage::DomainIssuedCertificate3Indicates the record includes an association to a certificate that must match the end entity certificate provided by the TLS server. PKIX validation is not tested.
QDnsTlsAssociationRecord::CertificateUsage::PrivateUse255No standard meaning applied.
QDnsTlsAssociationRecord::CertificateUsage::PKIX_TA0Alias; mnemonic for Public Key Infrastructure Trust Anchor
QDnsTlsAssociationRecord::CertificateUsage::PKIX_EE1Alias; mnemonic for Public Key Infrastructure End Entity
QDnsTlsAssociationRecord::CertificateUsage::DANE_TA2Alias; mnemonic for DNS-based Authentication of Named Entities Trust Anchor
QDnsTlsAssociationRecord::CertificateUsage::DANE_EE3Alias; mnemonic for DNS-based Authentication of Named Entities End Entity
QDnsTlsAssociationRecord::CertificateUsage::PrivCert255Alias

Other values are currently reserved, but may be unreserved by future standards. This enumeration can be used for those values even if no enumerator is provided.

See also usage().

enum class QDnsTlsAssociationRecord::MatchingType

This enumeration contains valid values for the matching type field of TLS Association queries. The following list is up-to-date with RFC 6698 section 2.1.3 and RFC 7218 section 2.3. Please refer to those documents for authoritative instructions on interpreting this enumeration.

ConstantValueDescription
QDnsTlsAssociationRecord::MatchingType::Exact0Indicates this the certificate or SPKI data is stored verbatim in this record.
QDnsTlsAssociationRecord::MatchingType::Sha2561Indicates this a SHA-256 checksum of the the certificate or SPKI data present in this record.
QDnsTlsAssociationRecord::MatchingType::Sha5122Indicates this a SHA-512 checksum of the the certificate or SPKI data present in this record.
QDnsTlsAssociationRecord::MatchingType::PrivateUse255No standard meaning applied.
QDnsTlsAssociationRecord::MatchingType::PrivMatchPrivateUseAlias

Other values are currently reserved, but may be unreserved by future standards. This enumeration can be used for those values even if no enumerator is provided.

See also matchType().

enum class QDnsTlsAssociationRecord::Selector

This enumeration contains valid values for the selector field of TLS Association queries. The following list is up-to-date with RFC 6698 section 2.1.2 and RFC 7218 section 2.2. Please refer to those documents for authoritative instructions on interpreting this enumeration.

ConstantValueDescription
QDnsTlsAssociationRecord::Selector::FullCertificate0Indicates this record refers to the full certificate in its binary structure form.
QDnsTlsAssociationRecord::Selector::SubjectPublicKeyInfo1Indicates the record refers to the certificate's subject and public key information, in DER-encoded binary structure form.
QDnsTlsAssociationRecord::Selector::PrivateUse255No standard meaning applied.
QDnsTlsAssociationRecord::Selector::CertFullCertificateAlias
QDnsTlsAssociationRecord::Selector::SPKISubjectPublicKeyInfoAlias
QDnsTlsAssociationRecord::Selector::PrivSelPrivateUseAlias

Other values are currently reserved, but may be unreserved by future standards. This enumeration can be used for those values even if no enumerator is provided.

See also selector().

Member Function Documentation

QDnsTlsAssociationRecord::QDnsTlsAssociationRecord()

Constructs an empty TLS Association record.

QDnsTlsAssociationRecord::QDnsTlsAssociationRecord(const QDnsTlsAssociationRecord &other)

Constructs a copy of other.

[noexcept] QDnsTlsAssociationRecord::~QDnsTlsAssociationRecord()

Destroys this TLS Association record object.

QDnsTlsAssociationRecord::MatchingType QDnsTlsAssociationRecord::matchType() const

Returns the match type field for this record.

QString QDnsTlsAssociationRecord::name() const

Returns the name of this record.

QDnsTlsAssociationRecord::Selector QDnsTlsAssociationRecord::selector() const

Returns the selector field for this record.

quint32 QDnsTlsAssociationRecord::timeToLive() const

Returns the duration in seconds for which this record is valid.

QDnsTlsAssociationRecord::CertificateUsage QDnsTlsAssociationRecord::usage() const

Returns the certificate usage field for this record.

QByteArray QDnsTlsAssociationRecord::value() const

Returns the binary data field for this record. The interpretation of this binary data depends on the three numeric fields provided by certificateUsage(), selector(), and matchType().

Do note this is a binary field, even for the checksums, similar to what QCyrptographicHash::result() returns.

QDnsTlsAssociationRecord &QDnsTlsAssociationRecord::operator=(const QDnsTlsAssociationRecord &other)

Moves the content of other into this object.