badpenguin.dkim
Class NSKeyStore

java.lang.Object
  extended by badpenguin.dkim.NSKeyStore

public class NSKeyStore
extends java.lang.Object

The NSKeyStore can be used to retrieve keys from a Naming Service (Currently only DNS) and store them in a hash table. Any subsequent requests for the same domain key record are returned directly from the hash table, thus reducing the number of DNS queries performed during verification.
Each key is given an expiry time, and once the expiry time has passed, a new name resolution will be made.

Author:
Mark Boddington <dk_NO_im@_SP_bad_AM_penguin.co.uk>
http://www.badpenguin.co.uk

Constructor Summary
NSKeyStore(java.lang.String type, java.lang.String nameServer)
          Create a new KeyStore object.
 
Method Summary
 int getCacheTime()
          Get the current cache time for the DKIM keys.
 int getKeyLimit()
          The KeyStore limits the number of keys it stores, to prevent someone adding 1000 key records and causing a DOS attack.
 NSKey[] retrieveKeys(java.lang.String lookup)
          This method returns a NSKey object for the give domain key record.
 void setCacheTime(int cacheTime)
          Set the amount of time in seconds, that keys should be kept in cache.
 void setKeyLimit(int keyLimit)
          The KeyStore limits the number of keys it stores, to prevent someone adding 1000 key records and causing a DOS attack.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

NSKeyStore

public NSKeyStore(java.lang.String type,
                  java.lang.String nameServer)
           throws javax.naming.NamingException
Create a new KeyStore object. You must provide an IP address of you name server and the type of nameserver. Currently only DNS is supported by DKIM.

Parameters:
type -
nameServer -
Throws:
javax.naming.NamingException
Method Detail

retrieveKeys

public NSKey[] retrieveKeys(java.lang.String lookup)
                     throws DkimException
This method returns a NSKey object for the give domain key record. If the lookup has been performed before, then the NSKey will be returned from the hash table, otherwise a Name Service query will be initiated and the result will be stored and returned.

Parameters:
lookup - - The domain key record to retrieve
Returns:
The NSKey for this request
Throws:
DkimException - - The NameService lookup has failed.

getKeyLimit

public int getKeyLimit()
The KeyStore limits the number of keys it stores, to prevent someone adding 1000 key records and causing a DOS attack. The default limit is 3 keys per name.

Returns:
current key limit

setKeyLimit

public void setKeyLimit(int keyLimit)
The KeyStore limits the number of keys it stores, to prevent someone adding 1000 key records and causing a DOS attack. The default limit is 3 keys per name.

Parameters:
keyLimit - Key Limit

setCacheTime

public void setCacheTime(int cacheTime)
Set the amount of time in seconds, that keys should be kept in cache. Once keys expire, they will need to be resolved again. The default cache time is 15 minutes (900 seconds).

Parameters:
cacheTime -

getCacheTime

public int getCacheTime()
Get the current cache time for the DKIM keys. The default is 15 minutes (900 seconds).

Returns:
The number of seconds that records are cached.


© Copyright 2009 Mark Boddington (www.badpenguin.co.uk)