README

This package contains a class that can generate TLSA resource records.

$tlsa = new Stayallive\TLSA\Builder('alexbouma.me');

$tlsa->forCertificate($pemEncodedCertificate);

$tlsa->getRecord(); // returns the full DNS record

$tlsa->getRecordContents(); // returns the DNS record contents only

Installation

You can install the package via composer:

composer require stayallive/tlsa

Usage

The class can generate a TLSA resource record for all certificate usages, selectors and matching types.

For more information check out the Wikipedia entry: https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities#RR_data_fields

use Stayallive\TLSA;

$tlsa = new TLSA\Builder('alexbouma.me', 25, 'udp'); // Builder for the alexbouma.me domain, port 25 and the UDP protocol

$tlsa->forCertificate($pemEncodedCertificate);
$tlsa->forPublicKey($pemEncodedPublicKey);

$tlsa->certificateUsage(TLSA\Builder::CERTIFICATE_USAGE_DOMAIN_ISSUED_CERTIFICATE); // Set the certificate usage to `3` (default)

$tlsa->selector(TLSA\Builder::SELECTOR_PUBLIC_KEY); // Set the selector to `1` (default)

$tlsa->matchingType(TLSA\Builder::MATCHING_TYPE_SHA256); // Set the matching type to `1` (default)

$dns->getRecord(); // returns the full DNS record
$dns->getRecordContents(); // returns the DNS record contents

Testing

composer test

Changelog

Please see CHANGELOG for more information what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security

If you discover any security related issues, please email me@alexbouma.me instead of using the issue tracker.

Credits

• Alex Bouma
• All Contributors

License

The MIT License (MIT). Please see License File for more information.