dnsruby 1.55 → 1.56.0

data/lib/Dnsruby/resource/A.rb

@@ -1,56 +0,0 @@
-#--
-#Copyright 2007 Nominet UK
-#
-#Licensed under the Apache License, Version 2.0 (the "License");
-#you may not use this file except in compliance with the License. 
-#You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0 
-#
-#Unless required by applicable law or agreed to in writing, software 
-#distributed under the License is distributed on an "AS IS" BASIS, 
-#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
-#See the License for the specific language governing permissions and 
-#limitations under the License.
-#++
-module Dnsruby
-  class RR
-    module IN
-      #Class for DNS Address (A) resource records.
-      #
-      #RFC 1035 Section 3.4.1
-      class A < RR
-        ClassHash[[TypeValue = Types::A, ClassValue = ClassValue]] = self #:nodoc: all
-        
-        #The RR's (Resolv::IPv4) address field 
-        attr_accessor :address
-        
-        def from_data(data) #:nodoc: all
-          @address = IPv4.create(data)
-        end
-        
-        #Create the RR from a hash
-        def from_hash(hash)
-          @address = IPv4.create(hash[:address])
-        end
-        
-        # Create the RR from a standard string
-        def from_string(input)
-          @address = IPv4.create(input)
-        end
-        
-        def rdata_to_string
-          return @address.to_s
-        end
-        
-        def encode_rdata(msg, canonical=false) #:nodoc: all
-          msg.put_bytes(@address.address)
-        end
-        
-        def self.decode_rdata(msg) #:nodoc: all
-          return self.new(IPv4.new(msg.get_bytes(4)))
-        end
-      end
-    end   
-  end
-end

data/lib/Dnsruby/resource/AAAA.rb

@@ -1,54 +0,0 @@
-#--
-#Copyright 2007 Nominet UK
-#
-#Licensed under the Apache License, Version 2.0 (the "License");
-#you may not use this file except in compliance with the License. 
-#You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0 
-#
-#Unless required by applicable law or agreed to in writing, software 
-#distributed under the License is distributed on an "AS IS" BASIS, 
-#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
-#See the License for the specific language governing permissions and 
-#limitations under the License.
-#++
-module Dnsruby
-  class RR
-    module IN
-      #Class for DNS IPv6 Address (AAAA) resource records.
-      #
-      #RFC 1886 Section 2, RFC 1884 Sections 2.2 & 2.4.4
-      class AAAA < RR
-        ClassHash[[TypeValue = Types::AAAA, ClassValue = ClassValue]] = self #:nodoc: all
-        
-        #  The RR's (Resolv::IPv6) address field
-        attr_accessor :address
-        
-        def from_data(data) #:nodoc: all
-          @address = IPv6.create(data)
-        end
-        
-        def from_hash(hash) #:nodoc: all
-          @address = IPv6.create(hash[:address])
-        end
-        
-        def from_string(input) #:nodoc: all
-          @address = IPv6.create(input)
-        end
-        
-        def rdata_to_string #:nodoc: all
-          return @address.to_s
-        end
-        
-        def encode_rdata(msg, canonical=false) #:nodoc: all
-          msg.put_bytes(@address.address)
-        end
-        
-        def self.decode_rdata(msg) #:nodoc: all
-          return self.new(IPv6.new(msg.get_bytes(16)))
-        end
-      end
-    end   
-  end
-end

data/lib/Dnsruby/resource/DLV.rb

@@ -1,27 +0,0 @@
-#-- 
-#Copyright 2008 Nominet UK 
-# 
-#Licensed under the Apache License, Version 2.0 (the "License"); 
-#you may not use this file except in compliance with the License. 
-#You may obtain a copy of the License at 
-# 
-#     http://www.apache.org/licenses/LICENSE-2.0 
-# 
-#Unless required by applicable law or agreed to in writing, software 
-#distributed under the License is distributed on an "AS IS" BASIS, 
-#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
-#See the License for the specific language governing permissions and 
-#limitations under the License. 
-#++ 
-
-module Dnsruby
-   class RR
-     #RFC4431 specifies that the DLV is assigned type 32769, and the 
-     # rdata is identical to that of the DS record. 
-
-     class DLV < RR::DS
-       ClassValue = nil #:nodoc: all 
-       TypeValue = Types::DLV #:nodoc: all 
-     end
-   end
-end

data/lib/Dnsruby/resource/NSEC.rb

@@ -1,298 +0,0 @@
-#--
-#Copyright 2007 Nominet UK
-#
-#Licensed under the Apache License, Version 2.0 (the "License");
-#you may not use this file except in compliance with the License. 
-#You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0 
-#
-#Unless required by applicable law or agreed to in writing, software 
-#distributed under the License is distributed on an "AS IS" BASIS, 
-#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
-#See the License for the specific language governing permissions and 
-#limitations under the License.
-#++
-module Dnsruby
-  class RR
-    #RFC4034, section 4
-    #The NSEC resource record lists two separate things: the next owner
-    #name (in the canonical ordering of the zone) that contains
-    #authoritative data or a delegation point NS RRset, and the set of RR
-    #types present at the NSEC RR's owner name [RFC3845].  The complete
-    #set of NSEC RRs in a zone indicates which authoritative RRsets exist
-    #in a zone and also form a chain of authoritative owner names in the
-    #zone.  This information is used to provide authenticated denial of
-    #existence for DNS data, as described in [RFC4035].    
-    class NSEC < RR
-      ClassValue = nil #:nodoc: all
-      TypeValue = Types::NSEC #:nodoc: all
-      
-      #The next name which exists after this NSEC
-      #The Next Domain field contains the next owner name (in the canonical
-      #ordering of the zone) that has authoritative data or contains a
-      #delegation point NS RRset
-      attr_reader :next_domain
-      #The Type Bit Maps field identifies the RRset types that exist at the
-      #NSEC RR's owner name
-      attr_reader :types
-      
-      def next_domain=(n)
-        nxt = Name.create(n)
-        @next_domain = nxt
-      end
-
-      def check_name_in_range(n)
-        # Check if the name is covered by this record
-        if (@name.wild?)
-          return check_name_in_wildcard_range(n)
-        end
-        if (name.canonically_before(n) && (n.canonically_before(next_domain)))
-          return true
-        end
-        return false
-      end
-      
-      def check_name_in_wildcard_range(n)
-        #  Check if the name is covered by this record
-        return false if !@name.wild?
-        return false if @next_domain.canonically_before(n)
-        # Now just check that the wildcard is *before* the name
-        # Strip the first label ("*") and then compare
-        n2 = Name.create(@name)
-        n2.labels.delete_at(0)
-        return false if n.canonically_before(n2)
-        return true
-      end
-
-      def types=(t)
-        if (t && t.length > 0)
-        @types = NSEC.get_types(t)
-        else
-          @types = []
-        end
-      end
-      
-      def self.get_types(t)
-        types = nil
-        if (t.instance_of?Array)
-          # from the wire, already decoded
-          types =t
-        elsif (t.instance_of?String)
-          if (index = t.index";")
-            t = t[0, index]
-          end
-          if (index = t.index")")
-            t = t[0, index]
-          end
-          # List of mnemonics
-          types=[]
-          mnemonics = t.split(" ")
-          mnemonics.each do |m|
-            type = Types.new(m)
-            types.push(type)
-          end
-        else
-          raise DecodeError.new("Unknown format of types for Dnsruby::RR::NSEC")
-        end
-        return types
-      end
-      
-      def add_type(t)
-        self.types=(@types + [t])
-      end
-      
-      def self.decode_types(bytes)
-        types = []
-        #RFC4034 section 4.1.2
-        #The RR type space is split into 256 window blocks, each representing
-        #the low-order 8 bits of the 16-bit RR type space.  Each block that
-        #has at least one active RR type is encoded using a single octet
-        #window number (from 0 to 255), a single octet bitmap length (from 1
-        #to 32) indicating the number of octets used for the window block's
-        #bitmap, and up to 32 octets (256 bits) of bitmap.
-
-        #Blocks are present in the NSEC RR RDATA in increasing numerical
-        #order.
-
-        #  Type Bit Maps Field = ( Window Block # | Bitmap Length | Bitmap )+
-
-        #  where "|" denotes concatenation.
-       
-        pos = 0
-        while (pos < bytes.length)
-          #So, read the first two octets
-          if (bytes.length-pos < 2)
-            raise DecodeError.new("NSEC : Expected window number and bitmap length octets")
-          end
-          window_number = bytes[pos]
-          bitmap_length = bytes[pos+1]
-          if (window_number.class == String) # Ruby 1.9
-            window_number = window_number.getbyte(0)
-            bitmap_length = bitmap_length.getbyte(0)
-          end
-          pos += 2
-          bitmap = bytes[pos,bitmap_length]
-          pos += bitmap_length
-          #Each bitmap encodes the low-order 8 bits of RR types within the
-          #window block, in network bit order.  The first bit is bit 0.  For
-          #window block 0, bit 1 corresponds to RR type 1 (A), bit 2 corresponds
-          #to RR type 2 (NS), and so forth.  For window block 1, bit 1
-          #corresponds to RR type 257, and bit 2 to RR type 258.  If a bit is
-          #set, it indicates that an RRset of that type is present for the NSEC
-          #RR's owner name.  If a bit is clear, it indicates that no RRset of
-          #that type is present for the NSEC RR's owner name.
-          index = 0
-          bitmap.each_byte do |char|
-            if char.to_i != 0
-              # decode these RR types
-              0..8.times do |i|
-                if (((1 << (7-i)) & char) == (1 << (7-i)))
-                  type = Types.new((256 * window_number) + (8 * index) + i)
-                  #Bits representing pseudo-types MUST be clear, as they do not appear
-                  #in zone data.  If encountered, they MUST be ignored upon being read.
-                  if (!([Types::OPT, Types::TSIG].include?(type)))
-                    types.push(type)
-                  end
-                end               
-              end
-            end
-            index += 1
-          end
-        end
-        return types
-      end
-      
-      def encode_types
-        NSEC.encode_types(self)
-      end
-      
-      def self.encode_types(nsec)
-        output=""
-        #types represents all 65536 possible RR types.
-        #Split up types into sets of 256 different types.
-        type_codes = []
-        nsec.types.each do |type|
-          type_codes.push(type.code)
-        end
-        type_codes.sort!
-        window = -1
-        0.step(65536,256) { |step|
-          # Gather up the RR types for this set of 256
-          types_to_go = []
-          while (!type_codes.empty? && type_codes[0] < step)
-            types_to_go.push(type_codes[0])
-            # And delete them from type_codes
-            type_codes=type_codes.last(type_codes.length-1)
-            break if (type_codes.empty?)
-          end
-          
-          if (!types_to_go.empty?)
-            # Then create the bitmap for them
-            bitmap=""
-            # keep on adding them until there's none left
-            pos = 0
-            bitmap_pos = 0
-            while (!types_to_go.empty?)
-              
-              # Check the next eight
-              byte = 0
-              pos += 8
-              while (types_to_go[0] < pos + step-256)
-                byte = byte | (1 << (pos-1-(types_to_go[0] - (step-256) )))
-                # Add it to the list
-                # And remove it from the to_go queue
-                types_to_go =types_to_go.last(types_to_go.length-1)
-                break if (types_to_go.empty?)
-              end
-              bitmap += " "
-              if (bitmap[bitmap_pos].class == String)
-                bitmap.setbyte(bitmap_pos, byte) # Ruby 1.9
-              else
-                bitmap[bitmap_pos]=byte              
-              end
-              bitmap_pos+=1
-            end
-            
-            # Now add data to output bytes
-            start = output.length
-            (2+bitmap.length).times do 
-              output += " "
-            end
-          
-            if (output[start].class == String)
-              output.setbyte(start, window)
-              output.setbyte(start+1, bitmap.length)
-              bitmap.length.times do |i|
-                output.setbyte(start+2+i, bitmap[i].getbyte(0))
-              end
-            else
-              output[start] = window
-              output[start+1] = bitmap.length
-              bitmap.length.times do |i|
-                output[start+2+i] = bitmap[i]
-              end
-            end
-          end
-          window += 1
-          
-          # Are there any more types after this?
-          if (type_codes.empty?)
-            # If not, then break (so we don't add more zeros)
-            break
-          end
-        }
-        if (output[0].class == String)
-          output = output.force_encoding("ascii-8bit")
-        end
-        return output
-      end
-
-      def from_data(data) #:nodoc: all
-        next_domain, types = data
-        self.next_domain=(next_domain)
-        self.types=(types)
-      end
-      
-      def from_string(input)
-        if (input.length > 0)
-          data = input.split(" ")
-          self.next_domain=(data[0])
-          len = data[0].length+ 1
-          if (data[1] == "(")
-            len = len + data[1].length
-          end
-          self.types=(input[len, input.length-len])
-          @types = NSEC.get_types(input[len, input.length-len])
-        end
-      end
-      
-      def rdata_to_string #:nodoc: all
-        if (@next_domain!=nil)
-          type_strings = []
-          @types.each do |t|
-            type_strings.push(t.string)
-          end
-          types = type_strings.join(" ")
-          return "#{@next_domain.to_s(true)} ( #{types} )"
-        else
-          return ""
-        end
-      end
-      
-      def encode_rdata(msg, canonical=false) #:nodoc: all
-        # Canonical
-        msg.put_name(@next_domain, canonical, false) # dnssec-bis-updates says NSEC should not be downcased
-        types = encode_types
-        msg.put_bytes(types)
-      end
-      
-      def self.decode_rdata(msg) #:nodoc: all
-        next_domain = msg.get_name
-        types = decode_types(msg.get_bytes)
-        return self.new(
-          [next_domain, types])
-      end
-    end 
-  end
-end

data/lib/Dnsruby/resource/NSEC3.rb

@@ -1,340 +0,0 @@
-#--
-#Copyright 2007 Nominet UK
-#
-#Licensed under the Apache License, Version 2.0 (the "License");
-#you may not use this file except in compliance with the License. 
-#You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0 
-#
-#Unless required by applicable law or agreed to in writing, software 
-#distributed under the License is distributed on an "AS IS" BASIS, 
-#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
-#See the License for the specific language governing permissions and 
-#limitations under the License.
-#++
-require 'digest/sha1'
-module Base32
-  module_function
-  def encode32hex(str)
-    str.gsub(/\G(.{5})|(.{1,4}\z)/mn) do
-      full = $1; frag = $2
-      n, c = (full || frag.ljust(5, "\0")).unpack("NC")
-      full = ((n << 8) | c).to_s(32).rjust(8, "0")
-      if frag
-        full[0, (frag.length*8+4).div(5)].ljust(8, "=").upcase
-      else
-        full.upcase
-      end
-    end
-  end
-
-  HEX = '[0-9a-v]'
-  def decode32hex(str)
-    str.gsub(/\G\s*(#{HEX}{8}|#{HEX}{7}=|#{HEX}{5}={3}|#{HEX}{4}={4}|#{HEX}{2}={6}|(\S))/imno) do
-      raise "invalid base32" if $2
-      s = $1
-      s.tr("=", "0").to_i(32).divmod(256).pack("NC")[0,
-        (s.count("^=")*5).div(8)]
-    end
-  end
-end
-
-module Dnsruby
-  class RR
-    #The NSEC3 Resource Record (RR) provides authenticated denial of
-    #existence for DNS Resource Record Sets.
-    #
-    #The NSEC3 RR lists RR types present at the original owner name of the
-    #NSEC3 RR.  It includes the next hashed owner name in the hash order
-    #of the zone.  The complete set of NSEC3 RRs in a zone indicates which
-    #RRSets exist for the original owner name of the RR and form a chain
-    #of hashed owner names in the zone.  This information is used to
-    #provide authenticated denial of existence for DNS data.  To provide
-    #protection against zone enumeration, the owner names used in the
-    #NSEC3 RR are cryptographic hashes of the original owner name
-    #prepended as a single label to the name of the zone.  The NSEC3 RR
-    #indicates which hash function is used to construct the hash, which
-    #salt is used, and how many iterations of the hash function are
-    #performed over the original owner name.
-    class NSEC3 < RR
-      ClassValue = nil #:nodoc: all
-      TypeValue = Types::NSEC3 #:nodoc: all
-      
-      #The Hash Algorithm field identifies the cryptographic hash algorithm
-      #used to construct the hash-value.
-      attr_reader :hash_alg
-      #The Flags field contains 8 one-bit flags that can be used to indicate
-      #different processing.  All undefined flags must be zero.  The only
-      #flag defined by the NSEC3 specification is the Opt-Out flag.
-      attr_reader :flags
-      #The Iterations field defines the number of additional times the hash
-      #function has been performed.
-      attr_accessor :iterations
-      #The Salt Length field defines the length of the Salt field in octets,
-      #ranging in value from 0 to 255.
-      attr_reader :salt_length
-      #The Hash Length field defines the length of the Next Hashed Owner
-      #Name field, ranging in value from 1 to 255 octets.
-      attr_reader :hash_length
-      #The Next Hashed Owner Name field contains the next hashed owner name
-      #in hash order.        
-      attr_accessor :next_hashed
-      #The Type Bit Maps field identifies the RRset types that exist at the
-      #NSEC RR's owner name
-      attr_reader :types
-      
-      def check_name_in_range(name)
-        # @TODO@ Check if the name is covered by this record
-        return false
-      end
-
-      def check_name_in_wildcard_range(name)
-        # @TODO@ Check if the name is covered by this record
-        return false
-      end
-
-      def calculate_hash
-        return NSEC3.calculate_hash(@name, @iterations, @salt, @hash_alg)
-      end
-
-      def NSEC3.calculate_hash(name, iterations, salt, hash_alg)
-        # RFC5155
-        #5.  Calculation of the Hash
-
-        #   Define H(x) to be the hash of x using the Hash Algorithm selected by
-        #   the NSEC3 RR, k to be the number of Iterations, and || to indicate
-        #   concatenation.  Then define:
-        #
-        #      IH(salt, x, 0) = H(x || salt), and
-        #
-        #      IH(salt, x, k) = H(IH(salt, x, k-1) || salt), if k > 0
-        #
-        #   Then the calculated hash of an owner name is
-        #
-        #      IH(salt, owner name, iterations),
-        #
-        #   where the owner name is in the canonical form, defined as:
-        #
-        #   The wire format of the owner name where:
-        #
-        #   1.  The owner name is fully expanded (no DNS name compression) and
-        #       fully qualified;
-        #   2.  All uppercase US-ASCII letters are replaced by the corresponding
-        #       lowercase US-ASCII letters;
-        #   3.  If the owner name is a wildcard name, the owner name is in its
-        #       original unexpanded form, including the "*" label (no wildcard
-        #       substitution);
-        #
-        #   This form is as defined in Section 6.2 of [RFC 4034].
-        #
-
-        n = Name.create(name)
-        out = n.canonical
-        begin
-        (0..iterations).each  {
-          out =NSEC3.h(out + salt, hash_alg);
-        }
-        return Base32.encode32hex(out).downcase
-        rescue ArgumentError
-        TheLog.error("Unknown hash algorithm #{hash_alg} used for NSEC3 hash")
-        return "Unknown NSEC3 hash algorithm"
-        end
-      end
-
-      def h(x) # :nodoc: all
-        return NSEC3.h(x, @hash_alg)
-      end
-
-      def NSEC3.h(x, hash_alg) # :nodoc: all
-        if (Nsec3HashAlgorithms.SHA_1 == hash_alg)
-          return Digest::SHA1.digest(x)
-        end
-        raise ArgumentError.new("Unknown hash algorithm")
-      end
-
-      def hash_alg=(a)
-        if (a.instance_of?String)
-          if (a.length == 1)
-            a = a.to_i
-          end
-        end
-        begin
-          alg = Nsec3HashAlgorithms.new(a)
-          @hash_alg = alg
-        rescue ArgumentError => e
-          raise DecodeError.new(e)
-        end        
-      end
-      
-      def types=(t)
-        if (t && t.length > 0)
-        @types = NSEC.get_types(t)
-        else
-          @types = []
-        end
-      end
-      
-      def add_type(t)
-        self.types=(@types + [t])
-      end
-      
-      OPT_OUT = 1
-      def flags=(f)
-        if (f==0 || f==OPT_OUT)
-          @flags=f
-        else
-          raise DecodeError.new("Unknown NSEC3 flags field - #{f}")
-        end
-      end
-
-      #If the Opt-Out flag is set, the NSEC3 record covers zero or more
-      #unsigned delegations.
-      def opt_out?
-        return (@flags==OPT_OUT)
-      end
-      
-      #      def salt_length=(l)
-      #        if ((l < 0) || (l > 255))
-      #          raise DecodeError.new("NSEC3 salt length must be between 0 and 255")
-      #        end
-      #        @salt_length = l
-      #      end
-      #
-      def hash_length=(l)
-        if ((l < 0) || (l > 255))
-          raise DecodeError.new("NSEC3 hash length must be between 0 and 255")
-        end
-        @hash_length = l        
-      end
-   
-      def from_data(data) #:nodoc: all
-        hash_alg, flags, iterations, salt_length, salt, hash_length, next_hashed, types = data
-        self.hash_alg=(hash_alg)
-        self.flags=(flags)
-        self.iterations=(iterations)
-#        self.salt_length=(salt_length)
-#        self.salt=(salt)
-        @salt=salt
-        self.hash_length=(hash_length)
-        self.next_hashed=(next_hashed)
-        self.types=(types)
-      end
-
-      #The Salt field is appended to the original owner name before hashing
-      #in order to defend against pre-calculated dictionary attacks.
-      def salt
-        return NSEC3.encode_salt(@salt)
-      end
-
-      def salt=(s)
-        @salt = NSEC3.decode_salt(s)
-        @salt_length = @salt.length
-      end
-
-      def NSEC3.decode_salt(input)
-        if (input == "-")
-          return ""
-        end
-        return [input].pack("H*")
-      end
-
-      def NSEC3.encode_salt(s)
-        if (!s || s.length == 0)
-          return "-"
-        end
-        return s.unpack("H*")[0]
-      end
-
-      def decode_next_hashed(input)
-        @next_hashed = NSEC3.decode_next_hashed(input)
-        end
-
-      def NSEC3.decode_next_hashed(input)
-        return Base32.decode32hex(input)
-      end
-
-      def encode_next_hashed(n)
-        return NSEC3.encode_next_hashed(n)
-      end
-
-      def NSEC3.encode_next_hashed(n)
-        return Base32.encode32hex(n).downcase
-      end
-      
-      def from_string(input)
-        if (input.length > 0)
-          data = input.split
-          self.hash_alg=(data[0]).to_i
-          self.flags=(data[1]).to_i
-          self.iterations=(data[2]).to_i
-          self.salt=(data[3])
-
-          len = data[0].length + data[1].length + data[2].length + data[3].length + 4
-          # There may or may not be brackets around next_hashed
-          if (data[4] == "(")
-            len = len + data[4].length + 1
-          end
-          next_hashed_and_types = (input[len, input.length-len])
-          data2 = next_hashed_and_types.split()
-
-
-          self.next_hashed=decode_next_hashed(data2[0])
-          self.hash_length=(@next_hashed.length)
-          len2 = data2[0].length + 1
-          self.types = next_hashed_and_types[len2, next_hashed_and_types.length - len2]
-          #          self.types=data2[1]
-          #          #          len = data[0].length + data[1].length + data[2].length + data[3].length + data[5].length + 7
-          #          #          self.types=(input[len, input.length-len])
-        end
-      end
-      
-      def rdata_to_string #:nodoc: all
-        if (@next_hashed!=nil)
-          type_strings = []
-          @types.each do |t|
-            type_strings.push(t.string)
-          end
-          #          salt = NSEC3.encode_salt(@salt)
-          salt = salt()
-          next_hashed = encode_next_hashed(@next_hashed)
-          types = type_strings.join(" ")
-          return "#{@hash_alg.code} #{@flags} #{@iterations} #{salt} ( #{next_hashed} #{types} )"
-        else
-          return ""
-        end
-      end
-      
-      def encode_rdata(msg, canonical=false) #:nodoc: all
-#        s = salt()
-        s = @salt
-        sl = s.length()
-        if (s == "-")
-          sl = 0
-        end
-        msg.put_pack("ccnc", @hash_alg.code, @flags, @iterations, sl)
-        if (sl > 0)
-          msg.put_bytes(s)
-        end
-        msg.put_pack("c", @hash_length)
-        msg.put_bytes(@next_hashed)
-        types = NSEC.encode_types(self)
-        msg.put_bytes(types)
-      end
-      
-      def self.decode_rdata(msg) #:nodoc: all
-        hash_alg, flags, iterations, salt_length = msg.get_unpack("ccnc")
-        # Salt may be omitted
-        salt = []
-        if (salt_length > 0)
-          salt = msg.get_bytes(salt_length)
-        end
-        hash_length, = msg.get_unpack("c")
-        next_hashed = msg.get_bytes(hash_length)
-        types = NSEC.decode_types(msg.get_bytes)
-        return self.new(
-          [hash_alg, flags, iterations, salt_length, salt, hash_length, next_hashed, types])
-      end
-    end 
-  end
-end