From 2cd953212405e8a4e6089417290b0ed25bf19f02 Mon Sep 17 00:00:00 2001 From: Shreyas Zare Date: Sat, 26 Mar 2022 12:19:54 +0530 Subject: [PATCH] updated API docs. --- APIDOCS.md | 83 +++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 60 insertions(+), 23 deletions(-) diff --git a/APIDOCS.md b/APIDOCS.md index c0ab4da7..64d14e2a 100644 --- a/APIDOCS.md +++ b/APIDOCS.md @@ -1625,6 +1625,23 @@ RESPONSE: } ``` +### Flush Allowed Zone + +Flushes the Allowed zone to clear all records. + +URL: +`http://localhost:5380/api/flushAllowedZone?token=x` + +WHERE: +- `token`: The session token generated by the `login` call. + +RESPONSE: +``` +{ + "status": "ok" +} +``` + ### Allow Zone Adds a domain name into the Allowed Zones. @@ -1750,6 +1767,23 @@ RESPONSE: } ``` +### Flush Blocked Zone + +Flushes the Blocked zone to clear all records. + +URL: +`http://localhost:5380/api/flushBlockedZone?token=x` + +WHERE: +- `token`: The session token generated by the `login` call. + +RESPONSE: +``` +{ + "status": "ok" +} +``` + ### Block Zone Adds a domain name into the Blocked Zones. @@ -1893,7 +1927,7 @@ WHERE: - `zskKeySize` (optional): The size of the Zone Signing Key (ZSK) in bits to be used when using `RSA` algorithm. This optional parameter is required when using `RSA` algorithm. - `curve` (optional): The name of the curve to be used when using `ECDSA` algorithm. Valid values are [`P256`, `P384`]. This optional parameter is required when using `ECDSA` algorithm. - `dnsKeyTtl` (optional): The TTL value to be used for DNSKEY records. Default value is `86400` when not specified. -- `zskRolloverDays` (optional): The frequency in days that the DNS server must automatically rollover the Zone Signing Keys (ZSK) in the zone. Default value is `90` days. +- `zskRolloverDays` (optional): The frequency in days that the DNS server must automatically rollover the Zone Signing Keys (ZSK) in the zone. Valid range is 0-365 days where 0 disables rollover. Default value is `90` days. - `nxProof` (optional): The type of proof of non-existence that must be used for signing the zone. Valid values are [`NSEC`, `NSEC3`]. Default value is `NSEC` when not specified. - `iterations` (optional): The number of iterations to use for hashing in NSEC3. This optional parameter is only applicable when using `NSEC3` as the `nxProof`. Default value is `0` when not specified. - `saltLength` (optional): The length of salt in bytes to use for hashing in NSEC3. This optional parameter is only applicable when using `NSEC3` as the `nxProof`. Default value is `0` when not specified. @@ -1944,7 +1978,6 @@ RESPONSE: "disabled": false, "dnssecStatus": "SignedWithNSEC", "dnsKeyTtl": 86400, - "zskRolloverDays": 90, "dnssecPrivateKeys": [ { "keyTag": 19198, @@ -1952,7 +1985,8 @@ RESPONSE: "algorithm": "ECDSAP256SHA256", "state": "Ready", "stateChangedOn": "2022-02-19T06:53:21Z", - "isRetiring": false + "isRetiring": false, + "rolloverDays": 0 }, { "keyTag": 50617, @@ -1960,7 +1994,8 @@ RESPONSE: "algorithm": "ECDSAP256SHA256", "state": "Active", "stateChangedOn": "2022-02-19T06:53:21Z", - "isRetiring": false + "isRetiring": false, + "rolloverDays": 90 } ] }, @@ -2043,25 +2078,6 @@ RESPONSE: } ``` -### Update DNSKEY Rollover - -Updates the Zone Signing Key (ZSK) automatic rollover option. - -URL: -`http://localhost:5380/api/zone/dnssec/updateDnsKeyRollover?token=x&zone=example.com&zskRolloverDays=90` - -WHERE: -- `token`: The session token generated by the `login` call. -- `zone`: The name of the primary zone. -- `zskRolloverDays`: The frequency in days that the DNS server must automatically rollover the Zone Signing Keys (ZSK) in the zone. - -RESPONSE: -``` -{ - "status": "ok" -} -``` - ### Generate Private Key Generates a private key to be used for signing the zone with DNSSEC. @@ -2073,6 +2089,7 @@ WHERE: - `token`: The session token generated by the `login` call. - `zone`: The name of the primary zone. - `keyType`: The type of key for which the private key is to be generated. Valid values are [`KeySigningKey`, `ZoneSigningKey`]. +- `rolloverDays` (optional): The frequency in days that the DNS server must automatically rollover the private key in the zone. Valid range is 0-365 days where 0 disables rollover. Default value is 90 days for Zone Signing Key (ZSK) and 0 days for Key Signing Key (KSK). - `algorithm`: The algorithm to be used for signing. Valid values are [`RSA`, `ECDSA`]. - `hashAlgorithm` (optional): The hash algorithm to be used when using `RSA` algorithm. Valid values are [`MD5`, `SHA1, `SHA256`, `SHA512`]. This optional parameter is required when using `RSA` algorithm. - `keySize` (optional): The size of the generated private key in bits to be used when using `RSA` algorithm. This optional parameter is required when using `RSA` algorithm. @@ -2085,6 +2102,26 @@ RESPONSE: } ``` +### Update Private Key + +Updates the DNSSEC private key properties. + +URL: +`http://localhost:5380/api/zone/dnssec/updatePrivateKey?token=x&zone=example.com&keyTag=1234&rolloverDays=90` + +WHERE: +- `token`: The session token generated by the `login` call. +- `zone`: The name of the primary zone. +- `keyTag`: The key tag of the private key to be updated. +- `rolloverDays`: The frequency in days that the DNS server must automatically rollover the private key in the zone. Valid range is 0-365 days where 0 disables rollover. + +RESPONSE: +``` +{ + "status": "ok" +} +``` + ### Delete Private Key Deletes a private key that has state set as `Generated`. Private keys with any other state cannot be delete.