cryptorecord 0.9.2 released

17 May 2018

I proudly pronounce the first (pre-)release of cryptorecord. Cryptorecords is a ruby gem that provides an API and scripts for creating crypto-related dns-records(e.g. DANE). Currently it supports TLSA, OPENPGPKEYS and SSHFP but I plan to support other records in future. The API doesn’t create any keys or certificates. It just takes existing keyfiles to create the DNS-records.


The gem is available on Rubygems. Add this line to your application’s Gemfile:

gem 'cryptorecord'

And then execute:

$ bundle

Or install it yourself as:

$ gem install cryptorecord


This gem comes with a bunch of handy executables that helps creating the dns-records:

  • openpgpkeysrecord
  • sshfprecord
  • tlsarecord
    Usage: ./openpgpkeysrecord -u -f 
        -h, --help This help screen
        -f PGP-PUBLICKEY-FILE, PGP-Publickey-File
        -u, --uid EMAIL email-address

    Usage: ./sshfprecord [options]
        -h, --help This help screen
        -f SSH-HOST-KEY-FILE, SSH-Hostkey-File
        -H, --host HOST host
        -d, --digest DIGEST HASH-Algorithm
        -r, --read-local-hostkeys Read all local Hostkeys.(like ssh-keygen -r)

    Usage: ./tlsarecord [options]
        -h, --help This help screen
        -f, --certfile CERTIFICATE-FILE Certificatefile
        -H, --host HOST host
        -p, --port PORTNUMBER port
        -P, --protocol PROTOCOL protocol(tcp,udp,sctp..)
        -s, --selector SELECTOR Selector for the association. 0 = Full Cert, 1 = SubjectPublicKeyInfo
        -u, --usage USAGE Usage for the association. 0 = PKIX-CA, 1 = PKIX-EE, 2 = DANE-TA, 3 = DANE-EE
        -t, --mtype MTYPE The Matching Type of the association. 0 = Exact Match, 1 = SHA-256, 2 = SHA-512


#!/usr/bin/env ruby

require 'cryptorecord'

selector = 0
mtype = 0
usage = 3
port = 443
proto = "tcp"
host = ""
tlsa = => selector, :mtype => mtype, :usage => usage, :port => port, :proto => proto, :host => host )
puts tlsa


#!/usr/bin/env ruby

require 'cryptorecord'

sshfp = => 1, :keyfile => '/etc/ssh/', :host => '')
puts sshfp


#!/usr/bin/env ruby

require 'cryptorecord'

sshfp = => "")
puts sshfp


The documentation can be found at

[ Programming  Security  Crypto  Network  Ruby  Downloads  Download  ]
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti