{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.Route53Domains.Types.DnssecKey
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.Route53Domains.Types.DnssecKey where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude

-- | Information about the DNSSEC key.
--
-- You get this from your DNS provider and then give it to Route 53 (by
-- using
-- <https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AssociateDelegationSignerToDomain.html AssociateDelegationSignerToDomain>)
-- to pass it to the registry to establish the chain of trust.
--
-- /See:/ 'newDnssecKey' smart constructor.
data DnssecKey = DnssecKey'
  { -- | The number of the public key’s cryptographic algorithm according to an
    -- <https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xml IANA>
    -- assignment.
    --
    -- If Route 53 is your DNS service, set this to 13.
    --
    -- For more information about enabling DNSSEC signing, see
    -- <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html Enabling DNSSEC signing and establishing a chain of trust>.
    DnssecKey -> Maybe Int
algorithm :: Prelude.Maybe Prelude.Int,
    -- | The delegation signer digest.
    --
    -- Digest is calculated from the public key provided using specified digest
    -- algorithm and this digest is the actual value returned from the registry
    -- nameservers as the value of DS records.
    DnssecKey -> Maybe Text
digest :: Prelude.Maybe Prelude.Text,
    -- | The number of the DS digest algorithm according to an IANA assignment.
    --
    -- For more information, see
    -- <https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml IANA>
    -- for DNSSEC Delegation Signer (DS) Resource Record (RR) Type Digest
    -- Algorithms.
    DnssecKey -> Maybe Int
digestType :: Prelude.Maybe Prelude.Int,
    -- | Defines the type of key. It can be either a KSK (key-signing-key, value
    -- 257) or ZSK (zone-signing-key, value 256). Using KSK is always
    -- encouraged. Only use ZSK if your DNS provider isn\'t Route 53 and you
    -- don’t have KSK available.
    --
    -- If you have KSK and ZSK keys, always use KSK to create a delegations
    -- signer (DS) record. If you have ZSK keys only – use ZSK to create a DS
    -- record.
    DnssecKey -> Maybe Int
flags :: Prelude.Maybe Prelude.Int,
    -- | An ID assigned to each DS record created by
    -- <https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AssociateDelegationSignerToDomain.html AssociateDelegationSignerToDomain>.
    DnssecKey -> Maybe Text
id :: Prelude.Maybe Prelude.Text,
    -- | A numeric identification of the DNSKEY record referred to by this DS
    -- record.
    DnssecKey -> Maybe Int
keyTag :: Prelude.Maybe Prelude.Int,
    -- | The base64-encoded public key part of the key pair that is passed to the
    -- registry .
    DnssecKey -> Maybe Text
publicKey :: Prelude.Maybe Prelude.Text
  }
  deriving (DnssecKey -> DnssecKey -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: DnssecKey -> DnssecKey -> Bool
$c/= :: DnssecKey -> DnssecKey -> Bool
== :: DnssecKey -> DnssecKey -> Bool
$c== :: DnssecKey -> DnssecKey -> Bool
Prelude.Eq, ReadPrec [DnssecKey]
ReadPrec DnssecKey
Int -> ReadS DnssecKey
ReadS [DnssecKey]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [DnssecKey]
$creadListPrec :: ReadPrec [DnssecKey]
readPrec :: ReadPrec DnssecKey
$creadPrec :: ReadPrec DnssecKey
readList :: ReadS [DnssecKey]
$creadList :: ReadS [DnssecKey]
readsPrec :: Int -> ReadS DnssecKey
$creadsPrec :: Int -> ReadS DnssecKey
Prelude.Read, Int -> DnssecKey -> ShowS
[DnssecKey] -> ShowS
DnssecKey -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [DnssecKey] -> ShowS
$cshowList :: [DnssecKey] -> ShowS
show :: DnssecKey -> String
$cshow :: DnssecKey -> String
showsPrec :: Int -> DnssecKey -> ShowS
$cshowsPrec :: Int -> DnssecKey -> ShowS
Prelude.Show, forall x. Rep DnssecKey x -> DnssecKey
forall x. DnssecKey -> Rep DnssecKey x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep DnssecKey x -> DnssecKey
$cfrom :: forall x. DnssecKey -> Rep DnssecKey x
Prelude.Generic)

-- |
-- Create a value of 'DnssecKey' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'algorithm', 'dnssecKey_algorithm' - The number of the public key’s cryptographic algorithm according to an
-- <https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xml IANA>
-- assignment.
--
-- If Route 53 is your DNS service, set this to 13.
--
-- For more information about enabling DNSSEC signing, see
-- <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html Enabling DNSSEC signing and establishing a chain of trust>.
--
-- 'digest', 'dnssecKey_digest' - The delegation signer digest.
--
-- Digest is calculated from the public key provided using specified digest
-- algorithm and this digest is the actual value returned from the registry
-- nameservers as the value of DS records.
--
-- 'digestType', 'dnssecKey_digestType' - The number of the DS digest algorithm according to an IANA assignment.
--
-- For more information, see
-- <https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml IANA>
-- for DNSSEC Delegation Signer (DS) Resource Record (RR) Type Digest
-- Algorithms.
--
-- 'flags', 'dnssecKey_flags' - Defines the type of key. It can be either a KSK (key-signing-key, value
-- 257) or ZSK (zone-signing-key, value 256). Using KSK is always
-- encouraged. Only use ZSK if your DNS provider isn\'t Route 53 and you
-- don’t have KSK available.
--
-- If you have KSK and ZSK keys, always use KSK to create a delegations
-- signer (DS) record. If you have ZSK keys only – use ZSK to create a DS
-- record.
--
-- 'id', 'dnssecKey_id' - An ID assigned to each DS record created by
-- <https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AssociateDelegationSignerToDomain.html AssociateDelegationSignerToDomain>.
--
-- 'keyTag', 'dnssecKey_keyTag' - A numeric identification of the DNSKEY record referred to by this DS
-- record.
--
-- 'publicKey', 'dnssecKey_publicKey' - The base64-encoded public key part of the key pair that is passed to the
-- registry .
newDnssecKey ::
  DnssecKey
newDnssecKey :: DnssecKey
newDnssecKey =
  DnssecKey'
    { $sel:algorithm:DnssecKey' :: Maybe Int
algorithm = forall a. Maybe a
Prelude.Nothing,
      $sel:digest:DnssecKey' :: Maybe Text
digest = forall a. Maybe a
Prelude.Nothing,
      $sel:digestType:DnssecKey' :: Maybe Int
digestType = forall a. Maybe a
Prelude.Nothing,
      $sel:flags:DnssecKey' :: Maybe Int
flags = forall a. Maybe a
Prelude.Nothing,
      $sel:id:DnssecKey' :: Maybe Text
id = forall a. Maybe a
Prelude.Nothing,
      $sel:keyTag:DnssecKey' :: Maybe Int
keyTag = forall a. Maybe a
Prelude.Nothing,
      $sel:publicKey:DnssecKey' :: Maybe Text
publicKey = forall a. Maybe a
Prelude.Nothing
    }

-- | The number of the public key’s cryptographic algorithm according to an
-- <https://www.iana.org/assignments/dns-sec-alg-numbers/dns-sec-alg-numbers.xml IANA>
-- assignment.
--
-- If Route 53 is your DNS service, set this to 13.
--
-- For more information about enabling DNSSEC signing, see
-- <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-enable-signing.html Enabling DNSSEC signing and establishing a chain of trust>.
dnssecKey_algorithm :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Int)
dnssecKey_algorithm :: Lens' DnssecKey (Maybe Int)
dnssecKey_algorithm = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Int
algorithm :: Maybe Int
$sel:algorithm:DnssecKey' :: DnssecKey -> Maybe Int
algorithm} -> Maybe Int
algorithm) (\s :: DnssecKey
s@DnssecKey' {} Maybe Int
a -> DnssecKey
s {$sel:algorithm:DnssecKey' :: Maybe Int
algorithm = Maybe Int
a} :: DnssecKey)

-- | The delegation signer digest.
--
-- Digest is calculated from the public key provided using specified digest
-- algorithm and this digest is the actual value returned from the registry
-- nameservers as the value of DS records.
dnssecKey_digest :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Text)
dnssecKey_digest :: Lens' DnssecKey (Maybe Text)
dnssecKey_digest = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Text
digest :: Maybe Text
$sel:digest:DnssecKey' :: DnssecKey -> Maybe Text
digest} -> Maybe Text
digest) (\s :: DnssecKey
s@DnssecKey' {} Maybe Text
a -> DnssecKey
s {$sel:digest:DnssecKey' :: Maybe Text
digest = Maybe Text
a} :: DnssecKey)

-- | The number of the DS digest algorithm according to an IANA assignment.
--
-- For more information, see
-- <https://www.iana.org/assignments/ds-rr-types/ds-rr-types.xhtml IANA>
-- for DNSSEC Delegation Signer (DS) Resource Record (RR) Type Digest
-- Algorithms.
dnssecKey_digestType :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Int)
dnssecKey_digestType :: Lens' DnssecKey (Maybe Int)
dnssecKey_digestType = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Int
digestType :: Maybe Int
$sel:digestType:DnssecKey' :: DnssecKey -> Maybe Int
digestType} -> Maybe Int
digestType) (\s :: DnssecKey
s@DnssecKey' {} Maybe Int
a -> DnssecKey
s {$sel:digestType:DnssecKey' :: Maybe Int
digestType = Maybe Int
a} :: DnssecKey)

-- | Defines the type of key. It can be either a KSK (key-signing-key, value
-- 257) or ZSK (zone-signing-key, value 256). Using KSK is always
-- encouraged. Only use ZSK if your DNS provider isn\'t Route 53 and you
-- don’t have KSK available.
--
-- If you have KSK and ZSK keys, always use KSK to create a delegations
-- signer (DS) record. If you have ZSK keys only – use ZSK to create a DS
-- record.
dnssecKey_flags :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Int)
dnssecKey_flags :: Lens' DnssecKey (Maybe Int)
dnssecKey_flags = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Int
flags :: Maybe Int
$sel:flags:DnssecKey' :: DnssecKey -> Maybe Int
flags} -> Maybe Int
flags) (\s :: DnssecKey
s@DnssecKey' {} Maybe Int
a -> DnssecKey
s {$sel:flags:DnssecKey' :: Maybe Int
flags = Maybe Int
a} :: DnssecKey)

-- | An ID assigned to each DS record created by
-- <https://docs.aws.amazon.com/Route53/latest/APIReference/API_domains_AssociateDelegationSignerToDomain.html AssociateDelegationSignerToDomain>.
dnssecKey_id :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Text)
dnssecKey_id :: Lens' DnssecKey (Maybe Text)
dnssecKey_id = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Text
id :: Maybe Text
$sel:id:DnssecKey' :: DnssecKey -> Maybe Text
id} -> Maybe Text
id) (\s :: DnssecKey
s@DnssecKey' {} Maybe Text
a -> DnssecKey
s {$sel:id:DnssecKey' :: Maybe Text
id = Maybe Text
a} :: DnssecKey)

-- | A numeric identification of the DNSKEY record referred to by this DS
-- record.
dnssecKey_keyTag :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Int)
dnssecKey_keyTag :: Lens' DnssecKey (Maybe Int)
dnssecKey_keyTag = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Int
keyTag :: Maybe Int
$sel:keyTag:DnssecKey' :: DnssecKey -> Maybe Int
keyTag} -> Maybe Int
keyTag) (\s :: DnssecKey
s@DnssecKey' {} Maybe Int
a -> DnssecKey
s {$sel:keyTag:DnssecKey' :: Maybe Int
keyTag = Maybe Int
a} :: DnssecKey)

-- | The base64-encoded public key part of the key pair that is passed to the
-- registry .
dnssecKey_publicKey :: Lens.Lens' DnssecKey (Prelude.Maybe Prelude.Text)
dnssecKey_publicKey :: Lens' DnssecKey (Maybe Text)
dnssecKey_publicKey = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\DnssecKey' {Maybe Text
publicKey :: Maybe Text
$sel:publicKey:DnssecKey' :: DnssecKey -> Maybe Text
publicKey} -> Maybe Text
publicKey) (\s :: DnssecKey
s@DnssecKey' {} Maybe Text
a -> DnssecKey
s {$sel:publicKey:DnssecKey' :: Maybe Text
publicKey = Maybe Text
a} :: DnssecKey)

instance Data.FromJSON DnssecKey where
  parseJSON :: Value -> Parser DnssecKey
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"DnssecKey"
      ( \Object
x ->
          Maybe Int
-> Maybe Text
-> Maybe Int
-> Maybe Int
-> Maybe Text
-> Maybe Int
-> Maybe Text
-> DnssecKey
DnssecKey'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Algorithm")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Digest")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"DigestType")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Flags")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"Id")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"KeyTag")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"PublicKey")
      )

instance Prelude.Hashable DnssecKey where
  hashWithSalt :: Int -> DnssecKey -> Int
hashWithSalt Int
_salt DnssecKey' {Maybe Int
Maybe Text
publicKey :: Maybe Text
keyTag :: Maybe Int
id :: Maybe Text
flags :: Maybe Int
digestType :: Maybe Int
digest :: Maybe Text
algorithm :: Maybe Int
$sel:publicKey:DnssecKey' :: DnssecKey -> Maybe Text
$sel:keyTag:DnssecKey' :: DnssecKey -> Maybe Int
$sel:id:DnssecKey' :: DnssecKey -> Maybe Text
$sel:flags:DnssecKey' :: DnssecKey -> Maybe Int
$sel:digestType:DnssecKey' :: DnssecKey -> Maybe Int
$sel:digest:DnssecKey' :: DnssecKey -> Maybe Text
$sel:algorithm:DnssecKey' :: DnssecKey -> Maybe Int
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Int
algorithm
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
digest
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Int
digestType
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Int
flags
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
id
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Int
keyTag
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe Text
publicKey

instance Prelude.NFData DnssecKey where
  rnf :: DnssecKey -> ()
rnf DnssecKey' {Maybe Int
Maybe Text
publicKey :: Maybe Text
keyTag :: Maybe Int
id :: Maybe Text
flags :: Maybe Int
digestType :: Maybe Int
digest :: Maybe Text
algorithm :: Maybe Int
$sel:publicKey:DnssecKey' :: DnssecKey -> Maybe Text
$sel:keyTag:DnssecKey' :: DnssecKey -> Maybe Int
$sel:id:DnssecKey' :: DnssecKey -> Maybe Text
$sel:flags:DnssecKey' :: DnssecKey -> Maybe Int
$sel:digestType:DnssecKey' :: DnssecKey -> Maybe Int
$sel:digest:DnssecKey' :: DnssecKey -> Maybe Text
$sel:algorithm:DnssecKey' :: DnssecKey -> Maybe Int
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe Int
algorithm
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
digest
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Int
digestType
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Int
flags
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
id
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Int
keyTag
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf Maybe Text
publicKey