ldns
Section: C Library Functions (3)
Updated: 30 May 2006
Index
Return to Main Contents
NAME
ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_verify_rrsig_keylist_notime, ldns_verify_notime - verify rrsigs
SYNOPSIS
#include <
stdint.h>
#include <
stdbool.h>
#include <ldns/ldns.h>
ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);
ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig_keylist_notime(const ldns_rr_list *rrset, const ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
DESCRIPTION
-
ldns_verify()
- Verifies a list of signatures for one rrset.
.br
rrset: the rrset to verify
.br
rrsig: a list of signatures to check
.br
keys: a list of keys to check with
.br
good_keys: if this is a (initialized) list, the pointer to keys
from keys that validate one of the signatures
are added to it
.br
Returns status LDNS_STATUS_OK if there is at least one correct key
-
ldns_verify_rrsig()
- verify an rrsig with 1 key
.br
rrset: the rrset
.br
rrsig: the rrsig to verify
.br
key: the key to use
.br
Returns status message whether verification succeeded.
-
ldns_verify_rrsig_keylist()
- Verifies an rrsig. All keys in the keyset are tried.
.br
rrset: the rrset to check
.br
rrsig: the signature of the rrset
.br
keys: the keys to try
.br
good_keys: if this is a (initialized) list, the pointer to keys
from keys that validate one of the signatures
are added to it
.br
Returns a list of keys which validate the rrsig + rrset. Returns
status LDNS_STATUS_OK if at least one key matched. Else an error.
-
ldns_verify_rrsig_keylist_notime()
- Verifies an rrsig. All keys in the keyset are tried. Time is not checked.
.br
rrset: the rrset to check
.br
rrsig: the signature of the rrset
.br
keys: the keys to try
.br
good_keys: if this is a (initialized) list, the pointer to keys
from keys that validate one of the signatures
are added to it
.br
Returns a list of keys which validate the rrsig + rrset. Returns
status LDNS_STATUS_OK if at least one key matched. Else an error.
-
ldns_verify_notime()
- Verifies a list of signatures for one rrset, but disregard the time.
Inception and Expiration are not checked.
.br
rrset: the rrset to verify
.br
rrsig: a list of signatures to check
.br
keys: a list of keys to check with
.br
good_keys: if this is a (initialized) list, the pointer to keys
from keys that validate one of the signatures
are added to it
.br
Returns status LDNS_STATUS_OK if there is at least one correct key
AUTHOR
The ldns team at NLnet Labs.
REPORTING BUGS
Please report bugs to
ldn-team@nlnetlabs.nl or in
our bugzilla at
http://www.nlnetlabs.nl/bugs/index.html
COPYRIGHT
Copyright (c) 2004- 2006 NLnet Labs.
Licensed under the BSD License. There is NO warranty; not even for
MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO
ldns_verify_rrsig_evp,
ldns_verify_rrsig_dsa,
ldns_verify_rrsig_rsasha1,
ldns_verify_rrsig_rsamd5,
ldns_sign_public,
ldns_zone_sign,
ldns_key.
And
perldoc Net::DNS,
RFC1034,
RFC1035,
RFC4033,
RFC4034 and
RFC4035.
REMARKS
This manpage was automatically generated from the ldns source code.
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- AUTHOR
-
- REPORTING BUGS
-
- COPYRIGHT
-
- SEE ALSO
-
- REMARKS
-
|
|
- Running on 
-
:
