ldns

Section: C Library Functions (3)
Updated: 30 May 2006
Page Index
 

NAME

ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_verify_rrsig_keylist_notime, ldns_verify_notime - verify rrsigs

 

SYNOPSIS

#include <stdint.h>
#include <stdbool.h>

#include <ldns/ldns.h>

ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);

ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

ldns_status ldns_verify_rrsig_keylist_notime(const ldns_rr_list *rrset, const ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

 

DESCRIPTION

ldns_verify()
Verifies a list of signatures for one rrset.

.br rrset: the rrset to verify .br rrsig: a list of signatures to check .br keys: a list of keys to check with .br good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the signatures are added to it .br Returns status LDNS_STATUS_OK if there is at least one correct key

ldns_verify_rrsig()
verify an rrsig with 1 key .br rrset: the rrset .br rrsig: the rrsig to verify .br key: the key to use .br Returns status message wether verification succeeded.

ldns_verify_rrsig_keylist()
Verifies an rrsig. All keys in the keyset are tried. .br rrset: the rrset to check .br rrsig: the signature of the rrset .br keys: the keys to try .br good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the signatures are added to it .br Returns a list of keys which validate the rrsig + rrset. Returns status LDNS_STATUS_OK if at least one key matched. Else an error.

ldns_verify_rrsig_keylist_notime()
Verifies an rrsig. All keys in the keyset are tried. Time is not checked. .br rrset: the rrset to check .br rrsig: the signature of the rrset .br keys: the keys to try .br good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the signatures are added to it .br Returns a list of keys which validate the rrsig + rrset. Returns status LDNS_STATUS_OK if at least one key matched. Else an error.

ldns_verify_notime()
Verifies a list of signatures for one rrset, but disregard the time. Inception and Expiration are not checked.

.br rrset: the rrset to verify .br rrsig: a list of signatures to check .br keys: a list of keys to check with .br good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the signatures are added to it .br Returns status LDNS_STATUS_OK if there is at least one correct key

 

AUTHOR

The ldns team at NLnet Labs. Which consists out of Jelte Jansen and Miek Gieben.

 

REPORTING BUGS

Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at http://www.nlnetlabs.nl/bugs/index.html

 

COPYRIGHT

Copyright (c) 2004 - 2006 NLnet Labs.

Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

 

SEE ALSO

ldns_verify_rrsig_evp, ldns_verify_rrsig_dsa, ldns_verify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5, ldns_sign_public, ldns_zone_sign, ldns_key. And perldoc Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034 and RFC4035.  

REMARKS

This manpage was automatically generated from the ldns source code by use of Doxygen and some perl.

 

Index

NAME
SYNOPSIS
DESCRIPTION
AUTHOR
REPORTING BUGS
COPYRIGHT
SEE ALSO
REMARKS