table of contents
| ldns(3) | Library Functions Manual | ldns(3) | 
NAME¶
ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_verify_rrsig_keylist_notime, ldns_verify_notime - verify rrsigsSYNOPSIS¶
#include <stdint.h>#include <stdbool.h>
#include <ldns/ldns.h>
ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);
ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig_keylist_notime(const ldns_rr_list *rrset, const ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
DESCRIPTION¶
ldns_verify() Verifies a list of signatures for one rrset.
rrset: the rrset to verify
  
  rrsig: a list of signatures to check
  
  keys: a list of keys to check with
  
  good_keys: if this is a (initialized) list, the pointer to keys from
    keys that validate one of the signatures are added to it
  
  Returns status LDNS_STATUS_OK if there is at least one correct key
ldns_verify_rrsig() verify an rrsig with 1 key
  
  rrset: the rrset
  
  rrsig: the rrsig to verify
  
  key: the key to use
  
  Returns status message wether verification succeeded.
ldns_verify_rrsig_keylist() Verifies an rrsig. All keys
    in the keyset are tried.
  
  rrset: the rrset to check
  
  rrsig: the signature of the rrset
  
  keys: the keys to try
  
  good_keys: if this is a (initialized) list, the pointer to keys from
    keys that validate one of the signatures are added to it
  
  Returns a list of keys which validate the rrsig + rrset. Returns status
    LDNS_STATUS_OK if at least one key matched. Else an error.
ldns_verify_rrsig_keylist_notime() Verifies an rrsig.
    All keys in the keyset are tried. Time is not checked.
  
  rrset: the rrset to check
  
  rrsig: the signature of the rrset
  
  keys: the keys to try
  
  good_keys: if this is a (initialized) list, the pointer to keys from
    keys that validate one of the signatures are added to it
  
  Returns a list of keys which validate the rrsig + rrset. Returns status
    LDNS_STATUS_OK if at least one key matched. Else an error.
ldns_verify_notime() Verifies a list of signatures for one rrset, but disregard the time. Inception and Expiration are not checked.
rrset: the rrset to verify
  
  rrsig: a list of signatures to check
  
  keys: a list of keys to check with
  
  good_keys: if this is a (initialized) list, the pointer to keys from
    keys that validate one of the signatures are added to it
  
  Returns status LDNS_STATUS_OK if there is at least one correct key
AUTHOR¶
The ldns team at NLnet Labs. Which consists out of Jelte Jansen and Miek Gieben.REPORTING BUGS¶
Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at http://www.nlnetlabs.nl/bugs/index.htmlCOPYRIGHT¶
Copyright (c) 2004 - 2006 NLnet Labs.Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO¶
ldns_verify_rrsig_evp, ldns_verify_rrsig_dsa, ldns_verify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5, ldns_sign_public, ldns_zone_sign, ldns_key. And perldoc Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034 and RFC4035.REMARKS¶
This manpage was automatically generated from the ldns source code by use of Doxygen and some perl.| 30 May 2006 |