1ldns(3) Library Functions Manual ldns(3)
2
6 ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_ver‐
7 ify_rrsig_keylist_notime, ldns_verify_notime
8
11 #include <stdint.h>
12 #include <stdbool.h>
13 #include <ldns/ldns.h>
15 ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const
17 ldns_rr_list *keys, ldns_rr_list *good_keys);
18 ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig,
20 ldns_rr *key);
21 ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr
23 *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
24 ldns_status ldns_verify_rrsig_keylist_notime(ldns_rr_list *rrset,
26 ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
27 ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list
29 *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
30
32 ldns_verify() Verifies a list of signatures for one rrset.
33 rrset: the rrset to verify
35 rrsig: a list of signatures to check
36 keys: a list of keys to check with
37 good_keys: if this is a (initialized) list, the pointer to keys
38 from keys that validate one of the signatures are added to it
39 Returns status LDNS_STATUS_OK if there is at least one correct
40 key
41 ldns_verify_rrsig() verify an rrsig with 1 key
43 rrset: the rrset
44 rrsig: the rrsig to verify
45 key: the key to use
46 Returns status message wether verification succeeded.
47 ldns_verify_rrsig_keylist() Verifies an rrsig. All keys in the keyset
49 are tried.
50 rrset: the rrset to check
51 rrsig: the signature of the rrset
52 keys: the keys to try
53 good_keys: if this is a (initialized) list, the pointer to keys
54 from keys that validate one of the signatures are added to it
55 Returns a list of keys which validate the rrsig + rrset. Returns
56 status LDNS_STATUS_OK if at least one key matched. Else an
57 error.
58 ldns_verify_rrsig_keylist_notime() Verifies an rrsig. All keys in the
60 keyset are tried. Time is not checked.
61 rrset: the rrset to check
62 rrsig: the signature of the rrset
63 keys: the keys to try
64 good_keys: if this is a (initialized) list, the pointer to keys
65 from keys that validate one of the signatures are added to it
66 Returns a list of keys which validate the rrsig + rrset. Returns
67 status LDNS_STATUS_OK if at least one key matched. Else an
68 error.
69 ldns_verify_notime() Verifies a list of signatures for one rrset, but
71 disregard the time. Inception and Expiration are not checked.
72 rrset: the rrset to verify
74 rrsig: a list of signatures to check
75 keys: a list of keys to check with
76 good_keys: if this is a (initialized) list, the pointer to keys
77 from keys that validate one of the signatures are added to it
78 Returns status LDNS_STATUS_OK if there is at least one correct
79 key
80
82 The ldns team at NLnet Labs. Which consists out of Jelte Jansen and
83 Miek Gieben.
84
87 Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
88 http://www.nlnetlabs.nl/bugs/index.html
89
92 Copyright (c) 2004 - 2006 NLnet Labs.
93 Licensed under the BSD License. There is NO warranty; not even for MER‐
95 CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
96
99 ldns_verify_rrsig_evp. And perldoc Net::DNS, RFC1034, RFC1035,
100 RFC4033, RFC4034 and RFC4035.
101
103 This manpage was automaticly generated from the ldns source code by use
104 of Doxygen and some perl.
105 30 May 2006 ldns(3)