1ldns(3) Library Functions Manual ldns(3)
2
6 ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_ver‐
7 ify_rrsig_keylist_notime, ldns_verify_notime
8
11 #include <stdint.h>
12 #include <stdbool.h>
13 #include <ldns/ldns.h>
15 ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const
17 ldns_rr_list *keys, ldns_rr_list *good_keys);
18 ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig,
20 ldns_rr *key);
21 ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr
23 *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
24 ldns_status ldns_verify_rrsig_keylist_notime(ldns_rr_list *rrset,
26 ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
27 ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list
29 *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
30
32 ldns_verify() Verifies a list of signatures for one rrset.
33 rrset: the rrset to verify
35 rrsig: a list of signatures to check
36 keys: a list of keys to check with
37 good_keys: if this is a (initialized) list, the pointer to keys
38 from keys that validate one of the signa‐
39 tures
40 are added to it
41 Returns status LDNS_STATUS_OK if there is at least one correct
42 key
43 ldns_verify_rrsig() verify an rrsig with 1 key
45 rrset: the rrset
46 rrsig: the rrsig to verify
47 key: the key to use
48 Returns status message wether verification succeeded.
49 ldns_verify_rrsig_keylist() Verifies an rrsig. All keys in the keyset
51 are tried.
52 rrset: the rrset to check
53 rrsig: the signature of the rrset
54 keys: the keys to try
55 good_keys: if this is a (initialized) list, the pointer to keys
56 from keys that validate one of the signa‐
57 tures
58 are added to it
59 Returns a list of keys which validate the rrsig + rrset. Returns
60 status LDNS_STATUS_OK if at least one key matched. Else an
61 error.
62 ldns_verify_rrsig_keylist_notime() Verifies an rrsig. All keys in the
64 keyset are tried. Time is not checked.
65 rrset: the rrset to check
66 rrsig: the signature of the rrset
67 keys: the keys to try
68 good_keys: if this is a (initialized) list, the pointer to keys
69 from keys that validate one of the signa‐
70 tures
71 are added to it
72 Returns a list of keys which validate the rrsig + rrset. Returns
73 status LDNS_STATUS_OK if at least one key matched. Else an
74 error.
75 ldns_verify_notime() Verifies a list of signatures for one rrset, but
77 disregard the time. Inception and Expiration are not checked.
78 rrset: the rrset to verify
80 rrsig: a list of signatures to check
81 keys: a list of keys to check with
82 good_keys: if this is a (initialized) list, the pointer to keys
83 from keys that validate one of the signa‐
84 tures
85 are added to it
86 Returns status LDNS_STATUS_OK if there is at least one correct
87 key
88
90 The ldns team at NLnet Labs. Which consists out of Jelte Jansen and
91 Miek Gieben.
92
95 Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
96 http://www.nlnetlabs.nl/bugs/index.html
97
100 Copyright (c) 2004 - 2006 NLnet Labs.
101 Licensed under the BSD License. There is NO warranty; not even for MER‐
103 CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
104
107 ldns_verify_rrsig_evp. And perldoc Net::DNS, RFC1034, RFC1035,
108 RFC4033, RFC4034 and RFC4035.
109
111 This manpage was automaticly generated from the ldns source code by use
112 of Doxygen and some perl.
113 30 May 2006 ldns(3)