1ldns(3)                    Library Functions Manual                    ldns(3)
2
3
4

NAME

6       ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist, ldns_ver‐
7       ify_rrsig_keylist_notime, ldns_verify_notime - verify rrsigs
8
9

SYNOPSIS

11       #include <stdint.h>
12       #include <stdbool.h>
13
14       #include <ldns/ldns.h>
15
16       ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const
17       ldns_rr_list *keys, ldns_rr_list *good_keys);
18
19       ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig,
20       ldns_rr *key);
21
22       ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr
23       *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
24
25       ldns_status ldns_verify_rrsig_keylist_notime(const ldns_rr_list *rrset,
26       const ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list
27       *good_keys);
28
29       ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list
30       *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
31

DESCRIPTION

33       ldns_verify() Verifies a list of signatures for one rrset.
34
35              rrset: the rrset to verify
36              rrsig: a list of signatures to check
37              keys: a list of keys to check with
38              good_keys: if this is a (initialized) list, the pointer to keys
39              from keys that validate one of the signatures are added to it
40              Returns status LDNS_STATUS_OK if there is at least one correct
41              key
42
43       ldns_verify_rrsig() verify an rrsig with 1 key
44              rrset: the rrset
45              rrsig: the rrsig to verify
46              key: the key to use
47              Returns status message wether verification succeeded.
48
49       ldns_verify_rrsig_keylist() Verifies an rrsig. All keys in the keyset
50              are tried.
51              rrset: the rrset to check
52              rrsig: the signature of the rrset
53              keys: the keys to try
54              good_keys: if this is a (initialized) list, the pointer to keys
55              from keys that validate one of the signatures are added to it
56              Returns a list of keys which validate the rrsig + rrset. Returns
57              status LDNS_STATUS_OK if at least one key matched. Else an
58              error.
59
60       ldns_verify_rrsig_keylist_notime() Verifies an rrsig. All keys in the
61              keyset are tried. Time is not checked.
62              rrset: the rrset to check
63              rrsig: the signature of the rrset
64              keys: the keys to try
65              good_keys: if this is a (initialized) list, the pointer to keys
66              from keys that validate one of the signatures are added to it
67              Returns a list of keys which validate the rrsig + rrset. Returns
68              status LDNS_STATUS_OK if at least one key matched. Else an
69              error.
70
71       ldns_verify_notime() Verifies a list of signatures for one rrset, but
72              disregard the time.  Inception and Expiration are not checked.
73
74              rrset: the rrset to verify
75              rrsig: a list of signatures to check
76              keys: a list of keys to check with
77              good_keys: if this is a (initialized) list, the pointer to keys
78              from keys that validate one of the signatures are added to it
79              Returns status LDNS_STATUS_OK if there is at least one correct
80              key
81

AUTHOR

83       The ldns team at NLnet Labs. Which consists out of Jelte Jansen and
84       Miek Gieben.
85
86

REPORTING BUGS

88       Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
89       http://www.nlnetlabs.nl/bugs/index.html
90
91
93       Copyright (c) 2004 - 2006 NLnet Labs.
94
95       Licensed under the BSD License. There is NO warranty; not even for MER‐
96       CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
97
98

SEE ALSO

100       ldns_verify_rrsig_evp, ldns_verify_rrsig_dsa, ldns_ver‐
101       ify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5, ldns_sign_public,
102       ldns_zone_sign, ldns_key.  And perldoc Net::DNS, RFC1034, RFC1035,
103       RFC4033, RFC4034  and RFC4035.
104

REMARKS

106       This manpage was automatically generated from the ldns source code by
107       use of Doxygen and some perl.
108
109
110
111                                  30 May 2006                          ldns(3)
Impressum