1ldns(3) Library Functions Manual ldns(3)
2
6 ldns_pkt_tsig_verify, ldns_pkt_tsig_sign - tsig signing and verifica‐
7 tion
8
11 #include <stdint.h>
12 #include <stdbool.h>
13 #include <ldns/ldns.h>
15 bool ldns_pkt_tsig_verify(ldns_pkt *pkt, const uint8_t *wire, size_t
17 wire_size, const char *key_name, const char *key_data, const ldns_rdf
18 *mac);
19 ldns_status ldns_pkt_tsig_sign(ldns_pkt *pkt, const char *key_name,
21 const char *key_data, uint16_t fudge, const char *algorithm_name, const
22 ldns_rdf *query_mac);
23
25 ldns_pkt_tsig_verify() verifies the tsig rr for the given packet and
26 key. The wire must be given too because tsig does not sign nor‐
27 malized packets.
28 pkt: the packet to verify
29 wire: needed to verify the mac
30 wire_size: size of wire
31 key_name: the name of the shared key
32 key_data: the key in base 64 format
33 mac: original mac
34 Returns true if tsig is correct, false if not, or if tsig is not
35 set
36 ldns_pkt_tsig_sign() creates a tsig rr for the given packet and key.
38 pkt: the packet to sign
39 key_name: the name of the shared key
40 key_data: the key in base 64 format
41 fudge: seconds of error permitted in time signed
42 algorithm_name: the name of the algorithm used
43 query_mac: is added to the digest if not NULL (so NULL is for
44 signing queries, not NULL is for signing answers)
45 Returns status (OK if success)
46
48 The ldns team at NLnet Labs.
49
52 Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
53 http://www.nlnetlabs.nl/bugs/index.html
54
57 Copyright (c) 2004 - 2006 NLnet Labs.
58 Licensed under the BSD License. There is NO warranty; not even for MER‐
60 CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
61
64 ldns_key. And perldoc Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034
65 and RFC4035.
66
68 This manpage was automatically generated from the ldns source code.
69 30 May 2006 ldns(3)