ldns(3)ldns(3)NAME
ldns_calc_keytag, ldns_verify, ldns_verify_rrsig, ldns_ver‐
ify_rrsig_dsa, ldns_verify_rrsig_rsasha1, ldns_verify_rrsig_rsamd5,
ldns_key_rr2ds, ldns_key_buf2dsa, ldns_key_buf2rsa
SYNOPSIS
#include <stdint.h>
#include <stdbool.h>
#include <ldns/ldns.h>
uint16_t ldns_calc_keytag(const ldns_rr *key);
ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const
ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig,
ldns_rr *key);
ldns_status ldns_verify_rrsig_dsa(ldns_buffer *sig, ldns_buffer *rrset,
ldns_buffer *key);
ldns_status ldns_verify_rrsig_rsasha1(ldns_buffer *sig, ldns_buffer
*rrset, ldns_buffer *key);
ldns_status ldns_verify_rrsig_rsamd5(ldns_buffer *sig, ldns_buffer
*rrset, ldns_buffer *key);
ldns_rr* ldns_key_rr2ds(const ldns_rr *key, ldns_hash h);
DSA* ldns_key_buf2dsa(ldns_buffer *key);
RSA* ldns_key_buf2rsa(ldns_buffer *key);
DESCRIPTIONldns_calc_keytag() calculates a keytag of a key for use in DNSSEC.
key: the key as an RR to use for the calc.
Returns the keytag
ldns_verify() Verifies a list of signatures for one rrset.
rrset: the rrset to verify
rrsig: a list of signatures to check
keys: a list of keys to check with
good_keys: if this is a (initialized) list, the pointer to keys
from keys that validate one of the signatures are added to it
Returns status LDNS_STATUS_OK if there is at least one correct
key
ldns_verify_rrsig() verify an rrsig with 1 key
rrset: the rrset
rrsig: the rrsig to verify
key: the key to use
Returns status message wether verification succeeded.
ldns_verify_rrsig_dsa() verifies a buffer with signature data (DSA) for
a buffer with rrset data with a buffer with key data.
sig: the signature data
rrset: the rrset data, sorted and processed for verification
key: the key data
ldns_verify_rrsig_rsasha1() verifies a buffer with signature data
(RSASHA1) for a buffer with rrset data with a buffer with key
data.
sig: the signature data
rrset: the rrset data, sorted and processed for verification
key: the key data
ldns_verify_rrsig_rsamd5() verifies a buffer with signature data
(RSAMD5) for a buffer with rrset data with a buffer with key
data.
sig: the signature data
rrset: the rrset data, sorted and processed for verification
key: the key data
ldns_key_rr2ds() returns a new DS rr that represents the given key rr.
*key: the key to convert
h: the hash to use LDNS_SHA1/LDNS_SHA256
Returns ldns_rr* a new rr pointer to a DS
ldns_key_buf2dsa() converts a buffer holding key material to a DSA key
in openssl.
key: the key to convert
Returns a DSA * structure with the key material
ldns_key_buf2rsa() converts a buffer holding key material to a RSA key
in openssl.
key: the key to convert
Returns a RSA * structure with the key material
AUTHOR
The ldns team at NLnet Labs. Which consists out of Jelte Jansen and
Miek Gieben.
REPORTING BUGS
Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
http://www.nlnetlabs.nl/bugs/index.html
COPYRIGHT
Copyright (c) 2004 - 2006 NLnet Labs.
Licensed under the BSD License. There is NO warranty; not even for MER‐
CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO
ldns_key, ldns_sign_public, ldns_zone_sign, ldns_verify, ldns_ver‐
ify_rrsig. And perldoc Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034
and RFC4035.
REMARKS
This manpage was automaticly generated from the ldns source code by use
of Doxygen and some perl.
30 May 2006 ldns(3)