Man Linux: Main Page and Category List

NAME

       ldns_verify,        ldns_verify_rrsig,       ldns_verify_rrsig_keylist,

       ldns_verify_rrsig_keylist_notime, ldns_verify_notime-

SYNOPSIS

       #include <stdint.h>
       #include <stdbool.h>

       #include <ldns/ldns.h>

       ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const
       ldns_rr_list *keys, ldns_rr_list *good_keys);

       ldns_status   ldns_verify_rrsig(ldns_rr_list  *rrset,  ldns_rr  *rrsig,
       ldns_rr *key);

       ldns_status  ldns_verify_rrsig_keylist(ldns_rr_list   *rrset,   ldns_rr
       *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

       ldns_status    ldns_verify_rrsig_keylist_notime(ldns_rr_list    *rrset,
       ldns_rr *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

       ldns_status   ldns_verify_notime(ldns_rr_list   *rrset,    ldns_rr_list
       *rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);

DESCRIPTION

       ldns_verify() Verifies a list of signatures for one rrset.

              rrset: the rrset to verify
              rrsig: a list of signatures to check
              keys: a list of keys to check with
              good_keys: if this is a (initialized) list, the keys
                                     from   keys  that  validate  one  of  the
              signatures
                                     are added to it
              Returns status LDNS_STATUS_OK if there is at least  one  correct
              key

       ldns_verify_rrsig() verify an rrsig with 1 key
              rrset: the rrset
              rrsig: the rrsig to verify
              key: the key to use
              Returns status message wether verification succeeded.

       ldns_verify_rrsig_keylist()  Verifies  an rrsig. All keys in the keyset
              are tried.
              rrset: the rrset to check
              rrsig: the signature of the rrset
              keys: the keys to try
              good_keys: if this is a (initialized) list, the keys
                                     from  keys  that  validate  one  of   the
              signatures
                                     are added to it
              Returns a list of keys which validate the rrsig + rrset. Returns
              status LDNS_STATUS_OK if at  least  one  key  matched.  Else  an
              error.

       ldns_verify_rrsig_keylist_notime()  Verifies  an rrsig. All keys in the
              keyset are tried. Time is not checked.
              rrset: the rrset to check
              rrsig: the signature of the rrset
              keys: the keys to try
              good_keys: if this is a (initialized) list, the keys
                                     from  keys  that  validate  one  of   the
              signatures
                                     are added to it
              Returns a list of keys which validate the rrsig + rrset. Returns
              status LDNS_STATUS_OK if at  least  one  key  matched.  Else  an
              error.

       ldns_verify_notime()  Verifies  a list of signatures for one rrset, but
              disregard the time.  Inception and Expiration are not checked.

              rrset: the rrset to verify
              rrsig: a list of signatures to check
              keys: a list of keys to check with
              good_keys: if this is a (initialized) list, the keys
                                     from  keys  that  validate  one  of   the
              signatures
                                     are added to it
              Returns  status  LDNS_STATUS_OK if there is at least one correct
              key

AUTHOR

       The ldns team at NLnet Labs. Which consists out  of  Jelte  Jansen  and
       Miek Gieben.

REPORTING BUGS

       Please  report  bugs  to  ldns-team@nlnetlabs.nl  or in our bugzilla at
       http://www.nlnetlabs.nl/bugs/index.html

COPYRIGHT

       Copyright (c) 2004 - 2006 NLnet Labs.

       Licensed under the BSD License. There is  NO  warranty;  not  even  for
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

SEE ALSO

       ldns_verify_rrsig_evp.    And   perldoc   Net::DNS,  RFC1034,  RFC1035,
       RFC4033, RFC4034  and RFC4035.

REMARKS

       This manpage was automaticly generated from the ldns source code by use
       of Doxygen and some perl.

                                  30 May 2006                          ldns(3)