Provided by: libldns-dev_1.7.0-4.1ubuntu1_amd64 bug

NAME

       ldns_verify,      ldns_verify_rrsig,     ldns_verify_rrsig_keylist,     ldns_verify_rrsig_keylist_notime,
       ldns_verify_notime - verify rrsigs

SYNOPSIS

       #include <stdint.h>
       #include <stdbool.h>

       #include <ldns/ldns.h>

       ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list *keys,  ldns_rr_list
       *good_keys);

       ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);

       ldns_status  ldns_verify_rrsig_keylist(ldns_rr_list  *rrset,  ldns_rr  *rrsig,  const ldns_rr_list *keys,
       ldns_rr_list *good_keys);

       ldns_status ldns_verify_rrsig_keylist_notime(const  ldns_rr_list  *rrset,  const  ldns_rr  *rrsig,  const
       ldns_rr_list *keys, ldns_rr_list *good_keys);

       ldns_status  ldns_verify_notime(ldns_rr_list  *rrset,  ldns_rr_list  *rrsig,  const  ldns_rr_list  *keys,
       ldns_rr_list *good_keys);

DESCRIPTION


       ldns_verify() Verifies a list of signatures for one rrset.

              rrset: the rrset to verify
              rrsig: a list of signatures to check
              keys: a list of keys to check with
              good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the
              signatures are added to it
              Returns status LDNS_STATUS_OK if there is at least one correct key

       ldns_verify_rrsig() verify an rrsig with 1 key
              rrset: the rrset
              rrsig: the rrsig to verify
              key: the key to use
              Returns status message wether verification succeeded.

       ldns_verify_rrsig_keylist() Verifies an rrsig. All keys in the keyset are tried.
              rrset: the rrset to check
              rrsig: the signature of the rrset
              keys: the keys to try
              good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the
              signatures are added to it
              Returns a list of keys which validate the rrsig + rrset. Returns status LDNS_STATUS_OK if at least
              one key matched. Else an error.

       ldns_verify_rrsig_keylist_notime() Verifies an rrsig. All keys in the  keyset  are  tried.  Time  is  not
              checked.
              rrset: the rrset to check
              rrsig: the signature of the rrset
              keys: the keys to try
              good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the
              signatures are added to it
              Returns a list of keys which validate the rrsig + rrset. Returns status LDNS_STATUS_OK if at least
              one key matched. Else an error.

       ldns_verify_notime()  Verifies a list of signatures for one rrset, but disregard the time.  Inception and
              Expiration are not checked.

              rrset: the rrset to verify
              rrsig: a list of signatures to check
              keys: a list of keys to check with
              good_keys: if this is a (initialized) list, the pointer to keys from keys that validate one of the
              signatures are added to it
              Returns status LDNS_STATUS_OK if there is at least one correct key

AUTHOR

       The ldns team at NLnet Labs. Which consists out of Jelte Jansen and Miek Gieben.

REPORTING BUGS

       Please     report     bugs     to     ldns-team@nlnetlabs.nl     or     in      our      bugzilla      at
       http://www.nlnetlabs.nl/bugs/index.html

COPYRIGHT

       Copyright (c) 2004 - 2006 NLnet Labs.

       Licensed  under  the  BSD  License.  There  is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
       PARTICULAR PURPOSE.

SEE ALSO

       ldns_verify_rrsig_evp,   ldns_verify_rrsig_dsa,   ldns_verify_rrsig_rsasha1,    ldns_verify_rrsig_rsamd5,
       ldns_sign_public,  ldns_zone_sign,  ldns_key.   And  perldoc Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034
       and RFC4035.

REMARKS

       This manpage was automatically generated from the ldns source code by use of Doxygen and some perl.

                                                   30 May 2006                                           ldns(3)