Provided by: libldns-dev_1.8.1-1_amd64 
NAME
ldns_verify, ldns_verify_rrsig, ldns_verify_rrsig_keylist,
ldns_verify_rrsig_keylist_notime, ldns_verify_notime - verify rrsigs
SYNOPSIS
#include <stdint.h>
#include <stdbool.h>
#include <ldns/ldns.h>
ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, const ldns_rr_list
*keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);
ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr *rrsig, const
ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_rrsig_keylist_notime(const ldns_rr_list *rrset, const ldns_rr
*rrsig, const ldns_rr_list *keys, ldns_rr_list *good_keys);
ldns_status ldns_verify_notime(ldns_rr_list *rrset, ldns_rr_list *rrsig, const
ldns_rr_list *keys, ldns_rr_list *good_keys);
DESCRIPTION
ldns_verify() Verifies a list of signatures for one rrset.
rrset: the rrset to verify
rrsig: a list of signatures to check
keys: a list of keys to check with
good_keys: if this is a (initialized) list, the pointer to keys from keys that
validate one of the signatures are added to it
Returns status LDNS_STATUS_OK if there is at least one correct key
ldns_verify_rrsig() verify an rrsig with 1 key
rrset: the rrset
rrsig: the rrsig to verify
key: the key to use
Returns status message whether verification succeeded.
ldns_verify_rrsig_keylist() Verifies an rrsig. All keys in the keyset are tried.
rrset: the rrset to check
rrsig: the signature of the rrset
keys: the keys to try
good_keys: if this is a (initialized) list, the pointer to keys from keys that
validate one of the signatures are added to it
Returns a list of keys which validate the rrsig + rrset. Returns status
LDNS_STATUS_OK if at least one key matched. Else an error.
ldns_verify_rrsig_keylist_notime() Verifies an rrsig. All keys in the keyset are tried.
Time is not checked.
rrset: the rrset to check
rrsig: the signature of the rrset
keys: the keys to try
good_keys: if this is a (initialized) list, the pointer to keys from keys that
validate one of the signatures are added to it
Returns a list of keys which validate the rrsig + rrset. Returns status
LDNS_STATUS_OK if at least one key matched. Else an error.
ldns_verify_notime() Verifies a list of signatures for one rrset, but disregard the time.
Inception and Expiration are not checked.
rrset: the rrset to verify
rrsig: a list of signatures to check
keys: a list of keys to check with
good_keys: if this is a (initialized) list, the pointer to keys from keys that
validate one of the signatures are added to it
Returns status LDNS_STATUS_OK if there is at least one correct key
AUTHOR
The ldns team at NLnet Labs.
REPORTING BUGS
Please report bugs to ldns-team@nlnetlabs.nl or in our bugzilla at
http://www.nlnetlabs.nl/bugs/index.html
COPYRIGHT
Copyright (c) 2004 - 2006 NLnet Labs.
Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.
SEE ALSO
ldns_verify_rrsig_evp, ldns_verify_rrsig_dsa, ldns_verify_rrsig_rsasha1,
ldns_verify_rrsig_rsamd5, ldns_sign_public, ldns_zone_sign, ldns_key. And perldoc
Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034 and RFC4035.
REMARKS
This manpage was automatically generated from the ldns source code.
30 May 2006 ldns(3)