Install Now
ldns_pkt_tsig_verify, ldns_pkt_tsig_sign - tsig signing and verification
Contents
Copyright
Copyright (c) 2004 - 2006 NLnet Labs.
Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Description
ldns_pkt_tsig_verify() verifies the tsig rr for the given packet and key. The wire must be given too
because tsig does not sign normalized packets.
pkt: the packet to verify
wire: needed to verify the mac
wire_size: size of wire
key_name: the name of the shared key
key_data: the key in base 64 format
mac: original mac
Returns true if tsig is correct, false if not, or if tsig is not set
ldns_pkt_tsig_sign() creates a tsig rr for the given packet and key.
pkt: the packet to sign
key_name: the name of the shared key
key_data: the key in base 64 format
fudge: seconds of error permitted in time signed
algorithm_name: the name of the algorithm used
query_mac: is added to the digest if not NULL (so NULL is for signing queries, not NULL is for
signing answers)
Returns status (OK if success)
Name
ldns_pkt_tsig_verify, ldns_pkt_tsig_sign - tsig signing and verification
Remarks
This manpage was automatically generated from the ldns source code.
30 May 2006 ldns(3)
Reporting Bugs
Please report bugs to dns-team@nlnetlabs.nl or on GitHub at https://github.com/NLnetLabs/ldns/issues
See Also
ldns_key. And perldocNet::DNS, RFC1034, RFC1035, RFC4033, RFC4034 and RFC4035.
Synopsis
#include <stdint.h>
#include <stdbool.h>
#include <ldns/ldns.h>
bool ldns_pkt_tsig_verify(ldns_pkt *pkt, const uint8_t *wire, size_t wire_size, const char *key_name,
const char *key_data, const ldns_rdf *mac);
ldns_status ldns_pkt_tsig_sign(ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge,
const char *algorithm_name, const ldns_rdf *query_mac);
PNG Icons