dnssec.h

Go to the documentation of this file.
00001 /*
00002  * dnssec.h -- defines for the Domain Name System (SEC) (DNSSEC)
00003  *
00004  * Copyright (c) 2001-2005, NLnet Labs. All rights reserved.
00005  *
00006  * See LICENSE for the license.
00007  *
00008  * A bunch of defines that are used in the DNS
00009  */
00010 
00011 #ifndef _LDNS_DNSSEC_H_
00012 #define _LDNS_DNSSEC_H_
00013 
00014 #include <openssl/ssl.h>
00015 #include <ldns/common.h>
00016 #include <ldns/dns.h>
00017 #include <ldns/buffer.h>
00018 #include <ldns/packet.h>
00019 #include <ldns/zone.h>
00020 #include <ldns/keys.h>
00021 
00022 #define LDNS_MAX_KEYLEN         2048
00023 #define LDNS_DNSSEC_KEYPROTO    3
00024 /* default time before sigs expire */
00025 #define LDNS_DEFAULT_EXP_TIME   1209600
00026 
00027 #if 0
00028 
00031 enum ldns_enum_algorithm
00032 {
00033         LDNS_RSAMD5             = 1,
00034         LDNS_DH                 = 2,
00035         LDNS_DSA                = 3,
00036         LDNS_ECC                = 4,
00037         LDNS_RSASHA1            = 5,
00038         LDNS_INDIRECT           = 252,
00039         LDNS_PRIVATEDNS         = 253,
00040         LDNS_PRIVATEOID         = 254
00041 };
00042 typedef enum ldns_enum_algorithm ldns_algorithm;
00043 #endif
00044 
00051 uint16_t ldns_calc_keytag(ldns_rr *key);
00052 
00062 ldns_status ldns_verify(ldns_rr_list *rrset, ldns_rr_list *rrsig, ldns_rr_list *keys, ldns_rr_list *good_keys); 
00063 
00072 ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr_list *keys, ldns_rr_list *good_keys);
00073 
00074 
00075 ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);
00076 
00085 ldns_status ldns_verify_rrsig_dsa(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key);
00094 ldns_status ldns_verify_rrsig_rsasha1(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key);
00103 ldns_status ldns_verify_rrsig_rsamd5(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key);
00104 
00111 DSA *ldns_key_buf2dsa(ldns_buffer *key);
00112 
00119 RSA *ldns_key_buf2rsa(ldns_buffer *key);
00120 
00121 /* TODO
00122  * Packet is still given (and used, but could be constructed from wire)
00123  * remove that?
00124  */
00125 
00132 ldns_rr *ldns_key_rr2ds(const ldns_rr *key);
00133 
00134 /* sign functions - these are very much a work in progress */
00135 ldns_rr_list *ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys);
00136 ldns_rdf *ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key);
00137 ldns_rdf *ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key);
00138 ldns_rdf *ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key);
00139 ldns_rdf *ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key);
00140 
00148 ldns_rr * ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs);
00149 
00153 ldns_status ldns_pkt_verify(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, ldns_rr_list *k, ldns_rr_list *s, ldns_rr_list *good_keys);
00154 
00164 ldns_zone *ldns_zone_sign(ldns_zone *zone, ldns_key_list *key_list);
00165  
00166 ldns_status ldns_init_random(FILE *fd, uint16_t bytes);
00167 
00168 #endif /* _LDNS_DNSSEC_H_ */

Generated on Mon Feb 20 15:41:27 2006 for ldns by  doxygen 1.4.6