Go to the source code of this file.
Data Structures | |
struct | ldns_tsig_credentials_struct |
Contains credentials for TSIG. More... | |
Typedefs | |
typedef ldns_tsig_credentials_struct | ldns_tsig_credentials |
Contains credentials for TSIG. | |
Functions | |
char * | ldns_tsig_algorithm (ldns_tsig_credentials *) |
char * | ldns_tsig_keyname (ldns_tsig_credentials *) |
char * | ldns_tsig_keydata (ldns_tsig_credentials *) |
char * | ldns_tsig_keyname_clone (ldns_tsig_credentials *) |
char * | ldns_tsig_keydata_clone (ldns_tsig_credentials *) |
bool | ldns_pkt_tsig_verify (ldns_pkt *pkt, uint8_t *wire, size_t wire_size, const char *key_name, const char *key_data, ldns_rdf *mac) |
verifies the tsig rr for the given packet and key. | |
ldns_status | ldns_pkt_tsig_sign (ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge, const char *algorithm_name, ldns_rdf *query_mac) |
creates a tsig rr for the given packet and key. |
Definition in file tsig.h.
typedef struct ldns_tsig_credentials_struct ldns_tsig_credentials |
Contains credentials for TSIG.
char* ldns_tsig_algorithm | ( | ldns_tsig_credentials * | ) |
char* ldns_tsig_keyname | ( | ldns_tsig_credentials * | ) |
char* ldns_tsig_keydata | ( | ldns_tsig_credentials * | ) |
char* ldns_tsig_keyname_clone | ( | ldns_tsig_credentials * | ) |
char* ldns_tsig_keydata_clone | ( | ldns_tsig_credentials * | ) |
bool ldns_pkt_tsig_verify | ( | ldns_pkt * | pkt, | |
uint8_t * | wire, | |||
size_t | wire_size, | |||
const char * | key_name, | |||
const char * | key_data, | |||
ldns_rdf * | mac | |||
) |
verifies the tsig rr for the given packet and key.
The wire must be given too because tsig does not sign normalized packets.
Definition at line 223 of file tsig.c.
References LDNS_FREE, ldns_pkt_id(), ldns_pkt_set_id(), ldns_pkt_set_tsig(), ldns_pkt_tsig(), ldns_rdf2native_int16(), ldns_rdf_compare(), ldns_rdf_deep_free(), ldns_rdf_new_frm_str(), LDNS_RDF_TYPE_DNAME, ldns_rr_rdf(), LDNS_STATUS_OK, and ldns_tsig_prepare_pkt_wire().
ldns_status ldns_pkt_tsig_sign | ( | ldns_pkt * | pkt, | |
const char * | key_name, | |||
const char * | key_data, | |||
uint16_t | fudge, | |||
const char * | algorithm_name, | |||
ldns_rdf * | query_mac | |||
) |
creates a tsig rr for the given packet and key.
[in] | pkt | the packet to sign |
[in] | key_name | the name of the shared key |
[in] | key_data | the key in base 64 format |
[in] | fudge | seconds of error permitted in time signed |
[in] | algorithm_name | the name of the algorithm used |
[in] | query_mac | is added to the digest if not NULL (so NULL is for signing queries, not NULL is for signing answers) |
Definition at line 293 of file tsig.c.
References LDNS_FREE, ldns_native2rdf_int16(), ldns_native2rdf_int16_data(), ldns_pkt2wire(), ldns_pkt_id(), ldns_pkt_set_tsig(), ldns_rdf_free(), ldns_rdf_new(), ldns_rdf_new_frm_str(), LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_TSIGTIME, LDNS_RR_CLASS_ANY, ldns_rr_new(), ldns_rr_push_rdf(), ldns_rr_set_class(), ldns_rr_set_owner(), ldns_rr_set_ttl(), ldns_rr_set_type(), LDNS_RR_TYPE_TSIG, LDNS_STATUS_ERR, LDNS_STATUS_INTERNAL_ERR, LDNS_STATUS_OK, and LDNS_XMALLOC.