LDNS_PKT_TSIG_SIGN(3) - Linux man page online | Library functions

Tsig signing and verification.

30 May 2006
ldns(3) Library Functions Manual ldns(3)


ldns_pkt_tsig_verify, ldns_pkt_tsig_sign - tsig signing and verification


#include <stdint.h> #include <stdbool.h> #include <ldns/ldns.h> bool ldns_pkt_tsig_verify(ldns_pkt *pkt, const uint8_t *wire, size_t wire_size, const char *key_name, const char *key_data, const ldns_rdf *mac); ldns_status ldns_pkt_tsig_sign(ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge, const char *algorithm_name, const ldns_rdf *query_mac);


ldns_pkt_tsig_verify() verifies the tsig rr for the given packet and key. The wire must be given too because tsig does not sign normalized packets. pkt: the packet to verify wire: needed to verify the mac wire_size: size of wire key_name: the name of the shared key key_data: the key in base 64 format mac: original mac Returns true if tsig is correct, false if not, or if tsig is not set ldns_pkt_tsig_sign() creates a tsig rr for the given packet and key. pkt: the packet to sign key_name: the name of the shared key key_data: the key in base 64 format fudge: seconds of error permitted in time signed algorithm_name: the name of the algorithm used query_mac: is added to the digest if not NULL (so NULL is for signing queries, not NULL is for signing answers) Returns status (OK if success)


The ldns team at NLnet Labs. Which consists out of Jelte Jansen and Miek Gieben.


Please report bugs to or in our bugzilla at http://www.nlnet‐
Copyright (c) 2004 - 2006 NLnet Labs. Licensed under the BSD License. There is NO warranty; not even for MERCHANTABILITY or FIT‐ NESS FOR A PARTICULAR PURPOSE.


ldns_key. And perldoc Net::DNS, RFC1034, RFC1035, RFC4033, RFC4034 and RFC4035.


This manpage was automatically generated from the ldns source code by use of Doxygen and some perl.
30 May 2006 ldns(3)
Download raw manual
Index Library Functions Manual (+5028) № 3 (+68044)
Go top