Go to the source code of this file.
Functions | |
char * | ldns_tsig_algorithm (ldns_tsig_credentials *tc) |
char * | ldns_tsig_keyname (ldns_tsig_credentials *tc) |
char * | ldns_tsig_keydata (ldns_tsig_credentials *tc) |
char * | ldns_tsig_keyname_clone (ldns_tsig_credentials *tc) |
char * | ldns_tsig_keydata_clone (ldns_tsig_credentials *tc) |
uint8_t * | ldns_tsig_prepare_pkt_wire (uint8_t *wire, size_t wire_len, size_t *result_len) |
_Bool | ldns_pkt_tsig_verify (ldns_pkt *pkt, uint8_t *wire, size_t wirelen, const char *key_name, const char *key_data, ldns_rdf *orig_mac_rdf) |
verifies the tsig rr for the given packet and key. | |
_Bool | ldns_pkt_tsig_verify_next (ldns_pkt *pkt, uint8_t *wire, size_t wirelen, const char *key_name, const char *key_data, ldns_rdf *orig_mac_rdf, int tsig_timers_only) |
verifies the tsig rr for the given packet and key. | |
ldns_status | ldns_pkt_tsig_sign (ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge, const char *algorithm_name, ldns_rdf *query_mac) |
creates a tsig rr for the given packet and key. | |
ldns_status | ldns_pkt_tsig_sign_next (ldns_pkt *pkt, const char *key_name, const char *key_data, uint16_t fudge, const char *algorithm_name, ldns_rdf *query_mac, int tsig_timers_only) |
creates a tsig rr for the given packet and key. |
char* ldns_tsig_algorithm | ( | ldns_tsig_credentials * | tc | ) |
Definition at line 22 of file tsig.c.
References ldns_tsig_credentials_struct::algorithm.
char* ldns_tsig_keyname | ( | ldns_tsig_credentials * | tc | ) |
Definition at line 28 of file tsig.c.
References ldns_tsig_credentials_struct::keyname.
char* ldns_tsig_keydata | ( | ldns_tsig_credentials * | tc | ) |
Definition at line 34 of file tsig.c.
References ldns_tsig_credentials_struct::keydata.
char* ldns_tsig_keyname_clone | ( | ldns_tsig_credentials * | tc | ) |
Definition at line 40 of file tsig.c.
References ldns_tsig_credentials_struct::keyname.
char* ldns_tsig_keydata_clone | ( | ldns_tsig_credentials * | tc | ) |
Definition at line 46 of file tsig.c.
References ldns_tsig_credentials_struct::keydata.
uint8_t* ldns_tsig_prepare_pkt_wire | ( | uint8_t * | wire, |
size_t | wire_len, | ||
size_t * | result_len | ||
) |
Definition at line 55 of file tsig.c.
References LDNS_ANCOUNT, LDNS_ARCOUNT, LDNS_ARCOUNT_OFF, LDNS_HEADER_SIZE, LDNS_NSCOUNT, LDNS_QDCOUNT, ldns_rr_free(), LDNS_SECTION_ADDITIONAL, LDNS_SECTION_ANSWER, LDNS_SECTION_AUTHORITY, LDNS_SECTION_QUESTION, LDNS_STATUS_OK, ldns_wire2rr(), and LDNS_XMALLOC.
_Bool ldns_pkt_tsig_verify | ( | ldns_pkt * | pkt, |
uint8_t * | wire, | ||
size_t | wire_size, | ||
const char * | key_name, | ||
const char * | key_data, | ||
ldns_rdf * | mac | ||
) |
verifies the tsig rr for the given packet and key.
The wire must be given too because tsig does not sign normalized packets.
[in] | pkt | the packet to verify |
[in] | wire | needed to verify the mac |
[in] | wire_size | size of wire |
[in] | key_name | the name of the shared key |
[in] | key_data | the key in base 64 format |
[in] | mac | original mac |
Definition at line 280 of file tsig.c.
References ldns_pkt_tsig_verify_next().
_Bool ldns_pkt_tsig_verify_next | ( | ldns_pkt * | pkt, |
uint8_t * | wire, | ||
size_t | wire_size, | ||
const char * | key_name, | ||
const char * | key_data, | ||
ldns_rdf * | mac, | ||
int | tsig_timers_only | ||
) |
verifies the tsig rr for the given packet and key.
The wire must be given too because tsig does not sign normalized packets.
[in] | pkt | the packet to verify |
[in] | wire | needed to verify the mac |
[in] | wire_size | size of wire |
[in] | key_name | the name of the shared key |
[in] | key_data | the key in base 64 format |
[in] | mac | original mac |
[in] | tsig_timers_only | must be zero for the first packet and positive for subsequent packets. If zero, all digest components are used to verify the _mac. If non-zero, only the TSIG timers are used to verify the mac. |
Definition at line 287 of file tsig.c.
References LDNS_FREE, ldns_pkt_id(), ldns_pkt_set_id(), ldns_pkt_set_tsig(), ldns_pkt_tsig(), ldns_rdf2native_int16(), ldns_rdf_compare(), ldns_rdf_deep_free(), ldns_rdf_new_frm_str(), LDNS_RDF_TYPE_DNAME, ldns_rr_rd_count(), ldns_rr_rdf(), LDNS_STATUS_OK, and ldns_tsig_prepare_pkt_wire().
ldns_status ldns_pkt_tsig_sign | ( | ldns_pkt * | pkt, |
const char * | key_name, | ||
const char * | key_data, | ||
uint16_t | fudge, | ||
const char * | algorithm_name, | ||
ldns_rdf * | query_mac | ||
) |
creates a tsig rr for the given packet and key.
[in] | pkt | the packet to sign |
[in] | key_name | the name of the shared key |
[in] | key_data | the key in base 64 format |
[in] | fudge | seconds of error permitted in time signed |
[in] | algorithm_name | the name of the algorithm used |
[in] | query_mac | is added to the digest if not NULL (so NULL is for signing queries, not NULL is for signing answers) |
Definition at line 356 of file tsig.c.
References ldns_pkt_tsig_sign_next().
ldns_status ldns_pkt_tsig_sign_next | ( | ldns_pkt * | pkt, |
const char * | key_name, | ||
const char * | key_data, | ||
uint16_t | fudge, | ||
const char * | algorithm_name, | ||
ldns_rdf * | query_mac, | ||
int | tsig_timers_only | ||
) |
creates a tsig rr for the given packet and key.
[in] | pkt | the packet to sign |
[in] | key_name | the name of the shared key |
[in] | key_data | the key in base 64 format |
[in] | fudge | seconds of error permitted in time signed |
[in] | algorithm_name | the name of the algorithm used |
[in] | query_mac | is added to the digest if not NULL (so NULL is for signing queries, not NULL is for signing answers) |
[in] | tsig_timers_only | must be zero for the first packet and positive for subsequent packets. If zero, all digest components are used to create the query_mac. If non-zero, only the TSIG timers are used to create the query_mac. |
Definition at line 363 of file tsig.c.
References LDNS_FREE, ldns_native2rdf_int16(), ldns_native2rdf_int16_data(), ldns_pkt2wire(), ldns_pkt_id(), ldns_pkt_set_tsig(), ldns_rdf_free(), ldns_rdf_new(), ldns_rdf_new_frm_str(), LDNS_RDF_TYPE_DNAME, LDNS_RDF_TYPE_INT16, LDNS_RDF_TYPE_TSIGTIME, LDNS_RR_CLASS_ANY, ldns_rr_new(), ldns_rr_push_rdf(), ldns_rr_set_class(), ldns_rr_set_owner(), ldns_rr_set_ttl(), ldns_rr_set_type(), LDNS_RR_TYPE_TSIG, LDNS_STATUS_ERR, LDNS_STATUS_INTERNAL_ERR, LDNS_STATUS_MEM_ERR, LDNS_STATUS_OK, and LDNS_XMALLOC.