update.h - all
-resolver.h - only set
packet.h - get/set
keys.h - get/set
-dnssec.h - some + get/set
-buffer.h - docs are there, but need to be doxygened
+buffer.h - half way through
# other names are aliases (symlinks)
# all functions specified on the same line are included in the
# same manual page
+# function named after the pipe `|' are put in the see also section
# functions that must be included, separated by commas
### host2wire.h
# conversion functions
-ldns_rr2wire, ldns_pkt2wire, ldns_rdf2wire, ldns_rr2str, ldns_pkt2str, ldns_rdf2str
-
+ldns_rr2wire, ldns_pkt2wire, ldns_rdf2wire
# lower level conversions, some are from host2str.h
ldns_pkt2buffer_str, ldns_pktheader2buffer_str, ldns_rr2buffer_str, ldns_rr_list2buffer_str, ldns_rdf2buffer_str, ldns_key2buffer_str, ldns_pkt2buffer_wire, ldns_rr2buffer_wire, ldns_rdf2buffer_wire, ldns_rrsig2buffer_wire, ldns_rr_rdata2buffer_wire
### /host2wire.h
+### host2str.h
+ldns_rr2str, ldns_pkt2str, ldns_rdf2str, ldns_rr_list2str, ldns_key2str
+ldns_rr_print, ldns_rdf_print, ldns_pkt_print, ldns_rr_list_print, ldns_resolver_print, ldns_zone_print
+### /host2str.h
+
### host2str.h
# and even lower
ldns_rdf2buffer_str_a, ldns_rdf2buffer_str_aaaa, ldns_rdf2buffer_str_str, ldns_rdf2buffer_str_b64, ldns_rdf2buffer_str_hex, ldns_rdf2buffer_str_type, ldns_rdf2buffer_str_class, ldns_rdf2buffer_str_alg, ldns_rdf2buffer_str_cert, ldns_rdf2buffer_str_loc, ldns_rdf2buffer_str_unknown, ldns_rdf2buffer_str_nsap, ldns_rdf2buffer_str_wks, ldns_rdf2buffer_str_nsec, ldns_rdf2buffer_str_period, ldns_rdf2buffer_str_tsigtime, ldns_rdf2buffer_str_apl, ldns_rdf2buffer_str_int16_data, ldns_rdf2buffer_str_int16, ldns_rdf2buffer_str_ipseckey
ldns_rdf_set_size, ldns_rdf_set_type, ldns_rdf_set_data | ldns_rdf
ldns_rdf_size, ldns_rdf_get_type, ldns_rdf_data | ldns_rdf
ldns_rdf_new, ldns_rdf_new_frm_data, ldns_rdf_new_frm_str, ldns_rdf_new_frm_fp, ldns_rdf_free, ldns_rdf_deep_free, ldns_rdf_print | ldns_rdf
-ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32,ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage | ldns_rdf
+ldns_native2rdf_int8, ldns_native2rdf_int16, ldns_native2rdf_int32,ldns_native2rdf_int16_data, ldns_rdf2native_int8, ldns_rdf2native_int16, ldns_rdf2native_int32, ldns_rdf2native_sockaddr_storage, ldns_rdf2native_time_t | ldns_rdf
ldns_rdf_address_reverse | ldns_rdf
ldns_octet | ldns_rdf
# why is this in rdata.h?
ldns_key_buf2dsa, ldns_key_buf2rsa | ldns_key_rr2ds
ldns_key_rr2ds
# signing
-ldns_sign_public | ldns_sign_public_dsa, ldns_sign_public_rsamd5, ldns_sign_public_rsasha1, ldns_sign_public_dsa
-ldns_sign_public_dsa, ldns_sign_public_rsamd5, ldns_sign_public_rsasha1, ldns_sign_public_dsa
-ldns_zone_sign
+ldns_sign_public | ldns_sign_public_dsa, ldns_sign_public_rsamd5, ldns_sign_public_rsasha1
+ldns_sign_public_dsa, ldns_sign_public_rsamd5, ldns_sign_public_rsasha1
+ldns_zone_sign | ldns_sign_public
ldns_init_random
-#ldns_pkt_verify
+ldns_pkt_verify | ldns_verify
### /dnssec.h
### dnskey.h
/**
* clears the buffer and make it ready for writing. The buffer's limit
* is set to the capacity and the position is set to 0.
+ * \param[in] buffer the buffer to clear
*/
void ldns_buffer_clear(ldns_buffer *buffer);
/**
* make the buffer ready for re-reading the data. The buffer's
* position is reset to 0.
+ * \param[in] buffer the buffer to rewind
*/
void ldns_buffer_rewind(ldns_buffer *buffer);
/**
* returns the current position in the buffer (as a number of bytes)
+ * \param[in] buffer the buffer
+ * \return the current position
*/
INLINE size_t
ldns_buffer_position(ldns_buffer *buffer)
/**
* sets the buffer's position to MARK. The position must be less than
* or equal to the buffer's limit.
+ * \param[in] buffer the buffer
+ * \param[in] mark the mark to use
*/
INLINE void
ldns_buffer_set_position(ldns_buffer *buffer, size_t mark)
* changes the buffer's position by COUNT bytes. The position must not
* be moved behind the buffer's limit or before the beginning of the
* buffer.
+ * \param[in] buffer the buffer
+ * \param[in] count the count to use
*/
INLINE void
ldns_buffer_skip(ldns_buffer *buffer, ssize_t count)
/**
* returns the maximum size of the buffer
+ * \param[in] buffer
+ * \return the size
*/
INLINE size_t
ldns_buffer_limit(ldns_buffer *buffer)
/**
* changes the buffer's limit. If the buffer's position is greater
* than the new limit the position is set to the limit.
+ * \param[in] buffer the buffer
+ * \param[in] limit the new limit
*/
INLINE void
ldns_buffer_set_limit(ldns_buffer *buffer, size_t limit)
/**
* returns the number of bytes the buffer can hold.
+ * \param[in] buffer the buffer
+ * \return the number of bytes
*/
INLINE size_t
ldns_buffer_capacity(ldns_buffer *buffer)
* changes the buffer's capacity. The data is reallocated so any
* pointers to the data may become invalid. The buffer's limit is set
* to the buffer's new capacity.
+ * \param[in] buffer the buffer
+ * \param[in] capacity the capacity to use
+ * \return whether this failed or succeeded
*/
bool ldns_buffer_set_capacity(ldns_buffer *buffer, size_t capacity);
*
* The buffer's limit is always set to the (possibly increased)
* capacity.
+ * \param[in] buffer the buffer
+ * \param[in] amount amount to use
+ * \return whether this failed or succeeded
*/
bool ldns_buffer_reserve(ldns_buffer *buffer, size_t amount);
/**
* returns a pointer to the data at the indicated position.
+ * \param[in] buffer the buffer
+ * \param[in] at position
+ * \return the pointer to the data
*/
INLINE uint8_t *
ldns_buffer_at(ldns_buffer *buffer, size_t at)
/**
* returns a pointer to the beginning of the buffer (the data at
* position 0).
+ * \param[in] buffer the buffer
+ * \return the pointer
*/
INLINE uint8_t *
ldns_buffer_begin(ldns_buffer *buffer)
/**
* returns a pointer to the end of the buffer (the data at the buffer's
* limit).
+ * \param[in] buffer the buffer
+ * \return the pointer
*/
INLINE uint8_t *
ldns_buffer_end(ldns_buffer *buffer)
/**
* returns a pointer to the data at the buffer's current position.
+ * \param[in] buffer the buffer
+ * \return the pointer
*/
INLINE uint8_t *
ldns_buffer_current(ldns_buffer *buffer)
/**
* returns the number of bytes remaining between the indicated position and
* the limit.
+ * \param[in] buffer the buffer
+ * \param[in] at indicated position
+ * \return number of bytes
*/
INLINE size_t
ldns_buffer_remaining_at(ldns_buffer *buffer, size_t at)
/**
* returns the number of bytes remaining between the buffer's position and
* limit.
+ * \param[in] buffer the buffer
+ * \return the number of bytes
*/
INLINE size_t
ldns_buffer_remaining(ldns_buffer *buffer)
* checks if the buffer has at least COUNT more bytes available.
* Before reading or writing the caller needs to ensure enough space
* is available!
+ * \param[in] buffer the buffer
+ * \param[in] at indicated position
+ * \param[in] count how much is available
+ * \return true or false (as int?)
*/
INLINE int
ldns_buffer_available_at(ldns_buffer *buffer, size_t at, size_t count)
/**
* checks if the buffer has count bytes available at the current position
+ * \param[in] buffer the buffer
+ * \param[in] count how much is available
+ * \return true or false (as int?)
*/
INLINE int
ldns_buffer_available(ldns_buffer *buffer, size_t count)
/**
* writes the given data to the buffer at the specified position
- *
+ * \param[in] buffer the buffer
* \param[in] at the position (in number of bytes) to write the data at
* \param[in] data pointer to the data to write to the buffer
* \param[in] count the number of bytes of data to write
/**
* writes count bytes of data to the current position of the buffer
+ *
*/
INLINE void
ldns_buffer_write(ldns_buffer *buffer, const void *data, size_t count)
*/
ldns_status ldns_verify_rrsig_keylist(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr_list *keys, ldns_rr_list *good_keys);
-
+/**
+ * verify an rrsig with 1 key
+ * \param[in] rrset the rrset
+ * \param[in] rrsig the rrsig to verify
+ * \param[in] key the key to use
+ * \return status message wether verification succeeded.
+ */
ldns_status ldns_verify_rrsig(ldns_rr_list *rrset, ldns_rr *rrsig, ldns_rr *key);
/**
*/
ldns_status ldns_verify_rrsig_rsamd5(ldns_buffer *sig, ldns_buffer *rrset, ldns_buffer *key);
+#ifdef HAVE_SSL
/**
* converts a buffer holding key material to a DSA key in openssl.
*
* \param[in] key the key to convert
* \return a DSA * structure with the key material
*/
-#ifdef HAVE_SSL
DSA *ldns_key_buf2dsa(ldns_buffer *key);
#endif /* HAVE_SSL */
+#ifdef HAVE_SSL
/**
* converts a buffer holding key material to a RSA key in openssl.
*
* \param[in] key the key to convert
* \return a RSA * structure with the key material
*/
-#ifdef HAVE_SSL
RSA *ldns_key_buf2rsa(ldns_buffer *key);
#endif /* HAVE_SSL */
*/
ldns_rr *ldns_key_rr2ds(const ldns_rr *key);
-/* sign functions - these are very much a work in progress */
+/* sign functions */
+
+/**
+ * Sign an rrset
+ * \param[in] rrset the rrset
+ * \param[in] keys the keys to use
+ * \return a rr_list with the signatures
+ */
ldns_rr_list *ldns_sign_public(ldns_rr_list *rrset, ldns_key_list *keys);
+
#ifdef HAVE_SSL
+/**
+ * Sign a buffer with the DSA key (hash with SHA1)
+ * \param[in] to_sign buffer with the data
+ * \param[in] key the key to use
+ * \return a ldns_rdf with the signed data
+ */
ldns_rdf *ldns_sign_public_dsa(ldns_buffer *to_sign, DSA *key);
+/**
+ * Sign a buffer with the RSA key (hash with MD5)
+ * \param[in] to_sign buffer with the data
+ * \param[in] key the key to use
+ * \return a ldns_rdf with the signed data
+ */
ldns_rdf *ldns_sign_public_rsamd5(ldns_buffer *to_sign, RSA *key);
+/**
+ * Sign a buffer with the RSA key (hash with SHA1)
+ * \param[in] to_sign buffer with the data
+ * \param[in] key the key to use
+ * \return a ldns_rdf with the signed data
+ */
ldns_rdf *ldns_sign_public_rsasha1(ldns_buffer *to_sign, RSA *key);
#endif /* HAVE_SSL */
ldns_rr * ldns_create_nsec(ldns_rdf *cur_owner, ldns_rdf *next_owner, ldns_rr_list *rrs);
/**
- *
+ * verify a packet
+ * \param[in] p the packet
+ * \param[in] t the rr set type to check
+ * \param[in] o the rr set name to ckeck
+ * \param[in] k list of keys
+ * \param[in] s list of sigs (may be null)
+ * \param[out] good_keys keys which validated the packet
+ * \return status
+ *
*/
ldns_status ldns_pkt_verify(ldns_pkt *p, ldns_rr_type t, ldns_rdf *o, ldns_rr_list *k, ldns_rr_list *s, ldns_rr_list *good_keys);
projects / thirdparty / ldns.git / commitdiff
