|
unbound 0.1
|
This file contains helper functions for the validator module. More...
Functions | |
| size_t | nsec3_hash_algo_size_supported (int id) |
| Return size of nsec3 hash algorithm, 0 if not supported. | |
| int | secalgo_nsec3_hash (int algo, unsigned char *buf, size_t len, unsigned char *res) |
| Hash a single hash call of an NSEC3 hash algorithm. | |
| void | secalgo_hash_sha256 (unsigned char *buf, size_t len, unsigned char *res) |
| Calculate the sha256 hash for the data buffer into the result. | |
| struct secalgo_hash * | secalgo_hash_create_sha384 (void) |
| Start a hash of type sha384. | |
| struct secalgo_hash * | secalgo_hash_create_sha512 (void) |
| Start a hash of type sha512. | |
| int | secalgo_hash_update (struct secalgo_hash *hash, uint8_t *data, size_t len) |
| Update a hash with more information to add to it. | |
| int | secalgo_hash_final (struct secalgo_hash *hash, uint8_t *result, size_t maxlen, size_t *resultlen) |
| Get the final result of the hash. | |
| void | secalgo_hash_delete (struct secalgo_hash *hash) |
| Delete the hash structure. | |
| size_t | ds_digest_size_supported (int algo) |
| Return size of DS digest according to its hash algorithm. | |
| int | secalgo_ds_digest (int algo, unsigned char *buf, size_t len, unsigned char *res) |
| int | dnskey_algo_id_is_supported (int id) |
| return true if DNSKEY algorithm id is supported | |
| enum sec_status | verify_canonrrset (struct sldns_buffer *buf, int algo, unsigned char *sigblock, unsigned int sigblock_len, unsigned char *key, unsigned int keylen, char **reason) |
| Check a canonical sig+rrset and signature against a dnskey. | |
This file contains helper functions for the validator module.
The functions take buffers with raw data and convert to library calls.
| int secalgo_nsec3_hash | ( | int | algo, |
| unsigned char * | buf, | ||
| size_t | len, | ||
| unsigned char * | res ) |
Hash a single hash call of an NSEC3 hash algorithm.
Iterations and salt are done by the caller.
| algo | nsec3 hash algorithm. |
| buf | the buffer to digest |
| len | length of buffer to digest. |
| res | result stored here (must have sufficient space). |
Referenced by az_nsec3_hash(), nsec3_calc_hash(), and nsec3_get_hashed().
| void secalgo_hash_sha256 | ( | unsigned char * | buf, |
| size_t | len, | ||
| unsigned char * | res ) |
Calculate the sha256 hash for the data buffer into the result.
| buf | buffer to digest. |
| len | length of the buffer to digest. |
| res | result is stored here (space 256/8 bytes). |
| struct secalgo_hash * secalgo_hash_create_sha384 | ( | void | ) |
Start a hash of type sha384.
Allocates structure, then inits it, so that a series of updates can be performed, before the final result.
Referenced by zonemd_digest_init().
| struct secalgo_hash * secalgo_hash_create_sha512 | ( | void | ) |
Start a hash of type sha512.
Allocates structure, then inits it, so that a series of updates can be performed, before the final result.
Referenced by zonemd_digest_init().
| int secalgo_hash_update | ( | struct secalgo_hash * | hash, |
| uint8_t * | data, | ||
| size_t | len ) |
Update a hash with more information to add to it.
| hash | the hash that is updated. |
| data | data to add. |
| len | length of data. |
Referenced by zonemd_digest_update().
| int secalgo_hash_final | ( | struct secalgo_hash * | hash, |
| uint8_t * | result, | ||
| size_t | maxlen, | ||
| size_t * | resultlen ) |
Get the final result of the hash.
| hash | the hash that has had updates to it. |
| result | where to store the result. |
| maxlen | length of the result buffer, eg. size of the allocation. If not large enough the routine fails. |
| resultlen | the length of the result, returned to the caller. How much of maxlen is used. |
Referenced by zonemd_digest_finish().
| void secalgo_hash_delete | ( | struct secalgo_hash * | hash | ) |
Delete the hash structure.
| hash | the hash to delete. |
Referenced by auth_zone_generate_zonemd_hash().
| size_t ds_digest_size_supported | ( | int | algo | ) |
Return size of DS digest according to its hash algorithm.
| algo | DS digest algo. |
Referenced by ds_digest_size_algo().
| int secalgo_ds_digest | ( | int | algo, |
| unsigned char * | buf, | ||
| size_t | len, | ||
| unsigned char * | res ) |
| algo | the DS digest algo |
| buf | the buffer to digest |
| len | length of buffer to digest. |
| res | result stored here (must have sufficient space). |
Referenced by ds_create_dnskey_digest().
| enum sec_status verify_canonrrset | ( | struct sldns_buffer * | buf, |
| int | algo, | ||
| unsigned char * | sigblock, | ||
| unsigned int | sigblock_len, | ||
| unsigned char * | key, | ||
| unsigned int | keylen, | ||
| char ** | reason ) |
Check a canonical sig+rrset and signature against a dnskey.
| buf | buffer with data to verify, the first rrsig part and the canonicalized rrset. |
| algo | DNSKEY algorithm. |
| sigblock | signature rdata field from RRSIG |
| sigblock_len | length of sigblock data. |
| key | public key data from DNSKEY RR. |
| keylen | length of keydata. |
| reason | bogus reason in more detail. |
Referenced by dnskey_verify_rrset_sig().