[−][src]Trait trust_dns_client::rr::dnssec::Verifier
Types which are able to verify DNS based signatures
Required methods
fn algorithm(&self) -> Algorithm
Return the algorithm which this Verifier covers
fn key(&'k self) -> Result<PublicKeyEnum<'k>, ProtoError>
Return the public key associated with this verifier
Provided methods
fn verify(&self, hash: &[u8], signature: &[u8]) -> Result<(), ProtoError>
Verifies the hash matches the signature with the current key.
Arguments
hash- the hash to be validated, seerrset_tbssignature- the signature to use to verify the hash, extracted from anRData::RRSIGfor example.
Return value
True if and only if the signature is valid for the hash.
false if the key.
fn verify_message<M>(
&self,
message: &M,
signature: &[u8],
sig0: &SIG
) -> Result<(), ProtoError> where
M: BinEncodable,
&self,
message: &M,
signature: &[u8],
sig0: &SIG
) -> Result<(), ProtoError> where
M: BinEncodable,
Verifies a message with the against the given signature, i.e. SIG0
Arguments
message- the message to verifysignature- the signature to use for validation
Return value
true if the message could be validated against the signature, false otherwise
fn verify_rrsig(
&self,
name: &Name,
dns_class: DNSClass,
sig: &SIG,
records: &[Record]
) -> Result<(), ProtoError>
&self,
name: &Name,
dns_class: DNSClass,
sig: &SIG,
records: &[Record]
) -> Result<(), ProtoError>
Verifies an RRSig with the associated key, e.g. DNSKEY
Arguments
name- name associated with the rrsig being validateddns_class- DNSClass of the records, generally INsig- signature record being validatedrecords- Records covered by SIG