Trait trust_dns::rr::dnssec::Verifier
[−]
[src]
pub trait Verifier { fn algorithm(&self) -> Algorithm; fn key<'k>(&'k self) -> DnsSecResult<PublicKeyEnum<'k>>; fn verify(&self, hash: &[u8], signature: &[u8]) -> DnsSecResult<()> { ... } fn verify_message(
&self,
message: &Message,
signature: &[u8],
sig0: &SIG
) -> DnsSecResult<()> { ... } fn verify_rrsig(
&self,
name: &Name,
dns_class: DNSClass,
sig: &SIG,
records: &[Record]
) -> DnsSecResult<()> { ... } }
Types which are able to verify DNS based signatures
Required Methods
fn algorithm(&self) -> Algorithm
Return the algorithm which this Verifier covers
fn key<'k>(&'k self) -> DnsSecResult<PublicKeyEnum<'k>>
Return the public key associated with this verifier
Provided Methods
fn verify(&self, hash: &[u8], signature: &[u8]) -> DnsSecResult<()>
Verifies the hash matches the signature with the current key
.
Arguments
hash
- the hash to be validated, seehash_rrset
signature
- the signature to use to verify the hash, extracted from anRData::RRSIG
for example.
Return value
True if and only if the signature is valid for the hash.
false if the key
.
fn verify_message(
&self,
message: &Message,
signature: &[u8],
sig0: &SIG
) -> DnsSecResult<()>
&self,
message: &Message,
signature: &[u8],
sig0: &SIG
) -> DnsSecResult<()>
Verifies a message with the against the given signature, i.e. SIG0
Arguments
message
- the message to verifysignature
- the signature to use for validation
Return value
true
if the message could be validated against the signature, false
otherwise
fn verify_rrsig(
&self,
name: &Name,
dns_class: DNSClass,
sig: &SIG,
records: &[Record]
) -> DnsSecResult<()>
&self,
name: &Name,
dns_class: DNSClass,
sig: &SIG,
records: &[Record]
) -> DnsSecResult<()>
Verifies an RRSig with the associated key, e.g. DNSKEY
Arguments
name
- name associated with the rrsig being validateddns_class
- DNSClass of the records, generally INsig
- signature record being validatedrecords
- Records covered by SIG