DragonFly On-Line Manual Pages
getdns_validate_dnssec(3) getdns getdns_validate_dnssec(3)
NAME
getdns_validate_dnssec -- DNSSEC validate a given getdns record
LIBRARY
DNS Resolver library (libgetdns, -lgetdns)
SYNOPSIS
#include <getdns.h>
getdns_return_t
getdns_validate_dnssec (getdns_list *record_to_validate,
getdns_list *bundle_of_support_records,
getdns_list *trust_anchor_records)
DESCRIPTION
If an application wants the API to perform DNSSEC validation without
using the extensions, it can use the getdns_validate_dnssec() helper
function. The API will use the resource records in
bundle_of_support_records to construct the validation chain and the
DNSKEY or DS records in trust_anchor_records as trust anchors. The
default list of trust anchor records that is used by the library to
validate DNSSEC can be retrieved by using the getdns_root_trust_anchor
helper function.
record_to_validate the resource record being validated
bundle_of_support_records records used to construct the validation
chain
trust_anchor_records trust anchor records to use for the validation
RETURN VALUES
GETDNS_DNSSEC_BOGUS the DNSSEC signature is bogus
GETDNS_DNSSEC_INDETERMINATE validation could not be completed
GETDNS_DNSSEC_INSECURE one or more pieces of the validation chain are
demonstrably incorrect
GETDNS_DNSSEC_SECURE validation succeeded
GETDNS_RETURN_MEMORY_ERROR an attempt to allocate memory failed
EXAMPLES
TBD
SEE ALSO
getdns_root_trust_anchor(3) libgetdns(3)
getdns 0.9.0 December 2015 getdns_validate_dnssec(3)