Trait hickory_proto::rr::dnssec::Verifier
source · pub trait Verifier {
// Required methods
fn algorithm(&self) -> Algorithm;
fn key(&self) -> ProtoResult<PublicKeyEnum<'_>>;
// Provided methods
fn verify(&self, hash: &[u8], signature: &[u8]) -> ProtoResult<()> { ... }
fn verify_message<M: BinEncodable>(
&self,
message: &M,
signature: &[u8],
sig0: &SIG
) -> ProtoResult<()> { ... }
fn verify_rrsig(
&self,
name: &Name,
dns_class: DNSClass,
sig: &RRSIG,
records: &[Record]
) -> ProtoResult<()> { ... }
}Available on crate feature
dnssec only.Expand description
Types which are able to verify DNS based signatures
Required Methods§
sourcefn key(&self) -> ProtoResult<PublicKeyEnum<'_>>
fn key(&self) -> ProtoResult<PublicKeyEnum<'_>>
Return the public key associated with this verifier
Provided Methods§
sourcefn verify(&self, hash: &[u8], signature: &[u8]) -> ProtoResult<()>
fn verify(&self, hash: &[u8], signature: &[u8]) -> ProtoResult<()>
Verifies the hash matches the signature with the current key.
§Arguments
hash- the hash to be validated, seerrset_tbssignature- the signature to use to verify the hash, extracted from anRData::RRSIGfor example.
§Return value
True if and only if the signature is valid for the hash.
false if the key.
sourcefn verify_message<M: BinEncodable>(
&self,
message: &M,
signature: &[u8],
sig0: &SIG
) -> ProtoResult<()>
fn verify_message<M: BinEncodable>( &self, message: &M, signature: &[u8], sig0: &SIG ) -> ProtoResult<()>
sourcefn verify_rrsig(
&self,
name: &Name,
dns_class: DNSClass,
sig: &RRSIG,
records: &[Record]
) -> ProtoResult<()>
fn verify_rrsig( &self, name: &Name, dns_class: DNSClass, sig: &RRSIG, records: &[Record] ) -> ProtoResult<()>
Verifies an RRSig with the associated key, e.g. DNSKEY
§Arguments
name- name associated with the rrsig being validateddns_class- DNSClass of the records, generally INsig- signature record being validatedrecords- Records covered by SIG
Object Safety§
This trait is not object safe.