54
53
dns_keytable_create(isc_mem_t *mctx, dns_keytable_t **keytablep);
56
55
* Create a keytable.
60
* 'mctx' is a valid memory context.
59
*\li 'mctx' is a valid memory context.
62
* keytablep != NULL && *keytablep == NULL
61
*\li keytablep != NULL && *keytablep == NULL
66
* On success, *keytablep is a valid, empty key table.
65
*\li On success, *keytablep is a valid, empty key table.
72
* Any other result indicates failure.
71
*\li Any other result indicates failure.
77
76
dns_keytable_attach(dns_keytable_t *source, dns_keytable_t **targetp);
79
78
* Attach *targetp to source.
83
* 'source' is a valid keytable.
82
*\li 'source' is a valid keytable.
85
* 'targetp' points to a NULL dns_keytable_t *.
84
*\li 'targetp' points to a NULL dns_keytable_t *.
89
* *targetp is attached to source.
88
*\li *targetp is attached to source.
93
92
dns_keytable_detach(dns_keytable_t **keytablep);
95
94
* Detach *keytablep from its keytable.
99
* 'keytablep' points to a valid keytable.
98
*\li 'keytablep' points to a valid keytable.
103
* *keytablep is NULL.
105
* If '*keytablep' is the last reference to the keytable,
107
* All resources used by the keytable will be freed
102
*\li *keytablep is NULL.
104
*\li If '*keytablep' is the last reference to the keytable,
105
* all resources used by the keytable will be freed
111
109
dns_keytable_add(dns_keytable_t *keytable, dst_key_t **keyp);
113
111
* Add '*keyp' to 'keytable'.
117
* Ownership of *keyp is transferred to the keytable.
115
*\li Ownership of *keyp is transferred to the keytable.
121
* keyp != NULL && *keyp is a valid dst_key_t *.
119
*\li keyp != NULL && *keyp is a valid dst_key_t *.
125
* On success, *keyp == NULL
123
*\li On success, *keyp == NULL
131
* Any other result indicates failure.
129
*\li Any other result indicates failure.
135
133
dns_keytable_findkeynode(dns_keytable_t *keytable, dns_name_t *name,
136
134
dns_secalg_t algorithm, dns_keytag_t tag,
137
135
dns_keynode_t **keynodep);
139
137
* Search for a key named 'name', matching 'algorithm' and 'tag' in
138
* 'keytable'. This finds the first instance which matches. Use
139
* dns_keytable_findnextkeynode() to find other instances.
144
* 'keytable' is a valid keytable.
146
* 'name' is a valid absolute name.
148
* keynodep != NULL && *keynodep == NULL
143
*\li 'keytable' is a valid keytable.
145
*\li 'name' is a valid absolute name.
147
*\li keynodep != NULL && *keynodep == NULL
152
*\li DNS_R_PARTIALMATCH the name existed in the keytable.
155
* Any other result indicates an error.
155
*\li Any other result indicates an error.
159
159
dns_keytable_findnextkeynode(dns_keytable_t *keytable, dns_keynode_t *keynode,
160
160
dns_keynode_t **nextnodep);
162
162
* Search for the next key with the same properties as 'keynode' in
163
* 'keytable' as found by dns_keytable_findkeynode().
167
* 'keytable' is a valid keytable.
169
* 'keynode' is a valid keynode.
171
* nextnodep != NULL && *nextnodep == NULL
167
*\li 'keytable' is a valid keytable.
169
*\li 'keynode' is a valid keynode.
171
*\li nextnodep != NULL && *nextnodep == NULL
178
* Any other result indicates an error.
178
*\li Any other result indicates an error.
182
182
dns_keytable_finddeepestmatch(dns_keytable_t *keytable, dns_name_t *name,
183
183
dns_name_t *foundname);
185
185
* Search for the deepest match of 'name' in 'keytable'.
189
* 'keytable' is a valid keytable.
191
* 'name' is a valid absolute name.
193
* 'foundname' is a name with a dedicated buffer.
189
*\li 'keytable' is a valid keytable.
191
*\li 'name' is a valid absolute name.
193
*\li 'foundname' is a name with a dedicated buffer.
200
* Any other result indicates an error.
200
*\li Any other result indicates an error.
204
204
dns_keytable_detachkeynode(dns_keytable_t *keytable,
205
205
dns_keynode_t **keynodep);
207
207
* Give back a keynode found via dns_keytable_findkeynode().
211
* 'keytable' is a valid keytable.
211
*\li 'keytable' is a valid keytable.
213
* *keynodep is a valid keynode returned by a call to
213
*\li *keynodep is a valid keynode returned by a call to
214
214
* dns_keytable_findkeynode().
218
*\li *keynodep == NULL
222
222
dns_keytable_issecuredomain(dns_keytable_t *keytable, dns_name_t *name,
223
223
isc_boolean_t *wantdnssecp);
225
225
* Is 'name' at or beneath a trusted key?
229
* 'keytable' is a valid keytable.
231
* 'name' is a valid absolute name.
233
* '*wantsdnssecp' is a valid isc_boolean_t.
229
*\li 'keytable' is a valid keytable.
231
*\li 'name' is a valid absolute name.
233
*\li '*wantsdnssecp' is a valid isc_boolean_t.
237
* On success, *wantsdnssecp will be ISC_TRUE if and only if 'name'
237
*\li On success, *wantsdnssecp will be ISC_TRUE if and only if 'name'
238
238
* is at or beneath a trusted key.
244
* Any other result is an error.
244
*\li Any other result is an error.
248
248
dns_keynode_key(dns_keynode_t *keynode);
250
250
* Get the DST key associated with keynode.