package dnssec

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type
val src : Logs.src
module Log : Logs.LOG
val let* : ('a, 'b) result -> ('a -> ('c, 'b) result) -> ('c, 'b) result
module KM : sig ... end
val pp_km_name_rr_map : Format.formatter -> (Dns.Rr_map.t * 'a) Domain_name.Map.t -> unit
val guard : bool -> 'a -> (unit, 'a) result
val open_err : ('a, [ `Msg of string ]) result -> ('a, [> `Msg of string ]) result
val root_ds : Dns.Rr_map.Ds_set.t
val pp_pub : Format.formatter -> [< `ED25519 of 'a | `P256 of 'b | `P384 of 'c | `RSA of Mirage_crypto_pk.Rsa.pub ] -> unit
val digest : Dns.Ds.digest_type -> [ `raw ] Domain_name.t -> Dns.Dnskey.t -> (Mirage_crypto.Hash.digest, [> `Msg of string ]) result
val dnskey_to_pk : Dns.Dnskey.t -> ([> `ED25519 of Mirage_crypto_ec.Ed25519.pub | `P256 of Mirage_crypto_ec.P256.Dsa.pub | `P384 of Mirage_crypto_ec.P384.Dsa.pub | `RSA of Mirage_crypto_pk.Rsa.pub ], [> `Msg of string ]) result
val verify : 'a. Ptime.t -> pub -> [ `raw ] Domain_name.t -> Dns.Rrsig.t -> 'a Dns.Rr_map.key -> 'a -> ([ `raw ] Domain_name.t * [ `raw ] Domain_name.t, [ `Msg of string ]) result
val validate_ds : [ `raw ] Domain_name.t -> Dns.Rr_map.Dnskey_set.t -> Dns.Ds.t -> (Dns.Rr_map.Dnskey_set.elt, [> `Msg of string ]) result
val validate_rrsig_keys : Ptime.t -> Dns.Rr_map.Dnskey_set.t -> Dns.Rr_map.Rrsig_set.t -> [ `raw ] Domain_name.t -> 'a Dns.Rr_map.key -> 'a -> ([ `raw ] Domain_name.t * [ `raw ] Domain_name.t, [> `Msg of string ]) result
val find_soa : (Dns.Rr_map.t * 'a Domain_name.t KM.t) Domain_name.Map.t -> ([ `raw ] Domain_name.t * Dns.Soa.t, [> `Msg of string ]) result
val is_name_in_chain : soa_name:'a Domain_name.t -> name:'b Domain_name.t -> owner:'c Domain_name.t -> ('d * Dns.Nsec.t) -> bool
val name_in_chain : soa_name:'a Domain_name.t -> name:'b Domain_name.t -> owner:'c Domain_name.t -> ('d * Dns.Nsec.t) -> (unit, [> `Msg of string ]) result
val is_ent : 'a Domain_name.t -> owner:'b Domain_name.t -> ('c * Dns.Nsec.t) -> bool
val wildcard_non_existence : soa_name:'a Domain_name.t -> [ `raw ] Domain_name.t -> (Dns.Rr_map.t * 'b Domain_name.t KM.t) Domain_name.Map.t -> (unit, [> `Msg of string ]) result
val nsec3_hash : Cstruct.t -> int -> [ `raw ] Domain_name.t -> Mirage_crypto.Hash.digest
val nsec3_hashed_name : Cstruct.t -> int -> soa_name:'a Domain_name.t -> [ `raw ] Domain_name.t -> [ `raw ] Domain_name.t
val nsec3_rrs : (Dns.Rr_map.t * 'a Domain_name.t KM.t) Domain_name.Map.t -> ((Dns.Rr_map.t * 'a Domain_name.t KM.t) Domain_name.Map.t * Cstruct.t * int, [> `Msg of string ]) result
val nsec3_closest_encloser : (Dns.Rr_map.t * 'a) Domain_name.Map.t -> Cstruct.t -> int -> soa_name:'b Domain_name.t -> [ `raw ] Domain_name.t -> ([ `raw ] Domain_name.t * [ `raw ] Domain_name.t * [ `raw ] Domain_name.t, [> `Msg of string ]) result
val nsec3_between : (Dns.Rr_map.t * 'a) Domain_name.Map.t -> soa_name:'b Domain_name.t -> 'c Domain_name.t -> (Domain_name.Map.key * (Dns.Rr_map.t * 'a), [> `Msg of string ]) result
val nsec3_non_existence : [ `raw ] Domain_name.t -> soa_name:'a Domain_name.t -> (Dns.Rr_map.t * 'b Domain_name.t KM.t) Domain_name.Map.t -> (Dns.Nsec3.t Dns.Rr_map.with_ttl, [> `Msg of string ]) result
val nsec3_chain : soa_name:'a Domain_name.t -> wc_name:'b Domain_name.t -> name:'c Domain_name.t -> (Dns.Rr_map.t * 'd Domain_name.t KM.t) Domain_name.Map.t -> (Domain_name.Map.key * (Dns.Rr_map.t * 'd Domain_name.t KM.t), [> `Msg of string ]) result
val nsec_non_existence : [ `raw ] Domain_name.t -> soa_name:'a Domain_name.t -> (Dns.Rr_map.t * 'b Domain_name.t KM.t) Domain_name.Map.t -> (unit, [> `Msg of string ]) result
val no_domain : [ `raw ] Domain_name.t -> (Dns.Rr_map.t * 'a Domain_name.t KM.t) Domain_name.Map.t -> ([ `raw ] Domain_name.t * Dns.Soa.t, [> `Msg of string ]) result
val nsec_no_data : soa_name:'a Domain_name.t -> Domain_name.Map.key -> 'b Dns.Rr_map.key -> (Dns.Rr_map.t * 'c Domain_name.t KM.t) Domain_name.Map.t -> (unit, [> `Msg of string ]) result
val nsec3_no_data : soa_name:'a Domain_name.t -> [ `raw ] Domain_name.t -> 'b Dns.Rr_map.key -> (Dns.Rr_map.t * 'c Domain_name.t KM.t) Domain_name.Map.t -> (unit, [> `Msg of string ]) result
val no_data : Domain_name.Map.key -> 'a Dns.Rr_map.key -> (Dns.Rr_map.t * 'b Domain_name.t KM.t) Domain_name.Map.t -> ([ `raw ] Domain_name.t * Dns.Soa.t, [> `Msg of string ]) result
val has_delegation : Dns.Name_rr_map.t -> 'a Domain_name.t -> (Domain_name.Map.key * Dns.Rr_map.t) option
val validate_delegation : [ `raw ] Domain_name.t option -> (Dns.Rr_map.t * 'a Domain_name.t KM.t) Domain_name.Map.t -> (Domain_name.Map.key * Dns.Rr_map.t) -> ([> `Signed_delegation of Domain_name.Map.key * Domain_name.Host_set.t * Dns.Rr_map.Ds_set.t | `Unsigned_delegation of Domain_name.Map.key * Domain_name.Host_set.t ], [> `Msg of string ]) result
val maybe_validate_wildcard_answer : [ `raw ] Domain_name.t option -> (Dns.Rr_map.t * 'a Domain_name.t KM.t) Domain_name.Map.t -> 'b Domain_name.t KM.t -> 'c Domain_name.t -> 'd Dns.Rr_map.key -> (unit, [> `Msg of string ]) result
val validate_answer : 'a. ?signer_name:[ `raw ] Domain_name.t -> [ `raw ] Domain_name.t -> 'a Dns.Rr_map.rr -> (Dns.Rr_map.t * [ `raw ] Domain_name.t KM.t) Domain_name.Map.t -> (Dns.Rr_map.t * [ `raw ] Domain_name.t KM.t) Domain_name.Map.t -> Dns.Name_rr_map.t -> ('a, [> `Cname of [ `raw ] Domain_name.t | `Msg of string | `No_data of [ `raw ] Domain_name.t * Dns.Soa.t | `Signed_delegation of [ `raw ] Domain_name.t * Domain_name.Host_set.t * Dns.Rr_map.Ds_set.t | `Unsigned_delegation of [ `raw ] Domain_name.t * Domain_name.Host_set.t ]) result
type err = [
  1. | `Cname of [ `raw ] Domain_name.t
  2. | `Unsigned_delegation of [ `raw ] Domain_name.t * Domain_name.Host_set.t
  3. | `Signed_delegation of [ `raw ] Domain_name.t * Domain_name.Host_set.t * Dns.Rr_map.Ds_set.t
  4. | `No_data of [ `raw ] Domain_name.t * Dns.Soa.t
  5. | `No_domain of [ `raw ] Domain_name.t * Dns.Soa.t
  6. | `Msg of string
]
val pp_err : Format.formatter -> [< `Cname of 'a Domain_name.t | `Msg of string | `No_data of 'b Domain_name.t * Dns.Soa.t | `No_domain of 'c Domain_name.t * Dns.Soa.t | `Signed_delegation of 'd Domain_name.t * Domain_name.Host_set.t * Dns.Rr_map.Ds_set.t | `Unsigned_delegation of 'e Domain_name.t * Domain_name.Host_set.t ] -> unit
val fold_option : 'a Domain_name.t option -> 'a Domain_name.t option -> 'a Domain_name.t option
val verify_reply : 'a. ?fuel:int -> ?follow_cname:bool -> Ptime.t -> Dns.Rr_map.Dnskey_set.t -> [ `raw ] Domain_name.t -> 'a Dns.Rr_map.rr -> Dns.Packet.reply -> ('a, [> `Cname of [ `raw ] Domain_name.t | `Msg of string | `No_data of [ `raw ] Domain_name.t * Dns.Soa.t | `No_domain of [ `raw ] Domain_name.t * Dns.Soa.t | `Signed_delegation of [ `raw ] Domain_name.t * Domain_name.Host_set.t * Dns.Rr_map.Ds_set.t | `Unsigned_delegation of [ `raw ] Domain_name.t * Domain_name.Host_set.t ]) result
val remove_km : ('a * 'b) Domain_name.Map.t -> 'a Domain_name.Map.t
val verify_packet : Ptime.t -> Dns.Rr_map.Dnskey_set.t -> Dns.Packet.t -> (Dns.Packet.t, [> `Msg of string ]) result
OCaml

Innovation. Community. Security.