keygen.sh 1.73 KB
Newer Older
1 2
#!/bin/sh -e
#
3
# Copyright (C) 2009-2012, 2014-2016  Internet Systems Consortium, Inc. ("ISC")
Mark Andrews's avatar
Mark Andrews committed
4
#
5 6 7
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 9 10 11 12

SYSTEMTESTTOP=../..
. $SYSTEMTESTTOP/conf.sh

# Have the child generate subdomain keys and pass DS sets to us.
13
( cd ../ns3 && $SHELL keygen.sh )
14

15
for subdomain in secure nsec3 autonsec3 optout rsasha256 rsasha512 nsec3-to-nsec oldsigs sync
16
do
17
	cp ../ns3/dsset-$subdomain.example$TP .
18 19 20 21 22 23
done

# Create keys and pass the DS to the parent.
zone=example
zonefile="${zone}.db"
infile="${zonefile}.in"
24
cat $infile dsset-*.example$TP > $zonefile
25

26 27
kskname=`$KEYGEN -3 -q -r $RANDFILE -fk $zone`
$KEYGEN -3 -q -r $RANDFILE $zone > /dev/null
28
$DSFROMKEY $kskname.key > dsset-${zone}$TP
29 30 31 32 33

# Create keys for a private secure zone.
zone=private.secure.example
zonefile="${zone}.db"
infile="${zonefile}.in"
34
ksk=`$KEYGEN -3 -q -r $RANDFILE -fk $zone`
35
$KEYGEN -3 -q -r $RANDFILE $zone > /dev/null
36 37 38 39 40 41 42 43 44 45 46
cat $ksk.key | grep -v '^; ' | $PERL -n -e '
local ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
local $key = join("", @rest);
print <<EOF
trusted-keys {
    "$dn" $flags $proto $alg "$key";
};
EOF
' > private.conf
cp private.conf ../ns4/private.conf
$SIGNER -S -3 beef -A -o $zone -f $zonefile $infile > /dev/null 2>&1
47 48 49 50 51 52

# Extract saved keys for the revoke-to-duplicate-key test
zone=bar
zonefile="${zone}.db"
infile="${zonefile}.in"
cat $infile > $zonefile
53 54 55 56 57
for i in Xbar.+005+30676.key Xbar.+005+30804.key Xbar.+005+30676.private \
	 Xbar.+005+30804.private
do
	cp $i `echo $i | sed s/X/K/`
done
58
$KEYGEN -q -r $RANDFILE $zone > /dev/null
59
$DSFROMKEY Kbar.+005+30804.key > dsset-bar$TP