Skip to content
  • Matthijs Mekking's avatar
    dnssec-keygen can create keys given dnssec-policy · 09ac224c
    Matthijs Mekking authored
    This commit adds code for generating keys with dnssec-keygen given
    a specific dnssec-policy.
    
    The dnssec-policy can be set with a new option '-k'. The '-l'
    option can be used to set a configuration file that contains a
    specific dnssec-policy.
    
    Because the dnssec-policy dictates how the keys should look like,
    many of the existing dnssec-keygen options cannot be used together
    with '-k'.
    
    If the dnssec-policy lists multiple keys, dnssec-keygen has now the
    possibility to generate multiple keys at one run.
    
    Add two tests for creating keys with '-k': One with the default
    policy, one with multiple keys from the configuration.
    09ac224c