Add README.md file to rsabigexponent system test

This README.md describes why is bigkey needed.
parent a23c5d29
Pipeline #61457 failed with stages
in 61 minutes and 56 seconds
Copyright (C) Internet Systems Consortium, Inc. ("ISC")
See COPYRIGHT in the source root or https://isc.org/copyright.html for terms.
The `rsabigexponent` test is used to `check max-rsa-exponent-size`.
We only run this test on builds without PKCS#11 as we have control over
the RSA exponent size with plain OpenSSL and have not explored how to do
this with PKCS#11, which would require generating such a key and then
signing a zone with it. Additionally, even with control of the exponent
size with PKCS#11, generating a DNSKEY with this property and signing
such a zone would be slow, and we don't want to do this for each test
run. Instead, we use pregenerated DNSKEY and a saved signed zone.
These are located in `rsabigexponent/ns2`. These currently use RSASHA1
for the `DNSKEY` algorithm, however, that may need to be changed in the
future.
To generate the `DNSKEY` used in this test, we used `bigkey.c`, as
dnssec-keygen is not capable of generating such keys.
Do **not** remove `bigkey.c` as it may be needed to generate a new
`DNSKEY` for testing purposes.
`bigkey` is used to both test that we are not running under PKCS#11 and
generate a `DNSKEY` key with a large RSA exponent.
......@@ -767,6 +767,7 @@
./bin/tests/system/rrsetorder/dig.out.random.good9 X 2006,2018,2019,2020,2021
./bin/tests/system/rrsetorder/setup.sh SH 2018,2019,2020,2021
./bin/tests/system/rrsetorder/tests.sh SH 2006,2007,2008,2011,2012,2014,2015,2016,2017,2018,2019,2020,2021
./bin/tests/system/rsabigexponent/README.md TXT.BRIEF 2021
./bin/tests/system/rsabigexponent/bigkey.c C 2012,2014,2015,2016,2017,2018,2019,2020,2021
./bin/tests/system/rsabigexponent/clean.sh SH 2012,2014,2016,2018,2019,2020,2021
./bin/tests/system/rsabigexponent/ns1/sign.sh SH 2012,2014,2016,2018,2019,2020,2021
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment