Annotation of src/external/mpl/bind/dist/bin/tests/system/inline/ns3/sign.sh, Revision 1.1.1.2
1.1 christos 1: #!/bin/sh -e
2: #
3: # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4: #
5: # This Source Code Form is subject to the terms of the Mozilla Public
6: # License, v. 2.0. If a copy of the MPL was not distributed with this
7: # file, You can obtain one at http://mozilla.org/MPL/2.0/.
8: #
9: # See the COPYRIGHT file distributed with this work for additional
10: # information regarding copyright ownership.
11:
12: SYSTEMTESTTOP=../..
13: . $SYSTEMTESTTOP/conf.sh
14:
15: zone=bits
16: rm -f K${zone}.+*+*.key
17: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 18: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 19: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 20: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
21:
22: zone=noixfr
23: rm -f K${zone}.+*+*.key
24: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 25: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 26: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 27: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
28:
29: zone=master
30: rm -f K${zone}.+*+*.key
31: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 32: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 33: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 34: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
35:
36: zone=dynamic
37: rm -f K${zone}.+*+*.key
38: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 39: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 40: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 41: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
42:
43: zone=updated
44: rm -f K${zone}.+*+*.key
45: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 46: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 47: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 48: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
49: $SIGNER -S -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null 2>&1
50: cp master2.db.in updated.db
51:
52: # signatures are expired and should be regenerated on startup
53: zone=expired
54: rm -f K${zone}.+*+*.key
55: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 56: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 57: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 58: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
59: $SIGNER -PS -s 20100101000000 -e 20110101000000 -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null 2>&1
60:
61: zone=retransfer
62: rm -f K${zone}.+*+*.key
63: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 64: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 65: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 66: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
67:
68: zone=nsec3
69: rm -f K${zone}.+*+*.key
70: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 71: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 72: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
73:
74: zone=retransfer3
75: rm -f K${zone}.+*+*.key
76: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 77: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone $zone`
! 78: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 79: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
80:
81: zone=inactiveksk
82: rm -f K${zone}.+*+*.key
83: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 84: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone $zone`
! 85: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -P now -A now+3600 -f KSK $zone`
! 86: keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone $zone`
! 87: keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone -f KSK $zone`
1.1 christos 88: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
89:
90: zone=inactivezsk
91: rm -f K${zone}.+*+*.key
92: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 93: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -P now -A now+3600 $zone`
! 94: keyname=`$KEYGEN -q -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone`
! 95: keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone $zone`
! 96: keyname=`$KEYGEN -q -a RSASHA256 -b 1024 -n zone -f KSK $zone`
1.1 christos 97: $DSFROMKEY -T 1200 $keyname >> ../ns1/root.db
98:
1.1.1.2 ! christos 99: zone=delayedkeys
! 100: rm -f K${zone}.+*+*.key
! 101: rm -f K${zone}.+*+*.private
! 102: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 103: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
! 104: # Keys for the "delayedkeys" zone should not be initially accessible.
! 105: mv K${zone}.+*+*.* ../
! 106:
1.1 christos 107: zone=removedkeys-primary
108: rm -f K${zone}.+*+*.key
109: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 110: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 111: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 112:
113: zone=removedkeys-secondary
114: rm -f K${zone}.+*+*.key
115: rm -f K${zone}.+*+*.private
1.1.1.2 ! christos 116: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 117: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 118:
119: for s in a c d h k l m q z
120: do
121: zone=test-$s
1.1.1.2 ! christos 122: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
1.1 christos 123: done
124:
125: for s in b f i o p t v
126: do
127: zone=test-$s
1.1.1.2 ! christos 128: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone $zone`
! 129: keyname=`$KEYGEN -q -a RSASHA1 -b 1024 -n zone -f KSK $zone`
1.1 christos 130: done
131:
132: zone=externalkey
133: rm -f K${zone}.+*+*.key
134: rm -f K${zone}.+*+*.private
135:
1.1.1.2 ! christos 136: for alg in ECDSAP256SHA256 NSEC3RSASHA1
1.1 christos 137: do
1.1.1.2 ! christos 138: k1=`$KEYGEN -q -a $alg -b 1024 -n zone -f KSK $zone`
! 139: k2=`$KEYGEN -q -a $alg -b 1024 -n zone $zone`
! 140: k3=`$KEYGEN -q -a $alg -b 1024 -n zone $zone`
! 141: k4=`$KEYGEN -q -a $alg -b 1024 -n zone -f KSK $zone`
1.1 christos 142: $DSFROMKEY -T 1200 $k4 >> ../ns1/root.db
143:
144: # Convert k1 and k2 in to External Keys.
145: rm -f $k1.private
146: mv $k1.key a-file
147: $IMPORTKEY -P now -D now+3600 -f a-file $zone > /dev/null 2>&1 ||
1.1.1.2 ! christos 148: ( echo "importkey failed: $alg" )
1.1 christos 149: rm -f $k2.private
150: mv $k2.key a-file
151: $IMPORTKEY -f a-file $zone > /dev/null 2>&1 ||
1.1.1.2 ! christos 152: ( echo "importkey failed: $alg" )
1.1 christos 153: done
CVSweb <webmaster@jp.NetBSD.org>