Annotation of src/external/mpl/bind/dist/bin/tests/system/pkcs11/setup.sh, Revision 1.1.1.1
1.1 christos 1: #!/bin/sh
2: #
3: # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4: #
5: # This Source Code Form is subject to the terms of the Mozilla Public
6: # License, v. 2.0. If a copy of the MPL was not distributed with this
7: # file, You can obtain one at http://mozilla.org/MPL/2.0/.
8: #
9: # See the COPYRIGHT file distributed with this work for additional
10: # information regarding copyright ownership.
11:
12: SYSTEMTESTTOP=..
13: . $SYSTEMTESTTOP/conf.sh
14:
15: infile=ns1/example.db.in
16:
17: /bin/echo -n ${HSMPIN:-1234}> pin
18: PWD=`pwd`
19:
20: zone=rsa.example
21: zonefile=ns1/rsa.example.db
22: have_rsa=`grep rsa supported`
23: if [ "x$have_rsa" != "x" ]; then
24: $PK11GEN -a RSA -b 1024 -l robie-rsa-zsk1 -i 01
25: $PK11GEN -a RSA -b 1024 -l robie-rsa-zsk2 -i 02
26: $PK11GEN -a RSA -b 2048 -l robie-rsa-ksk
27:
28: rsazsk1=`$KEYFRLAB -a RSASHA1 \
29: -l "object=robie-rsa-zsk1;pin-source=$PWD/pin" rsa.example`
30: rsazsk2=`$KEYFRLAB -a RSASHA1 \
31: -l "object=robie-rsa-zsk2;pin-source=$PWD/pin" rsa.example`
32: rsaksk=`$KEYFRLAB -a RSASHA1 -f ksk \
33: -l "object=robie-rsa-ksk;pin-source=$PWD/pin" rsa.example`
34:
35: cat $infile $rsazsk1.key $rsaksk.key > $zonefile
36: $SIGNER -a -P -g -r $RANDFILE -o $zone $zonefile \
37: > /dev/null 2> signer.err || cat signer.err
38: cp $rsazsk2.key ns1/rsa.key
39: mv Krsa* ns1
40: else
41: # RSA not available and will not be tested; make a placeholder
42: cp $infile ${zonefile}.signed
43: fi
44:
45: zone=ecc.example
46: zonefile=ns1/ecc.example.db
47: have_ecc=`grep ecc supported`
48: if [ "x$have_ecc" != "x" ]; then
49: $PK11GEN -a ECC -b 256 -l robie-ecc-zsk1 -i 03
50: $PK11GEN -a ECC -b 256 -l robie-ecc-zsk2 -i 04
51: $PK11GEN -a ECC -b 384 -l robie-ecc-ksk
52:
53: ecczsk1=`$KEYFRLAB -a ECDSAP256SHA256 \
54: -l "object=robie-ecc-zsk1;pin-source=$PWD/pin" ecc.example`
55: ecczsk2=`$KEYFRLAB -a ECDSAP256SHA256 \
56: -l "object=robie-ecc-zsk2;pin-source=$PWD/pin" ecc.example`
57: eccksk=`$KEYFRLAB -a ECDSAP384SHA384 -f ksk \
58: -l "object=robie-ecc-ksk;pin-source=$PWD/pin" ecc.example`
59:
60: cat $infile $ecczsk1.key $eccksk.key > $zonefile
61: $SIGNER -a -P -g -r $RANDFILE -o $zone $zonefile \
62: > /dev/null 2> signer.err || cat signer.err
63: cp $ecczsk2.key ns1/ecc.key
64: mv Kecc* ns1
65: else
66: # ECC not available and will not be tested; make a placeholder
67: cp $infile ${zonefile}.signed
68: fi
69:
70: zone=ecx.example
71: zonefile=ns1/ecx.example.db
72: have_ecx=`grep ecx supported`
73: if [ "x$have_ecx" != "x" ]; then
74: $PK11GEN -a ECX -b 256 -l robie-ecx-zsk1 -i 05
75: $PK11GEN -a ECX -b 256 -l robie-ecx-zsk2 -i 06
76: $PK11GEN -a ECX -b 256 -l robie-ecx-ksk
77: # $PK11GEN -a ECX -b 456 -l robie-ecx-ksk
78:
79: ecxzsk1=`$KEYFRLAB -a ED25519 \
80: -l "object=robie-ecx-zsk1;pin-source=$PWD/pin" ecx.example`
81: ecxzsk2=`$KEYFRLAB -a ED25519 \
82: -l "object=robie-ecx-zsk2;pin-source=$PWD/pin" ecx.example`
83: ecxksk=`$KEYFRLAB -a ED25519 -f ksk \
84: -l "object=robie-ecx-ksk;pin-source=$PWD/pin" ecx.example`
85: # ecxksk=`$KEYFRLAB -a ED448 -f ksk \
86: # -l "object=robie-ecx-ksk;pin-source=$PWD/pin" ecx.example`
87:
88: cat $infile $ecxzsk1.key $ecxksk.key > $zonefile
89: $SIGNER -a -P -g -r $RANDFILE -o $zone $zonefile \
90: > /dev/null 2> signer.err || cat signer.err
91: cp $ecxzsk2.key ns1/ecx.key
92: mv Kecx* ns1
93: else
94: # ECX not available and will not be tested; make a placeholder
95: cp $infile ${zonefile}.signed
96: fi
97:
98: rm -f signer.err
CVSweb <webmaster@jp.NetBSD.org>