diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 07:24:22 +0000 |
commit | 45d6379135504814ab723b57f0eb8be23393a51d (patch) | |
tree | d4f2ec4acca824a8446387a758b0ce4238a4dffa /bin/tests/system/ecdsa/ns1/sign.sh | |
parent | Initial commit. (diff) | |
download | bind9-45d6379135504814ab723b57f0eb8be23393a51d.tar.xz bind9-45d6379135504814ab723b57f0eb8be23393a51d.zip |
Adding upstream version 1:9.16.44.upstream/1%9.16.44upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'bin/tests/system/ecdsa/ns1/sign.sh')
-rw-r--r-- | bin/tests/system/ecdsa/ns1/sign.sh | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/bin/tests/system/ecdsa/ns1/sign.sh b/bin/tests/system/ecdsa/ns1/sign.sh new file mode 100644 index 0000000..8c829bb --- /dev/null +++ b/bin/tests/system/ecdsa/ns1/sign.sh @@ -0,0 +1,56 @@ +#!/bin/sh -e + +# Copyright (C) Internet Systems Consortium, Inc. ("ISC") +# +# SPDX-License-Identifier: MPL-2.0 +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, you can obtain one at https://mozilla.org/MPL/2.0/. +# +# See the COPYRIGHT file distributed with this work for additional +# information regarding copyright ownership. + +SYSTEMTESTTOP=../.. +. $SYSTEMTESTTOP/conf.sh + +zone=. +infile=root.db.in +zonefile=root.db + +echo_i "ns1/sign.sh" + +cp $infile $zonefile + +if [ -f ../ecdsa256-supported.file ]; then + zsk256=$($KEYGEN -q -a ECDSA256 -n zone "$zone") + ksk256=$($KEYGEN -q -a ECDSA256 -n zone -f KSK "$zone") + cat "$ksk256.key" "$zsk256.key" >> "$zonefile" + $DSFROMKEY -a sha-256 "$ksk256.key" >> dsset-256 +fi + +if [ -f ../ecdsa384-supported.file ]; then + zsk384=$($KEYGEN -q -a ECDSA384 -n zone "$zone") + ksk384=$($KEYGEN -q -a ECDSA384 -n zone -f KSK "$zone") + cat "$ksk384.key" "$zsk384.key" >> "$zonefile" + $DSFROMKEY -a sha-256 "$ksk384.key" >> dsset-256 +fi + +# Configure the resolving server with a static key. +if [ -f ../ecdsa256-supported.file ]; then + keyfile_to_static_ds $ksk256 > trusted.conf + cp trusted.conf ../ns2/trusted.conf +else + keyfile_to_static_ds $ksk384 > trusted.conf + cp trusted.conf ../ns2/trusted.conf +fi + +if [ -f ../ecdsa384-supported.file ]; then + keyfile_to_static_ds $ksk384 > trusted.conf + cp trusted.conf ../ns3/trusted.conf +else + keyfile_to_static_ds $ksk256 > trusted.conf + cp trusted.conf ../ns3/trusted.conf +fi + +$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err |