diff options
Diffstat (limited to 'test/fixtures/dnssec-keygen')
-rwxr-xr-x | test/fixtures/dnssec-keygen/dnssec-keygen | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/test/fixtures/dnssec-keygen/dnssec-keygen b/test/fixtures/dnssec-keygen/dnssec-keygen new file mode 100755 index 0000000..882cd97 --- /dev/null +++ b/test/fixtures/dnssec-keygen/dnssec-keygen @@ -0,0 +1,76 @@ +#!/bin/sh + +cat <<\EOF >&2 +Usage: + dnssec-keygen [options] name + +Version: 9.11.3-1ubuntu1.5-Ubuntu + name: owner of the key +Options: + -K <directory>: write keys into directory + -a <algorithm>: + RSA | RSAMD5 | DSA | RSASHA1 | NSEC3RSASHA1 | NSEC3DSA | + RSASHA256 | RSASHA512 | ECCGOST | + ECDSAP256SHA256 | ECDSAP384SHA384 | + ED25519 | ED448 | DH | + HMAC-MD5 | HMAC-SHA1 | HMAC-SHA224 | HMAC-SHA256 | + HMAC-SHA384 | HMAC-SHA512 + (default: RSASHA1, or NSEC3RSASHA1 if using -3) + -3: use NSEC3-capable algorithm + -b <key size in bits>: + RSAMD5: [512..4096] + RSASHA1: [512..4096] + NSEC3RSASHA1: [512..4096] + RSASHA256: [512..4096] + RSASHA512: [1024..4096] + DH: [128..4096] + DSA: [512..1024] and divisible by 64 + NSEC3DSA: [512..1024] and divisible by 64 + ECCGOST: ignored + ECDSAP256SHA256: ignored + ECDSAP384SHA384: ignored + ED25519: ignored + ED448: ignored + HMAC-MD5: [1..512] + HMAC-SHA1: [1..160] + HMAC-SHA224: [1..224] + HMAC-SHA256: [1..256] + HMAC-SHA384: [1..384] + HMAC-SHA512: [1..512] + (if using the default algorithm, key size + defaults to 2048 for KSK, or 1024 for all others) + -n <nametype>: ZONE | HOST | ENTITY | USER | OTHER + (DNSKEY generation defaults to ZONE) + -c <class>: (default: IN) + -d <digest bits> (0 => max, default) + -E <engine>: + name of an OpenSSL engine to use + -f <keyflag>: KSK | REVOKE + -g <generator>: use specified generator (DH only) + -L <ttl>: default key TTL + -p <protocol>: (default: 3 [dnssec]) + -r <randomdev>: a file containing random data + -s <strength>: strength value this key signs DNS records with (default: 0) + -T <rrtype>: DNSKEY | KEY (default: DNSKEY; use KEY for SIG(0)) + -t <type>: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF (default: AUTHCONF) + -h: print usage and exit + -m <memory debugging mode>: + usage | trace | record | size | mctx + -v <level>: set verbosity level (0 - 10) + -V: print version information +Timing options: + -P date/[+-]offset/none: set key publication date (default: now) + -P sync date/[+-]offset/none: set CDS and CDNSKEY publication date + -A date/[+-]offset/none: set key activation date (default: now) + -R date/[+-]offset/none: set key revocation date + -I date/[+-]offset/none: set key inactivation date + -D date/[+-]offset/none: set key deletion date + -D sync date/[+-]offset/none: set CDS and CDNSKEY deletion date + -G: generate key only; do not set -P or -A + -C: generate a backward-compatible key, omitting all dates + -S <key>: generate a successor to an existing key + -i <interval>: prepublication interval for successor key (default: 30 days) +Output: + K<name>+<alg>+<id>.key, K<name>+<alg>+<id>.private +EOF +exit 255 |