summaryrefslogtreecommitdiffstats
path: root/test/fixtures/dnssec-keygen
diff options
context:
space:
mode:
Diffstat (limited to 'test/fixtures/dnssec-keygen')
-rwxr-xr-xtest/fixtures/dnssec-keygen/dnssec-keygen76
1 files changed, 76 insertions, 0 deletions
diff --git a/test/fixtures/dnssec-keygen/dnssec-keygen b/test/fixtures/dnssec-keygen/dnssec-keygen
new file mode 100755
index 0000000..882cd97
--- /dev/null
+++ b/test/fixtures/dnssec-keygen/dnssec-keygen
@@ -0,0 +1,76 @@
+#!/bin/sh
+
+cat <<\EOF >&2
+Usage:
+ dnssec-keygen [options] name
+
+Version: 9.11.3-1ubuntu1.5-Ubuntu
+ name: owner of the key
+Options:
+ -K <directory>: write keys into directory
+ -a <algorithm>:
+ RSA | RSAMD5 | DSA | RSASHA1 | NSEC3RSASHA1 | NSEC3DSA |
+ RSASHA256 | RSASHA512 | ECCGOST |
+ ECDSAP256SHA256 | ECDSAP384SHA384 |
+ ED25519 | ED448 | DH |
+ HMAC-MD5 | HMAC-SHA1 | HMAC-SHA224 | HMAC-SHA256 |
+ HMAC-SHA384 | HMAC-SHA512
+ (default: RSASHA1, or NSEC3RSASHA1 if using -3)
+ -3: use NSEC3-capable algorithm
+ -b <key size in bits>:
+ RSAMD5: [512..4096]
+ RSASHA1: [512..4096]
+ NSEC3RSASHA1: [512..4096]
+ RSASHA256: [512..4096]
+ RSASHA512: [1024..4096]
+ DH: [128..4096]
+ DSA: [512..1024] and divisible by 64
+ NSEC3DSA: [512..1024] and divisible by 64
+ ECCGOST: ignored
+ ECDSAP256SHA256: ignored
+ ECDSAP384SHA384: ignored
+ ED25519: ignored
+ ED448: ignored
+ HMAC-MD5: [1..512]
+ HMAC-SHA1: [1..160]
+ HMAC-SHA224: [1..224]
+ HMAC-SHA256: [1..256]
+ HMAC-SHA384: [1..384]
+ HMAC-SHA512: [1..512]
+ (if using the default algorithm, key size
+ defaults to 2048 for KSK, or 1024 for all others)
+ -n <nametype>: ZONE | HOST | ENTITY | USER | OTHER
+ (DNSKEY generation defaults to ZONE)
+ -c <class>: (default: IN)
+ -d <digest bits> (0 => max, default)
+ -E <engine>:
+ name of an OpenSSL engine to use
+ -f <keyflag>: KSK | REVOKE
+ -g <generator>: use specified generator (DH only)
+ -L <ttl>: default key TTL
+ -p <protocol>: (default: 3 [dnssec])
+ -r <randomdev>: a file containing random data
+ -s <strength>: strength value this key signs DNS records with (default: 0)
+ -T <rrtype>: DNSKEY | KEY (default: DNSKEY; use KEY for SIG(0))
+ -t <type>: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF (default: AUTHCONF)
+ -h: print usage and exit
+ -m <memory debugging mode>:
+ usage | trace | record | size | mctx
+ -v <level>: set verbosity level (0 - 10)
+ -V: print version information
+Timing options:
+ -P date/[+-]offset/none: set key publication date (default: now)
+ -P sync date/[+-]offset/none: set CDS and CDNSKEY publication date
+ -A date/[+-]offset/none: set key activation date (default: now)
+ -R date/[+-]offset/none: set key revocation date
+ -I date/[+-]offset/none: set key inactivation date
+ -D date/[+-]offset/none: set key deletion date
+ -D sync date/[+-]offset/none: set CDS and CDNSKEY deletion date
+ -G: generate key only; do not set -P or -A
+ -C: generate a backward-compatible key, omitting all dates
+ -S <key>: generate a successor to an existing key
+ -i <interval>: prepublication interval for successor key (default: 30 days)
+Output:
+ K<name>+<alg>+<id>.key, K<name>+<alg>+<id>.private
+EOF
+exit 255