summaryrefslogtreecommitdiffstats
path: root/bin/tests/system/autosign/ns2/keygen.sh
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:59:48 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 15:59:48 +0000
commit3b9b6d0b8e7f798023c9d109c490449d528fde80 (patch)
tree2e1c188dd7b8d7475cd163de9ae02c428343669b /bin/tests/system/autosign/ns2/keygen.sh
parentInitial commit. (diff)
downloadbind9-3b9b6d0b8e7f798023c9d109c490449d528fde80.tar.xz
bind9-3b9b6d0b8e7f798023c9d109c490449d528fde80.zip
Adding upstream version 1:9.18.19.upstream/1%9.18.19
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--bin/tests/system/autosign/ns2/keygen.sh65
1 files changed, 65 insertions, 0 deletions
diff --git a/bin/tests/system/autosign/ns2/keygen.sh b/bin/tests/system/autosign/ns2/keygen.sh
new file mode 100644
index 0000000..9b7c31d
--- /dev/null
+++ b/bin/tests/system/autosign/ns2/keygen.sh
@@ -0,0 +1,65 @@
+#!/bin/sh -e
+
+# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+#
+# SPDX-License-Identifier: MPL-2.0
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, you can obtain one at https://mozilla.org/MPL/2.0/.
+#
+# See the COPYRIGHT file distributed with this work for additional
+# information regarding copyright ownership.
+
+. ../../conf.sh
+
+# Have the child generate subdomain keys and pass DS sets to us.
+( cd ../ns3 && $SHELL keygen.sh )
+
+for subdomain in secure nsec3 autonsec3 optout rsasha256 rsasha512 \
+ nsec3-to-nsec oldsigs sync dname-at-apex-nsec3 cds-delete \
+ cdnskey-delete
+do
+ cp ../ns3/dsset-$subdomain.example. .
+done
+
+# Create keys and pass the DS to the parent.
+zone=example
+zonefile="${zone}.db"
+infile="${zonefile}.in"
+cat $infile dsset-*.example. > $zonefile
+
+kskname=$($KEYGEN -a ${DEFAULT_ALGORITHM} -3 -q -fk $zone)
+$KEYGEN -a ${DEFAULT_ALGORITHM} -3 -q $zone > /dev/null
+$DSFROMKEY $kskname.key > dsset-${zone}.
+
+# Create keys for a private secure zone.
+zone=private.secure.example
+zonefile="${zone}.db"
+infile="${zonefile}.in"
+ksk=$($KEYGEN -a ${DEFAULT_ALGORITHM} -3 -q -fk $zone)
+$KEYGEN -a ${DEFAULT_ALGORITHM} -3 -q $zone > /dev/null
+keyfile_to_static_ds $ksk > private.conf
+cp private.conf ../ns4/private.conf
+$SIGNER -S -3 beef -A -o $zone -f $zonefile $infile > /dev/null
+
+# Extract saved keys for the revoke-to-duplicate-key test
+zone=bar
+zonefile="${zone}.db"
+infile="${zonefile}.in"
+cat $infile > $zonefile
+for i in Xbar.+013+59973.key Xbar.+013+59973.private \
+ Xbar.+013+60101.key Xbar.+013+60101.private
+do
+ cp $i $(echo $i | sed s/X/K/)
+done
+$KEYGEN -a ECDSAP256SHA256 -q $zone > /dev/null
+$DSFROMKEY Kbar.+013+60101.key > dsset-bar.
+
+# a zone with empty non-terminals.
+zone=optout-with-ent
+zonefile=optout-with-ent.db
+infile=optout-with-ent.db.in
+cat $infile > $zonefile
+kskname=$($KEYGEN -a ${DEFAULT_ALGORITHM} -3 -q -fk $zone)
+$KEYGEN -a ${DEFAULT_ALGORITHM} -3 -q $zone > /dev/null