HomeSort by: relevance | last modified time | path
    Searched refs:ZSK (Results 1 - 7 of 7) sorted by relevancy

  /src/external/mpl/bind/dist/bin/tests/system/migrate2kasp/ns4/
setup.sh 32 # rollover for the ZSK (P3M), but not long enough to initiate a KSK rollover (P1Y).
36 ZSK=$($KEYGEN -a $algo -L 300 -b 2048 $zsktimes $zone 2>keygen.out.$zone.2)
41 cat template.$view.db.in "${KSK}.key" "${ZSK}.key" >"$zonefile"
46 cat template.$view.db.in "${KSK}.key" "${ZSK}.key" >"$zonefile"
  /src/external/mpl/bind/dist/bin/tests/system/migrate2kasp/ns3/
setup.sh 38 ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.2)
39 cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
41 private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
75 ZSK=$($KEYGEN -a RSASHA256 -b 2048 -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
76 cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
78 private_type_record $zone 5 "$ZSK" >>"$infile"
93 ZSK=$($KEYGEN -a RSASHA256 -b 2048 -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
94 cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
96 private_type_record $zone 5 "$ZSK" >>"$infile"
100 # The zone is signed with KSK/ZSK split, but the dnssec-policy uses CSK
    [all...]
  /src/external/mpl/bind/dist/bin/tests/system/multisigner/ns3/
setup.sh 28 ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
30 $SETTIME -s -g $O -k $O now -z $O now "$ZSK" >settime.out.$zone.2 2>&1
38 ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
40 $SETTIME -s -g $O -k $O now -z $O now "$ZSK" >settime.out.$zone.2 2>&1
41 # ZSK will be added to the other provider with nsupdate.
42 cat "${ZSK}.key" | grep -v ";.*" >"${zone}.zsk"
  /src/external/mpl/bind/dist/bin/tests/system/multisigner/ns4/
setup.sh 28 ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
30 $SETTIME -s -g $O -k $O now -z $O now "$ZSK" >settime.out.$zone.2 2>&1
38 ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
40 $SETTIME -s -g $O -k $O now -z $O now "$ZSK" >settime.out.$zone.2 2>&1
41 # ZSK will be added to the other provider with nsupdate.
42 cat "${ZSK}.key" | grep -v ";.*" >"${zone}.zsk"
  /src/external/mpl/bind/dist/bin/tests/system/kasp/ns3/
setup.sh 21 mkdir zsk
113 ZSK=$($KEYGEN -a RSASHA256 -b 2048 -L 1234 $zone 2>keygen.out.$zone.1)
115 echo $ZSK >legacy-keys.kasp.zsk
120 ZSK=$($KEYGEN -a RSASHA256 -b 2048 -L 1234 $zone 2>keygen.out.$zone.3)
122 $SETTIME -P $Tact -A $Tact -I $Tret -D $Tret "$ZSK" >settime.out.$zone.1 2>&1
167 ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $keytimes $zone 2>keygen.out.$zone.2)
169 $SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
170 cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
172 private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile
    [all...]
  /src/external/mpl/bind/dist/bin/tests/system/checkconf/
kasp-bad-lifetime.conf 17 * The ZSK lifetime is good enough but should trigger a warning.
21 zsk lifetime P8DT2H1S algorithm 13;
35 dnssec-policy "bad-lifetime-zsk" {
37 * The ZSK lifetime is too short.
42 zsk lifetime P8DT2H algorithm 13;
81 zone "bad-lifetime-zsk.example.net" {
83 file "bad-lifetime-zsk.example.db";
84 dnssec-policy "bad-lifetime-zsk";
  /src/external/mpl/bind/dist/bin/tests/system/dnssec/
tests.sh 1547 echo_ic "revoked KSK ID collides with ZSK ($n)"
1611 # Test dnssec-signzone ZSK prepublish smooth rollover.
1612 echo_i "check dnssec-signzone doesn't sign with prepublished zsk ($n)"
1642 echo_i "check dnssec-signzone retains signatures of predecessor zsk ($n)"
1647 # Roll the ZSK. The predecessor is inactive from now on and the successor is
3060 grep "DNSKEY.256 3 13" dig.out.ns4.test$n >/dev/null || ret=1 # ZSK
3547 echo_i "check that CDS records are not signed using ZSK by dnssec-signzone -x ($n)"
3700 echo_i "check that CDNSKEY records are not signed using ZSK by dnssec-signzone -x ($n)"
4234 ZSK=$(cat ns2/${zone}.zsk.key
    [all...]

Completed in 33 milliseconds