Home | History | Annotate | Line # | Download | only in ns2 
      1 #!/bin/sh -e
      2 
      3 # Copyright (C) Internet Systems Consortium, Inc. ("ISC")
      4 #
      5 # SPDX-License-Identifier: MPL-2.0
      6 #
      7 # This Source Code Form is subject to the terms of the Mozilla Public
      8 # License, v. 2.0.  If a copy of the MPL was not distributed with this
      9 # file, you can obtain one at https://mozilla.org/MPL/2.0/.
     10 #
     11 # See the COPYRIGHT file distributed with this work for additional
     12 # information regarding copyright ownership.
     13 
     14 # shellcheck source=conf.sh
     15 . ../../conf.sh
     16 
     17 set -e
     18 
     19 longago="now-1y"
     20 keytimes="-P ${longago} -A ${longago}"
     21 O="omnipresent"
     22 
     23 zone=dnssec.
     24 infile=dnssec.db.in
     25 zonefile=dnssec.db
     26 cp $infile $zonefile
     27 ksk=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -L 3600 -b "$DEFAULT_BITS" -f KSK "$zone")
     28 zsk=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -L 3600 -b "$DEFAULT_BITS" "$zone")
     29 # Sign deliberately with a very short expiration date.
     30 "$SIGNER" -P -S -x -O full -e "now"+1s -o "$zone" "$zonefile" >"signzone.out.$zone" 2>&1
     31 id=$(keyfile_to_key_id "$ksk")
     32 echo "$DEFAULT_ALGORITHM_NUMBER+$id" >dnssec.ksk.id
     33 id=$(keyfile_to_key_id "$zsk")
     34 echo "$DEFAULT_ALGORITHM_NUMBER+$id" >dnssec.zsk.id
     35 
     36 zone=manykeys.
     37 infile=manykeys.db.in
     38 zonefile=manykeys.db
     39 cp $infile $zonefile
     40 ksk8=$("$KEYGEN" -q -a RSASHA256 -L 3600 -b 2048 -f KSK $keytimes -P sync $longago "$zone")
     41 zsk8=$("$KEYGEN" -q -a RSASHA256 -L 3600 -b 2048 $keytimes "$zone")
     42 $SETTIME -s -g $O -k $O $longago -r $O $longago -z $O $longago -d $O $longago "$ksk8" >settime.out.$zone 2>&1
     43 $SETTIME -s -g $O -k $O $longago -z $O $longago "$zsk8" >settime.out.$zone 2>&1
     44 cat $ksk8.key $zsk8.key >>$zonefile
     45 ksk13=$("$KEYGEN" -q -a ECDSAP256SHA256 -L 3600 -b 256 -f KSK "$zone")
     46 zsk13=$("$KEYGEN" -q -a ECDSAP256SHA256 -L 3600 -b 256 "$zone")
     47 cat $ksk13.key $zsk13.key >>$zonefile
     48 ksk14=$("$KEYGEN" -q -a ECDSAP384SHA384 -L 3600 -b 384 -f KSK "$zone")
     49 zsk14=$("$KEYGEN" -q -a ECDSAP384SHA384 -L 3600 -b 384 "$zone")
     50 cat $ksk14.key $zsk14.key >>$zonefile
     51 # Sign deliberately with a very short expiration date.
     52 # Disable zone verification (-P) as records may expire before signing is complete
     53 "$SIGNER" -P -S -x -O full -e "now"+1s -o "$zone" "$zonefile" >"signzone.out.$zone" 2>&1
     54 id=$(keyfile_to_key_id "$ksk8")
     55 echo "8+$id" >manykeys.ksk8.id
     56 id=$(keyfile_to_key_id "$zsk8")
     57 echo "8+$id" >manykeys.zsk8.id
     58 id=$(keyfile_to_key_id "$ksk13")
     59 echo "13+$id" >manykeys.ksk13.id
     60 id=$(keyfile_to_key_id "$zsk13")
     61 echo "13+$id" >manykeys.zsk13.id
     62 id=$(keyfile_to_key_id "$ksk14")
     63 echo "14+$id" >manykeys.ksk14.id
     64 id=$(keyfile_to_key_id "$zsk14")
     65 echo "14+$id" >manykeys.zsk14.id
     66