25 zone=secure.example.
29 cnameandkey=`$KEYGEN -k -r $RANDFILE -a RSASHA1 -b 768 -n host cnameandkey.$zone`
30 dnameandkey=`$KEYGEN -k -r $RANDFILE -a RSASHA1 -b 768 -n host dnameandkey.$zone`
31 keyname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone`
35 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
37 zone=bogus.example.
41 keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
45 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
47 zone=dynamic.example.
51 keyname1=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
52 keyname2=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 1024 -n zone -f KSK $zone`
56 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
58 zone=keyless.example.
62 keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
66 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
76 #  NSEC3/NSEC test zone
78 zone=secure.nsec3.example.
82 keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
86 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
89 #  NSEC3/NSEC3 test zone
91 zone=nsec3.nsec3.example.
95 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
99 $SIGNER -P -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
102 #  OPTOUT/NSEC3 test zone
104 zone=optout.nsec3.example.
108 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
112 $SIGNER -P -3 - -A -r $RANDFILE -o $zone $zonefile > /dev/null
115 # A nsec3 zone (non-optout).
117 zone=nsec3.example.
121 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
125 $SIGNER -P -g -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
128 #  OPTOUT/NSEC test zone
130 zone=secure.optout.example.
134 keyname=`$KEYGEN -r $RANDFILE -a RSAMD5 -b 768 -n zone $zone`
138 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
141 #  OPTOUT/NSEC3 test zone
143 zone=nsec3.optout.example.
147 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
151 $SIGNER -P -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
154 #  OPTOUT/OPTOUT test zone
156 zone=optout.optout.example.
160 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
164 $SIGNER -P -3 - -A -r $RANDFILE -o $zone $zonefile > /dev/null
167 # A optout nsec3 zone.
169 zone=optout.example.
173 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
177 $SIGNER -P -g -3 - -A -r $RANDFILE -o $zone $zonefile > /dev/null
180 # A nsec3 zone (non-optout) with unknown hash algorithm.
182 zone=nsec3-unknown.example.
186 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
190 $SIGNER -P -3 - -U -r $RANDFILE -o $zone $zonefile > /dev/null
193 # A optout nsec3 zone.
195 zone=optout-unknown.example.
199 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
203 $SIGNER -P -3 - -U -A -r $RANDFILE -o $zone $zonefile > /dev/null
206 # A multiple parameter nsec3 zone.
208 zone=multiple.example.
212 keyname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone`
216 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
218 $SIGNER -P -3 - -r $RANDFILE -o $zone $zonefile > /dev/null
220 $SIGNER -P -3 AAAA -r $RANDFILE -o $zone $zonefile > /dev/null
222 $SIGNER -P -3 BBBB -r $RANDFILE -o $zone $zonefile > /dev/null
224 $SIGNER -P -3 CCCC -r $RANDFILE -o $zone $zonefile > /dev/null
226 $SIGNER -P -3 DDDD -r $RANDFILE -o $zone $zonefile > /dev/null
229 # A RSASHA256 zone.
231 zone=rsasha256.example.
235 keyname=`$KEYGEN -r $RANDFILE -a RSASHA256 -b 768 -n zone $zone`
239 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
242 # A RSASHA512 zone.
244 zone=rsasha512.example.
248 keyname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone`
252 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null
255 # A zone with the expired signatures
257 zone=expired.example.
261 kskname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone -f KSK $zone`
262 zskname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone`
264 $SIGNER -P -r $RANDFILE -o $zone -s +-10800 -e +3600 $zonefile > /dev/null 2>&1
268 # A NSEC3 signed zone that will have a DNSKEY added to it via UPDATE.
270 zone=update-nsec3.example.
274 kskname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone -f KSK $zone`
275 zskname=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 1024 -n zone $zone`
277 $SIGNER -P -3 - -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1
280 # Secure below cname test zone.
282 zone=secure.below-cname.example.
285 keyname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 -n zone $zone`
287 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1
290 # A zone where the signer's name has been forced to uppercase.
292 zone="upper.example."
297 kskname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 $zone`
298 zskname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 -f KSK $zone`
300 $SIGNER -P -r $RANDFILE -o $zone -f $lower $zonefile > /dev/null 2>&1
305 # Check that the signer's name is in lower case when zone name is in
308 zone="LOWER.EXAMPLE."
312 kskname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 $zone`
313 zskname=`$KEYGEN -r $RANDFILE -a RSASHA1 -b 1024 -f KSK $zone`
315 $SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1
318 # A zone which will change its sig-validity-interval
320 zone=siginterval.example
323 kskname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 -f KSK $zone`
324 zskname=`$KEYGEN -r $RANDFILE -a NSEC3RSASHA1 -b 768 $zone`
326 $SIGNER -P -3 - -r $RANDFILE -o $zone -e now+0 -f $zonefile $zonefile > /dev/null

Indexes created Tue Jul 24 14:28:13 CEST 2018