dlv/ns3/sign.sh

	sign.sh revision d58e33bfabfee19a035031dac633d36659738d56
823N/A#!/bin/sh
823N/A#
823N/A# Copyright (C) 2004, 2007, 2009-2012  Internet Systems Consortium, Inc. ("ISC")
823N/A#
823N/A# Permission to use, copy, modify, and/or distribute this software for any
823N/A# purpose with or without fee is hereby granted, provided that the above
823N/A# copyright notice and this permission notice appear in all copies.
823N/A#
6983N/A# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
6983N/A# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
823N/A# AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
823N/A# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
823N/A# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
823N/A# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
6983N/A# PERFORMANCE OF THIS SOFTWARE.
6983N/A
6983N/A# $Id: sign.sh,v 1.11 2011/05/26 23:47:28 tbox Exp $
6983N/A
823N/A(cd ../ns6 && sh -e ./sign.sh)
823N/A
823N/Aecho "I:dlv/ns3/sign.sh"
823N/A
823N/ASYSTEMTESTTOP=../..
5175N/A. $SYSTEMTESTTOP/conf.sh
6412N/A
823N/Adlvzone=dlv.utld.
823N/Adlvsets=
823N/Adssets=
6412N/A
1498N/Azone=child1.utld.
6412N/Ainfile=child.db.in
983N/Azonefile=child1.utld.db
983N/Aoutfile=child1.signed
5175N/Adlvsets="$dlvsets dlvset-$zone"
878N/A
6412N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
6412N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
6412N/A
6412N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
6412N/A
823N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
823N/Aecho "I: signed $zone"
823N/A
823N/A
823N/Azone=child3.utld.
897N/Ainfile=child.db.in
6412N/Azonefile=child3.utld.db
878N/Aoutfile=child3.signed
878N/Adlvsets="$dlvsets dlvset-$zone"
878N/A
5175N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
6412N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
5175N/A
5175N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
5175N/A
878N/A
6412N/Azone=child4.utld.
983N/Ainfile=child.db.in
983N/Azonefile=child4.utld.db
983N/Aoutfile=child4.signed
983N/Adlvsets="$dlvsets dlvset-$zone"
983N/A
983N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
983N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
983N/A
983N/Acat $infile $keyname1.key $keyname2.key >$zonefile
983N/A
878N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
878N/Aecho "I: signed $zone"
878N/A
983N/A
983N/Azone=child5.utld.
983N/Ainfile=child.db.in
983N/Azonefile=child5.utld.db
878N/Aoutfile=child5.signed
878N/Adlvsets="$dlvsets dlvset-$zone"
878N/A
878N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
878N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
878N/A
878N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
5175N/A
878N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
878N/A
5175N/A
5175N/Azone=child7.utld.
5175N/Ainfile=child.db.in
5175N/Azonefile=child7.utld.db
5175N/Aoutfile=child7.signed
5175N/A
5175N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
5175N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
5175N/A
5175N/A$SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
5175N/A
6412N/A
6412N/Azone=child8.utld.
6412N/Ainfile=child.db.in
5175N/Azonefile=child8.utld.db
5175N/Aoutfile=child8.signed
5175N/A
5175N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
5175N/Acat $infile $keyname1.key $keyname2.key >$zonefile
5175N/A
5175N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
5175N/A
5175N/A
5175N/Azone=child9.utld.
5175N/Ainfile=child.db.in
5175N/Azonefile=child9.utld.db
5175N/Aoutfile=child9.signed
878N/Adlvsets="$dlvsets dlvset-$zone"
823N/A
5175N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
5175N/Acat $infile $keyname1.key $keyname2.key >$zonefile
5175N/A
878N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
878N/Aecho "I: signed $zone"
823N/A
878N/Azone=child10.utld.
983N/Ainfile=child.db.in
983N/Azonefile=child10.utld.db
983N/Aoutfile=child10.signed
878N/Adlvsets="$dlvsets dlvset-$zone"
1497N/A
1497N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
878N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
878N/A
5175N/Acat $infile $keyname1.key $keyname2.key >$zonefile
2086N/A
878N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
878N/A
5175N/Azone=child1.druz.
5175N/Ainfile=child.db.in
5175N/Azonefile=child1.druz.db
5175N/Aoutfile=child1.druz.signed
5175N/Adlvsets="$dlvsets dlvset-$zone"
5175N/Adssets="$dssets dsset-$zone"
5175N/A
5175N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
5175N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
5175N/A
5175N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
823N/A
823N/A
878N/Azone=child3.druz.
878N/Ainfile=child.db.in
878N/Azonefile=child3.druz.db
878N/Aoutfile=child3.druz.signed
2487N/Adlvsets="$dlvsets dlvset-$zone"
2487N/Adssets="$dssets dsset-$zone"
2487N/A
2487N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
2487N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
2487N/A
2487N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
2487N/A
5175N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
5175N/A
5175N/A
5175N/Azone=child4.druz.
5175N/Ainfile=child.db.in
5175N/Azonefile=child4.druz.db
5175N/Aoutfile=child4.druz.signed
5175N/Adlvsets="$dlvsets dlvset-$zone"
5175N/Adssets="$dssets dsset-$zone"
2487N/A
2487N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
2487N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
983N/A
983N/Acat $infile $keyname1.key $keyname2.key >$zonefile
983N/A
983N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
983N/Aecho "I: signed $zone"
983N/A
1497N/A
1497N/Azone=child5.druz.
878N/Ainfile=child.db.in
878N/Azonefile=child5.druz.db
5175N/Aoutfile=child5.druz.signed
1497N/Adlvsets="$dlvsets dlvset-$zone"
2086N/Adssets="$dssets dsset-$zone"
983N/A
889N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
5175N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
5175N/A
5175N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
5175N/A
5175N/A
5175N/Azone=child7.druz.
5175N/Ainfile=child.db.in
5175N/Azonefile=child7.druz.db
5175N/Aoutfile=child7.druz.signed
5175N/Adssets="$dssets dsset-$zone"
5175N/A
5175N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
5175N/A
5175N/Acat $infile $keyname1.key $keyname2.key ../ns6/dsset-grand.$zone >$zonefile
5175N/A
5175N/A$SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
5175N/Aecho "I: signed $zone"
983N/A
878N/A
878N/Azone=child8.druz.
878N/Ainfile=child.db.in
878N/Azonefile=child8.druz.db
878N/Aoutfile=child8.druz.signed
983N/A
983N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
983N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
983N/A
878N/Acat $infile $keyname1.key $keyname2.key >$zonefile
878N/A
1497N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
1497N/Aecho "I: signed $zone"
983N/A
878N/A
1497N/Azone=child9.druz.
1497N/Ainfile=child.db.in
983N/Azonefile=child9.druz.db
878N/Aoutfile=child9.druz.signed
5175N/Adlvsets="$dlvsets dlvset-$zone"
1497N/A
1497N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
2086N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
889N/A
889N/Acat $infile $keyname1.key $keyname2.key >$zonefile
889N/A
889N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
889N/Aecho "I: signed $zone"
878N/A
878N/Azone=child10.druz.
878N/Ainfile=child.db.in
3853N/Azonefile=child10.druz.db
878N/Aoutfile=child10.druz.signed
878N/Adlvsets="$dlvsets dlvset-$zone"
878N/Adssets="$dssets dsset-$zone"
878N/A
878N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
1497N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
1497N/A
1497N/Acat $infile $keyname1.key $keyname2.key >$zonefile
1497N/A
2086N/A$SIGNER -r $RANDFILE -l $dlvzone -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
2086N/Aecho "I: signed $zone"
2086N/A
2086N/A
1497N/Azone=dlv.utld.
823N/Ainfile=dlv.db.in
878N/Azonefile=dlv.utld.db
878N/Aoutfile=dlv.signed
878N/A
878N/Akeyname1=`$KEYGEN -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
878N/Akeyname2=`$KEYGEN -f KSK -r $RANDFILE -a DSA -b 768 -n zone $zone 2> /dev/null`
878N/A
878N/Acat $infile $dlvsets $keyname1.key $keyname2.key >$zonefile
878N/A
878N/A$SIGNER -r $RANDFILE -o $zone -f $outfile $zonefile > /dev/null 2> signer.err || cat signer.err
983N/Aecho "I: signed $zone"
983N/A
983N/A
983N/Agrep -v '^;' $keyname2.key | $PERL -n -e '
878N/Alocal ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
983N/Alocal $key = join("", @rest);
878N/Aprint <<EOF
983N/Atrusted-keys {
983N/A    "$dn" $flags $proto $alg "$key";
983N/A};
878N/AEOF
5175N/A' > trusted-dlv.conf
983N/Acp trusted-dlv.conf ../ns5
983N/A
878N/Acp $dssets ../ns2
5175N/A