693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews#!/bin/sh
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews#
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# Copyright (C) 2014, 2016 Internet Systems Consortium, Inc. ("ISC")
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews#
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# file, You can obtain one at http://mozilla.org/MPL/2.0/.
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark AndrewsSYSTEMTESTTOP=../..
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews. $SYSTEMTESTTOP/conf.sh
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewsecho "I:sign edns512-notcp"
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewszone=edns512-notcp
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewsinfile=edns512-notcp.db.in
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewszonefile=edns512-notcp.db
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewsoutfile=edns512-notcp.db.signed
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewskeyname1=`$KEYGEN -r $RANDFILE -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null`
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewskeyname2=`$KEYGEN -f KSK -r $RANDFILE -a RSASHA512 -b 4096 -n zone $zone 2> /dev/null`
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrewscat $infile $keyname1.key $keyname2.key >$zonefile
693d70f96fc2b3c1830580edcc29146afd6a9f61Mark Andrews
76b242bb778a350076d8f2889c8b9b4c4c70969aMark Andrews$SIGNER -r $RANDFILE -g -o $zone -f $outfile -e +30y $zonefile > /dev/null 2> signer.err || cat signer.err
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrews
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrewsgrep -v '^;' $keyname2.key | $PERL -n -e '
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrewslocal ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrewslocal $key = join("", @rest);
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrewsprint <<EOF
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrewstrusted-keys {
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrews "$dn" $flags $proto $alg "$key";
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrews};
017aa9aef63aaef6a370c180f6290b8388deda01Mark AndrewsEOF
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrews' > trusted.conf
017aa9aef63aaef6a370c180f6290b8388deda01Mark Andrewscp trusted.conf ../ns1