d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews#!/bin/sh -e
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews#
c88b4680d9c97d087edc8b226f489798db085341Tinderbox User# Copyright (C) 2010, 2012, 2014, 2016, 2017 Internet Systems Consortium, Inc. ("ISC")
bf8267aa453e5d2a735ed732a043b77a0b355b20Mark Andrews#
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# This Source Code Form is subject to the terms of the Mozilla Public
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# License, v. 2.0. If a copy of the MPL was not distributed with this
0c27b3fe77ac1d5094ba3521e8142d9e7973133fMark Andrews# file, You can obtain one at http://mozilla.org/MPL/2.0/.
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews# $Id: keygen.sh,v 1.2 2010/11/16 06:46:44 marka Exp $
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews
d48730a446ffffa8d75462a4abefce030425fa64Mark AndrewsSYSTEMTESTTOP=../..
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews. $SYSTEMTESTTOP/conf.sh
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewszone=ds.example.net
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrewszonefile="${zone}.db"
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrewsinfile="${zonefile}.in"
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrewscp $infile $zonefile
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrewsksk=`$KEYGEN -q -3 -r $RANDFILE -fk $zone`
ac9072210cea5283e554f1787876b647a08fda96Mark Andrewszsk=`$KEYGEN -q -3 -r $RANDFILE -b 2048 $zone`
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrewscat $ksk.key $zsk.key >> $zonefile
d48730a446ffffa8d75462a4abefce030425fa64Mark Andrews$SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewszone=example.net
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewszonefile="${zone}.db"
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewsinfile="${zonefile}.in"
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewscp $infile $zonefile
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewsksk=`$KEYGEN -q -3 -r $RANDFILE -fk $zone`
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewszsk=`$KEYGEN -q -3 -r $RANDFILE $zone`
cc51cd2d2076e33117c60c9effcb8caccde4983bWitold Krecickicat $ksk.key $zsk.key dsset-ds.example.net$TP >> $zonefile
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews$SIGNER -P -r $RANDFILE -o $zone $zonefile > /dev/null 2>&1
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews# Configure a trusted key statement (used by delve)
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewscat $ksk.key | grep -v '^; ' | $PERL -n -e '
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewslocal ($dn, $class, $type, $flags, $proto, $alg, @rest) = split;
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewslocal $key = join("", @rest);
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewsprint <<EOF
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrewstrusted-keys {
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews "$dn" $flags $proto $alg "$key";
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews};
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark AndrewsEOF
d1cacbb37474b0cbee6c1ddd05d27f731b2b43baMark Andrews' > ../ns5/trusted.conf