| Name | Date | Size | |
|---|---|---|---|
| .. | 2016-02-07 01:49:32 | 15 | |
| destroyobj.c | 2014-01-27 20:00:45 | 4.3 KiB | |
| genkey.c | 2014-01-27 20:00:45 | 5.6 KiB | |
| genkey.sh | 2014-01-27 20:00:45 | 1.2 KiB | |
| keyconv.pl | 2014-01-27 20:00:45 | 2 KiB | |
| keydump.pl | 2014-01-27 20:00:45 | 560 | |
| listobjs.c | 2014-01-27 20:00:45 | 4.6 KiB | |
| openssl-0.9.8g-patch | 2014-01-27 20:00:45 | 264.6 KiB | |
| PEM_write_pubkey.c | 2014-01-27 20:00:45 | 2.9 KiB | |
| readkey.c | 2014-01-27 20:00:45 | 6.4 KiB | |
| README | 2014-01-27 20:00:45 | 903 | |
| set_key_id.c | 2014-01-27 20:00:45 | 4.1 KiB | |
| writekey.c | 2014-01-27 20:00:45 | 10.4 KiB | |
| writekey.sh | 2014-01-27 20:00:45 | 1.4 KiB |
README
This is a set of utilities that when used together create rsa keys in
a PKCS11 keystore. The keys will have a label of "zone,zsk|ksk,xxx" and
an id of the keytag in hex.
Run genkey.sh to generate a new key and call the other programs in turn.
Run writekey.sh to load key to the key store from Kxxx.{key,private}.
genkey[.c] uses PKCS11 calls to generate keys.
PEM_write_pubkey[.c] uses OpenSSL to write a public key from the key store
into a file in PEM format.
keyconv.pl uses Net::DNS::SEC to calculate the key tag and to write out
a DNSKEY RR into a file.
set_key_id[.c] uses PKCS11 to set to the key id == keytag in the key store.
readkey[.c] and writekey[.c] extracts and loads a key from/to the key store.
keydump.pl uses Net::DNS::SEC to get the key from a Kxxx.private file and
write it into a file in PEM format.
listobjs and destroyobjs browse the key store, prints or destroys objects.