1#!/bin/sh -e 2# 3# Copyright (C) 2011-2014 Internet Systems Consortium, Inc. ("ISC") 4# 5# Permission to use, copy, modify, and/or distribute this software for any 6# purpose with or without fee is hereby granted, provided that the above 7# copyright notice and this permission notice appear in all copies. 8# 9# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15# PERFORMANCE OF THIS SOFTWARE. 16 17SYSTEMTESTTOP=../.. 18. $SYSTEMTESTTOP/conf.sh 19 20zone=bits 21rm -f K${zone}.+*+*.key 22rm -f K${zone}.+*+*.private 23keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 24keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 25$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 26 27zone=noixfr 28rm -f K${zone}.+*+*.key 29rm -f K${zone}.+*+*.private 30keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 31keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 32$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 33 34zone=master 35rm -f K${zone}.+*+*.key 36rm -f K${zone}.+*+*.private 37keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 38keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 39$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 40 41zone=dynamic 42rm -f K${zone}.+*+*.key 43rm -f K${zone}.+*+*.private 44keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 45keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 46$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 47 48zone=updated 49rm -f K${zone}.+*+*.key 50rm -f K${zone}.+*+*.private 51keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 52keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 53$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 54$SIGNER -S -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null 2>&1 55cp master2.db.in updated.db 56 57# signatures are expired and should be regenerated on startup 58zone=expired 59rm -f K${zone}.+*+*.key 60rm -f K${zone}.+*+*.private 61keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 62keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 63$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 64$SIGNER -PS -s 20100101000000 -e 20110101000000 -O raw -L 2000042407 -o ${zone} ${zone}.db > /dev/null 2>&1 65 66zone=retransfer 67rm -f K${zone}.+*+*.key 68rm -f K${zone}.+*+*.private 69keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 70keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 71$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 72 73zone=nsec3 74rm -f K${zone}.+*+*.key 75rm -f K${zone}.+*+*.private 76keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone` 77$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 78 79zone=retransfer3 80rm -f K${zone}.+*+*.key 81rm -f K${zone}.+*+*.private 82keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 768 -n zone $zone` 83keyname=`$KEYGEN -q -r $RANDFILE -a NSEC3RSASHA1 -b 1024 -n zone -f KSK $zone` 84$DSFROMKEY -T 1200 $keyname >> ../ns1/root.db 85 86for s in a c d h k l m q z 87do 88 zone=test-$s 89 keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 90done 91 92for s in b f i o p t v 93do 94 zone=test-$s 95 keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 768 -n zone $zone` 96 keyname=`$KEYGEN -q -r $RANDFILE -a RSASHA1 -b 1024 -n zone -f KSK $zone` 97done 98 99zone=externalkey 100rm -f K${zone}.+*+*.key 101rm -f K${zone}.+*+*.private 102 103for alg in ECCGOST ECDSAP256SHA256 NSEC3RSASHA1 DSA 104do 105 case $alg in 106 DSA) 107 $SHELL ../checkdsa.sh 2> /dev/null || continue 108 checkfile=../checkdsa 109 touch $checkfile ;; 110 ECCGOST) 111 fail=0 112 $KEYGEN -q -r $RANDFILE -a eccgost test > /dev/null 2>&1 || fail=1 113 rm -f Ktest* 114 [ $fail != 0 ] && continue 115 checkfile=../checkgost 116 touch $checkfile ;; 117 ECDSAP256SHA256) 118 fail=0 119 $KEYGEN -q -r $RANDFILE -a ecdsap256sha256 test > /dev/null 2>&1 || fail=1 120 rm -f Ktest* 121 [ $fail != 0 ] && continue 122 $SHELL ../checkdsa.sh 2> /dev/null || continue 123 checkfile=../checkecdsa 124 touch $checkfile ;; 125 *) ;; 126 esac 127 128 k1=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone -f KSK $zone` 129 k2=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone` 130 k3=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone $zone` 131 k4=`$KEYGEN -q -r $RANDFILE -a $alg -b 1024 -n zone -f KSK $zone` 132 $DSFROMKEY -T 1200 $k4 >> ../ns1/root.db 133 134 # Convert k1 and k2 in to External Keys. 135 rm -f $k1.private 136 mv $k1.key a-file 137 $IMPORTKEY -P now -D now+3600 -f a-file $zone > /dev/null 2>&1 || 138 ( echo "importkey failed: $alg"; rm -f $checkfile ) 139 rm -f $k2.private 140 mv $k2.key a-file 141 $IMPORTKEY -f a-file $zone > /dev/null 2>&1 || 142 ( echo "importkey failed: $alg"; rm -f $checkfile ) 143done 144