sign.sh revision 1.1.1.6
1#!/bin/sh -e 2 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# SPDX-License-Identifier: MPL-2.0 6# 7# This Source Code Form is subject to the terms of the Mozilla Public 8# License, v. 2.0. If a copy of the MPL was not distributed with this 9# file, you can obtain one at https://mozilla.org/MPL/2.0/. 10# 11# See the COPYRIGHT file distributed with this work for additional 12# information regarding copyright ownership. 13 14SYSTEMTESTTOP=../.. 15. $SYSTEMTESTTOP/conf.sh 16 17zone=. 18infile=root.db.in 19zonefile=root.db 20 21echo_i "ns1/sign.sh" 22 23cp $infile $zonefile 24 25if [ -f ../ecdsa256-supported.file ]; then 26 zsk256=$($KEYGEN -q -a ECDSA256 -n zone "$zone") 27 ksk256=$($KEYGEN -q -a ECDSA256 -n zone -f KSK "$zone") 28 cat "$ksk256.key" "$zsk256.key" >> "$zonefile" 29 $DSFROMKEY -a sha-256 "$ksk256.key" >> dsset-256 30fi 31 32if [ -f ../ecdsa384-supported.file ]; then 33 zsk384=$($KEYGEN -q -a ECDSA384 -n zone "$zone") 34 ksk384=$($KEYGEN -q -a ECDSA384 -n zone -f KSK "$zone") 35 cat "$ksk384.key" "$zsk384.key" >> "$zonefile" 36 $DSFROMKEY -a sha-256 "$ksk384.key" >> dsset-256 37fi 38 39# Configure the resolving server with a static key. 40if [ -f ../ecdsa256-supported.file ]; then 41 keyfile_to_static_ds $ksk256 > trusted.conf 42 cp trusted.conf ../ns2/trusted.conf 43else 44 keyfile_to_static_ds $ksk384 > trusted.conf 45 cp trusted.conf ../ns2/trusted.conf 46fi 47 48if [ -f ../ecdsa384-supported.file ]; then 49 keyfile_to_static_ds $ksk384 > trusted.conf 50 cp trusted.conf ../ns3/trusted.conf 51else 52 keyfile_to_static_ds $ksk256 > trusted.conf 53 cp trusted.conf ../ns3/trusted.conf 54fi 55 56$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err 57