sign.sh revision 1.1.1.5
1#!/bin/sh -e 2# 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# This Source Code Form is subject to the terms of the Mozilla Public 6# License, v. 2.0. If a copy of the MPL was not distributed with this 7# file, you can obtain one at https://mozilla.org/MPL/2.0/. 8# 9# See the COPYRIGHT file distributed with this work for additional 10# information regarding copyright ownership. 11 12SYSTEMTESTTOP=../.. 13. $SYSTEMTESTTOP/conf.sh 14 15zone=. 16infile=root.db.in 17zonefile=root.db 18 19echo_i "ns1/sign.sh" 20 21cp $infile $zonefile 22 23if [ -f ../ed25519-supported.file ]; then 24 zsk25519=$($KEYGEN -q -a ED25519 -n zone "$zone") 25 ksk25519=$($KEYGEN -q -a ED25519 -n zone -f KSK "$zone") 26 cat "$ksk25519.key" "$zsk25519.key" >> "$zonefile" 27 $DSFROMKEY -a sha-256 "$ksk25519.key" >> dsset-256 28fi 29 30if [ -f ../ed448-supported.file ]; then 31 zsk448=$($KEYGEN -q -a ED448 -n zone "$zone") 32 ksk448=$($KEYGEN -q -a ED448 -n zone -f KSK "$zone") 33 cat "$ksk448.key" "$zsk448.key" >> "$zonefile" 34 $DSFROMKEY -a sha-256 "$ksk448.key" >> dsset-256 35fi 36 37# Configure the resolving server with a static key. 38if [ -f ../ed25519-supported.file ]; then 39 keyfile_to_static_ds $ksk25519 > trusted.conf 40 cp trusted.conf ../ns2/trusted.conf 41else 42 keyfile_to_static_ds $ksk448 > trusted.conf 43 cp trusted.conf ../ns2/trusted.conf 44fi 45 46if [ -f ../ed448-supported.file ]; then 47 keyfile_to_static_ds $ksk448 > trusted.conf 48 cp trusted.conf ../ns3/trusted.conf 49else 50 keyfile_to_static_ds $ksk25519 > trusted.conf 51 cp trusted.conf ../ns3/trusted.conf 52fi 53 54$SIGNER -P -g -o "$zone" "$zonefile" > /dev/null 2> signer.err || cat signer.err 55