1#!/bin/sh -e
2
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# SPDX-License-Identifier: MPL-2.0
6#
7# This Source Code Form is subject to the terms of the Mozilla Public
8# License, v. 2.0.  If a copy of the MPL was not distributed with this
9# file, you can obtain one at https://mozilla.org/MPL/2.0/.
10#
11# See the COPYRIGHT file distributed with this work for additional
12# information regarding copyright ownership.
13
14# shellcheck source=conf.sh
15. ../../conf.sh
16
17echo_i "ns3/setup.sh"
18
19setup() {
20  zone="$1"
21  echo_i "setting up zone: $zone"
22  zonefile="${zone}.db"
23  infile="${zone}.db.infile"
24  echo "$zone" >>zones
25}
26
27# Set in the key state files the Predecessor/Successor fields.
28# Key $1 is the predecessor of key $2.
29key_successor() {
30  id1=$(keyfile_to_key_id "$1")
31  id2=$(keyfile_to_key_id "$2")
32  echo "Predecessor: ${id1}" >>"${2}.state"
33  echo "Successor: ${id2}" >>"${1}.state"
34}
35
36# Make lines shorter by storing key states in environment variables.
37H="HIDDEN"
38R="RUMOURED"
39O="OMNIPRESENT"
40U="UNRETENTIVE"
41
42#
43# Set up zones that will be initially signed.
44#
45for zn in default dnssec-keygen some-keys legacy-keys pregenerated \
46  rumoured rsasha256 rsasha512 ecdsa256 ecdsa384 \
47  dynamic dynamic-inline-signing inline-signing \
48  checkds-ksk checkds-doubleksk checkds-csk inherit unlimited \
49  manual-rollover multisigner-model2; do
50  setup "${zn}.kasp"
51  cp template.db.in "$zonefile"
52done
53
54#
55# Setup special zone
56#
57zone="i-am.\":\;?&[]\@!\$*+,|=\.\(\)special.kasp."
58echo_i "setting up zone: $zone"
59cp template.db.in "i-am.special.kasp.db"
60
61#
62# Set up RSASHA1 based zones
63#
64for zn in rsasha1 rsasha1-nsec3; do
65  if (
66    cd ..
67    $SHELL ../testcrypto.sh -q RSASHA1
68  ); then
69    setup "${zn}.kasp"
70    cp template.db.in "$zonefile"
71  else
72    # don't add to zones.
73    echo_i "setting up zone: ${zn}.kasp"
74    cp template.db.in "${zn}.kasp.db"
75  fi
76done
77
78if [ -f ../ed25519-supported.file ]; then
79  setup "ed25519.kasp"
80  cp template.db.in "$zonefile"
81  cat ed25519.conf >>named.conf
82fi
83
84if [ -f ../ed448-supported.file ]; then
85  setup "ed448.kasp"
86  cp template.db.in "$zonefile"
87  cat ed448.conf >>named.conf
88fi
89
90# Set up zones that stay unsigned.
91for zn in unsigned insecure max-zone-ttl; do
92  zone="${zn}.kasp"
93  echo_i "setting up zone: $zone"
94  zonefile="${zone}.db"
95  infile="${zone}.db.infile"
96  cp template.db.in $infile
97  cp template.db.in $zonefile
98done
99
100# Some of these zones already have keys.
101zone="dnssec-keygen.kasp"
102echo_i "setting up zone: $zone"
103$KEYGEN -k rsasha256 -l policies/kasp.conf $zone >keygen.out.$zone.1 2>&1
104
105zone="some-keys.kasp"
106echo_i "setting up zone: $zone"
107$KEYGEN -G -a RSASHA256 -b 2048 -L 1234 $zone >keygen.out.$zone.1 2>&1
108$KEYGEN -G -a RSASHA256 -f KSK -L 1234 $zone >keygen.out.$zone.2 2>&1
109
110zone="legacy-keys.kasp"
111echo_i "setting up zone: $zone"
112ZSK=$($KEYGEN -a RSASHA256 -b 2048 -L 1234 $zone 2>keygen.out.$zone.1)
113KSK=$($KEYGEN -a RSASHA256 -f KSK -L 1234 $zone 2>keygen.out.$zone.2)
114echo $ZSK >legacy-keys.kasp.zsk
115echo $KSK >legacy-keys.kasp.ksk
116# Predecessor keys:
117Tact="now-9mo"
118Tret="now-3mo"
119ZSK=$($KEYGEN -a RSASHA256 -b 2048 -L 1234 $zone 2>keygen.out.$zone.3)
120KSK=$($KEYGEN -a RSASHA256 -f KSK -L 1234 $zone 2>keygen.out.$zone.4)
121$SETTIME -P $Tact -A $Tact -I $Tret -D $Tret "$ZSK" >settime.out.$zone.1 2>&1
122$SETTIME -P $Tact -A $Tact -I $Tret -D $Tret "$KSK" >settime.out.$zone.2 2>&1
123
124zone="pregenerated.kasp"
125echo_i "setting up zone: $zone"
126$KEYGEN -G -k rsasha256 -l policies/kasp.conf $zone >keygen.out.$zone.1 2>&1
127$KEYGEN -G -k rsasha256 -l policies/kasp.conf $zone >keygen.out.$zone.2 2>&1
128
129zone="multisigner-model2.kasp"
130echo_i "setting up zone: $zone"
131# Import the ZSK sets of the other providers into their DNSKEY RRset.
132ZSK1=$($KEYGEN -K ../ -a $DEFAULT_ALGORITHM -L 3600 $zone 2>keygen.out.$zone.1)
133ZSK2=$($KEYGEN -K ../ -a $DEFAULT_ALGORITHM -L 3600 $zone 2>keygen.out.$zone.2)
134# ZSK1 will be added to the unsigned zonefile.
135cat "../${ZSK1}.key" | grep -v ";.*" >>"${zone}.db"
136cat "../${ZSK1}.key" | grep -v ";.*" >"${zone}.zsk1"
137rm -f "../${ZSK1}.*"
138# ZSK2 will be used with a Dynamic Update.
139cat "../${ZSK2}.key" | grep -v ";.*" >"${zone}.zsk2"
140rm -f "../${ZSK2}.*"
141
142zone="rumoured.kasp"
143echo_i "setting up zone: $zone"
144Tpub="now"
145Tact="now+1d"
146keytimes="-P ${Tpub} -A ${Tact}"
147KSK=$($KEYGEN -a RSASHA256 -f KSK -L 1234 $keytimes $zone 2>keygen.out.$zone.1)
148ZSK1=$($KEYGEN -a RSASHA256 -b 3072 -L 1234 $keytimes $zone 2>keygen.out.$zone.2)
149ZSK2=$($KEYGEN -a RSASHA256 -L 1234 $keytimes $zone 2>keygen.out.$zone.3)
150$SETTIME -s -g $O -k $R $Tpub -r $R $Tpub -d $H $Tpub "$KSK" >settime.out.$zone.1 2>&1
151$SETTIME -s -g $O -k $R $Tpub -z $R $Tpub "$ZSK1" >settime.out.$zone.2 2>&1
152$SETTIME -s -g $O -k $R $Tpub -z $R $Tpub "$ZSK2" >settime.out.$zone.2 2>&1
153
154#
155# Set up zones that are already signed.
156#
157
158# Zone to test manual rollover.
159setup manual-rollover.kasp
160T="now-1d"
161ksktimes="-P $T -A $T -P sync $T"
162zsktimes="-P $T -A $T"
163KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
164ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
165$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
166$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
167cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
168private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
169private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
170cp $infile $zonefile
171$SIGNER -PS -x -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
172
173# We are signing the raw version of the zone here. This is unusual and not
174# common operation, but want to make sure that in such a case BIND 9 does not
175# schedule a resigning operation on the raw version. Add expired signatures so
176# a resign is imminent.
177setup dynamic-signed-inline-signing.kasp
178T="now-1d"
179csktimes="-P $T -A $T -P sync $T"
180CSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $csktimes $zone 2>keygen.out.$zone.1)
181$SETTIME -s -g $O -d $O $T -k $O $T -z $O $T -r $O $T "$CSK" >settime.out.$zone.1 2>&1
182cat template.db.in "${CSK}.key" >"$infile"
183cp $infile $zonefile
184$SIGNER -PS -z -x -s now-2w -e now-1mi -o $zone -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
185
186# These signatures are set to expire long in the past, update immediately.
187setup expired-sigs.autosign
188T="now-6mo"
189ksktimes="-P $T -A $T -P sync $T"
190zsktimes="-P $T -A $T"
191KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
192ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
193$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
194$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
195cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
196private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
197private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
198cp $infile $zonefile
199$SIGNER -PS -x -s now-2mo -e now-1mo -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
200
201# These signatures are still good, and can be reused.
202setup fresh-sigs.autosign
203T="now-6mo"
204ksktimes="-P $T -A $T -P sync $T"
205zsktimes="-P $T -A $T"
206KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
207ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
208$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
209$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
210cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
211private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
212private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
213cp $infile $zonefile
214$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
215
216# These signatures are still good, but not fresh enough, update immediately.
217setup unfresh-sigs.autosign
218T="now-6mo"
219ksktimes="-P $T -A $T -P sync $T"
220zsktimes="-P $T -A $T"
221KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
222ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
223$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
224$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
225cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
226private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
227private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
228cp $infile $zonefile
229$SIGNER -S -x -s now-1w -e now+1w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
230
231# These signatures are still good, but the private KSK is missing.
232setup ksk-missing.autosign
233T="now-6mo"
234ksktimes="-P $T -A $T -P sync $T"
235zsktimes="-P $T -A $T"
236KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
237ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
238$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
239$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
240cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
241private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
242private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
243cp $infile $zonefile
244$SIGNER -S -x -s now-1w -e now+1w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
245echo "KSK: yes" >>"${KSK}".state
246echo "ZSK: no" >>"${KSK}".state
247echo "Lifetime: 63072000" >>"${KSK}".state # PT2Y
248rm -f "${KSK}".private
249
250# These signatures are still good, but the private ZSK is missing.
251setup zsk-missing.autosign
252T="now-6mo"
253ksktimes="-P $T -A $T -P sync $T"
254zsktimes="-P $T -A $T"
255KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
256ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
257$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
258$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
259cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
260private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
261private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
262cp $infile $zonefile
263$SIGNER -S -x -s now-1w -e now+1w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
264echo "KSK: no" >>"${ZSK}".state
265echo "ZSK: yes" >>"${ZSK}".state
266echo "Lifetime: 31536000" >>"${ZSK}".state # PT1Y
267rm -f "${ZSK}".private
268
269# These signatures are already expired, and the private ZSK is retired.
270setup zsk-retired.autosign
271T="now-6mo"
272ksktimes="-P $T -A $T -P sync $T"
273zsktimes="-P $T -A $T -I now"
274KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
275ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 300 $zsktimes $zone 2>keygen.out.$zone.2)
276$SETTIME -s -g $O -d $O $T -k $O $T -r $O $T "$KSK" >settime.out.$zone.1 2>&1
277$SETTIME -s -g $O -k $O $T -z $O $T "$ZSK" >settime.out.$zone.2 2>&1
278cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
279private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
280private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
281cp $infile $zonefile
282$SIGNER -PS -x -s now-2w -e now-1mi -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
283$SETTIME -s -g HIDDEN "$ZSK" >settime.out.$zone.3 2>&1
284
285#
286# The zones at enable-dnssec.autosign represent the various steps of the
287# initial signing of a zone.
288#
289
290# Step 1:
291# This is an unsigned zone and named should perform the initial steps of
292# introducing the DNSSEC records in the right order.
293setup step1.enable-dnssec.autosign
294cp template.db.in $zonefile
295
296# Step 2:
297# The DNSKEY has been published long enough to become OMNIPRESENT.
298setup step2.enable-dnssec.autosign
299# DNSKEY TTL:             300 seconds
300# zone-propagation-delay: 5 minutes (300 seconds)
301# publish-safety:         5 minutes (300 seconds)
302# Total:                  900 seconds
303TpubN="now-900s"
304# RRSIG TTL:              12 hour (43200 seconds)
305# zone-propagation-delay: 5 minutes (300 seconds)
306# retire-safety:          20 minutes (1200 seconds)
307# Already passed time:    -900 seconds
308# Total:                  43800 seconds
309TsbmN="now+43800s"
310keytimes="-P ${TpubN} -P sync ${TsbmN} -A ${TpubN}"
311CSK=$($KEYGEN -k enable-dnssec -l policies/autosign.conf $keytimes $zone 2>keygen.out.$zone.1)
312$SETTIME -s -g $O -k $R $TpubN -r $R $TpubN -d $H $TpubN -z $R $TpubN "$CSK" >settime.out.$zone.1 2>&1
313cat template.db.in "${CSK}.key" >"$infile"
314private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
315cp $infile $zonefile
316$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
317
318# Step 3:
319# The zone signatures have been published long enough to become OMNIPRESENT.
320setup step3.enable-dnssec.autosign
321# Passed time since publications: 43800 + 900 = 44700 seconds.
322TpubN="now-44700s"
323# The key is secure for using in chain of trust when the DNSKEY is OMNIPRESENT.
324TcotN="now-43800s"
325# We can submit the DS now.
326TsbmN="now"
327keytimes="-P ${TpubN} -P sync ${TsbmN} -A ${TpubN}"
328CSK=$($KEYGEN -k enable-dnssec -l policies/autosign.conf $keytimes $zone 2>keygen.out.$zone.1)
329$SETTIME -s -g $O -k $O $TcotN -r $O $TcotN -d $H $TpubN -z $R $TpubN "$CSK" >settime.out.$zone.1 2>&1
330cat template.db.in "${CSK}.key" >"$infile"
331private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
332cp $infile $zonefile
333$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
334
335# Step 4:
336# The DS has been submitted long enough ago to become OMNIPRESENT.
337setup step4.enable-dnssec.autosign
338# DS TTL:                    2 hour (7200 seconds)
339# parent-propagation-delay:  1 hour (3600 seconds)
340# retire-safety:             20 minutes (1200 seconds)
341# Total aditional time:      12000 seconds
342# 44700 + 12000 = 56700
343TpubN="now-56700s"
344# 43800 + 12000 = 55800
345TcotN="now-55800s"
346TsbmN="now-12000s"
347keytimes="-P ${TpubN} -P sync ${TsbmN} -A ${TpubN}"
348CSK=$($KEYGEN -k enable-dnssec -l policies/autosign.conf $keytimes $zone 2>keygen.out.$zone.1)
349$SETTIME -s -g $O -P ds $TsbmN -k $O $TcotN -r $O $TcotN -d $R $TsbmN -z $O $TsbmN "$CSK" >settime.out.$zone.1 2>&1
350cat template.db.in "${CSK}.key" >"$infile"
351private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
352cp $infile $zonefile
353$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
354
355#
356# The zones at zsk-prepub.autosign represent the various steps of a ZSK
357# Pre-Publication rollover.
358#
359
360# Step 1:
361# Introduce the first key. This will immediately be active.
362setup step1.zsk-prepub.autosign
363TactN="now"
364ksktimes="-P ${TactN} -A ${TactN} -P sync ${TactN}"
365zsktimes="-P ${TactN} -A ${TactN}"
366KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
367ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
368$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
369$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.2 2>&1
370cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
371private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
372private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
373cp $infile $zonefile
374$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
375
376# Step 2:
377# It is time to pre-publish the successor ZSK.
378setup step2.zsk-prepub.autosign
379# According to RFC 7583:
380#
381# Tpub(N+1) <= Tact(N) + Lzsk - Ipub
382# Ipub = Dprp + TTLkey (+publish-safety)
383#
384#                 |3|   |4|      |5|  |6|
385#                  |     |        |    |
386#   Key N          |<-------Lzsk------>|
387#                  |     |        |    |
388#   Key N+1        |     |<-Ipub->|<-->|
389#                  |     |        |    |
390#   Key N         Tact
391#   Key N+1             Tpub     Trdy Tact
392#
393#                       Tnow
394#
395# Lzsk:           30d
396# Dprp:           1h
397# TTLkey:         1h
398# publish-safety: 1d
399# Ipub:           26h
400#
401# Tact(N) = Tnow + Ipub - Lzsk = now + 26h - 30d
402#         = now + 26h - 30d = now ��� 694h
403TactN="now-694h"
404ksktimes="-P ${TactN} -A ${TactN} -P sync ${TactN}"
405zsktimes="-P ${TactN} -A ${TactN}"
406KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
407ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
408$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
409$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.2 2>&1
410cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
411private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
412private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
413cp $infile $zonefile
414$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
415
416# Step 3:
417# After the publication interval has passed the DNSKEY of the successor ZSK
418# is OMNIPRESENT and the zone can thus be signed with the successor ZSK.
419setup step3.zsk-prepub.autosign
420# According to RFC 7583:
421#
422# Tpub(N+1) <= Tact(N) + Lzsk - Ipub
423# Tret(N) = Tact(N+1) = Tact(N) + Lzsk
424# Trem(N) = Tret(N) + Iret
425# Iret = Dsgn + Dprp + TTLsig (+retire-safety)
426#
427#                 |3|   |4|      |5|  |6|      |7|   |8|
428#                  |     |        |    |        |     |
429#   Key N          |<-------Lzsk------>|<-Iret->|<--->|
430#                  |     |        |    |        |     |
431#   Key N+1        |     |<-Ipub->|<-->|<---Lzsk---- - -
432#                  |     |        |    |        |     |
433#   Key N         Tact                Tret     Tdea  Trem
434#   Key N+1             Tpub     Trdy Tact
435#
436#                                     Tnow
437#
438# Lzsk:          30d
439# Ipub:          26h
440# Dsgn:          1w
441# Dprp:          1h
442# TTLsig:        1d
443# retire-safety: 2d
444# Iret:          10d1h = 241h
445#
446# Tact(N)   = Tnow - Lzsk = now - 30d
447# Tret(N)   = now
448# Trem(N)   = Tnow + Iret = now + 241h
449# Tpub(N+1) = Tnow - Ipub = now - 26h
450# Tret(N+1) = Tnow + Lzsk = now + 30d
451# Trem(N+1) = Tnow + Lzsk + Iret = now + 30d + 241h
452#           = now + 961h
453TactN="now-30d"
454TretN="now"
455TremN="now+241h"
456TpubN1="now-26h"
457TactN1="now"
458TretN1="now+30d"
459TremN1="now+961h"
460ksktimes="-P ${TactN}  -A ${TactN}  -P sync ${TactN}"
461zsktimes="-P ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
462newtimes="-P ${TpubN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
463KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
464ZSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
465ZSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $newtimes $zone 2>keygen.out.$zone.3)
466$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
467$SETTIME -s -g $H -k $O $TactN -z $O $TactN "$ZSK1" >settime.out.$zone.2 2>&1
468$SETTIME -s -g $O -k $R $TpubN1 -z $H $TpubN1 "$ZSK2" >settime.out.$zone.3 2>&1
469# Set key rollover relationship.
470key_successor $ZSK1 $ZSK2
471# Sign zone.
472cat template.db.in "${KSK}.key" "${ZSK1}.key" "${ZSK2}.key" >"$infile"
473private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
474private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK1" >>"$infile"
475private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK2" >>"$infile"
476cp $infile $zonefile
477$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
478
479# Step 4:
480# After the retire interval has passed the predecessor DNSKEY can be
481# removed from the zone.
482setup step4.zsk-prepub.autosign
483# According to RFC 7583:
484#
485# Tret(N) = Tact(N) + Lzsk
486# Tdea(N) = Tret(N) + Iret
487#
488#                 |3|   |4|      |5|  |6|      |7|   |8|
489#                  |     |        |    |        |     |
490#   Key N          |<-------Lzsk------>|<-Iret->|<--->|
491#                  |     |        |    |        |     |
492#   Key N+1        |     |<-Ipub->|<-->|<---Lzsk---- - -
493#                  |     |        |    |        |     |
494#   Key N         Tact                Tret     Tdea  Trem
495#   Key N+1             Tpub     Trdy Tact
496#
497#                                                    Tnow
498#
499# Lzsk: 30d
500# Ipub: 26h
501# Iret: 241h
502#
503# Tact(N)   = Tnow - Iret - Lzsk
504#           = now - 241h - 30d = now - 241h - 720h
505#           = now - 961h
506# Tret(N)   = Tnow - Iret = now - 241h
507# Trem(N)   = Tnow
508# Tpub(N+1) = Tnow - Iret - Ipub
509#           = now - 241h - 26h
510#           = now - 267h
511# Tact(N+1) = Tnow - Iret = Tret(N)
512# Tret(N+1) = Tnow - Iret + Lzsk
513#           = now - 241h + 30d = now - 241h + 720h
514#           = now + 479h
515# Trem(N+1) = Tnow + Lzsk = now + 30d
516TactN="now-961h"
517TretN="now-241h"
518TremN="now"
519TpubN1="now-267h"
520TactN1="${TretN}"
521TretN1="now+479h"
522TremN1="now+30d"
523ksktimes="-P ${TactN}  -A ${TactN}  -P sync ${TactN}"
524zsktimes="-P ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
525newtimes="-P ${TpubN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
526KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
527ZSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
528ZSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $newtimes $zone 2>keygen.out.$zone.3)
529$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
530$SETTIME -s -g $H -k $O $TactN -z $U $TretN "$ZSK1" >settime.out.$zone.2 2>&1
531$SETTIME -s -g $O -k $O $TactN1 -z $R $TactN1 "$ZSK2" >settime.out.$zone.3 2>&1
532# Set key rollover relationship.
533key_successor $ZSK1 $ZSK2
534# Sign zone.
535cat template.db.in "${KSK}.key" "${ZSK1}.key" "${ZSK2}.key" >"$infile"
536cp $infile $zonefile
537$SIGNER -PS -x -s now-2w -e now-1mi -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
538
539# Step 5:
540# The predecessor DNSKEY is removed long enough that is has become HIDDEN.
541setup step5.zsk-prepub.autosign
542# Subtract DNSKEY TTL from all the times (1h).
543# Tact(N)   = now - 961h - 1h = now - 962h
544# Tret(N)   = now - 241h - 1h = now - 242h
545# Tdea(N)   = now - 2d - 1h = now - 49h
546# Trem(N)   = now - 1h
547# Tpub(N+1) = now - 267h - 1h = now - 268h
548# Tact(N+1) = Tret(N)
549# Tret(N+1) = now + 479h - 1h = now + 478h
550# Trem(N+1) = now + 30d - 1h = now + 719h
551TactN="now-962h"
552TretN="now-242h"
553TremN="now-1h"
554TdeaN="now-49h"
555TpubN1="now-268h"
556TactN1="${TretN}"
557TretN1="now+478h"
558TremN1="now+719h"
559ksktimes="-P ${TactN}  -A ${TactN}  -P sync ${TactN}"
560zsktimes="-P ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
561newtimes="-P ${TpubN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
562KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
563ZSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
564ZSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $newtimes $zone 2>keygen.out.$zone.3)
565$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
566$SETTIME -s -g $H -k $U $TdeaN -z $H $TdeaN "$ZSK1" >settime.out.$zone.2 2>&1
567$SETTIME -s -g $O -k $O $TactN1 -z $O $TdeaN "$ZSK2" >settime.out.$zone.3 2>&1
568# Set key rollover relationship.
569key_successor $ZSK1 $ZSK2
570# Sign zone.
571cat template.db.in "${KSK}.key" "${ZSK1}.key" "${ZSK2}.key" >"$infile"
572private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
573private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK1" >>"$infile"
574private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK2" >>"$infile"
575cp $infile $zonefile
576$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
577
578# Step 6:
579# The predecessor DNSKEY can be purged.
580setup step6.zsk-prepub.autosign
581# Subtract purge-keys interval from all the times (1h).
582# Tact(N)   = now - 962h - 1h = now - 963h
583# Tret(N)   = now - 242h - 1h = now - 243h
584# Tdea(N)   = now - 49h - 1h = now - 50h
585# Trem(N)   = now - 1h - 1h = now - 2h
586# Tpub(N+1) = now - 268h - 1h = now - 269h
587# Tact(N+1) = Tret(N)
588# Tret(N+1) = now + 478h - 1h = now + 477h
589# Trem(N+1) = now + 719h - 1h = now + 718h
590TactN="now-963h"
591TretN="now-243h"
592TremN="now-2h"
593TdeaN="now-50h"
594TpubN1="now-269h"
595TactN1="${TretN}"
596TretN1="now+477h"
597TremN1="now+718h"
598ksktimes="-P ${TactN}  -A ${TactN}  -P sync ${TactN}"
599zsktimes="-P ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
600newtimes="-P ${TpubN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
601KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
602ZSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $zsktimes $zone 2>keygen.out.$zone.2)
603ZSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 3600 $newtimes $zone 2>keygen.out.$zone.3)
604$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
605$SETTIME -s -g $H -k $H $TdeaN -z $H $TdeaN "$ZSK1" >settime.out.$zone.2 2>&1
606$SETTIME -s -g $O -k $O $TactN1 -z $O $TdeaN "$ZSK2" >settime.out.$zone.3 2>&1
607# Set key rollover relationship.
608key_successor $ZSK1 $ZSK2
609# Sign zone.
610cat template.db.in "${KSK}.key" "${ZSK1}.key" "${ZSK2}.key" >"$infile"
611private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
612private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK1" >>"$infile"
613private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK2" >>"$infile"
614cp $infile $zonefile
615$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
616
617#
618# The zones at ksk-doubleksk.autosign represent the various steps of a KSK
619# Double-KSK rollover.
620#
621
622# Step 1:
623# Introduce the first key. This will immediately be active.
624setup step1.ksk-doubleksk.autosign
625TactN="now"
626ksktimes="-P ${TactN} -A ${TactN} -P sync ${TactN}"
627zsktimes="-P ${TactN} -A ${TactN}"
628KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
629ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.2)
630$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
631$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.2 2>&1
632cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
633cp $infile $zonefile
634$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
635
636# Step 2:
637# It is time to submit the introduce the new KSK.
638setup step2.ksk-doubleksk.autosign
639# According to RFC 7583:
640#
641# Tpub(N+1) <= Tact(N) + Lksk - Dreg - IpubC
642# IpubC = DprpC + TTLkey (+publish-safety)
643#
644#                       |1|       |2|   |3|      |4|
645#                        |         |     |        |
646#       Key N            |<-IpubC->|<--->|<-Dreg->|<-----Lksk--- - -
647#                        |         |     |        |
648#       Key N+1          |         |     |        |
649#                        |         |     |        |
650#       Key N           Tpub      Trdy  Tsbm     Tact
651#       Key N+1
652#
653#               (continued ...)
654#
655#                   |5|       |6|   |7|      |8|      |9|    |10|
656#                    |         |     |        |        |       |
657#       Key N   - - --------------Lksk------->|<-Iret->|<----->|
658#                    |         |     |        |        |       |
659#       Key N+1      |<-IpubC->|<--->|<-Dreg->|<--------Lksk----- - -
660#                    |         |     |        |        |       |
661#       Key N                                Tret     Tdea    Trem
662#       Key N+1     Tpub      Trdy  Tsbm     Tact
663#
664#                   Tnow
665#
666# Lksk:           60d
667# Dreg:           1d
668# DprpC:          1h
669# TTLkey:         2h
670# publish-safety: 1d
671# IpubC:          27h
672#
673# Tact(N) = Tnow - Lksk + Dreg + IpubC = now - 60d + 27h
674#         = now - 1440h + 27h = now - 1413h
675TactN="now-1413h"
676ksktimes="-P ${TactN} -A ${TactN} -P sync ${TactN}"
677zsktimes="-P ${TactN} -A ${TactN}"
678KSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
679ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.2)
680$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN "$KSK" >settime.out.$zone.1 2>&1
681$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.2 2>&1
682cat template.db.in "${KSK}.key" "${ZSK}.key" >"$infile"
683private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK" >>"$infile"
684private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
685cp $infile $zonefile
686$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
687
688# Step 3:
689# It is time to submit the DS.
690setup step3.ksk-doubleksk.autosign
691# According to RFC 7583:
692#
693# Tsbm(N+1) >= Trdy(N+1)
694# Tact(N+1) = Tsbm(N+1) + Dreg
695# Iret = DprpP + TTLds (+retire-safety)
696#
697#                   |5|       |6|   |7|      |8|      |9|    |10|
698#                    |         |     |        |        |       |
699#       Key N   - - --------------Lksk------->|<-Iret->|<----->|
700#                    |         |     |        |        |       |
701#       Key N+1      |<-IpubC->|<--->|<-Dreg->|<--------Lksk----- - -
702#                    |         |     |        |        |       |
703#       Key N                                Tret     Tdea    Trem
704#       Key N+1     Tpub      Trdy  Tsbm     Tact
705#
706#                                   Tnow
707#
708# Lksk:           60d
709# Dreg:           N/A
710# DprpP:          1h
711# TTLds:          1h
712# retire-safety:  2d
713# Iret:           50h
714# DprpC:          1h
715# TTLkey:         2h
716# publish-safety: 1d
717# IpubC:          27h
718#
719# Tact(N)    = Tnow + Lksk = now - 60d = now - 60d
720# Tret(N)    = now
721# Trem(N)    = Tnow + Iret = now + 50h
722# Tpub(N+1)  = Tnow - IpubC = now - 27h
723# Tsbm(N+1)  = now
724# Tact(N+1)  = Tret(N)
725# Tret(N+1)  = Tnow + Lksk = now + 60d
726# Trem(N+1)  = Tnow + Lksk + Iret = now + 60d + 50h
727#            = now + 1440h + 50h = 1490h
728TactN="now-60d"
729TretN="now"
730TremN="now+50h"
731TpubN1="now-27h"
732TsbmN1="now"
733TactN1="${TretN}"
734TretN1="now+60d"
735TremN1="now+1490h"
736ksktimes="-P ${TactN}  -A ${TactN}  -P sync ${TactN}  -I ${TretN}  -D ${TremN}"
737newtimes="-P ${TpubN1} -A ${TactN1} -P sync ${TsbmN1} -I ${TretN1} -D ${TremN1}"
738zsktimes="-P ${TactN}  -A ${TactN}"
739KSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
740KSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $newtimes $zone 2>keygen.out.$zone.2)
741ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.3)
742$SETTIME -s -g $H -k $O $TactN -r $O $TactN -d $O $TactN "$KSK1" >settime.out.$zone.1 2>&1
743$SETTIME -s -g $O -k $R $TpubN1 -r $R $TpubN1 -d $H $TpubN1 "$KSK2" >settime.out.$zone.2 2>&1
744$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.3 2>&1
745# Set key rollover relationship.
746key_successor $KSK1 $KSK2
747# Sign zone.
748cat template.db.in "${KSK1}.key" "${KSK2}.key" "${ZSK}.key" >"$infile"
749private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK1" >>"$infile"
750private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK2" >>"$infile"
751private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
752cp $infile $zonefile
753$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
754
755# Step 4:
756# The DS should be swapped now.
757setup step4.ksk-doubleksk.autosign
758# According to RFC 7583:
759#
760# Tret(N)   = Tsbm(N+1)
761# Tdea(N)   = Tret(N) + Iret
762# Tact(N+1) = Tret(N)
763#
764#                   |5|       |6|   |7|      |8|      |9|    |10|
765#                    |         |     |        |        |       |
766#       Key N   - - --------------Lksk------->|<-Iret->|<----->|
767#                    |         |     |        |        |       |
768#       Key N+1      |<-IpubC->|<--->|<-Dreg->|<--------Lksk----- - -
769#                    |         |     |        |        |       |
770#       Key N                                Tret     Tdea    Trem
771#       Key N+1     Tpub      Trdy  Tsbm     Tact
772#
773#                                                             Tnow
774#
775# Lksk: 60d
776# Dreg: N/A
777# Iret: 50h
778#
779# Tact(N)   = Tnow - Lksk - Iret = now - 60d - 50h
780#           = now - 1440h - 50h = now - 1490h
781# Tret(N)   = Tnow - Iret = now - 50h
782# Trem(N)   = Tnow
783# Tpub(N+1) = Tnow - Iret - IpubC = now - 50h - 27h
784#           = now - 77h
785# Tsbm(N+1) = Tnow - Iret = now - 50h
786# Tact(N+1) = Tret(N)
787# Tret(N+1) = Tnow + Lksk - Iret = now + 60d - 50h = now + 1390h
788# Trem(N+1) = Tnow + Lksk = now + 60d
789TactN="now-1490h"
790TretN="now-50h"
791TremN="now"
792TpubN1="now-77h"
793TsbmN1="now-50h"
794TactN1="${TretN}"
795TretN1="now+1390h"
796TremN1="now+60d"
797ksktimes="-P ${TactN}  -A ${TactN} -P sync ${TactN}  -I ${TretN}  -D ${TremN}"
798newtimes="-P ${TpubN1} -A ${TretN} -P sync ${TsbmN1} -I ${TretN1} -D ${TremN1}"
799zsktimes="-P ${TactN}  -A ${TactN}"
800KSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
801KSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $newtimes $zone 2>keygen.out.$zone.2)
802ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.3)
803$SETTIME -s -g $H -k $O $TactN -r $O $TactN -d $U $TsbmN1 -D ds $TsbmN1 "$KSK1" >settime.out.$zone.1 2>&1
804$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $R $TsbmN1 -P ds $TsbmN1 "$KSK2" >settime.out.$zone.2 2>&1
805$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.3 2>&1
806# Set key rollover relationship.
807key_successor $KSK1 $KSK2
808# Sign zone.
809cat template.db.in "${KSK1}.key" "${KSK2}.key" "${ZSK}.key" >"$infile"
810private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK1" >>"$infile"
811private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK2" >>"$infile"
812private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
813cp $infile $zonefile
814$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
815
816# Step 5:
817# The predecessor DNSKEY is removed long enough that is has become HIDDEN.
818setup step5.ksk-doubleksk.autosign
819# Subtract DNSKEY TTL from all the times (2h).
820# Tact(N)   = now - 1490h - 2h = now - 1492h
821# Tret(N)   = now - 50h - 2h = now - 52h
822# Trem(N)   = now - 2h
823# Tpub(N+1) = now - 77h - 2h = now - 79h
824# Tsbm(N+1) = now - 50h - 2h = now - 52h
825# Tact(N+1) = Tret(N)
826# Tret(N+1) = now + 1390h - 2h = now + 1388h
827# Trem(N+1) = now + 60d - 2h = now + 1442h
828TactN="now-1492h"
829TretN="now-52h"
830TremN="now-2h"
831TpubN1="now-79h"
832TsbmN1="now-52h"
833TactN1="${TretN}"
834TretN1="now+1388h"
835TremN1="now+1442h"
836ksktimes="-P ${TactN}  -A ${TactN} -P sync ${TactN}  -I ${TretN}  -D ${TremN}"
837newtimes="-P ${TpubN1} -A ${TretN} -P sync ${TsbmN1} -I ${TretN1} -D ${TremN1}"
838zsktimes="-P ${TactN}  -A ${TactN}"
839KSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
840KSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $newtimes $zone 2>keygen.out.$zone.2)
841ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.3)
842$SETTIME -s -g $H -k $U $TretN -r $U $TretN -d $H $TretN "$KSK1" >settime.out.$zone.1 2>&1
843$SETTIME -s -g $O -k $O $TactN1 -r $O $TactN1 -d $O $TactN1 "$KSK2" >settime.out.$zone.2 2>&1
844$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.3 2>&1
845# Set key rollover relationship.
846key_successor $KSK1 $KSK2
847# Sign zone.
848cat template.db.in "${KSK1}.key" "${KSK2}.key" "${ZSK}.key" >"$infile"
849private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK1" >>"$infile"
850private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK2" >>"$infile"
851private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
852cp $infile $zonefile
853$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
854
855# Step 6:
856# The predecessor DNSKEY can be purged.
857setup step6.ksk-doubleksk.autosign
858# Subtract purge-keys interval from all the times (1h).
859# Tact(N)   = now - 1492h - 1h = now - 1493h
860# Tret(N)   = now - 52h - 1h = now - 53h
861# Trem(N)   = now - 2h - 1h = now - 3h
862# Tpub(N+1) = now - 79h - 1h = now - 80h
863# Tsbm(N+1) = now - 52h - 1h = now - 53h
864# Tact(N+1) = Tret(N)
865# Tret(N+1) = now + 1388h - 1h = now + 1387h
866# Trem(N+1) = now + 1442h - 1h = now + 1441h
867TactN="now-1493h"
868TretN="now-53h"
869TremN="now-3h"
870TpubN1="now-80h"
871TsbmN1="now-53h"
872TactN1="${TretN}"
873TretN1="now+1387h"
874TremN1="now+1441h"
875ksktimes="-P ${TactN}  -A ${TactN} -P sync ${TactN}  -I ${TretN}  -D ${TremN}"
876newtimes="-P ${TpubN1} -A ${TretN} -P sync ${TsbmN1} -I ${TretN1} -D ${TremN1}"
877zsktimes="-P ${TactN}  -A ${TactN}"
878KSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
879KSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $newtimes $zone 2>keygen.out.$zone.2)
880ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.3)
881$SETTIME -s -g $H -k $H $TretN -r $H $TretN -d $H $TretN "$KSK1" >settime.out.$zone.1 2>&1
882$SETTIME -s -g $O -k $O $TactN1 -r $O $TactN1 -d $O $TactN1 "$KSK2" >settime.out.$zone.2 2>&1
883$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.3 2>&1
884# Set key rollover relationship.
885key_successor $KSK1 $KSK2
886# Sign zone.
887cat template.db.in "${KSK1}.key" "${KSK2}.key" "${ZSK}.key" >"$infile"
888private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK1" >>"$infile"
889private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK2" >>"$infile"
890private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
891cp $infile $zonefile
892$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
893
894#
895# The zones at csk-roll.autosign represent the various steps of a CSK rollover
896# (which is essentially a ZSK Pre-Publication / KSK Double-KSK rollover).
897#
898
899# Step 1:
900# Introduce the first key. This will immediately be active.
901setup step1.csk-roll.autosign
902TactN="now"
903csktimes="-P ${TactN} -P sync ${TactN} -A ${TactN}"
904CSK=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
905$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN "$CSK" >settime.out.$zone.1 2>&1
906cat template.db.in "${CSK}.key" >"$infile"
907private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
908cp $infile $zonefile
909$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
910
911# Step 2:
912# It is time to introduce the new CSK.
913setup step2.csk-roll.autosign
914# According to RFC 7583:
915# KSK: Tpub(N+1) <= Tact(N) + Lksk - IpubC
916# ZSK: Tpub(N+1) <= Tact(N) + Lzsk - Ipub
917# IpubC = DprpC + TTLkey (+publish-safety)
918# Ipub  = IpubC
919# Lcsk = Lksk = Lzsk
920#
921# Lcsk:           6mo (186d, 4464h)
922# Dreg:           N/A
923# DprpC:          1h
924# TTLkey:         1h
925# publish-safety: 1h
926# Ipub:           3h
927#
928# Tact(N) = Tnow - Lcsk + Ipub = now - 186d + 3h
929#         = now - 4464h + 3h = now - 4461h
930TactN="now-4461h"
931csktimes="-P ${TactN} -P sync ${TactN} -A ${TactN}"
932CSK=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
933$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN "$CSK" >settime.out.$zone.1 2>&1
934cat template.db.in "${CSK}.key" >"$infile"
935private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
936cp $infile $zonefile
937$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
938
939# Step 3:
940# It is time to submit the DS and to roll signatures.
941setup step3.csk-roll.autosign
942# According to RFC 7583:
943#
944# Tsbm(N+1) >= Trdy(N+1)
945# KSK: Tact(N+1) = Tsbm(N+1)
946# ZSK: Tact(N+1) = Tpub(N+1) + Ipub = Tsbm(N+1)
947# KSK: Iret  = DprpP + TTLds (+retire-safety)
948# ZSK: IretZ = Dsgn + Dprp + TTLsig (+retire-safety)
949#
950# Lcsk:           186d
951# Dprp:           1h
952# DprpP:          1h
953# Dreg:           N/A
954# Dsgn:           25d
955# TTLds:          1h
956# TTLsig:         1d
957# retire-safety:  2h
958# Iret:           4h
959# IretZ:          26d3h
960# Ipub:           3h
961#
962# Tact(N)   = Tnow - Lcsk = now - 186d
963# Tret(N)   = now
964# Trem(N)   = Tnow + IretZ = now + 26d3h = now + 627h
965# Tpub(N+1) = Tnow - Ipub = now - 3h
966# Tsbm(N+1) = Tret(N)
967# Tact(N+1) = Tret(N)
968# Tret(N+1) = Tnow + Lcsk = now + 186d = now + 186d
969# Trem(N+1) = Tnow + Lcsk + IretZ = now + 186d + 26d3h =
970#           = now + 5091h
971TactN="now-186d"
972TretN="now"
973TremN="now+627h"
974TpubN1="now-3h"
975TsbmN1="now"
976TactN1="${TretN}"
977TretN1="now+186d"
978TremN1="now+5091h"
979csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
980newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
981CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
982CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
983$SETTIME -s -g $H -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN "$CSK1" >settime.out.$zone.1 2>&1
984$SETTIME -s -g $O -k $R $TpubN1 -r $R $TpubN1 -d $H $TpubN1 -z $H $TpubN1 "$CSK2" >settime.out.$zone.2 2>&1
985# Set key rollover relationship.
986key_successor $CSK1 $CSK2
987# Sign zone.
988cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
989private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
990private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
991cp $infile $zonefile
992$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
993
994# Step 4:
995# Some time later all the ZRRSIG records should be from the new CSK, and the
996# DS should be swapped.  The ZRRSIG records are all replaced after IretZ
997# (which is 26d3h).  The DS is swapped after Iret (which is 4h).
998# In other words, the DS is swapped before all zone signatures are replaced.
999setup step4.csk-roll.autosign
1000# According to RFC 7583:
1001# Trem(N)    = Tret(N) - Iret + IretZ
1002# Tnow       = Tsbm(N+1) + Iret
1003#
1004# Lcsk:   186d
1005# Iret:   4h
1006# IretZ:  26d3h
1007#
1008# Tact(N)   = Tnow - Iret - Lcsk = now - 4h - 186d = now - 4468h
1009# Tret(N)   = Tnow - Iret = now - 4h = now - 4h
1010# Trem(N)   = Tnow - Iret + IretZ = now - 4h + 26d3h
1011#           = now + 623h
1012# Tpub(N+1) = Tnow - Iret - IpubC = now - 4h - 3h = now - 7h
1013# Tsbm(N+1) = Tret(N)
1014# Tact(N+1) = Tret(N)
1015# Tret(N+1) = Tnow - Iret + Lcsk = now - 4h + 186d = now + 4460h
1016# Trem(N+1) = Tnow - Iret + Lcsk + IretZ = now - 4h + 186d + 26d3h
1017#	    = now + 5087h
1018TactN="now-4468h"
1019TretN="now-4h"
1020TremN="now+623h"
1021TpubN1="now-7h"
1022TsbmN1="${TretN}"
1023TactN1="${TretN}"
1024TretN1="now+4460h"
1025TremN1="now+5087h"
1026csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1027newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1028CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1029CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1030$SETTIME -s -g $H -k $O $TactN -r $O $TactN -d $U $TsbmN1 -z $U $TsbmN1 -D ds $TsbmN1 "$CSK1" >settime.out.$zone.1 2>&1
1031$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $R $TsbmN1 -z $R $TsbmN1 -P ds $TsbmN1 "$CSK2" >settime.out.$zone.2 2>&1
1032# Set key rollover relationship.
1033key_successor $CSK1 $CSK2
1034# Sign zone.
1035cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1036private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1037private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1038cp $infile $zonefile
1039$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1040
1041# Step 5:
1042# After the DS is swapped in step 4, also the KRRSIG records can be removed.
1043# At this time these have all become hidden.
1044setup step5.csk-roll.autosign
1045# Subtract DNSKEY TTL plus zone propagation delay from all the times (2h).
1046# Tact(N)   = now - 4468h - 2h = now - 4470h
1047# Tret(N)   = now - 4h - 2h = now - 6h
1048# Trem(N)   = now + 623h - 2h = now + 621h
1049# Tpub(N+1) = now - 7h - 2h = now - 9h
1050# Tsbm(N+1) = Tret(N)
1051# Tact(N+1) = Tret(N)
1052# Tret(N+1) = now + 4460h - 2h = now + 4458h
1053# Trem(N+1) = now + 5087h - 2h = now + 5085h
1054TactN="now-4470h"
1055TretN="now-6h"
1056TremN="now+621h"
1057TpubN1="now-9h"
1058TsbmN1="${TretN}"
1059TactN1="${TretN}"
1060TretN1="now+4458h"
1061TremN1="now+5085h"
1062csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1063newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1064CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1065CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1066$SETTIME -s -g $H -k $O $TactN -r $U now-2h -d $H now-2h -z $U $TactN1 "$CSK1" >settime.out.$zone.1 2>&1
1067$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O now-2h -z $R $TactN1 "$CSK2" >settime.out.$zone.2 2>&1
1068# Set key rollover relationship.
1069key_successor $CSK1 $CSK2
1070# Sign zone.
1071cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1072private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1073private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1074cp $infile $zonefile
1075$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1076
1077# Step 6:
1078# After the retire interval has passed the predecessor DNSKEY can be
1079# removed from the zone.
1080setup step6.csk-roll.autosign
1081# According to RFC 7583:
1082# Trem(N) = Tret(N) + IretZ
1083# Tret(N) = Tact(N) + Lcsk
1084#
1085# Lcsk:   186d
1086# Iret:   4h
1087# IretZ:  26d3h
1088#
1089# Tact(N)   = Tnow - IretZ - Lcsk = now - 627h - 186d
1090#           = now - 627h - 4464h = now - 5091h
1091# Tret(N)   = Tnow - IretZ = now - 627h
1092# Trem(N)   = Tnow
1093# Tpub(N+1) = Tnow - IretZ - Ipub = now - 627h - 3h = now - 630h
1094# Tsbm(N+1) = Tret(N)
1095# Tact(N+1) = Tret(N)
1096# Tret(N+1) = Tnow - IretZ + Lcsk = now - 627h + 186d = now + 3837h
1097# Trem(N+1) = Tnow + Lcsk = now + 186d
1098TactN="now-5091h"
1099TretN="now-627h"
1100TremN="now"
1101TpubN1="now-630h"
1102TsbmN1="${TretN}"
1103TactN1="${TretN}"
1104TretN1="now+3837h"
1105TremN1="now+186d"
1106csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1107newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1108CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1109CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1110$SETTIME -s -g $H -k $O $TactN -r $H $TremN -d $H $TremN -z $U $TsbmN1 "$CSK1" >settime.out.$zone.1 2>&1
1111$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TremN -z $R $TsbmN1 "$CSK2" >settime.out.$zone.2 2>&1
1112# Set key rollover relationship.
1113key_successor $CSK1 $CSK2
1114# Sign zone.
1115cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1116private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1117private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1118cp $infile $zonefile
1119$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1120
1121# Step 7:
1122# Some time later the predecessor DNSKEY enters the HIDDEN state.
1123setup step7.csk-roll.autosign
1124# Subtract DNSKEY TTL plus zone propagation delay from all the times (2h).
1125# Tact(N) = now - 5091h - 2h = now - 5093h
1126# Tret(N) = now - 627h - 2h  = now - 629h
1127# Trem(N) = now - 2h
1128# Tpub(N+1) = now - 630h - 2h = now - 632h
1129# Tsbm(N+1) = Tret(N)
1130# Tact(N+1) = Tret(N)
1131# Tret(N+1) = now + 3837h - 2h = now + 3835h
1132# Trem(N+1) = now + 186d - 2h = now + 4462h
1133TactN="now-5093h"
1134TretN="now-629h"
1135TremN="now-2h"
1136TpubN1="now-632h"
1137TsbmN1="${TretN}"
1138TactN1="${TretN}"
1139TretN1="now+3835h"
1140TremN1="now+4462h"
1141csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1142newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1143CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1144CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1145$SETTIME -s -g $H -k $U $TremN -r $H $TremN -d $H $TremN -z $H $TactN1 "$CSK1" >settime.out.$zone.1 2>&1
1146$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TactN1 -z $O $TactN1 "$CSK2" >settime.out.$zone.2 2>&1
1147# Set key rollover relationship.
1148key_successor $CSK1 $CSK2
1149# Sign zone.
1150cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1151private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1152private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1153cp $infile $zonefile
1154$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1155
1156# Step 8:
1157# The predecessor DNSKEY can be purged.
1158setup step8.csk-roll.autosign
1159# Subtract purge-keys interval from all the times (1h).
1160# Tact(N) = now - 5093h - 1h = now - 5094h
1161# Tret(N) = now - 629h - 1h  = now - 630h
1162# Trem(N) = now - 2h - 1h = now - 3h
1163# Tpub(N+1) = now - 632h - 1h = now - 633h
1164# Tsbm(N+1) = Tret(N)
1165# Tact(N+1) = Tret(N)
1166# Tret(N+1) = now + 3835h - 1h = now + 3834h
1167# Trem(N+1) = now + 4462h - 1h = now + 4461h
1168TactN="now-5094h"
1169TretN="now-630h"
1170TremN="now-3h"
1171TpubN1="now-633h"
1172TsbmN1="${TretN}"
1173TactN1="${TretN}"
1174TretN1="now+3834h"
1175TremN1="now+4461h"
1176csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1177newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1178CSK1=$($KEYGEN -k csk-roll -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1179CSK2=$($KEYGEN -k csk-roll -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1180$SETTIME -s -g $H -k $H $TremN -r $H $TremN -d $H $TremN -z $H $TactN1 "$CSK1" >settime.out.$zone.1 2>&1
1181$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TactN1 -z $O $TactN1 "$CSK2" >settime.out.$zone.2 2>&1
1182# Set key rollover relationship.
1183key_successor $CSK1 $CSK2
1184# Sign zone.
1185cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1186private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1187private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1188cp $infile $zonefile
1189$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1190
1191#
1192# The zones at csk-roll2.autosign represent the various steps of a CSK rollover
1193# (which is essentially a ZSK Pre-Publication / KSK Double-KSK rollover).
1194# This scenario differs from the above one because the zone signatures (ZRRSIG)
1195# are replaced with the new key sooner than the DS is swapped.
1196#
1197
1198# Step 1:
1199# Introduce the first key. This will immediately be active.
1200setup step1.csk-roll2.autosign
1201TactN="now"
1202csktimes="-P ${TactN} -P sync ${TactN} -A ${TactN}"
1203CSK=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1204$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN "$CSK" >settime.out.$zone.1 2>&1
1205cat template.db.in "${CSK}.key" >"$infile"
1206private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
1207cp $infile $zonefile
1208$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1209
1210# Step 2:
1211# It is time to introduce the new CSK.
1212setup step2.csk-roll2.autosign
1213# According to RFC 7583:
1214# KSK: Tpub(N+1) <= Tact(N) + Lksk - IpubC
1215# ZSK: Tpub(N+1) <= Tact(N) + Lzsk - Ipub
1216# IpubC = DprpC + TTLkey (+publish-safety)
1217# Ipub  = IpubC
1218# Lcsk = Lksk = Lzsk
1219#
1220# Lcsk:           6mo (186d, 4464h)
1221# Dreg:           N/A
1222# DprpC:          1h
1223# TTLkey:         1h
1224# publish-safety: 1h
1225# Ipub:           3h
1226#
1227# Tact(N)  = Tnow - Lcsk + Ipub = now - 186d + 3h
1228#          = now - 4464h + 3h = now - 4461h
1229TactN="now-4461h"
1230csktimes="-P ${TactN} -P sync ${TactN} -A ${TactN}"
1231CSK=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1232$SETTIME -s -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN "$CSK" >settime.out.$zone.1 2>&1
1233cat template.db.in "${CSK}.key" >"$infile"
1234private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK" >>"$infile"
1235cp $infile $zonefile
1236$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1237
1238# Step 3:
1239# It is time to submit the DS and to roll signatures.
1240setup step3.csk-roll2.autosign
1241# According to RFC 7583:
1242#
1243# Tsbm(N+1) >= Trdy(N+1)
1244# KSK: Tact(N+1) = Tsbm(N+1)
1245# ZSK: Tact(N+1) = Tpub(N+1) + Ipub = Tsbm(N+1)
1246# KSK: Iret  = DprpP + TTLds (+retire-safety)
1247# ZSK: IretZ = Dsgn + Dprp + TTLsig (+retire-safety)
1248#
1249# Lcsk:           186d
1250# Dprp:           1h
1251# DprpP:          1w
1252# Dreg:           N/A
1253# Dsgn:           12h
1254# TTLds:          1h
1255# TTLsig:         1d
1256# retire-safety:  1h
1257# Iret:           170h
1258# IretZ:          38h
1259# Ipub:           3h
1260#
1261# Tact(N)   = Tnow - Lcsk = now - 186d
1262# Tret(N)   = now
1263# Trem(N)   = Tnow + Iret = now + 170h
1264# Tpub(N+1) = Tnow - Ipub = now - 3h
1265# Tsbm(N+1) = Tret(N)
1266# Tact(N+1) = Tret(N)
1267# Tret(N+1) = Tnow + Lcsk = now + 186d
1268# Trem(N+1) = Tnow + Lcsk + Iret = now + 186d + 170h =
1269#           = now + 4464h + 170h = now + 4634h
1270TactN="now-186d"
1271TretN="now"
1272TremN="now+170h"
1273TpubN1="now-3h"
1274TsbmN1="${TretN}"
1275TactN1="${TretN}"
1276TretN1="now+186d"
1277TremN1="now+4634h"
1278csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1279newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1280CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1281CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1282$SETTIME -s -g $H -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN "$CSK1" >settime.out.$zone.1 2>&1
1283$SETTIME -s -g $O -k $R $TpubN1 -r $R $TpubN1 -d $H $TpubN1 -z $H $TpubN1 "$CSK2" >settime.out.$zone.2 2>&1
1284# Set key rollover relationship.
1285key_successor $CSK1 $CSK2
1286# Sign zone.
1287cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1288private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1289private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1290cp $infile $zonefile
1291$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1292
1293# Step 4:
1294# Some time later all the ZRRSIG records should be from the new CSK, and the
1295# DS should be swapped.  The ZRRSIG records are all replaced after IretZ (38h).
1296# The DS is swapped after Dreg + Iret (1w3h). In other words, the zone
1297# signatures are replaced before the DS is swapped.
1298setup step4.csk-roll2.autosign
1299# According to RFC 7583:
1300# Trem(N)    = Tret(N) + IretZ
1301#
1302# Lcsk:   186d
1303# Dreg:   N/A
1304# Iret:   170h
1305# IretZ:  38h
1306#
1307# Tact(N)    = Tnow - IretZ = Lcsk = now - 38h - 186d
1308#            = now - 38h - 4464h = now - 4502h
1309# Tret(N)    = Tnow - IretZ = now - 38h
1310# Trem(N)    = Tnow - IretZ + Iret = now - 38h + 170h = now + 132h
1311# Tpub(N+1)  = Tnow - IretZ - IpubC = now - 38h - 3h = now - 41h
1312# Tsbm(N+1)  = Tret(N)
1313# Tact(N+1)  = Tret(N)
1314# Tret(N+1)  = Tnow - IretZ + Lcsk = now - 38h + 186d
1315#            = now + 4426h
1316# Trem(N+1)  = Tnow - IretZ + Lcsk + Iret
1317#            = now + 4426h + 3h = now + 4429h
1318TactN="now-4502h"
1319TretN="now-38h"
1320TremN="now+132h"
1321TpubN1="now-41h"
1322TsbmN1="${TretN}"
1323TactN1="${TretN}"
1324TretN1="now+4426h"
1325TremN1="now+4429h"
1326csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1327newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1328CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1329CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1330$SETTIME -s -g $H -k $O $TactN -r $O $TactN -z $U $TretN -d $U $TsbmN1 -D ds $TsbmN1 "$CSK1" >settime.out.$zone.1 2>&1
1331$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -z $R $TactN1 -d $R $TsbmN1 -P ds $TsbmN1 "$CSK2" >settime.out.$zone.2 2>&1
1332# Set key rollover relationship.
1333key_successor $CSK1 $CSK2
1334# Sign zone.
1335cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1336private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1337private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1338cp $infile $zonefile
1339$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1340
1341# Step 5:
1342# Some time later the DS can be swapped and the old DNSKEY can be removed from
1343# the zone.
1344setup step5.csk-roll2.autosign
1345# Subtract Iret (170h) - IretZ (38h) = 132h.
1346#
1347# Tact(N)   = now - 4502h - 132h = now - 4634h
1348# Tret(N)   = now - 38h - 132h = now - 170h
1349# Trem(N)   = now + 132h - 132h = now
1350# Tpub(N+1) = now - 41h - 132h = now - 173h
1351# Tsbm(N+1) = Tret(N)
1352# Tact(N+1) = Tret(N)
1353# Tret(N+1) = now + 4426h - 132h = now + 4294h
1354# Trem(N+1) = now + 4492h - 132h = now + 4360h
1355TactN="now-4634h"
1356TretN="now-170h"
1357TremN="now"
1358TpubN1="now-173h"
1359TsbmN1="${TretN}"
1360TactN1="${TretN}"
1361TretN1="now+4294h"
1362TremN1="now+4360h"
1363csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1364newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1365CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1366CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1367$SETTIME -s -g $H -k $O $TactN -r $O $TactN -z $H now-133h -d $U $TsbmN1 -D ds $TsbmN1 "$CSK1" >settime.out.$zone.1 2>&1
1368$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -z $O now-133h -d $R $TsbmN1 -P ds $TsbmN1 "$CSK2" >settime.out.$zone.2 2>&1
1369# Set key rollover relationship.
1370key_successor $CSK1 $CSK2
1371# Sign zone.
1372cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1373private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1374private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1375cp $infile $zonefile
1376$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1377
1378# Step 6:
1379# Some time later the predecessor DNSKEY enters the HIDDEN state.
1380setup step6.csk-roll2.autosign
1381# Subtract DNSKEY TTL plus zone propagation delay (2h).
1382#
1383# Tact(N)   = now - 4634h - 2h = now - 4636h
1384# Tret(N)   = now - 170h - 2h = now - 172h
1385# Trem(N)   = now - 2h
1386# Tpub(N+1) = now - 173h - 2h = now - 175h
1387# Tsbm(N+1) = Tret(N)
1388# Tact(N+1) = Tret(N)
1389# Tret(N+1) = now + 4294h - 2h = now + 4292h
1390# Trem(N+1) = now + 4360h - 2h = now + 4358h
1391TactN="now-4636h"
1392TretN="now-172h"
1393TremN="now-2h"
1394TpubN1="now-175h"
1395TsbmN1="${TretN}"
1396TactN1="${TretN}"
1397TretN1="now+4292h"
1398TremN1="now+4358h"
1399csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1400newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1401CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1402CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1403$SETTIME -s -g $H -k $U $TremN -r $U $TremN -d $H $TremN -z $H now-135h "$CSK1" >settime.out.$zone.1 2>&1
1404$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TremN -z $O now-135h "$CSK2" >settime.out.$zone.2 2>&1
1405# Set key rollover relationship.
1406key_successor $CSK1 $CSK2
1407# Sign zone.
1408cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1409private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1410private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1411cp $infile $zonefile
1412$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1413
1414# Step 7:
1415# The predecessor DNSKEY can be purged, but purge-keys is disabled.
1416setup step7.csk-roll2.autosign
1417# Subtract 90 days (default, 2160h) from all the times.
1418# Tact(N)   = now - 4636h - 2160h = now - 6796h
1419# Tret(N)   = now - 172h - 2160h = now - 2332h
1420# Trem(N)   = now - 2h - 2160h = now - 2162h
1421# Tpub(N+1) = now - 175h - 2160h = now - 2335h
1422# Tsbm(N+1) = Tret(N)
1423# Tact(N+1) = Tret(N)
1424# Tret(N+1) = now + 4294h - 2160h = now + 2134h
1425# Trem(N+1) = now + 4360h - 2160h = now + 2200h
1426TactN="now-6796h"
1427TretN="now-2332h"
1428TremN="now-2162h"
1429TpubN1="now-2335h"
1430TsbmN1="${TretN}"
1431TactN1="${TretN}"
1432TretN1="now+2134h"
1433TremN1="now+2200h"
1434csktimes="-P ${TactN}  -P sync ${TactN}  -A ${TactN}  -I ${TretN}  -D ${TremN}"
1435newtimes="-P ${TpubN1} -P sync ${TsbmN1} -A ${TactN1} -I ${TretN1} -D ${TremN1}"
1436CSK1=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $csktimes $zone 2>keygen.out.$zone.1)
1437CSK2=$($KEYGEN -k csk-roll2 -l policies/autosign.conf $newtimes $zone 2>keygen.out.$zone.2)
1438$SETTIME -s -g $H -k $U $TremN -r $U $TremN -d $H $TremN -z $H now-135h "$CSK1" >settime.out.$zone.1 2>&1
1439$SETTIME -s -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TremN -z $O now-135h "$CSK2" >settime.out.$zone.2 2>&1
1440# Set key rollover relationship.
1441key_successor $CSK1 $CSK2
1442# Sign zone.
1443cat template.db.in "${CSK1}.key" "${CSK2}.key" >"$infile"
1444private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK1" >>"$infile"
1445private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$CSK2" >>"$infile"
1446cp $infile $zonefile
1447$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1448
1449# Test #2375, the "three is a crowd" bug, where a new key is introduced but the
1450# previous rollover has not finished yet. In other words, we have a key KEY2
1451# that is the successor of key KEY1, and we introduce a new key KEY3 that is
1452# the successor of key KEY2:
1453#
1454#     KEY1 < KEY2 < KEY3.
1455#
1456# The expected behavior is that all three keys remain in the zone, and not
1457# the bug behavior where KEY2 is removed and immediately replaced with KEY3.
1458#
1459# Set up a zone that has a KSK (KEY1) and have the successor key (KEY2)
1460# published as well.
1461setup three-is-a-crowd.kasp
1462# These times are the same as step3.ksk-doubleksk.autosign.
1463TactN="now-60d"
1464TretN="now"
1465TremN="now+50h"
1466TpubN1="now-27h"
1467TsbmN1="now"
1468TactN1="${TretN}"
1469TretN1="now+60d"
1470TremN1="now+1490h"
1471ksktimes="-P ${TactN}  -A ${TactN}  -P sync ${TactN}  -I ${TretN}  -D ${TremN}"
1472newtimes="-P ${TpubN1} -A ${TactN1} -P sync ${TsbmN1} -I ${TretN1} -D ${TremN1}"
1473zsktimes="-P ${TactN}  -A ${TactN}"
1474KSK1=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $ksktimes $zone 2>keygen.out.$zone.1)
1475KSK2=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 -f KSK $newtimes $zone 2>keygen.out.$zone.2)
1476ZSK=$($KEYGEN -a $DEFAULT_ALGORITHM -L 7200 $zsktimes $zone 2>keygen.out.$zone.3)
1477$SETTIME -s -g $H -k $O $TactN -r $O $TactN -d $O $TactN "$KSK1" >settime.out.$zone.1 2>&1
1478$SETTIME -s -g $O -k $R $TpubN1 -r $R $TpubN1 -d $H $TpubN1 "$KSK2" >settime.out.$zone.2 2>&1
1479$SETTIME -s -g $O -k $O $TactN -z $O $TactN "$ZSK" >settime.out.$zone.3 2>&1
1480# Set key rollover relationship.
1481key_successor $KSK1 $KSK2
1482# Sign zone.
1483cat template.db.in "${KSK1}.key" "${KSK2}.key" "${ZSK}.key" >"$infile"
1484private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK1" >>"$infile"
1485private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$KSK2" >>"$infile"
1486private_type_record $zone $DEFAULT_ALGORITHM_NUMBER "$ZSK" >>"$infile"
1487cp $infile $zonefile
1488$SIGNER -S -x -s now-1h -e now+2w -o $zone -O raw -f "${zonefile}.signed" $infile >signer.out.$zone.1 2>&1
1489