xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/cds/setup.sh (revision 2718af68c3efc72c9769069b5c7f9ed36f6b9def) 
1#!/bin/sh -e
2#
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# This Source Code Form is subject to the terms of the Mozilla Public
6# License, v. 2.0. If a copy of the MPL was not distributed with this
7# file, you can obtain one at https://mozilla.org/MPL/2.0/.
8#
9# See the COPYRIGHT file distributed with this work for additional
10# information regarding copyright ownership.
11
12set -eu
13
14SYSTEMTESTTOP=..
15. $SYSTEMTESTTOP/conf.sh
16
17touch empty
18
19Z=cds.test
20
21keyz=`$KEYGEN -q -a RSASHA256 $Z`
22key1=`$KEYGEN -q -a RSASHA256 -f KSK $Z`
23key2=`$KEYGEN -q -a RSASHA256 -f KSK $Z`
24
25idz=$(keyfile_to_key_id $keyz)
26id1=$(keyfile_to_key_id $key1)
27id2=$(keyfile_to_key_id $key2)
28
29cat <<EOF >vars.sh
30Z=$Z
31key1=$key1
32key2=$key2
33idz=$idz
34id1=$id1
35id2=$id2
36EOF
37
38tac() {
39	$PERL -e 'print reverse <>' "$@"
40}
41
42convert() {
43	key=$1
44	n=$2
45	$DSFROMKEY -12 $key >DS.$n
46	grep ' 8 1 ' DS.$n >DS.$n-1
47	grep ' 8 2 ' DS.$n >DS.$n-2
48	sed 's/ IN DS / IN CDS /' <DS.$n >>CDS.$n
49	sed 's/ IN DNSKEY / IN CDNSKEY /' <$key.key >CDNSKEY.$n
50	sed 's/ IN DS / 3600 IN DS /' <DS.$n >DS.ttl$n
51	sed 's/ IN DS / 7200 IN DS /' <DS.$n >DS.ttlong$n
52	tac <DS.$n >DS.rev$n
53}
54convert $key1 1
55convert $key2 2
56
57# consistent order wrt IDs
58sort DS.1 DS.2 >DS.both
59
60cp DS.1 DS.inplace
61$PERL -we 'utime time, time - 7200, "DS.inplace" or die'
62
63mangle="$PERL mangle.pl"
64
65$mangle " IN DS $id1 8 1 " <DS.1 >DS.broke1
66$mangle " IN DS $id1 8 2 " <DS.1 >DS.broke2
67$mangle " IN DS $id1 8 [12] " <DS.1 >DS.broke12
68
69sed 's/^/update add /
70$a\
71send
72' <DS.2 >UP.add2
73
74sed 's/^/update del /
75$a\
76send
77' <DS.1 >UP.del1
78
79cat UP.add2 UP.del1 | sed 3d >UP.swap
80
81sed 's/ add \(.*\) IN DS / add \1 3600 IN DS /' <UP.swap >UP.swapttl
82
83sign() {
84	cat >db.$1
85	$SIGNER >/dev/null \
86		 -S -O full -o $Z -f sig.$1 db.$1
87}
88
89sign null <<EOF
90\$TTL 1h
91@	SOA	localhost.	root.localhost. (
92		1	; serial
93		1h	; refresh
94		1h	; retry
95		1w	; expiry
96		1h	; minimum
97		)
98;
99	NS	localhost.
100;
101EOF
102
103cat sig.null CDS.1 >brk.unsigned-cds
104
105cat db.null CDS.1 | sign cds.1
106cat db.null CDS.2 | sign cds.2
107cat db.null CDS.1 CDS.2 | sign cds.both
108
109tac <sig.cds.1 >sig.cds.rev1
110
111cat db.null CDNSKEY.2 | sign cdnskey.2
112cat db.null CDS.2 CDNSKEY.2 | sign cds.cdnskey.2
113
114$mangle '\s+IN\s+RRSIG\s+CDS .* '$idz' '$Z'\. ' \
115	<sig.cds.1 >brk.rrsig.cds.zsk
116$mangle '\s+IN\s+RRSIG\s+CDS .* '$id1' '$Z'\. ' \
117	<sig.cds.1 >brk.rrsig.cds.ksk
118
119$mangle " IN CDS $id1 8 1 " <db.cds.1 |
120sign cds-mangled
121
122bad=`$PERL -le "print ($id1 ^ 255);"`
123sed 's/IN CDS '$id1' 8 1 /IN CDS '$bad' 8 1 /' <db.cds.1 |
124sign bad-digests
125
126sed '/IN CDS '$id1' 8 /p;s//IN CDS '$bad' 13 /' <db.cds.1 |
127sign bad-algos
128
129rm -f dsset-*
130