1#!/bin/sh -e 2 3# Copyright (C) Internet Systems Consortium, Inc. ("ISC") 4# 5# SPDX-License-Identifier: MPL-2.0 6# 7# This Source Code Form is subject to the terms of the Mozilla Public 8# License, v. 2.0. If a copy of the MPL was not distributed with this 9# file, you can obtain one at https://mozilla.org/MPL/2.0/. 10# 11# See the COPYRIGHT file distributed with this work for additional 12# information regarding copyright ownership. 13 14# shellcheck source=conf.sh 15. "$SYSTEMTESTTOP/conf.sh" 16 17set -e 18 19echo_i "ns5/sign.sh" 20 21zone=. 22infile=../ns1/root.db.in 23zonefile=root.db.signed 24 25keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK "$zone") 26 27# copy the KSK out first, then revoke it 28keyfile_to_initial_ds "$keyname" > revoked.conf 29 30"$SETTIME" -R now "${keyname}.key" > /dev/null 31 32# create a current set of keys, and sign the root zone 33"$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" $zone > /dev/null 34"$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -f KSK $zone > /dev/null 35"$SIGNER" -S -o "$zone" -f "$zonefile" "$infile" > /dev/null 2>&1 36 37keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone ".") 38 39keyfile_to_static_ds "$keyname" > trusted.conf 40