Allow for epoch start/expire times; add verboseSigning to jdnssec-signrrset
This commit is contained in:
David Blacka
parent
b291bb430b
commit
55a139db82
|
|
@ -65,7 +65,7 @@ public abstract class CLBase
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The base constructor. This will setup the command line options.
|
* The base constructor. This will setup the command line options.
|
||||||
*
|
*
|
||||||
* @param usage
|
* @param usage
|
||||||
* The command line usage string (e.g.,
|
* The command line usage string (e.g.,
|
||||||
* "jdnssec-foo [..options..] zonefile")
|
* "jdnssec-foo [..options..] zonefile")
|
||||||
|
|
@ -106,7 +106,7 @@ public abstract class CLBase
|
||||||
/**
|
/**
|
||||||
* This is an overridable method for subclasses to add their own command
|
* This is an overridable method for subclasses to add their own command
|
||||||
* line options.
|
* line options.
|
||||||
*
|
*
|
||||||
* @param opts
|
* @param opts
|
||||||
* the options object to add (via OptionBuilder, typically) new
|
* the options object to add (via OptionBuilder, typically) new
|
||||||
* options to.
|
* options to.
|
||||||
|
|
@ -121,7 +121,7 @@ public abstract class CLBase
|
||||||
* Subclasses generally override processOptions() rather than this method.
|
* Subclasses generally override processOptions() rather than this method.
|
||||||
* This method create the parsing objects and processes the standard
|
* This method create the parsing objects and processes the standard
|
||||||
* options.
|
* options.
|
||||||
*
|
*
|
||||||
* @param args
|
* @param args
|
||||||
* The command line arguments.
|
* The command line arguments.
|
||||||
* @throws ParseException
|
* @throws ParseException
|
||||||
|
|
@ -188,7 +188,7 @@ public abstract class CLBase
|
||||||
/**
|
/**
|
||||||
* Process additional tool-specific options. Subclasses generally override
|
* Process additional tool-specific options. Subclasses generally override
|
||||||
* this.
|
* this.
|
||||||
*
|
*
|
||||||
* @param cli
|
* @param cli
|
||||||
* The {@link CommandLine} object containing the parsed command
|
* The {@link CommandLine} object containing the parsed command
|
||||||
* line state.
|
* line state.
|
||||||
|
|
@ -247,9 +247,22 @@ public abstract class CLBase
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static long parseLong(String s, long def)
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
long v = Long.parseLong(s);
|
||||||
|
return v;
|
||||||
|
}
|
||||||
|
catch (NumberFormatException e)
|
||||||
|
{
|
||||||
|
return def;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Calculate a date/time from a command line time/offset duration string.
|
* Calculate a date/time from a command line time/offset duration string.
|
||||||
*
|
*
|
||||||
* @param start
|
* @param start
|
||||||
* the start time to calculate offsets from.
|
* the start time to calculate offsets from.
|
||||||
* @param duration
|
* @param duration
|
||||||
|
|
@ -272,6 +285,11 @@ public abstract class CLBase
|
||||||
long offset = (long) parseInt(duration.substring(1), 0) * 1000;
|
long offset = (long) parseInt(duration.substring(1), 0) * 1000;
|
||||||
return new Date(start.getTime() + offset);
|
return new Date(start.getTime() + offset);
|
||||||
}
|
}
|
||||||
|
if (duration.length() <= 10)
|
||||||
|
{
|
||||||
|
long epoch = parseLong(duration, 0) * 1000;
|
||||||
|
return new Date(epoch);
|
||||||
|
}
|
||||||
|
|
||||||
SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyyMMddHHmmss");
|
SimpleDateFormat dateFormatter = new SimpleDateFormat("yyyyMMddHHmmss");
|
||||||
dateFormatter.setTimeZone(TimeZone.getTimeZone("GMT"));
|
dateFormatter.setTimeZone(TimeZone.getTimeZone("GMT"));
|
||||||
|
|
|
||||||
|
|
@ -42,7 +42,7 @@ import com.verisignlabs.dnssec.security.*;
|
||||||
* RRset. Note that it will sign any RRset with any private key without
|
* RRset. Note that it will sign any RRset with any private key without
|
||||||
* consideration of whether or not the RRset *should* be signed in the context
|
* consideration of whether or not the RRset *should* be signed in the context
|
||||||
* of a zone.
|
* of a zone.
|
||||||
*
|
*
|
||||||
* @author David Blacka
|
* @author David Blacka
|
||||||
*/
|
*/
|
||||||
public class SignRRset extends CLBase
|
public class SignRRset extends CLBase
|
||||||
|
|
@ -61,6 +61,7 @@ public class SignRRset extends CLBase
|
||||||
public String inputfile = null;
|
public String inputfile = null;
|
||||||
public String outputfile = null;
|
public String outputfile = null;
|
||||||
public boolean verifySigs = false;
|
public boolean verifySigs = false;
|
||||||
|
public boolean verboseSigning = false;
|
||||||
|
|
||||||
public CLIState()
|
public CLIState()
|
||||||
{
|
{
|
||||||
|
|
@ -74,6 +75,7 @@ public class SignRRset extends CLBase
|
||||||
{
|
{
|
||||||
// boolean options
|
// boolean options
|
||||||
opts.addOption("a", "verify", false, "verify generated signatures>");
|
opts.addOption("a", "verify", false, "verify generated signatures>");
|
||||||
|
opts.addOption("V", "verbose-signing", false, "Display verbose signing activity.");
|
||||||
|
|
||||||
OptionBuilder.hasArg();
|
OptionBuilder.hasArg();
|
||||||
OptionBuilder.withArgName("dir");
|
OptionBuilder.withArgName("dir");
|
||||||
|
|
@ -104,6 +106,7 @@ public class SignRRset extends CLBase
|
||||||
String optstr = null;
|
String optstr = null;
|
||||||
|
|
||||||
if (cli.hasOption('a')) verifySigs = true;
|
if (cli.hasOption('a')) verifySigs = true;
|
||||||
|
if (cli.hasOption('V')) verboseSigning = true;
|
||||||
|
|
||||||
if ((optstr = cli.getOptionValue('D')) != null)
|
if ((optstr = cli.getOptionValue('D')) != null)
|
||||||
{
|
{
|
||||||
|
|
@ -155,7 +158,7 @@ public class SignRRset extends CLBase
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Verify the generated signatures.
|
* Verify the generated signatures.
|
||||||
*
|
*
|
||||||
* @param zonename
|
* @param zonename
|
||||||
* the origin name of the zone.
|
* the origin name of the zone.
|
||||||
* @param records
|
* @param records
|
||||||
|
|
@ -198,7 +201,7 @@ public class SignRRset extends CLBase
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Load the key pairs from the key files.
|
* Load the key pairs from the key files.
|
||||||
*
|
*
|
||||||
* @param keyfiles
|
* @param keyfiles
|
||||||
* a string array containing the base names or paths of the keys
|
* a string array containing the base names or paths of the keys
|
||||||
* to be loaded.
|
* to be loaded.
|
||||||
|
|
@ -310,7 +313,7 @@ public class SignRRset extends CLBase
|
||||||
state.outputfile = state.inputfile + ".signed";
|
state.outputfile = state.inputfile + ".signed";
|
||||||
}
|
}
|
||||||
|
|
||||||
JCEDnsSecSigner signer = new JCEDnsSecSigner();
|
JCEDnsSecSigner signer = new JCEDnsSecSigner(state.verboseSigning);
|
||||||
|
|
||||||
List<RRSIGRecord> sigs = signer.signRRset(rrset, keypairs, state.start, state.expire);
|
List<RRSIGRecord> sigs = signer.signRRset(rrset, keypairs, state.start, state.expire);
|
||||||
for (RRSIGRecord s : sigs)
|
for (RRSIGRecord s : sigs)
|
||||||
|
|
@ -355,7 +358,7 @@ public class SignRRset extends CLBase
|
||||||
{
|
{
|
||||||
SignRRset tool = new SignRRset();
|
SignRRset tool = new SignRRset();
|
||||||
tool.state = new CLIState();
|
tool.state = new CLIState();
|
||||||
|
|
||||||
tool.run(tool.state, args);
|
tool.run(tool.state, args);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue