Formatting (from a new Eclipse, for better or worse)

git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@116 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e

example.signed

@@ -0,0 +1,174 @@
+example.		3600	IN	SOA	ns1.example. bugs.x.w.example. (
+					1	; serial
+					3600	; refresh
+					300	; retry
+					3600000	; expire
+					3600 )	; minimum
+example.		3600	IN	RRSIG	SOA 133 1 3600 (
+	20150420235959 20051021000000 62827 example.
+	hNIkW1xzn+c+9P3W7PUVVptI72xEmOtn+eqQux0BE7Pfc6ikx4m7ivOVWETjbwHj
+	qfY0X5G+rynLZNqsbLm40Q== )
+example.		3600	IN	NS	ns1.example.
+example.		3600	IN	NS	ns2.example.
+example.		3600	IN	RRSIG	NS 133 1 3600 (
+	20150420235959 20051021000000 62827 example.
+	D9+iBwcbeKL5+TorTfYn4/pLr2lSFwyGYCyMgfq4TpFaZpxrCJPLxHbKjdkR18jA
+	t7+SR7B5JpiZcff2Cj2B0w== )
+example.		3600	IN	MX	1 xx.example.
+example.		3600	IN	RRSIG	MX 133 1 3600 (
+	20150420235959 20051021000000 62827 example.
+	jsGuTpXTTrZHzUKnViUpJ8YyGNpDd6n/sy2gHnSC0nj2jPxTC5VENLo3GxSpCSA5
+	DlAz57p+RllUJk3DWktkjw== )
+example.		3600	IN	DNSKEY	256 3 133 (
+	AQO0gEmbZUL6xbD/xQczHbnwYnf+jQjwz/sU5k44rHTt0Ty+3aOdYoome9TjGMhw
+	kkGby1TLExXT48OGGdbfIme5 ) ; key_tag = 62827
+example.		3600	IN	DNSKEY	257 3 133 (
+	AQOnsGyJvywVjYmiLbh0EwIRuWYcDiB/8blXcpkoxtpe19Oicv6Zko+8brVsTMeM
+	OpcUeGB1zsYKWJ7BvR2894hX ) ; key_tag = 22088
+example.		3600	IN	RRSIG	DNSKEY 133 1 3600 (
+	20150420235959 20051021000000 22088 example.
+	Xpo9ptByXb8M1JR1i0KuRmKGc/YeOLcc6PtnRJOx6ADLSL2mU6AYX5tAJRMTKTXk
+	6waLIaxuliqUBOkCjLUZMw== )
+example.		3600	IN	NSEC3PARAM	1 12 AABBCCDD
+example.		3600	IN	RRSIG	NSEC3PARAM 133 1 3600 (
+	20150420235959 20051021000000 62827 example.
+	LIDOPjIUc2DtDpXUlOaLnJkHKbacDvXZlhRmg4eFGnaEd794HnjRjeT9w5QwtLDp
+	LyyMRbGt4L0XlqhGJCcAsA== )
+0p9mhaveqvm6t7vbl5lop2u3t2rp3tom.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 2t7b4g4vsa5smi47k61mv5bv1a22bojr NS SOA MX RRSIG DNSKEY NSEC3PARAM ; example.
+0p9mhaveqvm6t7vbl5lop2u3t2rp3tom.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	SLMEpd0dWGX8+uU0H3kDcE1O2+0+o2HPEiywPwQ+LRC4QI7zectSLH3lw3EJi6OP
+	nZPYoW6fqlpIWuVv0srD4w== )
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	A	127.0.0.1
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	RRSIG	A 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	Enu4zogLLDz0p/lLcuH3+jpfuWR/Uyw4fyvglsaFNvFfs7t+f5TPEt5GLX4U2eRy
+	cWmF9ZpYMcPgqAgrGZJ+jA== )
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 2vptu5timamqttgl4luu9kg21e0aor3s A RRSIG ; ns1.example.
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	LltO1bbeZ3rVOjYcBRCMZ+ZtHOBtGaNMKtV7BzSPlCK0AUphcn0tg2cr0FONQgrI
+	+0Nd+8h6My6W2Bp/OzDcnQ== )
+2vptu5timamqttgl4luu9kg21e0aor3s.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 35mthgpgcu1qg68fab165klnsnk3dpvl MX RRSIG ; x.y.w.example.
+2vptu5timamqttgl4luu9kg21e0aor3s.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	c9D5yjzQulfpNUWkeZFBoBsZYAxh06LySa44Ef1SvzGZrT0l02bFTSMYPXciPQKp
+	mF3UzOkgW/E9gXinV/kQbg== )
+35mthgpgcu1qg68fab165klnsnk3dpvl.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 4g6p9u5gvfshp30pqecj98b3maqbn1ck NS DS RRSIG ; a.example.
+35mthgpgcu1qg68fab165klnsnk3dpvl.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	K35oTrxIxZewqnGlqua+5fweIKdi9vxDzHC0XBy/U6w1XtTsgEuNJepdXfSCBEw3
+	9G5pPobyDE4Ll8KyyEDZjw== )
+4g6p9u5gvfshp30pqecj98b3maqbn1ck.example.	3600	IN	NSEC3	1 0 12 AABBCCDD b4um86eghhds6nea196smvmlo4ors995 NS RRSIG ; c.example.
+4g6p9u5gvfshp30pqecj98b3maqbn1ck.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	rfscDMnDv/CJ5XWyvN8Ag6w0DMsrV82jqfet+UkYtxszAzdw9B0w9Iv3h1y9xIbM
+	prW1OGVOW52D3aeCHgN9Fg== )
+a.example.		3600	IN	NS	ns1.a.example.
+a.example.		3600	IN	NS	ns2.a.example.
+a.example.		3600	IN	DS	58470 5 1 3079F1593EBAD6DC121E202A8B766A6A4837206C
+a.example.		3600	IN	RRSIG	DS 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	qxw4j5LNe70UDu121YqAaqQjyjYbdKNd/4bEnH0kjQswuiGs9EuArCBhcWocWQDB
+	ku+A4HMHJdLqJr5p4JctLg== )
+ns1.a.example.		3600	IN	A	192.168.2.5
+ns2.a.example.		3600	IN	A	192.168.2.6
+ai.example.		3600	IN	A	192.168.2.9
+ai.example.		3600	IN	RRSIG	A 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	ZaXcOIABcqe1UbwBrisSfk1EBZN11ccgg81ZvZ4qVRhQRdMTprjO9boMYL3q7nz9
+	93IqSyUgjumoQ8qs1isY4Q== )
+ai.example.		3600	IN	HINFO	"KLH-10" "ITS"
+ai.example.		3600	IN	RRSIG	HINFO 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	BuDv+No06VEcIsEnvBdjdKm6kxQGrhOgKEKbGsb8DJRjY7Lia+YG2//s6OlOIfxP
+	mLlLiYpAi3q2sEjTJhocGQ== )
+ai.example.		3600	IN	AAAA	2001:db8:0:0:0:0:f00:baa9
+ai.example.		3600	IN	RRSIG	AAAA 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	m65zc0A16Xbx3jYb0t5vPwMzE2xS15mKh76MhSuKfiFVhBFcQ9IilEM0pXnLzt3o
+	zrM/3X0x2ruyuN0zC+PABA== )
+b4um86eghhds6nea196smvmlo4ors995.example.	3600	IN	NSEC3	1 0 12 AABBCCDD gjeqe526plbf1g8mklp59enfd789njgi MX RRSIG ; x.w.example.
+b4um86eghhds6nea196smvmlo4ors995.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	ckq4/fbGcW7MBHRIE4vjJTCLijvbBKcPbAOcG4OfJe1+TO1ttGUzRSWv0ZWkn7gx
+	VbsOS52kw9DPbkG/3jG4TQ== )
+c.example.		3600	IN	NS	ns1.c.example.
+c.example.		3600	IN	NS	ns2.c.example.
+ns1.c.example.		3600	IN	A	192.168.2.7
+ns2.c.example.		3600	IN	A	192.168.2.8
+gjeqe526plbf1g8mklp59enfd789njgi.example.	3600	IN	NSEC3	1 0 12 AABBCCDD ji6neoaepv8b5o6k4ev33abha8ht9fgc A HINFO AAAA RRSIG ; ai.example.
+gjeqe526plbf1g8mklp59enfd789njgi.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	DcvlIYwhANn1NSV05tBQ9ngC+Gaw3pBdpXlrpSWN4xrvvguaarf0Kbe0LF2+KJ5x
+	1cHrOsLVx8oEDoKzTCztsA== )
+ji6neoaepv8b5o6k4ev33abha8ht9fgc.example.	3600	IN	NSEC3	1 0 12 AABBCCDD k8udemvp1j2f7eg6jebps17vp3n8i58h ; y.w.example.
+ji6neoaepv8b5o6k4ev33abha8ht9fgc.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	GSlthW4H4KIpxxBHYXl2IDZWlvnwAKVgPkW/ZlWcGyv+Ro2nYOwS8Qv/yNop1JKz
+	bE5X0+ac8Dw7zLvDAr4kwQ== )
+k8udemvp1j2f7eg6jebps17vp3n8i58h.example.	3600	IN	NSEC3	1 0 12 AABBCCDD kohar7mbb8dc2ce8a9qvl8hon4k53uhi ; w.example.
+k8udemvp1j2f7eg6jebps17vp3n8i58h.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	Ob3coJUfYXYeYfIlXj9VhuT0CN/cZeFwMwbzSz3GyDNyeUo+3QqJY5kabenFB0jB
+	Q9I2B3kRQFQO6sA1YJZyaQ== )
+kohar7mbb8dc2ce8a9qvl8hon4k53uhi.example.	3600	IN	NSEC3	1 0 12 AABBCCDD q04jkcevqvmu85r014c7dkba38o0ji5r A RRSIG ; 2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.
+kohar7mbb8dc2ce8a9qvl8hon4k53uhi.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	Tm0ZvbTsHGTsBpdL9KTIi1q+4AW0VZ4zuTWH2zoJPBP4PS1P9A1oWhnal7Ahrm9e
+	pK7nOTTd8VtHcd7uPCPI5A== )
+ns1.example.		3600	IN	A	192.168.2.1
+ns1.example.		3600	IN	RRSIG	A 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	KS4zeGDaXO99zFfZdkH8BPj5Mm2r9NdxrW5hcwZbIngiTAlE0DcVVBNY8b0h2DZL
+	2znQr8QJ0/QDt8ufz6tZyg== )
+ns2.example.		3600	IN	A	192.168.2.2
+ns2.example.		3600	IN	RRSIG	A 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	Hc6i5zNssmqTB7zhORrMT9uvhLdQ9c3DPjuqUjw/UOw4xJIMjhG4qDwQRav4XpyI
+	2mvVJFR11M07gNwzYG2Ypw== )
+q04jkcevqvmu85r014c7dkba38o0ji5r.example.	3600	IN	NSEC3	1 0 12 AABBCCDD r53bq7cc2uvmubfu5ocmm6pers9tk9en A RRSIG ; ns2.example.
+q04jkcevqvmu85r014c7dkba38o0ji5r.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	W8dGSgyF9g7x5uSdwcVvLUHjU3u+NHrRqfIWOvylwUgLikJL07t3Yj+phVgibpcV
+	cjfD9W1XR6Sy4jby7QK0iQ== )
+r53bq7cc2uvmubfu5ocmm6pers9tk9en.example.	3600	IN	NSEC3	1 0 12 AABBCCDD t644ebqk9bibcna874givr6joj62mlhv MX RRSIG ; *.w.example.
+r53bq7cc2uvmubfu5ocmm6pers9tk9en.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	KKcNGSMH1QRz1+WtADVTrW7bJ4ipvWuuXSDNgTs8JgJ8r0zz1oeiDwDtR+z9elBT
+	q86tM/bvTQ4GFQiCWnOFNw== )
+t644ebqk9bibcna874givr6joj62mlhv.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 0p9mhaveqvm6t7vbl5lop2u3t2rp3tom A HINFO AAAA RRSIG ; xx.example.
+t644ebqk9bibcna874givr6joj62mlhv.example.	3600	IN	RRSIG	NSEC3 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	cWBONm5AfvchgLPHhUeJHNdnZ9dqSMI3UpHS/s3Ek1csDKKA6BUc/OM+kVRWT9lE
+	jRhRXqB8ay2EeHx2iKOOKg== )
+*.w.example.		3600	IN	MX	1 ai.example.
+*.w.example.		3600	IN	RRSIG	MX 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	DnT0Y6dRBM8f3v8HdKmZUsGVkXh+b+htujCRc423x6c8erEMGVnxcrmcrZ53qGXc
+	MYJ+TDkqa7Xfz/f9xzvSTw== )
+x.w.example.		3600	IN	MX	1 xx.example.
+x.w.example.		3600	IN	RRSIG	MX 133 3 3600 (
+	20150420235959 20051021000000 62827 example.
+	BLSDMos8kYR7+2U7iwwdqdhU82hzq0s57xtwF08tWU/d19jrNO6LdWfBL/FJ8zL8
+	ZpEjhh6b8cj0f5yQOUyShw== )
+x.y.w.example.		3600	IN	MX	1 xx.example.
+x.y.w.example.		3600	IN	RRSIG	MX 133 4 3600 (
+	20150420235959 20051021000000 62827 example.
+	GPzELyUCxrnyep8uMcqthUXjTqYBmgeaveb92vQgzUyPLLamNN/YqMHr6tGQNxeM
+	AhclxUSQeoCggUBVhFfB1Q== )
+xx.example.		3600	IN	A	192.168.2.10
+xx.example.		3600	IN	RRSIG	A 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	qxwCQAqdWxq4bDNPKyOVG679cSJwKVv/Q5Rj9WKymDOhOPTmEs8xDxbiM4EXyv0i
+	g50I3Wvbkmyw4sQ5CspOcA== )
+xx.example.		3600	IN	HINFO	"KLH-10" "TOPS-20"
+xx.example.		3600	IN	RRSIG	HINFO 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	YJFwmD0By0NpGEvO1nE1ZTH10XrmpKnVuAEIcAxLLHyPs3qyGQdDEG7sQX5+PfiO
+	GZrNmZef8NgQhW8kGEgN1Q== )
+xx.example.		3600	IN	AAAA	2001:db8:0:0:0:0:f00:baaa
+xx.example.		3600	IN	RRSIG	AAAA 133 2 3600 (
+	20150420235959 20051021000000 62827 example.
+	VAJBlXoTOScrIM6yPlDsd9o05v39qIzFnemR2vgw1s4l8maJVWi9IHEg8oiypJvG
+	wSCP1nFsEOlXyNFQJ0fWGA== )

example.signed.dave

@@ -0,0 +1,72 @@
+example.		3600	IN	SOA	ns1.example. bugs.x.w.example. 1 3600 300 3600000 3600
+example.		3600	IN	RRSIG	SOA 133 1 3600 20150420235959 20051021000000 62827 example. hNIkW1xzn+c+9P3W7PUVVptI72xEmOtn+eqQux0BE7Pfc6ikx4m7ivOVWETjbwHjqfY0X5G+rynLZNqsbLm40Q==
+example.		3600	IN	NS	ns1.example.
+example.		3600	IN	NS	ns2.example.
+example.		3600	IN	RRSIG	NS 133 1 3600 20150420235959 20051021000000 62827 example. D9+iBwcbeKL5+TorTfYn4/pLr2lSFwyGYCyMgfq4TpFaZpxrCJPLxHbKjdkR18jAt7+SR7B5JpiZcff2Cj2B0w==
+example.		3600	IN	MX	1 xx.example.
+example.		3600	IN	RRSIG	MX 133 1 3600 20150420235959 20051021000000 62827 example. jsGuTpXTTrZHzUKnViUpJ8YyGNpDd6n/sy2gHnSC0nj2jPxTC5VENLo3GxSpCSA5DlAz57p+RllUJk3DWktkjw==
+example.		3600	IN	DNSKEY	256 3 133 AQO0gEmbZUL6xbD/xQczHbnwYnf+jQjwz/sU5k44rHTt0Ty+3aOdYoome9TjGMhwkkGby1TLExXT48OGGdbfIme5
+example.		3600	IN	DNSKEY	257 3 133 AQOnsGyJvywVjYmiLbh0EwIRuWYcDiB/8blXcpkoxtpe19Oicv6Zko+8brVsTMeMOpcUeGB1zsYKWJ7BvR2894hX
+example.		3600	IN	RRSIG	DNSKEY 133 1 3600 20150420235959 20051021000000 22088 example. Xpo9ptByXb8M1JR1i0KuRmKGc/YeOLcc6PtnRJOx6ADLSL2mU6AYX5tAJRMTKTXk6waLIaxuliqUBOkCjLUZMw==
+example.		3600	IN	NSEC3PARAM	1 12 AABBCCDD
+example.		3600	IN	RRSIG	NSEC3PARAM 133 1 3600 20150420235959 20051021000000 62827 example. LIDOPjIUc2DtDpXUlOaLnJkHKbacDvXZlhRmg4eFGnaEd794HnjRjeT9w5QwtLDpLyyMRbGt4L0XlqhGJCcAsA==
+0p9mhaveqvm6t7vbl5lop2u3t2rp3tom.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 2t7b4g4vsa5smi47k61mv5bv1a22bojr NS SOA MX RRSIG DNSKEY NSEC3PARAM
+0p9mhaveqvm6t7vbl5lop2u3t2rp3tom.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. SLMEpd0dWGX8+uU0H3kDcE1O2+0+o2HPEiywPwQ+LRC4QI7zectSLH3lw3EJi6OPnZPYoW6fqlpIWuVv0srD4w==
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	A	127.0.0.1
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. Enu4zogLLDz0p/lLcuH3+jpfuWR/Uyw4fyvglsaFNvFfs7t+f5TPEt5GLX4U2eRycWmF9ZpYMcPgqAgrGZJ+jA==
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 2vptu5timamqttgl4luu9kg21e0aor3s A RRSIG
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. LltO1bbeZ3rVOjYcBRCMZ+ZtHOBtGaNMKtV7BzSPlCK0AUphcn0tg2cr0FONQgrI+0Nd+8h6My6W2Bp/OzDcnQ==
+2vptu5timamqttgl4luu9kg21e0aor3s.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 35mthgpgcu1qg68fab165klnsnk3dpvl MX RRSIG
+2vptu5timamqttgl4luu9kg21e0aor3s.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. c9D5yjzQulfpNUWkeZFBoBsZYAxh06LySa44Ef1SvzGZrT0l02bFTSMYPXciPQKpmF3UzOkgW/E9gXinV/kQbg==
+35mthgpgcu1qg68fab165klnsnk3dpvl.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 4g6p9u5gvfshp30pqecj98b3maqbn1ck NS DS RRSIG
+35mthgpgcu1qg68fab165klnsnk3dpvl.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. K35oTrxIxZewqnGlqua+5fweIKdi9vxDzHC0XBy/U6w1XtTsgEuNJepdXfSCBEw39G5pPobyDE4Ll8KyyEDZjw==
+4g6p9u5gvfshp30pqecj98b3maqbn1ck.example.	3600	IN	NSEC3	1 0 12 AABBCCDD b4um86eghhds6nea196smvmlo4ors995 NS RRSIG
+4g6p9u5gvfshp30pqecj98b3maqbn1ck.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. rfscDMnDv/CJ5XWyvN8Ag6w0DMsrV82jqfet+UkYtxszAzdw9B0w9Iv3h1y9xIbMprW1OGVOW52D3aeCHgN9Fg==
+a.example.		3600	IN	NS	ns1.a.example.
+a.example.		3600	IN	NS	ns2.a.example.
+a.example.		3600	IN	DS	58470 5 1 3079F1593EBAD6DC121E202A8B766A6A4837206C
+a.example.		3600	IN	RRSIG	DS 133 2 3600 20150420235959 20051021000000 62827 example. qxw4j5LNe70UDu121YqAaqQjyjYbdKNd/4bEnH0kjQswuiGs9EuArCBhcWocWQDBku+A4HMHJdLqJr5p4JctLg==
+ns1.a.example.		3600	IN	A	192.168.2.5
+ns2.a.example.		3600	IN	A	192.168.2.6
+ai.example.		3600	IN	A	192.168.2.9
+ai.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. ZaXcOIABcqe1UbwBrisSfk1EBZN11ccgg81ZvZ4qVRhQRdMTprjO9boMYL3q7nz993IqSyUgjumoQ8qs1isY4Q==
+ai.example.		3600	IN	HINFO	"KLH-10" "ITS"
+ai.example.		3600	IN	RRSIG	HINFO 133 2 3600 20150420235959 20051021000000 62827 example. BuDv+No06VEcIsEnvBdjdKm6kxQGrhOgKEKbGsb8DJRjY7Lia+YG2//s6OlOIfxPmLlLiYpAi3q2sEjTJhocGQ==
+ai.example.		3600	IN	AAAA	2001:db8:0:0:0:0:f00:baa9
+ai.example.		3600	IN	RRSIG	AAAA 133 2 3600 20150420235959 20051021000000 62827 example. m65zc0A16Xbx3jYb0t5vPwMzE2xS15mKh76MhSuKfiFVhBFcQ9IilEM0pXnLzt3ozrM/3X0x2ruyuN0zC+PABA==
+b4um86eghhds6nea196smvmlo4ors995.example.	3600	IN	NSEC3	1 0 12 AABBCCDD gjeqe526plbf1g8mklp59enfd789njgi MX RRSIG
+b4um86eghhds6nea196smvmlo4ors995.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. ckq4/fbGcW7MBHRIE4vjJTCLijvbBKcPbAOcG4OfJe1+TO1ttGUzRSWv0ZWkn7gxVbsOS52kw9DPbkG/3jG4TQ==
+c.example.		3600	IN	NS	ns1.c.example.
+c.example.		3600	IN	NS	ns2.c.example.
+ns1.c.example.		3600	IN	A	192.168.2.7
+ns2.c.example.		3600	IN	A	192.168.2.8
+gjeqe526plbf1g8mklp59enfd789njgi.example.	3600	IN	NSEC3	1 0 12 AABBCCDD ji6neoaepv8b5o6k4ev33abha8ht9fgc A HINFO AAAA RRSIG
+gjeqe526plbf1g8mklp59enfd789njgi.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. DcvlIYwhANn1NSV05tBQ9ngC+Gaw3pBdpXlrpSWN4xrvvguaarf0Kbe0LF2+KJ5x1cHrOsLVx8oEDoKzTCztsA==
+ji6neoaepv8b5o6k4ev33abha8ht9fgc.example.	3600	IN	NSEC3	1 0 12 AABBCCDD k8udemvp1j2f7eg6jebps17vp3n8i58h
+ji6neoaepv8b5o6k4ev33abha8ht9fgc.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. GSlthW4H4KIpxxBHYXl2IDZWlvnwAKVgPkW/ZlWcGyv+Ro2nYOwS8Qv/yNop1JKzbE5X0+ac8Dw7zLvDAr4kwQ==
+k8udemvp1j2f7eg6jebps17vp3n8i58h.example.	3600	IN	NSEC3	1 0 12 AABBCCDD kohar7mbb8dc2ce8a9qvl8hon4k53uhi
+k8udemvp1j2f7eg6jebps17vp3n8i58h.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. Ob3coJUfYXYeYfIlXj9VhuT0CN/cZeFwMwbzSz3GyDNyeUo+3QqJY5kabenFB0jBQ9I2B3kRQFQO6sA1YJZyaQ==
+kohar7mbb8dc2ce8a9qvl8hon4k53uhi.example.	3600	IN	NSEC3	1 0 12 AABBCCDD q04jkcevqvmu85r014c7dkba38o0ji5r A RRSIG
+kohar7mbb8dc2ce8a9qvl8hon4k53uhi.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. Tm0ZvbTsHGTsBpdL9KTIi1q+4AW0VZ4zuTWH2zoJPBP4PS1P9A1oWhnal7Ahrm9epK7nOTTd8VtHcd7uPCPI5A==
+ns1.example.		3600	IN	A	192.168.2.1
+ns1.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. KS4zeGDaXO99zFfZdkH8BPj5Mm2r9NdxrW5hcwZbIngiTAlE0DcVVBNY8b0h2DZL2znQr8QJ0/QDt8ufz6tZyg==
+ns2.example.		3600	IN	A	192.168.2.2
+ns2.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. Hc6i5zNssmqTB7zhORrMT9uvhLdQ9c3DPjuqUjw/UOw4xJIMjhG4qDwQRav4XpyI2mvVJFR11M07gNwzYG2Ypw==
+q04jkcevqvmu85r014c7dkba38o0ji5r.example.	3600	IN	NSEC3	1 0 12 AABBCCDD r53bq7cc2uvmubfu5ocmm6pers9tk9en A RRSIG
+q04jkcevqvmu85r014c7dkba38o0ji5r.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. W8dGSgyF9g7x5uSdwcVvLUHjU3u+NHrRqfIWOvylwUgLikJL07t3Yj+phVgibpcVcjfD9W1XR6Sy4jby7QK0iQ==
+r53bq7cc2uvmubfu5ocmm6pers9tk9en.example.	3600	IN	NSEC3	1 0 12 AABBCCDD t644ebqk9bibcna874givr6joj62mlhv MX RRSIG
+r53bq7cc2uvmubfu5ocmm6pers9tk9en.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. KKcNGSMH1QRz1+WtADVTrW7bJ4ipvWuuXSDNgTs8JgJ8r0zz1oeiDwDtR+z9elBTq86tM/bvTQ4GFQiCWnOFNw==
+t644ebqk9bibcna874givr6joj62mlhv.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 0p9mhaveqvm6t7vbl5lop2u3t2rp3tom A HINFO AAAA RRSIG
+t644ebqk9bibcna874givr6joj62mlhv.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. cWBONm5AfvchgLPHhUeJHNdnZ9dqSMI3UpHS/s3Ek1csDKKA6BUc/OM+kVRWT9lEjRhRXqB8ay2EeHx2iKOOKg==
+*.w.example.		3600	IN	MX	1 ai.example.
+*.w.example.		3600	IN	RRSIG	MX 133 2 3600 20150420235959 20051021000000 62827 example. DnT0Y6dRBM8f3v8HdKmZUsGVkXh+b+htujCRc423x6c8erEMGVnxcrmcrZ53qGXcMYJ+TDkqa7Xfz/f9xzvSTw==
+x.w.example.		3600	IN	MX	1 xx.example.
+x.w.example.		3600	IN	RRSIG	MX 133 3 3600 20150420235959 20051021000000 62827 example. BLSDMos8kYR7+2U7iwwdqdhU82hzq0s57xtwF08tWU/d19jrNO6LdWfBL/FJ8zL8ZpEjhh6b8cj0f5yQOUyShw==
+x.y.w.example.		3600	IN	MX	1 xx.example.
+x.y.w.example.		3600	IN	RRSIG	MX 133 4 3600 20150420235959 20051021000000 62827 example. GPzELyUCxrnyep8uMcqthUXjTqYBmgeaveb92vQgzUyPLLamNN/YqMHr6tGQNxeMAhclxUSQeoCggUBVhFfB1Q==
+xx.example.		3600	IN	A	192.168.2.10
+xx.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. qxwCQAqdWxq4bDNPKyOVG679cSJwKVv/Q5Rj9WKymDOhOPTmEs8xDxbiM4EXyv0ig50I3Wvbkmyw4sQ5CspOcA==
+xx.example.		3600	IN	HINFO	"KLH-10" "TOPS-20"
+xx.example.		3600	IN	RRSIG	HINFO 133 2 3600 20150420235959 20051021000000 62827 example. YJFwmD0By0NpGEvO1nE1ZTH10XrmpKnVuAEIcAxLLHyPs3qyGQdDEG7sQX5+PfiOGZrNmZef8NgQhW8kGEgN1Q==
+xx.example.		3600	IN	AAAA	2001:db8:0:0:0:0:f00:baaa
+xx.example.		3600	IN	RRSIG	AAAA 133 2 3600 20150420235959 20051021000000 62827 example. VAJBlXoTOScrIM6yPlDsd9o05v39qIzFnemR2vgw1s4l8maJVWi9IHEg8oiypJvGwSCP1nFsEOlXyNFQJ0fWGA==

example.signed.roy

@@ -0,0 +1,72 @@
+example.		3600	IN	SOA	ns1.example. bugs.x.w.example. 1 3600 300 3600000 3600
+example.		3600	IN	RRSIG	SOA 133 1 3600 20150420235959 20051021000000 62827 example. hNIkW1xzn+c+9P3W7PUVVptI72xEmOtn+eqQux0BE7Pfc6ikx4m7ivOVWETjbwHjqfY0X5G+rynLZNqsbLm40Q==
+example.		3600	IN	NS	ns1.example.
+example.		3600	IN	NS	ns2.example.
+example.		3600	IN	RRSIG	NS 133 1 3600 20150420235959 20051021000000 62827 example. D9+iBwcbeKL5+TorTfYn4/pLr2lSFwyGYCyMgfq4TpFaZpxrCJPLxHbKjdkR18jAt7+SR7B5JpiZcff2Cj2B0w==
+example.		3600	IN	MX	1 xx.example.
+example.		3600	IN	RRSIG	MX 133 1 3600 20150420235959 20051021000000 62827 example. jsGuTpXTTrZHzUKnViUpJ8YyGNpDd6n/sy2gHnSC0nj2jPxTC5VENLo3GxSpCSA5DlAz57p+RllUJk3DWktkjw==
+example.		3600	IN	DNSKEY	256 3 133 AQO0gEmbZUL6xbD/xQczHbnwYnf+jQjwz/sU5k44rHTt0Ty+3aOdYoome9TjGMhwkkGby1TLExXT48OGGdbfIme5
+example.		3600	IN	DNSKEY	257 3 133 AQOnsGyJvywVjYmiLbh0EwIRuWYcDiB/8blXcpkoxtpe19Oicv6Zko+8brVsTMeMOpcUeGB1zsYKWJ7BvR2894hX
+example.		3600	IN	RRSIG	DNSKEY 133 1 3600 20150420235959 20051021000000 22088 example. Xpo9ptByXb8M1JR1i0KuRmKGc/YeOLcc6PtnRJOx6ADLSL2mU6AYX5tAJRMTKTXk6waLIaxuliqUBOkCjLUZMw==
+example.		3600	IN	NSEC3PARAM	1 12 AABBCCDD
+example.		3600	IN	RRSIG	NSEC3PARAM 133 1 3600 20150420235959 20051021000000 62827 example. LIDOPjIUc2DtDpXUlOaLnJkHKbacDvXZlhRmg4eFGnaEd794HnjRjeT9w5QwtLDpLyyMRbGt4L0XlqhGJCcAsA==
+0p9mhaveqvm6t7vbl5lop2u3t2rp3tom.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 2t7b4g4vsa5smi47k61mv5bv1a22bojr NS SOA MX RRSIG DNSKEY NSEC3PARAM
+0p9mhaveqvm6t7vbl5lop2u3t2rp3tom.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. SLMEpd0dWGX8+uU0H3kDcE1O2+0+o2HPEiywPwQ+LRC4QI7zectSLH3lw3EJi6OPnZPYoW6fqlpIWuVv0srD4w==
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	A	127.0.0.1
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. Enu4zogLLDz0p/lLcuH3+jpfuWR/Uyw4fyvglsaFNvFfs7t+f5TPEt5GLX4U2eRycWmF9ZpYMcPgqAgrGZJ+jA==
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 2vptu5timamqttgl4luu9kg21e0aor3s A RRSIG
+2t7b4g4vsa5smi47k61mv5bv1a22bojr.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. LltO1bbeZ3rVOjYcBRCMZ+ZtHOBtGaNMKtV7BzSPlCK0AUphcn0tg2cr0FONQgrI+0Nd+8h6My6W2Bp/OzDcnQ==
+2vptu5timamqttgl4luu9kg21e0aor3s.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 35mthgpgcu1qg68fab165klnsnk3dpvl MX RRSIG
+2vptu5timamqttgl4luu9kg21e0aor3s.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. c9D5yjzQulfpNUWkeZFBoBsZYAxh06LySa44Ef1SvzGZrT0l02bFTSMYPXciPQKpmF3UzOkgW/E9gXinV/kQbg==
+35mthgpgcu1qg68fab165klnsnk3dpvl.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 4g6p9u5gvfshp30pqecj98b3maqbn1ck NS DS RRSIG
+35mthgpgcu1qg68fab165klnsnk3dpvl.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. K35oTrxIxZewqnGlqua+5fweIKdi9vxDzHC0XBy/U6w1XtTsgEuNJepdXfSCBEw39G5pPobyDE4Ll8KyyEDZjw==
+4g6p9u5gvfshp30pqecj98b3maqbn1ck.example.	3600	IN	NSEC3	1 0 12 AABBCCDD b4um86eghhds6nea196smvmlo4ors995 NS RRSIG
+4g6p9u5gvfshp30pqecj98b3maqbn1ck.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. rfscDMnDv/CJ5XWyvN8Ag6w0DMsrV82jqfet+UkYtxszAzdw9B0w9Iv3h1y9xIbMprW1OGVOW52D3aeCHgN9Fg==
+a.example.		3600	IN	NS	ns1.a.example.
+a.example.		3600	IN	NS	ns2.a.example.
+a.example.		3600	IN	DS	58470 5 1 3079F1593EBAD6DC121E202A8B766A6A4837206C
+a.example.		3600	IN	RRSIG	DS 133 2 3600 20150420235959 20051021000000 62827 example. qxw4j5LNe70UDu121YqAaqQjyjYbdKNd/4bEnH0kjQswuiGs9EuArCBhcWocWQDBku+A4HMHJdLqJr5p4JctLg==
+ns1.a.example.		3600	IN	A	192.168.2.5
+ns2.a.example.		3600	IN	A	192.168.2.6
+ai.example.		3600	IN	A	192.168.2.9
+ai.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. ZaXcOIABcqe1UbwBrisSfk1EBZN11ccgg81ZvZ4qVRhQRdMTprjO9boMYL3q7nz993IqSyUgjumoQ8qs1isY4Q==
+ai.example.		3600	IN	HINFO	"KLH-10" "ITS"
+ai.example.		3600	IN	RRSIG	HINFO 133 2 3600 20150420235959 20051021000000 62827 example. BuDv+No06VEcIsEnvBdjdKm6kxQGrhOgKEKbGsb8DJRjY7Lia+YG2//s6OlOIfxPmLlLiYpAi3q2sEjTJhocGQ==
+ai.example.		3600	IN	AAAA	2001:db8:0:0:0:0:f00:baa9
+ai.example.		3600	IN	RRSIG	AAAA 133 2 3600 20150420235959 20051021000000 62827 example. m65zc0A16Xbx3jYb0t5vPwMzE2xS15mKh76MhSuKfiFVhBFcQ9IilEM0pXnLzt3ozrM/3X0x2ruyuN0zC+PABA==
+b4um86eghhds6nea196smvmlo4ors995.example.	3600	IN	NSEC3	1 0 12 AABBCCDD gjeqe526plbf1g8mklp59enfd789njgi MX RRSIG
+b4um86eghhds6nea196smvmlo4ors995.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. ckq4/fbGcW7MBHRIE4vjJTCLijvbBKcPbAOcG4OfJe1+TO1ttGUzRSWv0ZWkn7gxVbsOS52kw9DPbkG/3jG4TQ==
+c.example.		3600	IN	NS	ns1.c.example.
+c.example.		3600	IN	NS	ns2.c.example.
+ns1.c.example.		3600	IN	A	192.168.2.7
+ns2.c.example.		3600	IN	A	192.168.2.8
+gjeqe526plbf1g8mklp59enfd789njgi.example.	3600	IN	NSEC3	1 0 12 AABBCCDD ji6neoaepv8b5o6k4ev33abha8ht9fgc A HINFO AAAA RRSIG
+gjeqe526plbf1g8mklp59enfd789njgi.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. DcvlIYwhANn1NSV05tBQ9ngC+Gaw3pBdpXlrpSWN4xrvvguaarf0Kbe0LF2+KJ5x1cHrOsLVx8oEDoKzTCztsA==
+ji6neoaepv8b5o6k4ev33abha8ht9fgc.example.	3600	IN	NSEC3	1 0 12 AABBCCDD k8udemvp1j2f7eg6jebps17vp3n8i58h
+ji6neoaepv8b5o6k4ev33abha8ht9fgc.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. GSlthW4H4KIpxxBHYXl2IDZWlvnwAKVgPkW/ZlWcGyv+Ro2nYOwS8Qv/yNop1JKzbE5X0+ac8Dw7zLvDAr4kwQ==
+k8udemvp1j2f7eg6jebps17vp3n8i58h.example.	3600	IN	NSEC3	1 0 12 AABBCCDD kohar7mbb8dc2ce8a9qvl8hon4k53uhi
+k8udemvp1j2f7eg6jebps17vp3n8i58h.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. Ob3coJUfYXYeYfIlXj9VhuT0CN/cZeFwMwbzSz3GyDNyeUo+3QqJY5kabenFB0jBQ9I2B3kRQFQO6sA1YJZyaQ==
+kohar7mbb8dc2ce8a9qvl8hon4k53uhi.example.	3600	IN	NSEC3	1 0 12 AABBCCDD q04jkcevqvmu85r014c7dkba38o0ji5r A RRSIG
+kohar7mbb8dc2ce8a9qvl8hon4k53uhi.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. Tm0ZvbTsHGTsBpdL9KTIi1q+4AW0VZ4zuTWH2zoJPBP4PS1P9A1oWhnal7Ahrm9epK7nOTTd8VtHcd7uPCPI5A==
+ns1.example.		3600	IN	A	192.168.2.1
+ns1.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. KS4zeGDaXO99zFfZdkH8BPj5Mm2r9NdxrW5hcwZbIngiTAlE0DcVVBNY8b0h2DZL2znQr8QJ0/QDt8ufz6tZyg==
+ns2.example.		3600	IN	A	192.168.2.2
+ns2.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. Hc6i5zNssmqTB7zhORrMT9uvhLdQ9c3DPjuqUjw/UOw4xJIMjhG4qDwQRav4XpyI2mvVJFR11M07gNwzYG2Ypw==
+q04jkcevqvmu85r014c7dkba38o0ji5r.example.	3600	IN	NSEC3	1 0 12 AABBCCDD r53bq7cc2uvmubfu5ocmm6pers9tk9en A RRSIG
+q04jkcevqvmu85r014c7dkba38o0ji5r.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. W8dGSgyF9g7x5uSdwcVvLUHjU3u+NHrRqfIWOvylwUgLikJL07t3Yj+phVgibpcVcjfD9W1XR6Sy4jby7QK0iQ==
+r53bq7cc2uvmubfu5ocmm6pers9tk9en.example.	3600	IN	NSEC3	1 0 12 AABBCCDD t644ebqk9bibcna874givr6joj62mlhv MX RRSIG
+r53bq7cc2uvmubfu5ocmm6pers9tk9en.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. KKcNGSMH1QRz1+WtADVTrW7bJ4ipvWuuXSDNgTs8JgJ8r0zz1oeiDwDtR+z9elBTq86tM/bvTQ4GFQiCWnOFNw==
+t644ebqk9bibcna874givr6joj62mlhv.example.	3600	IN	NSEC3	1 0 12 AABBCCDD 0p9mhaveqvm6t7vbl5lop2u3t2rp3tom A HINFO AAAA RRSIG
+t644ebqk9bibcna874givr6joj62mlhv.example.	3600	IN	RRSIG	NSEC3 133 2 3600 20150420235959 20051021000000 62827 example. cWBONm5AfvchgLPHhUeJHNdnZ9dqSMI3UpHS/s3Ek1csDKKA6BUc/OM+kVRWT9lEjRhRXqB8ay2EeHx2iKOOKg==
+*.w.example.		3600	IN	MX	1 ai.example.
+*.w.example.		3600	IN	RRSIG	MX 133 2 3600 20150420235959 20051021000000 62827 example. DnT0Y6dRBM8f3v8HdKmZUsGVkXh+b+htujCRc423x6c8erEMGVnxcrmcrZ53qGXcMYJ+TDkqa7Xfz/f9xzvSTw==
+x.w.example.		3600	IN	MX	1 xx.example.
+x.w.example.		3600	IN	RRSIG	MX 133 3 3600 20150420235959 20051021000000 62827 example. BLSDMos8kYR7+2U7iwwdqdhU82hzq0s57xtwF08tWU/d19jrNO6LdWfBL/FJ8zL8ZpEjhh6b8cj0f5yQOUyShw==
+x.y.w.example.		3600	IN	MX	1 xx.example.
+x.y.w.example.		3600	IN	RRSIG	MX 133 4 3600 20150420235959 20051021000000 62827 example. GPzELyUCxrnyep8uMcqthUXjTqYBmgeaveb92vQgzUyPLLamNN/YqMHr6tGQNxeMAhclxUSQeoCggUBVhFfB1Q==
+xx.example.		3600	IN	A	192.168.2.10
+xx.example.		3600	IN	RRSIG	A 133 2 3600 20150420235959 20051021000000 62827 example. qxwCQAqdWxq4bDNPKyOVG679cSJwKVv/Q5Rj9WKymDOhOPTmEs8xDxbiM4EXyv0ig50I3Wvbkmyw4sQ5CspOcA==
+xx.example.		3600	IN	HINFO	"KLH-10" "TOPS-20"
+xx.example.		3600	IN	RRSIG	HINFO 133 2 3600 20150420235959 20051021000000 62827 example. YJFwmD0By0NpGEvO1nE1ZTH10XrmpKnVuAEIcAxLLHyPs3qyGQdDEG7sQX5+PfiOGZrNmZef8NgQhW8kGEgN1Q==
+xx.example.		3600	IN	AAAA	2001:db8:0:0:0:0:f00:baaa
+xx.example.		3600	IN	RRSIG	AAAA 133 2 3600 20150420235959 20051021000000 62827 example. VAJBlXoTOScrIM6yPlDsd9o05v39qIzFnemR2vgw1s4l8maJVWi9IHEg8oiypJvGwSCP1nFsEOlXyNFQJ0fWGA==

sign_example.sh

@@ -0,0 +1,14 @@
+#! /bin/bash
+
+./bin/_jdnssec-signzone \
+	-3 \
+	-A 133:5:RSASHA1-NSEC3 \
+	-s 20051021000000 \
+	-e 20150420235959 \
+	-D test/ \
+	-S AABBCCDD \
+	--iterations 12 \
+	-k Kexample.+133+22088 \
+	test/example \
+	Kexample.+133+62827
+	

src/com/verisignlabs/dnssec/cl/DSTool.java

@@ -35,8 +35,7 @@ import com.verisignlabs.dnssec.security.DnsKeyPair;
 import com.verisignlabs.dnssec.security.SignUtils;
 
 /**
- * This class forms the command line implementation of a DNSSEC DS/DLV
+ * This class forms the command line implementation of a DNSSEC DS/DLV generator
- * generator
  * 
  * @author David Blacka (original)
  * @author $Author: davidb $
@@ -76,19 +75,22 @@ public class DSTool
       opts.addOption("h", "help", false, "Print this message.");
 
       opts.addOption(OptionBuilder.withLongOpt("dlv")
-          .withDescription("Generate a DLV record instead.").create());
+          .withDescription("Generate a DLV record instead.")
+          .create());
 
       // Argument options
-      opts.addOption(OptionBuilder.hasOptionalArg().withLongOpt("verbose")
+      opts.addOption(OptionBuilder.hasOptionalArg()
+          .withLongOpt("verbose")
           .withArgName("level")
-          .withDescription("verbosity level -- 0 is silence, "
+          .withDescription("verbosity level -- 0 is silence, 5 is debug information, 6 is trace information.\n"
-              + "5 is debug information, " + "6 is trace information.\n"
+                           + "default is level 5.")
-              + "default is level 5.").create('v'));
+          .create('v'));
 
-      opts.addOption(OptionBuilder.hasArg().withLongOpt("digest")
+      opts.addOption(OptionBuilder.hasArg()
+          .withLongOpt("digest")
           .withArgName("id")
-          .withDescription("The Digest ID to use (numerically): "
+          .withDescription("The Digest ID to use (numerically): either 1 for SHA1 or 2 for SHA256")
-              + "either 1 for SHA1 or 2 for SHA256").create('d'));
+          .create('d'));
     }
 
     public void parseCommandLine(String[] args)
@@ -105,14 +107,14 @@ public class DSTool
         Logger rootLogger = Logger.getLogger("");
         switch (value)
         {
-          case 0 :
+          case 0:
             rootLogger.setLevel(Level.OFF);
             break;
-          case 5 :
+          case 5:
-          default :
+          default:
             rootLogger.setLevel(Level.FINE);
             break;
-          case 6 :
+          case 6:
             rootLogger.setLevel(Level.ALL);
             break;
         }
@@ -142,14 +144,9 @@ public class DSTool
       PrintWriter out = new PrintWriter(System.err);
 
       // print our own usage statement:
-      f.printHelp(out,
+      f.printHelp(out, 75, "jdnssec-dstool [..options..] keyfile", null, opts,
-          75,
+                  HelpFormatter.DEFAULT_LEFT_PAD,
-          "jdnssec-dstool [..options..] keyfile",
+                  HelpFormatter.DEFAULT_DESC_PAD, null);
-          null,
-          opts,
-          HelpFormatter.DEFAULT_LEFT_PAD,
-          HelpFormatter.DEFAULT_DESC_PAD,
-          null);
 
       out.flush();
       System.exit(64);
@@ -159,8 +156,10 @@ public class DSTool
   /**
    * This is just a convenience method for parsing integers from strings.
    * 
-   * @param s the string to parse.
+   * @param s
-   * @param def the default value, if the string doesn't parse.
+   *          the string to parse.
+   * @param def
+   *          the default value, if the string doesn't parse.
    * @return the parsed integer, or the default.
    */
   private static int parseInt(String s, int def)
@@ -187,17 +186,16 @@ public class DSTool
       log.warning("DNSKEY is not an SEP-flagged key.");
     }
 
-    DSRecord ds = SignUtils.calculateDSRecord(dnskey,
+    DSRecord ds = SignUtils.calculateDSRecord(dnskey, state.digest_id,
-        state.digest_id,
+                                              dnskey.getTTL());
-        dnskey.getTTL());
     Record res = ds;
 
     if (state.createDLV)
     {
       log.fine("creating DLV.");
-      DLVRecord dlv = new DLVRecord(ds.getName(), ds.getDClass(),
+      DLVRecord dlv = new DLVRecord(ds.getName(), ds.getDClass(), ds.getTTL(),
-          ds.getTTL(), ds.getFootprint(), ds.getAlgorithm(),
+                                    ds.getFootprint(), ds.getAlgorithm(),
-          ds.getDigestID(), ds.getDigest());
+                                    ds.getDigestID(), ds.getDigest());
       res = dlv;
     }
 
@@ -223,14 +221,13 @@ public class DSTool
     }
     catch (UnrecognizedOptionException e)
     {
-      System.err.println("error: unknown option encountered: "
+      System.err.println("error: unknown option encountered: " + e.getMessage());
-          + e.getMessage());
       state.usage();
     }
     catch (AlreadySelectedException e)
     {
-      System.err.println("error: mutually exclusive options have "
+      System.err.println("error: mutually exclusive options have been selected:\n     "
-          + "been selected:\n     " + e.getMessage());
+          + e.getMessage());
       state.usage();
     }
     catch (Exception e)

src/com/verisignlabs/dnssec/cl/KeyGen.java

@@ -78,12 +78,10 @@ public class KeyGen
 
       // boolean options
       opts.addOption("h", "help", false, "Print this message.");
-      opts.addOption("k",
+      opts.addOption("k", "kskflag", false,
-          "kskflag",
+                     "Key is a key-signing-key (sets the SEP flag).");
-          false,
-          "Key is a key-signing-key (sets the SEP flag).");
       opts.addOption("e", "large-exponent", false, "Use large RSA exponent");
-      
+
       // Argument options
       OptionBuilder.hasArg();
       OptionBuilder.withLongOpt("nametype");
@@ -101,9 +99,8 @@ public class KeyGen
 
       OptionBuilder.hasArg();
       OptionBuilder.withArgName("algorithm");
-      OptionBuilder
+      OptionBuilder.withDescription("RSA | RSASHA1 | RSAMD5 | DH | DSA | alias, "
-          .withDescription("RSA | RSASHA1 | RSAMD5 | DH | DSA | alias, "
+          + "RSASHA1 is default.");
-              + "RSASHA1 is default.");
       opts.addOption(OptionBuilder.create('a'));
 
       OptionBuilder.hasArg();
@@ -117,8 +114,7 @@ public class KeyGen
       OptionBuilder.hasArg();
       OptionBuilder.withArgName("file");
       OptionBuilder.withLongOpt("output-file");
-      OptionBuilder
+      OptionBuilder.withDescription("base filename for the public/private key files");
-          .withDescription("base filename for the public/private key files");
       opts.addOption(OptionBuilder.create('f'));
 
       OptionBuilder.hasArg();
@@ -151,14 +147,14 @@ public class KeyGen
         Logger rootLogger = Logger.getLogger("");
         switch (value)
         {
-          case 0 :
+          case 0:
             rootLogger.setLevel(Level.OFF);
             break;
-          case 5 :
+          case 5:
-          default :
+          default:
             rootLogger.setLevel(Level.FINE);
             break;
-          case 6 :
+          case 6:
             rootLogger.setLevel(Level.ALL);
             break;
         }
@@ -167,7 +163,7 @@ public class KeyGen
       if (cli.hasOption('k')) kskFlag = true;
 
       if (cli.hasOption('e')) useLargeE = true;
-      
+
       outputfile = cli.getOptionValue('f');
 
       if ((optstr = cli.getOptionValue('d')) != null)
@@ -221,22 +217,22 @@ public class KeyGen
     private void addArgAlias(String s)
     {
       if (s == null) return;
-      
+
       DnsKeyAlgorithm algs = DnsKeyAlgorithm.getInstance();
-      
+
       String[] v = s.split(":");
       if (v.length < 2) return;
-      
+
       int alias = parseInt(v[0], -1);
       if (alias <= 0) return;
       int orig = parseInt(v[1], -1);
       if (orig <= 0) return;
       String mn = null;
       if (v.length > 2) mn = v[2];
-      
+
       algs.addAlias(alias, mn, orig);
     }
-    
+
     /** Print out the usage and help statements, then quit. */
     private void usage()
     {
@@ -245,14 +241,9 @@ public class KeyGen
       PrintWriter out = new PrintWriter(System.err);
 
       // print our own usage statement:
-      f.printHelp(out,
+      f.printHelp(out, 75, "jdnssec-keygen [..options..] name", null, opts,
-          75,
+                  HelpFormatter.DEFAULT_LEFT_PAD,
-          "jdnssec-keygen [..options..] name",
+                  HelpFormatter.DEFAULT_DESC_PAD, null);
-          null,
-          opts,
-          HelpFormatter.DEFAULT_LEFT_PAD,
-          HelpFormatter.DEFAULT_DESC_PAD,
-          null);
 
       out.flush();
       System.exit(64);
@@ -262,8 +253,10 @@ public class KeyGen
   /**
    * This is just a convenience method for parsing integers from strings.
    * 
-   * @param s the string to parse.
+   * @param s
-   * @param def the default value, if the string doesn't parse.
+   *          the string to parse.
+   * @param def
+   *          the default value, if the string doesn't parse.
    * @return the parsed integer, or the default.
    */
   private static int parseInt(String s, int def)
@@ -310,13 +303,9 @@ public class KeyGen
         + state.ttl + ", alg = " + state.algorithm + ", flags = " + flags
         + ", length = " + state.keylength + ")");
 
-    DnsKeyPair pair = signer.generateKey(owner_name,
+    DnsKeyPair pair = signer.generateKey(owner_name, state.ttl, DClass.IN,
-          state.ttl,
+                                         state.algorithm, flags,
-          DClass.IN,
+                                         state.keylength, state.useLargeE);
-          state.algorithm,
-          flags,
-          state.keylength,
-          state.useLargeE);
 
     if (state.outputfile != null)
     {
@@ -338,8 +327,7 @@ public class KeyGen
     }
     catch (UnrecognizedOptionException e)
     {
-      System.err.println("error: unknown option encountered: "
+      System.err.println("error: unknown option encountered: " + e.getMessage());
-          + e.getMessage());
       state.usage();
     }
     catch (AlreadySelectedException e)

src/com/verisignlabs/dnssec/cl/KeyInfoTool.java

@@ -32,8 +32,7 @@ import com.verisignlabs.dnssec.security.DnsKeyAlgorithm;
 import com.verisignlabs.dnssec.security.DnsKeyPair;
 
 /**
- * This class forms the command line implementation of a DNSSEC DS/DLV
+ * This class forms the command line implementation of a DNSSEC DS/DLV generator
- * generator
  * 
  * @author David Blacka (original)
  * @author $Author: davidb $
@@ -49,7 +48,7 @@ public class KeyInfoTool
   private static class CLIState
   {
     private Options opts;
-    public String   keyname    = null;
+    public String   keyname = null;
 
     public CLIState()
     {
@@ -69,12 +68,16 @@ public class KeyInfoTool
       opts.addOption("h", "help", false, "Print this message.");
 
       // Argument options
-      opts.addOption(OptionBuilder.hasOptionalArg().withLongOpt("verbose")
+      opts.addOption(OptionBuilder.hasOptionalArg()
+          .withLongOpt("verbose")
           .withArgName("level")
-          .withDescription("verbosity level -- 0 is silence, "
+          .withDescription(
-              + "5 is debug information, " + "6 is trace information.\n"
+                           "verbosity level -- 0 is silence, "
-              + "default is level 5.").create('v'));
+                               + "5 is debug information, "
-      
+                               + "6 is trace information.\n"
+                               + "default is level 5.")
+          .create('v'));
+
       OptionBuilder.hasArg();
       OptionBuilder.withLongOpt("alg-alias");
       OptionBuilder.withArgName("alias:original:mnemonic");
@@ -96,14 +99,14 @@ public class KeyInfoTool
         Logger rootLogger = Logger.getLogger("");
         switch (value)
         {
-          case 0 :
+          case 0:
             rootLogger.setLevel(Level.OFF);
             break;
-          case 5 :
+          case 5:
-          default :
+          default:
             rootLogger.setLevel(Level.FINE);
             break;
-          case 6 :
+          case 6:
             rootLogger.setLevel(Level.ALL);
             break;
         }
@@ -136,14 +139,9 @@ public class KeyInfoTool
       PrintWriter out = new PrintWriter(System.err);
 
       // print our own usage statement:
-      f.printHelp(out,
+      f.printHelp(out, 75, "jdnssec-keyinfo [..options..] keyfile", null, opts,
-          75,
+                  HelpFormatter.DEFAULT_LEFT_PAD,
-          "jdnssec-keyinfo [..options..] keyfile",
+                  HelpFormatter.DEFAULT_DESC_PAD, null);
-          null,
-          opts,
-          HelpFormatter.DEFAULT_LEFT_PAD,
-          HelpFormatter.DEFAULT_DESC_PAD,
-          null);
 
       out.flush();
       System.exit(64);
@@ -153,8 +151,10 @@ public class KeyInfoTool
   /**
    * This is just a convenience method for parsing integers from strings.
    * 
-   * @param s the string to parse.
+   * @param s
-   * @param def the default value, if the string doesn't parse.
+   *          the string to parse.
+   * @param def
+   *          the default value, if the string doesn't parse.
    * @return the parsed integer, or the default.
    */
   private static int parseInt(String s, int def)
@@ -169,48 +169,48 @@ public class KeyInfoTool
       return def;
     }
   }
-  
+
   private static void addArgAlias(String s)
   {
     if (s == null) return;
-    
+
     DnsKeyAlgorithm algs = DnsKeyAlgorithm.getInstance();
-    
+
     String[] v = s.split(":");
     if (v.length < 2) return;
-    
+
     int alias = parseInt(v[0], -1);
     if (alias <= 0) return;
     int orig = parseInt(v[1], -1);
     if (orig <= 0) return;
     String mn = null;
     if (v.length > 2) mn = v[2];
-    
+
     algs.addAlias(alias, mn, orig);
   }
-  
+
-  
   public static void execute(CLIState state) throws Exception
   {
 
     DnsKeyPair key = BINDKeyUtils.loadKey(state.keyname, null);
     DNSKEYRecord dnskey = key.getDNSKEYRecord();
     DnsKeyAlgorithm dnskeyalg = DnsKeyAlgorithm.getInstance();
-    
+
     boolean isSEP = (dnskey.getFlags() & DNSKEYRecord.Flags.SEP_KEY) != 0;
-    
+
     System.out.println("Name: " + dnskey.getName());
     System.out.println("SEP: " + isSEP);
-    
+
-    System.out.println("Algorithm: " + dnskeyalg.algToString(dnskey.getAlgorithm()));
+    System.out.println("Algorithm: "
+        + dnskeyalg.algToString(dnskey.getAlgorithm()));
     System.out.println("ID: " + dnskey.getFootprint());
-    if (dnskeyalg.baseType(dnskey.getAlgorithm()) == dnskeyalg.RSA)
+    if (dnskeyalg.baseType(dnskey.getAlgorithm()) == DnsKeyAlgorithm.RSA)
     {
       RSAPublicKey pub = (RSAPublicKey) key.getPublic();
       System.out.println("RSA Public Exponent: " + pub.getPublicExponent());
       System.out.println("RSA Modulus: " + pub.getModulus());
     }
-    
+
   }
 
   public static void main(String[] args)
@@ -223,8 +223,7 @@ public class KeyInfoTool
     }
     catch (UnrecognizedOptionException e)
     {
-      System.err.println("error: unknown option encountered: "
+      System.err.println("error: unknown option encountered: " + e.getMessage());
-          + e.getMessage());
       state.usage();
     }
     catch (AlreadySelectedException e)

src/com/verisignlabs/dnssec/cl/VerifyZone.java

@@ -36,8 +36,7 @@ import org.xbill.DNS.*;
 import com.verisignlabs.dnssec.security.*;
 
 /**
- * This class forms the command line implementation of a DNSSEC zone
+ * This class forms the command line implementation of a DNSSEC zone validator.
- * validator.
  * 
  * @author David Blacka (original)
  * @author $Author$
@@ -75,26 +74,31 @@ public class VerifyZone
 
       // boolean options
       opts.addOption("h", "help", false, "Print this message.");
-      opts.addOption("s",
+      opts.addOption("s", "strict", false,
-          "strict",
+                     "Zone will only be considered valid if all "
-          false,
+                         + "signatures could be cryptographically verified");
-          "Zone will only be considered valid if all "
-              + "signatures could be cryptographically verified");
 
       // Argument options
-      opts.addOption(OptionBuilder.hasArg().withLongOpt("keydir")
+      opts.addOption(OptionBuilder.hasArg()
-          .withArgName("dir").withDescription("directory to find "
+          .withLongOpt("keydir")
-              + "trusted key files").create('d'));
+          .withArgName("dir")
+          .withDescription("directory to find " + "trusted key files")
+          .create('d'));
 
-      opts.addOption(OptionBuilder.hasOptionalArg().withLongOpt("verbose")
+      opts.addOption(OptionBuilder.hasOptionalArg()
+          .withLongOpt("verbose")
           .withArgName("level")
-          .withDescription("verbosity level -- 0 is silence, "
+          .withDescription(
-              + "5 is debug information, 6 is trace information.\n"
+                           "verbosity level -- 0 is silence, "
-              + "default is level 5.").create('v'));
+                               + "5 is debug information, 6 is trace information.\n"
+                               + "default is level 5.")
+          .create('v'));
 
       opts.addOption(OptionBuilder.hasArg()
-          .withArgName("alias:original:mnemonic").withLongOpt("alg-alias")
+          .withArgName("alias:original:mnemonic")
-          .withDescription("Define an alias for an algorithm").create('A'));
+          .withLongOpt("alg-alias")
+          .withDescription("Define an alias for an algorithm")
+          .create('A'));
 
     }
 
@@ -114,16 +118,16 @@ public class VerifyZone
         Logger rootLogger = Logger.getLogger("");
         switch (value)
         {
-          case 0 :
+        case 0:
-            rootLogger.setLevel(Level.OFF);
+          rootLogger.setLevel(Level.OFF);
-            break;
+          break;
-          case 5 :
+        case 5:
-          default :
+        default:
-            rootLogger.setLevel(Level.FINE);
+          rootLogger.setLevel(Level.FINE);
-            break;
+          break;
-          case 6 :
+        case 6:
-            rootLogger.setLevel(Level.ALL);
+          rootLogger.setLevel(Level.ALL);
-            break;
+          break;
         }
       }
 
@@ -142,7 +146,7 @@ public class VerifyZone
           addArgAlias(optstrs[i]);
         }
       }
-      
+
       String[] cl_args = cli.getArgs();
 
       if (cl_args.length < 1)
@@ -163,22 +167,22 @@ public class VerifyZone
     private void addArgAlias(String s)
     {
       if (s == null) return;
-      
+
       DnsKeyAlgorithm algs = DnsKeyAlgorithm.getInstance();
-      
+
       String[] v = s.split(":");
       if (v.length < 2) return;
-      
+
       int alias = parseInt(v[0], -1);
       if (alias <= 0) return;
       int orig = parseInt(v[1], -1);
       if (orig <= 0) return;
       String mn = null;
       if (v.length > 2) mn = v[2];
-      
+
       algs.addAlias(alias, mn, orig);
     }
-    
+
     /** Print out the usage and help statements, then quit. */
     public void usage()
     {
@@ -187,14 +191,10 @@ public class VerifyZone
       PrintWriter out = new PrintWriter(System.err);
 
       // print our own usage statement:
-      f.printHelp(out,
+      f.printHelp(out, 75, "verifyZone.sh [..options..] zonefile "
-          75,
+          + "[keyfile [keyfile...]]", null, opts,
-          "verifyZone.sh [..options..] zonefile " + "[keyfile [keyfile...]]",
+                  HelpFormatter.DEFAULT_LEFT_PAD,
-          null,
+                  HelpFormatter.DEFAULT_DESC_PAD, null);
-          opts,
-          HelpFormatter.DEFAULT_LEFT_PAD,
-          HelpFormatter.DEFAULT_DESC_PAD,
-          null);
 
       out.flush();
       System.exit(64);
@@ -204,8 +204,10 @@ public class VerifyZone
     /**
      * This is just a convenience method for parsing integers from strings.
      * 
-     * @param s the string to parse.
+     * @param s
-     * @param def the default value, if the string doesn't parse.
+     *          the string to parse.
+     * @param def
+     *          the default value, if the string doesn't parse.
      * @return the parsed integer, or the default.
      */
     private static int parseInt(String s, int def)
@@ -327,19 +329,19 @@ public class VerifyZone
 
     switch (result)
     {
-      case DNSSEC.Failed :
+    case DNSSEC.Failed:
+      System.out.println("zone did not verify.");
+      System.exit(1);
+      break;
+    case DNSSEC.Insecure:
+      if (state.strict)
+      {
         System.out.println("zone did not verify.");
         System.exit(1);
-        break;
+      }
-      case DNSSEC.Insecure :
+    case DNSSEC.Secure:
-        if (state.strict)
+      System.out.println("zone verified.");
-        {
+      break;
-          System.out.println("zone did not verify.");
-          System.exit(1);
-        }
-      case DNSSEC.Secure :
-        System.out.println("zone verified.");
-        break;
     }
     System.exit(0);
   }
@@ -354,8 +356,7 @@ public class VerifyZone
     }
     catch (UnrecognizedOptionException e)
     {
-      System.err.println("error: unknown option encountered: "
+      System.err.println("error: unknown option encountered: " + e.getMessage());
-          + e.getMessage());
       state.usage();
     }
     catch (AlreadySelectedException e)

src/com/verisignlabs/dnssec/cl/ZoneFormat.java

@@ -56,7 +56,7 @@ public class ZoneFormat
   private static class CLIState
   {
     private org.apache.commons.cli.Options opts;
-    public String   file;
+    public String                          file;
 
     public CLIState()
     {
@@ -79,16 +79,16 @@ public class ZoneFormat
         Logger rootLogger = Logger.getLogger("");
         switch (value)
         {
-          case 0 :
+        case 0:
-            rootLogger.setLevel(Level.OFF);
+          rootLogger.setLevel(Level.OFF);
-            break;
+          break;
-          case 5 :
+        case 5:
-          default :
+        default:
-            rootLogger.setLevel(Level.FINE);
+          rootLogger.setLevel(Level.FINE);
-            break;
+          break;
-          case 6 :
+        case 6:
-            rootLogger.setLevel(Level.ALL);
+          rootLogger.setLevel(Level.ALL);
-            break;
+          break;
         }
       }
 
@@ -133,14 +133,9 @@ public class ZoneFormat
       PrintWriter out = new PrintWriter(System.err);
 
       // print our own usage statement:
-      f.printHelp(out,
+      f.printHelp(out, 75, "jdnssec-zoneformat [..options..] zonefile", null,
-          75,
+                  opts, HelpFormatter.DEFAULT_LEFT_PAD,
-          "jdnssec-zoneformat [..options..] zonefile",
+                  HelpFormatter.DEFAULT_DESC_PAD, null);
-          null,
-          opts,
-          HelpFormatter.DEFAULT_LEFT_PAD,
-          HelpFormatter.DEFAULT_DESC_PAD,
-          null);
 
       out.flush();
       System.exit(64);
@@ -150,8 +145,10 @@ public class ZoneFormat
     /**
      * This is just a convenience method for parsing integers from strings.
      * 
-     * @param s the string to parse.
+     * @param s
-     * @param def the default value, if the string doesn't parse.
+     *          the string to parse.
+     * @param def
+     *          the default value, if the string doesn't parse.
      * @return the parsed integer, or the default.
      */
     private static int parseInt(String s, int def)
@@ -194,13 +191,14 @@ public class ZoneFormat
     RecordComparator cmp = new RecordComparator();
 
     Collections.sort(zone, cmp);
-    
+
-    for (Iterator i = zone.iterator(); i.hasNext(); )
+    for (Iterator i = zone.iterator(); i.hasNext();)
     {
       Record r = (Record) i.next();
       System.out.println(r.toString());
     }
   }
+
   private static void execute(CLIState state) throws IOException
   {
     List z = readZoneFile(state.file);
@@ -217,8 +215,7 @@ public class ZoneFormat
     }
     catch (UnrecognizedOptionException e)
     {
-      System.err.println("error: unknown option encountered: "
+      System.err.println("error: unknown option encountered: " + e.getMessage());
-          + e.getMessage());
       state.usage();
     }
     catch (AlreadySelectedException e)

src/com/verisignlabs/dnssec/security/BINDKeyUtils.java

@@ -119,7 +119,7 @@ public class BINDKeyUtils
       key_buf.append('\n');
     }
     in.close();
-    
+
     return key_buf.toString().trim();
   }
 
@@ -138,18 +138,23 @@ public class BINDKeyUtils
   }
 
   /**
-   * Given the information necessary to construct the path to a BIND9
+   * Given the information necessary to construct the path to a BIND9 generated
-   * generated key pair, load the key pair.
+   * key pair, load the key pair.
    * 
-   * @param signer the DNS name of the key.
+   * @param signer
-   * @param algorithm the DNSSEC algorithm of the key.
+   *          the DNS name of the key.
-   * @param keyid the DNSSEC key footprint.
+   * @param algorithm
-   * @param inDirectory the directory to look for the files (may be null).
+   *          the DNSSEC algorithm of the key.
+   * @param keyid
+   *          the DNSSEC key footprint.
+   * @param inDirectory
+   *          the directory to look for the files (may be null).
    * @return the loaded key pair.
-   * @throws IOException if there was a problem reading the BIND9 files.
+   * @throws IOException
+   *           if there was a problem reading the BIND9 files.
    */
   public static DnsKeyPair loadKeyPair(Name signer, int algorithm, int keyid,
-      File inDirectory) throws IOException
+                                       File inDirectory) throws IOException
   {
     String keyFileBase = getKeyFileBase(signer, algorithm, keyid);
 
@@ -159,15 +164,17 @@ public class BINDKeyUtils
   /**
    * Given a base path to a BIND9 key pair, load the key pair.
    * 
-   * @param keyFileBasePath the base filename (or real filename for either the
+   * @param keyFileBasePath
-   *          public or private key) of the key.
+   *          the base filename (or real filename for either the public or
-   * @param inDirectory the directory to look in, if the keyFileBasePath is
+   *          private key) of the key.
-   *          relative.
+   * @param inDirectory
+   *          the directory to look in, if the keyFileBasePath is relative.
    * @return the loaded key pair.
-   * @throws IOException if there was a problem reading the files
+   * @throws IOException
+   *           if there was a problem reading the files
    */
-  public static DnsKeyPair loadKeyPair(String keyFileBasePath,
+  public static DnsKeyPair loadKeyPair(String keyFileBasePath, File inDirectory)
-      File inDirectory) throws IOException
+      throws IOException
   {
     keyFileBasePath = fixKeyFileBasePath(keyFileBasePath);
     // FIXME: should we throw the IOException when one of the files
@@ -190,12 +197,13 @@ public class BINDKeyUtils
    * Given a base path to a BIND9 key pair, load the public part (only) of the
    * key pair
    * 
-   * @param keyFileBasePath the base or real path to the public part of a key
+   * @param keyFileBasePath
-   *          pair.
+   *          the base or real path to the public part of a key pair.
-   * @param inDirectory the directory to look in if the path is relative (may
+   * @param inDirectory
-   *          be null).
+   *          the directory to look in if the path is relative (may be null).
    * @return a {@link DnsKeyPair} containing just the public key information.
-   * @throws IOException if there was a problem reading the public key file.
+   * @throws IOException
+   *           if there was a problem reading the public key file.
    */
   public static DnsKeyPair loadKey(String keyFileBasePath, File inDirectory)
       throws IOException
@@ -212,15 +220,18 @@ public class BINDKeyUtils
   }
 
   /**
-   * Load a BIND keyset file. The BIND 9 dnssec tools typically call these
+   * Load a BIND keyset file. The BIND 9 dnssec tools typically call these files
-   * files "keyset-[signer]." where [signer] is the DNS owner name of the key.
+   * "keyset-[signer]." where [signer] is the DNS owner name of the key. The
-   * The keyset may be signed, but doesn't have to be.
+   * keyset may be signed, but doesn't have to be.
    * 
-   * @param keysetFileName the name of the keyset file.
+   * @param keysetFileName
-   * @param inDirectory the directory to look in if the path is relative (may
+   *          the name of the keyset file.
-   *          be null, defaults to the current working directory).
+   * @param inDirectory
+   *          the directory to look in if the path is relative (may be null,
+   *          defaults to the current working directory).
    * @return a RRset contain the KEY records and any associated SIG records.
-   * @throws IOException if there was a problem reading the keyset file.
+   * @throws IOException
+   *           if there was a problem reading the keyset file.
    */
   public static RRset loadKeySet(String keysetFileName, File inDirectory)
       throws IOException
@@ -242,8 +253,8 @@ public class BINDKeyUtils
   /**
    * Calculate the key file base for this key pair.
    * 
-   * @param pair the {@link DnsKeyPair} to work from. It only needs a public
+   * @param pair
-   *          key.
+   *          the {@link DnsKeyPair} to work from. It only needs a public key.
    * @return the base name of the key files.
    */
   public static String keyFileBase(DnsKeyPair pair)
@@ -251,9 +262,8 @@ public class BINDKeyUtils
     DNSKEYRecord keyrec = pair.getDNSKEYRecord();
     if (keyrec == null) return null;
 
-    return getKeyFileBase(keyrec.getName(),
+    return getKeyFileBase(keyrec.getName(), keyrec.getAlgorithm(),
-        keyrec.getAlgorithm(),
+                          keyrec.getFootprint());
-        keyrec.getFootprint());
   }
 
   /**
@@ -281,10 +291,11 @@ public class BINDKeyUtils
   }
 
   /**
-   * Given a the contents of a BIND9 private key file, convert it into a
+   * Given a the contents of a BIND9 private key file, convert it into a native
-   * native {@link java.security.PrivateKey} object.
+   * {@link java.security.PrivateKey} object.
    * 
-   * @param privateKeyString the contents of a BIND9 key file in string form.
+   * @param privateKeyString
+   *          the contents of a BIND9 key file in string form.
    * @return a {@link java.security.PrivateKey}
    */
   public static PrivateKey convertPrivateKeyString(String privateKeyString)
@@ -314,13 +325,14 @@ public class BINDKeyUtils
    * Given a native private key, convert it into a BIND9 private key file
    * format.
    * 
-   * @param priv the private key to convert.
+   * @param priv
-   * @param pub the private key's corresponding public key. Some algorithms
+   *          the private key to convert.
+   * @param pub
+   *          the private key's corresponding public key. Some algorithms
    *          require information from both.
    * @return a string containing the contents of a BIND9 private key file.
    */
-  public static String convertPrivateKey(PrivateKey priv, PublicKey pub,
+  public static String convertPrivateKey(PrivateKey priv, PublicKey pub, int alg)
-      int alg)
   {
     if (priv != null)
     {
@@ -337,9 +349,8 @@ public class BINDKeyUtils
 
   /**
    * Convert the KEY record to the exact string format that the dnssec-*
-   * routines need. Currently, the DNSJAVA package uses a multiline mode for
+   * routines need. Currently, the DNSJAVA package uses a multiline mode for its
-   * its record formatting. The BIND9 tools require everything on a single
+   * record formatting. The BIND9 tools require everything on a single line.
-   * line.
    */
   private static String DNSKEYtoString(DNSKEYRecord rec)
   {
@@ -361,23 +372,26 @@ public class BINDKeyUtils
   /**
    * This routine will write out the BIND9 dnssec-* tool compatible files.
    * 
-   * @param baseFileName use this base file name. If null, the standard BIND9
+   * @param baseFileName
-   *          base file name will be computed.
+   *          use this base file name. If null, the standard BIND9 base file
-   * @param pair the keypair in question.
+   *          name will be computed.
-   * @param inDirectory the directory to write to (may be null).
+   * @param pair
-   * @throws IOException if there is a problem writing the files.
+   *          the keypair in question.
+   * @param inDirectory
+   *          the directory to write to (may be null).
+   * @throws IOException
+   *           if there is a problem writing the files.
    */
   public static void writeKeyFiles(String baseFileName, DnsKeyPair pair,
-      File inDirectory) throws IOException
+                                   File inDirectory) throws IOException
   {
     DNSKEYRecord pub = pair.getDNSKEYRecord();
     String priv = pair.getPrivateKeyString();
 
     if (priv == null)
     {
-      priv = convertPrivateKey(pair.getPrivate(),
+      priv = convertPrivateKey(pair.getPrivate(), pair.getPublic(),
-          pair.getPublic(),
+                               pair.getDNSKEYAlgorithm());
-          pair.getDNSKEYAlgorithm());
     }
 
     if (pub == null || priv == null) return;
@@ -397,11 +411,13 @@ public class BINDKeyUtils
   }
 
   /**
-   * This routine will write out the BIND9 dnssec-* tool compatible files to
+   * This routine will write out the BIND9 dnssec-* tool compatible files to the
-   * the standard file names.
+   * standard file names.
    * 
-   * @param pair the key pair in question.
+   * @param pair
-   * @param inDirectory the directory to write to (may be null).
+   *          the key pair in question.
+   * @param inDirectory
+   *          the directory to write to (may be null).
    */
   public static void writeKeyFiles(DnsKeyPair pair, File inDirectory)
       throws IOException

src/com/verisignlabs/dnssec/security/ByteArrayComparator.java

@@ -21,9 +21,9 @@ package com.verisignlabs.dnssec.security;
 import java.util.Comparator;
 
 /**
- * This class implements a basic comparitor for byte arrays. It is primarily
+ * This class implements a basic comparator for byte arrays. It is primarily
- * useful for comparing RDATA portions of DNS records in doing DNSSEC
+ * useful for comparing RDATA portions of DNS records in doing DNSSEC canonical
- * canonical ordering.
+ * ordering.
  * 
  * @author David Blacka (original)
  * @author $Author$

src/com/verisignlabs/dnssec/security/DnsKeyConverter.java

@@ -77,7 +77,6 @@ public class DnsKeyConverter
   {
     if (pKeyRecord.getKey() == null) return null;
 
-    // FIXME: this won't work at all with alg aliases.
     // For now, instead of re-implementing parseRecord (or adding this stuff
     // to DNSjava), we will just translate the algorithm back to a standard
     // algorithm. Note that this will unnecessarily convert RSAMD5 to RSASHA1.

src/com/verisignlabs/dnssec/security/DnsKeyPair.java

@@ -26,10 +26,10 @@ import org.xbill.DNS.*;
 
 /**
  * This class forms the basis for representing public/private key pairs in a
- * DNSSEC context. It is possible to get a JCA public and private key from
+ * DNSSEC context. It is possible to get a JCA public and private key from this
- * this object, as well as a DNSKEYRecord encoding of the public key. This
+ * object, as well as a DNSKEYRecord encoding of the public key. This class is
- * class is implemented as a UNION of all the functionality needed for handing
+ * implemented as a UNION of all the functionality needed for handing native
- * native java, BIND, and possibly other underlying DNSKEY engines.
+ * java, BIND, and possibly other underlying DNSKEY engines.
  * 
  * JCA == Java Cryptography Architecture.
  * 
@@ -47,8 +47,8 @@ public class DnsKeyPair
   protected DNSKEYRecord    mPublicKeyRecord;
 
   /**
-   * This is a precalcuated cache of the KEYRecord converted into a JCA public
+   * This is a pre-calculated cache of the DNSKEYRecord converted into a JCA
-   * key.
+   * public key.
    */
   private PublicKey         mPublicKey;
 
@@ -59,8 +59,8 @@ public class DnsKeyPair
   protected String          mPrivateKeyString;
 
   /**
-   * The private key in JCA format. This is the base encoding for instances
+   * The private key in JCA format. This is the base encoding for instances where
-   * were JCA private keys are used.
+   * JCA private keys are used.
    */
   protected PrivateKey      mPrivateKey;
 
@@ -73,7 +73,7 @@ public class DnsKeyPair
   protected Signature       mSigner;
 
   /**
-   * a caches Signature used for verifying (intialized with the public key)
+   * a caches Signature used for verifying (initialized with the public key)
    */
   protected Signature       mVerifier;
 
@@ -113,12 +113,8 @@ public class DnsKeyPair
     this();
 
     DnsKeyConverter conv = new DnsKeyConverter();
-    DNSKEYRecord keyrec = conv.generateDNSKEYRecord(keyName,
+    DNSKEYRecord keyrec = conv.generateDNSKEYRecord(keyName, DClass.IN, 0, 0,
-        DClass.IN,
+                                                    algorithm, publicKey);
-        0,
-        0,
-        algorithm,
-        publicKey);
     setDNSKEYRecord(keyrec);
     setPrivate(privateKey);
   }
@@ -208,9 +204,8 @@ public class DnsKeyPair
     if (mPrivateKeyString == null && mPrivateKey != null)
     {
       PublicKey pub = getPublic();
-      mPrivateKeyString = BINDKeyUtils.convertPrivateKey(mPrivateKey,
+      mPrivateKeyString = BINDKeyUtils.convertPrivateKey(mPrivateKey, pub,
-          pub,
+                                                         getDNSKEYAlgorithm());
-          getDNSKEYAlgorithm());
     }
 
     return mPrivateKeyString;
@@ -231,9 +226,9 @@ public class DnsKeyPair
   }
 
   /**
-   * Sets the private key from the encoded form (PKCS#8). This routine
+   * Sets the private key from the encoded form (PKCS#8). This routine requires
-   * requires that the public key already be assigned. Currently it can only
+   * that the public key already be assigned. Currently it can only handle DSA
-   * handle DSA and RSA keys.
+   * and RSA keys.
    */
   public void setEncodedPrivate(byte[] encoded)
   {
@@ -275,7 +270,7 @@ public class DnsKeyPair
       }
       else
       {
-        // do not return an unitialized signer.
+        // do not return an uninitialized signer.
         return null;
       }
     }
@@ -301,11 +296,12 @@ public class DnsKeyPair
           mVerifier.initVerify(pk);
         }
         catch (InvalidKeyException e)
-        {}
+        {
+        }
       }
       else
       {
-        // do not return an unitialized verifier
+        // do not return an uninitialized verifier
         return null;
       }
     }

src/com/verisignlabs/dnssec/security/DnsSecVerifier.java

@@ -95,10 +95,7 @@ public class DnsSecVerifier implements Verifier
       {
         DnsKeyPair p = (DnsKeyPair) i.next();
         if (p.getDNSKEYAlgorithm() == algorithm
-            && p.getDNSKEYFootprint() == keyid)
+            && p.getDNSKEYFootprint() == keyid) { return p; }
-        {
-          return p;
-        }
       }
       return null;
     }
@@ -154,7 +151,7 @@ public class DnsSecVerifier implements Verifier
   }
 
   private DnsKeyPair findCachedKey(Cache cache, Name name, int algorithm,
-      int footprint)
+                                   int footprint)
   {
     RRset[] keysets = cache.findAnyRecords(name, Type.KEY);
     if (keysets == null) return null;
@@ -167,17 +164,15 @@ public class DnsSecVerifier implements Verifier
       if (!(o instanceof DNSKEYRecord)) continue;
       DNSKEYRecord keyrec = (DNSKEYRecord) o;
       if (keyrec.getAlgorithm() == algorithm
-          && keyrec.getFootprint() == footprint)
+          && keyrec.getFootprint() == footprint) { return new DnsKeyPair(
-      {
+          keyrec, (PrivateKey) null); }
-        return new DnsKeyPair(keyrec, (PrivateKey) null);
-      }
     }
 
     return null;
   }
 
   private DnsKeyPair findKey(Cache cache, Name name, int algorithm,
-      int footprint)
+                             int footprint)
   {
     DnsKeyPair pair = mKeyStore.find(name, algorithm, footprint);
     if (pair == null && cache != null)
@@ -238,9 +233,9 @@ public class DnsSecVerifier implements Verifier
   /**
    * Verify an RRset against a particular signature.
    * 
-   * @return DNSSEC.Secure if the signature verfied, DNSSEC.Failed if it did
+   * @return DNSSEC.Secure if the signature verfied, DNSSEC.Failed if it did not
-   *         not verify (for any reason), and DNSSEC.Insecure if verification
+   *         verify (for any reason), and DNSSEC.Insecure if verification could
-   *         could not be completed (usually because the public key was not
+   *         not be completed (usually because the public key was not
    *         available).
    */
   public byte verifySignature(RRset rrset, RRSIGRecord sigrec, Cache cache)
@@ -248,10 +243,8 @@ public class DnsSecVerifier implements Verifier
     byte result = validateSignature(rrset, sigrec);
     if (result != DNSSEC.Secure) return result;
 
-    DnsKeyPair keypair = findKey(cache,
+    DnsKeyPair keypair = findKey(cache, sigrec.getSigner(),
-        sigrec.getSigner(),
+                                 sigrec.getAlgorithm(), sigrec.getFootprint());
-        sigrec.getAlgorithm(),
-        sigrec.getFootprint());
 
     if (keypair == null)
     {
@@ -264,17 +257,17 @@ public class DnsSecVerifier implements Verifier
       byte[] data = SignUtils.generateSigData(rrset, sigrec);
 
       DnsKeyAlgorithm algs = DnsKeyAlgorithm.getInstance();
-      
+
       Signature signer = keypair.getVerifier();
       signer.update(data);
 
       byte[] sig = sigrec.getSignature();
-      
+
       if (algs.baseType(sigrec.getAlgorithm()) == DnsKeyAlgorithm.DSA)
       {
         sig = SignUtils.convertDSASignature(sig);
       }
-      
+
       if (!signer.verify(sig))
       {
         log.info("Signature failed to verify cryptographically");
@@ -299,8 +292,8 @@ public class DnsSecVerifier implements Verifier
   /**
    * Verifies an RRset. This routine does not modify the RRset.
    * 
-   * @return DNSSEC.Secure if the set verified, DNSSEC.Failed if it did not,
+   * @return DNSSEC.Secure if the set verified, DNSSEC.Failed if it did not, and
-   *         and DNSSEC.Insecure if verification could not complete.
+   *         DNSSEC.Insecure if verification could not complete.
    */
   public int verify(RRset rrset, Cache cache)
   {

src/com/verisignlabs/dnssec/security/RecordComparator.java

@@ -26,10 +26,9 @@ import org.xbill.DNS.Record;
 import org.xbill.DNS.Type;
 
 /**
- * This class implements a comparison operator for {@link
+ * This class implements a comparison operator for {@link org.xbill.DNS.Record}
- * org.xbill.DNS.Record} objects. It imposes a canonical order consistent with
+ * objects. It imposes a canonical order consistent with DNSSEC. It does not put
- * DNSSEC. It does not put records within a RRset into canonical order: see
+ * records within a RRset into canonical order: see {@link ByteArrayComparator}.
- * {@link ByteArrayComparator}.
  * 
  * @author David Blacka (original)
  * @author $Author$
@@ -43,8 +42,8 @@ public class RecordComparator implements Comparator
   }
 
   /**
-   * In general, types are compared numerically. However, SOA and NS are
+   * In general, types are compared numerically. However, SOA and NS are ordered
-   * ordered before the rest.
+   * before the rest.
    */
   private int compareTypes(int a, int b)
   {
@@ -64,15 +63,15 @@ public class RecordComparator implements Comparator
   {
     byte[] a_rdata = a.rdataToWireCanonical();
     byte[] b_rdata = b.rdataToWireCanonical();
-    
+
-    for (int i = 0; i < a_rdata.length && i < b_rdata.length; i++) 
+    for (int i = 0; i < a_rdata.length && i < b_rdata.length; i++)
     {
       int n = (a_rdata[i] & 0xFF) - (b_rdata[i] & 0xFF);
       if (n != 0) return n;
     }
     return (a_rdata.length - b_rdata.length);
   }
-  
+
   public int compare(Object o1, Object o2) throws ClassCastException
   {
     Record a = (Record) o1;

src/com/verisignlabs/dnssec/security/SHA256.java

@@ -56,7 +56,7 @@ public class SHA256
   }
 
   // Constants "K"
-  private static final int K[]      = {0x428a2f98, 0x71374491, 0xb5c0fbcf,
+  private static final int K[]      = { 0x428a2f98, 0x71374491, 0xb5c0fbcf,
       0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 0xd807aa98,
       0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7,
       0xc19bf174, 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f,
@@ -67,7 +67,7 @@ public class SHA256
       0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c,
       0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 0x748f82ee,
       0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7,
-      0xc67178f2                    };
+      0xc67178f2                   };
 
   private int              digest[] = new int[8];
   private byte             data[];
@@ -160,11 +160,11 @@ public class SHA256
     int aBlock[];
     byte byteBlock[];
 
-//    for (int n = 0; n < data.length; n++)
+    // for (int n = 0; n < data.length; n++)
-//    {
+    // {
-//      System.out.print(Integer.toHexString(data[n]) + " ");
+    // System.out.print(Integer.toHexString(data[n]) + " ");
-//    }
+    // }
-//    System.out.println("\n\n");
+    // System.out.println("\n\n");
     if (data.length > 64)
     {
       int n = data.length / 64;
@@ -200,8 +200,7 @@ public class SHA256
   }
 
   /*
-   * this is the method that actually performs the digest and returns the
+   * this is the method that actually performs the digest and returns the result
-   * result
    */
   private void transform(int block[])
   {
@@ -242,14 +241,14 @@ public class SHA256
       B = A;
       A = T1 + T2;
 
-//      System.out.println("A: " + Integer.toHexString(A));
+      // System.out.println("A: " + Integer.toHexString(A));
-//      System.out.println("B: " + Integer.toHexString(B));
+      // System.out.println("B: " + Integer.toHexString(B));
-//      System.out.println("C: " + Integer.toHexString(C));
+      // System.out.println("C: " + Integer.toHexString(C));
-//      System.out.println("D: " + Integer.toHexString(D));
+      // System.out.println("D: " + Integer.toHexString(D));
-//      System.out.println("E: " + Integer.toHexString(E));
+      // System.out.println("E: " + Integer.toHexString(E));
-//      System.out.println("F: " + Integer.toHexString(F));
+      // System.out.println("F: " + Integer.toHexString(F));
-//      System.out.println("G: " + Integer.toHexString(G));
+      // System.out.println("G: " + Integer.toHexString(G));
-//      System.out.println("H: " + Integer.toHexString(H) + "\n");
+      // System.out.println("H: " + Integer.toHexString(H) + "\n");
 
     }
 

src/com/verisignlabs/dnssec/security/TypeMap.java

@@ -12,8 +12,8 @@ import org.xbill.DNS.DNSOutput;
 import org.xbill.DNS.Type;
 
 /**
- * This class represents the multiple type maps of the NSEC record. Currently
+ * This class represents the multiple type maps of the NSEC record. Currently it
- * it is just used to convert the wire format type map to the int array that
+ * is just used to convert the wire format type map to the int array that
  * org.xbill.DNS.NSECRecord uses.
  */
 
@@ -59,8 +59,8 @@ public class TypeMap
   }
 
   /**
-   * Given an array of bytes representing a wire-format type map, construct
+   * Given an array of bytes representing a wire-format type map, construct the
-   * the TypeMap object.
+   * TypeMap object.
    */
   public static TypeMap fromBytes(byte[] map)
   {
@@ -109,7 +109,7 @@ public class TypeMap
   }
 
   protected static void mapToWire(DNSOutput out, int[] types, int base,
-      int start, int end)
+                                  int start, int end)
   {
     // calculate the length of this map by looking at the largest
     // typecode in this section.

src/com/verisignlabs/dnssec/security/ZoneUtils.java

@@ -33,7 +33,6 @@ import org.xbill.DNS.RRset;
 import org.xbill.DNS.Record;
 import org.xbill.DNS.Type;
 
-
 /**
  * This class contains a bunch of utility methods that are generally useful in
  * manipulating zones.
@@ -48,11 +47,14 @@ public class ZoneUtils
   /**
    * Load a zone file.
    * 
-   * @param zonefile the filename/path of the zonefile to read.
+   * @param zonefile
-   * @param origin the origin to use for the zonefile (may be null if the
+   *          the filename/path of the zonefile to read.
-   *          origin is specified in the zone file itself).
+   * @param origin
+   *          the origin to use for the zonefile (may be null if the origin is
+   *          specified in the zone file itself).
    * @return a {@link java.util.List} of {@link org.xbill.DNS.Record} objects.
-   * @throws IOException if something goes wrong reading the zone file.
+   * @throws IOException
+   *           if something goes wrong reading the zone file.
    */
   public static List readZoneFile(String zonefile, Name origin)
       throws IOException
@@ -73,10 +75,11 @@ public class ZoneUtils
   /**
    * Write the records out into a zone file.
    * 
-   * @param records a {@link java.util.List} of {@link org.xbill.DNS.Record}
+   * @param records
-   *          objects forming a zone.
+   *          a {@link java.util.List} of {@link org.xbill.DNS.Record} objects
-   * @param zonefile the file to write to. If null or equal to "-", System.out
+   *          forming a zone.
-   *          is used.
+   * @param zonefile
+   *          the file to write to. If null or equal to "-", System.out is used.
    */
   public static void writeZoneFile(List records, String zonefile)
       throws IOException
@@ -103,8 +106,9 @@ public class ZoneUtils
   /**
    * Given just the list of records, determine the zone name (origin).
    * 
-   * @param records a list of {@link org.xbill.DNS.Record} or {@link
+   * @param records
-   *          org.xbill.DNS.RRset} objects.
+   *          a list of {@link org.xbill.DNS.Record} or
+   *          {@link org.xbill.DNS.RRset} objects.
    * @return the zone name, if found. null if one couldn't be found.q
    */
   public static Name findZoneName(List records)