David Blacka
1406cd2e68
remove ECC-GOST, add new DS algorithms ( #18 )
2024-04-13 11:39:18 -04:00
David Blacka
1727d7c7d8
Cli improvements ( #17 )
...
* add config file processing, refactor CLIBase some
* fix algorithm aliases with key generation
* Refactor to remove CLIState et al, move CLI common statics to new Utils
* only use usage() for help, otherwise fail()
* add a universal command line client, build a one-jar to use it.
* bump the version
* update ChangeLog, README, README.TODO, minor fixes
* undo overzealous find/replace. sigh.
* fix use_large_exponent logic in KeyGen
* more fixes, minor improvements
2024-04-07 21:12:56 -04:00
David Blacka
2876649a4e
EdDSA, sonarlint fixes, and cleanup ( #16 )
...
* update commons-cli, dnsjava, remove gradle, set to java 17
* use baseAlgorithm enum instead of static ints
* sonarlint changes
* sonarlint/formatting for SignUtils
* sonarlint, formatting for RecordComparitor and JCEDnsSecSigner
* update a few defaults
* redo the SignZone logic around finding keys; more output for it.
* refactor getVerifier()
* sonarlint and formatting for the rest
* use SunEC for the algs 15, 16; support alg 16 finally
* address my self-review comments
2024-03-30 22:21:32 -04:00
David Blacka
6118ae718e
Fix issue 14 ( #15 )
...
handle duplicate key tags, gen duplicate key tags, other minor cleanup
2024-03-25 00:38:47 -04:00
David Blacka
e73b5ddd53
add -t option to verifyzone
2023-07-24 08:10:10 -04:00
David Blacka
3601676406
Fix critical typo in ZoneVerifier; more sonarlint
2023-07-24 00:12:28 -04:00
David Blacka
69a0a34239
do not use Collections.emptyList()
2023-07-23 23:45:47 -04:00
David Blacka
e322186112
Port to DNSJava 3.5.1, Java 8, linter fixes ( #13 )
...
* Initial port to dnsjava 3.5.1
* java.util.Date -> java.time.Instant
* for (Iterator ..) to for ( Object : List )
* DSRecord.<digest type> -> DNSSEC.Digest.<type>
* source to java 8
* formatting overhaul; copyright; author
* add slf4j jars for dnsjava 3.5.1
* NSEC/NSEC3 ttls are now min(soa.min, soa.ttl)
* Upgrade to commons-cli-1.5; some linter fixes
* Add CDS support of jdnssec-dstool
* linter suggestions
* add a TODO list
* Add a TODO list
2022-09-21 14:24:42 -04:00
David Blacka
bfb5ff45ee
Fixes #11 : add TTL to generated DNSKEYs
...
Also, update the gradle wrapper
2022-06-11 21:20:57 -04:00
David Blacka
9004a33d51
Exit with non-zero with exception. Fix dnsjava lib.
...
It is unclear how we got the version of dnsjava that was checked in.
The same version build from the jdnssec-dnsjava repo was different.
This fixes the "missing CAA" support issue.
2019-02-26 14:26:18 +00:00
David Blacka
7d27694d9a
Some DNSKeyAlgorithm class cleanup
2018-11-16 13:57:16 +00:00
David Blacka
c37f436e72
Merge branch 'alg-15-support' of https://github.com/pallaviaras/jdnssec-tools into pallaviaras-alg-15-support
2018-07-15 16:57:59 +00:00
David Blacka
781e775b3b
Use the actual private key for ed25519
2018-07-15 16:56:15 +00:00
Pallavi
d0e85431c5
Added support for gradle and restructured the source code directory from src to src/main/java directory
2018-07-15 10:59:40 -04:00
David Blacka
55a139db82
Allow for epoch start/expire times; add verboseSigning to jdnssec-signrrset
2018-07-15 14:57:41 +00:00
David Blacka
b291bb430b
Use correct encoding for the alg 15 DNSKEYRecord
2018-07-15 12:17:12 +00:00
David Blacka
a9353b3af3
Now able to generated alg 15 keypairs
...
They _look_ correct, but may not be.
2018-07-15 00:54:10 +00:00
David Blacka
7706b73d8c
Start of alg 15/16 support
2018-07-14 22:06:49 +00:00
David Blacka
4853426d6c
Merge pull request #5 from PowerDNS/failure-exit
...
exit(1) if the zone had errors
2017-06-23 09:55:52 -04:00
Peter van Dijk
b19bc5ffa3
exit(1) if the zone had errors
2017-06-22 14:34:14 +02:00
Kees Monshouwer
ca2a932485
fix multiple leading zeros padding in ECDSA sig conversion
2017-06-22 14:32:14 +02:00
Peter van Dijk
171594a92d
fix leading zero padding in ECDSA sig conversion
2017-02-28 12:24:00 +01:00
David Blacka
8d3746fc22
Validate the the RRset TTL is <= the OrigTTL.
2017-01-06 12:54:16 -05:00
David Blacka
444601fb2a
Detect duplicate RRSIGs as well.
2017-01-06 12:53:57 -05:00
David Blacka
c5896495c7
Either R or S could end up being shorter than the expected length, so adjust for that.
2017-01-05 13:50:48 -05:00
David Blacka
f170bd170a
Elliptic curve support.
...
Improve usage, unknown algorithm error handling in jdnssec-keygen
Use the bouncycastle crypto provider for ECCGOST if available
2016-12-09 17:52:10 -05:00
David Blacka
15cb5e2ab7
Fix issue in jdnssec-verifyzone (and ZoneVerifier) where junk in the zone wouldn't be handled correctly (that is, ignored.)
2014-04-22 16:39:00 -04:00
David Blacka
9fad4941a6
Make jdnssec-zoneformat -N also compute NSEC3 original owner names for ENTs
2014-04-22 16:37:58 -04:00
David Blacka
a45f5d1df7
use the perfectly OK (now) TypeMap.toString() method.
2012-07-16 14:16:42 -04:00
David Blacka
3da308c4b9
Fix TypeMap.fromBytes() and add a TypeMap.fromString() method.
2012-07-16 14:16:13 -04:00
David Blacka
d3e8c4c913
Add duplicate RR detection to jdnssec-verifyzone, and a command line option to disable it.
2012-05-26 23:14:12 -04:00
David Blacka
69d965cc0f
Wrap the new exceptions to mimic prior behavior.
2012-05-26 16:40:50 -04:00
David Blacka
ca7f10bd07
Instead of using DNSSEC.Secure, DNSSEC.Failed, etc, just use boolean results.
...
This means we lose the idea of Insecure, but that wasn't effectively being used anyway.
Further, remove any use of the DNSJava Cache class -- that also wasn't being used.
2012-05-26 16:40:50 -04:00
David Blacka
25cc81d46a
Replace use of old KEYConverter with new DNSKEYRecord constructor.
2012-05-26 16:40:50 -04:00
David Blacka
2a90a6ccd9
byte -> int for NSEC3 digest type.
2012-05-26 16:40:49 -04:00
David Blacka
b18a96cbfc
Change dnsjava algorithm references from DNSSEC.<alg> to DNSSEC.Algorithm.<alg>
2012-05-26 16:40:49 -04:00
David Blacka
fb75a5419f
Use generic types when possible.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@246 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-12 21:25:42 +00:00
David Blacka
91207aeed2
Refactor the command line classes with a new base class and upgrade
...
commons-cli to version 1.2.
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@245 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-12 21:25:26 +00:00
David Blacka
645b8a1a60
fix my logger normalization -- it was still defaulting to INFO.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@244 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-10 00:25:10 +00:00
David Blacka
453bf283ba
eclipse reformatting.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@242 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-09 23:58:56 +00:00
David Blacka
faae654a23
make reading and writing to stdin/stdout work for most of the tools
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@241 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-09 23:58:54 +00:00
David Blacka
73d930a850
for jdnssec-signzone and jdnssec-signrrset, make 'multiline' output NOT the default, and add a command line switch to enable it.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@240 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-09 23:58:51 +00:00
David Blacka
8347e5ffc3
fix usage statement printing.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@239 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-09 23:58:49 +00:00
David Blacka
c459de830f
update jdnssec-keygen to use a default algorithm of 8 instead of 5.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@238 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-03 20:29:54 +00:00
David Blacka
e770f01958
Clean up logging: recognize all levels for -v, normalize the code that forces java.util.logging to set the correct log level, normalize on the use of our very simple log formatter.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@237 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-03 20:24:33 +00:00
David Blacka
03737a1efd
Handle the new bind 9.7 private key files (hopefully).
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@227 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-02 19:36:40 +00:00
David Blacka
1616d07fe6
Add -N option for calculating original ownernames for NSEC3 RRs
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@226 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-02 19:36:14 +00:00
David Blacka
04d751ae56
Add -m option to jdnssec-zoneformat
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@225 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2011-02-02 18:59:06 +00:00
David Blacka
86072cbcc8
Add options for fudging or ignoring times in verifyzone.
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@224 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2010-12-14 18:01:12 +00:00
David Blacka
3d6b21b0fc
output changes for VerifyZone, some code cleanup and bug fixes for ZoneVerifier
...
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@220 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
2010-12-07 05:31:58 +00:00