davidb/jdnssec-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
172 Commits 2 Branches 12 Tags 13 MiB
12310b6b2d
Commit Graph

172 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Blacka
12310b6b2d
fix handling of IOExceptions when reading zone files (#20) 
* fix handling of ioexceptions when reading zone files

* bump the version
 2024-11-02 13:46:29 -04:00
David Blacka
1406cd2e68
remove ECC-GOST, add new DS algorithms (#18) 2024-04-13 11:39:18 -04:00
David Blacka
1727d7c7d8
Cli improvements (#17) 
* add config file processing, refactor CLIBase some

* fix algorithm aliases with key generation

* Refactor to remove CLIState et al, move CLI common statics to new Utils

* only use usage() for help, otherwise fail()

* add a universal command line client, build a one-jar to use it.

* bump the version

* update ChangeLog, README, README.TODO, minor fixes

* undo overzealous find/replace. sigh.

* fix use_large_exponent logic in KeyGen

* more fixes, minor improvements
 2024-04-07 21:12:56 -04:00
David Blacka
2876649a4e
EdDSA, sonarlint fixes, and cleanup (#16) 
* update commons-cli, dnsjava, remove gradle, set to java 17

* use baseAlgorithm enum instead of static ints

* sonarlint changes

* sonarlint/formatting for SignUtils

* sonarlint, formatting for RecordComparitor and JCEDnsSecSigner

* update a few defaults

* redo the SignZone logic around finding keys; more output for it.

* refactor getVerifier()

* sonarlint and formatting for the rest

* use SunEC for the algs 15, 16; support alg 16 finally

* address my self-review comments
 2024-03-30 22:21:32 -04:00
David Blacka
6118ae718e
Fix issue 14 (#15) 
handle duplicate key tags, gen duplicate key tags, other minor cleanup
 2024-03-25 00:38:47 -04:00
David Blacka
5fef1dcf24 forgot to commit the version update 2023-07-24 08:22:28 -04:00
David Blacka
e73b5ddd53 add -t option to verifyzone 2023-07-24 08:10:10 -04:00
David Blacka
3601676406 Fix critical typo in ZoneVerifier; more sonarlint 2023-07-24 00:12:28 -04:00
David Blacka
69a0a34239 do not use Collections.emptyList() 2023-07-23 23:45:47 -04:00
David Blacka
e322186112
Port to DNSJava 3.5.1, Java 8, linter fixes (#13) 
* Initial port to dnsjava 3.5.1

* java.util.Date -> java.time.Instant
* for (Iterator ..) to for ( Object : List )
* DSRecord.<digest type> -> DNSSEC.Digest.<type>
* source to java 8

* formatting overhaul; copyright; author

* add slf4j jars for dnsjava 3.5.1

* NSEC/NSEC3 ttls are now min(soa.min, soa.ttl)

* Upgrade to commons-cli-1.5; some linter fixes

* Add CDS support of jdnssec-dstool

* linter suggestions

* add a TODO list

* Add a TODO list
 2022-09-21 14:24:42 -04:00
David Blacka
ce1189703f
Merge pull request #12 from dblacka/davidb/add-ttl-to-keygen 
Fixes #11: add TTL to  generated DNSKEYs
 2022-06-11 21:23:42 -04:00
David Blacka
bfb5ff45ee Fixes #11: add TTL to generated DNSKEYs 
Also, update the gradle wrapper
 2022-06-11 21:20:57 -04:00
David Blacka
9fd6c95889 Update dnsjava to 2.1.9; normalize shell wrappers 2019-07-23 13:06:09 +00:00
David Blacka
9004a33d51 Exit with non-zero with exception. Fix dnsjava lib. 
It is unclear how we got the version of dnsjava that was checked in.
The same version build from the jdnssec-dnsjava repo was different.
This fixes the "missing CAA" support issue.
 2019-02-26 14:26:18 +00:00
David Blacka
0aca329f85
Remove verisignlabs.com website for now 
The verisignlabs.com website is non-functional.  Everything is actually here on github.com, though.
 2019-01-30 11:37:34 -05:00
David Blacka
507dad3580 Update changelog with release 2018-11-16 15:54:09 +00:00
David Blacka
7d27694d9a Some DNSKeyAlgorithm class cleanup 2018-11-16 13:57:16 +00:00
David Blacka
62b5b0ad23 Updates for gradle; changelog 2018-07-23 19:17:23 +00:00
David Blacka
c37f436e72 Merge branch 'alg-15-support' of https://github.com/pallaviaras/jdnssec-tools into pallaviaras-alg-15-support 2018-07-15 16:57:59 +00:00
David Blacka
781e775b3b Use the actual private key for ed25519 2018-07-15 16:56:15 +00:00
Pallavi
d0e85431c5 Added support for gradle and restructured the source code directory from src to src/main/java directory 2018-07-15 10:59:40 -04:00
David Blacka
55a139db82 Allow for epoch start/expire times; add verboseSigning to jdnssec-signrrset 2018-07-15 14:57:41 +00:00
David Blacka
b291bb430b Use correct encoding for the alg 15 DNSKEYRecord 2018-07-15 12:17:12 +00:00
David Blacka
a9353b3af3 Now able to generated alg 15 keypairs 
They _look_ correct, but may not be.
 2018-07-15 00:54:10 +00:00
David Blacka
7706b73d8c Start of alg 15/16 support 2018-07-14 22:06:49 +00:00
David Blacka
252c44a155
Merge pull request #6 from chkal/jdk7 
Set javac options for source and target to JDK7
 2018-03-10 14:26:27 -05:00
Christian Kaltepoth
a7743fa18c Set javac options for source and target to JDK7 2018-02-28 08:47:40 +01:00
David Blacka
4853426d6c Merge pull request #5 from PowerDNS/failure-exit 
exit(1) if the zone had errors
 2017-06-23 09:55:52 -04:00
David Blacka
de2216f259 Merge pull request #4 from PowerDNS/ecdsa-pad 
fix leading zero padding in ECDSA sig conversion
 2017-06-23 09:55:28 -04:00
Peter van Dijk
b19bc5ffa3 exit(1) if the zone had errors 2017-06-22 14:34:14 +02:00
Kees Monshouwer
517975ef93 update ChangeLog 2017-06-22 14:32:20 +02:00
Kees Monshouwer
ca2a932485 fix multiple leading zeros padding in ECDSA sig conversion 2017-06-22 14:32:14 +02:00
Peter van Dijk
171594a92d fix leading zero padding in ECDSA sig conversion 2017-02-28 12:24:00 +01:00
David Blacka
fb689c046f Update changelog, set this as a release. 2017-01-06 13:01:05 -05:00
David Blacka
8d3746fc22 Validate the the RRset TTL is <= the OrigTTL. 2017-01-06 12:54:16 -05:00
David Blacka
444601fb2a Detect duplicate RRSIGs as well. 2017-01-06 12:53:57 -05:00
David Blacka
c5896495c7 Either R or S could end up being shorter than the expected length, so adjust for that. 2017-01-05 13:50:48 -05:00
David Blacka
c13d9379b3 Update version, convert readme to markdown. 2016-12-09 17:57:09 -05:00
David Blacka
f170bd170a Elliptic curve support. 
Improve usage, unknown algorithm error handling in jdnssec-keygen
Use the bouncycastle crypto provider for ECCGOST if available
 2016-12-09 17:52:10 -05:00
David Blacka
6bbcf38fe1 update the embedded dnsjava version to 2.1.7 (jdnssec-dnsjava) 2016-08-22 09:40:47 -04:00
David Blacka
15cb5e2ab7 Fix issue in jdnssec-verifyzone (and ZoneVerifier) where junk in the zone wouldn't be handled correctly (that is, ignored.) 2014-04-22 16:39:00 -04:00
David Blacka
9fad4941a6 Make jdnssec-zoneformat -N also compute NSEC3 original owner names for ENTs 2014-04-22 16:37:58 -04:00
David Blacka
18df8a8d9e update version to prep for an official release. 2012-07-16 14:20:14 -04:00
David Blacka
a45f5d1df7 use the perfectly OK (now) TypeMap.toString() method. 2012-07-16 14:16:42 -04:00
David Blacka
3da308c4b9 Fix TypeMap.fromBytes() and add a TypeMap.fromString() method. 2012-07-16 14:16:13 -04:00
David Blacka
efa6dec7f7 update version to prep for an official release. 2012-05-29 13:31:40 -04:00
David Blacka
d3e8c4c913 Add duplicate RR detection to jdnssec-verifyzone, and a command line option to disable it. 2012-05-26 23:14:12 -04:00
David Blacka
b5775a8fdf update README to point to github. 2012-05-26 16:40:50 -04:00
David Blacka
69d965cc0f Wrap the new exceptions to mimic prior behavior. 2012-05-26 16:40:50 -04:00
David Blacka
ca7f10bd07 Instead of using DNSSEC.Secure, DNSSEC.Failed, etc, just use boolean results. 
This means we lose the idea of Insecure, but that wasn't effectively being used anyway.
Further, remove any use of the DNSJava Cache class -- that also wasn't being used.
 2012-05-26 16:40:50 -04:00