2876649a4e
EdDSA, sonarlint fixes, and cleanup ( #16 )
...
* update commons-cli, dnsjava, remove gradle, set to java 17
* use baseAlgorithm enum instead of static ints
* sonarlint changes
* sonarlint/formatting for SignUtils
* sonarlint, formatting for RecordComparitor and JCEDnsSecSigner
* update a few defaults
* redo the SignZone logic around finding keys; more output for it.
* refactor getVerifier()
* sonarlint and formatting for the rest
* use SunEC for the algs 15, 16; support alg 16 finally
* address my self-review comments
2024-03-30 22:21:32 -04:00
6118ae718e
Fix issue 14 ( #15 )
...
handle duplicate key tags, gen duplicate key tags, other minor cleanup
2024-03-25 00:38:47 -04:00
5fef1dcf24
forgot to commit the version update
2023-07-24 08:22:28 -04:00
e73b5ddd53
add -t option to verifyzone
2023-07-24 08:10:10 -04:00
3601676406
Fix critical typo in ZoneVerifier; more sonarlint
2023-07-24 00:12:28 -04:00
69a0a34239
do not use Collections.emptyList()
2023-07-23 23:45:47 -04:00
e322186112
Port to DNSJava 3.5.1, Java 8, linter fixes ( #13 )
...
* Initial port to dnsjava 3.5.1
* java.util.Date -> java.time.Instant
* for (Iterator ..) to for ( Object : List )
* DSRecord.<digest type> -> DNSSEC.Digest.<type>
* source to java 8
* formatting overhaul; copyright; author
* add slf4j jars for dnsjava 3.5.1
* NSEC/NSEC3 ttls are now min(soa.min, soa.ttl)
* Upgrade to commons-cli-1.5; some linter fixes
* Add CDS support of jdnssec-dstool
* linter suggestions
* add a TODO list
* Add a TODO list
2022-09-21 14:24:42 -04:00
ce1189703f
Merge pull request #12 from dblacka/davidb/add-ttl-to-keygen
...
Fixes #11 : add TTL to generated DNSKEYs
2022-06-11 21:23:42 -04:00
bfb5ff45ee
Fixes #11 : add TTL to generated DNSKEYs
...
Also, update the gradle wrapper
2022-06-11 21:20:57 -04:00
David Blacka
9fd6c95889
Update dnsjava to 2.1.9; normalize shell wrappers
2019-07-23 13:06:09 +00:00
David Blacka
9004a33d51
Exit with non-zero with exception. Fix dnsjava lib.
...
It is unclear how we got the version of dnsjava that was checked in.
The same version build from the jdnssec-dnsjava repo was different.
This fixes the "missing CAA" support issue.
2019-02-26 14:26:18 +00:00
David Blacka
0aca329f85
Remove verisignlabs.com website for now
...
The verisignlabs.com website is non-functional. Everything is actually here on github.com, though.
2019-01-30 11:37:34 -05:00
David Blacka
507dad3580
Update changelog with release
2018-11-16 15:54:09 +00:00
David Blacka
7d27694d9a
Some DNSKeyAlgorithm class cleanup
2018-11-16 13:57:16 +00:00
David Blacka
62b5b0ad23
Updates for gradle; changelog
2018-07-23 19:17:23 +00:00
David Blacka
c37f436e72
Merge branch 'alg-15-support' of https://github.com/pallaviaras/jdnssec-tools into pallaviaras-alg-15-support
2018-07-15 16:57:59 +00:00
David Blacka
781e775b3b
Use the actual private key for ed25519
2018-07-15 16:56:15 +00:00
Pallavi
d0e85431c5
Added support for gradle and restructured the source code directory from src to src/main/java directory
2018-07-15 10:59:40 -04:00
David Blacka
55a139db82
Allow for epoch start/expire times; add verboseSigning to jdnssec-signrrset
2018-07-15 14:57:41 +00:00
David Blacka
b291bb430b
Use correct encoding for the alg 15 DNSKEYRecord
2018-07-15 12:17:12 +00:00
David Blacka
a9353b3af3
Now able to generated alg 15 keypairs
...
They _look_ correct, but may not be.
2018-07-15 00:54:10 +00:00
David Blacka
7706b73d8c
Start of alg 15/16 support
2018-07-14 22:06:49 +00:00
252c44a155
Merge pull request #6 from chkal/jdk7
...
Set javac options for source and target to JDK7
2018-03-10 14:26:27 -05:00
Christian Kaltepoth
a7743fa18c
Set javac options for source and target to JDK7
2018-02-28 08:47:40 +01:00
4853426d6c
Merge pull request #5 from PowerDNS/failure-exit
...
exit(1) if the zone had errors
2017-06-23 09:55:52 -04:00
de2216f259
Merge pull request #4 from PowerDNS/ecdsa-pad
...
fix leading zero padding in ECDSA sig conversion
2017-06-23 09:55:28 -04:00
Peter van Dijk
b19bc5ffa3
exit(1) if the zone had errors
2017-06-22 14:34:14 +02:00
Kees Monshouwer
517975ef93
update ChangeLog
2017-06-22 14:32:20 +02:00
Kees Monshouwer
ca2a932485
fix multiple leading zeros padding in ECDSA sig conversion
2017-06-22 14:32:14 +02:00
Peter van Dijk
171594a92d
fix leading zero padding in ECDSA sig conversion
2017-02-28 12:24:00 +01:00
David Blacka
fb689c046f
Update changelog, set this as a release.
2017-01-06 13:01:05 -05:00
David Blacka
8d3746fc22
Validate the the RRset TTL is <= the OrigTTL.
2017-01-06 12:54:16 -05:00
David Blacka
444601fb2a
Detect duplicate RRSIGs as well.
2017-01-06 12:53:57 -05:00
David Blacka
c5896495c7
Either R or S could end up being shorter than the expected length, so adjust for that.
2017-01-05 13:50:48 -05:00
David Blacka
c13d9379b3
Update version, convert readme to markdown.
2016-12-09 17:57:09 -05:00
David Blacka
f170bd170a
Elliptic curve support.
...
Improve usage, unknown algorithm error handling in jdnssec-keygen
Use the bouncycastle crypto provider for ECCGOST if available
2016-12-09 17:52:10 -05:00
David Blacka
6bbcf38fe1
update the embedded dnsjava version to 2.1.7 (jdnssec-dnsjava)
2016-08-22 09:40:47 -04:00
David Blacka
15cb5e2ab7
Fix issue in jdnssec-verifyzone (and ZoneVerifier) where junk in the zone wouldn't be handled correctly (that is, ignored.)
2014-04-22 16:39:00 -04:00
David Blacka
9fad4941a6
Make jdnssec-zoneformat -N also compute NSEC3 original owner names for ENTs
2014-04-22 16:37:58 -04:00
David Blacka
18df8a8d9e
update version to prep for an official release.
2012-07-16 14:20:14 -04:00
David Blacka
a45f5d1df7
use the perfectly OK (now) TypeMap.toString() method.
2012-07-16 14:16:42 -04:00
David Blacka
3da308c4b9
Fix TypeMap.fromBytes() and add a TypeMap.fromString() method.
2012-07-16 14:16:13 -04:00
David Blacka
efa6dec7f7
update version to prep for an official release.
2012-05-29 13:31:40 -04:00
d3e8c4c913
Add duplicate RR detection to jdnssec-verifyzone, and a command line option to disable it.
2012-05-26 23:14:12 -04:00
b5775a8fdf
update README to point to github.
2012-05-26 16:40:50 -04:00
69d965cc0f
Wrap the new exceptions to mimic prior behavior.
2012-05-26 16:40:50 -04:00
ca7f10bd07
Instead of using DNSSEC.Secure, DNSSEC.Failed, etc, just use boolean results.
...
This means we lose the idea of Insecure, but that wasn't effectively being used anyway.
Further, remove any use of the DNSJava Cache class -- that also wasn't being used.
2012-05-26 16:40:50 -04:00
25cc81d46a
Replace use of old KEYConverter with new DNSKEYRecord constructor.
2012-05-26 16:40:50 -04:00
2a90a6ccd9
byte -> int for NSEC3 digest type.
2012-05-26 16:40:49 -04:00
b18a96cbfc
Change dnsjava algorithm references from DNSSEC.<alg> to DNSSEC.Algorithm.<alg>
2012-05-26 16:40:49 -04:00