davidb/jdnssec-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
96 Commits 1 Branch 12 Tags 6.2 MiB
41c96feffd
Commit Graph

96 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Blacka
41c96feffd Refactor the zone verification tool to fully check zones for correctness. Not quite complete, as more testing needs to be done and the output needs to be standardized 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@219 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-06 05:59:42 +00:00
David Blacka
3c9e33baf7 fix a number of jdnssec-signzone signing bugs: do not incorrectly set the RRSIG bit on NSEC3 RRs corresponding to insecure delegations, ignore junk below a DNAME, ignore delegations below other delegations 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@218 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-06 00:25:04 +00:00
David Blacka
14ea619299 add verbose signing mode to signzone; some comment fixes, some unused vars and imports removed 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@217 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-05 23:08:13 +00:00
David Blacka
51d4ca0333 remove accidentally committed 'jdnssec-tools' directory 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@214 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-05 20:58:14 +00:00
David Blacka
beca0e4872 Add jdnssec-signrrset tool which will sign any single rrset with any key. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@208 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-07-21 17:09:56 +00:00
David Blacka
32c781f972 Share project "jdnssec-tools" into "https://svn.verisignlabs.com/main/dnssec/sectools/trunk" 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@202 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-06-15 02:45:12 +00:00
David Blacka
2b619d08b5 remove stray typo character 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@198 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-02-18 03:35:53 +00:00
David Blacka
cdde8fa65e release 0.9.6 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@195 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-01-14 16:40:32 +00:00
David Blacka
ef2b96782e Switch to dnsjava-2.0.8: this fixes a typemap wire conversion bug 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@194 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-01-10 02:52:02 +00:00
David Blacka
179f7fa59d update version of DNSjava -- this version has a bug fix for typemap wireformat calculation 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@191 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-01-08 00:42:27 +00:00
David Blacka
fff3792206 update version number, changelog 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@186 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:24:06 +00:00
David Blacka
34e6f91ef2 restore NSEC3 original ownername comments. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@185 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:24:04 +00:00
David Blacka
64f5de7b38 fix our base32 context 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@184 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:24:02 +00:00
David Blacka
1fe3b49c17 Switch to dnsjava-2.0.7: the NSEC3 comments won't work, and I had to rescue the nsec3 hash calculation function from the original NSEC3Record implementation. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@183 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:23:59 +00:00
David Blacka
2bd2bef727 Use the RFC 5702 algorithm identifiers 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@182 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:23:57 +00:00
David Blacka
f09d75453c work around the ulimit behavior on mac os X 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@177 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-09-19 20:21:48 +00:00
David Blacka
ca9bee9d49 allow for multiple -k options (for signing with multiple KSKs) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@176 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-09-03 04:16:49 +00:00
David Blacka
5c6538cf62 remove bogus directory (again) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@173 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-08-24 13:21:46 +00:00
David Blacka
8b1203c243 Merge changes from experimental branch 2255:2273. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@172 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-08-23 19:13:42 +00:00
David Blacka
dec1b802e2 Share project "jdnssec-tools" into "https://svn.verisignlabs.com/main/dnssec/sectools/trunk" 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@168 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-07-19 19:19:41 +00:00
David Blacka
5d6e980ca7 make sure compiled binaries are 1.4 compatible 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@146 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-10 14:36:51 +00:00
David Blacka
7a4e98378b fix the binary version on the dnsjava library (was the java 6 binary version, should be the java 1.4 version) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@145 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-10 14:36:00 +00:00
David Blacka
194d28e876 update version for 0.9.0 release 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@144 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-10 14:19:00 +00:00
David Blacka
e95f295275 update changelog 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@143 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-09 02:54:51 +00:00
David Blacka
e6cf5e27a0 Use constants now defined in dnsjava (local copy, for now). Add BIND 9.6 mnemonics to the NSEC3 key aliases. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@142 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-08 17:36:18 +00:00
David Blacka
b90877444d Make the keyinfo tool slightly more useful: handle multiple keys at a time, print out DSA key information, etc. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@141 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-08 17:35:20 +00:00
David Blacka
f09eeaffaa Make using the RSA large exponent the default (like BIND); print the name of the keyfile base at the end (unless the user dictated the filename) (also like BIND) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@140 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-08 17:34:05 +00:00
David Blacka
971d13d81f Make the comments accurate. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@139 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-08 17:32:58 +00:00
David Blacka
865fcf09bf update to dnsjava 2.0.6-vrsn-2; remove obsoleted workaround in DnsKeyConverter 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@138 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-07 21:01:28 +00:00
David Blacka
319bbdceb1 git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@135 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e 2009-02-07 20:38:22 +00:00
David Blacka
ba656cad5a update to commons-cli-1.1 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@134 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-07 20:37:58 +00:00
David Blacka
b35bab0bdd Add ability to define the TTL of the NSEC3PARAM record. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@133 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-07 20:37:29 +00:00
David Blacka
6202d0a0a3 update changelog 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@132 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-07 16:21:18 +00:00
David Blacka
b0fac2fd43 Use the SOA minimum value for the generated NSEC records' TTL 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@131 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-07 16:16:44 +00:00
David Blacka
c7e5d9e09b update dnsjava library to 2.0.1-vrsn-4 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@126 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-05 05:38:16 +00:00
David Blacka
07bc1b7c5e update changelog. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@124 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-05 05:06:32 +00:00
David Blacka
531dc115aa Use ObjectBuilder statically (this was generating warnings for me) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@123 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-05 05:05:32 +00:00
David Blacka
8b61f84308 Add ability for jdnssec-signzone to find the necessary keys by either looking in the zone to find DNSKEY RRs, or by looking on disk for key files matching the zonename. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@122 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-05 05:04:30 +00:00
David Blacka
49dfddb432 Add (provisional) entries for RSASHA256 and RSASHA512. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@121 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-05 05:02:29 +00:00
David Blacka
32b0f15b70 Use the JCE implementation of SHA-256 instead of the contributed one (which doesn't actually work correctly). 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@120 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-05 05:01:03 +00:00
David Blacka
be643bc785 update changelog 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@119 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 05:27:43 +00:00
David Blacka
9da36605fb update version to 0.8.5 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@118 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 05:23:41 +00:00
David Blacka
2102d6c958 remove accidentally committed stuff 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@117 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 05:11:22 +00:00
David Blacka
ccb1ffb7e5 Formatting (from a new Eclipse, for better or worse) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@116 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 05:01:03 +00:00
David Blacka
3f1787695d Fix issue where the DS digest algorithm would be ignored when converting in-zone DNSKEY RRs to DS records; formatting 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@115 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 05:00:28 +00:00
David Blacka
09d21a1d67 use "OptOut" instead of "OptIn" to match RFC 5155 terminology; formatting. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@114 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 04:58:18 +00:00
David Blacka
4073e6a576 Add aliases defined in RFC 5155 (NSEC3); formatting. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@113 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 04:51:15 +00:00
David Blacka
e5270de8ee Move all signZone() method variants into JCEDnsSecSigner, make the SignZone class use them. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@112 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-02 04:45:49 +00:00
David Blacka
5170a087c9 close the private key file after reading it. patch by Wolfgang Nagele 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@111 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-02-01 18:24:30 +00:00
David Blacka
19efd1ceb8 update changelog for release 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@109 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2006-12-15 15:03:15 +00:00