davidb/jdnssec-tools
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
157 Commits 2 Branches 12 Tags 13 MiB
507dad3580
Commit Graph

90 Commits

Author SHA1 Message Date
David Blacka
7d27694d9a Some DNSKeyAlgorithm class cleanup 2018-11-16 13:57:16 +00:00
David Blacka
c37f436e72 Merge branch 'alg-15-support' of https://github.com/pallaviaras/jdnssec-tools into pallaviaras-alg-15-support 2018-07-15 16:57:59 +00:00
David Blacka
781e775b3b Use the actual private key for ed25519 2018-07-15 16:56:15 +00:00
Pallavi
d0e85431c5 Added support for gradle and restructured the source code directory from src to src/main/java directory 2018-07-15 10:59:40 -04:00
David Blacka
55a139db82 Allow for epoch start/expire times; add verboseSigning to jdnssec-signrrset 2018-07-15 14:57:41 +00:00
David Blacka
b291bb430b Use correct encoding for the alg 15 DNSKEYRecord 2018-07-15 12:17:12 +00:00
David Blacka
a9353b3af3 Now able to generated alg 15 keypairs 
They _look_ correct, but may not be.
 2018-07-15 00:54:10 +00:00
David Blacka
7706b73d8c Start of alg 15/16 support 2018-07-14 22:06:49 +00:00
David Blacka
4853426d6c Merge pull request #5 from PowerDNS/failure-exit 
exit(1) if the zone had errors
 2017-06-23 09:55:52 -04:00
Peter van Dijk
b19bc5ffa3 exit(1) if the zone had errors 2017-06-22 14:34:14 +02:00
Kees Monshouwer
ca2a932485 fix multiple leading zeros padding in ECDSA sig conversion 2017-06-22 14:32:14 +02:00
Peter van Dijk
171594a92d fix leading zero padding in ECDSA sig conversion 2017-02-28 12:24:00 +01:00
David Blacka
8d3746fc22 Validate the the RRset TTL is <= the OrigTTL. 2017-01-06 12:54:16 -05:00
David Blacka
444601fb2a Detect duplicate RRSIGs as well. 2017-01-06 12:53:57 -05:00
David Blacka
c5896495c7 Either R or S could end up being shorter than the expected length, so adjust for that. 2017-01-05 13:50:48 -05:00
David Blacka
f170bd170a Elliptic curve support. 
Improve usage, unknown algorithm error handling in jdnssec-keygen
Use the bouncycastle crypto provider for ECCGOST if available
 2016-12-09 17:52:10 -05:00
David Blacka
15cb5e2ab7 Fix issue in jdnssec-verifyzone (and ZoneVerifier) where junk in the zone wouldn't be handled correctly (that is, ignored.) 2014-04-22 16:39:00 -04:00
David Blacka
9fad4941a6 Make jdnssec-zoneformat -N also compute NSEC3 original owner names for ENTs 2014-04-22 16:37:58 -04:00
David Blacka
a45f5d1df7 use the perfectly OK (now) TypeMap.toString() method. 2012-07-16 14:16:42 -04:00
David Blacka
3da308c4b9 Fix TypeMap.fromBytes() and add a TypeMap.fromString() method. 2012-07-16 14:16:13 -04:00
David Blacka
d3e8c4c913 Add duplicate RR detection to jdnssec-verifyzone, and a command line option to disable it. 2012-05-26 23:14:12 -04:00
David Blacka
69d965cc0f Wrap the new exceptions to mimic prior behavior. 2012-05-26 16:40:50 -04:00
David Blacka
ca7f10bd07 Instead of using DNSSEC.Secure, DNSSEC.Failed, etc, just use boolean results. 
This means we lose the idea of Insecure, but that wasn't effectively being used anyway.
Further, remove any use of the DNSJava Cache class -- that also wasn't being used.
 2012-05-26 16:40:50 -04:00
David Blacka
25cc81d46a Replace use of old KEYConverter with new DNSKEYRecord constructor. 2012-05-26 16:40:50 -04:00
David Blacka
2a90a6ccd9 byte -> int for NSEC3 digest type. 2012-05-26 16:40:49 -04:00
David Blacka
b18a96cbfc Change dnsjava algorithm references from DNSSEC.<alg> to DNSSEC.Algorithm.<alg> 2012-05-26 16:40:49 -04:00
David Blacka
fb75a5419f Use generic types when possible. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@246 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-12 21:25:42 +00:00
David Blacka
91207aeed2 Refactor the command line classes with a new base class and upgrade 
commons-cli to version 1.2.

git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@245 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-12 21:25:26 +00:00
David Blacka
645b8a1a60 fix my logger normalization -- it was still defaulting to INFO. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@244 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-10 00:25:10 +00:00
David Blacka
453bf283ba eclipse reformatting. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@242 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-09 23:58:56 +00:00
David Blacka
faae654a23 make reading and writing to stdin/stdout work for most of the tools 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@241 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-09 23:58:54 +00:00
David Blacka
73d930a850 for jdnssec-signzone and jdnssec-signrrset, make 'multiline' output NOT the default, and add a command line switch to enable it. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@240 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-09 23:58:51 +00:00
David Blacka
8347e5ffc3 fix usage statement printing. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@239 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-09 23:58:49 +00:00
David Blacka
c459de830f update jdnssec-keygen to use a default algorithm of 8 instead of 5. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@238 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-03 20:29:54 +00:00
David Blacka
e770f01958 Clean up logging: recognize all levels for -v, normalize the code that forces java.util.logging to set the correct log level, normalize on the use of our very simple log formatter. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@237 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-03 20:24:33 +00:00
David Blacka
03737a1efd Handle the new bind 9.7 private key files (hopefully). 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@227 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-02 19:36:40 +00:00
David Blacka
1616d07fe6 Add -N option for calculating original ownernames for NSEC3 RRs 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@226 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-02 19:36:14 +00:00
David Blacka
04d751ae56 Add -m option to jdnssec-zoneformat 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@225 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2011-02-02 18:59:06 +00:00
David Blacka
86072cbcc8 Add options for fudging or ignoring times in verifyzone. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@224 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-14 18:01:12 +00:00
David Blacka
3d6b21b0fc output changes for VerifyZone, some code cleanup and bug fixes for ZoneVerifier 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@220 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-07 05:31:58 +00:00
David Blacka
41c96feffd Refactor the zone verification tool to fully check zones for correctness. Not quite complete, as more testing needs to be done and the output needs to be standardized 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@219 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-06 05:59:42 +00:00
David Blacka
3c9e33baf7 fix a number of jdnssec-signzone signing bugs: do not incorrectly set the RRSIG bit on NSEC3 RRs corresponding to insecure delegations, ignore junk below a DNAME, ignore delegations below other delegations 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@218 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-06 00:25:04 +00:00
David Blacka
14ea619299 add verbose signing mode to signzone; some comment fixes, some unused vars and imports removed 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@217 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-12-05 23:08:13 +00:00
David Blacka
beca0e4872 Add jdnssec-signrrset tool which will sign any single rrset with any key. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@208 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2010-07-21 17:09:56 +00:00
David Blacka
34e6f91ef2 restore NSEC3 original ownername comments. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@185 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:24:04 +00:00
David Blacka
64f5de7b38 fix our base32 context 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@184 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:24:02 +00:00
David Blacka
1fe3b49c17 Switch to dnsjava-2.0.7: the NSEC3 comments won't work, and I had to rescue the nsec3 hash calculation function from the original NSEC3Record implementation. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@183 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:23:59 +00:00
David Blacka
2bd2bef727 Use the RFC 5702 algorithm identifiers 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@182 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-11-03 02:23:57 +00:00
David Blacka
ca9bee9d49 allow for multiple -k options (for signing with multiple KSKs) 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@176 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-09-03 04:16:49 +00:00
David Blacka
8b1203c243 Merge changes from experimental branch 2255:2273. 
git-svn-id: https://svn.verisignlabs.com/jdnssec/tools/trunk@172 4cbd57fe-54e5-0310-bd9a-f30fe5ea5e6e
 2009-08-23 19:13:42 +00:00