# Three keys only.
key_clear "KEY4"
-#
-# Zone: some-keys.kasp.
-#
-set_zone "some-keys.kasp"
-set_policy "rsasha256" "3" "1234"
-set_server "ns3" "10.53.0.3"
-# Key properties, timings and states same as above.
-
-check_keys
-check_dnssecstatus "$SERVER" "$POLICY" "$ZONE"
-set_keytimes_algorithm_policy "pregenerated"
-check_keytimes
-check_apex
-check_subdomain
-dnssec_verify
-
-#
-# Zone: pregenerated.kasp.
-#
-# There are more pregenerated keys than needed, hence the number of keys is
-# six, not three.
-set_zone "pregenerated.kasp"
-set_policy "rsasha256" "6" "1234"
-set_server "ns3" "10.53.0.3"
-# Key properties, timings and states same as above.
-
-check_keys
-check_dnssecstatus "$SERVER" "$POLICY" "$ZONE"
-set_keytimes_algorithm_policy "pregenerated"
-check_keytimes
-check_apex
-check_subdomain
-dnssec_verify
-
#
# Zone: rumoured.kasp.
#
zone = test["zone"]
policy = test["policy"]
ttl = int(test["config"]["dnskey-ttl"].total_seconds())
+ pregenerated = False
+ if test.get("pregenerated"):
+ pregenerated = test["pregenerated"]
isctest.log.info(f"check test case zone {zone} policy {policy}")
ttl=ttl, keys=test["key-properties"]
)
# Key files.
- keys = isctest.kasp.keydir_to_keylist(zone, test["config"]["key-directory"])
+ keys = isctest.kasp.keydir_to_keylist(
+ zone, test["config"]["key-directory"], in_use=pregenerated
+ )
ksks = [k for k in keys if k.is_ksk()]
zsks = [k for k in keys if not k.is_ksk()]
offset = test["offset"] if "offset" in test else None
for kp in expected:
- kp.set_expected_keytimes(test["config"], offset=offset)
+ kp.set_expected_keytimes(
+ test["config"], offset=offset, pregenerated=pregenerated
+ )
isctest.kasp.check_keytimes(keys, expected)
"config": kasp_config,
"key-properties": fips_properties(8),
},
+ {
+ "zone": "pregenerated.kasp",
+ "policy": "rsasha256",
+ "config": kasp_config,
+ "pregenerated": True,
+ "key-properties": fips_properties(8),
+ },
{
"zone": "rsasha256.kasp",
"policy": "rsasha256",
"config": kasp_config,
"key-properties": fips_properties(10),
},
+ {
+ "zone": "some-keys.kasp",
+ "policy": "rsasha256",
+ "config": kasp_config,
+ "pregenerated": True,
+ "key-properties": fips_properties(8),
+ },
{
"zone": "unlimited.kasp",
"policy": "unlimited",
projects / thirdparty / bind9.git / commitdiff
