From: Mark Andrews Date: Fri, 8 Jul 2022 02:24:34 +0000 (+1000) Subject: mkeys: use $DEFAULT_ALGORITHM X-Git-Tag: v9.19.4~44^2~16 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=78fa0829994fc2979fddb4617630739fc8784841;p=thirdparty%2Fbind9.git mkeys: use $DEFAULT_ALGORITHM --- diff --git a/bin/tests/system/mkeys/ns1/sign.sh b/bin/tests/system/mkeys/ns1/sign.sh index 819f3fc9c27..87a6ea0a27a 100644 --- a/bin/tests/system/mkeys/ns1/sign.sh +++ b/bin/tests/system/mkeys/ns1/sign.sh @@ -16,8 +16,8 @@ zone=. zonefile=root.db -keyname=`$KEYGEN -a rsasha256 -qfk $zone` -zskkeyname=`$KEYGEN -a rsasha256 -q $zone` +keyname=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk $zone) +zskkeyname=$($KEYGEN -a ${DEFAULT_ALGORITHM} -q $zone) $SIGNER -Sg -o $zone $zonefile > /dev/null 2>/dev/null diff --git a/bin/tests/system/mkeys/ns6/setup.sh b/bin/tests/system/mkeys/ns6/setup.sh index b54a74f9a2b..4cfeaa279f5 100644 --- a/bin/tests/system/mkeys/ns6/setup.sh +++ b/bin/tests/system/mkeys/ns6/setup.sh @@ -16,8 +16,8 @@ zone=. zonefile=root.db -# an RSA key -rsakey=`$KEYGEN -a rsasha256 -qfk rsasha256.` +# a key for a trust island +islandkey=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk island.) # a key with unsupported algorithm unsupportedkey=Kunknown.+255+00000 @@ -30,4 +30,4 @@ cp "../ns1/${rootkey}.key" . # Configure the resolving server with an initializing key. # (We use key-format trust anchors here because otherwise the # unsupported algorithm test won't work.) -keyfile_to_initial_keys $unsupportedkey $rsakey $rootkey > managed.conf +keyfile_to_initial_keys $unsupportedkey $islandkey $rootkey > managed.conf diff --git a/bin/tests/system/mkeys/tests.sh b/bin/tests/system/mkeys/tests.sh index 777bbd63288..1fdc9eee494 100644 --- a/bin/tests/system/mkeys/tests.sh +++ b/bin/tests/system/mkeys/tests.sh @@ -133,7 +133,7 @@ status=$((status+ret)) n=$((n+1)) echo_i "check new trust anchor can be added ($n)" ret=0 -standby1=$($KEYGEN -a rsasha256 -qfk -K ns1 .) +standby1=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk -K ns1 .) mkeys_loadkeys_on 1 || ret=1 mkeys_refresh_on 2 || ret=1 mkeys_status_on 2 > rndc.out.$n 2>&1 || ret=1 @@ -342,7 +342,7 @@ status=$((status+ret)) n=$((n+1)) echo_i "revoke original key, add new standby ($n)" ret=0 -standby2=$($KEYGEN -a rsasha256 -qfk -K ns1 .) +standby2=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk -K ns1 .) $SETTIME -R now -K ns1 "$original" > /dev/null mkeys_loadkeys_on 1 || ret=1 mkeys_refresh_on 2 || ret=1 @@ -374,7 +374,7 @@ status=$((status+ret)) n=$((n+1)) echo_i "revoke standby before it is trusted ($n)" ret=0 -standby3=$($KEYGEN -a rsasha256 -qfk -K ns1 .) +standby3=$($KEYGEN -a ${DEFAULT_ALGORITHM} -qfk -K ns1 .) mkeys_loadkeys_on 1 || ret=1 mkeys_refresh_on 2 || ret=1 mkeys_status_on 2 > rndc.out.1.$n 2>&1 || ret=1 @@ -777,7 +777,7 @@ n=$((n+1)) echo_i "ignoring unsupported algorithm in managed-keys ($n)" ret=0 mkeys_status_on 6 > rndc.out.$n 2>&1 || ret=1 -# there should still be only two keys listed (for . and rsasha256.) +# there should still be only two keys listed (for . and island.) count=$(grep -c "keyid: " rndc.out.$n) || true [ "$count" -eq 2 ] || ret=1 # two lines indicating trust status @@ -804,7 +804,7 @@ ret=0 mkeys_reload_on 1 || ret=1 mkeys_refresh_on 6 || ret=1 mkeys_status_on 6 > rndc.out.$n 2>&1 || ret=1 -# there should still be only two keys listed (for . and rsasha256.) +# there should still be only two keys listed (for . and island.) count=$(grep -c "keyid: " rndc.out.$n) || true [ "$count" -eq 2 ] || ret=1 # two lines indicating trust status