From: Matthijs Mekking Date: Wed, 30 Oct 2019 15:45:41 +0000 (+0100) Subject: Test CSK rollover X-Git-Tag: v9.15.6~26^2~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9fbc86910833bb09ff02801cef22c3f59a29a820;p=thirdparty%2Fbind9.git Test CSK rollover Test two CSK rollover scenarios, one where the DS is swapped before the zone signatures are all replaced, and one where the signatures are replaced sooner than the DS is swapped. --- diff --git a/bin/tests/system/kasp/ns3/named.conf.in b/bin/tests/system/kasp/ns3/named.conf.in index c7a830dc3ab..1e11814542c 100644 --- a/bin/tests/system/kasp/ns3/named.conf.in +++ b/bin/tests/system/kasp/ns3/named.conf.in @@ -233,3 +233,73 @@ zone "step6.ksk-doubleksk.autosign" { file "step6.ksk-doubleksk.autosign.db"; dnssec-policy "ksk-doubleksk"; }; + +/* + * Zones for testing CSK rollover steps. + */ +zone "step1.csk-roll.autosign" { + type master; + file "step1.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; +zone "step2.csk-roll.autosign" { + type master; + file "step2.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; +zone "step3.csk-roll.autosign" { + type master; + file "step3.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; +zone "step4.csk-roll.autosign" { + type master; + file "step4.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; +zone "step5.csk-roll.autosign" { + type master; + file "step5.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; +zone "step6.csk-roll.autosign" { + type master; + file "step6.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; +zone "step7.csk-roll.autosign" { + type master; + file "step7.csk-roll.autosign.db"; + dnssec-policy "csk-roll"; +}; + +zone "step1.csk-roll2.autosign" { + type master; + file "step1.csk-roll2.autosign.db"; + dnssec-policy "csk-roll2"; +}; +zone "step2.csk-roll2.autosign" { + type master; + file "step2.csk-roll2.autosign.db"; + dnssec-policy "csk-roll2"; +}; +zone "step3.csk-roll2.autosign" { + type master; + file "step3.csk-roll2.autosign.db"; + dnssec-policy "csk-roll2"; +}; +zone "step4.csk-roll2.autosign" { + type master; + file "step4.csk-roll2.autosign.db"; + dnssec-policy "csk-roll2"; +}; +zone "step5.csk-roll2.autosign" { + type master; + file "step5.csk-roll2.autosign.db"; + dnssec-policy "csk-roll2"; +}; +zone "step6.csk-roll2.autosign" { + type master; + file "step6.csk-roll2.autosign.db"; + dnssec-policy "csk-roll2"; +}; diff --git a/bin/tests/system/kasp/ns3/policies/autosign.conf b/bin/tests/system/kasp/ns3/policies/autosign.conf index f04d219e6dd..664693a445f 100644 --- a/bin/tests/system/kasp/ns3/policies/autosign.conf +++ b/bin/tests/system/kasp/ns3/policies/autosign.conf @@ -64,3 +64,47 @@ dnssec-policy "ksk-doubleksk" { parent-registration-delay P1D; parent-propagation-delay PT1H; }; + +dnssec-policy "csk-roll" { + + signatures-refresh P5D; + signatures-validity 30d; + signatures-validity-dnskey 30d; + + dnskey-ttl 1h; + publish-safety PT1H; + retire-safety 2h; + + keys { + csk key-directory lifetime P6M algorithm 13; + }; + + zone-propagation-delay 1h; + zone-max-ttl P1D; + + parent-ds-ttl 1h; + parent-registration-delay 1d; + parent-propagation-delay 1h; +}; + +dnssec-policy "csk-roll2" { + + signatures-refresh 12h; + signatures-validity P1D; + signatures-validity-dnskey P1D; + + dnskey-ttl 1h; + publish-safety PT1H; + retire-safety 1h; + + keys { + csk key-directory lifetime P6M algorithm 13; + }; + + zone-propagation-delay PT1H; + zone-max-ttl 1d; + + parent-ds-ttl PT1H; + parent-registration-delay P1W; + parent-propagation-delay PT1H; +}; diff --git a/bin/tests/system/kasp/ns3/setup.sh b/bin/tests/system/kasp/ns3/setup.sh index b384fa730bd..782747b4b84 100644 --- a/bin/tests/system/kasp/ns3/setup.sh +++ b/bin/tests/system/kasp/ns3/setup.sh @@ -356,3 +356,292 @@ private_type_record $zone 13 $KSK1 >> "$infile" private_type_record $zone 13 $KSK2 >> "$infile" private_type_record $zone 13 $ZSK >> "$infile" $SIGNER -S -x -s now-1h -e now+2w -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# +# The zones at csk-roll.autosign represent the various steps of a CSK rollover +# (which is essentially a ZSK Pre-Publication / KSK Double-KSK rollover). +# + +# Step 1: +# Introduce the first key. This will immediately be active. +setup step1.csk-roll.autosign +CSK=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +TactN="now" +$SETTIME -s -P $TactN -A $TactN -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN $CSK > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK}.key" > "$infile" +private_type_record $zone 13 $CSK >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 2: +# It is time to introduce the new CSK. +setup step2.csk-roll.autosign +CSK=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: ZSK: Tpub(N+1) <= Tact(N) + Lzsk - Ipub +# According to RFC 7583: KSK: Tpub(N+1) <= Tact(N) + Lksk - Dreg - IpubC +# Also: Ipub = Dprp + TTLkey (+publish-safety) +# Also: IpubC = DprpC + TTLkey (+publish-safety) +# Both sums are almost the same, but the KSK case has Dreg in the equation. +# so: Tact(N) = Tpub(N+1) - Lcsk + Dreg + IpubC = now - 6mo + 1d + 3h = +# now - 4464h + 24h + 3h = now - 4437h +TactN="now-4437h" +$SETTIME -s -P $TactN -A $TactN -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN $CSK > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK}.key" > "$infile" +private_type_record $zone 13 $CSK >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 3: +# It is time to submit the DS and to roll signatures. +setup step3.csk-roll.autosign +CSK1=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: Tsbm(N+1) >= Trdy(N+1) +# Also: Tact(N+1) = Tsbm(N+1) + Dreg +# so: Tact(N) = Tsbm(N+1) + Dreg - Lksk = now + 1d - 6mo = now - 185d +# and: Tret(N) = Tsbm(N+1) + Dreg = now + 1d +# and: Tpub(N+1) <= Tsbm(N+1) - IpubC = now - 3h +# and: Tret(N+1) = Tsbm(N+1) + Dreg + Lksk = now + 1d + 6mo = now + 187d +TactN="now-185d" +TretN="now+1d" +TpubN1="now-3h" +TretN1="now+187d" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TretN -I $TretN1 -g $O -k $R $TpubN1 -r $R $TpubN1 -d $H $TpubN1 -z $H $TpubN1 $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 4: +# Some time later all the ZRRSIG records should be from the new CSK, and the +# DS should be swapped. The ZRRSIG records are all replaced after Iret +# which is Dsgn + Dprp + TTLsig + retire-safety (25d + 1h + 1d + 2h = 26d3h). +# The DS is swapped after Dreg + DprpP + TTLds + retire-safety +# (1d + 1h + 1h + 2h = 1d4h). In other words, the DS is swapped before all +# zone signatures are replaced. +setup step4.csk-roll.autosign +CSK1=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: Tdea(N) = Tret(N) + Iret +# Also: Iret = 1h + 1h + 2h = 4h +# Also: Tact(N+1) = Tret(N) +# so: Tact(N) = Tdea(N) - Lksk - Iret = now - 6mo - 4h = now - 4468h +# and: Tret(N) = Tdea(N) - Iret = now - 4h = now - 4h +# and: Tpub(N+1) = Tdea(N) - Iret - Dreg - IpubC = now - 4h - 1d - 3h = now - 31h +# and: Tsbm(N+1) = Tdea(N) - Iret - Dreg = now - 4h - 1d = now - 28h +# and: Tact(N+1) = Tret(N) +# and: Tret(N+1) = Tdea(N) + Lksk - Iret = now + 6mo - 4h = now + 4460h +TactN="now-4468h" +TretN="now-4h" +TpubN1="now-31h" +TsbmN1="now-28h" +TactN1="${TretN}" +TretN1="now+4460h" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $O $TactN -d $U $TsbmN1 -z $U $TsbmN1 $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $R $TsbmN1 -z $R $TsbmN1 $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 5: +# After the DS is swapped in step 4, also the KRRSIG records can be removed. +# At this time these have all become hidden. +setup step5.csk-roll.autosign +CSK1=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# Substract DNSKEY TTL plus zone propagation delay from all the times (2h). +TactN="now-4470h" +TretN="now-6h" +TdeaN="now-2h" +TpubN1="now-33h" +TsbmN1="now-30h" +TactN1="${TretN}" +TretN1="now+4458h" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $U $TdeaN -d $H $TdeaN -z $U $TsbmN1 $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TdeaN -z $R $TsbmN1 $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 6: +# After the retire interval has passed the predecessor DNSKEY can be +# removed from the zone. +setup step6.csk-roll.autosign +CSK1=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: Tdea(N) = Tret(N) + Iret +# Also: Tret(N) = Tact(N) + Lzsk +# Also: Iret = Dsgn + Dprp + TTLsig (+retire-safety) +# so: Tact(N) = Tdea(N) - Iret - Lzsk = now - 25d1h1d2h - 6mo = +# now - 26d3h - 6mo = now - 627h - 4464h = now - 5091h +# and: Tret(N) = Tdea(N) - Iret = now - 627h +# and: Tpub(N+1) = Tdea(N) - Iret - Ipub = now - 627h - 3h = now - 630h +# and: Tact(N+1) = Tdea(N) - Iret = Tret(N) +# and: Tret(N+1) = Tdea(N) - Iret + Lzsk = now - 627h + 6mo = now + 3837h +TactN="now-5091h" +TretN="now-627h" +TdeaN="now-623h" +TpubN1="now-630h" +TsbmN1="now-627h" +TactN1="${TretN}" +TretN1="now+3837h" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $H $TdeaN -d $H $TdeaN -z $U $TsbmN1 $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TdeaN -z $R $TsbmN1 $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 7: +# Some time later the predecessor DNSKEY enters the HIDDEN state. +setup step7.csk-roll.autosign +CSK1=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# Substract DNSKEY TTL plus zone propagation delay from all the times (2h). +TactN="now-5093h" +TretN="now-629h" +TdeaN="now-625h" +TpubN1="now-632h" +TsbmN1="now-629h" +TactN1="${TretN}" +TretN1="now+3835h" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $U now-2h -r $H $TdeaN -d $H $TdeaN -z $H $TsbmN1 $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TsbmN1 -r $O $TsbmN1 -d $O $TdeaN -z $O $TsbmN1 $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# +# The zones at csk-roll2.autosign represent the various steps of a CSK rollover +# (which is essentially a ZSK Pre-Publication / KSK Double-KSK rollover). +# This scenario differs from the above one because the zone signatures (ZRRSIG) +# are replaced with the new key sooner than the DS is swapped. +# + +# Step 1: +# Introduce the first key. This will immediately be active. +setup step1.csk-roll2.autosign +CSK=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +TactN="now" +$SETTIME -s -P $TactN -A $TactN -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN $CSK > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK}.key" > "$infile" +private_type_record $zone 13 $CSK >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 2: +# It is time to introduce the new CSK. +setup step2.csk-roll2.autosign +CSK=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: ZSK: Tpub(N+1) <= Tact(N) + Lzsk - Ipub +# According to RFC 7583: KSK: Tpub(N+1) <= Tact(N) + Lksk - Dreg - IpubC +# Also: Ipub = Dprp + TTLkey (+publish-safety) +# Also: IpubC = DprpC + TTLkey (+publish-safety) +# Both sums are almost the same, but the KSK case has Dreg in the equation. +# so: Tact(N) = Tpub(N+1) - Lcsk + Dreg + IpubC = now - 6mo + 1w + 3h = +# now - 4464h + 168h + 3h = now - 4635h +TactN="now-4635h" +$SETTIME -s -P $TactN -A $TactN -g $O -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN $CSK > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK}.key" > "$infile" +private_type_record $zone 13 $CSK >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 3: +# It is time to submit the DS and to roll signatures. +setup step3.csk-roll2.autosign +CSK1=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: Tsbm(N+1) >= Trdy(N+1) +# Also: Tact(N+1) = Tsbm(N+1) + Dreg +# so: Tact(N) = Tsbm(N+1) + Dreg - Lksk = now + 1w - 6mo = now - 179d +# and: Tret(N) = Tsbm(N+1) + Dreg = now + 1w +# and: Tpub(N+1) <= Tsbm(N+1) - IpubC = now - 3h +# and: Tret(N+1) = Tsbm(N+1) + Dreg + Lksk = now + 1w + 6mo = now + 193d +TactN="now-179d" +TretN="now+1w" +TpubN1="now-3h" +TretN1="now+193d" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $O $TactN -d $O $TactN -z $O $TactN $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TretN -I $TretN1 -g $O -k $R $TpubN1 -r $R $TpubN1 -d $H $TpubN1 -z $H $TpubN1 $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 4: +# Some time later all the ZRRSIG records should be from the new CSK, and the +# DS should be swapped. The ZRRSIG records are all replaced after Iret +# which is Dsgn + Dprp + TTLsig + retire-safety (12h + 1h + 1d + 2h = 38h). +# The DS is swapped after Dreg + DprpP + TTLds + retire-safety +# (1w + 1h + 1h + 1h = 1w3h). In other words, the zone signatures are +# replaced before the DS is swapped. +setup step4.csk-roll2.autosign +CSK1=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# According to RFC 7583: Tdea(N) = Tret(N) + Iret +# Also: Tret(N) = Tact(N) + Lzsk +# Also: Iret = Dsgn + Dprp + TTLsig (+retire-safety) +# so: Tact(N) = Tdea(N) - Iret - Lzsk = now - 38h - 6mo = now - 4502h +# and: Tret(N) = Tdea(N) - Iret = now - 38h +# and: Tpub(N+1) = Tdea(N) - Iret - Ipub = now - 41h +# and: Tact(N+1) = Tdea(N) - Iret = Tret(N) +# and: Tret(N+1) = Tdea(N) - Iret + Lzsk = now - 38h + 6mo = now + 4426h +TactN="now-4502h" +TretN="now-38h" +TpubN1="now-41h" +TactN1="${TretN}" +TretN1="now+4426" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $O $TactN -d $U $TretN -z $U $TretN $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TretN -r $O $TretN -d $R $TretN -z $R $TretN $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 5: +# Some time later the DS can be swapped and the old DNSKEY can be removed from +# the zone. +setup step5.csk-roll2.autosign +CSK1=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# Substract Dreg + Iret (174h). +TactN="now-4676h" +TretN="now-212h" +TpubN1="now-215h" +TactN1="${TretN}" +TretN1="now+4252h" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $O $TactN -r $O $TactN -d $U $TretN -z $H $TretN $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TretN -r $O $TretN -d $R $TretN -z $O $TretN $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 + +# Step 6: +# Some time later the predecessor DNSKEY enters the HIDDEN state. +setup step6.csk-roll2.autosign +CSK1=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +CSK2=`$KEYGEN -k csk-roll2 -l policies/autosign.conf $zone 2> keygen.out.$zone.1` +# Substract DNSKEY TTL plus zone propagation delay (2h). +TactN="now-4678h" +TretN="now-214h" +TdeaN="now-2h" +TpubN1="now-217h" +TactN1="${TretN}" +TretN1="now+4250h" +$SETTIME -s -P $TactN -A $TactN -I $TretN -g $H -k $U $TdeaN -r $U $TdeaN -d $H $TretN -z $H $TretN $CSK1 > settime.out.$zone.1 2>&1 +$SETTIME -s -S $CSK1 -i 0 $CSK2 > settime.out.$zone.3 2>&1 +$SETTIME -s -P $TpubN1 -A $TactN1 -I $TretN1 -g $O -k $O $TretN -r $O $TretN -d $O $TretN -z $O $TretN $CSK2 > settime.out.$zone.1 2>&1 +cat template.db.in "${CSK1}.key" "${CSK2}.key" > "$infile" +private_type_record $zone 13 $CSK1 >> "$infile" +private_type_record $zone 13 $CSK2 >> "$infile" +$SIGNER -S -z -x -s now-1h -e now+30d -o $zone -O full -f $zonefile $infile > signer.out.$zone.1 2>&1 diff --git a/bin/tests/system/kasp/tests.sh b/bin/tests/system/kasp/tests.sh index 6bd1d3db948..42f2eef2ab4 100644 --- a/bin/tests/system/kasp/tests.sh +++ b/bin/tests/system/kasp/tests.sh @@ -43,7 +43,8 @@ STATE_DNSKEY=15 STATE_ZRRSIG=16 STATE_KRRSIG=17 STATE_DS=18 -EXPECT_RRSIG=19 +EXPECT_ZRRSIG=19 +EXPECT_KRRSIG=20 # Clear key state. # @@ -58,7 +59,8 @@ key_clear() { [$REMOVED]="none" \ [$GOAL]="none" [$STATE_DNSKEY]="none" \ [$STATE_KRRSIG]="none" [$STATE_ZRRSIG]="none" \ - [$STATE_DS]="none" [$EXPECT_RRSIG]="no") + [$STATE_DS]="none" \ + [$EXPECT_ZRRSIG]="no" [$EXPECT_KRRSIG]="no") if [ $1 == "KEY1" ]; then KEY1=(${_key[*]}) @@ -140,7 +142,8 @@ zone_properties() { # $4: Algorithm (number) # $5: Algorithm (string-format) # $6: Algorithm length -# $7: Is signing +# $7: Is zone signing +# $8: Is key signing # # This will update either the KEY1, KEY2 or KEY3 array. key_properties() { @@ -157,7 +160,8 @@ key_properties() { KEY1[$ALG_NUM]=$4 KEY1[$ALG_STR]=$5 KEY1[$ALG_LEN]=$6 - KEY1[$EXPECT_RRSIG]=$7 + KEY1[$EXPECT_ZRRSIG]=$7 + KEY1[$EXPECT_KRRSIG]=$8 elif [ $1 == "KEY2" ]; then KEY2[$EXPECT]="yes" KEY2[$ROLE]=$2 @@ -171,7 +175,8 @@ key_properties() { KEY2[$ALG_NUM]=$4 KEY2[$ALG_STR]=$5 KEY2[$ALG_LEN]=$6 - KEY2[$EXPECT_RRSIG]=$7 + KEY2[$EXPECT_ZRRSIG]=$7 + KEY2[$EXPECT_KRRSIG]=$8 elif [ $1 == "KEY3" ]; then KEY3[$EXPECT]="yes" KEY3[$ROLE]=$2 @@ -185,7 +190,8 @@ key_properties() { KEY3[$ALG_NUM]=$4 KEY3[$ALG_STR]=$5 KEY3[$ALG_LEN]=$6 - KEY3[$EXPECT_RRSIG]=$7 + KEY3[$EXPECT_ZRRSIG]=$7 + KEY3[$EXPECT_KRRSIG]=$8 fi } @@ -510,7 +516,7 @@ test "$lines" -eq 4 || log_error "wrong number of keys created for policy kasp: # Temporarily don't log errors because we are searching multiple files. _log=0 # Check one algorithm. -key_properties "KEY1" "csk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "csk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" "yes" key_timings "KEY1" "none" "none" "none" "none" "none" key_states "KEY1" "none" "none" "none" "none" "none" id=$(get_keyids $DIR $ZONE "${KEY1[$ALG_NUM]}") @@ -518,15 +524,15 @@ check_key "KEY1" $id test "$ret" -eq 0 || echo_i "failed" status=$((status+ret)) # Check the other algorithm. -key_properties "KEY1" "ksk" "31536000" "8" "RSASHA256" "2048" "yes" +key_properties "KEY1" "ksk" "31536000" "8" "RSASHA256" "2048" "no" "yes" key_timings "KEY1" "none" "none" "none" "none" "none" key_states "KEY1" "none" "none" "none" "none" "none" -key_properties "KEY2" "zsk" "2592000" "8" "RSASHA256" "1024" "yes" +key_properties "KEY2" "zsk" "2592000" "8" "RSASHA256" "1024" "yes" "no" key_timings "KEY2" "none" "none" "none" "none" "none" key_states "KEY2" "none" "none" "none" "none" "none" -key_properties "KEY3" "zsk" "16070400" "8" "RSASHA256" "2000" "yes" +key_properties "KEY3" "zsk" "16070400" "8" "RSASHA256" "2000" "yes" "no" key_timings "KEY3" "none" "none" "none" "none" "none" key_states "KEY3" "none" "none" "none" "none" "none" @@ -552,7 +558,7 @@ n=$((n+1)) echo_i "check that 'dnssec-keygen -k' (default policy) creates valid files ($n)" ret=0 zone_properties "." "kasp" "default" "3600" -key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" "yes" key_timings "KEY1" "none" "none" "none" "none" "none" key_states "KEY1" "none" "none" "none" "none" "none" $KEYGEN -k $POLICY $ZONE > keygen.out.$POLICY.test$n 2>/dev/null || ret=1 @@ -567,7 +573,7 @@ n=$((n+1)) echo_i "check that 'dnssec-keygen -k' (default policy) creates valid files ($n)" ret=0 zone_properties "." "kasp" "default" "3600" -key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" "yes" key_timings "KEY1" "none" "none" "none" "none" "none" key_states "KEY1" "none" "none" "none" "none" "none" $KEYGEN -k $POLICY $ZONE > keygen.out.$POLICY.test$n 2>/dev/null || ret=1 @@ -667,7 +673,7 @@ status=$((status+ret)) # Check the zone with default kasp policy has loaded and is signed. zone_properties "ns3" "default.kasp" "_default" "3600" -key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" "yes" # The first key is immediately published and activated. key_timings "KEY1" "published" "active" "none" "none" "none" "none" # DNSKEY, RRSIG (ksk), RRSIG (zsk) are published. DS needs to wait. @@ -751,9 +757,9 @@ status=$((status+ret)) # Zone: rsasha1.kasp. # zone_properties "ns3" "rsasha1.kasp" "rsasha1" "1234" "3" -key_properties "KEY1" "ksk" "315360000" "5" "RSASHA1" "2048" "yes" -key_properties "KEY2" "zsk" "157680000" "5" "RSASHA1" "1024" "yes" -key_properties "KEY3" "zsk" "31536000" "5" "RSASHA1" "2000" "yes" +key_properties "KEY1" "ksk" "315360000" "5" "RSASHA1" "2048" "no" "yes" +key_properties "KEY2" "zsk" "157680000" "5" "RSASHA1" "1024" "yes" "no" +key_properties "KEY3" "zsk" "31536000" "5" "RSASHA1" "2000" "yes" "no" # The first keys are immediately published and activated. # Because lifetime > 0, retired timing is also set. key_timings "KEY1" "published" "active" "retired" "none" "none" @@ -855,19 +861,25 @@ check_signatures() { _file=$2 _role=$3 - if [ "${KEY1[$EXPECT_RRSIG]}" == "yes" ] && [ "${KEY1[$_role]}" == "yes" ]; then + if [ $_role == $KSK ]; then + _expect_type=$EXPECT_KRRSIG + elif [ $_role == $ZSK ]; then + _expect_type=$EXPECT_ZRRSIG + fi + + if [ "${KEY1[$_expect_type]}" == "yes" ] && [ "${KEY1[$_role]}" == "yes" ]; then get_keys_which_signed $_qtype $_file | grep "^${KEY1[$ID]}$" > /dev/null || log_error "${_qtype} RRset not signed with key ${KEY1[$ID]}" elif [ "${KEY1[$EXPECT]}" == "yes" ]; then get_keys_which_signed $_qtype $_file | grep "^${KEY1[$ID]}$" > /dev/null && log_error "${_qtype} RRset signed unexpectedly with ${KEY1[$ID]}" fi - if [ "${KEY2[$EXPECT_RRSIG]}" == "yes" ] && [ "${KEY2[$_role]}" == "yes" ]; then + if [ "${KEY2[$_expect_type]}" == "yes" ] && [ "${KEY2[$_role]}" == "yes" ]; then get_keys_which_signed $_qtype $_file | grep "^${KEY2[$ID]}$" > /dev/null || log_error "${_qtype} RRset not signed with ${KEY2[$ID]}" elif [ "${KEY2[$EXPECT]}" == "yes" ]; then get_keys_which_signed $_qtype $_file | grep "^${KEY2[$ID]}$" > /dev/null && log_error "${_qtype} RRset signed unexpectedly with ${KEY2[$ID]}" fi - if [ "${KEY3[$EXPECT_RRSIG]}" == "yes" ] && [ "${KEY3[$_role]}" == "yes" ]; then + if [ "${KEY3[$_expect_type]}" == "yes" ] && [ "${KEY3[$_role]}" == "yes" ]; then get_keys_which_signed $_qtype $_file | grep "^${KEY3[$ID]}$" > /dev/null || log_error "${_qtype} RRset not signed with ${KEY3[$ID]}" elif [ "${KEY3[$EXPECT]}" == "yes" ]; then get_keys_which_signed $_qtype $_file | grep "^${KEY3[$ID]}$" > /dev/null && log_error "${_qtype} RRset signed unexpectedly with ${KEY3[$ID]}" @@ -880,6 +892,7 @@ check_apex() { # Test DNSKEY query. _qtype="DNSKEY" + _key_algnum="${KEY1[$ALG_NUM]}" n=$((n+1)) echo_i "check ${_qtype} rrset is signed correctly for zone ${ZONE} ($n)" ret=0 @@ -1017,9 +1030,9 @@ status=$((status+ret)) # Zone: rsasha1-nsec3.kasp. # zone_properties "ns3" "rsasha1-nsec3.kasp" "rsasha1-nsec3" "1234" "3" -key_properties "KEY1" "ksk" "315360000" "7" "NSEC3RSASHA1" "2048" "yes" -key_properties "KEY2" "zsk" "157680000" "7" "NSEC3RSASHA1" "1024" "yes" -key_properties "KEY3" "zsk" "31536000" "7" "NSEC3RSASHA1" "2000" "yes" +key_properties "KEY1" "ksk" "315360000" "7" "NSEC3RSASHA1" "2048" "no" "yes" +key_properties "KEY2" "zsk" "157680000" "7" "NSEC3RSASHA1" "1024" "yes" "no" +key_properties "KEY3" "zsk" "31536000" "7" "NSEC3RSASHA1" "2000" "yes" "no" # key_timings and key_states same as above. check_keys check_apex @@ -1030,9 +1043,9 @@ dnssec_verify # Zone: rsasha256.kasp. # zone_properties "ns3" "rsasha256.kasp" "rsasha256" "1234" "3" -key_properties "KEY1" "ksk" "315360000" "8" "RSASHA256" "2048" "yes" -key_properties "KEY2" "zsk" "157680000" "8" "RSASHA256" "1024" "yes" -key_properties "KEY3" "zsk" "31536000" "8" "RSASHA256" "2000" "yes" +key_properties "KEY1" "ksk" "315360000" "8" "RSASHA256" "2048" "no" "yes" +key_properties "KEY2" "zsk" "157680000" "8" "RSASHA256" "1024" "yes" "no" +key_properties "KEY3" "zsk" "31536000" "8" "RSASHA256" "2000" "yes" "no" # key_timings and key_states same as above. check_keys check_apex @@ -1043,9 +1056,9 @@ dnssec_verify # Zone: rsasha512.kasp. # zone_properties "ns3" "rsasha512.kasp" "rsasha512" "1234" "3" -key_properties "KEY1" "ksk" "315360000" "10" "RSASHA512" "2048" "yes" -key_properties "KEY2" "zsk" "157680000" "10" "RSASHA512" "1024" "yes" -key_properties "KEY3" "zsk" "31536000" "10" "RSASHA512" "2000" "yes" +key_properties "KEY1" "ksk" "315360000" "10" "RSASHA512" "2048" "no" "yes" +key_properties "KEY2" "zsk" "157680000" "10" "RSASHA512" "1024" "yes" "no" +key_properties "KEY3" "zsk" "31536000" "10" "RSASHA512" "2000" "yes" "no" # key_timings and key_states same as above. check_keys check_apex @@ -1056,9 +1069,9 @@ dnssec_verify # Zone: ecdsa256.kasp. # zone_properties "ns3" "ecdsa256.kasp" "ecdsa256" "1234" "3" -key_properties "KEY1" "ksk" "315360000" "13" "ECDSAP256SHA256" "256" "yes" -key_properties "KEY2" "zsk" "157680000" "13" "ECDSAP256SHA256" "256" "yes" -key_properties "KEY3" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "ksk" "315360000" "13" "ECDSAP256SHA256" "256" "no" "yes" +key_properties "KEY2" "zsk" "157680000" "13" "ECDSAP256SHA256" "256" "yes" "no" +key_properties "KEY3" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" "no" # key_timings and key_states same as above. check_keys check_apex @@ -1069,9 +1082,9 @@ dnssec_verify # Zone: ecdsa512.kasp. # zone_properties "ns3" "ecdsa384.kasp" "ecdsa384" "1234" "3" -key_properties "KEY1" "ksk" "315360000" "14" "ECDSAP384SHA384" "384" "yes" -key_properties "KEY2" "zsk" "157680000" "14" "ECDSAP384SHA384" "384" "yes" -key_properties "KEY3" "zsk" "31536000" "14" "ECDSAP384SHA384" "384" "yes" +key_properties "KEY1" "ksk" "315360000" "14" "ECDSAP384SHA384" "384" "no" "yes" +key_properties "KEY2" "zsk" "157680000" "14" "ECDSAP384SHA384" "384" "yes" "no" +key_properties "KEY3" "zsk" "31536000" "14" "ECDSAP384SHA384" "384" "yes" "no" # key_timings and key_states same as above. check_keys check_apex @@ -1085,10 +1098,10 @@ dnssec_verify # zone_properties "ns3" "expired-sigs.autosign" "autosign" "300" "2" # Both KSK and ZSK stay OMNIPRESENT. -key_properties "KEY1" "ksk" "63072000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "ksk" "63072000" "13" "ECDSAP256SHA256" "256" "no" "yes" key_timings "KEY1" "published" "active" "retired" "none" "none" key_states "KEY1" "omnipresent" "omnipresent" "none" "omnipresent" "omnipresent" -key_properties "KEY2" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY2" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" "no" key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "none" "none" key_timings "KEY2" "published" "active" "retired" "none" "none" # Expect only two keys. @@ -1209,7 +1222,7 @@ check_rrsig_refresh # zone_properties "ns3" "zsk-missing.autosign" "autosign" "300" "2" # KSK stays OMNIPRESENT. -key_properties "KEY1" "ksk" "63072000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "ksk" "63072000" "13" "ECDSAP256SHA256" "256" "no" "yes" key_timings "KEY1" "published" "active" "retired" "none" "none" key_states "KEY1" "omnipresent" "omnipresent" "none" "omnipresent" "omnipresent" # key_properties, key_timings and key_states same as above. @@ -1222,12 +1235,12 @@ zone_properties "ns3" "zsk-retired.autosign" "autosign" "300" "3" # KSK properties, timings and states same as above. # The ZSK goal is set to HIDDEN but records stay OMNIPRESENT until the new ZSK # is active. -key_properties "KEY2" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY2" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" "no" key_timings "KEY2" "published" "active" "retired" "none" "none" key_states "KEY2" "hidden" "omnipresent" "omnipresent" "none" "none" # A new ZSK should be introduced, so expect a key with goal OMNIPRESENT, # the DNSKEY introduced (RUMOURED) and the signatures HIDDEN. -key_properties "KEY3" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "no" +key_properties "KEY3" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "no" "no" key_timings "KEY3" "published" "active" "retired" "none" "none" key_states "KEY3" "omnipresent" "rumoured" "hidden" "none" "none" @@ -1240,10 +1253,10 @@ key_states "KEY3" "omnipresent" "rumoured" "hidden" "none" "none" # zone_properties "ns3" "step1.zsk-prepub.autosign" "zsk-prepub" "3600" "2" # Both KSK (KEY1) and ZSK (KEY2) start in OMNIPRESENT. -key_properties "KEY1" "ksk" "63072000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "ksk" "63072000" "13" "ECDSAP256SHA256" "256" "no" "yes" key_timings "KEY1" "published" "active" "retired" "none" "none" key_states "KEY1" "omnipresent" "omnipresent" "none" "omnipresent" "omnipresent" -key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" "no" key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "none" "none" key_timings "KEY2" "published" "active" "retired" "none" "none" # Initially only two keys. @@ -1288,7 +1301,7 @@ zone_properties "ns3" "step2.zsk-prepub.autosign" "zsk-prepub" "3600" "3" # KSK (KEY1) doesn't change. # ZSK (KEY2) remains active, no change in properties/timings/states. # New ZSK (KEY3) is prepublished. -key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" +key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" "no" key_states "KEY3" "omnipresent" "rumoured" "hidden" "none" "none" key_timings "KEY3" "published" "active" "retired" "none" "none" check_keys @@ -1309,16 +1322,16 @@ zone_properties "ns3" "step3.zsk-prepub.autosign" "zsk-prepub" "3600" "3" # ZSK (KEY2) properties and timing metadata same as above. # ZSK (KEY2) no longer is actively signing, RRSIG state in UNRETENTIVE. # New ZSK (KEY3) is now actively signing, RRSIG state in RUMOURED. -key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" +key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" "no" key_states "KEY2" "hidden" "omnipresent" "unretentive" "none" "none" -key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" "no" key_states "KEY3" "omnipresent" "omnipresent" "rumoured" "none" "none" check_keys check_apex # Subdomain still has good signatures of ZSK (KEY2) -key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" -key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" +key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" "no" +key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" "no" check_subdomain dnssec_verify @@ -1337,9 +1350,9 @@ zone_properties "ns3" "step4.zsk-prepub.autosign" "zsk-prepub" "3600" "3" # ZSK (KEY2) properties and timing metadata same as above. # ZSK (KEY2) DNSKEY is no longer needed. # ZSK (KEY3) is now actively signing, RRSIG state in RUMOURED. -key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" +key_properties "KEY2" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "no" "no" key_states "KEY2" "hidden" "unretentive" "hidden" "none" "none" -key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY3" "zsk" "2592000" "13" "ECDSAP256SHA256" "256" "yes" "no" key_states "KEY3" "omnipresent" "omnipresent" "omnipresent" "none" "none" check_keys check_apex @@ -1380,10 +1393,10 @@ check_next_key_event 1627200 # zone_properties "ns3" "step1.ksk-doubleksk.autosign" "ksk-doubleksk" "7200" "2" # Both KSK (KEY1) and ZSK (KEY2) start in OMNIPRESENT. -key_properties "KEY1" "ksk" "5184000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY1" "ksk" "5184000" "13" "ECDSAP256SHA256" "256" "no" "yes" key_timings "KEY1" "published" "active" "retired" "none" "none" key_states "KEY1" "omnipresent" "omnipresent" "none" "omnipresent" "omnipresent" -key_properties "KEY2" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY2" "zsk" "31536000" "13" "ECDSAP256SHA256" "256" "yes" "no" key_timings "KEY2" "published" "active" "retired" "none" "none" key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "none" "none" # Initially only two keys. @@ -1407,7 +1420,7 @@ zone_properties "ns3" "step2.ksk-doubleksk.autosign" "ksk-doubleksk" "7200" "3" # ZSK (KEY2) doesn't change. # KSK (KEY1) remains active, no change in properties/timings/states. # New KSK (KEY3) is prepublished (and signs DNSKEY RRset). -key_properties "KEY3" "ksk" "5184000" "13" "ECDSAP256SHA256" "256" "yes" +key_properties "KEY3" "ksk" "5184000" "13" "ECDSAP256SHA256" "256" "no" "yes" key_states "KEY3" "omnipresent" "rumoured" "none" "rumoured" "hidden" key_timings "KEY3" "published" "active" "retired" "none" "none" check_keys @@ -1449,7 +1462,7 @@ check_next_key_event 266400 zone_properties "ns3" "step4.ksk-doubleksk.autosign" "ksk-doubleksk" "7200" "3" # ZSK (KEY2) doesn't change. # KSK (KEY1) DNSKEY can be removed. -key_properties "KEY1" "ksk" "5184000" "13" "ECDSAP256SHA256" "256" "no" +key_properties "KEY1" "ksk" "5184000" "13" "ECDSAP256SHA256" "256" "no" "no" key_states "KEY1" "hidden" "unretentive" "none" "unretentive" "hidden" # New KSK (KEY3) DS is now OMNIPRESENT. key_states "KEY3" "omnipresent" "omnipresent" "none" "omnipresent" "omnipresent" @@ -1482,5 +1495,300 @@ dnssec_verify # 5184000 - 97200 - 86400 - 180000 - 7200 = 4813200 seconds. check_next_key_event 4813200 +# +# Testing CSK key rollover (1). +# + +# +# Zone: step1.csk-roll.autosign. +# +zone_properties "ns3" "step1.csk-roll.autosign" "csk-roll" "3600" "1" +# The CSK (KEY1) starts in OMNIPRESENT. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_timings "KEY1" "published" "active" "retired" "none" "none" +key_states "KEY1" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "omnipresent" +# Initially only one key. +key_clear "KEY2" +key_clear "KEY3" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the successor CSK needs to be published. That is +# the CSK lifetime - prepublication time - DS registration delay. The +# prepublication time is DNSKEY TTL plus publish safety plus the zone +# propagation delay. For the csk-roll policy that means: +# 6mo - 1d - 3h = 15973200 seconds. +check_next_key_event 15973200 + +# +# Zone: step2.csk-roll.autosign. +# +# Set key properties for testing keys. +zone_properties "ns3" "step2.csk-roll.autosign" "csk-roll" "3600" "2" +# CSK (KEY1) remains active, no change in properties/timings/states. +# New CSK (KEY2) is prepublished (and signs DNSKEY RRset). +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +key_states "KEY2" "omnipresent" "rumoured" "hidden" "rumoured" "hidden" +key_timings "KEY2" "published" "active" "retired" "none" "none" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the successor CSK becomes OMNIPRESENT. That is the +# DNSKEY TTL plus the zone propagation delay, plus the publish-safety. For +# the csk-roll policy, this means 3 hours = 10800 seconds. +check_next_key_event 10800 + +# +# Zone: step3.csk-roll.autosign. +# +# Set key properties for testing keys. +zone_properties "ns3" "step3.csk-roll.autosign" "csk-roll" "3600" "2" +# CSK (KEY1) DS and ZRRSIG will be removed, so it is UNRETENTIVE. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +key_states "KEY1" "hidden" "omnipresent" "unretentive" "omnipresent" "unretentive" +# New CSK (KEY2) has its DS submitted, and is signing, so the DS and ZRRSIG +# are in RUMOURED state. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "rumoured" "omnipresent" "rumoured" +check_keys +check_apex +# Subdomain still has good signatures of old CSK (KEY1) +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +check_subdomain +dnssec_verify + +# Next key event is when the predecessor DS has been replaced with the +# successor DS and enough time has passed such that the all validators that +# have this DS RRset cached only know about the successor DS. This is the +# registration delay plus the retire interval, which is the parent +# propagation delay plus the DS TTL plus the retire-safety. For the +# csk-roll policy this means: 1d + 1h + 1h + 2h = 1d4h = 100800 seconds. +check_next_key_event 100800 + +# +# Zone: step4.csk-roll.autosign. +# +zone_properties "ns3" "step4.csk-roll.autosign" "csk-roll" "3600" "2" +# The old CSK (KEY1) DS is hidden. We still need to keep the DNSKEY public +# but can remove the KRRSIG records. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "no" +key_states "KEY1" "hidden" "omnipresent" "unretentive" "unretentive" "hidden" +# The new CSK (KEY2) DS is now OMNIPRESENT. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "rumoured" "omnipresent" "omnipresent" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the KRRSIG enters the HIDDEN state. This is the +# DNSKEY TTL plus zone propagation delay. For the csk-roll policy this is: +# 1h + 1h = 7200 seconds. +check_next_key_event 7200 + +# +# Zone: step5.csk-roll.autosign. +# +zone_properties "ns3" "step5.csk-roll.autosign" "csk-roll" "3600" "2" +# The old CSK (KEY1) KRRSIG records are now all hidden. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "no" +key_states "KEY1" "hidden" "omnipresent" "unretentive" "hidden" "hidden" +# The new CSK (KEY2) state does not change. +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the DNSKEY can be removed. This is when all ZRRSIG +# records have been replaced with signatures of the new CSK. We have +# calculated the interval to be 26d3h of which 1d4h (Dreg + Iret(KSK)) plus +# 2h (DNSKEY TTL + Dprp) have already passed. So next key event is in +# 26d3h - 1d4h - 2h = 597h = 2149200 seconds. +check_next_key_event 2149200 + +# +# Zone: step6.csk-roll.autosign. +# +zone_properties "ns3" "step6.csk-roll.autosign" "csk-roll" "3600" "2" +# The old CSK (KEY1) DNSKEY can be removed. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "no" +key_states "KEY1" "hidden" "unretentive" "hidden" "hidden" "hidden" +# The new CSK (KEY2) is now fully OMNIPRESENT. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "omnipresent" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the DNSKEY enters the HIDDEN state. This is the +# DNSKEY TTL plus zone propagation delay. For the csk-roll policy this is: +# 1h + 1h = 7200 seconds. +check_next_key_event 7200 + +# +# Zone: step7.csk-roll.autosign. +# +zone_properties "ns3" "step7.csk-roll.autosign" "csk-roll" "3600" "2" +# The old CSK (KEY1) is now completely HIDDEN. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "no" +key_states "KEY1" "hidden" "hidden" "hidden" "hidden" "hidden" +# The new CSK (KEY2) is now fully OMNIPRESENT. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "omnipresent" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the new successor needs to be published. This is the +# CSK lifetime minus Ipub minus Dreg minus Iret minus DNSKEY TTL minus zone +# propagation delay. For the csk-roll this is: +# 6mo - 3h - 1d - 26d3h - 1h - 1h = 6mo - 27d8h = 13708800 seconds. +check_next_key_event 13708800 + +# +# Testing CSK key rollover (1). +# + +# +# Zone: step1.csk-roll2.autosign. +# +zone_properties "ns3" "step1.csk-roll2.autosign" "csk-roll2" "3600" "1" +# The CSK (KEY1) starts in OMNIPRESENT. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_timings "KEY1" "published" "active" "retired" "none" "none" +key_states "KEY1" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "omnipresent" +# Initially only one key. +key_clear "KEY2" +key_clear "KEY3" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the successor CSK needs to be published. That is +# the CSK lifetime - prepublication time - DS registration delay. The +# prepublication time is DNSKEY TTL plus publish safety plus the zone +# propagation delay. For the csk-roll2 policy that means: +# 6mo - 3h - 1w = 15454800 seconds. +check_next_key_event 15454800 + +# +# Zone: step2.csk-roll2.autosign. +# +# Set key properties for testing keys. +zone_properties "ns3" "step2.csk-roll2.autosign" "csk-roll2" "3600" "2" +# CSK (KEY1) remains active, no change in properties/timings/states. +# New CSK (KEY2) is prepublished (and signs DNSKEY RRset). +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +key_states "KEY2" "omnipresent" "rumoured" "hidden" "rumoured" "hidden" +key_timings "KEY2" "published" "active" "retired" "none" "none" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the successor CSK becomes OMNIPRESENT. That is the +# DNSKEY TTL plus the zone propagation delay, plus the publish-safety. For +# the csk-roll2 policy, this means 3 hours = 10800 seconds. +check_next_key_event 10800 + +# +# Zone: step3.csk-roll2.autosign. +# +# Set key properties for testing keys. +zone_properties "ns3" "step3.csk-roll2.autosign" "csk-roll2" "3600" "2" +# CSK (KEY1) DS and ZRRSIG will be removed, so it is UNRETENTIVE. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +key_states "KEY1" "hidden" "omnipresent" "unretentive" "omnipresent" "unretentive" +# New CSK (KEY2) has its DS submitted, and is signing, so the DS and ZRRSIG +# are in RUMOURED state. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "rumoured" "omnipresent" "rumoured" +check_keys +check_apex +# Subdomain still has good signatures of old CSK (KEY1) +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +check_subdomain +dnssec_verify + +# Next key event is when the predecessor ZRRSIG records have been replaced +# with that of the successor and enough time has passed such that the all +# validators that have such signed RRsets in cache only know about the +# successor signatures. This is the retire interval: Dsgn plus the +# maximum zone TTL plus the zone propagation delay plus retire-safety. For the +# csk-roll2 policy that means: 12h (because 1d validity and refresh within +# 12 hours) + 1d + 1h + 1h = 38h = 136800 seconds. +check_next_key_event 136800 + +# +# Zone: step4.csk-roll2.autosign. +# +zone_properties "ns3" "step4.csk-roll2.autosign" "csk-roll2" "3600" "2" +# The old CSK (KEY1) ZRRSIG is now HIDDEN. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "yes" +key_states "KEY1" "hidden" "omnipresent" "hidden" "omnipresent" "unretentive" +# The new CSK (KEY2) ZRRSIG is now OMNIPRESENT. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "rumoured" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the predecessor DS has been replaced with the +# successor DS and enough time has passed such that the all validators that +# have this DS RRset cached only know about the successor DS. This is the +# registration delay plus the retire interval, which is the parent +# propagation delay plus the DS TTL plus the retire-safety. For the +# csk-roll2 policy this means: 1w + 1h + 1h + 1h = 171h = 615600 seconds. +# However, 136800 seconds have passed already, so 478800 seconds left. +check_next_key_event 478800 + +# +# Zone: step5.csk-roll2.autosign. +# +zone_properties "ns3" "step5.csk-roll2.autosign" "csk-roll2" "3600" "2" +# The old CSK (KEY1) DNSKEY can be removed. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "no" +key_states "KEY1" "hidden" "unretentive" "hidden" "unretentive" "hidden" +# The new CSK (KEY2) is now fully OMNIPRESENT. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "omnipresent" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the DNSKEY enters the HIDDEN state. This is the +# DNSKEY TTL plus zone propagation delay. For the csk-roll policy this is: +# 1h + 1h = 7200 seconds. +check_next_key_event 7200 + +# +# Zone: step6.csk-roll2.autosign. +# +zone_properties "ns3" "step6.csk-roll2.autosign" "csk-roll" "3600" "2" +# The old CSK (KEY1) is now completely HIDDEN. +key_properties "KEY1" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "no" "no" +key_states "KEY1" "hidden" "hidden" "hidden" "hidden" "hidden" +# The new CSK (KEY2) is now fully OMNIPRESENT. +key_properties "KEY2" "csk" "16070400" "13" "ECDSAP256SHA256" "256" "yes" "yes" +key_states "KEY2" "omnipresent" "omnipresent" "omnipresent" "omnipresent" "omnipresent" +check_keys +check_apex +check_subdomain +dnssec_verify + +# Next key event is when the new successor needs to be published. +check_next_key_event 14684400 + echo_i "exit status: $status" [ $status -eq 0 ] || exit 1