add ecdsa tests
This commit is contained in:
parent
03c7e1a6bf
commit
1aca1eb4ca
@ -8,7 +8,6 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
||||
### Changed
|
||||
|
||||
- DNSKEY is now self-signed
|
||||
- now using env_logger instead of raw logger
|
||||
|
||||
## 0.12.0
|
||||
|
||||
|
@ -150,8 +150,11 @@ impl KeyFormat {
|
||||
#[allow(unused)]
|
||||
let key_pair: KeyPair = match algorithm {
|
||||
#[cfg(feature = "openssl")]
|
||||
Algorithm::RSASHA1 |
|
||||
Algorithm::RSASHA1NSEC3SHA1 |
|
||||
e @ Algorithm::RSASHA1 |
|
||||
e @ Algorithm::RSASHA1NSEC3SHA1 => {
|
||||
return Err(format!("unsupported Algorithm (insecure): {:?}", e).into())
|
||||
}
|
||||
#[cfg(feature = "openssl")]
|
||||
Algorithm::RSASHA256 |
|
||||
Algorithm::RSASHA512 |
|
||||
Algorithm::ECDSAP256SHA256 |
|
||||
@ -162,7 +165,7 @@ impl KeyFormat {
|
||||
e @ _ => {
|
||||
return Err(
|
||||
format!(
|
||||
"unsupported Algorithm, enable openssl or ring feature: {:?}",
|
||||
"unsupported Algorithm (try enabling openssl or ring feature?): {:?}",
|
||||
e
|
||||
).into(),
|
||||
)
|
||||
|
@ -84,6 +84,18 @@ password = "123456"
|
||||
algorithm = "RSASHA512"
|
||||
is_zone_signing_key = true
|
||||
|
||||
[[zones.keys]]
|
||||
key_path = "./tests/named_test_configs/dnssec/ecdsa_p256.pem"
|
||||
# password = "123456"
|
||||
algorithm = "ECDSAP256SHA256"
|
||||
is_zone_signing_key = true
|
||||
|
||||
[[zones.keys]]
|
||||
key_path = "./tests/named_test_configs/dnssec/ecdsa_p384.pem"
|
||||
# password = "123456"
|
||||
algorithm = "ECDSAP384SHA384"
|
||||
is_zone_signing_key = true
|
||||
|
||||
[[zones.keys]]
|
||||
# Requires --features=ring
|
||||
key_path = "./tests/named_test_configs/dnssec/ed25519.pk8"
|
||||
|
8
server/tests/named_test_configs/dnssec/ecdsa_p256.pem
Normal file
8
server/tests/named_test_configs/dnssec/ecdsa_p256.pem
Normal file
@ -0,0 +1,8 @@
|
||||
-----BEGIN EC PARAMETERS-----
|
||||
BgUrgQQACg==
|
||||
-----END EC PARAMETERS-----
|
||||
-----BEGIN EC PRIVATE KEY-----
|
||||
MHQCAQEEIERwmnsBaJiclhyu+KIT8XkoEi6Nf7Z08xho59IpPMiFoAcGBSuBBAAK
|
||||
oUQDQgAEESuVfrxf0EJJD2hWy6NSuF7Kb+KNAFqeEPwjkihO3dlRZLZHfSs4rTtR
|
||||
wRQtwUD2cjuAHahIQd/BcfRfpd5d1w==
|
||||
-----END EC PRIVATE KEY-----
|
9
server/tests/named_test_configs/dnssec/ecdsa_p384.pem
Normal file
9
server/tests/named_test_configs/dnssec/ecdsa_p384.pem
Normal file
@ -0,0 +1,9 @@
|
||||
-----BEGIN EC PARAMETERS-----
|
||||
BgUrgQQAIg==
|
||||
-----END EC PARAMETERS-----
|
||||
-----BEGIN EC PRIVATE KEY-----
|
||||
MIGkAgEBBDD5Ry4M68aDX2OVGrFEKfR4K2QMS2CUXfmyKgP7fBi4+XCnRSLPpEi4
|
||||
u5N/JEGt3yKgBwYFK4EEACKhZANiAAQSYfmwqXTgYBBYQKUU2vhM2zYV0fmlQGLr
|
||||
d4/c/CwRsU3tbjuXM+k7ltAaZfo9fIF3Eiu3gDdktPUNmeJ0A8GPzrGIq6HrYX6R
|
||||
JEPHK/SWNYKPlTeShaQNMm2d1kNdqY0=
|
||||
-----END EC PRIVATE KEY-----
|
@ -6,9 +6,13 @@ OPENSSL=/usr/local/opt/openssl/bin/openssl
|
||||
KT=kt
|
||||
|
||||
RSA_2048=rsa_2048.pem
|
||||
|
||||
[ -f ${RSA_2048:?} ] || ${OPENSSL:?} genrsa -des3 -out ${RSA_2048:?} 2048
|
||||
|
||||
ED25519=ed25519.pk8
|
||||
ECDSA_P256=ecdsa_p256.pem
|
||||
[ -f ${ECDSA_P256:?} ] || ${OPENSSL:?} ecparam -out ${ECDSA_P256} -name secp256k1 -genkey
|
||||
|
||||
ECDSA_P384=ecdsa_p384.pem
|
||||
[ -f ${ECDSA_P384:?} ] || ${OPENSSL:?} ecparam -out ${ECDSA_P384} -name secp384r1 -genkey
|
||||
|
||||
ED25519=ed25519.pk8
|
||||
[ -f ${ED25519:?} ] || ${KT:?} generate ed25519 --out=${ED25519:?}
|
||||
|
@ -78,6 +78,8 @@ is_zone_signing_key = true
|
||||
## create the key if it is not found
|
||||
# create_if_absent = false
|
||||
|
||||
|
||||
|
||||
[[zones.keys]]
|
||||
key_path = "./tests/named_test_configs/dnssec/rsa_2048.pem"
|
||||
password = "123456"
|
||||
|
@ -104,6 +104,24 @@ fn test_rsa_sha512() {
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_ecdsa_p256() {
|
||||
generic_test(
|
||||
"tests/named_test_configs/dnssec/ecdsa_p256.pem",
|
||||
KeyFormat::Pem,
|
||||
Algorithm::ECDSAP256SHA256,
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_ecdsa_p384() {
|
||||
generic_test(
|
||||
"tests/named_test_configs/dnssec/ecdsa_p384.pem",
|
||||
KeyFormat::Pem,
|
||||
Algorithm::ECDSAP384SHA384,
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
#[cfg(feature = "ring")]
|
||||
fn test_ed25519() {
|
||||
|
Loading…
Reference in New Issue
Block a user