43 ldns_rr *rr, *sig, *dnskey_rr;
47 rrset = ldns_rr_list_new();
49 status = ldns_rr_new_frm_str(&rr,
"example.com. IN A 192.168.0.1", 0, NULL, NULL);
50 if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr);
52 status = ldns_rr_new_frm_str(&rr,
"example.com. IN A 192.168.0.2", 0, NULL, NULL);
53 if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr);
57 sign_params->
owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME,
"example.com.");
59 sign_params->
keytag = ldns_calc_keytag(dnskey_rr);
69 ldns_rr_list_deep_free(rrset);
71 ldns_rr_free(dnskey_rr);
80 unsigned char rnd_buf[1024];
84 printf(
"Generating %lu bytes of random data... ",
85 (
unsigned long)
sizeof(rnd_buf));
88 printf(
"Failed, error: %d\n", result);
95 printf(
"Generating 32-bit random data... ");
99 printf(
"Generating 64-bit random data... ");
101 printf(
"%llu\n", (
long long unsigned int)r64);
110 const unsigned int rsa_keysizes[] = { 512, 768, 1024, 1536, 2048, 4096 };
111 const unsigned int dsa_keysizes[] = { 512, 768, 1024 };
112 unsigned int keysize;
114 #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA
115 const ldns_algorithm ec_curves[] = {
116 LDNS_ECDSAP256SHA256,
119 ldns_algorithm curve;
136 for (i=0; i<(
sizeof(rsa_keysizes)/
sizeof(
unsigned int)); i++) {
137 keysize = rsa_keysizes[i];
139 printf(
"Generating %d-bit RSA key... ", keysize);
151 printf(
"Extracting key identifier... ");
159 printf(
"OK, %s\n",
id);
163 printf(
"Signing (RSA/SHA1) with key... ");
164 result = hsm_test_sign(
ctx, key, LDNS_RSASHA1);
167 printf(
"Failed, error: %d\n", result);
173 printf(
"Signing (RSA/SHA256) with key... ");
174 result = hsm_test_sign(
ctx, key, LDNS_RSASHA256);
177 printf(
"Failed, error: %d\n", result);
183 if ( keysize >= 1024) {
184 printf(
"Signing (RSA/SHA512) with key... ");
185 result = hsm_test_sign(
ctx, key, LDNS_RSASHA512);
188 printf(
"Failed, error: %d\n", result);
195 printf(
"Deleting key... ");
199 printf(
"Failed: error: %d\n", result);
213 for (i=0; i<(
sizeof(dsa_keysizes)/
sizeof(
unsigned int)); i++) {
214 keysize = dsa_keysizes[i];
216 printf(
"Generating %d-bit DSA key... ", keysize);
228 printf(
"Extracting key identifier... ");
236 printf(
"OK, %s\n",
id);
240 printf(
"Signing (DSA/SHA1) with key... ");
241 result = hsm_test_sign(
ctx, key, LDNS_DSA);
244 printf(
"Failed, error: %d\n", result);
250 printf(
"Deleting key... ");
254 printf(
"Failed: error: %d\n", result);
268 for (i=0; i<1; i++) {
269 printf(
"Generating 512-bit GOST key... ");
281 printf(
"Extracting key identifier... ");
289 printf(
"OK, %s\n",
id);
293 printf(
"Signing (GOST) with key... ");
294 result = hsm_test_sign(
ctx, key, LDNS_ECC_GOST);
297 printf(
"Failed, error: %d\n", result);
303 printf(
"Deleting key... ");
307 printf(
"Failed: error: %d\n", result);
322 #if !defined LDNS_BUILD_CONFIG_USE_ECDSA || LDNS_BUILD_CONFIG_USE_ECDSA
323 for (i=0; i<(
sizeof(ec_curves)/
sizeof(ldns_algorithm)); i++) {
324 curve = ec_curves[i];
326 if (curve == LDNS_ECDSAP256SHA256) {
327 printf(
"Generating ECDSA Curve P-256 key... ");
329 }
else if (curve == LDNS_ECDSAP384SHA384) {
330 printf(
"Generating ECDSA Curve P-384 key... ");
333 printf(
"Failed: Unknown ECDSA curve\n");
346 printf(
"Extracting key identifier... ");
354 printf(
"OK, %s\n",
id);
358 if (curve == LDNS_ECDSAP256SHA256) {
359 printf(
"Signing (ECDSA/SHA256) with key... ");
360 }
else if (curve == LDNS_ECDSAP384SHA384) {
361 printf(
"Signing (ECDSA/SHA384) with key... ");
363 printf(
"Signing with key... ");
365 result = hsm_test_sign(
ctx, key, curve);
368 printf(
"Failed, error: %d\n", result);
374 printf(
"Deleting key... ");
378 printf(
"Failed: error: %d\n", result);
390 if (hsm_test_random(
ctx)) {