33 #include <ldns/ldns.h>
34 #include <ldns/util.h>
45 ldns_rr *rr, *sig, *dnskey_rr;
49 rrset = ldns_rr_list_new();
51 status = ldns_rr_new_frm_str(&rr,
"example.com. IN A 192.168.0.1", 0, NULL, NULL);
52 if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr);
54 status = ldns_rr_new_frm_str(&rr,
"example.com. IN A 192.168.0.2", 0, NULL, NULL);
55 if (status == LDNS_STATUS_OK) ldns_rr_list_push_rr(rrset, rr);
59 sign_params->
owner = ldns_rdf_new_frm_str(LDNS_RDF_TYPE_DNAME,
"example.com.");
61 sign_params->
keytag = ldns_calc_keytag(dnskey_rr);
71 ldns_rr_list_deep_free(rrset);
73 ldns_rr_free(dnskey_rr);
82 unsigned char rnd_buf[1024];
86 printf(
"Generating %lu bytes of random data... ",
87 (
unsigned long)
sizeof(rnd_buf));
90 printf(
"Failed, error: %d\n", result);
97 printf(
"Generating 32-bit random data... ");
101 printf(
"Generating 64-bit random data... ");
103 printf(
"%llu\n", (
long long unsigned int)r64);
112 const unsigned int rsa_keysizes[] = { 512, 768, 1024, 1536, 2048, 4096 };
113 const unsigned int dsa_keysizes[] = { 512, 768, 1024 };
114 unsigned int keysize;
115 const ldns_algorithm ec_curves[] = {
116 LDNS_ECDSAP256SHA256,
119 #if (LDNS_REVISION >= ((1<<16)|(7<<8)|(0)))
120 const ldns_algorithm ed_curves[] = {
125 ldns_algorithm curve;
141 for (i=0; i<(
sizeof(rsa_keysizes)/
sizeof(
unsigned int)); i++) {
142 keysize = rsa_keysizes[i];
144 printf(
"Generating %u-bit RSA key... ", keysize);
156 printf(
"Extracting key identifier... ");
164 printf(
"OK, %s\n",
id);
168 printf(
"Signing (RSA/SHA1) with key... ");
169 result = hsm_test_sign(
ctx, key, LDNS_RSASHA1);
172 printf(
"Failed, error: %d\n", result);
178 printf(
"Signing (RSA/SHA256) with key... ");
179 result = hsm_test_sign(
ctx, key, LDNS_RSASHA256);
182 printf(
"Failed, error: %d\n", result);
188 if ( keysize >= 1024) {
189 printf(
"Signing (RSA/SHA512) with key... ");
190 result = hsm_test_sign(
ctx, key, LDNS_RSASHA512);
193 printf(
"Failed, error: %d\n", result);
200 printf(
"Deleting key... ");
204 printf(
"Failed: error: %d\n", result);
218 for (i=0; i<(
sizeof(dsa_keysizes)/
sizeof(
unsigned int)); i++) {
219 keysize = dsa_keysizes[i];
221 printf(
"Generating %u-bit DSA key... ", keysize);
233 printf(
"Extracting key identifier... ");
241 printf(
"OK, %s\n",
id);
245 printf(
"Signing (DSA/SHA1) with key... ");
246 result = hsm_test_sign(
ctx, key, LDNS_DSA);
249 printf(
"Failed, error: %d\n", result);
255 printf(
"Deleting key... ");
259 printf(
"Failed: error: %d\n", result);
273 for (i=0; i<1; i++) {
274 printf(
"Generating 512-bit GOST key... ");
286 printf(
"Extracting key identifier... ");
294 printf(
"OK, %s\n",
id);
298 printf(
"Signing (GOST) with key... ");
299 result = hsm_test_sign(
ctx, key, LDNS_ECC_GOST);
302 printf(
"Failed, error: %d\n", result);
308 printf(
"Deleting key... ");
312 printf(
"Failed: error: %d\n", result);
326 for (i=0; i<(
sizeof(ec_curves)/
sizeof(ldns_algorithm)); i++) {
327 curve = ec_curves[i];
329 if (curve == LDNS_ECDSAP256SHA256) {
330 printf(
"Generating ECDSA Curve P-256 key... ");
332 }
else if (curve == LDNS_ECDSAP384SHA384) {
333 printf(
"Generating ECDSA Curve P-384 key... ");
336 printf(
"Failed: Unknown ECDSA curve\n");
349 printf(
"Extracting key identifier... ");
357 printf(
"OK, %s\n",
id);
361 if (curve == LDNS_ECDSAP256SHA256) {
362 printf(
"Signing (ECDSA/SHA256) with key... ");
363 }
else if (curve == LDNS_ECDSAP384SHA384) {
364 printf(
"Signing (ECDSA/SHA384) with key... ");
366 printf(
"Signing with key... ");
370 #if (LDNS_REVISION >= ((1<<16)|(7<<8)|(0)))
371 for (i=0; i<(
sizeof(ed_curves)/
sizeof(ldns_algorithm)); i++) {
372 curve = ed_curves[i];
376 printf(
"Generating ED25519 key... ");
380 printf(
"Generating ED448 key... ");
396 printf(
"Extracting key identifier... ");
404 printf(
"OK, %s\n",
id);
408 printf(
"Signing with key... ");
409 result = hsm_test_sign(
ctx, key, curve);
412 printf(
"Failed, error: %d\n", result);
418 printf(
"Deleting key... ");
422 printf(
"Failed: error: %d\n", result);
434 if (hsm_test_random(
ctx)) {