Commit 8e0a14f3 authored by Libor Peltan's avatar Libor Peltan Committed by Daniel Salzman

ksk_rollover adapatation to kasp_db redesign: tests

parent 360211c2
......@@ -58,7 +58,7 @@ knot.key_gen(ZONE, ksk="false", created="t+0", publish="t+0", ready="t+0", activ
check_log("Common cases")
# key not published, not active
KEYID = knot.key_gen(ZONE, ksk="false", publish="t+10y", active="t+10y", retire="t+11y", remove="t+12y")
KEYID = knot.key_gen(ZONE, ksk="false", publish="t+10y", ready="t+10y", active="t+10y", retire="t+11y", remove="t+12y")
t.start()
t.sleep(WAIT_SIGN)
check_zone(knot, False, False, "not published, not active")
......@@ -88,7 +88,7 @@ t.sleep(WAIT_SIGN)
check_zone(knot, False, False, "deleted, inactive")
# key not published, active (algorithm rotation)
knot.key_set(ZONE, KEYID, publish="t+10y", active="t-10y", retire="0", remove="0")
knot.key_set(ZONE, KEYID, publish="t+10y", ready="t-10y", active="t-10y", retire="0", remove="0")
knot.reload()
t.sleep(WAIT_SIGN)
check_zone(knot, False, True, "not published, active")
......@@ -101,7 +101,7 @@ check_log("Planned events")
# key about to be published
event_in = 7
knot.key_set(ZONE, KEYID, publish=("t+%d" % event_in), active="t+10y", retire="0", remove="0")
knot.key_set(ZONE, KEYID, publish=("t+%d" % event_in), ready="t+10y", active="t+10y", retire="0", remove="0")
knot.reload()
t.sleep(WAIT_SIGN)
check_zone(knot, False, False, "to be published - pre")
......@@ -109,7 +109,7 @@ t.sleep(event_in)
check_zone(knot, True, False, "to be published - post")
# key about to be activated
knot.key_set(ZONE, KEYID, publish="t-10y", active=("t+%d" % event_in), retire="0", remove="0")
knot.key_set(ZONE, KEYID, publish="t-10y", ready=("t+%d" % event_in), active=("t+%d" % event_in), retire="0", remove="0")
knot.reload()
t.sleep(WAIT_SIGN)
check_zone(knot, True, False, "to be activated - pre")
......@@ -117,7 +117,7 @@ t.sleep(event_in)
check_zone(knot, True, True, "to be activated - post")
#key about to be inactivated
knot.key_set(ZONE, KEYID, publish="t-10y", active="t-10y", retire=("t+%d" % event_in), remove="0")
knot.key_set(ZONE, KEYID, publish="t-10y", ready="t-10y", active="t-10y", retire=("t+%d" % event_in), remove="0")
knot.reload()
t.sleep(WAIT_SIGN)
check_zone(knot, True, True, "to be inactivated - pre")
......@@ -125,7 +125,7 @@ t.sleep(event_in)
check_zone(knot, True, False, "to be inactivated - post")
#key about to be deleted
knot.key_set(ZONE, KEYID, publish="t-10y", active="t-10y", retire="t-10y", remove=("t+%d" % event_in))
knot.key_set(ZONE, KEYID, publish="t-10y", ready="t-10y", active="t-10y", retire="t-10y", remove=("t+%d" % event_in))
knot.reload()
t.sleep(WAIT_SIGN)
check_zone(knot, True, False, "to be deleted - pre")
......
......@@ -3,5 +3,5 @@ $TTL 1200
@ SOA ns admin 20110101 25 25 80 600
ns AAAA ::0
example.com. 3600 DS 48031 7 2 19C30FF016E701DB8D9A600EEF5F29F3B5B5197AE78648AA8ED5308E341A7FFD
example.com. 3600 DS 27322 8 2 DA744E0CAC4B8406AA6353B847B4E5B0AC2D5F046F1B6F642C77C1FF09174FB3
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAsatFQBhDF7De8gcm
gBjOo8R67dcm82kqR/67oa2MRPxGpVWarP6hqnL7Mv3O0GpSY6NOnrt6pPFidqZz
LCu9mQIDAQABAkEAntjEB3QpuCq4iad+8pQ7XAw05CSyfHoQBWJomzqw6JMuBRgj
kbI/eY3bEeUTooxbhp15fiSMXaWrUEw4shvPoQIhAOpCmJrMOV+zSOit3Yn+6YZn
zOFasPqJ19qfb6C6hPL9AiEAwig380u+PGH5F7Pq/GhL5WPOzoXAVoU5R9oMHVhw
nc0CIDTxBgH9432ATBrhqC6WoHoSnVfUoiiM3G55F8YwQPmVAiACLW9LNDtC9BpW
ELd+8zB+txrXqBpbHg1hZ+mg3qAMtQIhAKi/8hknI6vmY+M1PCzXSrGcWNoS4Dea
qfg6gvgVpOXs
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALCNz4NxUMMDEOqm
ZPgyOi9q7APWvrRozxKJa1s97AxtDRebXTzUppwz4wCrPTgsdq6W4MRL8k6QUq4S
HKBHcmzGqsC/kzYkeQrJPN9tmJj7pT2Sbdw3fQlSTIJ0wY0bAL0OcZXCU8NhicGW
dW1El5TgruHUmKL+ZyqYS2E6uc4lAgMBAAECgYA5aTPEe1GWyGV02DzXFIYlKzCq
IueKhNZpIbR+TAl5FPD/7y6HfGLdQmYbrpNOs+634Sofys51S6sHHa6fU/xZ5o6u
ncvdsj6cJp0Fj7780bXe6f9og8ySNjIGi1ZXUZrT06N46Wm/oNFwHwCN3KRmvuG3
CKMD4vDZqcnL4GsH1QJBANbA++ytMqC3csRytEOQGzz2n2fvMLjCbyPY1e4G6YDk
frDWKr4L3zfJ/k1h9FgZ7y/9HhC05z1jI/R9ISgfYycCQQDSdp08lE9uzXgx2Mkr
G5KHvYSXwd/FcieADOjTNunN29bJofI+YLJdON/VhNxWZwwCiuSdiGhTwKPgdrHU
RWPTAkAW8po46Sz+xXuLCGLA0XZHpmbUOVfwdj5gCzyY6b4r2r668LeyhRw+HuSA
qlXs0CCh9R8wU9Rd1+kwp+pSGkCDAkBTgiUZqG9sM7MBdFc9947ItXYrEQ5NNeJe
eMDZLezPde9fyhZokc20F6EZA8K5teGaEKptp3Zd5Q4hPneJFo9pAkEAgN+kvV/w
56mZ5djTUonBRe12DDBlu6tFuA+ryIG+QAZVBtUm9EkWQpSkskZKNQ3smBd+9mm+
4OV/R/ecvZYPQQ==
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAsDQulN1onk4XnGGF
LhWmRudSBpBty4XbOyFBikeE9N3S1MMqzszuMbOeiXXdVwIcPgmDl5N1t3ClBJJg
SH++JQIDAQABAkAVegbDdkkuIm6WTPyipVjjA4bn7eq0B9i02FTYuebmwX7xg9rr
jcMRXEaA6yGqP62mvVWBNx91yaUvRji3RNqBAiEAxrljK01EgXdgE49l9SdV78Mf
A2e6con84vgbMb9B7S0CIQDi/Sj9WH1Q8DAqibaaM3mrUCHfOVBWeS2rdRbo4UJf
2QIhAI6PmkQLN1UFdYgyvDsF0BGj0dDYjhnzQdb1lFS41yu1AiEAtC0JvVfhWT7e
rNVVeb9EY8Sermb7KzjTFJdD0SUFH7kCIGvczpFwGty6p3MPatS2vc7A8Z8gvAe3
tE5uJQObc+Z+
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQChN3w1Vhe8/Ql6
Ap2uEUbF10ty7WcK3wDZ3wEXCuEXhZLS/4jun5UtIuSvFcpXDjbzRHqa/ZQ5kX05
fo3xHUsTQU1CMPdQ8UNEnE17UbE4psC/5/KHAk3NWnW26gJ32QL1GZjEHKweukAP
MYAWcv0FMgaTJbJYKjdy7jIppXy61du9Ut8i8qADCmxbVofGH0eWp7lnXcaqYvBf
zcUDyszgarvVJgctZJjrWarZDR+8eX/1xi7Yq40K1C8sppF3RN2pUzvMH1zFkI6f
YRiCdBMIOWbWHBow+yStYaeC52tUlZxOoKGQQ2JJ80ky9Zsw/AdXXQ5JLjdWRW1f
l36LwEvDAgMBAAECggEAWxgF+AFAgoob27Q0spGSguGnATaBndPqIDFw5TtBes//
6Xd4QRUs7ocj3oaagVxH0mdkO8WDBpBdyKnovFAIBsZESF1wsWzRzKfg5AiB8ffP
O+Bs2rqDicBOeV96q4uUrzeaaV2mJ+qnna4jqQuqSlA9BNItFsIr+KX89ClM9ChT
SML/oqbfbuE8ZCKlFuLYL6RFDlnlM/v/Lypvt+ruNcZXXwSE31wFb6JTCjjmemD1
vEbzUV3wDMzTMqf5n4KHszE5bUReVyA4TKBXcKWpnPGkzVIvOsEE2Pb8pjk2rDgv
Yb3vtEK0v2tvvWYXVvZn6mL5cvQBnuEG3a2tuq8G4QKBgQDFn2mPNcEM2C+Zeodx
nt1yC46v6+kf/CbQf2bOZBKaqDiO2K4lywr6+8qxzIcOo2og+ORxQGIz5W+2MM3R
xBrVCh74vvsLgc/Vb909JcFLMqOqHCGhCqNbisrQQC9Zpk305cq2ipAAZIjPy3OD
ZGGmS3WKlO+Gt1El2E+eUzBbEwKBgQDQ1vzWzBHAz0BQQIcgUaKVNp3B4PKXMi8w
WzkzA7hnFhNummZAsHujSfaN8m1Tp9HrYocVrD4xyNckARl17vYw0RU3uyyhNihh
/cxgCDEMDIIHlsbgc/uGnfuWqbRu+G5bO/lhGqF9vcnhlhcJwFrQUJD4XRS+d/zD
edZ/bYEykQKBgQCAPZIifJ9p1mANGJYMBStudlGBl3UQbHBDnGj6RbZM5hzNlY5s
t/XIKNy/xBlgRmr4OosDcuRHCPwVHlZxaPCAjrDKeiQus25K8ux+YaGtSo8qNFce
Sej33nj96qjPZDvyT6vcCM6pcpPVRBERknJLl2wPIdbNdOgTxurjstgOQQKBgQCx
SUC8y+JqTsZnGlBb5FFj4EiONPtb1TNwFpD5OLhLctcuNo6FbgyXcwuGNv4OXVH8
Q9kvUdg+hSP2IaTOk/yVNnmPpSre9E3V2hGsmGeitd+Qt7O/CVbGUckpfol5BxcQ
BlrOzz+2se32vmZyVcQCQdK/tK0OgGeoPf8UkA50sQKBgQCFSadZ5PZtSczXBEGA
k8Nz6oCdaP/cLhQ1MhnfSQoZ8A5zDWh2fbHZn0O47O83hYbOE4CqZCfR+ggADJcf
uDSf4350BK7anOUMRkDFBYhOQvqfSmsyv4IgBdpCrcukr7Fg4ro4an5z5y+sTjRu
bppY9M62CUM/beqMo35rkOkwJQ==
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIBVAIBADANBgkqhkiG9w0BAQEFAASCAT4wggE6AgEAAkEAomNuj0gH5HYjdC0r
7i0mxtBp5rr9dzPPSUwS72ZCFPsq3b8sdfAh2cZsvGQgkYCPPZV0Zx+kUP3WyGFy
9xqiCQIDAQABAkA6KMKALpwlBurLwSHqu+EXc616JZ6CAtxKtCRT+ZvRR1GWcEJ6
O8TeIU4YjWK7N8CQcgmeCX5bKbAW/DxUdksBAiEAy3xujDpOidIhBbYwq/E6a3/Q
EnQ/FGfq6cw3hWI/4k0CIQDMS9ShKl/QouORUlW1zCKWIK/7sAHuncYx6E9pH7uE
rQIgRzrGg8XBSlNJBfPRs86ccZbrIhqZHi6GN9MpuEI9NJ0CIQCgNjuqpDN9x7AV
L+99YXgiKcI46/+n5F0gmGFmPHdvBQIgEQcjUUtC1+qDOlulSjvheIi/Al5c9SRs
AXhDSTXtN3A=
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAu9eosHX/Ag8J0r71
lT9tzQeWbEZRAOZY8w+zC4hqTvtAZeE9SsB+ppoNM8bvdaxLVQNIIKKqOxsteOZY
xMFicQIDAQABAkEAtXq84oeNsRqAXhjaQbB/T8gV31PsLNdfdq1jSTAprVVOmHSk
CfKq30FOdIXnlLum2kypxejpdHGocI1rqZLzBQIhAOoPNuh/k3NeEau2VZt9dENN
JL4ByVpMG2gMjiucHl57AiEAzXNc16CmvEfQ/i3JhEhbb1I8o7QGsOk9v8MP/DEz
pQMCIF8EcCjwaX6DKK9JpPUrd8A+l/TeqswSa2nQ9wIzLYzzAiEAzBl4+DV+rrjh
pEE0WpfPTe3yk+Z6ZzGuyFwt+ymd1qUCIBzE561e4uE5tyPB46ybM/029/GFa89z
0D1ZBKVF7AWi
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA0u57CJSNnnkVPSqx
tX+LqlnAEkroE+zadaZACE/AvYh2sKP+ktZxOphEN5wNXjI+zsfQTyyKazcHaZOT
XFlSIQIDAQABAkAYjdRaqlhWA0hap3aqZx+OBAac2oVrlF3V5jV8AjSwm1T4gbDq
iV+ARxIgqP6bAVa+rVC1hUQVAjRGI6fioSgBAiEA3zFS9A6salJdprW4Hxoudn5Q
oEidH2+tVaFmtmgW5sECIQDx78ZOQi7bmQz/s6Zp0cqcdLRHyfVojqwL5vtvHX+j
YQIgPk/uAfdqyZBPVzDaw8wydqCTb/x16YXrVcHnBDwRUMECIQDesivie08wedga
Qp5Kx35tt4r+jarkfHdnWU1VwVxs4QIhAJnSVxhAiKBW+RXuW+sW8NTVvCSjOp8y
uEK+Tq88J7qx
-----END PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEAutVJp9CRJ6aeTv5D
x1sFrCA+/tuz2MMK/hi5WQCcSS75oLevaLzP77J4n1dBlw8m6aEe48wBHmC5d1Gu
QRtKZQIDAQABAkBicO09Obyxuq3hC0HlMYV8mwT2Pga16JbLKXXHenXebLT4DCVv
Q+LgOf4DNCiJOdnJXx1XwS+TF/3IRvbEykyhAiEA9LtKmpIfP8qYSn1JoyC24UI0
sTCw5xomt40HMhp6tr0CIQDDb4iiYFQjL52jC2Ny0L5lDI+dn068MAPDTDZIUQ4Q
yQIhAIObMGxdBfb9ENaF95KE5jPOsZ1TzN4KfyWX7nWwLauVAiEAnufGGfjnEID7
1IFDCC0QUgtHjqrkkwEbXiVOkbhODnkCIADJlx7W1l0D0JujsDx544NqiMrIbB+N
YV2d3dJxFNgX
-----END PRIVATE KEY-----
......@@ -17,12 +17,12 @@ from dnstest.test import Test
# check zone if keys are present and used for signing
def check_zone5(server, min_dnskeys, min_rrsigs, min_cdnskeys, msg):
dnskeys = server.dig("example.com", "DNSKEY")
dnskeys = server.dig("example.com", "DNSKEY", bufsize=1024)
found_dnskeys = dnskeys.count("DNSKEY")
soa = server.dig("example.com", "DNSKEY", dnssec=True)
found_rrsigs = soa.count("RRSIG")
cdnskey = server.dig("example.com", "CDNSKEY")
found_cdnskeys = cdnskey.count("CDNSKEY")
......@@ -41,7 +41,7 @@ def check_zone5(server, min_dnskeys, min_rrsigs, min_cdnskeys, msg):
if found_cdnskeys != min_cdnskeys:
set_err("BAD CDNSKEY COUNT: " + msg)
detail_log("!CDNSKEYs not published and activated as expected: " + msg)
detail_log(SEP)
t = Test()
......@@ -54,6 +54,8 @@ child = t.server("knot")
child_zone = t.zone("example.com.")
t.link(child_zone, child)
child.zonefile_sync = 24 * 60 * 60
child.dnssec(child_zone).enable = True
child.dnssec(child_zone).manual = False
child.dnssec(child_zone).zsk_lifetime = 99999
......@@ -67,10 +69,10 @@ shutil.copytree(os.path.join(t.data_dir, "keys"), child.keydir)
# parameters
ZONE = "example.com."
KSK1 = "7a3500c7feac3fd99f09a208a83b97f7455fa3e0"
KSK2 = "7e7492f7dcaf4d819a29eb30ad80c04f830d76cf"
ZSK1 = "6abddc73bcb46c4e6078cf764290ac315fff03f0"
ZSK2 = "301d3fc5392e83ea02312dc5bdc1a9f0b7937ddf"
KSK1 = "38b3062a04178cde79f72fc1c77fbb3fb327ffc6"
KSK2 = "1cc322baeb75cecf96babba98140206bbe28a682"
ZSK1 = "a61d2dfce7bcd667cc2be53ab3d668d4a9e3c563"
ZSK2 = "246d81610c3e3e1cf99ffa1eecd95f1deee01f0e"
t.rel_sleep(0)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment