mirror of
https://github.com/NLnetLabs/unbound.git
synced 2025-12-20 23:00:56 -05:00
Test example signatures for rsasha256 and rsasha512.
git-svn-id: file:///svn/unbound/trunk@1742 be551aaa-1e26-0410-a405-d3ace91eadb9
This commit is contained in:
Wouter Wijngaards
parent
6f4522a55c
commit
49d65b8ebf
4 changed files with 33 additions and 11 deletions
|
|
@ -1,3 +1,6 @@
|
||||||
|
4 August 2009: Wouter
|
||||||
|
- Added test that the examples from draft rsasha256-14 verify.
|
||||||
|
|
||||||
3 August 2009: Wouter
|
3 August 2009: Wouter
|
||||||
- nicer warning when algorithm not supported, tells you to upgrade.
|
- nicer warning when algorithm not supported, tells you to upgrade.
|
||||||
- iana portlist updated.
|
- iana portlist updated.
|
||||||
|
|
|
||||||
|
|
@ -477,11 +477,10 @@ verify_test()
|
||||||
#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)
|
#if defined(HAVE_EVP_SHA256) && defined(USE_SHA2)
|
||||||
verifytest_file("testdata/test_signatures.9", "20070829144150");
|
verifytest_file("testdata/test_signatures.9", "20070829144150");
|
||||||
verifytest_file("testdata/test_signatures.11", "20070829144150");
|
verifytest_file("testdata/test_signatures.11", "20070829144150");
|
||||||
|
verifytest_file("testdata/test_signatures.14", "20090101000000");
|
||||||
#endif
|
#endif
|
||||||
#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)
|
#if defined(HAVE_EVP_SHA512) && defined(USE_SHA2)
|
||||||
/* Skip test. Algorithm number uncertainty
|
|
||||||
verifytest_file("testdata/test_signatures.10", "20070829144150");
|
verifytest_file("testdata/test_signatures.10", "20070829144150");
|
||||||
*/
|
|
||||||
#endif
|
#endif
|
||||||
verifytest_file("testdata/test_signatures.12", "20090107100022");
|
verifytest_file("testdata/test_signatures.12", "20090107100022");
|
||||||
verifytest_file("testdata/test_signatures.13", "20080414005004");
|
verifytest_file("testdata/test_signatures.13", "20080414005004");
|
||||||
|
|
|
||||||
15
testdata/test_signatures.10
vendored
15
testdata/test_signatures.10
vendored
|
|
@ -3,24 +3,21 @@
|
||||||
; first entry is a DNSKEY answer, with the DNSKEY rrset used for verification.
|
; first entry is a DNSKEY answer, with the DNSKEY rrset used for verification.
|
||||||
; later entries are verified with it.
|
; later entries are verified with it.
|
||||||
|
|
||||||
; Test RSASHA512 signatures.
|
; Test RSASHA512 signatures from draft-ietf-dnsext-dnssec-rsasha256-14
|
||||||
|
|
||||||
; RSA key from ldns tool
|
|
||||||
ENTRY_BEGIN
|
ENTRY_BEGIN
|
||||||
SECTION QUESTION
|
SECTION QUESTION
|
||||||
sub.example.com. IN DNSKEY
|
example.net. IN DNSKEY
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
example.com. 3600 IN DNSKEY 256 3 9 AwEAAazmeO3BNv+xPYuFbQp8JN4XX+iKNuvJgD2QG5jRXI0IP5by+JGSob20OEmbPLqKcXWMRPICTyPBDaBh0tXA66DVlHV8rCtAT5Yqdrz2qw05SNYCGWJulscR6GM0e4gkO1FrBINr385IiMH3sJegBzm2HUbyb2I+xuFIfl7SgMuZ5fahHnhjDwsdgw+19OQlbYDRmNhMvtJemomIiGzPwrxEtKBlcUevcFPX7cPU7lpbcZwVP16xhLbtSNwMHvoCoRpJrAtdDGiSyAzTQef+jWuaUlFCPle6Qkghi51zmpBrPunqRCoYg7LIyJ9zS/KzPKX2zN2ASu9KJD3tDW9OSZM= ;{id = 48886 (zsk), size = 2048b}
|
example.net. 3600 IN DNSKEY (256 3 10 AwEAAdHoNTOW+et86KuJOWRD p1pndvwb6Y83nSVXXyLA3DLroROUkN6X0O6pnWnjJQujX/AyhqFD xj13tOnD9u/1kTg7cV6rklMrZDtJCQ5PCl/D7QNPsgVsMu1J2Q8g pMpztNFLpPBz1bWXjDtaR7ZQBlZ3PFY12ZTSncorffcGmhOL);{id = 3740 (zsk), size = 1024b}
|
||||||
|
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
; entry to test
|
; entry to test
|
||||||
ENTRY_BEGIN
|
ENTRY_BEGIN
|
||||||
SECTION QUESTION
|
SECTION QUESTION
|
||||||
www.example.com. IN A
|
www.example.net. IN A
|
||||||
SECTION ANSWER
|
SECTION ANSWER
|
||||||
www.example.com. 3600 IN A 192.0.2.66
|
www.example.net. 3600 IN A 192.0.2.91
|
||||||
www.example.com. 3600 IN RRSIG A 9 3 3600 20070926134150 20070829134150 48886 example.com. Ys6CGNAxJ+0lG/EoDJqZOoZTlX8Aa1k124VjnSE2A9NTecZUX44TiKtJQtUu7cnUcURuNsqX5rulr/70Vx+ANeUot/ewtY6fX6qaGZVgIaNyyDw0Gu7oiAsjOE0bt5RS4VGvDpLSdxDlPV0Kbbc4fYSTsqiSe2idMokfD2bgPcFrIx2TcX/sF8Jyhn2MGiQsWryMWyvhRTZ1+dwQcPhkeslGFLF/SQpGx5BbW/BYQG026xb6ckL/F/Pu4Jf5sQTimTZXHi9iASeRNO34DM9bS0yDgc+nm3bEg8/pEGCdFuCt6dVv7JTFgnR9fPTbEbBHIi4ORw1oef11G2sRV/Ubvw== ;{id = 48886}
|
www.example.net. 3600 IN RRSIG (A 10 3 3600 20300101000000 20000101000000 3740 example.net. tsb4wnjRUDnB1BUi+t 6TMTXThjVnG+eCkWqjvvjhzQL1d0YRoOe0CbxrVDYd0xDtsuJRa eUw1ep94PzEWzr0iGYgZBWm/zpq+9fOuagYJRfDqfReKBzMweOL DiNa8iP5g9vMhpuv6OPlvpXwm9Sa9ZXIbNl1MBGk0fthPgxdDLw =);{id = 3740}
|
||||||
|
|
||||||
ENTRY_END
|
ENTRY_END
|
||||||
|
|
||||||
|
|
|
||||||
23
testdata/test_signatures.14
vendored
Normal file
23
testdata/test_signatures.14
vendored
Normal file
|
|
@ -0,0 +1,23 @@
|
||||||
|
; Signature test file
|
||||||
|
|
||||||
|
; first entry is a DNSKEY answer, with the DNSKEY rrset used for verification.
|
||||||
|
; later entries are verified with it.
|
||||||
|
|
||||||
|
; Test RSASHA256 signatures from draft-ietf-dnsext-dnssec-rsasha256-14
|
||||||
|
|
||||||
|
ENTRY_BEGIN
|
||||||
|
SECTION QUESTION
|
||||||
|
example.net. IN DNSKEY
|
||||||
|
SECTION ANSWER
|
||||||
|
example.net. 3600 IN DNSKEY (256 3 8 AwEAAcFcGsaxxdgiuuGmCkVI my4h99CqT7jwY3pexPGcnUFtR2Fh36BponcwtkZ4cAgtvd4Qs8P kxUdp6p/DlUmObdk= );{id = 9033 (zsk), size = 512b}
|
||||||
|
ENTRY_END
|
||||||
|
|
||||||
|
; entry to test
|
||||||
|
ENTRY_BEGIN
|
||||||
|
SECTION QUESTION
|
||||||
|
www.example.net. IN A
|
||||||
|
SECTION ANSWER
|
||||||
|
www.example.net. 3600 IN A 192.0.2.91
|
||||||
|
www.example.net. 3600 IN RRSIG (A 8 3 3600 20300101000000 20000101000000 9033 example.net. kRCOH6u7l0QGy9qpC9 l1sLncJcOKFLJ7GhiUOibu4teYp5VE9RncriShZNz85mwlMgNEa cFYK/lPtPiVYP4bwg== ;{id = 9033}
|
||||||
|
ENTRY_END
|
||||||
|
|
||||||
Loading…
Reference in a new issue