3 # Copyright (C) 2013 Internet Systems Consortium, Inc. ("ISC")
5 # Permission to use, copy, modify, and/or distribute this software for any
6 # purpose with or without fee is hereby granted, provided that the above
7 # copyright notice and this permission notice appear in all copies.
9 # THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 # REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 # AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 # INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 # LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 # OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 # PERFORMANCE OF THIS SOFTWARE.
17 # Fetch a copy of a current root signing key; used for testing
18 # DNSSEC validation in 'sample'.
20 # After running this script, "sample `cat sample.key` <args>" will
21 # perform a lookup as specified in <args> and validate the result
24 # (This is NOT a secure method of obtaining the root key; it is
25 # included here for testing purposes only.)
26 dig +noall
+answer dnskey . | perl
-n -e '
27 local ($dn, $ttl, $class, $type, $flags, $proto, $alg, @rest) = split;
28 next if ($flags != 257);
29 local $key = join("", @rest);
30 print "-a $alg -e -k $dn -K $key\n"