1 This is a set of utilities that when used together create rsa keys in
2 a PKCS11 keystore. The keys will have a label of "zone,zsk|ksk,xxx" and
3 an id of the keytag in hex.
5 Run genkey.sh to generate a new key and call the other programs in turn.
6 Run writekey.sh to load key to the key store from Kxxx.{key,private}.
8 genkey[.c] uses PKCS11 calls to generate keys.
9 PEM_write_pubkey[.c] uses OpenSSL to write a public key from the key store
10 into a file in PEM format.
11 keyconv.pl uses Net::DNS::SEC to calculate the key tag and to write out
12 a DNSKEY RR into a file.
13 set_key_id[.c] uses PKCS11 to set to the key id == keytag in the key store.
14 readkey[.c] and writekey[.c] extracts and loads a key from/to the key store.
15 keydump.pl uses Net::DNS::SEC to get the key from a Kxxx.private file and
16 write it into a file in PEM format.
18 listobjs and destroyobjs browse the key store, prints or destroys objects.
git.samba.org / tridge / bind9.git / blob