Skip to content
/ dnssec_sm2sm3 Public

sign and validate dnssec signature with sm2sm3 algorithm

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

scooct/dnssec_sm2sm3

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
deps
deps
 
 
keys
keys
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
dsfromkey.py
dsfromkey.py
 
 
keygen.py
keygen.py
 
 
signzone.py
signzone.py
 
 
sm2sm3_example.zone
sm2sm3_example.zone
 
 
sm2sm3_example.zone.signed.wrong.1
sm2sm3_example.zone.signed.wrong.1
 
 
validatezone.py
validatezone.py
 
 

Repository files navigation

dnssec_sm2sm3

sign and validate dnssec signature with sm2sm3 algorithm

Requirements

Python 3.6.15
dnspython 2.2.1
gmssl https://github.com/smdll/crypto-gmssl/tree/master/gmssl

Example

UNSIGNED=sm2sm3_example.zone
python3 keygen.py -o example -k ksk
python3 keygen.py -o example -k zsk
python3 dsfromkey.py keys/Kexample.+017+6400.key
cat keys/Kexample.+017+6400.key keys/Kexample.+017+62449.key >> ${UNSIGNED}
python3 signzone.py -e 20240401000000 -s 20230401000000 -o example -f ${UNSIGNED} -k keys/Kexample.+017+6400 -z keys/Kexample.+017+62449
python3 validatezone.py -o example -f sm2sm3_example.zone.signed.wrong.1
python3 validatezone.py -o example -f ${UNSIGNED}.signed

Notation

In order to support SM2SM3 algorithm, the file dnssec.py of dnspython was modified accordingly. The patch file could be found in deps/dnssec.py.patch

patch -p0 < dnssec.py.patch

About

sign and validate dnssec signature with sm2sm3 algorithm

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages