[ldns-users] Private-key-format v1.3
Willem Toorop
Willem at NLnetLabs.nl
Fri Nov 4 13:39:27 UTC 2011
Hi Kaustubh,
In the release notes for BIND 9.7.0, I read:
2731. [func] Additional work on change 2709. The key parser
will now ignore unrecognized fields when the
minor version number of the private key format
has been increased. It will reject any key with
the major version number increased. [RT #20310]
We should do this for ldns too.
I don't think ISC has documented Private-key-format files (or at least I
couldn't find it), but I did have a peek in the parser for bind
(dst_parse.c). All the new fields look related to key rollovers which is
currently not applicable for ldns so, I have relaxed the version
checking à la BIND.
Thanks, Willem
Op 04-11-11 06:27, Kaustubh Gadkari schreef:
> Hi,
>
> I am trying to read a key from a file with the ldns_key_new_frm_fp_l()
> function. However, the key I have is in the Private-key-format v1.3
> and I get an version mismatch error. The documentation mentions that
> only v1.2 is supported. But bind's dnssec-keygen tool generates v1.3
> keys. Is there any way of reading v1.3 keys?
>
> Thanks,
> Kaustubh
>
More information about the ldns-users
mailing list