Allow for key lifetime unlimited

The keyword 'unlimited' can be used instead of PT0S which means the same but is more comprehensible for users. Also fix some redundant "none" parameters in the kasp test.
2020-02-06 15:41:47 +01:00
parent 9dc630016e
commit 2733edb2a6
17 changed files with 194 additions and 63 deletions
--- a/bin/tests/system/kasp/tests.sh
+++ b/bin/tests/system/kasp/tests.sh
@@ -1026,6 +1026,22 @@ check_keys
 check_apex
 check_subdomain

+#
+# Zone: unlimited.kasp.
+#
+zone_properties "ns3" "unlimited.kasp" "unlimited" "1234" "1" "10.53.0.3"
+key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" "yes"
+key_clear "KEY2"
+key_clear "KEY3"
+# The first key is immediately published and activated.
+key_timings "KEY1" "published" "active" "none" "none" "none"
+# DNSKEY, RRSIG (ksk), RRSIG (zsk) are published. DS needs to wait.
+key_states "KEY1" "omnipresent" "rumoured" "rumoured" "rumoured" "hidden"
+check_keys
+check_apex
+check_subdomain
+dnssec_verify
+
 #
 # Zone: inherit.kasp.
 #
@@ -1451,7 +1467,7 @@ check_subdomain
 # ns5/override.inherit.signed
 # ns5/inherit.override.signed
 key_properties "KEY1" "csk" "0" "13" "ECDSAP256SHA256" "256" "yes" "yes"
-key_timings "KEY1" "published" "active" "none" "none" "none" "none"
+key_timings "KEY1" "published" "active" "none" "none" "none"
 key_states "KEY1" "omnipresent" "rumoured" "rumoured" "rumoured" "hidden"

 zone_properties "ns2" "signed.tld" "default" "3600" "1" "10.53.0.2"
@@ -1496,7 +1512,7 @@ dnssec_verify
 # ns5/override.override.unsigned
 # ns5/override.none.unsigned
 key_properties "KEY1" "csk" "0" "14" "ECDSAP384SHA384" "384" "yes" "yes"
-key_timings "KEY1" "published" "active" "none" "none" "none" "none"
+key_timings "KEY1" "published" "active" "none" "none" "none"
 key_states "KEY1" "omnipresent" "rumoured" "rumoured" "rumoured" "hidden"

 zone_properties "ns4" "inherit.inherit.signed" "test" "3600" "1" "10.53.0.4"