testing/dnssec-root: new aport

The DNSSEC root key(s)
https://www.iana.org/dnssec/

2 files changed, 103 insertions, 0 deletions

diff --git a/testing/dnssec-root/APKBUILD b/testing/dnssec-root/APKBUILD
new file mode 100644
index 0000000000..e9785b1252
--- /dev/null
+++ b/testing/dnssec-root/APKBUILD
@@ -0,0 +1,71 @@
+# Contributor: Natanael Copa <ncopa@alpinelinux.org>
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+pkgname=dnssec-root
+pkgver=20100715
+pkgrel=0
+pkgdesc="The DNSSEC root key(s)"
+url="https://www.iana.org/dnssec/"
+arch="noarch"
+license="public-domain"
+depends=""
+makedepends="libxslt gnupg openssl"
+install=""
+subpackages=""
+source="saveas-http://data.iana.org/root-anchors/root-anchors.xml/root-anchors-$pkgver.xml
+	http://data.iana.org/root-anchors/Kjqmt7v.csr
+
+	http://data.iana.org/root-anchors/Kjqmt7v.crt
+	http://data.iana.org/root-anchors/root-anchors.p7s
+	http://data.iana.org/root-anchors/root-anchors.asc
+	http://data.iana.org/root-anchors/icannbundle.pem
+	http://data.iana.org/root-anchors/icann.pgp
+
+	anchors2ds.xsl
+	"
+
+# http://permalink.gmane.org/gmane.network.dns.unbound.user/1039
+
+_builddir="$srcdir"/build
+_dnssecdir="usr/share/dnssec"
+prepare() {
+	mkdir -p "$_builddir"
+	
+	(
+		export GNUPGHOME="$_builddir"/gpg
+		install -d -m 700 "$GNUPGHOME"
+		gpg --import "$srcdir"/icann.pgp || exit 1
+		gpg --verify "$srcdir"/root-anchors.asc \
+			"$srcdir"/root-anchors-$pkgver.xml
+	) || return 1
+
+	openssl smime  -verify -content "$srcdir"/root-anchors-$pkgver.xml \
+		-in "$srcdir"/root-anchors.p7s -inform der \
+		-CAfile "$srcdir"/icannbundle.pem \
+		|| return 1
+}
+
+build() {
+	cd "$_builddir"
+	xsltproc -o root-anchors.txt "$srcdir"/anchors2ds.xsl \
+		"$srcdir"/root-anchors-$pkgver.xml
+
+
+}
+
+package() {
+	cd "$_builddir"
+	mkdir -p "$pkgdir"/$_dnssecdir
+	install root-anchors.txt "$srcdir"/Kjqmt7v.csr \
+		"$pkgdir"/$_dnssecdir || return 1
+	install "$srcdir"/root-anchors-$pkgver.xml \
+		"$pkgdir"/$_dnssecdir/root-anchors.xml
+}
+
+md5sums="69e6f9b67e92fbc952d488cc6f67198f  root-anchors-20100715.xml
+427766bf91c674c4f0469ed363f207a8  Kjqmt7v.csr
+27bbd7b1e0b0381adddc33da2bfb3241  Kjqmt7v.crt
+4a6eaf38469abd82df5ce3832962ab4f  root-anchors.p7s
+a5612e1b84a75c29b642b9342286c511  root-anchors.asc
+59774aba58dbde1049bdf4722fb4f02c  icannbundle.pem
+041a789ee96301623d3e66e4d52c8a0b  icann.pgp
+1043c559c923279600a6da395b794597  anchors2ds.xsl"
diff --git a/testing/dnssec-root/anchors2ds.xsl b/testing/dnssec-root/anchors2ds.xsl
new file mode 100644
index 0000000000..3df47e2075
--- /dev/null
+++ b/testing/dnssec-root/anchors2ds.xsl
@@ -0,0 +1,32 @@
+<?xml version="1.0"?>
+
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="1.0">
+  <xsl:output method="text"/>
+
+  <xsl:template match="/">
+     <xsl:apply-templates/>
+  </xsl:template>
+
+  <xsl:template match="/TrustAnchor">
+     <xsl:apply-templates select="Zone"/>
+     <xsl:apply-templates select="KeyDigest"/>
+     <xsl:text>
+</xsl:text>
+  </xsl:template>
+
+  <xsl:template match="KeyDigest">
+     <xsl:apply-templates select="KeyTag"/>
+     <xsl:apply-templates select="Algorithm"/>
+     <xsl:apply-templates select="DigestType"/>
+     <xsl:apply-templates select="Digest"/>
+  </xsl:template>
+
+  <xsl:template match="Zone">
+     <xsl:value-of select="text()"/><xsl:text> IN DS </xsl:text>
+  </xsl:template>
+
+  <xsl:template match="*">
+     <xsl:value-of select="text()"/><xsl:text> </xsl:text>
+  </xsl:template>
+
+</xsl:stylesheet>
\ No newline at end of file