1 files changed, 14 insertions, 4 deletions
diff --git a/kiki.hs b/kiki.hs
index 316da90..6afcbed 100644
--- a/kiki.hs
+++ b/kiki.hs
@@ -309,9 +309,19 @@ dnsPresentationFromPacket k = do
        dnskey = DNS.RSA n e
        bin = runPut (DNS.putRSA dnskey)
        qq  = Base64.encode (L.unpack bin)
-    return $
+        ttl = 24*60*60 -- 24 hours in seconds
-        writePEM "FIXME PUBLIC KEY" qq -- ("TODO "++show keyspec)
+        flags = 256 -- (ZONE-key = bit7) TODO: is this a zone key or a key-signing key?
+        algo = 8 -- RSASHA256 -- TODO: support other algorithm
+    return $ unwords
+        ["."
+        ,show ttl
+        ,"IN"
+        ,"DNSKEY"
+        ,show flags
+        ,"3" -- protocol MUST be 3 (RFC 4034)
+        ,show algo
+        ,qq
+        ]
 show_ssh keyspec wkgrip db = either warn putStrLn $ show_ssh' keyspec wkgrip db
@@ -512,7 +522,7 @@ kiki_usage bExport bImport bSecret cmd = putStr $
                ,"           is input on stdin in ssh-rsa format."
                ,""
                ,"     --dns SPEC"
-                ,"           Outputs the DNSKEY presentation format (RFC3110) of the public key"
+                ,"           Outputs the DNSKEY presentation format (RFC4034) of the public key"
                ,"           corresponding to SPEC."
                ,"           (See 'kiki help spec' for more information.)"
                ,""

diff --git a/kiki.hs b/kiki.hs index 316da90..6afcbed 100644 --- a/kiki.hs +++ b/kiki.hs
@@ -309,9 +309,19 @@ dnsPresentationFromPacket k = do
309	dnskey = DNS.RSA n e	309	dnskey = DNS.RSA n e
310	bin = runPut (DNS.putRSA dnskey)	310	bin = runPut (DNS.putRSA dnskey)
311	qq = Base64.encode (L.unpack bin)	311	qq = Base64.encode (L.unpack bin)
312	return $	312	ttl = 246060 -- 24 hours in seconds
313	writePEM "FIXME PUBLIC KEY" qq -- ("TODO "++show keyspec)	313	flags = 256 -- (ZONE-key = bit7) TODO: is this a zone key or a key-signing key?
314		314	algo = 8 -- RSASHA256 -- TODO: support other algorithm
		315	return $ unwords
		316	["."
		317	,show ttl
		318	,"IN"
		319	,"DNSKEY"
		320	,show flags
		321	,"3" -- protocol MUST be 3 (RFC 4034)
		322	,show algo
		323	,qq
		324	]
315		325
316	show_ssh keyspec wkgrip db = either warn putStrLn $ show_ssh' keyspec wkgrip db	326	show_ssh keyspec wkgrip db = either warn putStrLn $ show_ssh' keyspec wkgrip db
317		327
@@ -512,7 +522,7 @@ kiki_usage bExport bImport bSecret cmd = putStr $
512	," is input on stdin in ssh-rsa format."	522	," is input on stdin in ssh-rsa format."
513	,""	523	,""
514	," --dns SPEC"	524	," --dns SPEC"
515	," Outputs the DNSKEY presentation format (RFC3110) of the public key"	525	," Outputs the DNSKEY presentation format (RFC4034) of the public key"
516	," corresponding to SPEC."	526	," corresponding to SPEC."
517	," (See 'kiki help spec' for more information.)"	527	," (See 'kiki help spec' for more information.)"
518	,""	528	,""