1 files changed, 76 insertions, 0 deletions
diff --git a/test/fixtures/dnssec-keygen/dnssec-keygen b/test/fixtures/dnssec-keygen/dnssec-keygen
new file mode 100755
index 00000000..882cd97c
--- /dev/null
+++ b/test/fixtures/dnssec-keygen/dnssec-keygen
@@ -0,0 +1,76 @@
+#!/bin/sh
+
+cat <<\EOF >&2
+Usage:
+    dnssec-keygen [options] name
+
+Version: 9.11.3-1ubuntu1.5-Ubuntu
+    name: owner of the key
+Options:
+    -K <directory>: write keys into directory
+    -a <algorithm>:
+        RSA | RSAMD5 | DSA | RSASHA1 | NSEC3RSASHA1 | NSEC3DSA |
+        RSASHA256 | RSASHA512 | ECCGOST |
+        ECDSAP256SHA256 | ECDSAP384SHA384 |
+        ED25519 | ED448 | DH |
+        HMAC-MD5 | HMAC-SHA1 | HMAC-SHA224 | HMAC-SHA256 |
+        HMAC-SHA384 | HMAC-SHA512
+       (default: RSASHA1, or NSEC3RSASHA1 if using -3)
+    -3: use NSEC3-capable algorithm
+    -b <key size in bits>:
+        RSAMD5:	[512..4096]
+        RSASHA1:	[512..4096]
+        NSEC3RSASHA1:	[512..4096]
+        RSASHA256:	[512..4096]
+        RSASHA512:	[1024..4096]
+        DH:		[128..4096]
+        DSA:		[512..1024] and divisible by 64
+        NSEC3DSA:	[512..1024] and divisible by 64
+        ECCGOST:	ignored
+        ECDSAP256SHA256:	ignored
+        ECDSAP384SHA384:	ignored
+        ED25519:	ignored
+        ED448:	ignored
+        HMAC-MD5:	[1..512]
+        HMAC-SHA1:	[1..160]
+        HMAC-SHA224:	[1..224]
+        HMAC-SHA256:	[1..256]
+        HMAC-SHA384:	[1..384]
+        HMAC-SHA512:	[1..512]
+        (if using the default algorithm, key size
+        defaults to 2048 for KSK, or 1024 for all others)
+    -n <nametype>: ZONE | HOST | ENTITY | USER | OTHER
+        (DNSKEY generation defaults to ZONE)
+    -c <class>: (default: IN)
+    -d <digest bits> (0 => max, default)
+    -E <engine>:
+        name of an OpenSSL engine to use
+    -f <keyflag>: KSK | REVOKE
+    -g <generator>: use specified generator (DH only)
+    -L <ttl>: default key TTL
+    -p <protocol>: (default: 3 [dnssec])
+    -r <randomdev>: a file containing random data
+    -s <strength>: strength value this key signs DNS records with (default: 0)
+    -T <rrtype>: DNSKEY | KEY (default: DNSKEY; use KEY for SIG(0))
+    -t <type>: AUTHCONF | NOAUTHCONF | NOAUTH | NOCONF (default: AUTHCONF)
+    -h: print usage and exit
+    -m <memory debugging mode>:
+       usage | trace | record | size | mctx
+    -v <level>: set verbosity level (0 - 10)
+    -V: print version information
+Timing options:
+    -P date/[+-]offset/none: set key publication date (default: now)
+    -P sync date/[+-]offset/none: set CDS and CDNSKEY publication date
+    -A date/[+-]offset/none: set key activation date (default: now)
+    -R date/[+-]offset/none: set key revocation date
+    -I date/[+-]offset/none: set key inactivation date
+    -D date/[+-]offset/none: set key deletion date
+    -D sync date/[+-]offset/none: set CDS and CDNSKEY deletion date
+    -G: generate key only; do not set -P or -A
+    -C: generate a backward-compatible key, omitting all dates
+    -S <key>: generate a successor to an existing key
+    -i <interval>: prepublication interval for successor key (default: 30 days)
+Output:
+     K<name>+<alg>+<id>.key, K<name>+<alg>+<id>.private
+EOF
+exit 255