From 45c89c08fbaf61fcde88219aed6241b2da297408 Mon Sep 17 00:00:00 2001
From: Stricted <info@stricted.de>
Date: Sun, 22 Feb 2015 20:49:48 +0100
Subject: [PATCH] complete validatePrivateKey method

---
 lib/util/DNSSECUtil.class.php | 31 +++++++++++++++++++++++++++++--
 1 file changed, 29 insertions(+), 2 deletions(-)

diff --git a/lib/util/DNSSECUtil.class.php b/lib/util/DNSSECUtil.class.php
index 42a7419..62b84c6 100644
--- a/lib/util/DNSSECUtil.class.php
+++ b/lib/util/DNSSECUtil.class.php
@@ -54,9 +54,13 @@ class DNSSECUtil {
 		$pattern .= "; Created: (?P<created>[0-9]+) \(([a-z0-9: ]+)\)\n";
 		$pattern .= "; Publish: (?P<publish>[0-9]+) \(([a-z0-9: ]+)\)\n";
 		$pattern .= "; Activate: (?P<activate>[0-9]+) \(([a-z0-9: ]+)\)\n";
-		$pattern .= "([\s\S]+). IN DNSKEY (?P<type>[0-9]+) ([0-9]+) (?P<algorithm>[0-9]+) (?P<key>[\s\S]+)";
+		$pattern .= "([\s\S]+). IN DNSKEY 25(6|7) 3 (?P<algorithm>[0-9]+) (?P<key>[\s\S]+)";
 		preg_match('/'.$pattern.'/i', $content, $matches);
 		if (!empty($matches)) {
+			if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) {
+				return false;
+			}
+			
 			$data = explode(' ', $matches['key']);
 			foreach ($data as $d) {
 				if (base64_encode(base64_decode($d, true)) !== $d) {
@@ -87,7 +91,30 @@ class DNSSECUtil {
 
 		preg_match('/'.$pattern.'/i', $content, $matches);
 		if (!empty($matches)) {
-			/* to be continued */
+			if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['modulus'], true)) !== $matches['modulus']) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['publicexponent'], true)) !== $matches['publicexponent']) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['prime1'], true)) !== $matches['prime1']) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['prime2'], true)) !== $matches['prime2']) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['exponent1'], true)) !== $matches['exponent1']) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['exponent2'], true)) !== $matches['exponent2']) {
+				return false;
+			}
+			else if (base64_encode(base64_decode($matches['coefficient'], true)) !== $matches['coefficient']) {
+				return false;
+			}
 		}
 		else {
 			return false;
-- 
2.20.1