projects / GitHub / Stricted / Domain-Control-Panel.git / blame
| Commit | Line | Data |
|---|---|---|
| daff88c0 S |
1 | <?php |
| 2 | namespace dns\util; | |
| 3 | ||
| 4 | /** | |
| 5 | * @author Jan Altensen (Stricted) | |
| 6 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> | |
| 7 | * @copyright 2015 Jan Altensen (Stricted) | |
| 8 | */ | |
| 9 | class DNSSECUtil { | |
| 10 | ||
| 8a0590a6 S |
11 | public static function calculateDS ($owner, $algorithm, $publicKey) { |
| 12 | $owner = self::convertOwner($owner); | |
| daff88c0 S |
13 | $flags = '0101'; |
| 14 | $protocol = '03'; | |
| 15 | $algorithm = '0'.dechex($algorithm); | |
| 16 | $publicKey = bin2hex(base64_decode($publicKey)); | |
| 17 | ||
| 18 | $string = hex2bin($owner.$flags.$protocol.$algorithm.$publicKey); | |
| 19 | ||
| 6a2c67f1 S |
20 | $sha1 = strtoupper(sha1($string)); |
| 21 | $sha256 = strtoupper(hash('sha256', $string)); | |
| daff88c0 S |
22 | |
| 23 | return array('sha1' => $sha1, 'sha256' => $sha256); | |
| 24 | } | |
| 25 | ||
| 6a2c67f1 | 26 | public static function convertOwner ($owner) { |
| daff88c0 S |
27 | $return = ''; |
| 28 | ||
| 29 | $data = explode(".", $owner); | |
| 30 | $return .= '0'.dechex(strlen($data[0])); | |
| 31 | $data[0] = str_split($data[0]); | |
| 32 | for ($i = 0; $i < count($data[0]); $i++) { | |
| 33 | $byte = strtoupper(dechex(ord($data[0][$i]))); | |
| 34 | $byte = str_repeat('0', 2 - strlen($byte)).$byte; | |
| 35 | $return .= $byte; | |
| 36 | } | |
| 37 | ||
| 38 | $return .= '0'.dechex(strlen($data[1])); | |
| 39 | $data[1] = str_split($data[1]); | |
| 40 | ||
| 41 | for ($i = 0; $i < count($data[1]); $i++) { | |
| 42 | $byte = strtoupper(dechex(ord($data[1][$i]))); | |
| 43 | $byte = str_repeat('0', 2 - strlen($byte)).$byte; | |
| 44 | $return .= $byte; | |
| 45 | } | |
| 46 | ||
| 47 | $return .= '00'; | |
| 48 | ||
| 49 | return $return; | |
| 50 | } | |
| 8a0590a6 S |
51 | |
| 52 | public static function validatePublicKey ($content) { | |
| 53 | $pattern = "; This is a (key|zone)-signing key, keyid (?P<keyid>[0-9]+), for (?P<domain>[\s\S]+)\.\n"; | |
| 54 | $pattern .= "; Created: (?P<created>[0-9]+) \(([a-z0-9: ]+)\)\n"; | |
| 55 | $pattern .= "; Publish: (?P<publish>[0-9]+) \(([a-z0-9: ]+)\)\n"; | |
| 56 | $pattern .= "; Activate: (?P<activate>[0-9]+) \(([a-z0-9: ]+)\)\n"; | |
| 6a2c67f1 | 57 | $pattern .= "([\s\S]+). IN DNSKEY 25(6|7) 3 (?P<algorithm>[0-9]+) (?P<key>[\s\S]+)(\n)?"; |
| 8a0590a6 S |
58 | preg_match('/'.$pattern.'/i', $content, $matches); |
| 59 | if (!empty($matches)) { | |
| 45c89c08 S |
60 | if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) { |
| 61 | return false; | |
| 62 | } | |
| 63 | ||
| 8a0590a6 S |
64 | $data = explode(' ', $matches['key']); |
| 65 | foreach ($data as $d) { | |
| 66 | if (base64_encode(base64_decode($d, true)) !== $d) { | |
| 67 | return false; | |
| 68 | } | |
| 69 | } | |
| 70 | } | |
| 71 | else { | |
| 72 | return false; | |
| 73 | } | |
| 74 | ||
| 75 | return true; | |
| 76 | } | |
| 77 | ||
| 78 | public static function validatePrivateKey ($content) { | |
| 79 | $pattern = "Private-key-format: v([0-9a-z.]+)\n"; | |
| 80 | $pattern .= "Algorithm: (?P<algorithm>[0-9]+) \(([0-9a-z\-]+)\)\n"; | |
| 81 | $pattern .= "Modulus: (?P<modulus>[\s\S]+)\n"; | |
| 82 | $pattern .= "PublicExponent: (?P<publicexponent>[\s\S]+)\n"; | |
| 83 | $pattern .= "Prime1: (?P<prime1>[\s\S]+)\n"; | |
| 84 | $pattern .= "Prime2: (?P<prime2>[\s\S]+)\n"; | |
| 85 | $pattern .= "Exponent1: (?P<exponent1>[\s\S]+)\n"; | |
| 86 | $pattern .= "Exponent2: (?P<exponent2>[\s\S]+)\n"; | |
| 87 | $pattern .= "Coefficient: (?P<coefficient>[\s\S]+)\n"; | |
| 88 | $pattern .= "Created: (?P<created>[0-9]+)\n"; | |
| 89 | $pattern .= "Publish: (?P<publish>[0-9]+)\n"; | |
| 6a2c67f1 | 90 | $pattern .= "Activate: (?P<activate>[0-9]+)(\n)?"; |
| 8a0590a6 S |
91 | |
| 92 | preg_match('/'.$pattern.'/i', $content, $matches); | |
| 93 | if (!empty($matches)) { | |
| 45c89c08 S |
94 | if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) { |
| 95 | return false; | |
| 96 | } | |
| 97 | else if (base64_encode(base64_decode($matches['modulus'], true)) !== $matches['modulus']) { | |
| 98 | return false; | |
| 99 | } | |
| 100 | else if (base64_encode(base64_decode($matches['publicexponent'], true)) !== $matches['publicexponent']) { | |
| 101 | return false; | |
| 102 | } | |
| 103 | else if (base64_encode(base64_decode($matches['prime1'], true)) !== $matches['prime1']) { | |
| 104 | return false; | |
| 105 | } | |
| 106 | else if (base64_encode(base64_decode($matches['prime2'], true)) !== $matches['prime2']) { | |
| 107 | return false; | |
| 108 | } | |
| 109 | else if (base64_encode(base64_decode($matches['exponent1'], true)) !== $matches['exponent1']) { | |
| 110 | return false; | |
| 111 | } | |
| 112 | else if (base64_encode(base64_decode($matches['exponent2'], true)) !== $matches['exponent2']) { | |
| 113 | return false; | |
| 114 | } | |
| 115 | else if (base64_encode(base64_decode($matches['coefficient'], true)) !== $matches['coefficient']) { | |
| 116 | return false; | |
| 117 | } | |
| 8a0590a6 S |
118 | } |
| 119 | else { | |
| 120 | return false; | |
| 121 | } | |
| 122 | ||
| 123 | return true; | |
| 124 | } | |
| daff88c0 | 125 | } |