Commit | Line | Data |
---|---|---|
daff88c0 S |
1 | <?php |
2 | namespace dns\util; | |
3 | ||
4 | /** | |
5 | * @author Jan Altensen (Stricted) | |
6 | * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php> | |
7 | * @copyright 2015 Jan Altensen (Stricted) | |
8 | */ | |
9 | class DNSSECUtil { | |
10 | ||
8a0590a6 S |
11 | public static function calculateDS ($owner, $algorithm, $publicKey) { |
12 | $owner = self::convertOwner($owner); | |
daff88c0 S |
13 | $flags = '0101'; |
14 | $protocol = '03'; | |
15 | $algorithm = '0'.dechex($algorithm); | |
16 | $publicKey = bin2hex(base64_decode($publicKey)); | |
17 | ||
18 | $string = hex2bin($owner.$flags.$protocol.$algorithm.$publicKey); | |
19 | ||
6a2c67f1 S |
20 | $sha1 = strtoupper(sha1($string)); |
21 | $sha256 = strtoupper(hash('sha256', $string)); | |
daff88c0 S |
22 | |
23 | return array('sha1' => $sha1, 'sha256' => $sha256); | |
24 | } | |
25 | ||
6a2c67f1 | 26 | public static function convertOwner ($owner) { |
daff88c0 S |
27 | $return = ''; |
28 | ||
29 | $data = explode(".", $owner); | |
30 | $return .= '0'.dechex(strlen($data[0])); | |
31 | $data[0] = str_split($data[0]); | |
32 | for ($i = 0; $i < count($data[0]); $i++) { | |
33 | $byte = strtoupper(dechex(ord($data[0][$i]))); | |
34 | $byte = str_repeat('0', 2 - strlen($byte)).$byte; | |
35 | $return .= $byte; | |
36 | } | |
37 | ||
38 | $return .= '0'.dechex(strlen($data[1])); | |
39 | $data[1] = str_split($data[1]); | |
40 | ||
41 | for ($i = 0; $i < count($data[1]); $i++) { | |
42 | $byte = strtoupper(dechex(ord($data[1][$i]))); | |
43 | $byte = str_repeat('0', 2 - strlen($byte)).$byte; | |
44 | $return .= $byte; | |
45 | } | |
46 | ||
47 | $return .= '00'; | |
48 | ||
49 | return $return; | |
50 | } | |
8a0590a6 S |
51 | |
52 | public static function validatePublicKey ($content) { | |
53 | $pattern = "; This is a (key|zone)-signing key, keyid (?P<keyid>[0-9]+), for (?P<domain>[\s\S]+)\.\n"; | |
54 | $pattern .= "; Created: (?P<created>[0-9]+) \(([a-z0-9: ]+)\)\n"; | |
55 | $pattern .= "; Publish: (?P<publish>[0-9]+) \(([a-z0-9: ]+)\)\n"; | |
56 | $pattern .= "; Activate: (?P<activate>[0-9]+) \(([a-z0-9: ]+)\)\n"; | |
6a2c67f1 | 57 | $pattern .= "([\s\S]+). IN DNSKEY 25(6|7) 3 (?P<algorithm>[0-9]+) (?P<key>[\s\S]+)(\n)?"; |
8a0590a6 S |
58 | preg_match('/'.$pattern.'/i', $content, $matches); |
59 | if (!empty($matches)) { | |
45c89c08 S |
60 | if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) { |
61 | return false; | |
62 | } | |
63 | ||
8a0590a6 S |
64 | $data = explode(' ', $matches['key']); |
65 | foreach ($data as $d) { | |
66 | if (base64_encode(base64_decode($d, true)) !== $d) { | |
67 | return false; | |
68 | } | |
69 | } | |
70 | } | |
71 | else { | |
72 | return false; | |
73 | } | |
74 | ||
75 | return true; | |
76 | } | |
77 | ||
78 | public static function validatePrivateKey ($content) { | |
79 | $pattern = "Private-key-format: v([0-9a-z.]+)\n"; | |
80 | $pattern .= "Algorithm: (?P<algorithm>[0-9]+) \(([0-9a-z\-]+)\)\n"; | |
81 | $pattern .= "Modulus: (?P<modulus>[\s\S]+)\n"; | |
82 | $pattern .= "PublicExponent: (?P<publicexponent>[\s\S]+)\n"; | |
83 | $pattern .= "Prime1: (?P<prime1>[\s\S]+)\n"; | |
84 | $pattern .= "Prime2: (?P<prime2>[\s\S]+)\n"; | |
85 | $pattern .= "Exponent1: (?P<exponent1>[\s\S]+)\n"; | |
86 | $pattern .= "Exponent2: (?P<exponent2>[\s\S]+)\n"; | |
87 | $pattern .= "Coefficient: (?P<coefficient>[\s\S]+)\n"; | |
88 | $pattern .= "Created: (?P<created>[0-9]+)\n"; | |
89 | $pattern .= "Publish: (?P<publish>[0-9]+)\n"; | |
6a2c67f1 | 90 | $pattern .= "Activate: (?P<activate>[0-9]+)(\n)?"; |
8a0590a6 S |
91 | |
92 | preg_match('/'.$pattern.'/i', $content, $matches); | |
93 | if (!empty($matches)) { | |
45c89c08 S |
94 | if (!in_array($matches['algorithm'], array(1, 2, 3, 5, 6, 7, 8, 10, 12, 13, 14))) { |
95 | return false; | |
96 | } | |
97 | else if (base64_encode(base64_decode($matches['modulus'], true)) !== $matches['modulus']) { | |
98 | return false; | |
99 | } | |
100 | else if (base64_encode(base64_decode($matches['publicexponent'], true)) !== $matches['publicexponent']) { | |
101 | return false; | |
102 | } | |
103 | else if (base64_encode(base64_decode($matches['prime1'], true)) !== $matches['prime1']) { | |
104 | return false; | |
105 | } | |
106 | else if (base64_encode(base64_decode($matches['prime2'], true)) !== $matches['prime2']) { | |
107 | return false; | |
108 | } | |
109 | else if (base64_encode(base64_decode($matches['exponent1'], true)) !== $matches['exponent1']) { | |
110 | return false; | |
111 | } | |
112 | else if (base64_encode(base64_decode($matches['exponent2'], true)) !== $matches['exponent2']) { | |
113 | return false; | |
114 | } | |
115 | else if (base64_encode(base64_decode($matches['coefficient'], true)) !== $matches['coefficient']) { | |
116 | return false; | |
117 | } | |
8a0590a6 S |
118 | } |
119 | else { | |
120 | return false; | |
121 | } | |
122 | ||
123 | return true; | |
124 | } | |
daff88c0 | 125 | } |