1<?php 2/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */ 3 4/** 5 * DNS Library for handling lookups and updates. 6 * 7 * PHP Version 5 8 * 9 * Copyright (c) 2010, Mike Pultz <mike@mikepultz.com>. 10 * All rights reserved. 11 * 12 * Redistribution and use in source and binary forms, with or without 13 * modification, are permitted provided that the following conditions 14 * are met: 15 * 16 * * Redistributions of source code must retain the above copyright 17 * notice, this list of conditions and the following disclaimer. 18 * 19 * * Redistributions in binary form must reproduce the above copyright 20 * notice, this list of conditions and the following disclaimer in 21 * the documentation and/or other materials provided with the 22 * distribution. 23 * 24 * * Neither the name of Mike Pultz nor the names of his contributors 25 * may be used to endorse or promote products derived from this 26 * software without specific prior written permission. 27 * 28 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 29 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 30 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 31 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 32 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 33 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 34 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 35 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 36 * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRIC 37 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 38 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 39 * POSSIBILITY OF SUCH DAMAGE. 40 * 41 * @category Networking 42 * @package Net_DNS2 43 * @author Mike Pultz <mike@mikepultz.com> 44 * @copyright 2010 Mike Pultz <mike@mikepultz.com> 45 * @license http://www.opensource.org/licenses/bsd-license.php BSD License 46 * @version SVN: $Id$ 47 * @link http://pear.php.net/package/Net_DNS2 48 * @since File available since Release 0.6.0 49 * 50 * This file contains code based off the Net::DNS::SEC Perl module by 51 * Olaf M. Kolkman 52 * 53 * This is the copyright notice from the PERL Net::DNS::SEC module: 54 * 55 * Copyright (c) 2001 - 2005 RIPE NCC. Author Olaf M. Kolkman 56 * Copyright (c) 2007 - 2008 NLnet Labs. Author Olaf M. Kolkman 57 * <olaf@net-dns.org> 58 * 59 * All Rights Reserved 60 * 61 * Permission to use, copy, modify, and distribute this software and its 62 * documentation for any purpose and without fee is hereby granted, 63 * provided that the above copyright notice appear in all copies and that 64 * both that copyright notice and this permission notice appear in 65 * supporting documentation, and that the name of the author not be 66 * used in advertising or publicity pertaining to distribution of the 67 * software without specific, written prior permission. 68 * 69 * THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING 70 * ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL 71 * AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY 72 * DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 73 * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 74 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 75 * 76 */ 77 78/** 79 * RRSIG Resource Record - RFC4034 sction 3.1 80 * 81 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 82 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 83 * | Type Covered | Algorithm | Labels | 84 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 85 * | Original TTL | 86 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 87 * | Signature Expiration | 88 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 89 * | Signature Inception | 90 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 91 * | Key Tag | / 92 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Signer's Name / 93 * / / 94 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 95 * / / 96 * / Signature / 97 * / / 98 * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 99 * 100 * @category Networking 101 * @package Net_DNS2 102 * @author Mike Pultz <mike@mikepultz.com> 103 * @license http://www.opensource.org/licenses/bsd-license.php BSD License 104 * @link http://pear.php.net/package/Net_DNS2 105 * @see Net_DNS2_RR 106 * 107 */ 108class Net_DNS2_RR_RRSIG extends Net_DNS2_RR 109{ 110 /* 111 * the RR type covered by this signature 112 */ 113 public $typecovered; 114 115 /* 116 * the algorithm used for the signature 117 */ 118 public $algorithm; 119 120 /* 121 * the number of labels in the name 122 */ 123 public $labels; 124 125 /* 126 * the original TTL 127 */ 128 public $origttl; 129 130 /* 131 * the signature expiration 132 */ 133 public $sigexp; 134 135 /* 136 * the inception of the signature 137 */ 138 public $sigincep; 139 140 /* 141 * the keytag used 142 */ 143 public $keytag; 144 145 /* 146 * the signer's name 147 */ 148 public $signname; 149 150 /* 151 * the signature 152 */ 153 public $signature; 154 155 /** 156 * method to return the rdata portion of the packet as a string 157 * 158 * @return string 159 * @access protected 160 * 161 */ 162 protected function rrToString() 163 { 164 return $this->typecovered . ' ' . $this->algorithm . ' ' . 165 $this->labels . ' ' . $this->origttl . ' ' . 166 $this->sigexp . ' ' . $this->sigincep . ' ' . 167 $this->keytag . ' ' . $this->cleanString($this->signname) . '. ' . 168 $this->signature; 169 } 170 171 /** 172 * parses the rdata portion from a standard DNS config line 173 * 174 * @param array $rdata a string split line of values for the rdata 175 * 176 * @return boolean 177 * @access protected 178 * 179 */ 180 protected function rrFromString(array $rdata) 181 { 182 $this->typecovered = strtoupper(array_shift($rdata)); 183 $this->algorithm = array_shift($rdata); 184 $this->labels = array_shift($rdata); 185 $this->origttl = array_shift($rdata); 186 $this->sigexp = array_shift($rdata); 187 $this->sigincep = array_shift($rdata); 188 $this->keytag = array_shift($rdata); 189 $this->signname = $this->cleanString(array_shift($rdata)); 190 191 foreach ($rdata as $line) { 192 193 $this->signature .= $line; 194 } 195 196 $this->signature = trim($this->signature); 197 198 return true; 199 } 200 201 /** 202 * parses the rdata of the Net_DNS2_Packet object 203 * 204 * @param Net_DNS2_Packet &$packet a Net_DNS2_Packet packet to parse the RR from 205 * 206 * @return boolean 207 * @access protected 208 * 209 */ 210 protected function rrSet(Net_DNS2_Packet &$packet) 211 { 212 if ($this->rdlength > 0) { 213 214 // 215 // unpack 216 // 217 $x = unpack( 218 'ntc/Calgorithm/Clabels/Norigttl/Nsigexp/Nsigincep/nkeytag', 219 $this->rdata 220 ); 221 222 $this->typecovered = Net_DNS2_Lookups::$rr_types_by_id[$x['tc']]; 223 $this->algorithm = $x['algorithm']; 224 $this->labels = $x['labels']; 225 $this->origttl = Net_DNS2::expandUint32($x['origttl']); 226 227 // 228 // the dates are in GM time 229 // 230 $this->sigexp = gmdate('YmdHis', $x['sigexp']); 231 $this->sigincep = gmdate('YmdHis', $x['sigincep']); 232 233 // 234 // get the keytag 235 // 236 $this->keytag = $x['keytag']; 237 238 // 239 // get teh signers name and signature 240 // 241 $offset = $packet->offset + 18; 242 $sigoffset = $offset; 243 244 $this->signname = strtolower( 245 Net_DNS2_Packet::expand($packet, $sigoffset) 246 ); 247 $this->signature = base64_encode( 248 substr($this->rdata, 18 + ($sigoffset - $offset)) 249 ); 250 251 return true; 252 } 253 254 return false; 255 } 256 257 /** 258 * returns the rdata portion of the DNS packet 259 * 260 * @param Net_DNS2_Packet &$packet a Net_DNS2_Packet packet use for 261 * compressed names 262 * 263 * @return mixed either returns a binary packed 264 * string or null on failure 265 * @access protected 266 * 267 */ 268 protected function rrGet(Net_DNS2_Packet &$packet) 269 { 270 if (strlen($this->signature) > 0) { 271 272 // 273 // parse the values out of the dates 274 // 275 preg_match( 276 '/(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/', $this->sigexp, $e 277 ); 278 preg_match( 279 '/(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})/', $this->sigincep, $i 280 ); 281 282 // 283 // pack the value 284 // 285 $data = pack( 286 'nCCNNNn', 287 Net_DNS2_Lookups::$rr_types_by_name[$this->typecovered], 288 $this->algorithm, 289 $this->labels, 290 $this->origttl, 291 gmmktime($e[4], $e[5], $e[6], $e[2], $e[3], $e[1]), 292 gmmktime($i[4], $i[5], $i[6], $i[2], $i[3], $i[1]), 293 $this->keytag 294 ); 295 296 // 297 // the signer name is special; it's not allowed to be compressed 298 // (see section 3.1.7) 299 // 300 $names = explode('.', strtolower($this->signname)); 301 foreach ($names as $name) { 302 303 $data .= chr(strlen($name)); 304 $data .= $name; 305 } 306 $data .= "\0"; 307 308 // 309 // add the signature 310 // 311 $data .= base64_decode($this->signature); 312 313 $packet->offset += strlen($data); 314 315 return $data; 316 } 317 318 return null; 319 } 320} 321 322/* 323 * Local variables: 324 * tab-width: 4 325 * c-basic-offset: 4 326 * c-hanging-comment-ender-p: nil 327 * End: 328 */ 329?> 330