PageRenderTime 58ms CodeModel.GetById 28ms RepoModel.GetById 1ms app.codeStats 0ms

/mds/web/modules/network/network/dnsrecords/key.php

https://github.com/vmasilva/mmc
PHP | 392 lines | 305 code | 82 blank | 5 comment | 38 complexity | 0654b776429ab33fdc50af491d393ffe MD5 | raw file
Possible License(s): GPL-2.0
  1. <?
  2. class keyRecord extends RecordBase{
  3. function keyRecord($config = array()){
  4. $this->RecordBase($config);
  5. $this->values["flags"] = "0";
  6. $this->values["protocol"] = "1";
  7. $this->values["algorithm"] = "1";
  8. $this->values["signature"] = "";
  9. }
  10. function check($zone = ""){
  11. $error = "";
  12. if (strlen($this->values["protocol"]) == 0)
  13. $error .= _T("Custom protocol is no setted") . "<br>";
  14. if (strlen($this->values["algorithm"]) == 0)
  15. $error .= _T("Custom algorithm is no setted") . "<br>";
  16. $fh = new FlagsHandler($this->values["flags"]);
  17. if ($fh->needSignature())
  18. if (strlen($this->values["signature"]) == 0)
  19. $error .= _T("Signature is no setted") . "<br>";
  20. else
  21. if (strlen($this->values["signature"]) % 4 > 0)
  22. $error .= _T("Signature is incorrect") . "<br>";
  23. return $error;
  24. }
  25. function initValuesFromArray($arr){
  26. $this->hostname = $arr[$this->pn("hostname")];
  27. $algorithmsMap = $this->algorithms();
  28. $algorithms = array_values($algorithmsMap);
  29. $this->values["algorithm"] = ($arr[$this->pn("algorithm")] == count($algorithms) - 1) ?
  30. $arr[$this->pn("customalgorithm")] :
  31. array_search($algorithms[$arr[$this->pn("algorithm")]], $algorithmsMap);
  32. $protocolsMap = $this->protocols();
  33. $protocols = array_values($protocolsMap);
  34. $this->values["protocol"] = ($arr[$this->pn("protocol")] == count($protocols) - 1) ?
  35. $arr[$this->pn("customprotocol")] :
  36. array_search($protocols[$arr[$this->pn("protocol")]], $protocolsMap);
  37. $fh = new FlagsHandler();
  38. $fh->setUsePolicy($arr[$this->pn("usepolicy")]);
  39. $fh->setNameType($arr[$this->pn("nametype")]);
  40. $fh->setZoneUpdate(isset($arr[$this->pn("zoneupdate")]));
  41. $fh->setStrongUpdate(isset($arr[$this->pn("strongupdate")]));
  42. $fh->setNameUpdate(isset($arr[$this->pn("uniquenameupdate")]));
  43. $fh->adjust();
  44. $this->values["flags"] = $fh->flags();
  45. $this->values["signature"] = $fh->needSignature() ? $arr[$this->pn("signature")] : "";
  46. }
  47. function initValuesFromString($str){
  48. $values = explode(" ", $str);
  49. if (count($values) < 3){
  50. $this->markError(RecordError::PARSE, $str);
  51. return;
  52. }
  53. $this->values["flags"] = $values[0];
  54. $this->values["protocol"] = $values[1];
  55. $this->values["algorithm"] = $values[2];
  56. if (count($values) > 3)
  57. $this->values["signature"] = $values[3];
  58. //echo "sig size is " . strlen($this->values["signature"] );
  59. }
  60. function createUiContainers(){
  61. $protocolsMap = $this->protocols();
  62. $protocols = array_values($protocolsMap);
  63. if (isset($protocolsMap[$this->values["protocol"]])){
  64. $protocolIndex = array_search($protocolsMap[$this->values["protocol"]], protocols);
  65. $customProtocol = "";
  66. } else {
  67. $protocolIndex = count($protocols) - 1;
  68. $customProtocol = $this->values["protocol"];
  69. }
  70. $isCustomProtocol = ($protocolIndex == (count($protocols) - 1)) ? "checked" : "";
  71. $algorithmsMap = $this->algorithms();
  72. $algorithms = array_values($algorithmsMap);
  73. if (isset($algorithmsMap[$this->values["algorithm"]])){
  74. $algorithmIndex = array_search($algorithmsMap[$this->values["algorithm"]], $algorithms);
  75. $customAlgorithm = "";
  76. } else {
  77. $algorithmIndex = count($algorithms) - 1;
  78. $customAlgorithm = $this->values["algorithm"];
  79. }
  80. $isCustomAlgorithm = ($algorithmIndex == (count($algorithms) - 1)) ? "checked" : "";
  81. $fh = new FlagsHandler($this->values["flags"]);
  82. $usePolicyIndex = $fh->usePolicy();
  83. $usePolicies = $fh->usePolicies();
  84. $hasSignature = ($usePolicyIndex < (count($usePolicies) - 1)) ? "checked" : "";
  85. $nameTypeIndex = $fh->nameType();
  86. $nameTypes = $fh->nameTypes();
  87. $hasUpdate = $fh->zoneUpdate() ? "checked" : "";
  88. $hasStrongUpdate = $fh->strongUpdate() ? "checked" : "";
  89. $hasUniqueNameUpdate = $fh->nameUpdate() ? "checked" : "";
  90. $protocolComboBox = new ExtendedSelectItem($this->pn("protocol"));
  91. $protocolComboBox->setAdditionalParams("onkeyup=\"this.blur();this.focus();\" onchange=\"var state = (this.selectedIndex == this.length - 1) ? 'inline' : 'none'; changeObjectDisplay('" . $this->pn("protocoldiv"). "',state);\"");
  92. $protocolComboBox->setElements(array_values($protocols));
  93. $protocolComboBox->setElementsVal(array_keys($protocols));
  94. $algorithmComboBox = new ExtendedSelectItem($this->pn("algorithm"));
  95. $algorithmComboBox->setAdditionalParams("onkeyup=\"this.blur();this.focus();\" onchange=\"var state = (this.selectedIndex == this.length - 1) ? 'inline' : 'none'; changeObjectDisplay('" . $this->pn("algorithmdiv"). "',state);\"");
  96. $algorithmComboBox->setElements(array_values($algorithms));
  97. $algorithmComboBox->setElementsVal(array_keys($algorithms));
  98. $usePolicyComboBox = new ExtendedSelectItem($this->pn("usepolicy"));
  99. $usePolicyComboBox->setAdditionalParams("onkeyup=\"this.blur();this.focus();\" onchange=\"var state = (this.selectedIndex < this.length - 1) ? 'inline' : 'none'; changeObjectDisplay('" . $this->pn("signaturediv"). "',state);\"");
  100. $usePolicyComboBox->setElements(array_values($usePolicies));
  101. $usePolicyComboBox->setElementsVal(array_keys($usePolicies));
  102. $nameTypeComboBox = new ExtendedSelectItem($this->pn("nametype"));
  103. $nameTypeComboBox->setElements(array_values($nameTypes));
  104. $nameTypeComboBox->setElementsVal(array_keys($nameTypes));
  105. $signatureTextarea = new TextareaTpl($this->pn("signature"));
  106. $signatureTextarea->setCols(43);
  107. $t1 = new Table();
  108. $t1->add($this->_createNameElement(_T("Domain name")),
  109. array("value" => $this->hostname, "required" => True));
  110. $t1->add(new TrFormElement(_T("Protocol"), $protocolComboBox),
  111. array("value"=>$protocolIndex));
  112. $protocolDiv = new Div(array("id" => $this->pn("protocoldiv")));
  113. $protocolDiv->setVisibility($isCustomProtocol);
  114. $t2 = new Table();
  115. $t2->add(new TrFormElement(
  116. _T("Custom protocol"),
  117. new InputTpl($this->pn("customprotocol"), '/^([01]?\d?\d|2[0-4]\d|25[0-5])$/'),
  118. array("tooltip" => _T("Protocol ranges from 0 to 255"))
  119. ),
  120. array("value"=>$customProtocol));
  121. $t3 = new Table();
  122. $t3->add(new TrFormElement(_T("Algorithm"), $algorithmComboBox),
  123. array("value"=>$algorithmIndex));
  124. $algorithmDiv = new Div(array("id" => $this->pn("algorithmdiv")));
  125. $algorithmDiv->setVisibility($isCustomAlgorithm);
  126. $t4 = new Table();
  127. $t4->add(new TrFormElement(
  128. _T("Custom algorithm"),
  129. new InputTpl($this->pn("customalgorithm"), '/^([01]?\d?\d|2[0-4]\d|25[0-5])$/'),
  130. array("tooltip" => _T("Algorithm ranges from 0 to 255"))
  131. ),
  132. array("value"=>$customAlgorithm));
  133. $t5 = new Table();
  134. $t5->add(new TrFormElement( _T("Use policy"), $usePolicyComboBox),
  135. array("value" => $usePolicyIndex));
  136. $t5->add(new TrFormElement( _T("Name type"), $nameTypeComboBox),
  137. array("value" => $nameTypeIndex));
  138. $t5->add(new TrFormElement(
  139. _T("Update mode for this zone"),
  140. new CheckboxTpl($this->pn("zoneupdate")),
  141. array("tooltip" => _T("If checked, this key is authorized to attach, detach, and move zones by creating and deleting NS, glue A, and zone record(s). If unchecked, the key can not authorize any update that would effect such records"))
  142. ),
  143. array("value" => $hasUpdate));
  144. $t5->add(new TrFormElement(
  145. _T("Strong update"),
  146. new CheckboxTpl($this->pn("strongupdate")),
  147. array("tooltip" => _T("If checked, this key is authorized to add and delete records even if there are other records with the same owner name and class that are authenticated by a SIG signed with a different dynamic update KEY. If unchecked, the key can only authorize updates where any existing records of the same owner and class are authenticated by a SIG using the same key."))
  148. ),
  149. array("value" => $hasStrongUpdate));
  150. $t5->add(new TrFormElement(
  151. _T("Unique name update"),
  152. new CheckboxTpl($this->pn("uniquenameupdate")),
  153. array("tooltip" => _T("If checked, this key is authorized to add and update records for only a single owner name."))
  154. ),
  155. array("value" => $hasUniqueNameUpdate));
  156. $signatureDiv = new Div(array("id" => $this->pn("signaturediv")));
  157. $signatureDiv->setVisibility($hasSignature);
  158. $t6 = new Table();
  159. $t6->add(new TrFormElement(_T("Signature"), $signatureTextarea),
  160. array("value" => $this->values["signature"]));
  161. return array($this->stackedUi($t1), $this->stackedUi($protocolDiv,0), $this->stackedUi($t2,2),
  162. $this->stackedUi($t3), $this->stackedUi($algorithmDiv,0), $this->stackedUi($t4,2),
  163. $this->stackedUi($t5), $this->stackedUi($signatureDiv,0), $this->stackedUi($t6,2));
  164. }
  165. function valuesToString(){
  166. $keys = array("flags","protocol","algorithm");
  167. $fh = new FlagsHandler($this->values["flags"]);
  168. if ($fh->needSignature())
  169. $keys[] = "signature";
  170. return $this->_stringByKeys($keys);
  171. }
  172. function valuesToDescription(){
  173. if (count($this->errors))
  174. return $this->errorsDescription();
  175. $fh = new FlagsHandler($this->values["flags"]);
  176. $policies = $fh->usePolicies();
  177. $types = $fh->nameTypes();
  178. $descrMap = array(
  179. //_T("") => $this->values["type"],
  180. _T("Algorithm") => $this->algorithmDescription($this->values["algorithm"]),
  181. _T("Protocol") => $this->protocolDescription($this->values["protocol"]),
  182. _T("Use policy") => $policies[$fh->usePolicy()],
  183. _T("Name type") => $types[$fh->nameType()],
  184. _T("Update mode for this zone") => $fh->zoneUpdate() ? _T("Yes") : _T("No"),
  185. _T("Strong update") => $fh->strongUpdate() ? _T("Yes") : _T("No"),
  186. _T("Unique name update") => $fh->nameUpdate() ? _T("Yes") : _T("No"),
  187. _T("Signature") => strlen($this->values["signature"]) ? $this->signatureDescription($this->values["signature"]) : _T("No")
  188. );
  189. return $this->_descriptionByValues($descrMap);
  190. }
  191. function algorithms(){
  192. $algorithms = array("1" => _T("RSA/MD5"),
  193. "2" => _T("Diffie-Hellman"),
  194. "3" => _T("DSA"),
  195. "4" => _T("Elliptic curve crypto"),
  196. "252" => _T("Indirect key format"),
  197. "253" => _T("Domain name (Private)"),
  198. "254" => _T("OID (Private)"),
  199. "256" => _T("custom")
  200. );
  201. return $algorithms;
  202. }
  203. function protocolDescription($proto){
  204. $descr=_T("Unknown") . " (" . $proto . ")";
  205. $protos = $this->protocols();
  206. if (in_array($proto, array_keys($protos)))
  207. $descr = $protos[$proto];
  208. return $descr;
  209. }
  210. function protocols(){
  211. $protocols = array("1" => _T("TLS"),
  212. "2" => _T("Email"),
  213. "3" => _T("DNSSEC"),
  214. "4" => _T("IPSEC"),
  215. "255" => _T("Any"),
  216. "256" => _T("custom")
  217. );
  218. return $protocols;
  219. }
  220. function algorithmDescription($alg){
  221. $descr=_T("Unknown") . " (" . $alg . ")";
  222. $algs = $this->algorithms();
  223. if (in_array($alg, array_keys($algs)))
  224. $descr = $algs[$alg];
  225. return $descr;
  226. }
  227. function signatureDescription($signature){
  228. //$search = array("\x00", "\x0a", "\x0d", "\x1a", "\x09");
  229. //$replace = array('\0', '\n', '\r', '\Z' , '\t');
  230. //$description = str_replace($search, $replace, $signature);
  231. $description = wordwrap($signature, 32, "<br>", true);
  232. return $description;
  233. }
  234. }
  235. class FlagsHandler {
  236. var $bits;
  237. function FlagsHandler($flags = 0){
  238. $tmp = intval($flags);
  239. for ($i = 0; $i < 16; $i++){
  240. $this->bits[15 - $i] = $tmp % 2;
  241. $tmp = $tmp >> 1;
  242. }
  243. }
  244. static function usePolicies(){
  245. $policies = array(_T("Permitted for authentication and/or confidentiality"),
  246. _T("Prohibited for confidentiality"),
  247. _T("Prohibited for authentication"),
  248. _T("No key"),
  249. );
  250. return $policies;
  251. }
  252. static function nameTypes(){
  253. $types = array(_T("User/Account"),
  254. _T("Zone"),
  255. _T("Non-zone entity"),
  256. );
  257. return $types;
  258. }
  259. function adjust(){
  260. $this->setGeneralUpdate(!($this->zoneUpdate() || $this->nameUpdate() || $this->strongUpdate()));
  261. }
  262. function flags(){
  263. $result = 0;
  264. for ($i = 0; $i < 16; $i++)
  265. $result += $this->bits[15 - $i] * pow(2, $i);
  266. return strval($result);
  267. }
  268. function setUsePolicy($policy){
  269. $this->bits[0] = ($policy / 2) % 2;
  270. $this->bits[1] = $policy % 2;
  271. }
  272. function usePolicy(){
  273. return $this->bits[0] * 2 + $this->bits[1];
  274. }
  275. function setNameType($type){
  276. $this->bits[6] = ($type / 2) % 2;
  277. $this->bits[7] = $type % 2;
  278. }
  279. function nameType(){
  280. return $this->bits[6] * 2 + $this->bits[7];
  281. }
  282. function setZoneUpdate($isUpdate){
  283. $this->bits[12] = $isUpdate ? 1 : 0;
  284. }
  285. function zoneUpdate(){
  286. return $this->bits[12] == 1;
  287. }
  288. function setStrongUpdate($isUpdate){
  289. $this->bits[13] = $isUpdate ? 1 : 0;
  290. }
  291. function strongUpdate(){
  292. return $this->bits[13] == 1;
  293. }
  294. function setNameUpdate($isUpdate){
  295. $this->bits[14] = $isUpdate ? 1 : 0;
  296. }
  297. function nameUpdate(){
  298. return $this->bits[14] == 1;
  299. }
  300. function setGeneralUpdate($isUpdate){
  301. $this->bits[15] = $isUpdate ? 1 : 0;
  302. }
  303. function generalUpdate(){
  304. return $this->bits[15] == 1;
  305. }
  306. function needSignature(){
  307. return $this->usePolicy() < 3;
  308. }
  309. }
  310. ?>