On 10/27/2010 06:46 PM, Mark Elkins wrote:
I would like to calculate the Key-ID from a DNSKEY record. I'd prefer to do this in PHP as this is inside some existing PHP (Web) scripts but I guess calling a C program would not be too inconvenient.
I use some Python code to do this in our debugging/management tools, translated straight from the RFC; it might convert pretty easily into PHP, although in my experience language number/bit-shift/overflow behaviour can be a bit... odd.
def key2keytag(flags, alg1, alg2, keydata): data = struct.pack('!HBB', flags, alg1, alg2) data += keydata.decode('base64') v = 0 for i in range(len(data)): if i & 1: v += ord(data[i]) else: v += ord(data[i]) << 8 v += (v >> 16) & 0xffff return v & 0xffff Called like so: tag = key2tag(257, 3, 5, 'AwEAA...') Very handy during testing is: dig +multi domain.com DNSKEY ...which displays the tag as a comment. HTH _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users