I needed a way to get the KeyTag for a DNSKEY from only the public key
The SIDN EPP gives you the current keys from a domain but does not give you the keytag you need to remove the key.
This code seems to work on all my tested keys.
(Sorry the plugin/wordpress seems to remove all indentation)
function generate_keytag($flags, $prot, $algo, $key){ $rdata = base64_decode($key); $sum=0; $wire = pack("ncc", $flags, 3, $algo) . $rdata; if($algo == 1) { $keytag = 0xffff & unpack("n", substr($wire,-3,2)) ; } else { $sum=0; for($i = 0; $i < strlen($wire); $i++) { $a = unpack("C", substr($wire,$i,1)); $sum += ($i & 1) ? $a[1] : $a[1] << 8; } $keytag = 0xffff & ($sum + ($sum >> 16)); } return $keytag; }
Just call it like:
$key=generate_keytag('257','3', '7', "AwEAAb4blA1icFmw8q9s....");
Please make sure there are no spaces and other formating codes in the key (\n\r\t).
No guarantees, it works for me ,maybe I can help someone else with this code..
Robin..
Thanks – I was calling an external Python script from a PHP program. Now its all PHP!