1 <?php
2 /*
3 * genkey.php,v 1.0 2006/08/25 21:00:00
4 *
5 * Copyright 2006 Alejandro Escanero Blanco <aescanero@chaosdimension.org>
6 *
7 * See the enclosed file COPYING for license information (GPL). If you
8 * did not receive this file, see http://www.fsf.org/copyleft/gpl.html.
9 */
11 define(DES_CBC_CRC,1);
12 define(DES_CBC_MD4,2);
13 define(DES_CBC_MD5,3);
14 define(DES3_CBC_MD5,5);
15 define(DES3_CBC_SHA1,16);
17 include("deslib.php");
18 include("mkey.php");
19 include("asnencode.php");
21 class genkey{
23 var $masterkey;
24 var $desclass;
25 var $intg_dkey;
26 var $crypt_dkey;
27 var $rnd_key;
28 var $stringtokey;
29 var $ekey;
30 var $keytype;
31 var $salt;
32 var $sha1_hmac;
33 var $okey;
34 var $keystr;
35 var $b64;
37 function genkey($mkey){
38 if($mkey->getKeyType_Entry(0)!=DES3_CBC_SHA1) die ("only spported DES3_CBC_SHA1 m-key");
39 $this->masterkey=$mkey->getKey_Entry_A(0);
40 /* printf("mkey: ");
41 for ($i=0;$i<count($this->masterkey);$i++) printf("%02x",$this->masterkey[$i]);
42 printf("\n");*/
43 $this->desclass=new Des();
44 $this->intg_dkey=$this->desclass->derive_key_integrity($this->masterkey);
45 $this->crypt_dkey=$this->desclass->derive_key_encrypt($this->masterkey);
46 $this->rnd_key=$this->desclass->DES_new_random_key(8);
47 $this->ekey=$this->rnd_key;
48 }
50 function generate($keytype,$name,$realm,$pass){
51 $this->keytype=$keytype;
52 $this->salt=$realm.$name;
53 switch($keytype){
54 case DES_CBC_CRC:
55 case DES_CBC_MD4:
56 case DES_CBC_MD5:
57 $this->desclass->DesStringToKey($pass,$realm,$name);
58 break;
59 case DES3_CBC_MD5:
60 $this->desclass->Des3StringToKey($pass,$realm,$name);
61 break;
62 case DES3_CBC_SHA1:
63 $this->desclass->Des3StringToKeyDerived($pass,$realm,$name);
64 break;
65 default:
66 die ("keytype not supported, supported keys are: des-cbc-crc,des-cbc-md4,des-cbc-md5,des3-cbc-md5,des3-cbc-sha1");
67 }
68 $this->stringtokey=$this->desclass->out;
69 for ($i=0;$i<count($this->stringtokey);$i++){
70 $this->ekey[8+$i]=$this->stringtokey[$i];
71 }
72 $hash_key="";
73 for ($i=0;$i<count($this->rnd_key);$i++){
74 $hash_key.=chr($this->rnd_key[$i]);
75 }
76 for ($i=0;$i<count($this->stringtokey);$i++){
77 $hash_key.=chr($this->stringtokey[$i]);
78 }
80 $data="";
81 for ($i=0;$i<count($this->intg_dkey);$i++){
82 $data.=chr($this->intg_dkey[$i]);
83 }
84 $sha1_hmac_raw=$this->hmacsha1($data,$hash_key);
85 $this->sha1hmac=array();
86 for ($i=0;$i<strlen($sha1_hmac_raw);$i++){
87 $this->sha1hmac[$i]=ord(substr($sha1_hmac_raw,$i,1));
88 }
90 //MUST CHANGE for derive_key_encrypt
92 $keys=array(3);
93 for($i = 0;$i < 3; $i++){
94 $keys[$i]=array(8);
95 for($j = 0;$j < 8; $j++) $keys[$i][$j]=$this->crypt_dkey[($i*8)+$j];
96 }
97 $ks1=$this->desclass->des_make_key_sched($keys[0]);
98 $ks2=$this->desclass->des_make_key_sched($keys[1]);
99 $ks3=$this->desclass->des_make_key_sched($keys[2]);
101 $this->okey=$this->desclass->DES_ede3_cbc_encrypt($this->ekey,true,$ks1,$ks2,$ks3,16);
102 for ($i=0;$i<count($this->sha1hmac);$i++) $this->okey[]=$this->sha1hmac[$i];
103 $this->keystr="";
104 for($i=0;$i<count($this->okey);$i++) $this->keystr.=chr($this->okey[$i]);
105 return($this->keystr);
106 /* $stringh="";
107 for($i=0;$i<count($oekey);$i++) $stringh.=sprintf("%02x",$oekey[$i]);
108 print "OUT EKEY: ".$stringh."\n";*/
109 }
111 function encode(){
112 $asn_int_1=new asnEncode();
113 $asn_int_1->encodeInteger($this->keytype);//tipo codificacion?
114 $asn_int_2=new asnEncode();
115 $asn_int_2->encodeInteger(3);
116 $asn_int_3=new asnEncode();
117 $asn_int_3->encodeInteger(3);
118 $asn_int_4=new asnEncode();
119 $asn_int_4->encodeInteger(1);
121 $asn_salt=new asnEncode();
122 $asn_salt->encodeOctetString($this->salt);
123 $asn_key=new asnEncode();
124 $asn_key->encodeOctetString($this->keystr);
126 $asn_salt_seq=new asnEncode();
127 $asn_salt_seq->encodeSequence(0,$asn_int_2->getStream());
128 $asn_salt_seq->encodeSequence(1,$asn_salt->getStream());
130 $asn_salt_obj=new asnEncode();
131 $asn_salt_obj->encodeObject(0x30,$asn_salt_seq->getStream());
133 $asn_seq3=new asnEncode();
134 $asn_seq3->encodeSequence(0,$asn_int_1->getStream());
135 $asn_seq3->encodeSequence(1,$asn_key->getStream());
136 $asn_seq3->encodeSequence(2,$asn_salt_obj->getStream());
138 $asn_key_obj=new asnEncode();
139 $asn_key_obj->encodeObject(0x30,$asn_seq3->getStream());
141 $asn_seq4=new asnEncode();
142 $asn_seq4->encodeSequence(0,$asn_int_4->getStream());
143 $asn_seq4->encodeSequence(1,$asn_key_obj->getStream());
145 $asn_obj=new asnEncode();
146 $asn_obj->encodeObject(0x30,$asn_seq4->getStream());
147 $this->b64=base64_encode($asn_obj->printString());
148 }
150 function printKey(){
151 printf("key(base64):\n".$this->b64."\n");
152 }
154 function hmacsha1($key,$data){
155 $blocksize=64;
156 $hashfunc='sha1';
157 if (strlen($key)>$blocksize)
158 $key=pack('H*', $hashfunc($key));
159 $key=str_pad($key,$blocksize,chr(0x00));
160 $ipad=str_repeat(chr(0x36),$blocksize);
161 $opad=str_repeat(chr(0x5c),$blocksize);
162 $hmac = pack(
163 'H*',$hashfunc(
164 ($key^$opad).pack(
165 'H*',$hashfunc(
166 ($key^$ipad).$data
167 )
168 )
169 )
170 );
171 return($hmac);
172 //return bin2hex($hmac);
173 }
175 };
176 ?>