1 <?php
2 /*
3 * genkey.php,v 1.0 2006/08/25 21:00:00
4 *
5 * Copyright 2006 Alejandro Escanero Blanco <aescanero@chaosdimension.org>
6 *
7 * See the enclosed file COPYING for license information (GPL). If you
8 * did not receive this file, see http://www.fsf.org/copyleft/gpl.html.
9 */
11 require_once("deslib.php");
12 require_once("mkey.php");
13 require_once("asnencode.php");
15 class genkey{
17 var $masterkey;
18 var $desclass;
19 var $intg_dkey;
20 var $crypt_dkey;
21 var $rnd_key;
22 var $stringtokey;
23 var $ekey;
24 var $keytype;
25 var $salt;
26 var $sha1_hmac;
27 var $okey;
28 var $keystr;
29 var $b64;
31 function genkey($mkey){
32 if($mkey->getKeyType_Entry(0)!=DES3_CBC_SHA1) die ("only spported DES3_CBC_SHA1 m-key");
33 $this->masterkey=$mkey->getKey_Entry_A(0);
34 /* printf("mkey: ");
35 for ($i=0;$i<count($this->masterkey);$i++) printf("%02x",$this->masterkey[$i]);
36 printf("\n");*/
37 $this->desclass=new Des();
38 $this->intg_dkey=$this->desclass->derive_key_integrity($this->masterkey);
39 $this->crypt_dkey=$this->desclass->derive_key_encrypt($this->masterkey);
40 $this->rnd_key=$this->desclass->DES_new_random_key(8);
41 $this->ekey=$this->rnd_key;
42 }
44 function generate($keytype,$name,$realm,$pass){
45 $this->keytype=$keytype;
46 $this->salt=$realm.$name;
47 switch($keytype){
48 case DES_CBC_CRC:
49 case DES_CBC_MD4:
50 case DES_CBC_MD5:
51 $this->desclass->DesStringToKey($pass,$realm,$name);
52 break;
53 case DES3_CBC_MD5:
54 $this->desclass->Des3StringToKey($pass,$realm,$name);
55 break;
56 case DES3_CBC_SHA1:
57 $this->desclass->Des3StringToKeyDerived($pass,$realm,$name);
58 break;
59 default:
60 die ("keytype not supported, supported keys are: des-cbc-crc,des-cbc-md4,des-cbc-md5,des3-cbc-md5,des3-cbc-sha1");
61 }
62 $this->stringtokey=$this->desclass->out;
63 for ($i=0;$i<count($this->stringtokey);$i++){
64 $this->ekey[8+$i]=$this->stringtokey[$i];
65 }
66 $hash_key="";
67 for ($i=0;$i<count($this->rnd_key);$i++){
68 $hash_key.=chr($this->rnd_key[$i]);
69 }
70 for ($i=0;$i<count($this->stringtokey);$i++){
71 $hash_key.=chr($this->stringtokey[$i]);
72 }
74 $data="";
75 for ($i=0;$i<count($this->intg_dkey);$i++){
76 $data.=chr($this->intg_dkey[$i]);
77 }
78 $sha1_hmac_raw=$this->hmacsha1($data,$hash_key);
79 $this->sha1hmac=array();
80 for ($i=0;$i<strlen($sha1_hmac_raw);$i++){
81 $this->sha1hmac[$i]=ord(substr($sha1_hmac_raw,$i,1));
82 }
84 //MUST CHANGE for derive_key_encrypt
86 $keys=array(3);
87 for($i = 0;$i < 3; $i++){
88 $keys[$i]=array(8);
89 for($j = 0;$j < 8; $j++) $keys[$i][$j]=$this->crypt_dkey[($i*8)+$j];
90 }
91 $ks1=$this->desclass->des_make_key_sched($keys[0]);
92 $ks2=$this->desclass->des_make_key_sched($keys[1]);
93 $ks3=$this->desclass->des_make_key_sched($keys[2]);
95 $this->okey=$this->desclass->DES_ede3_cbc_encrypt($this->ekey,true,$ks1,$ks2,$ks3,16);
96 for ($i=0;$i<count($this->sha1hmac);$i++) $this->okey[]=$this->sha1hmac[$i];
97 $this->keystr="";
98 for($i=0;$i<count($this->okey);$i++) $this->keystr.=chr($this->okey[$i]);
99 return($this->keystr);
100 /* $stringh="";
101 for($i=0;$i<count($oekey);$i++) $stringh.=sprintf("%02x",$oekey[$i]);
102 print "OUT EKEY: ".$stringh."\n";*/
103 }
105 function encode(){
106 $asn_int_1=new asnEncode();
107 $asn_int_1->encodeInteger($this->keytype);//tipo codificacion?
108 $asn_int_2=new asnEncode();
109 $asn_int_2->encodeInteger(3);
110 $asn_int_3=new asnEncode();
111 $asn_int_3->encodeInteger(3);
112 $asn_int_4=new asnEncode();
113 $asn_int_4->encodeInteger(1);
115 $asn_salt=new asnEncode();
116 $asn_salt->encodeOctetString($this->salt);
117 $asn_key=new asnEncode();
118 $asn_key->encodeOctetString($this->keystr);
120 $asn_salt_seq=new asnEncode();
121 $asn_salt_seq->encodeSequence(0,$asn_int_2->getStream());
122 $asn_salt_seq->encodeSequence(1,$asn_salt->getStream());
124 $asn_salt_obj=new asnEncode();
125 $asn_salt_obj->encodeObject(0x30,$asn_salt_seq->getStream());
127 $asn_seq3=new asnEncode();
128 $asn_seq3->encodeSequence(0,$asn_int_1->getStream());
129 $asn_seq3->encodeSequence(1,$asn_key->getStream());
130 $asn_seq3->encodeSequence(2,$asn_salt_obj->getStream());
132 $asn_key_obj=new asnEncode();
133 $asn_key_obj->encodeObject(0x30,$asn_seq3->getStream());
135 $asn_seq4=new asnEncode();
136 $asn_seq4->encodeSequence(0,$asn_int_4->getStream());
137 $asn_seq4->encodeSequence(1,$asn_key_obj->getStream());
139 $asn_obj=new asnEncode();
140 $asn_obj->encodeObject(0x30,$asn_seq4->getStream());
141 $this->b64=base64_encode($asn_obj->printString());
142 }
144 function printKey(){
145 printf("key(base64):\n".$this->b64."\n");
146 }
148 function hmacsha1($key,$data){
149 $blocksize=64;
150 $hashfunc='sha1';
151 if (strlen($key)>$blocksize)
152 $key=pack('H*', $hashfunc($key));
153 $key=str_pad($key,$blocksize,chr(0x00));
154 $ipad=str_repeat(chr(0x36),$blocksize);
155 $opad=str_repeat(chr(0x5c),$blocksize);
156 $hmac = pack(
157 'H*',$hashfunc(
158 ($key^$opad).pack(
159 'H*',$hashfunc(
160 ($key^$ipad).$data
161 )
162 )
163 )
164 );
165 return($hmac);
166 //return bin2hex($hmac);
167 }
169 };
170 ?>