Support session keys

This commit is contained in:
Stephen Paul Weber 2013-01-26 11:26:55 -05:00
parent 8c60f4e37b
commit 641c07835b
2 changed files with 61 additions and 51 deletions

View File

@ -8,34 +8,21 @@ class OpenPGP_Crypt_AES_TripleDES {
public static function decryptSymmetric($pass, $m) {
foreach($m as $p) {
if($p instanceof OpenPGP_SymmetricSessionKeyPacket) {
switch($p->symmetric_algorithm) {
case 2:
$cipher = new Crypt_TripleDES(CRYPT_DES_MODE_CFB);
$key_bytes = 24;
$key_block_bytes = 8;
break;
case 7:
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
$cipher->setKeyLength(128);
break;
case 8:
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
$cipher->setKeyLength(192);
break;
case 9:
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
$cipher->setKeyLength(256);
break;
}
if(!$cipher) continue; // Unsupported cipher
if(!isset($key_bytes)) $key_bytes = $cipher->key_size;
if(!isset($key_block_bytes)) $key_block_bytes = $cipher->block_size;
list($cipher, $key_bytes, $key_block_bytes) = self::getCipher($p->symmetric_algorithm);
if(!$cipher) continue;
$cipher->setKey($p->s2k->make_key($pass, $key_bytes));
if(strlen($p->encrypted_data) > 0) {
$padAmount = $key_block_bytes - (strlen($p->encrypted_data) % $key_block_bytes);
$data = substr($cipher->decrypt($p->encrypted_data . str_repeat("\0", $padAmount)), 0, strlen($p->encrypted_data));
list($cipher, $key_bytes, $key_block_bytes) = self::getCipher(ord($data{0}));
if(!$cipher) continue;
$cipher->setKey(substr($data, 1));
}
$epacket = self::getEncryptedData($m);
$padAmount = $key_block_bytes - (strlen($epacket->data) % $key_block_bytes);
if(strlen($p->encrypted_data) < 1) {
if($epacket instanceof OpenPGP_IntegrityProtectedDataPacket) {
$data = substr($cipher->decrypt($epacket->data . str_repeat("\0", $padAmount)), 0, strlen($epacket->data));
$prefix = substr($data, 0, $key_block_bytes + 2);
@ -62,15 +49,40 @@ class OpenPGP_Crypt_AES_TripleDES {
} catch (Exception $ex) { $msg = NULL; }
if($msg) return $msg; /* Otherwise keep trying */
}
} else {
// TODO
}
}
}
return NULL; /* If we get here, we failed */
}
public static function getCipher($algo) {
switch($algo) {
case 2:
$cipher = new Crypt_TripleDES(CRYPT_DES_MODE_CFB);
$key_bytes = 24;
$key_block_bytes = 8;
break;
case 7:
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
$cipher->setKeyLength(128);
break;
case 8:
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
$cipher->setKeyLength(192);
break;
case 9:
$cipher = new Crypt_AES(CRYPT_AES_MODE_CFB);
$cipher->setKeyLength(256);
break;
default:
$cipher = NULL;
}
if(!$cipher) return array(NULL, NULL, NULL); // Unsupported cipher
if(!isset($key_bytes)) $key_bytes = $cipher->key_size;
if(!isset($key_block_bytes)) $key_block_bytes = $cipher->block_size;
return array($cipher, $key_bytes, $key_block_bytes);
}
public static function getEncryptedData($m) {
foreach($m as $p) {
if($p instanceof OpenPGP_EncryptedDataPacket) return $p;

View File

@ -84,11 +84,9 @@ class Decryption extends PHPUnit_Framework_TestCase {
$this->oneSymmetric("hello", "PGP\n", "symmetric-3des.gpg");
}
/* TODO
public function testDecryptSessionKey() {
$this->oneSymmetric("hello", "PGP\n", "symmetric-with-session-key.gpg");
}
*/
public function testDecryptNoMDC() {
$this->oneSymmetric("hello", "PGP\n", "symmetric-no-mdc.gpg");