/**
* XOR-sum function F.
*
* @param string $P
* @param string $S
* @param int $c
* @param int $i
* @return string
*/
protected function _f($P, $S, $c, $i)
{
// compute U_1
$U = $this->_prf->compute($P, $S . pack("N", $i));
$result = $U;
for ($x = 2; $x <= $c; ++$x) {
// U_x receives feedback from U_{x-1}
$U_x = $this->_prf->compute($P, $U);
// add to XOR-sum
$result ^= $U_x;
$U = $U_x;
}
return $result;
}
/**
* Get PBEScheme by algorithm identifier.
*
* @param PBEAlgorithmIdentifier $algo
* @param Crypto $crypto
* @throws \UnexpectedValueException
* @return self
*/
public static function fromAlgorithmIdentifier(PBEAlgorithmIdentifier $algo, Crypto $crypto)
{
if ($algo->oid() == AlgorithmIdentifier::OID_PBES2) {
if (!$algo instanceof PBES2AlgorithmIdentifier) {
throw new \UnexpectedValueException("Not a PBES2 algorithm.");
}
$prf = PRF::fromAlgorithmIdentifier($algo->kdfAlgorithmIdentifier()->prfAlgorithmIdentifier());
return new PBES2($prf, $algo->esAlgorithmIdentifier(), $algo->salt(), $algo->iterationCount(), $crypto);
}
switch ($algo->oid()) {
case AlgorithmIdentifier::OID_PBE_WITH_MD5_AND_DES_CBC:
return new PBES1(new MD5(), new DESCBCAlgorithmIdentifier(), $algo->salt(), $algo->iterationCount(), $crypto);
case AlgorithmIdentifier::OID_PBE_WITH_MD5_AND_RC2_CBC:
return new PBES1(new MD5(), new RC2CBCAlgorithmIdentifier(), $algo->salt(), $algo->iterationCount(), $crypto);
case AlgorithmIdentifier::OID_PBE_WITH_SHA1_AND_DES_CBC:
return new PBES1(new SHA1(), new DESCBCAlgorithmIdentifier(), $algo->salt(), $algo->iterationCount(), $crypto);
case AlgorithmIdentifier::OID_PBE_WITH_SHA1_AND_RC2_CBC:
return new PBES1(new SHA1(), new RC2CBCAlgorithmIdentifier(), $algo->salt(), $algo->iterationCount(), $crypto);
}
throw new \UnexpectedValueException("No encryption scheme for oid " . $algo->oid() . ".");
}
