Exemplo n.º 1
0
 function getHMAC($astrResponseData, $astrFileName, $astrMerchantID)
 {
     $strkey = $this->getKey($astrMerchantID, $astrFileName);
     $strhexkey = $this->hexstr($strkey);
     $hash = new Crypt_Hash('sha1');
     $hash->setKey($strhexkey);
     $digest = $hash->hash($astrResponseData);
     $cleardigest = $this->strhex($digest);
     return $cleardigest;
 }
Exemplo n.º 2
0
 protected function encrypt($plaintext)
 {
     if ($this->cipher == NULL) {
         $hash = new Crypt_Hash('md5');
         $hashed_key = bin2hex($hash->hash($this->application->encryption_key()));
         $this->cipher = new Crypt_AES(CRYPT_AES_MODE_CBC);
         $this->cipher->setKeyLength(256);
         $this->cipher->setKey($hashed_key);
     }
     $iv = "";
     for ($i = 0; $i < 8; $i++) {
         $iv .= chr(mt_rand(0, 255));
     }
     $iv = bin2hex($iv);
     $this->cipher->setIV($iv);
     return $iv . bin2hex($this->cipher->encrypt($plaintext));
 }
Exemplo n.º 3
0
 /**
  * DSA verify.
  *
  * @param string $message     Message.
  * @param string $hash_alg    Hash algorithm.
  * @param Math_BigInteger $r  r.
  * @param Math_BigInteger $s  s.
  *
  * @return bool  True if verified.
  */
 public function verify($message, $hash_alg, $r, $s)
 {
     $hash = new Crypt_Hash($hash_alg);
     $hash_m = new Math_BigInteger($hash->hash($message), 256);
     $g = new Math_BigInteger($this->_key->key['g'], 256);
     $p = new Math_BigInteger($this->_key->key['p'], 256);
     $q = new Math_BigInteger($this->_key->key['q'], 256);
     $y = new Math_BigInteger($this->_key->key['y'], 256);
     $w = $s->modInverse($q);
     $hash_m_mul = $hash_m->multiply($w);
     $u1_base = $hash_m_mul->divide($q);
     $u1 = $u1_base[1];
     $r_mul = $r->multiply($w);
     $u2_base = $r_mul->divide($q);
     $u2 = $u2_base[1];
     $g_pow = $g->modPow($u1, $p);
     $y_pow = $y->modPow($u2, $p);
     $g_pow_mul = $g_pow->multiply($y_pow);
     $g_pow_mul_mod_base = $g_pow_mul->divide($p);
     $g_pow_mul_mod = $g_pow_mul_mod_base[1];
     $v_base = $g_pow_mul_mod->divide($q);
     $v = $v_base[1];
     return $v->compare($r) == 0;
 }
Exemplo n.º 4
0
 /**
  * Sets the password.
  *
  * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
  *     {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}:
  *         $hash, $salt, $count, $dkLen
  *
  *         Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php
  *
  * Note: Could, but not must, extend by the child Crypt_* class
  *
  * @see Crypt/Hash.php
  * @param String $password
  * @param optional String $method
  * @access public
  */
 function setPassword($password, $method = 'pbkdf2')
 {
     $key = '';
     switch ($method) {
         default:
             // 'pbkdf2'
             $func_args = func_get_args();
             // Hash function
             $hash = isset($func_args[2]) ? $func_args[2] : 'sha1';
             // WPA and WPA2 use the SSID as the salt
             $salt = isset($func_args[3]) ? $func_args[3] : $this->password_default_salt;
             // RFC2898#section-4.2 uses 1,000 iterations by default
             // WPA and WPA2 use 4,096.
             $count = isset($func_args[4]) ? $func_args[4] : 1000;
             // Keylength
             $dkLen = isset($func_args[5]) ? $func_args[5] : $this->password_key_size;
             // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable
             switch (true) {
                 case !function_exists('hash_pbkdf2'):
                 case !function_exists('hash_algos'):
                 case !in_array($hash, hash_algos()):
                     if (!class_exists('Crypt_Hash')) {
                         require_once 'Crypt/Hash.php';
                     }
                     $i = 1;
                     while (strlen($key) < $dkLen) {
                         $hmac = new Crypt_Hash();
                         $hmac->setHash($hash);
                         $hmac->setKey($password);
                         $f = $u = $hmac->hash($salt . pack('N', $i++));
                         for ($j = 2; $j <= $count; ++$j) {
                             $u = $hmac->hash($u);
                             $f ^= $u;
                         }
                         $key .= $f;
                     }
                     $key = substr($key, 0, $dkLen);
                     break;
                 default:
                     $key = hash_pbkdf2($hash, $password, $salt, $count, $dkLen, true);
             }
     }
     $this->setKey($key);
 }
Exemplo n.º 5
0
 /**
  * Sets the password.
  *
  * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
  *     {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1:
  *         $hash, $salt, $count, $dkLen
  *
  *         Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php
  *
  * Note: Could, but not must, extend by the child Crypt_* class
  *
  * @see Crypt/Hash.php
  * @param String $password
  * @param optional String $method
  * @return Boolean
  * @access public
  */
 function setPassword($password, $method = 'pbkdf2')
 {
     $key = '';
     switch ($method) {
         default:
             // 'pbkdf2' or 'pbkdf1'
             $func_args = func_get_args();
             // Hash function
             $hash = isset($func_args[2]) ? $func_args[2] : 'sha1';
             // WPA and WPA2 use the SSID as the salt
             $salt = isset($func_args[3]) ? $func_args[3] : $this->password_default_salt;
             // RFC2898#section-4.2 uses 1,000 iterations by default
             // WPA and WPA2 use 4,096.
             $count = isset($func_args[4]) ? $func_args[4] : 1000;
             // Keylength
             if (isset($func_args[5])) {
                 $dkLen = $func_args[5];
             } else {
                 $dkLen = $method == 'pbkdf1' ? 2 * $this->password_key_size : $this->password_key_size;
             }
             switch (true) {
                 case $method == 'pbkdf1':
                     if (!class_exists('Crypt_Hash')) {
                         include_once 'Crypt/Hash.php';
                     }
                     $hashObj = new Crypt_Hash();
                     $hashObj->setHash($hash);
                     if ($dkLen > $hashObj->getLength()) {
                         user_error('Derived key too long');
                         return false;
                     }
                     $t = $password . $salt;
                     for ($i = 0; $i < $count; ++$i) {
                         $t = $hashObj->hash($t);
                     }
                     $key = substr($t, 0, $dkLen);
                     $this->setKey(substr($key, 0, $dkLen >> 1));
                     $this->setIV(substr($key, $dkLen >> 1));
                     return true;
                     // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable
                 // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable
                 case !function_exists('hash_pbkdf2'):
                 case !function_exists('hash_algos'):
                 case !in_array($hash, hash_algos()):
                     if (!class_exists('Crypt_Hash')) {
                         include_once 'Crypt/Hash.php';
                     }
                     $i = 1;
                     while (strlen($key) < $dkLen) {
                         $hmac = new Crypt_Hash();
                         $hmac->setHash($hash);
                         $hmac->setKey($password);
                         $f = $u = $hmac->hash($salt . pack('N', $i++));
                         for ($j = 2; $j <= $count; ++$j) {
                             $u = $hmac->hash($u);
                             $f ^= $u;
                         }
                         $key .= $f;
                     }
                     $key = substr($key, 0, $dkLen);
                     break;
                 default:
                     $key = hash_pbkdf2($hash, $password, $salt, $count, $dkLen, true);
             }
     }
     $this->setKey($key);
     return true;
 }
Exemplo n.º 6
0
 public function setPassword($password, $method = 'pbkdf2')
 {
     $key = '';
     list(, , $hash, $salt, $count) = func_get_args();
     if (!isset($hash)) {
         $hash = 'sha1';
     }
     if (!isset($salt)) {
         $salt = 'phpseclib';
     }
     if (!isset($count)) {
         $count = 1000;
     }
     if (!class_exists('Crypt_Hash')) {
         require_once 'Crypt/Hash.php';
     }
     $i = 1;
     while (strlen($key) < $this->key_size) {
         $hmac = new Crypt_Hash();
         $hmac->setHash($hash);
         $hmac->setKey($password);
         $f = $u = $hmac->hash($salt . pack('N', $i++));
         for ($j = 2; $j <= $count; $j++) {
             $u = $hmac->hash($u);
             $f ^= $u;
         }
         $key .= $f;
     }
     $this->setKey(substr($key, 0, $this->key_size));
 }
Exemplo n.º 7
0
 public function _emsa_pkcs1_v1_5_encode($m, $emLen)
 {
     $h = $this->hash->hash($m);
     if ($h === false) {
         return false;
     }
     switch ($this->hashName) {
         case 'md2':
             $t = pack('H*', '3020300c06082a864886f70d020205000410');
             break;
         case 'md5':
             $t = pack('H*', '3020300c06082a864886f70d020505000410');
             break;
         case 'sha1':
             $t = pack('H*', '3021300906052b0e03021a05000414');
             break;
         case 'sha256':
             $t = pack('H*', '3031300d060960864801650304020105000420');
             break;
         case 'sha384':
             $t = pack('H*', '3041300d060960864801650304020205000430');
             break;
         case 'sha512':
             $t = pack('H*', '3051300d060960864801650304020305000440');
     }
     $t .= $h;
     $tLen = strlen($t);
     if ($emLen < $tLen + 11) {
         user_error('Intended encoded message length too short');
         return false;
     }
     $ps = str_repeat(chr(255), $emLen - $tLen - 3);
     $em = '' . "" . '' . $ps . '' . "" . '' . $t;
     return $em;
 }
Exemplo n.º 8
0
 /**
  * EMSA-PKCS1-V1_5-ENCODE
  *
  * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}.
  *
  * @access private
  * @param String $m
  * @param Integer $emLen
  * @return String
  */
 function _emsa_pkcs1_v1_5_encode($m, $emLen)
 {
     $h = $this->hash->hash($m);
     if ($h === false) {
         return false;
     }
     // see http://tools.ietf.org/html/rfc3447#page-43
     switch ($this->hashName) {
         case 'md2':
             $t = pack('H*', '3020300c06082a864886f70d020205000410');
             break;
         case 'md5':
             $t = pack('H*', '3020300c06082a864886f70d020505000410');
             break;
         case 'sha1':
             $t = pack('H*', '3021300906052b0e03021a05000414');
             break;
         case 'sha256':
             $t = pack('H*', '3031300d060960864801650304020105000420');
             break;
         case 'sha384':
             $t = pack('H*', '3041300d060960864801650304020205000430');
             break;
         case 'sha512':
             $t = pack('H*', '3051300d060960864801650304020305000440');
     }
     $t .= $h;
     $tLen = strlen($t);
     if ($emLen < $tLen + 11) {
         user_error('Intended encoded message length too short', E_USER_NOTICE);
         return false;
     }
     $ps = str_repeat(chr(0xff), $emLen - $tLen - 3);
     $em = "{$ps}{$t}";
     return $em;
 }
Exemplo n.º 9
0
 private static final function getTokenTime($username, $url)
 {
     use_helper('Hash');
     $hash = new Crypt_Hash('sha256');
     $time = 0;
     if ($token = Record::findOneFrom('SecureToken', "username = ? AND url = ?", array($username, bin2hex($hash->hash($url))))) {
         $time = $token->time;
     }
     return $time;
 }
Exemplo n.º 10
0
 private function _bakeCookie($time, $user)
 {
     if (!$this->_validateObject($user, true)) {
         return false;
     }
     use_helper("Hash");
     $hash = new Crypt_Hash("sha256");
     $cookie = "exp=" . $time . "&id=" . $user->id . "&digest=" . bin2hex($hash->hash($user->username . $user->salt));
     return $cookie;
 }
Exemplo n.º 11
0
 /**
  *
  *
  */
 protected static function _hashBody($body, $method = 'sha1')
 {
     // prefer to use phpseclib
     // http://phpseclib.sourceforge.net
     if (class_exists('Crypt_Hash')) {
         $hash = new Crypt_Hash($method);
         return base64_encode($hash->hash($body));
     } else {
         // try standard PHP hash function
         return base64_encode(hash($method, $body, true));
     }
 }
Exemplo n.º 12
0
 /**
  * EMSA-PSS-VERIFY
  *
  * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}.
  *
  * @access private
  * @param String $m
  * @param String $em
  * @param Integer $emBits
  * @return String
  */
 function _emsa_pss_verify($m, $em, $emBits)
 {
     // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
     // be output.
     $emLen = $emBits + 1 >> 3;
     // ie. ceil($emBits / 8);
     $sLen = $this->sLen == false ? $this->hLen : $this->sLen;
     $mHash = $this->hash->hash($m);
     if ($emLen < $this->hLen + $sLen + 2) {
         return false;
     }
     if ($em[strlen($em) - 1] != chr(0xbc)) {
         return false;
     }
     $maskedDB = substr($em, 0, -$this->hLen - 1);
     $h = substr($em, -$this->hLen - 1, $this->hLen);
     $temp = chr(0xff << ($emBits & 7));
     if ((~$maskedDB[0] & $temp) != $temp) {
         return false;
     }
     $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
     $db = $maskedDB ^ $dbMask;
     $db[0] = ~chr(0xff << ($emBits & 7)) & $db[0];
     $temp = $emLen - $this->hLen - $sLen - 2;
     if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) {
         return false;
     }
     $salt = substr($db, $temp + 1);
     // should be $sLen long
     $m2 = "" . $mHash . $salt;
     $h2 = $this->hash->hash($m2);
     return $this->_equals($h, $h2);
 }
 private static final function getTokenTime($username, $url)
 {
     use_helper('Hash');
     $hash = new Crypt_Hash('sha256');
     $time = 0;
     $token = self::findOne(array('where' => 'username = :username AND url = :url', 'values' => array(':username' => $username, ':url' => bin2hex($hash->hash($url)))));
     if ($token) {
         $time = $token->time;
     }
     return $time;
 }
Exemplo n.º 14
0
 public function setPassword($password, $method)
 {
     $key = "";
     switch (1) {
         default:
             list(, , $hash, $salt, $count) = func_get_args();
             if (!$hash) {
                 $hash = "sha1";
             }
             if (!$salt) {
                 $salt = "phpseclib";
             }
             if (!$count) {
                 $count = 1000;
             }
             if (!class_exists("Crypt_Hash")) {
                 require_once "Crypt/Hash.php";
             }
             $i = 1;
             while (strlen($key) < $this->key_size) {
                 $hmac = new Crypt_Hash();
                 $hmac->setHash($hash);
                 $hmac->setKey($password);
                 $f = $u = $hmac->hash($salt . pack("N", $i++));
                 for ($j = 2; $j <= $count; $j++) {
                     $u = $hmac->hash($u);
                     $f ^= $u;
                 }
                 $key .= $f;
             }
     }
     $this->setKey(substr($key, 0, $this->key_size));
 }
Exemplo n.º 15
0
 /**
  * Generates a hashed version of a password.
  *
  * @see Hash Helper
  *
  * @param <type> $password
  * @param <type> $salt
  * @return <type>
  */
 public static final function generateHashedPassword($password, $salt)
 {
     use_helper('Hash');
     $hash = new Crypt_Hash('sha512');
     return bin2hex($hash->hash($password . $salt));
 }
Exemplo n.º 16
0
 /**
  * Global hashing function
  *
  * @param int    $algo   Hash algorithm to use
  * @param string $text   Text to hash
  * @param bool   $binary Binary or hexa output
  *
  * @return bool|string
  */
 static function hash($algo, $text, $binary = false)
 {
     $algos = array(self::MD2 => 'md2', self::MD5 => 'md5', self::MD5_96 => 'md5-96', self::SHA1 => 'sha1', self::SHA1_96 => 'sha1-96', self::SHA256 => 'sha256', self::SHA384 => 'sha384', self::SHA512 => 'sha512');
     if (array_key_exists($algo, $algos)) {
         $hash = new Crypt_Hash($algos[$algo]);
         $fingerprint = $hash->hash($text);
         if (!$binary) {
             $fingerprint = bin2hex($fingerprint);
         }
         return $fingerprint;
     }
     return false;
 }
Exemplo n.º 17
0
 function hash($string, $key)
 {
     $hash = new Crypt_Hash('sha512');
     $hash->setKey($key);
     return $hash->hash($string);
 }
Exemplo n.º 18
0
 /**
  * Sets the password.
  *
  * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
  *     {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}:
  *         $hash, $salt, $method
  *     Set $dkLen by calling setKeyLength()
  *
  * @param String $password
  * @param optional String $method
  * @access public
  */
 function setPassword($password, $method = 'pbkdf2')
 {
     $key = '';
     switch ($method) {
         default:
             // 'pbkdf2'
             list(, , $hash, $salt, $count) = func_get_args();
             if (!isset($hash)) {
                 $hash = 'sha1';
             }
             // WPA and WPA2 use the SSID as the salt
             if (!isset($salt)) {
                 $salt = 'phpseclib';
             }
             // RFC2898#section-4.2 uses 1,000 iterations by default
             // WPA and WPA2 use 4,096.
             if (!isset($count)) {
                 $count = 1000;
             }
             if (!class_exists('Crypt_Hash')) {
                 require_once 'Crypt/Hash.php';
             }
             $i = 1;
             while (strlen($key) < $this->key_size) {
                 // $dkLen == $this->key_size
                 //$dk.= $this->_pbkdf($password, $salt, $count, $i++);
                 $hmac = new Crypt_Hash();
                 $hmac->setHash($hash);
                 $hmac->setKey($password);
                 $f = $u = $hmac->hash($salt . pack('N', $i++));
                 for ($j = 2; $j <= $count; $j++) {
                     $u = $hmac->hash($u);
                     $f ^= $u;
                 }
                 $key .= $f;
             }
     }
     $this->setKey(substr($key, 0, $this->key_size));
 }
Exemplo n.º 19
0
 protected function assertHMACsTo(Crypt_Hash $hash, $key, $message, $expected)
 {
     $hash->setKey($key);
     $this->assertEquals(strtolower($expected), bin2hex($hash->hash($message)), sprintf("Failed asserting that '%s' HMACs to '%s' with key '%s'.", $message, $expected, $key));
 }
Exemplo n.º 20
0
 /**
  * Key Exchange
  *
  * @param String $kexinit_payload_server
  * @access private
  */
 function _key_exchange($kexinit_payload_server)
 {
     static $kex_algorithms = array('diffie-hellman-group1-sha1', 'diffie-hellman-group14-sha1');
     static $server_host_key_algorithms = array('ssh-rsa', 'ssh-dss');
     static $encryption_algorithms = false;
     if ($encryption_algorithms === false) {
         $encryption_algorithms = array('arcfour256', 'arcfour128', 'arcfour', 'aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'twofish128-ctr', 'twofish192-ctr', 'twofish256-ctr', 'aes128-cbc', 'aes192-cbc', 'aes256-cbc', 'twofish128-cbc', 'twofish192-cbc', 'twofish256-cbc', 'twofish-cbc', 'blowfish-ctr', 'blowfish-cbc', '3des-ctr', '3des-cbc', 'none');
         if (phpseclib_resolve_include_path('Crypt/RC4.php') === false) {
             $encryption_algorithms = array_diff($encryption_algorithms, array('arcfour256', 'arcfour128', 'arcfour'));
         }
         if (phpseclib_resolve_include_path('Crypt/Rijndael.php') === false) {
             $encryption_algorithms = array_diff($encryption_algorithms, array('aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', 'aes192-cbc', 'aes256-cbc'));
         }
         if (phpseclib_resolve_include_path('Crypt/Twofish.php') === false) {
             $encryption_algorithms = array_diff($encryption_algorithms, array('twofish128-ctr', 'twofish192-ctr', 'twofish256-ctr', 'twofish128-cbc', 'twofish192-cbc', 'twofish256-cbc', 'twofish-cbc'));
         }
         if (phpseclib_resolve_include_path('Crypt/Blowfish.php') === false) {
             $encryption_algorithms = array_diff($encryption_algorithms, array('blowfish-ctr', 'blowfish-cbc'));
         }
         if (phpseclib_resolve_include_path('Crypt/TripleDES.php') === false) {
             $encryption_algorithms = array_diff($encryption_algorithms, array('3des-ctr', '3des-cbc'));
         }
         $encryption_algorithms = array_values($encryption_algorithms);
     }
     $mac_algorithms = array('hmac-sha1-96', 'hmac-sha1', 'hmac-md5-96', 'hmac-md5', 'none');
     static $compression_algorithms = array('none');
     // some SSH servers have buggy implementations of some of the above algorithms
     switch ($this->server_identifier) {
         case 'SSH-2.0-SSHD':
             $mac_algorithms = array_values(array_diff($mac_algorithms, array('hmac-sha1-96', 'hmac-md5-96')));
     }
     static $str_kex_algorithms, $str_server_host_key_algorithms, $encryption_algorithms_server_to_client, $mac_algorithms_server_to_client, $compression_algorithms_server_to_client, $encryption_algorithms_client_to_server, $mac_algorithms_client_to_server, $compression_algorithms_client_to_server;
     if (empty($str_kex_algorithms)) {
         $str_kex_algorithms = implode(',', $kex_algorithms);
         $str_server_host_key_algorithms = implode(',', $server_host_key_algorithms);
         $encryption_algorithms_server_to_client = $encryption_algorithms_client_to_server = implode(',', $encryption_algorithms);
         $mac_algorithms_server_to_client = $mac_algorithms_client_to_server = implode(',', $mac_algorithms);
         $compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms);
     }
     $client_cookie = crypt_random_string(16);
     $response = $kexinit_payload_server;
     $this->_string_shift($response, 1);
     // skip past the message number (it should be SSH_MSG_KEXINIT)
     $server_cookie = $this->_string_shift($response, 16);
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
     extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1)));
     $first_kex_packet_follows = $first_kex_packet_follows != 0;
     // the sending of SSH2_MSG_KEXINIT could go in one of two places.  this is the second place.
     $kexinit_payload_client = pack('Ca*Na*Na*Na*Na*Na*Na*Na*Na*Na*Na*CN', NET_SSH2_MSG_KEXINIT, $client_cookie, strlen($str_kex_algorithms), $str_kex_algorithms, strlen($str_server_host_key_algorithms), $str_server_host_key_algorithms, strlen($encryption_algorithms_client_to_server), $encryption_algorithms_client_to_server, strlen($encryption_algorithms_server_to_client), $encryption_algorithms_server_to_client, strlen($mac_algorithms_client_to_server), $mac_algorithms_client_to_server, strlen($mac_algorithms_server_to_client), $mac_algorithms_server_to_client, strlen($compression_algorithms_client_to_server), $compression_algorithms_client_to_server, strlen($compression_algorithms_server_to_client), $compression_algorithms_server_to_client, 0, '', 0, '', 0, 0);
     if (!$this->_send_binary_packet($kexinit_payload_client)) {
         return false;
     }
     // here ends the second place.
     // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange
     for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_server_to_client); $i++) {
     }
     if ($i == count($encryption_algorithms)) {
         user_error('No compatible server to client encryption algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the
     // diffie-hellman key exchange as fast as possible
     $decrypt = $encryption_algorithms[$i];
     switch ($decrypt) {
         case '3des-cbc':
         case '3des-ctr':
             $decryptKeyLength = 24;
             // eg. 192 / 8
             break;
         case 'aes256-cbc':
         case 'aes256-ctr':
         case 'twofish-cbc':
         case 'twofish256-cbc':
         case 'twofish256-ctr':
             $decryptKeyLength = 32;
             // eg. 256 / 8
             break;
         case 'aes192-cbc':
         case 'aes192-ctr':
         case 'twofish192-cbc':
         case 'twofish192-ctr':
             $decryptKeyLength = 24;
             // eg. 192 / 8
             break;
         case 'aes128-cbc':
         case 'aes128-ctr':
         case 'twofish128-cbc':
         case 'twofish128-ctr':
         case 'blowfish-cbc':
         case 'blowfish-ctr':
             $decryptKeyLength = 16;
             // eg. 128 / 8
             break;
         case 'arcfour':
         case 'arcfour128':
             $decryptKeyLength = 16;
             // eg. 128 / 8
             break;
         case 'arcfour256':
             $decryptKeyLength = 32;
             // eg. 128 / 8
             break;
         case 'none':
             $decryptKeyLength = 0;
     }
     for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_client_to_server); $i++) {
     }
     if ($i == count($encryption_algorithms)) {
         user_error('No compatible client to server encryption algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     $encrypt = $encryption_algorithms[$i];
     switch ($encrypt) {
         case '3des-cbc':
         case '3des-ctr':
             $encryptKeyLength = 24;
             break;
         case 'aes256-cbc':
         case 'aes256-ctr':
         case 'twofish-cbc':
         case 'twofish256-cbc':
         case 'twofish256-ctr':
             $encryptKeyLength = 32;
             break;
         case 'aes192-cbc':
         case 'aes192-ctr':
         case 'twofish192-cbc':
         case 'twofish192-ctr':
             $encryptKeyLength = 24;
             break;
         case 'aes128-cbc':
         case 'aes128-ctr':
         case 'twofish128-cbc':
         case 'twofish128-ctr':
         case 'blowfish-cbc':
         case 'blowfish-ctr':
             $encryptKeyLength = 16;
             break;
         case 'arcfour':
         case 'arcfour128':
             $encryptKeyLength = 16;
             break;
         case 'arcfour256':
             $encryptKeyLength = 32;
             break;
         case 'none':
             $encryptKeyLength = 0;
     }
     $keyLength = $decryptKeyLength > $encryptKeyLength ? $decryptKeyLength : $encryptKeyLength;
     // through diffie-hellman key exchange a symmetric key is obtained
     for ($i = 0; $i < count($kex_algorithms) && !in_array($kex_algorithms[$i], $this->kex_algorithms); $i++) {
     }
     if ($i == count($kex_algorithms)) {
         user_error('No compatible key exchange algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     switch ($kex_algorithms[$i]) {
         // see http://tools.ietf.org/html/rfc2409#section-6.2 and
         // http://tools.ietf.org/html/rfc2412, appendex E
         case 'diffie-hellman-group1-sha1':
             $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
             break;
             // see http://tools.ietf.org/html/rfc3526#section-3
         // see http://tools.ietf.org/html/rfc3526#section-3
         case 'diffie-hellman-group14-sha1':
             $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF';
             break;
     }
     // For both diffie-hellman-group1-sha1 and diffie-hellman-group14-sha1
     // the generator field element is 2 (decimal) and the hash function is sha1.
     $g = new Math_BigInteger(2);
     $prime = new Math_BigInteger($prime, 16);
     $kexHash = new Crypt_Hash('sha1');
     //$q = $p->bitwise_rightShift(1);
     /* To increase the speed of the key exchange, both client and server may
                reduce the size of their private exponents.  It should be at least
                twice as long as the key material that is generated from the shared
                secret.  For more details, see the paper by van Oorschot and Wiener
                [VAN-OORSCHOT].
     
                -- http://tools.ietf.org/html/rfc4419#section-6.2 */
     $one = new Math_BigInteger(1);
     $keyLength = min($keyLength, $kexHash->getLength());
     $max = $one->bitwise_leftShift(16 * $keyLength);
     // 2 * 8 * $keyLength
     $max = $max->subtract($one);
     $x = $one->random($one, $max);
     $e = $g->modPow($x, $prime);
     $eBytes = $e->toBytes(true);
     $data = pack('CNa*', NET_SSH2_MSG_KEXDH_INIT, strlen($eBytes), $eBytes);
     if (!$this->_send_binary_packet($data)) {
         user_error('Connection closed by server');
         return false;
     }
     $response = $this->_get_binary_packet();
     if ($response === false) {
         user_error('Connection closed by server');
         return false;
     }
     extract(unpack('Ctype', $this->_string_shift($response, 1)));
     if ($type != NET_SSH2_MSG_KEXDH_REPLY) {
         user_error('Expected SSH_MSG_KEXDH_REPLY');
         return false;
     }
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']);
     $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
     $public_key_format = $this->_string_shift($server_public_host_key, $temp['length']);
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $fBytes = $this->_string_shift($response, $temp['length']);
     $f = new Math_BigInteger($fBytes, -256);
     $temp = unpack('Nlength', $this->_string_shift($response, 4));
     $this->signature = $this->_string_shift($response, $temp['length']);
     $temp = unpack('Nlength', $this->_string_shift($this->signature, 4));
     $this->signature_format = $this->_string_shift($this->signature, $temp['length']);
     $key = $f->modPow($x, $prime);
     $keyBytes = $key->toBytes(true);
     $this->exchange_hash = pack('Na*Na*Na*Na*Na*Na*Na*Na*', strlen($this->identifier), $this->identifier, strlen($this->server_identifier), $this->server_identifier, strlen($kexinit_payload_client), $kexinit_payload_client, strlen($kexinit_payload_server), $kexinit_payload_server, strlen($this->server_public_host_key), $this->server_public_host_key, strlen($eBytes), $eBytes, strlen($fBytes), $fBytes, strlen($keyBytes), $keyBytes);
     $this->exchange_hash = $kexHash->hash($this->exchange_hash);
     if ($this->session_id === false) {
         $this->session_id = $this->exchange_hash;
     }
     for ($i = 0; $i < count($server_host_key_algorithms) && !in_array($server_host_key_algorithms[$i], $this->server_host_key_algorithms); $i++) {
     }
     if ($i == count($server_host_key_algorithms)) {
         user_error('No compatible server host key algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     if ($public_key_format != $server_host_key_algorithms[$i] || $this->signature_format != $server_host_key_algorithms[$i]) {
         user_error('Server Host Key Algorithm Mismatch');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     $packet = pack('C', NET_SSH2_MSG_NEWKEYS);
     if (!$this->_send_binary_packet($packet)) {
         return false;
     }
     $response = $this->_get_binary_packet();
     if ($response === false) {
         user_error('Connection closed by server');
         return false;
     }
     extract(unpack('Ctype', $this->_string_shift($response, 1)));
     if ($type != NET_SSH2_MSG_NEWKEYS) {
         user_error('Expected SSH_MSG_NEWKEYS');
         return false;
     }
     switch ($encrypt) {
         case '3des-cbc':
             if (!class_exists('Crypt_TripleDES')) {
                 include_once 'Crypt/TripleDES.php';
             }
             $this->encrypt = new Crypt_TripleDES();
             // $this->encrypt_block_size = 64 / 8 == the default
             break;
         case '3des-ctr':
             if (!class_exists('Crypt_TripleDES')) {
                 include_once 'Crypt/TripleDES.php';
             }
             $this->encrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
             // $this->encrypt_block_size = 64 / 8 == the default
             break;
         case 'aes256-cbc':
         case 'aes192-cbc':
         case 'aes128-cbc':
             if (!class_exists('Crypt_Rijndael')) {
                 include_once 'Crypt/Rijndael.php';
             }
             $this->encrypt = new Crypt_Rijndael();
             $this->encrypt_block_size = 16;
             // eg. 128 / 8
             break;
         case 'aes256-ctr':
         case 'aes192-ctr':
         case 'aes128-ctr':
             if (!class_exists('Crypt_Rijndael')) {
                 include_once 'Crypt/Rijndael.php';
             }
             $this->encrypt = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CTR);
             $this->encrypt_block_size = 16;
             // eg. 128 / 8
             break;
         case 'blowfish-cbc':
             if (!class_exists('Crypt_Blowfish')) {
                 include_once 'Crypt/Blowfish.php';
             }
             $this->encrypt = new Crypt_Blowfish();
             $this->encrypt_block_size = 8;
             break;
         case 'blowfish-ctr':
             if (!class_exists('Crypt_Blowfish')) {
                 include_once 'Crypt/Blowfish.php';
             }
             $this->encrypt = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
             $this->encrypt_block_size = 8;
             break;
         case 'twofish128-cbc':
         case 'twofish192-cbc':
         case 'twofish256-cbc':
         case 'twofish-cbc':
             if (!class_exists('Crypt_Twofish')) {
                 include_once 'Crypt/Twofish.php';
             }
             $this->encrypt = new Crypt_Twofish();
             $this->encrypt_block_size = 16;
             break;
         case 'twofish128-ctr':
         case 'twofish192-ctr':
         case 'twofish256-ctr':
             if (!class_exists('Crypt_Twofish')) {
                 include_once 'Crypt/Twofish.php';
             }
             $this->encrypt = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
             $this->encrypt_block_size = 16;
             break;
         case 'arcfour':
         case 'arcfour128':
         case 'arcfour256':
             if (!class_exists('Crypt_RC4')) {
                 include_once 'Crypt/RC4.php';
             }
             $this->encrypt = new Crypt_RC4();
             break;
         case 'none':
             //$this->encrypt = new Crypt_Null();
     }
     switch ($decrypt) {
         case '3des-cbc':
             if (!class_exists('Crypt_TripleDES')) {
                 include_once 'Crypt/TripleDES.php';
             }
             $this->decrypt = new Crypt_TripleDES();
             break;
         case '3des-ctr':
             if (!class_exists('Crypt_TripleDES')) {
                 include_once 'Crypt/TripleDES.php';
             }
             $this->decrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
             break;
         case 'aes256-cbc':
         case 'aes192-cbc':
         case 'aes128-cbc':
             if (!class_exists('Crypt_Rijndael')) {
                 include_once 'Crypt/Rijndael.php';
             }
             $this->decrypt = new Crypt_Rijndael();
             $this->decrypt_block_size = 16;
             break;
         case 'aes256-ctr':
         case 'aes192-ctr':
         case 'aes128-ctr':
             if (!class_exists('Crypt_Rijndael')) {
                 include_once 'Crypt/Rijndael.php';
             }
             $this->decrypt = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CTR);
             $this->decrypt_block_size = 16;
             break;
         case 'blowfish-cbc':
             if (!class_exists('Crypt_Blowfish')) {
                 include_once 'Crypt/Blowfish.php';
             }
             $this->decrypt = new Crypt_Blowfish();
             $this->decrypt_block_size = 8;
             break;
         case 'blowfish-ctr':
             if (!class_exists('Crypt_Blowfish')) {
                 include_once 'Crypt/Blowfish.php';
             }
             $this->decrypt = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
             $this->decrypt_block_size = 8;
             break;
         case 'twofish128-cbc':
         case 'twofish192-cbc':
         case 'twofish256-cbc':
         case 'twofish-cbc':
             if (!class_exists('Crypt_Twofish')) {
                 include_once 'Crypt/Twofish.php';
             }
             $this->decrypt = new Crypt_Twofish();
             $this->decrypt_block_size = 16;
             break;
         case 'twofish128-ctr':
         case 'twofish192-ctr':
         case 'twofish256-ctr':
             if (!class_exists('Crypt_Twofish')) {
                 include_once 'Crypt/Twofish.php';
             }
             $this->decrypt = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
             $this->decrypt_block_size = 16;
             break;
         case 'arcfour':
         case 'arcfour128':
         case 'arcfour256':
             if (!class_exists('Crypt_RC4')) {
                 include_once 'Crypt/RC4.php';
             }
             $this->decrypt = new Crypt_RC4();
             break;
         case 'none':
             //$this->decrypt = new Crypt_Null();
     }
     $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes);
     if ($this->encrypt) {
         $this->encrypt->enableContinuousBuffer();
         $this->encrypt->disablePadding();
         $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id);
         while ($this->encrypt_block_size > strlen($iv)) {
             $iv .= $kexHash->hash($keyBytes . $this->exchange_hash . $iv);
         }
         $this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size));
         $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'C' . $this->session_id);
         while ($encryptKeyLength > strlen($key)) {
             $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key);
         }
         $this->encrypt->setKey(substr($key, 0, $encryptKeyLength));
     }
     if ($this->decrypt) {
         $this->decrypt->enableContinuousBuffer();
         $this->decrypt->disablePadding();
         $iv = $kexHash->hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id);
         while ($this->decrypt_block_size > strlen($iv)) {
             $iv .= $kexHash->hash($keyBytes . $this->exchange_hash . $iv);
         }
         $this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size));
         $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'D' . $this->session_id);
         while ($decryptKeyLength > strlen($key)) {
             $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key);
         }
         $this->decrypt->setKey(substr($key, 0, $decryptKeyLength));
     }
     /* The "arcfour128" algorithm is the RC4 cipher, as described in
                [SCHNEIER], using a 128-bit key.  The first 1536 bytes of keystream
                generated by the cipher MUST be discarded, and the first byte of the
                first encrypted packet MUST be encrypted using the 1537th byte of
                keystream.
     
                -- http://tools.ietf.org/html/rfc4345#section-4 */
     if ($encrypt == 'arcfour128' || $encrypt == 'arcfour256') {
         $this->encrypt->encrypt(str_repeat("", 1536));
     }
     if ($decrypt == 'arcfour128' || $decrypt == 'arcfour256') {
         $this->decrypt->decrypt(str_repeat("", 1536));
     }
     for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_client_to_server); $i++) {
     }
     if ($i == count($mac_algorithms)) {
         user_error('No compatible client to server message authentication algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     $createKeyLength = 0;
     // ie. $mac_algorithms[$i] == 'none'
     switch ($mac_algorithms[$i]) {
         case 'hmac-sha1':
             $this->hmac_create = new Crypt_Hash('sha1');
             $createKeyLength = 20;
             break;
         case 'hmac-sha1-96':
             $this->hmac_create = new Crypt_Hash('sha1-96');
             $createKeyLength = 20;
             break;
         case 'hmac-md5':
             $this->hmac_create = new Crypt_Hash('md5');
             $createKeyLength = 16;
             break;
         case 'hmac-md5-96':
             $this->hmac_create = new Crypt_Hash('md5-96');
             $createKeyLength = 16;
     }
     for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_server_to_client); $i++) {
     }
     if ($i == count($mac_algorithms)) {
         user_error('No compatible server to client message authentication algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     $checkKeyLength = 0;
     $this->hmac_size = 0;
     switch ($mac_algorithms[$i]) {
         case 'hmac-sha1':
             $this->hmac_check = new Crypt_Hash('sha1');
             $checkKeyLength = 20;
             $this->hmac_size = 20;
             break;
         case 'hmac-sha1-96':
             $this->hmac_check = new Crypt_Hash('sha1-96');
             $checkKeyLength = 20;
             $this->hmac_size = 12;
             break;
         case 'hmac-md5':
             $this->hmac_check = new Crypt_Hash('md5');
             $checkKeyLength = 16;
             $this->hmac_size = 16;
             break;
         case 'hmac-md5-96':
             $this->hmac_check = new Crypt_Hash('md5-96');
             $checkKeyLength = 16;
             $this->hmac_size = 12;
     }
     $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id);
     while ($createKeyLength > strlen($key)) {
         $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key);
     }
     $this->hmac_create->setKey(substr($key, 0, $createKeyLength));
     $key = $kexHash->hash($keyBytes . $this->exchange_hash . 'F' . $this->session_id);
     while ($checkKeyLength > strlen($key)) {
         $key .= $kexHash->hash($keyBytes . $this->exchange_hash . $key);
     }
     $this->hmac_check->setKey(substr($key, 0, $checkKeyLength));
     for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_server_to_client); $i++) {
     }
     if ($i == count($compression_algorithms)) {
         user_error('No compatible server to client compression algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     $this->decompress = $compression_algorithms[$i] == 'zlib';
     for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_client_to_server); $i++) {
     }
     if ($i == count($compression_algorithms)) {
         user_error('No compatible client to server compression algorithms found');
         return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
     }
     $this->compress = $compression_algorithms[$i] == 'zlib';
     return true;
 }
Exemplo n.º 21
0
 /**
  * Convert a private key to the appropriate format.
  *
  * @see setPrivateKeyFormat()
  *
  * @param String $RSAPrivateKey
  *
  * @return String
  */
 public function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
 {
     $num_primes = count($primes);
     $raw = array('version' => $num_primes == 2 ? chr(0) : chr(1), 'modulus' => $n->toBytes(true), 'publicExponent' => $e->toBytes(true), 'privateExponent' => $d->toBytes(true), 'prime1' => $primes[1]->toBytes(true), 'prime2' => $primes[2]->toBytes(true), 'exponent1' => $exponents[1]->toBytes(true), 'exponent2' => $exponents[2]->toBytes(true), 'coefficient' => $coefficients[2]->toBytes(true));
     // if the format in question does not support multi-prime rsa and multi-prime rsa was used,
     // call _convertPublicKey() instead.
     switch ($this->privateKeyFormat) {
         case CRYPT_RSA_PRIVATE_FORMAT_XML:
             if ($num_primes != 2) {
                 return false;
             }
             return "<RSAKeyValue>\r\n" . '  <Modulus>' . base64_encode($raw['modulus']) . "</Modulus>\r\n" . '  <Exponent>' . base64_encode($raw['publicExponent']) . "</Exponent>\r\n" . '  <P>' . base64_encode($raw['prime1']) . "</P>\r\n" . '  <Q>' . base64_encode($raw['prime2']) . "</Q>\r\n" . '  <DP>' . base64_encode($raw['exponent1']) . "</DP>\r\n" . '  <DQ>' . base64_encode($raw['exponent2']) . "</DQ>\r\n" . '  <InverseQ>' . base64_encode($raw['coefficient']) . "</InverseQ>\r\n" . '  <D>' . base64_encode($raw['privateExponent']) . "</D>\r\n" . '</RSAKeyValue>';
             break;
         case CRYPT_RSA_PRIVATE_FORMAT_PUTTY:
             if ($num_primes != 2) {
                 return false;
             }
             $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: ";
             $encryption = !empty($this->password) || is_string($this->password) ? 'aes256-cbc' : 'none';
             $key .= $encryption;
             $key .= "\r\nComment: " . $this->comment . "\r\n";
             $public = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']);
             $source = pack('Na*Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, strlen($this->comment), $this->comment, strlen($public), $public);
             $public = base64_encode($public);
             $key .= 'Public-Lines: ' . (strlen($public) + 32 >> 6) . "\r\n";
             $key .= chunk_split($public, 64);
             $private = pack('Na*Na*Na*Na*', strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'], strlen($raw['prime2']), $raw['prime2'], strlen($raw['coefficient']), $raw['coefficient']);
             if (empty($this->password) && !is_string($this->password)) {
                 $source .= pack('Na*', strlen($private), $private);
                 $hashkey = 'putty-private-key-file-mac-key';
             } else {
                 $private .= crypt_random_string(16 - (strlen($private) & 15));
                 $source .= pack('Na*', strlen($private), $private);
                 if (!class_exists('Crypt_AES')) {
                     require_once 'AES.php';
                 }
                 $sequence = 0;
                 $symkey = '';
                 while (strlen($symkey) < 32) {
                     $temp = pack('Na*', $sequence++, $this->password);
                     $symkey .= pack('H*', sha1($temp));
                 }
                 $symkey = substr($symkey, 0, 32);
                 $crypto = new Crypt_AES();
                 $crypto->setKey($symkey);
                 $crypto->disablePadding();
                 $private = $crypto->encrypt($private);
                 $hashkey = 'putty-private-key-file-mac-key' . $this->password;
             }
             $private = base64_encode($private);
             $key .= 'Private-Lines: ' . (strlen($private) + 32 >> 6) . "\r\n";
             $key .= chunk_split($private, 64);
             if (!class_exists('Crypt_Hash')) {
                 require_once 'Hash.php';
             }
             $hash = new Crypt_Hash('sha1');
             $hash->setKey(pack('H*', sha1($hashkey)));
             $key .= 'Private-MAC: ' . bin2hex($hash->hash($source)) . "\r\n";
             return $key;
         default:
             // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1
             $components = array();
             foreach ($raw as $name => $value) {
                 $components[$name] = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value);
             }
             $RSAPrivateKey = implode('', $components);
             if ($num_primes > 2) {
                 $OtherPrimeInfos = '';
                 for ($i = 3; $i <= $num_primes; ++$i) {
                     // OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
                     //
                     // OtherPrimeInfo ::= SEQUENCE {
                     //     prime             INTEGER,  -- ri
                     //     exponent          INTEGER,  -- di
                     //     coefficient       INTEGER   -- ti
                     // }
                     $OtherPrimeInfo = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
                     $OtherPrimeInfo .= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
                     $OtherPrimeInfo .= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
                     $OtherPrimeInfos .= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
                 }
                 $RSAPrivateKey .= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
             }
             $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
             if (!empty($this->password) || is_string($this->password)) {
                 $iv = crypt_random_string(8);
                 $symkey = pack('H*', md5($this->password . $iv));
                 // symkey is short for symmetric key
                 $symkey .= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
                 if (!class_exists('Crypt_TripleDES')) {
                     require_once 'TripleDES.php';
                 }
                 $des = new Crypt_TripleDES();
                 $des->setKey($symkey);
                 $des->setIV($iv);
                 $iv = strtoupper(bin2hex($iv));
                 $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . "Proc-Type: 4,ENCRYPTED\r\n" . "DEK-Info: DES-EDE3-CBC,{$iv}\r\n" . "\r\n" . chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) . '-----END RSA PRIVATE KEY-----';
             } else {
                 $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . chunk_split(base64_encode($RSAPrivateKey), 64) . '-----END RSA PRIVATE KEY-----';
             }
             return $RSAPrivateKey;
     }
 }