2 /** @package php-gpg */
\r
4 /** require supporting files */
\r
5 require_once("GPG/Expanded_Key.php");
\r
6 require_once("GPG/Public_Key.php");
\r
7 require_once("GPG/AES.php");
\r
8 require_once("GPG/globals.php");
\r
11 * Pure PHP implementation of PHP/GPG encryption.
\r
12 * Supports RSA, DSA public key length of 2,4,8,16,512,1024,2048 or 4096
\r
13 * Currently supports only encrypt
\r
15 * @package php-gpg::Encryption
\r
16 * @link http://www.verysimple.com/
\r
17 * @copyright 1997-2012 VerySimple, Inc.
\r
18 * @license http://www.gnu.org/licenses/gpl.html GPL
\r
19 * @todo implement decryption
\r
23 * require_once 'libs/GPG.php';
\r
25 * $pub_key = new GPG_Public_Key($public_key_ascii);
\r
26 * $encrypted = $gpg->encrypt($pub_key,$plain_text_string);
\r
31 private $width = 16;
\r
32 private $el = array(3, 5, 9, 17, 513, 1025, 2049, 4097);
\r
33 private $version = "1.4.7";
\r
35 private function gpg_encrypt($key, $text) {
\r
38 $len = strlen($text);
\r
39 $iblock = array_fill(0, $this->width, 0);
\r
40 $rblock = array_fill(0, $this->width, 0);
\r
41 $ct = array_fill(0, $this->width + 2, 0);
\r
45 if($len % $this->width) {
\r
46 for($i = ($len % $this->width); $i < $this->width; $i++) $text .= "\0";
\r
49 $ekey = new Expanded_Key($key);
\r
51 for($i = 0; $i < $this->width; $i++) {
\r
53 $rblock[$i] = GPG_Utility::c_random();
\r
57 $iblock = GPG_AES::encrypt($iblock, $ekey);
\r
58 for($i = 0; $i < $this->width; $i++) {
\r
59 $ct[$i] = ($iblock[$i] ^= $rblock[$i]);
\r
62 $iblock = GPG_AES::encrypt($iblock, $ekey);
\r
63 $ct[$this->width] = ($iblock[0] ^ $rblock[$this->width - 2]);
\r
64 $ct[$this->width + 1] = ($iblock[1] ^ $rblock[$this->width - 1]);
\r
66 for($i = 0; $i < $this->width + 2; $i++) $cipher .= chr($ct[$i]);
\r
68 $iblock = array_slice($ct, 2, $this->width + 2);
\r
70 for($n = 0; $n < strlen($text); $n += $this->width) {
\r
71 $iblock = GPG_AES::encrypt($iblock, $ekey);
\r
72 for($i = 0; $i < $this->width; $i++) {
\r
73 $iblock[$i] ^= ord($text[$n + $i]);
\r
74 $cipher .= chr($iblock[$i]);
\r
78 return substr($cipher, 0, $len + $this->width + 2);
\r
81 private function gpg_header($tag, $len)
\r
87 } else if ($len < 0x10000) {
\r
90 $h .= $this->writeNumber($len, 2);
\r
94 $h .= $this->writeNumber($len, 4);
\r
99 private function writeNumber($n, $bytes)
\r
101 // credits for this function go to OpenPGP.js
\r
103 for ($i = 0; $i < $bytes; $i++) {
\r
104 $b .= chr(($n >> (8 * ($bytes - $i - 1))) & 0xff);
\r
109 private function gpg_session($key_id, $key_type, $session_key, $public_key)
\r
116 $s = base64_decode($public_key);
\r
117 $l = floor((ord($s[0]) * 256 + ord($s[1]) + 7) / 8);
\r
118 $mod = mpi2b(substr($s, 0, $l + 2));
\r
125 $l2 = floor((ord($s[$l + 2]) * 256 + ord($s[$l + 3]) + 7) / 8) + 2;
\r
126 $grp = mpi2b(substr($s, $l + 2, $l2));
\r
127 $y = mpi2b(substr($s, $l + 2 + $l2));
\r
128 $exp[0] = $this->el[GPG_Utility::c_random() & 7];
\r
129 $B = bmodexp($grp, $exp, $mod);
\r
130 $C = bmodexp($y, $exp, $mod);
\r
132 $exp = mpi2b(substr($s, $l + 2));
\r
136 $lsk = strlen($session_key);
\r
137 for($i = 0; $i < $lsk; $i++) $c += ord($session_key[$i]);
\r
140 $lm = ($l - 2) * 8 + 2;
\r
141 $m = chr($lm / 256) . chr($lm % 256) .
\r
142 chr(2) . GPG_Utility::s_random($l - $lsk - 6, 1) . "\0" .
\r
143 chr(7) . $session_key .
\r
144 chr($c / 256) . chr($c & 0xff);
\r
147 $enc = b2mpi($B) . b2mpi(bmod(bmul(mpi2b($m), $C), $mod));
\r
148 return $this->gpg_header(0x84,strlen($enc) + 10) .
\r
149 chr(3) . $key_id . chr(16) . $enc;
\r
151 $enc = b2mpi(bmodexp(mpi2b($m), $exp, $mod));
\r
152 return $this->gpg_header(0x84, strlen($enc) + 10) .
\r
153 chr(3) . $key_id . chr(1) . $enc;
\r
157 private function gpg_literal($text)
\r
159 if (strpos($text, "\r\n") === false)
\r
160 $text = str_replace("\n", "\r\n", $text);
\r
163 $this->gpg_header(0xac, strlen($text) + 10) . "t" .
\r
164 chr(4) . "file\0\0\0\0" . $text;
\r
167 private function gpg_data($key, $text)
\r
169 $enc = $this->gpg_encrypt($key, $this->gpg_literal($text));
\r
170 return $this->gpg_header(0xa4, strlen($enc)) . $enc;
\r
174 * GPG Encypts a message to the provided public key
\r
176 * @param GPG_Public_Key $pk
\r
177 * @param string $plaintext
\r
178 * @return string encrypted text
\r
180 function encrypt($pk, $plaintext)
\r
182 // normalize the public key
\r
183 $key_id = $pk->GetKeyId();
\r
184 $key_type = $pk->GetKeyType();
\r
185 $public_key = $pk->GetPublicKey();
\r
187 $session_key = GPG_Utility::s_random($this->width, 0);
\r
188 $key_id = GPG_Utility::hex2bin($key_id);
\r
189 $cp = $this->gpg_session($key_id, $key_type, $session_key, $public_key) .
\r
190 $this->gpg_data($session_key, $plaintext);
\r
192 $code = base64_encode($cp);
\r
193 $code = wordwrap($code, 64, "\n", 1);
\r
196 "-----BEGIN PGP MESSAGE-----\nVersion: VerySimple PHP-GPG v".$this->version."\n\n" .
\r
197 $code . "\n=" . base64_encode(GPG_Utility::crc24($cp)) .
\r
198 "\n-----END PGP MESSAGE-----\n";
\r