Documentation is available at docsis_config.php
- <?php
- /**
- * DOCSIS Config Writer
- *
- * @author David Eder <david@eder.us>
- * @copyright 2004 David Eder
- * @package docsis_config
- * @version .3
- */
- /**
- */
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_common.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_class_of_service.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_classifier.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_phs.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_capabilities.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_flow.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_telephone.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_snmp_v3.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_baseline_privacy.php');
- require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'docsis_vendor.php');
- define('DOCSIS_DOWNSTREAM_FREQUENCY', 1);
- define('DOCSIS_UPSTREAM_CHANNEL_ID', 2);
- define('DOCSIS_NETWORK_ACCESS', 3);
- define('DOCSIS_CM_MIC', 6);
- define('DOCSIS_CMTS_MIC', 7);
- define('DOCSIS_SOFTWARE_UPGRADE_FILENAME', 9);
- define('DOCSIS_SNMP_WRITE_CONTROL', 10);
- define('DOCSIS_SNMP_MIB_OBJECT', 11);
- define('DOCSIS_MODEM_ADDRESS', 12);
- define('DOCSIS_SERVICES_NOT_AVAILABLE', 13);
- define('DOCSIS_CPE_ETHERNET', 14);
- define('DOCSIS_MAX_CPES', 18);
- define('DOCSIS_TFTP_TIMESTAMP', 19);
- define('DOCSIS_TFTP_ADDRESS', 20);
- define('DOCSIS_SOFTWARE_TFTP_ADDRESS', 21);
- define('DOCSIS_HMAC_DIGEST', 27);
- define('DOCSIS_MAX_CLASSIFIERS', 28);
- define('DOCSIS_PRIVACY_ENABLE', 29);
- define('DOCSIS_AUTHORIZATION_BLOCK', 30);
- define('DOCSIS_KEY_SEQUENCE', 31);
- define('DOCSIS_MFG_CVC_DATA', 32);
- define('DOCSIS_COS_CVC_DATA', 33);
- define('DOCSIS_MTA_CONFIG_DELIMITER', 254);
- define('DOCSIS_SUBSCRIBER_MANAGEMENT', 35);
- define('DOCSIS_SUBSCRIBER_MANAGEMENT_CPE_IP', 36);
- define('DOCSIS_SUBSCRIBER_MANAGEMENT_FILTER', 37);
- define('DOCSIS_COSIGNER_CODE_CERTIFICATE', 33);
- define('DOCSIS_2_ENABLE', 39);
- /**
- * DOCSIS Config Writer
- *
- * @package docsis_config
- */
- class docsis_config extends docsis_encoder_complex
- {
- /**
- * Constructor
- *
- * @param int $code docsis code
- * @param array predefined values
- */
- function docsis_config($code=0, $value=array())
- {
- parent::docsis_encoder_complex($code, $value);
- $this->set_network_access(1);
- }
- /**
- * Set Downstream Frequency Configuration - docsis 1.0, 1.1
- *
- * The receive frequency to be used by the CM. It is an override for the channel selected during scanning.
- *
- * @param int $value in Hz must be a multiple of 62500.
- */
- function set_downstream_frequency($value)
- {
- if($value < 88000000 || $value > 860000000) trigger_error('Downstream Frequency must be 88000000 to 860000000', E_USER_WARNING);
- if($value % 62500 != 0) trigger_error('Downstream Frequency must be a multiple of 62500', E_USER_WARNING);
- $this->value[DOCSIS_DOWNSTREAM_FREQUENCY] = new docsis_encoder_uint(DOCSIS_DOWNSTREAM_FREQUENCY, $value);
- }
- /**
- * Set Upstream Channel ID - docsis 1.0, 1.1
- *
- * The upstream channel ID which the CM must use. The CM must listen on the defined downstream channel until an upstream channel description
- * message with this ID is found. It is an override for the channel selected during initialization.
- *
- * @param int $value channel ID
- */
- function set_upstream_channel_id($value)
- {
- $this->value[DOCSIS_UPSTREAM_CHANNEL_ID] = new docsis_encoder_uchar(DOCSIS_UPSTREAM_CHANNEL_ID, $value);
- }
- /**
- * Set Network Access - docsis 1.0, 1.1
- *
- * If $value is 1, CPE attached to this CM are allowed to access the network, based on CM provisioning. If the value is 0, the CM must not forward
- * traffic from attached CPE to the RF MAC network, but must continue to accept and generate traffic from the CM itself. The value of this field
- * does not affect CMTS service flow operation and does not affect CMTS data forwarding operation.
- *
- * Note: The intent of "NACO=0" is that the CM does not forward traffic from any attached CPE onto the cable network. (A CPE is any client device
- * attached to the CM, regardless of how the attachment is implemented.) However, with "NACO=0", management traffic to the CM is not restricted.
- * Specifically, with NACO off, the CM remains manageable, including sending/receiving management traffice such as (but not limited to):
- *
- * <ul>
- * <li>ARP: allow the modem to resolve IP addresses, so it can respond to queries or send traps.</li>
- * <li>DHCP: allow the modem to renew its IP address lease.</li>
- * <li>ICPM: allow network troubleshooting for tools such as "ping" and "traceroute."</li>
- * <li>ToD: allow the modem to continue to synchronize its clock after boot.</li>
- * <li>TFTP: allow the modem to download either a new configuration file or a new software image.</li>
- * <li>SYSLOG: allow the modem to report network events.</li>
- * <li>SNMP: allow management activity.</li>
- * </ul>
- *
- * In DOCSIS v1.1, with NACO off, the primary upstream and primary downstream service flows of the CM remain operational only for management
- * traffic to and from the CM. With respect to DOCSIS v1.1 provisioning, a CMTS should ignore the NACO value and allocate any service flows
- * that have been authorized by the provisioning server.
- *
- * @param boolean $value
- */
- function set_network_access($value)
- {
- if($value < 0 || $value > 1) trigger_error('Network Access must be 0 or 1', E_USER_WARNING);
- $this->value[DOCSIS_NETWORK_ACCESS] = new docsis_encoder_uchar(DOCSIS_NETWORK_ACCESS, $value);
- }
- /**
- * Add a Class of Service - docsis 1.0
- *
- * @param docis_class_of_service $value
- */
- function add_class_of_service($value)
- {
- // todo: must be a docis_class_of_service
- $this->value[DOCSIS_CLASS_OF_SERVICE][] = $value;
- }
- /**
- * Maximum Number of CPEs - docsis 1.0, 1.1
- *
- * The maximum number of CPEs that can be granted access through a CM during a CM epoch. The CM epoch is the time between startup and hard reset
- * of the modem. The maximum number of CPEs must be enforced by the CM.
- *
- * Note: This parameter should not be confused with the number of CPE addresses a CM may learn. A modem may learn Ethernet MAC addresses up to
- * its maximum number of CPE addresses. The maximum number of CPEs that are granted access through the modemis governed by this configuration
- * setting.
- *
- * The non-existance, or the value 0, must be intrepreted as the default value of 1.
- */
- function set_max_cpes($value)
- {
- if($value < 1 || $value > 254) trigger_error('Max CPEs must be 1 to 254', E_USER_WARNING);
- $this->value[DOCSIS_MAX_CPES] = new docsis_encoder_uchar(DOCSIS_MAX_CPES, $value);
- }
- /**
- * Set TFTP Server Timestamp - docsis 1.0, 1.1
- *
- * The sending time of the configuration file in seconds. The purpose of this parameter is to prevent replay attacks with old configuation files.
- *
- * @param int $value in seconds
- */
- function set_tftp_timestamp($value)
- {
- $this->value[DOCSIS_TFTP_TIMESTAMP] = new docsis_encoder_uint(DOCSIS_TFTP_TIMESTAMP, $value);
- }
- /**
- * Set TFTP Server Provisioned Modem Address - docsis 1.0, 1.1
- *
- * The IP address of the modem requesting the configuration. The purpose of this parameter is to prevent IP spoofing during registration.
- *
- * @param string $value ip address of modem
- */
- function set_tftp_address($value)
- {
- $this->value[DOCSIS_TFTP_ADDRESS] = new docsis_encoder_ip(DOCSIS_TFTP_ADDRESS, $value);
- }
- /**
- * Set Upstream Packet Classifier - docsis 1.1
- *
- * @param docsis_packet_classifier $value
- */
- function set_upstream_packet_classifier($value)
- {
- // todo: must be a docsis_packet_classifier
- $this->value[DOCSIS_UPSTREAM_PACKET_CLASSIFIER] = $value;
- }
- /**
- * Set Downstream Packet Classifier - docsis 1.1
- *
- * @param docsis_packet_classifier $value
- */
- function set_downstream_packet_classifier($value)
- {
- // todo: must be a docsis_packet_classifier
- $this->value[DOCSIS_DOWNSTREAM_PACKET_CLASSIFIER] = $value;
- }
- /**
- * Add Upstream Service Flow - docsis 1.1
- *
- * @param docsis_flow_up $value
- */
- function add_upstream_flow($value)
- {
- // todo: must be a docsis_flow_up
- $this->value[DOCSIS_FLOW_UP][] = $value;
- }
- /**
- * Add Downstream Service Flow - docsis 1.1
- *
- * @param docsis_flow_down $value
- */
- function add_downstream_flow($value)
- {
- // todo: must be a docsis_flow_down
- $this->value[DOCSIS_FLOW_DOWN][] = $value;
- }
- /**
- * Set Payload Header Suppression - docsis 1.1
- *
- * @param docsis_payload_header_suppression $value
- */
- function set_payload_header_suppression($value)
- {
- // todo: must be a docsis_payload_header_suppression
- $this->value[DOCSIS_PAYLOAD_HEADER_SUPPRESSION] = $value;
- }
- /**
- * Set Maximum Number of Classifiers - docsis 1.1
- *
- * This is the maximum number of Classifiers associated with admitted or active upstream Service Flows that the CM is allowed to have. Both
- * active and inactive Classifiers are included in this count.
- *
- * This is useful when using deferred activation of provisioned resources. The number of provisioned Service Flows may be high and each
- * Service Flow might support multiple Classifiers. Provisioning represents the set of Service Flows the CM can choose between. The CMTS
- * can control the QoS resources committed to the CM by limiting the number of Service Flows that are admitted. However, it may still be
- * desirable to limit the number of Classifiers associated with the committed QoS resources. This parameter provides that limit.
- *
- * @param int $value
- */
- function set_max_classifiers($value)
- {
- $this->value[DOCSIS_MAX_CLASSIFIERS] = new docsis_encoder_ushort(DOCSIS_MAX_CLASSIFIERS, $value);
- }
- /**
- * Set Privacy Enable - docsis 1.1
- *
- * This configuation setting enables/disables Baseline Privacy on the Primary Service Flow and all other Service Flows for this CM. If a
- * DOCSIS 1.1 CM receives this setting in a configuration file, the CM is required to forward this setting as part of the registration
- * request regardless of whether the configuration file is DOCSIS 1.1-style or not while this setting is usually contained only in a
- * DOCSIS 1.1 Service Flow TLVs.
- */
- function set_privacy_enable($value)
- {
- if($value < 0 || $value > 1) trigger_error('Privacy must be 0 or 1', E_USER_WARNING);
- $this->value[DOCSIS_PRIVACY_ENABLE] = new docsis_encoder_uchar(DOCSIS_PRIVACY_ENABLE, $value);
- }
- /**
- * Add Vendor-Specific Information - docsis 1.0, 1.1
- *
- * @param docsis_vendor $value
- */
- function add_vendor($value)
- {
- // todo: must be a docsis_vendor
- $this->value[DOCSIS_VENDOR][] = $value;
- }
- /**
- * Set Subscriber Management Control - docsis 1.1
- *
- * @param int $max_cpe number of IP addresses permitted behind the CM.
- * @param boolean $active
- * @param boolean $learnable
- */
- function set_subscriber_management_control($max_cpe, $active, $learnable)
- {
- if($max_cpe < 0 || $max_cpe > 1023) trigger_error('MAX CPE must be 0 to 1023', E_USER_WARNING);
- if($active < 0 || $active > 1) trigger_error('Active must be 0 or 1', E_USER_WARNING);
- if($learnable < 0 || $learnable > 1) trigger_error('Learnable must be 0 or 1', E_USER_WARNING);
- $this->value[DOCSIS_SUBSCRIBER_MANAGEMENT] = new docsis_encoder_string(chr($max_cpe / 256) . chr($max_cpe % 256) . chr($active+2*$learnable));
- }
- /**
- * Set Subscriber Management CPE IP Table - docsis 1.1
- *
- * @param array $value IP addresses
- */
- function set_subscriber_management_cpe_list($value)
- {
- $content = '';
- foreach($value as $ip)
- {
- foreach(explode('.', $ip) as $ch)
- $content .= chr($ch);
- }
- $this->value[DOCSIS_SUBSCRIBER_MANAGEMENT_CPE_IP] = new docsis_encoder_string(DOCSIS_SUBSCRIBER_MANAGEMENT_CPE_IP, $content);
- }
- /**
- * Set Subscriber Management Filter Groups - docsis 1.1
- *
- * The Subscriber Management MIB allows filter groups to be assigned to a CM and CPE attached to that CM. These include two CM filter groups,
- * upstream and downstream, and two CPE filter groups, upstream and downstream.
- *
- * @param int $subfilter_down
- * @param int $subfilter_up
- * @param int $cmfilter_down
- * @param int $cmfilter_up
- */
- function set_subscriber_management_filter($subfilter_down, $subfilter_up, $cmfilter_down, $cmfilter_up)
- {
- $a = intval($subfilter_down / 256);
- $b = $subfilter_down - $a * 256;
- $value = chr($a) . chr($b);
- $a = intval($subfilter_up / 256);
- $b = $subfilter_up - $a * 256;
- $value .= chr($a) . chr($b);
- $a = intval($cmfilter_down / 256);
- $b = $cmfilter_down - $a * 256;
- $value .= chr($a) . chr($b);
- $a = intval($cmfilter_up / 256);
- $b = $cmfilter_up - $a * 256;
- $value .= chr($a) . chr($b);
- $this->value[DOCSIS_SUBSCRIBER_MANAGEMENT_FILTER] = new docsis_encoder_string(DOCSIS_SUBSCRIBER_MANAGEMENT_FILTER, $value);
- }
- /**
- * Set Software Upgrade Filename - docsis 1.0, 1.1
- *
- * @param string $value the fully qualified diretory-path name on the TFTP server.
- */
- function set_software_upgrade_filename($value)
- {
- $this->value[DOCSIS_SOFTWARE_UPGRADE_FILENAME] = new docsis_encoder_string(DOCSIS_SOFTWARE_UPGRADE_FILENAME, $value);
- }
- /**
- * Add SNMP Write-Access Control - docsis 1.0, 1.1
- *
- * This object makes it possible to disable SNMP "Set" access to individual MIB objets. Each instance of this object controls access to all of
- * the writeable MIB objects whose Object ID (OID) prefix matches.
- *
- * Any OID prefix may be used. The Null OID 0.0 may be used to control access to all MIB objects. (The OID 1.3.6.1 wil have the same effect.)
- *
- * @param string $oid
- * @param boolean $control
- */
- function add_snmp_write_control($oid, $control)
- {
- if($control < 0 || $control > 1) trigger_error('Control must be 0 or 1', E_USER_WARNING);
- $oid = new docsis_encoder_oid($oid);
- $oid = substr($oid->encode(), 2);
- $this->value[DOCSIS_SNMP_WRITE_CONTROL][] = chr(DOCSIS_SNMP_WRITE_CONTROL) . chr(strlen($oid) + 1) . $oid . chr($control);
- }
- /**
- * Add SNMP MIB Object - docsis 1.0, 1.1
- *
- * This object allows arbtrary SNMP MIB objects to be Set via the TFTP-Registration process.
- *
- * The cable modem must treat this object as if it were part of an SNMP Set Request with the following caveats:
- * <ul>
- * <li>The CM must treat the request as fully authorized (it cannot refuse the request for lack of privilege).</li>
- * <li>SNMP Write-Control provisions do not apply</li>
- * <li>No SNMP response is generated by the CM.</li>
- * </ul>
- *
- * All such Sets must be treated as simultaneous.
- *
- * Example values:
- * <ul>
- * <li>$value = new rfc1155_Integer($value);</li>
- * <li>$value = new rfc1155_Counter($value);</li>
- * <li>$value = new rfc1155_Guage($value);</li>
- * <li>$value = new rfc1155_TimeTicks($value);</li>
- * <li>$value = new rfc1155_OctetString(hexbin($value)); // hex string</li>
- * <li>$value = new rfc1155_OctetString($value);</li>
- * <li>$value = new rfc1155_IPAddress($value);</li>
- * <li>$value = new rfc1155_ObjectID($value);</li>
- * </ul>
- *
- * @param string $oid
- * @param rfc1155_Asn1Object $value
- */
- function add_snmp_object($oid, $value)
- {
- // must be a rfc1157_VarBind
- $varbind = new rfc1157_VarBind(new rfc1155_ObjectID($oid), $value);
- $varbind = $varbind->encode();
- if(strlen($varbind) > 255)
- trigger_error('VARBIND must not exceed 255 bytes', E_USER_WARNING);
- $this->value[DOCSIS_SNMP_MIB_OBJECT][] = new docsis_encoder_string(DOCSIS_SNMP_MIB_OBJECT, $varbind);
- }
- /**
- * Add CPE Ethernet MAC Address - docsis 1.0, 1.1
- *
- * @param string $value
- */
- function add_cpe_ethernet($value)
- {
- $this->value[DOCSIS_CPE_ETHERNET][] = new docsis_encoder_mac(DOCSIS_CPE_ETHERNET, $value);
- }
- /**
- * Set Software Upgrade TFTP Server - docsis 1.0, 1.1
- *
- * @param string $ip address of the TFTP server, on which the software upgrade file for the CM resides.
- */
- function set_tftp_upgrade_address($ip)
- {
- $this->value[DOCSIS_SOFTWARE_TFTP_ADDRESS] = new docsis_encoder_ip(DOCSIS_SOFTWARE_TFTP_ADDRESS, $ip);
- }
- /**
- * Set SNMP V3 Kickstart - docsis 1.1
- *
- * @param docsis_snmp_v3_kickstart $value
- */
- function set_snmp_v3_kickstart($value)
- {
- // todo: must be a docsis_snmp_v3_kickstart
- $this->value[DOCSIS_SNMP_V3_KICKSTART] = $value;
- }
- /**
- * Add Manufacturer Code Verification Certificate - docsis 1.1
- *
- * The Manufaturer's Code Verification Cerrificat (M-CVC) for Secure Software Downloading. The CM config must contain this
- * M-CVC and/or C-CVC in order to allow 1.1 compliant CM to download the code file from TFTP server regardless the CM is
- * provisioned to run with BPI,BPI+, or none of them.
- *
- * @param string $value
- */
- function add_mfg_cvc_data($value)
- {
- if(strlen($value) < 255)
- $this->value[DOCSIS_MFG_CVC_DATA] = new docsis_encoder(DOCSIS_MFG_CVC_DATA, $value);
- else
- {
- $this->value[DOCSIS_MFG_CVC_DATA] = array();
- for($i = 0; $i < strlen($value); $i += 254)
- $this->value[DOCSIS_MFG_CVC_DATA][] = new docsis_encoder(DOCSIS_MFG_CVC_DATA, substr($value, $i, 254));
- }
- }
- /**
- * Add Co-signer Code Verification Certificate - docsis 1.1
- *
- * The Co-signer's Code Verification Cerrificat (C-CVC) for Secure Software Downloading. The CM config must contain this C-CVC and/or M-CVC
- * in order to allow 1.1 compliant CM to download the code file from TFTP server regardless the CM is provisioned to run with BPI,BPI+, or
- * none of them.
- *
- * @param string $value
- */
- function add_cos_cvc_data($value)
- {
- if(strlen($value) < 255)
- $this->value[DOCSIS_COS_CVC_DATA] = new docsis_encoder_hex_string(DOCSIS_COS_CVC_DATA, $value);
- else
- {
- $this->value[DOCSIS_MFG_CVC_DATA] = array();
- foreach(chunk_split($value, 254) as $v)
- $this->value[DOCSIS_COS_CVC_DATA] = new docsis_encoder_hex_string(DOCSIS_COS_CVC_DATA, $v);
- }
- }
- /**
- * Add SNMP v3 Trap (Notification Receiver) - docsis 1.1
- *
- * @param docsis_snmp_v3_trap $value
- */
- function set_snmp_v3_trap($value)
- {
- // todo: must be a docsis_snmp_v3_trap
- $this->value[DOCSIS_SNMP_V3_TRAP] = $value;
- }
- /**
- * Set Modem Capabilities - docsis 1.0, 1.1
- *
- * @param docis_capabilities $value
- */
- function set_modem_capabilities($value)
- {
- // todo: must be a docis_capabilities
- $this->value[DOCSIS_CAPABILITIES] = $value;
- }
- /**
- * Set Modem IP Address - docsis 1.0, 1.1
- *
- * For backwards compatibility with DOCSIS v1.0. Replace by 'TFTP Server Provisioned Modem Address'.
- *
- * @param string $ip
- */
- function set_modem_address($ip)
- {
- $this->value[DOCSIS_MODEM_ADDRESS] = new docsis_encoder_ip(DOCSIS_MODEM_ADDRESS, $ip);
- }
- /**
- * Add Service Not Available Response - docsis 1.0, 1.1
- *
- * This configuration setting must be included in the Registration Response message if the CMTS is unable or unwilling to grant any of the
- * requested classes of service that appeared in the Registration Request. Although the value applies only to the failed service class,
- * the entire Registration Request must be considered to have failed (none of the class-of-service configuration settings are granted).
- *
- * Confirmation codes:
- * <ul>
- * <li><b>reject-major-service-flow-error (200)</b> indicates that the REQ message did not have either SFR or SFID in a service flow
- * encoding, and that service flow major errors were the only major errors.</li>
- * <li><b>reject-major-classifier-error (201)</b> indicates that the REQ message did not hava a classifier refernece, or did not have
- * both a classifier ID and a Service Flow ID, and that the classifier major errors were the only major errors.</li>
- * <li><b>reject-major-PHS-rule-error (202)</b> indicates that the REQ message did not have both a Service Flow Reference/Identifier
- * and a Classifier Reference/Identifier, and that PHS rule major errors where the only major errors.</li>
- * <li><b>reject-mulitple-major-errors (203)</b> indicates that the REQ message contained multiple major errors of type 200, 201, 202.</li>
- * <li><b>reject-message-syntax-error (204)</b> indicates that the REQ message contained syntax errors resulting in a parsing failture.</li>
- * <li><b>reject-primary-service-flow-error (205)</b> indicates that a REG-REQ or REG-RSP message did not define a required primary
- * Service Flow, or a required primary Service Flow was not activated.</li>
- * <li><b>reject-message-too-big (206)</b> is used when the length of the message needed to respond exceeds the maximum allowed
- * message size.</li>
- * <li><b>reject-invalid-modem-capabilities (207)</b> indicates that the REG-REQ contained either that an invalid combination of modem
- * capabilities or modem capabilities that are inconsistent with the services in REG-REQ.</li>
- * </ul>
- *
- * @param int $class_id the class-of-service from the request which is not available.
- * @param int $type the specified class-of-service object within the class which caused the request to be rejected.
- * @param int $code the confirmation code.
- */
- function add_service_na($class_id, $type, $code)
- {
- if($class_id < 0 || $class_id > 255) trigger_error('Class ID must be 0 to 255', E_USER_WARNING);
- if($type < 0 || $type > 255) trigger_error('Type must be 0 to 255', E_USER_WARNING);
- if($code < 0 || $code > 255) trigger_error('Code must be 0 to 255', E_USER_WARNING);
- $this->value[DOCSIS_SERVICES_NOT_AVAILABLE][] = new docsis_encoder_string(DOCSIS_SERVICES_NOT_AVAILABLE, chr($class_id) . chr($type) . chr($code));
- }
- /**
- * Set HMAC-Digest
- *
- * The HMAC-Digest setting is a keyed message digest. If privacy is enabled, the HMAC-Digents Attribute must be the final Attribute in the
- * Dynamic Service message's Attribute list. The message digest is performed over all of the Dynamic Service parameters (starting
- * immediately after the MAC Management Message Header and up to, but not including the HMAC Digest setting), other than the HMAC-Digest, in
- * the order in which they appear within the packet.
- *
- * This parameter contains a keyed hash used for message authentication. The HMAC algorithm is defined in RFC2104. The HMAC algorithm is specified
- * using a cryptographic hash algorithm. Baseline Privacy uses a particular version of HMAC that employs the Secure Hash Algorithm (SHA-1).
- *
- * @param string $value
- */
- function set_hmac_digest($value)
- {
- $this->value[DOCSIS_HMAC_DIGEST] = new docsis_encoder_hex_string(DOCSIS_HMAC_DIGEST, $value);
- }
- /**
- * Set Authorization Block
- *
- * @param string $value
- */
- function set_auth_block($value)
- {
- $this->value[DOCSIS_AUTHORIZATION_BLOCK] = new docsis_encoder_hex_string(DOCSIS_AUTHORIZATION_BLOCK, $value);
- }
- /**
- * Key Sequence Number
- *
- * This value shows the key sequence number of the BPI+ Authorizaion Key which is used to calculate the HMAC-Digest in case that the
- * Privacy is enabled.
- *
- * @param string $value
- */
- function set_key_sequence($value)
- {
- if($value < 0 || $value > 15) trigger_error('Key Sequence must be 0 to 15', E_USER_WARNING);
- $this->value[DOCSIS_HMAC_DIGEST] = new docsis_encoder_uchar(DOCSIS_HMAC_DIGEST, $value);
- }
- /* Set Telephone Settings - docsis 1.0
- *
- * @param docsis_telephone $value
- */
- function set_telephone($value)
- {
- // todo: must be a docsis_telephone
- $this->value[DOCSIS_TELEPHONE] = $value;
- }
- /* Set Baseline Privacy Settings - docsis 1.0
- *
- * @param docsis_baseline_privacy $value
- */
- function set_baseline_privacy($value)
- {
- // todo: must be a docsis_baseline_privacy
- $this->value[DOCSIS_BASELINE_PRIVACY] = $value;
- }
- function set_mta_config_delimiter($value)
- {
- if($value < 1 || $value > 255) trigger_error('MTA Config Delimiter must be 1 to 255', E_USER_WARNING);
- $this->value[DOCSIS_MTA_CONFIG_DELIMITER] = new docsis_encoder_uchar(DOCSIS_MTA_CONFIG_DELIMITER, $value);
- }
- function set_docsis_2_enable($value)
- {
- if($value < 0 || $value > 1) trigger_error('DOCSIS 2 Enable must be 0 or 1', E_USER_WARNING);
- $this->value[DOCSIS_2_ENABLE] = new docsis_encoder_uchar(DOCSIS_2_ENABLE, $value);
- }
- function encode($key='')
- {
- if(isset($this->value[DOCSIS_CM_MIC])) unset($this->value[DOCSIS_CM_MIC]);
- if(isset($this->value[DOCSIS_CMTS_MIC])) unset($this->value[DOCSIS_CMTS_MIC]);
- $binary = substr(parent::encode(), 2);
- $cm_mic = $this->get_cm_mic();
- $cmts_mic = $this->get_cmts_mic($key);
- $binary = $binary . $cm_mic->encode() . $cmts_mic->encode() . chr(255);
- if(strlen($binary) % 4)
- $binary .= str_repeat(chr(0), 4 - (strlen($binary) % 4));
- return $binary;
- }
- function get_cm_mic()
- {
- if(isset($this->value[DOCSIS_CM_MIC])) unset($this->value[DOCSIS_CM_MIC]);
- if(isset($this->value[DOCSIS_CMTS_MIC])) unset($this->value[DOCSIS_CMTS_MIC]);
- $this->value[DOCSIS_CM_MIC] = new docsis_encoder_hex_string(DOCSIS_CM_MIC, md5(substr(parent::encode(), 2)));
- return $this->value[DOCSIS_CM_MIC];
- }
- function get_cmts_mic($key)
- {
- $this->get_cm_mic();
- $content = '';
- foreach(array(DOCSIS_DOWNSTREAM_FREQUENCY, DOCSIS_UPSTREAM_CHANNEL_ID, DOCSIS_NETWORK_ACCESS, DOCSIS_CLASS_OF_SERVICE,
- DOCSIS_BASELINE_PRIVACY, DOCSIS_VENDOR, DOCSIS_CM_MIC, DOCSIS_MAX_CPES, DOCSIS_TFTP_TIMESTAMP, DOCSIS_TFTP_ADDRESS,
- DOCSIS_UPSTREAM_PACKET_CLASSIFIER, DOCSIS_DOWNSTREAM_PACKET_CLASSIFIER, DOCSIS_FLOW_UP,
- DOCSIS_FLOW_DOWN, DOCSIS_MAX_CLASSIFIERS, DOCSIS_PRIVACY_ENABLE, DOCSIS_PAYLOAD_HEADER_SUPPRESSION,
- DOCSIS_SUBSCRIBER_MANAGEMENT, DOCSIS_SUBSCRIBER_MANAGEMENT_CPE_IP, DOCSIS_SUBSCRIBER_MANAGEMENT_FILTER) as $code)
- {
- if(isset($this->value[$code]))
- {
- $obj = $this->value[$code];
- if(is_array($obj))
- {
- foreach($obj as $o)
- $content .= $o->encode();
- }
- else
- $content .= $obj->encode();
- }
- }
- $this->value[DOCSIS_CMTS_MIC] = new docsis_encoder_hex_string(DOCSIS_CMTS_MIC, $this->keyedMD5($content, $key));
- return $this->value[DOCSIS_CMTS_MIC];
- }
- function keyedMD5($data, $key) // rfc 2104
- {
- $innerText = str_pad($key, 64, chr(0)) ^ str_repeat(chr(0x36), 64);
- $innerHash = pack('H*', md5($innerText . $data));
- return md5((str_pad($key, 64, chr(0)) ^ str_repeat(chr(0x5c), 64)) . $innerHash);
- }
- }
- ?>
Documentation generated on Mon, 14 Nov 2005 18:00:02 -0700 by phpDocumentor 1.3.0RC3