Subversion Repositories Applications.annuaire

Rev

Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
42 aurelien 1
<?php
2
 
3
/**
4
 * The OpenID library's Diffie-Hellman implementation.
5
 *
6
 * PHP versions 4 and 5
7
 *
8
 * LICENSE: See the COPYING file included in this distribution.
9
 *
10
 * @access private
11
 * @package OpenID
12
 * @author JanRain, Inc. <openid@janrain.com>
13
 * @copyright 2005 Janrain, Inc.
14
 * @license http://www.gnu.org/copyleft/lesser.html LGPL
15
 */
16
 
17
require_once 'Auth/OpenID/BigMath.php';
18
require_once 'Auth/OpenID/HMACSHA1.php';
19
 
20
function Auth_OpenID_getDefaultMod()
21
{
22
    return '155172898181473697471232257763715539915724801'.
23
        '966915404479707795314057629378541917580651227423'.
24
        '698188993727816152646631438561595825688188889951'.
25
        '272158842675419950341258706556549803580104870537'.
26
        '681476726513255747040765857479291291572334510643'.
27
        '245094715007229621094194349783925984760375594985'.
28
        '848253359305585439638443';
29
}
30
 
31
function Auth_OpenID_getDefaultGen()
32
{
33
    return '2';
34
}
35
 
36
/**
37
 * The Diffie-Hellman key exchange class.  This class relies on
38
 * {@link Auth_OpenID_MathLibrary} to perform large number operations.
39
 *
40
 * @access private
41
 * @package OpenID
42
 */
43
class Auth_OpenID_DiffieHellman {
44
 
45
    var $mod;
46
    var $gen;
47
    var $private;
48
    var $lib = null;
49
 
50
    function Auth_OpenID_DiffieHellman($mod = null, $gen = null,
51
                                       $private = null, $lib = null)
52
    {
53
        if ($lib === null) {
54
            $this->lib =& Auth_OpenID_getMathLib();
55
        } else {
56
            $this->lib =& $lib;
57
        }
58
 
59
        if ($mod === null) {
60
            $this->mod = $this->lib->init(Auth_OpenID_getDefaultMod());
61
        } else {
62
            $this->mod = $mod;
63
        }
64
 
65
        if ($gen === null) {
66
            $this->gen = $this->lib->init(Auth_OpenID_getDefaultGen());
67
        } else {
68
            $this->gen = $gen;
69
        }
70
 
71
        if ($private === null) {
72
            $r = $this->lib->rand($this->mod);
73
            $this->private = $this->lib->add($r, 1);
74
        } else {
75
            $this->private = $private;
76
        }
77
 
78
        $this->public = $this->lib->powmod($this->gen, $this->private,
79
                                           $this->mod);
80
    }
81
 
82
    function getSharedSecret($composite)
83
    {
84
        return $this->lib->powmod($composite, $this->private, $this->mod);
85
    }
86
 
87
    function getPublicKey()
88
    {
89
        return $this->public;
90
    }
91
 
92
    /**
93
     * Generate the arguments for an OpenID Diffie-Hellman association
94
     * request
95
     */
96
    function getAssocArgs()
97
    {
98
        $cpub = $this->lib->longToBase64($this->getPublicKey());
99
        $args = array(
100
                      'openid.dh_consumer_public' => $cpub,
101
                      'openid.session_type' => 'DH-SHA1'
102
                      );
103
 
104
        if ($this->lib->cmp($this->mod, Auth_OpenID_getDefaultMod()) ||
105
            $this->lib->cmp($this->gen, Auth_OpenID_getDefaultGen())) {
106
            $args['openid.dh_modulus'] = $this->lib->longToBase64($this->mod);
107
            $args['openid.dh_gen'] = $this->lib->longToBase64($this->gen);
108
        }
109
 
110
        return $args;
111
    }
112
 
113
    function usingDefaultValues()
114
    {
115
        return ($this->mod == Auth_OpenID_getDefaultMod() &&
116
                $this->gen == Auth_OpenID_getDefaultGen());
117
    }
118
 
119
    /**
120
     * Perform the server side of the OpenID Diffie-Hellman association
121
     */
122
    function serverAssociate($consumer_args, $assoc_secret)
123
    {
124
        $lib =& Auth_OpenID_getMathLib();
125
 
126
        if (isset($consumer_args['openid.dh_modulus'])) {
127
            $mod = $lib->base64ToLong($consumer_args['openid.dh_modulus']);
128
        } else {
129
            $mod = null;
130
        }
131
 
132
        if (isset($consumer_args['openid.dh_gen'])) {
133
            $gen = $lib->base64ToLong($consumer_args['openid.dh_gen']);
134
        } else {
135
            $gen = null;
136
        }
137
 
138
        $cpub64 = @$consumer_args['openid.dh_consumer_public'];
139
        if (!isset($cpub64)) {
140
            return false;
141
        }
142
 
143
        $dh = new Auth_OpenID_DiffieHellman($mod, $gen);
144
        $cpub = $lib->base64ToLong($cpub64);
145
        $mac_key = $dh->xorSecret($cpub, $assoc_secret);
146
        $enc_mac_key = base64_encode($mac_key);
147
        $spub64 = $lib->longToBase64($dh->getPublicKey());
148
 
149
        $server_args = array(
150
                             'session_type' => 'DH-SHA1',
151
                             'dh_server_public' => $spub64,
152
                             'enc_mac_key' => $enc_mac_key
153
                             );
154
 
155
        return $server_args;
156
    }
157
 
158
    function consumerFinish($reply)
159
    {
160
        $spub = $this->lib->base64ToLong($reply['dh_server_public']);
161
        if ($this->lib->cmp($spub, 0) <= 0) {
162
            return false;
163
        }
164
        $enc_mac_key = base64_decode($reply['enc_mac_key']);
165
        return $this->xorSecret($spub, $enc_mac_key);
166
    }
167
 
168
    function xorSecret($composite, $secret)
169
    {
170
        $dh_shared = $this->getSharedSecret($composite);
171
        $dh_shared_str = $this->lib->longToBinary($dh_shared);
172
        $sha1_dh_shared = Auth_OpenID_SHA1($dh_shared_str);
173
 
174
        $xsecret = "";
175
        for ($i = 0; $i < strlen($secret); $i++) {
176
            $xsecret .= chr(ord($secret[$i]) ^ ord($sha1_dh_shared[$i]));
177
        }
178
 
179
        return $xsecret;
180
    }
181
}