includes/diffiehellman.php
author Dan
Sun, 25 Jan 2009 20:35:06 -0500
changeset 823 4596c40aaa94
parent 801 eb8b23f11744
child 1030 23959360dcfd
permissions -rw-r--r--
AJAX core library: possible breaking change, readystatechange functions are now called with the XHR instance as the first parameter, to allow requests to run in parallel. This means much better stability but may break some applets (compatibility hack is included)
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     1
<?php
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     2
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     3
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     4
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
801
eb8b23f11744 Two big commits in one day I know, but redid password storage to use HMAC-SHA1. Consolidated much AES processing to three core methods in session that should handle everything automagically. Installation works; upgrades should. Rebranded as 1.1.6.
Dan
parents: 712
diff changeset
     5
 * Version 1.1.6 (Caoineag beta 1)
536
218a627eb53e Rebrand as 1.1.4 (Caoineag alpha 4)
Dan
parents: 507
diff changeset
     6
 * Copyright (C) 2006-2008 Dan Fuhry
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     7
 * diffiehellman.php - Diffie Hellman key exchange and supporting functions
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     8
 *
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     9
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    10
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    11
 *
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    12
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    13
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    14
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    15
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    16
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    17
 * The Diffie-Hellman key exchange protocol
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    18
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    19
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    20
global $dh_supported;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    21
$dh_supported = true;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    22
try
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    23
{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    24
  $GLOBALS['_math'] = enanomath_create();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    25
}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    26
catch ( Exception $e )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    27
{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    28
  $dh_supported = false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    29
}
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    30
// Our prime number as a base for operations.
712
331e009416d5 SECURITY: Changed Diffie-Hellman parameters to prime and generator created through OpenSSL
Dan
parents: 685
diff changeset
    31
$GLOBALS['dh_prime'] = '7916586051748534588306961133067968196965257961415756656521818848750723547477673457670019632882524164647651492025728980571833579341743988603191694784406703';
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    32
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    33
// g, a primitive root used as an exponent
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    34
// (2 and 5 are acceptable, but BigInt is faster with odd numbers)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    35
$GLOBALS['dh_g'] = '5';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    36
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    37
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    38
 * Generates a Diffie-Hellman private key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    39
 * @return string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    40
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    41
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    42
function dh_gen_private()
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    43
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    44
  global $_math;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    45
  return $_math->random(256);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    46
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    47
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    48
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    49
 * Calculates the public key from the private key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    50
 * @param string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    51
 * @return string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    52
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    53
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    54
function dh_gen_public($b)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    55
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    56
  global $_math, $dh_g, $dh_prime;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    57
  return $_math->powmod($dh_g, $b, $dh_prime);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    58
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    59
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    60
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    61
 * Calculates the shared secret.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    62
 * @param string(BigInt) Our private key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    63
 * @param string(BigInt) Remote party's public key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    64
 * @return string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    65
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    66
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    67
function dh_gen_shared_secret($a, $B)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    68
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    69
  global $_math, $dh_g, $dh_prime;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    70
  return $_math->powmod($B, $a, $dh_prime);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    71
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    72
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    73
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    74
SHA-256 algorithm - ported from Javascript
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    75
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    76
Copyright (c) 2003-2004, Angel Marin
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    77
All rights reserved.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    78
Portions copyright (c) 2008 Dan Fuhry.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    79
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    80
Redistribution and use in source and binary forms, with or without modification,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    81
are permitted provided that the following conditions are met:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    82
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    83
 * Redistributions of source code must retain the above copyright notice, this
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    84
   list of conditions and the following disclaimer.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    85
 * Redistributions in binary form must reproduce the above copyright notice,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    86
   this list of conditions and the following disclaimer in the documentation
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    87
   and/or other materials provided with the distribution.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    88
 * Neither the name of the <ORGANIZATION> nor the names of its contributors may
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    89
   be used to endorse or promote products derived from this software without
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    90
   specific prior written permission.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    91
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    92
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    93
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    94
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    95
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    96
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    97
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    98
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    99
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   100
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   101
OF THE POSSIBILITY OF SUCH DAMAGE.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   102
*/
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   103
class SHA256
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   104
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   105
  var $chrsz = 8;  /* bits per input character. 8 - ASCII; 16 - Unicode  */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   106
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   107
  function safe_add ($x, $y) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   108
    $lsw = ($x & 0xFFFF) + ($y & 0xFFFF);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   109
    $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   110
    return ($msw << 16) | ($lsw & 0xFFFF);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   111
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   112
  function rshz($X, $n)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   113
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   114
    // equivalent to $X >>> $n in javascript
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   115
    // pulled from http://www.tapouillo.com/firefox_extension/sourcecode.txt, public domain
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   116
    $z = hexdec(80000000); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   117
    if ($z & $X) 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   118
    { 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   119
        $X = ($X>>1); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   120
        $X &= (~$z); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   121
        $X |= 0x40000000; 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   122
        $X = ($X>>($n-1)); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   123
    } 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   124
    else 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   125
    { 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   126
        $X = ($X>>$n); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   127
    } 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   128
    return $X; 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   129
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   130
  function S ($X, $n) {return ( $this->rshz($X, $n) ) | ($X << (32 - $n));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   131
  function R ($X, $n) {return ( $this->rshz($X, $n) );}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   132
  function Ch($x, $y, $z)  {return (($x & $y) ^ ((~$x) & $z));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   133
  function Maj($x, $y, $z) {return (($x & $y) ^ ($x & $z) ^ ($y & $z));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   134
  function Sigma0256($x) {return ($this->S($x, 2)  ^ $this->S($x, 13) ^ $this->S($x, 22));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   135
  function Sigma1256($x) {return ($this->S($x, 6)  ^ $this->S($x, 11) ^ $this->S($x, 25));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   136
  function Gamma0256($x) {return ($this->S($x, 7)  ^ $this->S($x, 18) ^ $this->R($x, 3));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   137
  function Gamma1256($x) {return ($this->S($x, 17) ^ $this->S($x, 19) ^ $this->R($x, 10));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   138
  function core_sha256 ($m, $l) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   139
      $K = Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   140
      $HASH = Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   141
      $W = Array(64);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   142
      /* append padding */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   143
      $m[$l >> 5] |= 0x80 << (24 - $l % 32);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   144
      $m[(($l + 64 >> 9) << 4) + 15] = $l;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   145
      for ( $i = 0; $i<count($m); $i+=16 ) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   146
          $a = $HASH[0];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   147
          $b = $HASH[1];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   148
          $c = $HASH[2];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   149
          $d = $HASH[3];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   150
          $e = $HASH[4];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   151
          $f = $HASH[5];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   152
          $g = $HASH[6];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   153
          $h = $HASH[7];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   154
          for ( $j = 0; $j<64; $j++)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   155
          {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   156
              if ( $j < 16 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   157
              {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   158
                $W[$j] = ( isset($m[$j + $i]) ) ? $m[$j + $i] : 0;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   159
              }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   160
              else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   161
              {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   162
                $W[$j] = $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   163
                  $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   164
                    $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   165
                      $this->Gamma1256($W[$j - 2]), $W[$j - 7]),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   166
                    $this->Gamma0256($W[$j - 15])),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   167
                  $W[$j - 16]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   168
              }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   169
              $T1 = $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   170
                $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   171
                  $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   172
                    $this->safe_add($h, $this->Sigma1256($e)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   173
                      ),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   174
                    $this->Ch($e, $f, $g)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   175
                  $K[$j]),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   176
                $W[$j]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   177
              $T2 = $this->safe_add($this->Sigma0256($a), $this->Maj($a, $b, $c));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   178
              $h = $g;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   179
              $g = $f;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   180
              $f = $e;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   181
              $e = $this->safe_add($d, $T1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   182
              $d = $c;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   183
              $c = $b;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   184
              $b = $a;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   185
              $a = $this->safe_add($T1, $T2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   186
          }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   187
          $HASH[0] = $this->safe_add($a, $HASH[0]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   188
          $HASH[1] = $this->safe_add($b, $HASH[1]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   189
          $HASH[2] = $this->safe_add($c, $HASH[2]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   190
          $HASH[3] = $this->safe_add($d, $HASH[3]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   191
          $HASH[4] = $this->safe_add($e, $HASH[4]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   192
          $HASH[5] = $this->safe_add($f, $HASH[5]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   193
          $HASH[6] = $this->safe_add($g, $HASH[6]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   194
          $HASH[7] = $this->safe_add($h, $HASH[7]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   195
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   196
      return $HASH;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   197
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   198
  function str2binb ($str) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   199
    $bin = Array();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   200
    for ( $i = 0; $i < strlen($str); $i++ )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   201
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   202
      $byte = ord($str{$i});
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   203
      $block = floor($i / 4);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   204
      $stage = $i % 4;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   205
      if ( $stage == 0 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   206
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   207
        $bin[$block] = $byte;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   208
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   209
      else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   210
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   211
        $bin[$block] <<= 8;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   212
        $bin[$block] |= $byte;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   213
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   214
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   215
    while ( $stage < 3 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   216
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   217
      $stage++;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   218
      $bin[$block] <<= 8;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   219
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   220
    return $bin;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   221
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   222
  function byte2hex($byte)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   223
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   224
    $b = dechex(ord($byte));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   225
    return ( strlen($b) < 2 ) ? "0$b" : $b;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   226
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   227
  function binb2hex ($binarray) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   228
    $hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   229
    $hex_tab = $hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   230
    $str = "";
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   231
    foreach ( $binarray as $bytes )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   232
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   233
      $str .= implode('', array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   234
          $this->byte2hex(chr(( $bytes >> 24 ) & 0xFF)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   235
          $this->byte2hex(chr(( $bytes >> 16 ) & 0xFF)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   236
          $this->byte2hex(chr(( $bytes >> 8 ) & 0xFF)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   237
          $this->byte2hex(chr($bytes & 0xFF))
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   238
        ));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   239
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   240
    return $str;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   241
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   242
  function hex_sha256 ( $s )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   243
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   244
    return $this->binb2hex(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   245
      $this->core_sha256(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   246
        $this->str2binb($s),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   247
        strlen($s) * $this->chrsz)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   248
      );
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   249
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   250
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   251
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   252
if ( !function_exists('sha256') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   253
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   254
  function sha256($text)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   255
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   256
    static $sha_obj = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   257
    if ( !is_object($sha_obj) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   258
      $sha_obj = new SHA256();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   259
    return $sha_obj->hex_sha256($text);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   260
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   261
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   262
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   263
?>