includes/diffiehellman.php
author Dan
Thu, 17 Dec 2009 04:27:50 -0500
changeset 1168 277a9cdead3e
parent 1081 745200a9cc2a
child 1227 bdac73ed481e
permissions -rw-r--r--
Namespace_Default: added a workaround for an inconsistency in SQL. Basically, if you join the same table multiple times under multiple aliases, COUNT() always uses the first instance. Was affecting the comment counter in the "discussion" button.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     1
<?php
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     2
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     3
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     4
 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
1081
745200a9cc2a Fixed some upgrade bugs; added support for choosing one's own date/time formats; rebrand as 1.1.7
Dan
parents: 1080
diff changeset
     5
 * Copyright (C) 2006-2009 Dan Fuhry
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     6
 * diffiehellman.php - Diffie Hellman key exchange and supporting functions
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     7
 *
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     8
 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
     9
 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    10
 *
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    11
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    12
 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    13
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    14
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    15
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    16
 * The Diffie-Hellman key exchange protocol
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    17
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    18
507
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    19
global $dh_supported;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    20
$dh_supported = true;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    21
try
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    22
{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    23
  $GLOBALS['_math'] = enanomath_create();
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    24
}
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    25
catch ( Exception $e )
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    26
{
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    27
  $dh_supported = false;
586fd7d3202d Fixed some stray version numbers (again!); added support for Diffie-Hellman logins in the normal login form (not AJAX) - even works in IE
Dan
parents: 467
diff changeset
    28
}
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    29
// Our prime number as a base for operations.
712
331e009416d5 SECURITY: Changed Diffie-Hellman parameters to prime and generator created through OpenSSL
Dan
parents: 685
diff changeset
    30
$GLOBALS['dh_prime'] = '7916586051748534588306961133067968196965257961415756656521818848750723547477673457670019632882524164647651492025728980571833579341743988603191694784406703';
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    31
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    32
// g, a primitive root used as an exponent
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    33
// (2 and 5 are acceptable, but BigInt is faster with odd numbers)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    34
$GLOBALS['dh_g'] = '5';
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    35
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    36
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    37
 * Generates a Diffie-Hellman private key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    38
 * @return string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    39
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    40
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    41
function dh_gen_private()
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    42
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    43
  global $_math;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    44
  return $_math->random(256);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    45
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    46
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    47
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    48
 * Calculates the public key from the private key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    49
 * @param string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    50
 * @return string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    51
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    52
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    53
function dh_gen_public($b)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    54
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    55
  global $_math, $dh_g, $dh_prime;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    56
  return $_math->powmod($dh_g, $b, $dh_prime);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    57
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    58
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    59
/**
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    60
 * Calculates the shared secret.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    61
 * @param string(BigInt) Our private key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    62
 * @param string(BigInt) Remote party's public key
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    63
 * @return string(BigInt)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    64
 */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    65
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    66
function dh_gen_shared_secret($a, $B)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    67
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    68
  global $_math, $dh_g, $dh_prime;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    69
  return $_math->powmod($B, $a, $dh_prime);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    70
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    71
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    72
/*
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    73
SHA-256 algorithm - ported from Javascript
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    74
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    75
Copyright (c) 2003-2004, Angel Marin
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    76
All rights reserved.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    77
Portions copyright (c) 2008 Dan Fuhry.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    78
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    79
Redistribution and use in source and binary forms, with or without modification,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    80
are permitted provided that the following conditions are met:
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    81
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    82
 * Redistributions of source code must retain the above copyright notice, this
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    83
   list of conditions and the following disclaimer.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    84
 * Redistributions in binary form must reproduce the above copyright notice,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    85
   this list of conditions and the following disclaimer in the documentation
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    86
   and/or other materials provided with the distribution.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    87
 * Neither the name of the <ORGANIZATION> nor the names of its contributors may
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    88
   be used to endorse or promote products derived from this software without
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    89
   specific prior written permission.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    90
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    91
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    92
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    93
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    94
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    95
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    96
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    97
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    98
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
    99
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   100
OF THE POSSIBILITY OF SUCH DAMAGE.
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   101
*/
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   102
class SHA256
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   103
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   104
  var $chrsz = 8;  /* bits per input character. 8 - ASCII; 16 - Unicode  */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   105
  
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   106
  function safe_add ($x, $y) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   107
    $lsw = ($x & 0xFFFF) + ($y & 0xFFFF);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   108
    $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16);
1030
23959360dcfd SHA256: Fixed broken hashes on 64-bit PHP
Dan
parents: 801
diff changeset
   109
    // 2009-07-02 Added & 0xFFFFFFFF here to fix problem on PHP w/ native 64-bit integer support (rev. 1030)
23959360dcfd SHA256: Fixed broken hashes on 64-bit PHP
Dan
parents: 801
diff changeset
   110
    return (($msw << 16) | ($lsw & 0xFFFF)) & 0xFFFFFFFF;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   111
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   112
  function rshz($X, $n)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   113
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   114
    // equivalent to $X >>> $n in javascript
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   115
    // pulled from http://www.tapouillo.com/firefox_extension/sourcecode.txt, public domain
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   116
    $z = hexdec(80000000); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   117
    if ($z & $X) 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   118
    { 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   119
        $X = ($X>>1); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   120
        $X &= (~$z); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   121
        $X |= 0x40000000; 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   122
        $X = ($X>>($n-1)); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   123
    } 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   124
    else 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   125
    { 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   126
        $X = ($X>>$n); 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   127
    } 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   128
    return $X; 
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   129
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   130
  function S ($X, $n) {return ( $this->rshz($X, $n) ) | ($X << (32 - $n));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   131
  function R ($X, $n) {return ( $this->rshz($X, $n) );}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   132
  function Ch($x, $y, $z)  {return (($x & $y) ^ ((~$x) & $z));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   133
  function Maj($x, $y, $z) {return (($x & $y) ^ ($x & $z) ^ ($y & $z));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   134
  function Sigma0256($x) {return ($this->S($x, 2)  ^ $this->S($x, 13) ^ $this->S($x, 22));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   135
  function Sigma1256($x) {return ($this->S($x, 6)  ^ $this->S($x, 11) ^ $this->S($x, 25));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   136
  function Gamma0256($x) {return ($this->S($x, 7)  ^ $this->S($x, 18) ^ $this->R($x, 3));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   137
  function Gamma1256($x) {return ($this->S($x, 17) ^ $this->S($x, 19) ^ $this->R($x, 10));}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   138
  function core_sha256 ($m, $l) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   139
      $K = Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   140
      $HASH = Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   141
      $W = Array(64);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   142
      /* append padding */
1080
6358f769ecb1 Minor fix to SHA256: some indices were not being initted under some circumstances
Dan
parents: 1030
diff changeset
   143
      if ( !isset($m[$l >> 5]) )
6358f769ecb1 Minor fix to SHA256: some indices were not being initted under some circumstances
Dan
parents: 1030
diff changeset
   144
        $m[$l >> 5] = 0;
436
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   145
      $m[$l >> 5] |= 0x80 << (24 - $l % 32);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   146
      $m[(($l + 64 >> 9) << 4) + 15] = $l;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   147
      for ( $i = 0; $i<count($m); $i+=16 ) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   148
          $a = $HASH[0];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   149
          $b = $HASH[1];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   150
          $c = $HASH[2];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   151
          $d = $HASH[3];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   152
          $e = $HASH[4];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   153
          $f = $HASH[5];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   154
          $g = $HASH[6];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   155
          $h = $HASH[7];
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   156
          for ( $j = 0; $j<64; $j++)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   157
          {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   158
              if ( $j < 16 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   159
              {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   160
                $W[$j] = ( isset($m[$j + $i]) ) ? $m[$j + $i] : 0;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   161
              }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   162
              else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   163
              {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   164
                $W[$j] = $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   165
                  $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   166
                    $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   167
                      $this->Gamma1256($W[$j - 2]), $W[$j - 7]),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   168
                    $this->Gamma0256($W[$j - 15])),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   169
                  $W[$j - 16]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   170
              }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   171
              $T1 = $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   172
                $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   173
                  $this->safe_add(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   174
                    $this->safe_add($h, $this->Sigma1256($e)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   175
                      ),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   176
                    $this->Ch($e, $f, $g)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   177
                  $K[$j]),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   178
                $W[$j]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   179
              $T2 = $this->safe_add($this->Sigma0256($a), $this->Maj($a, $b, $c));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   180
              $h = $g;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   181
              $g = $f;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   182
              $f = $e;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   183
              $e = $this->safe_add($d, $T1);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   184
              $d = $c;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   185
              $c = $b;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   186
              $b = $a;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   187
              $a = $this->safe_add($T1, $T2);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   188
          }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   189
          $HASH[0] = $this->safe_add($a, $HASH[0]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   190
          $HASH[1] = $this->safe_add($b, $HASH[1]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   191
          $HASH[2] = $this->safe_add($c, $HASH[2]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   192
          $HASH[3] = $this->safe_add($d, $HASH[3]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   193
          $HASH[4] = $this->safe_add($e, $HASH[4]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   194
          $HASH[5] = $this->safe_add($f, $HASH[5]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   195
          $HASH[6] = $this->safe_add($g, $HASH[6]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   196
          $HASH[7] = $this->safe_add($h, $HASH[7]);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   197
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   198
      return $HASH;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   199
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   200
  function str2binb ($str) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   201
    $bin = Array();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   202
    for ( $i = 0; $i < strlen($str); $i++ )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   203
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   204
      $byte = ord($str{$i});
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   205
      $block = floor($i / 4);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   206
      $stage = $i % 4;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   207
      if ( $stage == 0 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   208
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   209
        $bin[$block] = $byte;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   210
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   211
      else
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   212
      {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   213
        $bin[$block] <<= 8;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   214
        $bin[$block] |= $byte;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   215
      }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   216
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   217
    while ( $stage < 3 )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   218
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   219
      $stage++;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   220
      $bin[$block] <<= 8;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   221
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   222
    return $bin;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   223
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   224
  function byte2hex($byte)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   225
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   226
    $b = dechex(ord($byte));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   227
    return ( strlen($b) < 2 ) ? "0$b" : $b;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   228
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   229
  function binb2hex ($binarray) {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   230
    $hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   231
    $hex_tab = $hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   232
    $str = "";
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   233
    foreach ( $binarray as $bytes )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   234
    {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   235
      $str .= implode('', array(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   236
          $this->byte2hex(chr(( $bytes >> 24 ) & 0xFF)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   237
          $this->byte2hex(chr(( $bytes >> 16 ) & 0xFF)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   238
          $this->byte2hex(chr(( $bytes >> 8 ) & 0xFF)),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   239
          $this->byte2hex(chr($bytes & 0xFF))
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   240
        ));
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   241
    }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   242
    return $str;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   243
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   244
  function hex_sha256 ( $s )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   245
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   246
    return $this->binb2hex(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   247
      $this->core_sha256(
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   248
        $this->str2binb($s),
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   249
        strlen($s) * $this->chrsz)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   250
      );
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   251
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   252
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   253
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   254
if ( !function_exists('sha256') )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   255
{
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   256
  function sha256($text)
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   257
  {
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   258
    static $sha_obj = false;
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   259
    if ( !is_object($sha_obj) )
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   260
      $sha_obj = new SHA256();
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   261
    return $sha_obj->hex_sha256($text);
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   262
  }
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   263
}
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   264
242353360e37 Added support for Diffie-Hellman key exchange during login. w00t!
Dan
parents:
diff changeset
   265
?>