diff -r a434d60e525d -r 242353360e37 includes/diffiehellman.php --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/includes/diffiehellman.php Wed Feb 20 14:38:39 2008 -0500 @@ -0,0 +1,450 @@ +32-bit integers. + */ + +class EnanoMath +{ + + var $api = 'gmp'; + var $limb = 16; + + function __construct() + { + /* + // big_int support is untested. + if ( extension_loaded('big_int') ) + { + $this->api = 'bigint'; + } + else + */ + if ( function_exists('gmp_init') ) + { + $this->api = 'gmp'; + } + else if ( function_exists('bcpow') ) + { + $this->api = 'bcmath'; + } + else + { + throw new Exception('dh_err_not_supported'); + } + } + + function powmod($base, $pow, $mod) + { + switch($this->api) + { + case 'bigint': + return ( pow($base, $pow) % $mod ); + break; + case 'gmp': + return ( function_exists('gmp_powm') ) ? gmp_powm($base, $pow, $mod) : gmp_mod(gmp_pow($base, $pow), $mod); + break; + case 'bcmath': + return ( function_exists('bcpowmod') ) ? bcpowmod($base, $pow, $mod) : bcmod( bcpow($base, $pow), $mod ); + break; + } + } + + function random($len) + { + switch($this->api) + { + case 'gmp': + return gmp_random($len); + break; + case 'bcmath': + return $this->_bcmath_random($len); + break; + case 'bigint': + return $this->_bigint_random($len); + break; + } + } + + function _bcmath_random($len) + { + $len = ( $this->limb / 2 ) * $len; + $chars = '0123456789abcdef'; + $ret = ''; + for ( $i = 0; $i < $len; $i++ ) + { + $chid = mt_rand ( 0, strlen($chars) - 1 ); + $chr = $chars{$chid}; + $ret .= $chr; + } + return $this->basecon($ret, 16, 10); + } + + function _bigint_random($len) + { + $len = ( $this->limb / 2 ) * $len; + $chars = '0123456789abcdef'; + $ret = ''; + for ( $i = 0; $i < $len; $i++ ) + { + $chid = mt_rand ( 0, strlen($chars) - 1 ); + $chr = $chars{$chid}; + $ret .= $chr; + } + return $this->basecon($ret, 16, 10); + } + + function basecon($int, $from, $to) + { + switch($this->api) + { + case 'gmp': + return gmp_strval(gmp_init($int, $from), $to); + break; + case 'bcmath': + return $this->_bcmath_baseconv($int, $from, $to); + break; + case 'bigint': + return base_convert($int, $from, $to); + break; + } + } + + function str($res, $base = 10) + { + switch($this->api) + { + case 'bigint': + case 'bcmath': + return strval($this->basecon($res, 10, $base)); + break; + case 'gmp': + return gmp_strval($res, $base); + break; + } + } + + function compare($v1, $v2) + { + switch($this->api) + { + case 'bigint': + return ( $v1 === $v2 ); + break; + case 'bcmath': + return ( bccomp($v1, $v2) === 0 ); + break; + case 'gmp': + return ( gmp_cmp($v1, $v2) === 0 ); + break; + } + } + + function _bcmath_baseconv($int, $from, $to) + { + if ( $from != 10 ) + $int = $this->_bcmath_base2dec($int, $from); + if ( $to != 10 ) + $int = $this->_bcmath_dec2base($int, $to); + return $int; + } + + // from us.php.net/bc: + // convert a decimal value to any other base value + function _bcmath_dec2base($dec,$base,$digits=FALSE) { + if($base<2 or $base>256) die("Invalid Base: ".$base); + bcscale(0); + $value=""; + if(!$digits) $digits=$this->_bcmath_digits($base); + while($dec>$base-1) { + $rest=bcmod($dec,$base); + $dec=bcdiv($dec,$base); + $value=$digits[$rest].$value; + } + $value=$digits[intval($dec)].$value; + return (string) $value; + } + + // convert another base value to its decimal value + function _bcmath_base2dec($value,$base,$digits=FALSE) { + if($base<2 or $base>256) die("Invalid Base: ".$base); + bcscale(0); + if($base<37) $value=strtolower($value); + if(!$digits) $digits=$this->_bcmath_digits($base); + $size=strlen($value); + $dec="0"; + for($loop=0;$loop<$size;$loop++) { + $element=strpos($digits,$value[$loop]); + $power=bcpow($base,$size-$loop-1); + $dec=bcadd($dec,bcmul($element,$power)); + } + return (string) $dec; + } + + function _bcmath_digits($base) { + if($base>64) { + $digits=""; + for($loop=0;$loop<256;$loop++) { + $digits.=chr($loop); + } + } else { + $digits ="0123456789abcdefghijklmnopqrstuvwxyz"; + $digits.="ABCDEFGHIJKLMNOPQRSTUVWXYZ-_"; + } + $digits=substr($digits,0,$base); + return (string) $digits; + } +} + +/** + * The Diffie-Hellman key exchange protocol + */ + +$GLOBALS['_math'] = new EnanoMath(); +// Our prime number as a base for operations. +$GLOBALS['dh_prime'] = '82818079787776757473727170696867666564636261605958575655545352515049484746454443424140393837363534333231302928272625242322212019181716151413121110987654321'; + +// g, a primitive root used as an exponent +// (2 and 5 are acceptable, but BigInt is faster with odd numbers) +$GLOBALS['dh_g'] = '5'; + +/** + * Generates a Diffie-Hellman private key + * @return string(BigInt) + */ + +function dh_gen_private() +{ + global $_math; + return $_math->random(256); +} + +/** + * Calculates the public key from the private key + * @param string(BigInt) + * @return string(BigInt) + */ + +function dh_gen_public($b) +{ + global $_math, $dh_g, $dh_prime; + return $_math->powmod($dh_g, $b, $dh_prime); +} + +/** + * Calculates the shared secret. + * @param string(BigInt) Our private key + * @param string(BigInt) Remote party's public key + * @return string(BigInt) + */ + +function dh_gen_shared_secret($a, $B) +{ + global $_math, $dh_g, $dh_prime; + return $_math->powmod($B, $a, $dh_prime); +} + +/* +SHA-256 algorithm - ported from Javascript + +Copyright (c) 2003-2004, Angel Marin +All rights reserved. +Portions copyright (c) 2008 Dan Fuhry. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + + * Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + * Neither the name of the nor the names of its contributors may + be used to endorse or promote products derived from this software without + specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +OF THE POSSIBILITY OF SUCH DAMAGE. +*/ +class SHA256 +{ + var $chrsz = 8; /* bits per input character. 8 - ASCII; 16 - Unicode */ + + function safe_add ($x, $y) { + $lsw = ($x & 0xFFFF) + ($y & 0xFFFF); + $msw = ($x >> 16) + ($y >> 16) + ($lsw >> 16); + return ($msw << 16) | ($lsw & 0xFFFF); + } + function rshz($X, $n) + { + // equivalent to $X >>> $n in javascript + // pulled from http://www.tapouillo.com/firefox_extension/sourcecode.txt, public domain + $z = hexdec(80000000); + if ($z & $X) + { + $X = ($X>>1); + $X &= (~$z); + $X |= 0x40000000; + $X = ($X>>($n-1)); + } + else + { + $X = ($X>>$n); + } + return $X; + } + function S ($X, $n) {return ( $this->rshz($X, $n) ) | ($X << (32 - $n));} + function R ($X, $n) {return ( $this->rshz($X, $n) );} + function Ch($x, $y, $z) {return (($x & $y) ^ ((~$x) & $z));} + function Maj($x, $y, $z) {return (($x & $y) ^ ($x & $z) ^ ($y & $z));} + function Sigma0256($x) {return ($this->S($x, 2) ^ $this->S($x, 13) ^ $this->S($x, 22));} + function Sigma1256($x) {return ($this->S($x, 6) ^ $this->S($x, 11) ^ $this->S($x, 25));} + function Gamma0256($x) {return ($this->S($x, 7) ^ $this->S($x, 18) ^ $this->R($x, 3));} + function Gamma1256($x) {return ($this->S($x, 17) ^ $this->S($x, 19) ^ $this->R($x, 10));} + function core_sha256 ($m, $l) { + $K = Array(0x428A2F98,0x71374491,0xB5C0FBCF,0xE9B5DBA5,0x3956C25B,0x59F111F1,0x923F82A4,0xAB1C5ED5,0xD807AA98,0x12835B01,0x243185BE,0x550C7DC3,0x72BE5D74,0x80DEB1FE,0x9BDC06A7,0xC19BF174,0xE49B69C1,0xEFBE4786,0xFC19DC6,0x240CA1CC,0x2DE92C6F,0x4A7484AA,0x5CB0A9DC,0x76F988DA,0x983E5152,0xA831C66D,0xB00327C8,0xBF597FC7,0xC6E00BF3,0xD5A79147,0x6CA6351,0x14292967,0x27B70A85,0x2E1B2138,0x4D2C6DFC,0x53380D13,0x650A7354,0x766A0ABB,0x81C2C92E,0x92722C85,0xA2BFE8A1,0xA81A664B,0xC24B8B70,0xC76C51A3,0xD192E819,0xD6990624,0xF40E3585,0x106AA070,0x19A4C116,0x1E376C08,0x2748774C,0x34B0BCB5,0x391C0CB3,0x4ED8AA4A,0x5B9CCA4F,0x682E6FF3,0x748F82EE,0x78A5636F,0x84C87814,0x8CC70208,0x90BEFFFA,0xA4506CEB,0xBEF9A3F7,0xC67178F2); + $HASH = Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19); + $W = Array(64); + /* append padding */ + $m[$l >> 5] |= 0x80 << (24 - $l % 32); + $m[(($l + 64 >> 9) << 4) + 15] = $l; + for ( $i = 0; $isafe_add( + $this->safe_add( + $this->safe_add( + $this->Gamma1256($W[$j - 2]), $W[$j - 7]), + $this->Gamma0256($W[$j - 15])), + $W[$j - 16]); + } + $T1 = $this->safe_add( + $this->safe_add( + $this->safe_add( + $this->safe_add($h, $this->Sigma1256($e) + ), + $this->Ch($e, $f, $g)), + $K[$j]), + $W[$j]); + $T2 = $this->safe_add($this->Sigma0256($a), $this->Maj($a, $b, $c)); + $h = $g; + $g = $f; + $f = $e; + $e = $this->safe_add($d, $T1); + $d = $c; + $c = $b; + $b = $a; + $a = $this->safe_add($T1, $T2); + } + $HASH[0] = $this->safe_add($a, $HASH[0]); + $HASH[1] = $this->safe_add($b, $HASH[1]); + $HASH[2] = $this->safe_add($c, $HASH[2]); + $HASH[3] = $this->safe_add($d, $HASH[3]); + $HASH[4] = $this->safe_add($e, $HASH[4]); + $HASH[5] = $this->safe_add($f, $HASH[5]); + $HASH[6] = $this->safe_add($g, $HASH[6]); + $HASH[7] = $this->safe_add($h, $HASH[7]); + } + return $HASH; + } + function str2binb ($str) { + $bin = Array(); + for ( $i = 0; $i < strlen($str); $i++ ) + { + $byte = ord($str{$i}); + $block = floor($i / 4); + $stage = $i % 4; + if ( $stage == 0 ) + { + $bin[$block] = $byte; + } + else + { + $bin[$block] <<= 8; + $bin[$block] |= $byte; + } + } + while ( $stage < 3 ) + { + $stage++; + $bin[$block] <<= 8; + } + return $bin; + } + function byte2hex($byte) + { + $b = dechex(ord($byte)); + return ( strlen($b) < 2 ) ? "0$b" : $b; + } + function binb2hex ($binarray) { + $hexcase = 0; /* hex output format. 0 - lowercase; 1 - uppercase */ + $hex_tab = $hexcase ? "0123456789ABCDEF" : "0123456789abcdef"; + $str = ""; + foreach ( $binarray as $bytes ) + { + $str .= implode('', array( + $this->byte2hex(chr(( $bytes >> 24 ) & 0xFF)), + $this->byte2hex(chr(( $bytes >> 16 ) & 0xFF)), + $this->byte2hex(chr(( $bytes >> 8 ) & 0xFF)), + $this->byte2hex(chr($bytes & 0xFF)) + )); + } + return $str; + } + function hex_sha256 ( $s ) + { + return $this->binb2hex( + $this->core_sha256( + $this->str2binb($s), + strlen($s) * $this->chrsz) + ); + } +} + +if ( !function_exists('sha256') ) +{ + function sha256($text) + { + static $sha_obj = false; + if ( !is_object($sha_obj) ) + $sha_obj = new SHA256(); + return $sha_obj->hex_sha256($text); + } +} + +?>