Ejemplo n.º 1
0
 /**
  * Initialize the diffie-hellman parameters for the association request.
  * 
  * @return void
  */
 public function init()
 {
     if ($this->cdh === null) {
         $this->cdh = new Crypt_DiffieHellman(self::DH_DEFAULT_MODULUS, self::DH_DEFAULT_GENERATOR);
         $this->cdh->generateKeys();
     }
     // Set public key
     $this->message->set('openid.dh_consumer_public', base64_encode($this->cdh->getPublicKey(Crypt_DiffieHellman::BTWOC)));
     // Set modulus
     $prime = $this->cdh->getPrime(Crypt_DiffieHellman::BTWOC);
     $this->message->set('openid.dh_modulus', base64_encode($prime));
     // Set prime
     $gen = $this->cdh->getGenerator(Crypt_DiffieHellman::BTWOC);
     $this->message->set('openid.dh_gen', base64_encode($gen));
 }
Ejemplo n.º 2
0
 public function checkHandshake()
 {
     if ($this->Input->get("useAPIK") == true) {
         $this->Database->prepare("UPDATE tl_ctocom_cache %s WHERE uid=?")->set(array("tstamp" => time(), "shared_secret_key" => $GLOBALS['TL_CONFIG']['ctoCom_APIKey']))->execute($this->Input->get("con"));
         return true;
     } else {
         // Imoprt
         require_once TL_ROOT . '/system/modules/DiffieHellman/DiffieHellman.php';
         if (strlen($this->Input->get("key")) == 0) {
             throw new \Exception("Could not find public key for handshake.");
         }
         // Load information
         $arrConnections = $this->Database->prepare("SELECT * FROM tl_ctocom_cache WHERE uid=?")->execute($this->Input->get("con"))->fetchAllAssoc();
         // Start key gen
         $objDiffieHellman = new \Crypt_DiffieHellman($arrConnections[0]["prime"], $arrConnections[0]["generator"], $arrConnections[0]["private_key"]);
         $objDiffieHellman->generateKeys();
         $strSecretKey = $objDiffieHellman->computeSecretKey($this->Input->get("key"))->getSharedSecretKey();
         $this->Database->prepare("UPDATE tl_ctocom_cache %s WHERE uid=?")->set(array("tstamp" => time(), "shared_secret_key" => $strSecretKey))->execute($this->Input->get("con"));
         return $objDiffieHellman->getPublicKey();
     }
 }
Ejemplo n.º 3
0
 public function startConnection()
 {
     /*
      * Try to get the Version from client.
      * If we get a blank response or a error, the system try to use the
      * old AES Codifyengine.
      */
     try {
         $strVersion = $this->run("CTOCOM_VERSION");
         if (version_compare($strVersion, $GLOBALS["CTOCOM_VERSION"], '<')) {
             $this->setConnectionBasicCodify("aes");
         }
     } catch (\RuntimeException $exc) {
         \System::log("The client with the adress: " . $this->strUrl . " seems to be an older Version.", __CLASS__ . " | " . __FUNCTION__, TL_INFO);
         $this->setConnectionBasicCodify("aes");
     }
     // Check handshake
     if ($GLOBALS['TL_CONFIG']['ctoCom_handshake'] == true) {
         // Set flag for API key use
         $arrData = array(array("name" => "useAPIK", "value" => true));
         // Say "Hello" for connection id
         $strMyNumber = $this->run("CTOCOM_HELLO");
         $this->client->setConnectionID($strMyNumber);
         // Start key handshake
         if (!$this->run("CTOCOM_START_HANDSHAKE", $arrData, true)) {
             throw new \RuntimeException("Could not set API Key for handshake.");
         }
         if (!$this->run("CTOCOM_CHECK_HANDSHAKE", $arrData, true)) {
             throw new \RuntimeException("Could not set API Key for handshake.");
         }
         // Save and end
         $this->client->setConnectionKey($this->client->getApiKey());
         $this->saveConnectionSettings($this->client);
     } else {
         // Imoprt
         require_once TL_ROOT . '/system/modules/DiffieHellman/DiffieHellman.php';
         // Say "Hello" for connection id
         $strMyNumber = $this->run("CTOCOM_HELLO");
         $this->client->setConnectionID($strMyNumber);
         // Start key handshake
         $arrDiffieHellman = $this->run("CTOCOM_START_HANDSHAKE");
         $objLastException = null;
         for ($i = 0; $i < 100; $i++) {
             // Create random private key.
             $intPrivateLength = rand(strlen($arrDiffieHellman["generator"]), strlen($arrDiffieHellman["prime"]) - 2);
             $strPrivate = rand(1, 9);
             for ($ii = 0; $ii < $intPrivateLength; $ii++) {
                 $strPrivate .= rand(0, 9);
             }
             if (!preg_match("/^\\d+\$/", $strPrivate)) {
                 $objLastException = new \RuntimeException("Private key is not a natural number");
                 continue;
             }
             try {
                 // Start key gen
                 $objDiffieHellman = new \Crypt_DiffieHellman($arrDiffieHellman["prime"], $arrDiffieHellman["generator"], $strPrivate);
                 $objDiffieHellman->generateKeys();
                 // Send public key for check
                 $arrData = array(array("name" => "key", "value" => $objDiffieHellman->getPublicKey()));
             } catch (\RuntimeException $exc) {
                 $objLastException = $exc;
                 continue;
             }
             $objLastException = null;
             break;
         }
         if ($objLastException != null) {
             throw $objLastException;
         }
         $strPublicKey = $this->run("CTOCOM_CHECK_HANDSHAKE", $arrData, true);
         if ($arrDiffieHellman["public_key"] != $strPublicKey) {
             throw new \RuntimeException("Error for handshake. Public-Key from client isn't valide.");
         }
         $strSecretKey = $objDiffieHellman->computeSecretKey($arrDiffieHellman["public_key"])->getSharedSecretKey();
         // Save and end
         $this->client->setConnectionKey($strSecretKey);
         $this->saveConnectionSettings($this->client);
     }
 }