/** * Initialize the diffie-hellman parameters for the association request. * * @return void */ public function init() { if ($this->cdh === null) { $this->cdh = new Crypt_DiffieHellman(self::DH_DEFAULT_MODULUS, self::DH_DEFAULT_GENERATOR); $this->cdh->generateKeys(); } // Set public key $this->message->set('openid.dh_consumer_public', base64_encode($this->cdh->getPublicKey(Crypt_DiffieHellman::BTWOC))); // Set modulus $prime = $this->cdh->getPrime(Crypt_DiffieHellman::BTWOC); $this->message->set('openid.dh_modulus', base64_encode($prime)); // Set prime $gen = $this->cdh->getGenerator(Crypt_DiffieHellman::BTWOC); $this->message->set('openid.dh_gen', base64_encode($gen)); }
public function checkHandshake() { if ($this->Input->get("useAPIK") == true) { $this->Database->prepare("UPDATE tl_ctocom_cache %s WHERE uid=?")->set(array("tstamp" => time(), "shared_secret_key" => $GLOBALS['TL_CONFIG']['ctoCom_APIKey']))->execute($this->Input->get("con")); return true; } else { // Imoprt require_once TL_ROOT . '/system/modules/DiffieHellman/DiffieHellman.php'; if (strlen($this->Input->get("key")) == 0) { throw new \Exception("Could not find public key for handshake."); } // Load information $arrConnections = $this->Database->prepare("SELECT * FROM tl_ctocom_cache WHERE uid=?")->execute($this->Input->get("con"))->fetchAllAssoc(); // Start key gen $objDiffieHellman = new \Crypt_DiffieHellman($arrConnections[0]["prime"], $arrConnections[0]["generator"], $arrConnections[0]["private_key"]); $objDiffieHellman->generateKeys(); $strSecretKey = $objDiffieHellman->computeSecretKey($this->Input->get("key"))->getSharedSecretKey(); $this->Database->prepare("UPDATE tl_ctocom_cache %s WHERE uid=?")->set(array("tstamp" => time(), "shared_secret_key" => $strSecretKey))->execute($this->Input->get("con")); return $objDiffieHellman->getPublicKey(); } }
public function startConnection() { /* * Try to get the Version from client. * If we get a blank response or a error, the system try to use the * old AES Codifyengine. */ try { $strVersion = $this->run("CTOCOM_VERSION"); if (version_compare($strVersion, $GLOBALS["CTOCOM_VERSION"], '<')) { $this->setConnectionBasicCodify("aes"); } } catch (\RuntimeException $exc) { \System::log("The client with the adress: " . $this->strUrl . " seems to be an older Version.", __CLASS__ . " | " . __FUNCTION__, TL_INFO); $this->setConnectionBasicCodify("aes"); } // Check handshake if ($GLOBALS['TL_CONFIG']['ctoCom_handshake'] == true) { // Set flag for API key use $arrData = array(array("name" => "useAPIK", "value" => true)); // Say "Hello" for connection id $strMyNumber = $this->run("CTOCOM_HELLO"); $this->client->setConnectionID($strMyNumber); // Start key handshake if (!$this->run("CTOCOM_START_HANDSHAKE", $arrData, true)) { throw new \RuntimeException("Could not set API Key for handshake."); } if (!$this->run("CTOCOM_CHECK_HANDSHAKE", $arrData, true)) { throw new \RuntimeException("Could not set API Key for handshake."); } // Save and end $this->client->setConnectionKey($this->client->getApiKey()); $this->saveConnectionSettings($this->client); } else { // Imoprt require_once TL_ROOT . '/system/modules/DiffieHellman/DiffieHellman.php'; // Say "Hello" for connection id $strMyNumber = $this->run("CTOCOM_HELLO"); $this->client->setConnectionID($strMyNumber); // Start key handshake $arrDiffieHellman = $this->run("CTOCOM_START_HANDSHAKE"); $objLastException = null; for ($i = 0; $i < 100; $i++) { // Create random private key. $intPrivateLength = rand(strlen($arrDiffieHellman["generator"]), strlen($arrDiffieHellman["prime"]) - 2); $strPrivate = rand(1, 9); for ($ii = 0; $ii < $intPrivateLength; $ii++) { $strPrivate .= rand(0, 9); } if (!preg_match("/^\\d+\$/", $strPrivate)) { $objLastException = new \RuntimeException("Private key is not a natural number"); continue; } try { // Start key gen $objDiffieHellman = new \Crypt_DiffieHellman($arrDiffieHellman["prime"], $arrDiffieHellman["generator"], $strPrivate); $objDiffieHellman->generateKeys(); // Send public key for check $arrData = array(array("name" => "key", "value" => $objDiffieHellman->getPublicKey())); } catch (\RuntimeException $exc) { $objLastException = $exc; continue; } $objLastException = null; break; } if ($objLastException != null) { throw $objLastException; } $strPublicKey = $this->run("CTOCOM_CHECK_HANDSHAKE", $arrData, true); if ($arrDiffieHellman["public_key"] != $strPublicKey) { throw new \RuntimeException("Error for handshake. Public-Key from client isn't valide."); } $strSecretKey = $objDiffieHellman->computeSecretKey($arrDiffieHellman["public_key"])->getSharedSecretKey(); // Save and end $this->client->setConnectionKey($strSecretKey); $this->saveConnectionSettings($this->client); } }