/**
* Computes the shared secret from the private DH value $dh and the other
* party's public value in $pub_key
*
* @param string $pub_key other party's public value
* @param mixed $dh Diffie-Hellman key
* @return string
* @throws Zend\OpenId\Exception
*/
public static function computeDhSecret($pub_key, $dh)
{
if (function_exists('openssl_dh_compute_key')) {
$ret = openssl_dh_compute_key($pub_key, $dh);
if (ord($ret[0]) > 127) {
$ret = "" . $ret;
}
return $ret;
} else {
if (extension_loaded('gmp')) {
$bn_pub_key = self::binToBigNum($pub_key);
$bn_secret = gmp_powm($bn_pub_key, $dh['priv_key'], $dh['p']);
return self::bigNumToBin($bn_secret);
} else {
if (extension_loaded('bcmath')) {
$bn_pub_key = self::binToBigNum($pub_key);
$bn_secret = bcpowmod($bn_pub_key, $dh['priv_key'], $dh['p']);
return self::bigNumToBin($bn_secret);
}
}
}
throw new Exception('The system doesn\'t have proper big integer extension', Exception::UNSUPPORTED_LONG_MATH);
}
public static function dhComputeKey($pubKey, PKey $dhKey)
{
$return = openssl_dh_compute_key($pubKey, $dhKey->getResource());
self::handleReturn($return);
return $return;
}
/**
* Compute the shared secret key based on the public key received from the
* the second party to this transaction. This should agree to the secret
* key the second party computes on our own public key.
* Once in agreement, the key is known to only to both parties.
* By default, the function expects the public key to be in binary form
* which is the typical format when being transmitted.
*
* If you need the binary form of the shared secret key, call
* getSharedSecretKey() with the optional parameter for Binary output.
*
* @param string $publicKey
* @param string $type
* @return mixed
*/
public function computeSecretKey($publicKey, $type = self::NUMBER, $output = self::NUMBER)
{
if ($type == self::BINARY) {
$publicKey = $this->_math->fromBinary($publicKey);
}
if (!preg_match("/^\\d+\$/", $publicKey)) {
#require_once('Zend/Crypt/DiffieHellman/Exception.php');
throw new Zend_Crypt_DiffieHellman_Exception('invalid parameter; not a positive natural number');
}
if (function_exists('openssl_dh_compute_key') && self::$useOpenssl !== false) {
$this->_secretKey = openssl_dh_compute_key($publicKey, $this->getPublicKey());
} else {
$this->_secretKey = $this->_math->powmod($publicKey, $this->getPrivateKey(), $this->getPrime());
}
return $this->getSharedSecretKey($output);
}
/**
* Compute the shared secret key based on the public key received from the
* the second party to this transaction. This should agree to the secret
* key the second party computes on our own public key.
* Once in agreement, the key is known to only to both parties.
* By default, the function expects the public key to be in binary form
* which is the typical format when being transmitted.
*
* If you need the binary form of the shared secret key, call
* getSharedSecretKey() with the optional parameter for Binary output.
*
* @param string $publicKey
* @param string $publicKeyFormat
* @param string $secretKeyFormat
* @return string
* @throws \Zend\Crypt\Exception\InvalidArgumentException
* @throws \Zend\Crypt\Exception\RuntimeException
*/
public function computeSecretKey($publicKey, $publicKeyFormat = self::FORMAT_NUMBER, $secretKeyFormat = self::FORMAT_NUMBER)
{
if (function_exists('openssl_dh_compute_key') && static::$useOpenssl !== false) {
$publicKey = $this->convert($publicKey, $publicKeyFormat, self::FORMAT_BINARY);
$secretKey = openssl_dh_compute_key($publicKey, $this->opensslKeyResource);
if (false === $secretKey) {
throw new Exception\RuntimeException('Can not compute key; openssl ' . openssl_error_string());
}
$this->secretKey = $this->convert($secretKey, self::FORMAT_BINARY, self::FORMAT_NUMBER);
} else {
$publicKey = $this->convert($publicKey, $publicKeyFormat, self::FORMAT_NUMBER);
if (!preg_match('/^\\d+$/', $publicKey)) {
throw new Exception\InvalidArgumentException('Invalid parameter; not a positive natural number');
}
$this->secretKey = $this->math->powmod($publicKey, $this->getPrivateKey(), $this->getPrime());
}
return $this->getSharedSecretKey($secretKeyFormat);
}
