public function decode()
{
$core = $this->core;
list($vMajor, $vMinor) = $core->getVersion();
// Client
$connOut = $core->getOutDuplex();
// Server
$connIn = $core->getInDuplex();
// ECDHE
if ($core->cipherSuite->isECDHEEnabled()) {
$extensions = $core->extensions;
$data = $extensions->call('Curve', 'decodeClientKeyExchange', '');
$preMaster = $extensions->call('Curve', 'getPremaster', null);
} else {
$preMaster = Core::_pack('C', $vMajor) . Core::_pack('C', $vMinor) . Core::getRandom(46);
$crtDers = $core->getCrtDers();
$publicKey = X509::getPublicKey($crtDers);
openssl_public_encrypt($preMaster, $encPreMaster, $publicKey);
$data = Core::_pack('n', strlen($encPreMaster)) . $encPreMaster;
}
// Set Master Secret, IV and MAC
$this->setKeys($preMaster, $connIn, $connOut);
$this->msgType = HandshakeType::CLIENT_KEY_EXCHANGE;
$this->length = strlen($data);
return $this->getBinHeader() . $data;
}
private function encodeServerConfig(array $arrConfig)
{
if (!isset($arrConfig['key_pair_files'])) {
throw new TLSException("No keyPairFiles");
}
$keyPairFiles = $arrConfig['key_pair_files'];
if (!isset($keyPairFiles['cert']) || !isset($keyPairFiles['key'])) {
throw new TLSException("Invalid keyPair");
}
$pemCrtFiles = $keyPairFiles['cert'];
$pemPriFile = $keyPairFiles['key'][0];
$pemPriPassCode = $keyPairFiles['key'][1];
$this->config['crt_ders'] = X509::crtFilePemToDer($pemCrtFiles);
$this->config['private_key'] = X509::getPrivateKey($pemPriFile, $pemPriPassCode);
}
public static function getPublicKey(array $crtDers)
{
$pem = X509::crtDerToPem($crtDers[0]);
$publicKey = openssl_pkey_get_public($pem);
return $publicKey;
}
