File indexing completed on 2025-01-19 05:21:01

0001 <?php
0002 /**
0003  * Zend Framework
0004  *
0005  * LICENSE
0006  *
0007  * This source file is subject to the new BSD license that is bundled
0008  * with this package in the file LICENSE.txt.
0009  * It is also available through the world-wide-web at this URL:
0010  * http://framework.zend.com/license/new-bsd
0011  * If you did not receive a copy of the license and are unable to
0012  * obtain it through the world-wide-web, please send an email
0013  * to license@zend.com so we can send you a copy immediately.
0014  *
0015  * @category   Zend
0016  * @package    Zend_Crypt
0017  * @subpackage DiffieHellman
0018  * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
0019  * @license    http://framework.zend.com/license/new-bsd     New BSD License
0020  * @version    $Id$
0021  */
0022 
0023 /**
0024  * PHP implementation of the Diffie-Hellman public key encryption algorithm.
0025  * Allows two unassociated parties to establish a joint shared secret key
0026  * to be used in encrypting subsequent communications.
0027  *
0028  * @category   Zend
0029  * @package    Zend_Crypt
0030  * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
0031  * @license    http://framework.zend.com/license/new-bsd     New BSD License
0032  */
0033 class Zend_Crypt_DiffieHellman
0034 {
0035 
0036     /**
0037      * Static flag to select whether to use PHP5.3's openssl extension
0038      * if available.
0039      *
0040      * @var boolean
0041      */
0042     public static $useOpenssl = true;
0043 
0044     /**
0045      * Default large prime number; required by the algorithm.
0046      *
0047      * @var string
0048      */
0049     private $_prime = null;
0050 
0051     /**
0052      * The default generator number. This number must be greater than 0 but
0053      * less than the prime number set.
0054      *
0055      * @var string
0056      */
0057     private $_generator = null;
0058 
0059     /**
0060      * A private number set by the local user. It's optional and will
0061      * be generated if not set.
0062      *
0063      * @var string
0064      */
0065     private $_privateKey = null;
0066 
0067     /**
0068      * BigInteger support object courtesy of Zend_Crypt_Math
0069      *
0070      * @var Zend_Crypt_Math_BigInteger
0071      */
0072     private $_math = null;
0073 
0074     /**
0075      * The public key generated by this instance after calling generateKeys().
0076      *
0077      * @var string
0078      */
0079     private $_publicKey = null;
0080 
0081     /**
0082      * The shared secret key resulting from a completed Diffie Hellman
0083      * exchange
0084      *
0085      * @var string
0086      */
0087     private $_secretKey = null;
0088 
0089     /**
0090      * Constants
0091      */
0092     const BINARY = 'binary';
0093     const NUMBER = 'number';
0094     const BTWOC  = 'btwoc';
0095 
0096     /**
0097      * Constructor; if set construct the object using the parameter array to
0098      * set values for Prime, Generator and Private.
0099      * If a Private Key is not set, one will be generated at random.
0100      *
0101      * @param string $prime
0102      * @param string $generator
0103      * @param string $privateKey
0104      * @param string $privateKeyType
0105      */
0106     public function __construct($prime, $generator, $privateKey = null, $privateKeyType = self::NUMBER)
0107     {
0108         $this->setPrime($prime);
0109         $this->setGenerator($generator);
0110         if ($privateKey !== null) {
0111             $this->setPrivateKey($privateKey, $privateKeyType);
0112         }
0113         $this->setBigIntegerMath();
0114     }
0115 
0116     /**
0117      * Generate own public key. If a private number has not already been
0118      * set, one will be generated at this stage.
0119      *
0120      * @return Zend_Crypt_DiffieHellman
0121      */
0122     public function generateKeys()
0123     {
0124         if (function_exists('openssl_dh_compute_key') && self::$useOpenssl !== false) {
0125             $details = array();
0126             $details['p'] = $this->getPrime();
0127             $details['g'] = $this->getGenerator();
0128             if ($this->hasPrivateKey()) {
0129                 $details['priv_key'] = $this->getPrivateKey();
0130             }
0131             $opensslKeyResource = openssl_pkey_new( array('dh' => $details) );
0132             $data = openssl_pkey_get_details($opensslKeyResource);
0133             $this->setPrivateKey($data['dh']['priv_key'], self::BINARY);
0134             $this->setPublicKey($data['dh']['pub_key'], self::BINARY);
0135         } else {
0136             // Private key is lazy generated in the absence of PHP 5.3's ext/openssl
0137             $publicKey = $this->_math->powmod($this->getGenerator(), $this->getPrivateKey(), $this->getPrime());
0138             $this->setPublicKey($publicKey);
0139         }
0140         return $this;
0141     }
0142 
0143     /**
0144      * Setter for the value of the public number
0145      *
0146      * @param string $number
0147      * @param string $type
0148      * @throws Zend_Crypt_DiffieHellman_Exception
0149      * @return Zend_Crypt_DiffieHellman
0150      */
0151     public function setPublicKey($number, $type = self::NUMBER)
0152     {
0153         if ($type == self::BINARY) {
0154             $number = $this->_math->fromBinary($number);
0155         }
0156         if (!preg_match("/^\d+$/", $number)) {
0157             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0158             throw new Zend_Crypt_DiffieHellman_Exception('invalid parameter; not a positive natural number');
0159         }
0160         $this->_publicKey = (string) $number;
0161         return $this;
0162     }
0163 
0164     /**
0165      * Returns own public key for communication to the second party to this
0166      * transaction.
0167      *
0168      * @param string $type
0169      * @throws Zend_Crypt_DiffieHellman_Exception
0170      * @return string
0171      */
0172     public function getPublicKey($type = self::NUMBER)
0173     {
0174         if ($this->_publicKey === null) {
0175             // require_once 'Zend/Crypt/DiffieHellman/Exception.php';
0176             throw new Zend_Crypt_DiffieHellman_Exception('A public key has not yet been generated using a prior call to generateKeys()');
0177         }
0178         if ($type == self::BINARY) {
0179             return $this->_math->toBinary($this->_publicKey);
0180         } elseif ($type == self::BTWOC) {
0181             return $this->_math->btwoc($this->_math->toBinary($this->_publicKey));
0182         }
0183         return $this->_publicKey;
0184     }
0185 
0186     /**
0187      * Compute the shared secret key based on the public key received from the
0188      * the second party to this transaction. This should agree to the secret
0189      * key the second party computes on our own public key.
0190      * Once in agreement, the key is known to only to both parties.
0191      * By default, the function expects the public key to be in binary form
0192      * which is the typical format when being transmitted.
0193      *
0194      * If you need the binary form of the shared secret key, call
0195      * getSharedSecretKey() with the optional parameter for Binary output.
0196      *
0197      * @param string $publicKey
0198      * @param string $type
0199      * @param string $output
0200      * @throws Zend_Crypt_DiffieHellman_Exception
0201      * @return mixed
0202      */
0203     public function computeSecretKey($publicKey, $type = self::NUMBER, $output = self::NUMBER)
0204     {
0205         if ($type == self::BINARY) {
0206             $publicKey = $this->_math->fromBinary($publicKey);
0207         }
0208         if (!preg_match("/^\d+$/", $publicKey)) {
0209             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0210             throw new Zend_Crypt_DiffieHellman_Exception('invalid parameter; not a positive natural number');
0211         }
0212         if (function_exists('openssl_dh_compute_key') && self::$useOpenssl !== false) {
0213             $this->_secretKey = openssl_dh_compute_key($publicKey, $this->getPublicKey());
0214         } else {
0215             $this->_secretKey = $this->_math->powmod($publicKey, $this->getPrivateKey(), $this->getPrime());
0216         }
0217         return $this->getSharedSecretKey($output);
0218     }
0219 
0220     /**
0221      * Return the computed shared secret key from the DiffieHellman transaction
0222      *
0223      * @param string $type
0224      * @throws Zend_Crypt_DiffieHellman_Exception
0225      * @return string
0226      */
0227     public function getSharedSecretKey($type = self::NUMBER)
0228     {
0229         if (!isset($this->_secretKey)) {
0230             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0231             throw new Zend_Crypt_DiffieHellman_Exception('A secret key has not yet been computed; call computeSecretKey()');
0232         }
0233         if ($type == self::BINARY) {
0234             return $this->_math->toBinary($this->_secretKey);
0235         } elseif ($type == self::BTWOC) {
0236             return $this->_math->btwoc($this->_math->toBinary($this->_secretKey));
0237         }
0238         return $this->_secretKey;
0239     }
0240 
0241     /**
0242      * Setter for the value of the prime number
0243      *
0244      * @param string $number
0245      * @throws Zend_Crypt_DiffieHellman_Exception
0246      * @return Zend_Crypt_DiffieHellman
0247      */
0248     public function setPrime($number)
0249     {
0250         if (!preg_match("/^\d+$/", $number) || $number < 11) {
0251             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0252             throw new Zend_Crypt_DiffieHellman_Exception('invalid parameter; not a positive natural number or too small: should be a large natural number prime');
0253         }
0254         $this->_prime = (string) $number;
0255         return $this;
0256     }
0257 
0258     /**
0259      * Getter for the value of the prime number
0260      *
0261      * @throws Zend_Crypt_DiffieHellman_Exception
0262      * @return string
0263      */
0264     public function getPrime()
0265     {
0266         if (!isset($this->_prime)) {
0267             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0268             throw new Zend_Crypt_DiffieHellman_Exception('No prime number has been set');
0269         }
0270         return $this->_prime;
0271     }
0272 
0273     /**
0274      * Setter for the value of the generator number
0275      *
0276      * @param string $number
0277      * @throws Zend_Crypt_DiffieHellman_Exception
0278      * @return Zend_Crypt_DiffieHellman
0279      */
0280     public function setGenerator($number)
0281     {
0282         if (!preg_match("/^\d+$/", $number) || $number < 2) {
0283             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0284             throw new Zend_Crypt_DiffieHellman_Exception('invalid parameter; not a positive natural number greater than 1');
0285         }
0286         $this->_generator = (string) $number;
0287         return $this;
0288     }
0289 
0290     /**
0291      * Getter for the value of the generator number
0292      *
0293      * @throws Zend_Crypt_DiffieHellman_Exception
0294      * @return string
0295      */
0296     public function getGenerator()
0297     {
0298         if (!isset($this->_generator)) {
0299             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0300             throw new Zend_Crypt_DiffieHellman_Exception('No generator number has been set');
0301         }
0302         return $this->_generator;
0303     }
0304 
0305     /**
0306      * Setter for the value of the private number
0307      *
0308      * @param string $number
0309      * @param string $type
0310      * @throws Zend_Crypt_DiffieHellman_Exception
0311      * @return Zend_Crypt_DiffieHellman
0312      */
0313     public function setPrivateKey($number, $type = self::NUMBER)
0314     {
0315         if ($type == self::BINARY) {
0316             $number = $this->_math->fromBinary($number);
0317         }
0318         if (!preg_match("/^\d+$/", $number)) {
0319             // require_once('Zend/Crypt/DiffieHellman/Exception.php');
0320             throw new Zend_Crypt_DiffieHellman_Exception('invalid parameter; not a positive natural number');
0321         }
0322         $this->_privateKey = (string) $number;
0323         return $this;
0324     }
0325 
0326     /**
0327      * Getter for the value of the private number
0328      *
0329      * @param string $type
0330      * @return string
0331      */
0332     public function getPrivateKey($type = self::NUMBER)
0333     {
0334         if (!$this->hasPrivateKey()) {
0335             $this->setPrivateKey($this->_generatePrivateKey(), self::BINARY);
0336         }
0337         if ($type == self::BINARY) {
0338             return $this->_math->toBinary($this->_privateKey);
0339         } elseif ($type == self::BTWOC) {
0340             return $this->_math->btwoc($this->_math->toBinary($this->_privateKey));
0341         }
0342         return $this->_privateKey;
0343     }
0344 
0345     /**
0346      * Check whether a private key currently exists.
0347      *
0348      * @return boolean
0349      */
0350     public function hasPrivateKey()
0351     {
0352         return isset($this->_privateKey);
0353     }
0354 
0355     /**
0356      * Setter to pass an extension parameter which is used to create
0357      * a specific BigInteger instance for a specific extension type.
0358      * Allows manual setting of the class in case of an extension
0359      * problem or bug.
0360      *
0361      * @param string $extension
0362      * @return void
0363      */
0364     public function setBigIntegerMath($extension = null)
0365     {
0366         /**
0367          * @see Zend_Crypt_Math
0368          */
0369         // require_once 'Zend/Crypt/Math.php';
0370         $this->_math = new Zend_Crypt_Math($extension);
0371     }
0372 
0373     /**
0374      * In the event a private number/key has not been set by the user,
0375      * or generated by ext/openssl, a best attempt will be made to
0376      * generate a random key. Having a random number generator installed
0377      * on linux/bsd is highly recommended! The alternative is not recommended
0378      * for production unless without any other option.
0379      *
0380      * @return string
0381      */
0382     protected function _generatePrivateKey()
0383     {
0384         $rand = $this->_math->rand($this->getGenerator(), $this->getPrime());
0385         return $rand;
0386     }
0387 
0388 }