Gitiles
Code Review Sign In
review.sourcearcade.org / sourcearcade / ee52fbc1915703d37abe23c297f5f4e077a1a0af / . / simpleid / www / openid.inc.php
blob: 85078049735f334dcf784a5a86dceea606ad22a6 [file] [log] [blame]
<?php
/*
* SimpleID
*
* Copyright (C) Kelvin Mo 2007-10
*
* Includes code Drupal OpenID module (http://drupal.org/project/openid)
* Rowan Kerr <rowan@standardinteractive.com>
* James Walker <james@bryght.com>
*
* Copyright (C) Rowan Kerr and James Walker
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public
* License along with this program; if not, write to the Free
* Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*
* $Id$
*/
/**
* OpenID related functions.
*
* @package simpleid
* @filesource
*/
include_once "bignum.inc.php";
include_once "random.inc.php";
/**
* OpenID default modulus for Diffie-Hellman key exchange.
*
* @link http://openid.net/specs/openid-authentication-1_1.html#pvalue, http://openid.net/specs/openid-authentication-2_0.html#pvalue
*/
define('OPENID_DH_DEFAULT_MOD', '155172898181473697471232257763715539915724801'.
'966915404479707795314057629378541917580651227423698188993727816152646631'.
'438561595825688188889951272158842675419950341258706556549803580104870537'.
'681476726513255747040765857479291291572334510643245094715007229621094194'.
'349783925984760375594985848253359305585439638443');
/**
* OpenID default generator for Diffie-Hellman key exchange.
*/
define('OPENID_DH_DEFAULT_GEN', '2');
/** Constant for the global variable {@link $version} */
define('OPENID_VERSION_2', 2);
/** Constant for the global variable {@link $version} */
define('OPENID_VERSION_1_1', 1);
/** Constant for OpenID namespace */
define('OPENID_NS_2_0', 'http://specs.openid.net/auth/2.0');
/** Constant for OpenID namespace */
define('OPENID_NS_1_1', 'http://openid.net/signon/1.1');
/** Constant for OpenID namespace */
define('OPENID_NS_1_0', 'http://openid.net/signon/1.0');
/**
* Constant for the OP-local identifier which indicates that SimpleID should choose an identifier
*
* @link http://openid.net/specs/openid-authentication-2_0.html#anchor27
*/
define('OPENID_IDENTIFIER_SELECT', 'http://specs.openid.net/auth/2.0/identifier_select');
/** Constant for the XRDS service type for return_to verification */
define('OPENID_RETURN_TO', 'http://specs.openid.net/auth/2.0/return_to');
/** Parameter for {@link openid_indirect_response_url()} */
define('OPENID_RESPONSE_QUERY', 0);
/** Parameter for {@link openid_indirect_response_url()} */
define('OPENID_RESPONSE_FRAGMENT', 1);
/**
* A mapping of Type URIs of OpenID extnesions to aliases provided in an OpenID
* request.
*
* @global array $openid_ns_to_alias
*/
$openid_ns_to_alias = array("http://openid.net/extensions/sreg/1.1" => "sreg"); // For sreg 1.0 compatibility
/**
* Detects the OpenID version of the current request
*
* @param mixed $request the OpenID request
* @param string $key the key to look for to determine the OpenID
* version
* @return float either OPENID_VERSION_2 or OPENID_VERSION_1_1
* @see $version
*
*/
function openid_get_version($request, $key = 'openid.ns') {
if (!isset($request[$key])) return OPENID_VERSION_1_1;
if ($request[$key] != OPENID_NS_2_0) return OPENID_VERSION_1_1;
return OPENID_VERSION_2;
}
/**
* Creates a OpenID message for direct response.
*
* The response will be encoded using Key-Value Form Encoding.
*
* @param array $data the data in the response
* @param float $version the message version
* @return string the message in key-value form encoding
* @link http://openid.net/specs/openid-authentication-1_1.html#anchor32, http://openid.net/specs/openid-authentication-2_0.html#kvform
*/
function openid_direct_message($data, $version = OPENID_VERSION_2) {
$message = '';
$ns = '';
// Add namespace for OpenID 2
if ($version == OPENID_VERSION_2) $ns = OPENID_NS_2_0;
if (($ns != '') && !isset($data['ns'])) $data['ns'] = $ns;
foreach ($data as $key => $value) {
// Filter out invalid characters
if (strpos($key, ':') !== false) return null;
if (strpos($key, "\n") !== false) return null;
if (strpos($value, "\n") !== false) return null;
$message .= "$key:$value\n";
}
return $message;
}
/**
* Sends a direct response.
*
* @param string $message an OpenID message encoded using Key-Value Form
* @param string $status the HTTP status to send
*/
function openid_direct_response($message, $status = '200 OK') {
if (substr(PHP_SAPI, 0, 3) === 'cgi') {
header("Status: $status");
} else {
header($_SERVER['SERVER_PROTOCOL'] . ' ' . $status);
}
header("Content-Type: text/plain");
print $message;
}
/**
* Creates a OpenID message for indirect response.
*
* The response will be encoded using HTTP Encoding.
*
* @param array $data the data in the response
* @param float $version the message version
* @return array the message
* @link http://openid.net/specs/openid-authentication-2_0.html#indirect_comm
*/
function openid_indirect_message($data, $version = OPENID_VERSION_2) {
$ns = '';
// Add namespace for OpenID 2
if ($version == OPENID_VERSION_2) $ns = OPENID_NS_2_0;
if (($ns != '') && !isset($data['openid.ns'])) $data['openid.ns'] = $ns;
return $data;
}
/**
* Sends an indirect response to a URL.
*
* The indirect message is encoded in the URL and returned to the user agent using
* a HTTP redirect response. The message can be encoded in either the query component
* or the fragment component of the URL.
*
* @param string $url the URL to which the response is to be sent
* @param array|string $message an OpenID message, which can either be an array of keys
* and values, or a URL-encoded query string
* @param int $component the component of the URL in which the indirect message is
* encoded, either OPENID_RESPONSE_QUERY or OPENID_RESPONSE_FRAGMENT
*/
function openid_indirect_response($url, $message, $component = OPENID_RESPONSE_QUERY) {
if (substr(PHP_SAPI, 0,3) === 'cgi') {
header('Status: 303 See Other');
} else {
header($_SERVER['SERVER_PROTOCOL'] . ' 303 See Other');
}
header('Location: ' . openid_indirect_response_url($url, $message, $component));
exit;
}
/**
* Encodes an indirect message into a URL
*
* @param string $url the URL to which the response is to be sent
* @param array|string $message an OpenID message, which can either be an array of keys
* and values, or a URL-encoded query string
* @param int $component the component of the URL in which the indirect message is
* encoded, either OPENID_RESPONSE_QUERY or OPENID_RESPONSE_FRAGMENT
* @return string the URL to which the response is to be sent, with the
* encoded message
*/
function openid_indirect_response_url($url, $message, $component = OPENID_RESPONSE_QUERY) {
// 1. Firstly, get the query string
$query = '';
if (is_array($message)) {
$query = openid_urlencode_message($message);
} else {
$query = $message;
}
// 2. If there is no query string, then we just return the URL
if (!$query) return $url;
// 3. The URL may already have a query and a fragment. If this is so, we
// need to slot in the new query string properly. We disassemble and
// reconstruct the URL.
$parts = parse_url($url);
$url = $parts['scheme'] . '://';
if (isset($parts['user'])) {
$url .= $parts['user'];
if (isset($parts['pass'])) $url .= ':' . $parts['pass'];
$url .= '@';
}
$url .= $parts['host'];
if (isset($parts['port'])) $url .= ':' . $parts['port'];
if (isset($parts['path'])) $url .= $parts['path'];
if (($component == OPENID_RESPONSE_QUERY) || (strpos($url, '#') === FALSE)) {
$url .= '?' . ((isset($parts['query'])) ? $parts['query'] . '&' : '') . $query;
if (isset($parts['fragment'])) $url .= '#' . $parts['fragment'];
} elseif ($component == OPENID_RESPONSE_FRAGMENT) {
// In theory $parts['fragment'] should be an empty string, but the
// current draft specification does not prohibit putting other things
// in the fragment.
if (isset($parts['query'])) {
$url .= '?' . $parts['query'] . '#' . $parts['fragment'] . '&' . $query;
} else {
$url .= '#' . $parts['fragment'] . '?' . $query;
}
}
return $url;
}
/**
* Encodes a message in application/x-www-form-urlencoded format.
*
* @param array $message the OpenID message to encode
* @return string the encoded message
* @since 0.8
*/
function openid_urlencode_message($message) {
$pairs = array();
foreach ($message as $key => $value) {
$pairs[] = $key . '=' . rfc3986_urlencode($value);
}
return implode('&', $pairs);
}
/**
* Sends a direct message indicating an error. This is a convenience function
* for {@link openid_direct_response()}.
*
* @param string $error the error message
* @param array $additional any additional data to be sent with the error
* message
* @param float $version the message version
*/
function openid_direct_error($error, $additional = array(), $version = OPENID_VERSION_2) {
$message = openid_direct_message(array_merge(array('error' => $error), $additional), $version);
openid_direct_response($message, '400 Bad Request');
}
/**
* Sends an indirect message indicating an error. This is a convenience function
* for {@link openid_indirect_response()}.
*
* @param string $url the URL to which the error message is to be sent
* @param string $error the error message
* @param array $additional any additional data to be sent with the error
* message
* @param float $version the message version
* @param int $component the component of the URL in which the indirect message is
* encoded, either OPENID_RESPONSE_QUERY or OPENID_RESPONSE_FRAGMENT
*/
function openid_indirect_error($url, $error, $additional = array(), $version = OPENID_VERSION_2, $component = OPENID_RESPONSE_QUERY) {
$message = openid_indirect_message(array_merge(array('openid.mode'=> 'error', 'openid.error' => $error), $additional), $version);
openid_indirect_response($url, $message, $component);
}
/**
* Gets the realm from the OpenID request. This is specified differently
* depending on the OpenID version.
*
* @param mixed $request the OpenID request
* @param float $version the OpenID version for the message
* @return string the realm URI
*/
function openid_get_realm($request, $version) {
if ($version == OPENID_VERSION_1_1) {
$realm = $request['openid.trust_root'];
}
if ($version >= OPENID_VERSION_2) {
$realm = $request['openid.realm'];
}
if (!$realm) {
$realm = $request['openid.return_to'];
}
return $realm;
}
/**
* Parses a direct message.
*
* @param string $message the direct message to parse
* @return array an array containing the parsed key-value pairs
*
* @since 0.7
*/
function openid_parse_direct_message($message) {
$data = array();
$items = explode("\n", $message);
foreach ($items as $item) {
list ($key, $value) = explode(':', $item, 2);
$data[$key] = $value;
}
return $data;
}
/**
* Parses a query string.
*
* Query strings can be used to receive OpenID indirect messages.
*
* @param string $query the query string to parse
* @return array an array containing the parsed key-value pairs
*
* @since 0.7
*/
function openid_parse_query($query) {
$data = array();
if ($query === NULL) return array();
if ($query === '') return array();
$pairs = explode('&', $query);
foreach ($pairs as $pair) {
list ($key, $value) = explode('=', $pair, 2);
$data[$key] = urldecode($value);
}
return $data;
}
/**
* Parses the OpenID request to extract namespace information.
*
* This function builds a map between namespace aliases and their Type URIs.
*
* @param array $request the OpenID request
*/
function openid_parse_request($request) {
global $openid_ns_to_alias;
foreach ($request as $key => $value) {
if (strpos($key, 'openid.ns.') === 0) {
$alias = substr($key, 10);
$openid_ns_to_alias[$value] = $alias;
}
}
}
/**
* Determines whether a URL matches a realm.
*
* A URL matches a realm if:
*
* 1. The URL scheme and port of the URL are identical to those in the realm.
* See RFC 3986, section 3.1 for rules about URI matching.
* 2. The URL's path is equal to or a sub-directory of the realm's path.
* 3. Either:
* (a) The realm's domain contains the wild-card characters "*.", and the
* trailing part of the URL's domain is identical to the part of the
* realm following the "*." wildcard, or
* (b) The URL's domain is identical to the realm's domain
*
* @param string $url to URL to test
* @param string $realm the realm
* @return bool true if the URL matches the realm
* @since 0.6
*/
function openid_url_matches_realm($url, $realm) {
$url = parse_url($url);
$realm = parse_url($realm);
foreach(array('user', 'pass', 'fragment') as $key) {
if (array_key_exists($key, $url) || array_key_exists($key, $realm))
return false;
}
if ($url['scheme'] != $realm['scheme']) return false;
if (!isset($url['port']))
$url['port'] = '';
if (!isset($realm['port']))
$realm['port'] = '';
if (($url['port'] != $realm['port']))
return false;
if (substr($realm['host'], 0, 2) == '*.') {
$realm_re = '/^([^.]+\.)?' . preg_quote(substr($realm['host'], 2)) . '$/i';
} else {
$realm_re = '/^' . preg_quote($realm['host']) . '$/i';
}
if (!preg_match($realm_re, $url['host'])) return false;
if (!isset($url['path']))
$url['path'] = '';
if (!isset($realm['path']))
$realm['path'] = '';
if (substr($realm['path'], -1) == '/') $realm['path'] = substr($realm['path'], 0, -1);
if (($url['path'] != $realm['path']) && !preg_match('#^' . preg_quote($realm['path']) . '/.*$#', $url['path'])) return false;
return true;
}
/**
* Returns the URL of a relying party endpoint for a specified realm. This URL
* is used to discover services associated with the realm.
*
* If the realm's domain contains the wild-card characters "*.", this is substituted
* with "www.".
*
* @param string $realm the realm
* @url string the URL
*
* @since 0.7
*/
function openid_realm_discovery_url($realm) {
$parts = parse_url($realm);
$host = strtr($parts['host'], array('*.' => 'www.'));;
$url = $parts['scheme'] . '://';
if (isset($parts['user'])) {
$url .= $parts['user'];
if (isset($parts['pass'])) $url .= ':' . $parts['pass'];
$url .= '@';
}
$url .= $host;
if (isset($parts['port'])) $url .= ':' . $parts['port'];
if (isset($parts['path'])) $url .= $parts['path'];
if (isset($parts['query'])) $url .= '?' . $parts['query'];
if (isset($parts['fragment'])) $url .= '#' . $parts['fragment'];
return $url;
}
/**
* Verifies a return_to URL against the actual URL of the HTTP request.
*
* The return_to URL matches if:
*
* - The URL scheme, authority, and path are the same; and
* - Any query parameters that are present in the return_to URL are also present
* with the same values in the actual request.
*
* @param string $return_to the URL specified in the openid.return_to parameter
* @param string $actual_url the actual URL requested
* @return bool true if the URLs match
*
* @since 0.7
*/
function openid_verify_return_to($return_to, $actual_url) {
$expected = parse_url($return_to);
$actual = parse_url($actual_url);
// Schemes are case insensitive
if (strtoupper($expected['scheme']) != strtoupper($actual['scheme'])) return false;
// Hosts are case insensitive
if (strtoupper($expected['host']) != strtoupper($actual['host'])) return false;
if (!isset($expected['port']))
$expected['port'] = '';
if (!isset($actual['port']))
$actual['port'] = '';
if ($expected['port'] != $actual['port']) return false;
if (!isset($expected['path']))
$expected['path'] = '';
if (!isset($actual['path']))
$actual['path'] = '';
if ($expected['path'] != $actual['path']) return false;
if ($expected['query']) {
$expected_query = openid_parse_query($expected['query']);
$actual_query = openid_parse_query($actual['query']);
foreach ($expected_query as $key => $value) {
if (!array_key_exists($key, $actual_query)) return false;
if ($value != $actual_query[$key]) return false;
}
}
return true;
}
/**
* Filters an OpenID request to find keys specific to an extension, as specified
* by the Type URI.
*
* For exmaple, if the extension has the Type URI http://example.com/ and the
* alias example, this function will return an array of all the keys in the
* OpenID request which starts with openid.example
*
* @param string $ns the Type URI of the extension
* @param array $request the OpenID request
* @return array the filtered request, with the prefix (in the example above,
* openid.example.) stripped in the keys.
*/
function openid_extension_filter_request($ns, $request) {
global $openid_ns_to_alias;
if (!isset($openid_ns_to_alias[$ns])) return array();
$alias = $openid_ns_to_alias[$ns];
$return = array();
if (is_array($request)) {
foreach ($request as $key => $value) {
if ($key == 'openid.' . $alias) {
$return['#default'] = $value;
}
if (strpos($key, 'openid.' . $alias . '.') === 0) {
$return[substr($key, strlen('openid.' . $alias . '.'))] = $value;
}
}
}
return $return;
}
/**
* Determines whether an extension is present in an OpenID request.
*
* @param string $ns the Type URI of the extension
* @param array $request the OpenID request
* @return bool true if the extension is present in the request
*/
function openid_extension_requested($ns, $request) {
global $openid_ns_to_alias;
if (!isset($openid_ns_to_alias[$ns])) return false;
$alias = $openid_ns_to_alias[$ns];
if (is_array($request)) {
foreach ($request as $key => $value) {
if ((strpos($key, 'openid.' . $alias . '.') === 0) || (strpos($key, 'openid.' . $alias . '=') === 0)) {
return true;
}
}
}
return false;
}
/**
* Returns the OpenID alias for an extension, given a Type URI, based on the
* alias definitions in the current OpenID request.
*
* @param string $ns the Type URI
* @param bool|string $create whether to create an alias if the Type URI does not already
* have an alias in the current OpenID request. If this parameter is a string,
* then the string specified is the preferred alias to be created, unless a collision
* occurs
* @return string the alias, or NULL if the Type URI does not already
* have an alias in the current OpenID request <i>and</i> $create is false
*/
function openid_extension_alias($ns, $create = FALSE) {
global $openid_ns_to_alias;
static $e = 1;
if (isset($openid_ns_to_alias[$ns])) return $openid_ns_to_alias[$ns];
if ($create !== FALSE) {
if ($create === TRUE) {
$alias = 'e' . $e;
$e++;
} elseif (is_string($create)) {
$used_aliases = array_values($openid_ns_to_alias);
$alias = $create;
$i = 0;
while (in_array($alias, $used_aliases)) {
$i++;
$alias = $create . $i;
}
}
$openid_ns_to_alias[$ns] = $alias;
return $alias;
}
return NULL;
}
/* ------- OpenID nonce functions -------------------------------------------- */
/**
* Generates a nonce for use in OpenID responses
*
* @return string an OpenID nonce
* @link http://openid.net/specs/openid-authentication-2_0.html#positive_assertions
*/
function openid_nonce() {
return gmstrftime('%Y-%m-%dT%H:%M:%SZ') . bin2hex(random_bytes(4));
}
/* ------- Diffie-Hellman Key Exchange functions ----------------------------- */
/**
* Returns the association types supported by this server.
*
* @return array an array containing the association types supported by this server as keys
* and an array containing the key size (mac_size) and HMAC function (hmac_func) as
* values
*/
function openid_association_types() {
$association_types = array('HMAC-SHA1' => array('mac_size' => 20, 'hmac_func' => '_openid_hmac_sha1'));
if (OPENID_SHA256_SUPPORTED) $association_types['HMAC-SHA256'] = array('mac_size' => 32, 'hmac_func' => '_openid_hmac_sha256');
return $association_types;
}
/**
* Returns the association types supported by this server and the version of
* OpenID.
*
* OpenID version 1 supports an empty string as the session type. OpenID version 2
* reqires a session type to be sent.
*
* @param bool $is_https whether the transport layer encryption is used for the current
* connection
* @param float $version the OpenID version, either OPENID_VERSION_1_1 and OPENID_VERSION_2
* @return array an array containing the session types supported by this server as keys
* and an array containing the hash function (hash_func) as
* values
*/
function openid_session_types($is_https = FALSE, $version = OPENID_VERSION_2) {
$session_types = array(
'DH-SHA1' => array('hash_func' => '_openid_sha1'),
);
if (OPENID_SHA256_SUPPORTED) $session_types['DH-SHA256'] = array('hash_func' => '_openid_sha256');
if (($version >= OPENID_VERSION_2) && ($is_https == TRUE)) {
// Under OpenID 2.0 no-encryption is only allowed if TLS is used
$session_types['no-encryption'] = array();
}
if ($version == OPENID_VERSION_1_1) $session_types[''] = array();
return $session_types;
}
/**
* Generates the cryptographic values required for responding to association
* requests
*
* This involves generating a key pair for the OpenID provider, then calculating
* the shared secret. The shared secret is then used to encrypt the MAC key.
*
* @param string $mac_key the MAC key, in binary representation
* @param string $dh_consumer_public the consumer's public key, in Base64 representation
* @param string $dh_modulus modulus - a large prime number
* @param string $dh_gen generator - a primitive root modulo
* @param string $hash_func the hash function
* @return array an array containing (a) dh_server_public - the server's public key (in Base64), and (b)
* enc_mac_key encrypted MAC key (in Base64), encrypted using the Diffie-Hellman shared secret
*/
function openid_dh_server_assoc($mac_key, $dh_consumer_public, $dh_modulus = NULL, $dh_gen = NULL, $hash_func = '_openid_sha1') {
// Generate a key pair for the server
$key_pair = openid_dh_generate_key_pair($dh_modulus, $dh_gen);
// Generate the shared secret
$ZZ = openid_dh_shared_secret($dh_consumer_public, $key_pair['private'], $dh_modulus);
return array(
'dh_server_public' => $key_pair['public'],
'enc_mac_key' => openid_encrypt_mac_key($ZZ, $mac_key, $hash_func)
);
}
/**
* Complete association by obtaining the session MAC key from the key obtained
* from the Diffie-Hellman key exchange
*
* @param string $enc_mac_key the encrypted session MAC key, in Base64 represnetation
* @param string $dh_server_public the server's public key, in Base64 representation
* @param string $dh_consumer_private the consumer's private key, in Base64 representation
* @param string $dh_modulus modulus, in Base64 representation
* @param string $hash_func the hash function
* @return string the decrypted session MAC key, in Base64 representation
*/
function openid_dh_consumer_assoc($enc_mac_key, $dh_server_public, $dh_consumer_private, $dh_modulus = NULL, $hash_func = '_openid_sha1') {
// Retrieve the shared secret
$ZZ = openid_dh_shared_secret($dh_server_public, $dh_consumer_private, $dh_modulus);
// Decode the encrypted MAC key
$encrypted_mac_key = base64_decode($enc_mac_key);
return openid_encrypt_mac_key($ZZ, $encrypted_mac_key, $hash_func);
}
/**
* Calculates the shared secret for Diffie-Hellman key exchange.
*
* This is the second step in the Diffle-Hellman key exchange process. The other
* party (in OpenID 1.0 terms, the consumer) has already generated the public
* key ($dh_consumer_public) and sent it to this party (the server). The Diffie-Hellman
* modulus ($dh_modulus) and generator ($dh_gen) have either been sent or previously agreed.
*
* @param string $their_public the other party's public key, in Base64 representation
* @param string $my_private this party's private key, in Base64 representation
* @param string $dh_modulus modulus, in Base64 representation
* @return resource the shared secret (as a bignum)
*
* @see openid_dh_generate_key_pair()
* @link http://www.ietf.org/rfc/rfc2631.txt RFC 2631
*/
function openid_dh_shared_secret($their_public, $my_private, $dh_modulus = NULL) {
// Decode the keys
$y = _openid_base64_to_bignum($their_public);
$x = _openid_base64_to_bignum($my_private);
if ($dh_modulus != NULL) {
$p = _openid_base64_to_bignum($dh_modulus);
} else {
$p = bignum_new(OPENID_DH_DEFAULT_MOD);
}
// Generate the shared secret = their public ^ my private mod p = my public ^ their private mod p
$ZZ = bignum_powmod($y, $x, $p);
return $ZZ;
}
/**
* Generates a key pair for Diffie-Hellman key exchange.
*
* @param string $dh_modulus modulus, in Base64 representation
* @param string $dh_gen generator, in Base64 representation
* @return array an array containing: (a) private - the private key, in Base64
* and (b) public - the public key, in Base64
*/
function openid_dh_generate_key_pair($dh_modulus = NULL, $dh_gen = NULL) {
if ($dh_modulus != NULL) {
$p = _openid_base64_to_bignum($dh_modulus);
} else {
$p = bignum_new(OPENID_DH_DEFAULT_MOD);
}
if ($dh_gen != NULL) {
$g = _openid_base64_to_bignum($dh_gen);
} else {
$g = bignum_new(OPENID_DH_DEFAULT_GEN);
}
// Generate the private key - a random number which is less than p
$rand = _openid_dh_rand($p);
$x = bignum_add($rand, 1);
// Calculate the public key is g ^ private mod p
$y = bignum_powmod($g, $x, $p);
return array('private' => _openid_bignum_to_base64($x), 'public' => _openid_bignum_to_base64($y));
}
/**
* Encrypts/decrypts and encodes the MAC key.
*
* @param resource $ZZ the Diffie-Hellman key exchange shared secret as a bignum
* @param string $mac_key a byte stream containing the MAC key
* @param string $hash_func the hash function
* @return string the encrypted MAC key in Base64 representation
*/
function openid_encrypt_mac_key($ZZ, $mac_key, $hash_func = '_openid_sha1') {
// Encrypt/decrypt the MAC key using the shared secret and the hash function
$encrypted_mac_key = _openid_xor($ZZ, $mac_key, $hash_func);
// Encode the encrypted/decrypted MAC key
$enc_mac_key = base64_encode($encrypted_mac_key);
return $enc_mac_key;
}
/**
* Encrypts/decrypts using XOR.
*
* @param string $key the encryption key as a bignum. This is usually
* the shared secret (ZZ) calculated from the Diffie-Hellman key exchange
* @param string $plain_cipher the plaintext or ciphertext
* @param string $hash_func the hash function
* @return string the ciphertext or plaintext
*/
function _openid_xor($key, $plain_cipher, $hash_func = '_openid_sha1') {
$decoded_key = bignum_val($key, 256);
$hashed_key = call_user_func($hash_func, $decoded_key);
$cipher_plain = "";
for ($i = 0; $i < strlen($plain_cipher); $i++) {
$cipher_plain .= chr(ord($plain_cipher[$i]) ^ ord($hashed_key[$i]));
}
return $cipher_plain;
}
/**
* Generates a random integer, which will be used to derive a private key
* for Diffie-Hellman key exchange. The integer must be less than $stop
*
* @param resource $stop a prime number as a bignum
* @return resource the random integer as a bignum
*/
function _openid_dh_rand($stop) {
static $duplicate_cache = array();
// Used as the key for the duplicate cache
$rbytes = bignum_val($stop, 256);
if (array_key_exists($rbytes, $duplicate_cache)) {
list($duplicate, $nbytes) = $duplicate_cache[$rbytes];
} else {
if ($rbytes[0] == "\x00") {
$nbytes = strlen($rbytes) - 1;
} else {
$nbytes = strlen($rbytes);
}
$mxrand = bignum_pow(bignum_new(256), $nbytes);
// If we get a number less than this, then it is in the
// duplicated range.
$duplicate = bignum_mod($mxrand, $stop);
if (count($duplicate_cache) > 10) {
$duplicate_cache = array();
}
$duplicate_cache[$rbytes] = array($duplicate, $nbytes);
}
do {
$bytes = "\x00" . random_bytes($nbytes);
$n = bignum_new($bytes, 256);
// Keep looping if this value is in the low duplicated range
} while (bignum_cmp($n, $duplicate) < 0);
return bignum_mod($n, $stop);
}
/* ------- Arbitary precision arithmetic and conversion functions ------------ */
/**
* Converts an arbitary precision integer, encoded in Base64, to a bignum
*
* @param string $str arbitary precision integer, encoded in Base64
* @return resource the string representation
*/
function _openid_base64_to_bignum($str) {
return bignum_new(base64_decode($str), 256);
}
/**
* Converts a string representation of an integer to an arbitary precision
* integer, then converts it to Base64 encoding.
*
* @param string $str the string representation
* @return string the Base64 encoded arbitary precision integer
*/
function _openid_bignum_to_base64($str) {
return base64_encode(bignum_val($str, 256));
}
/**
* Encode an integer as big-endian signed two's complement binary string.
*
* @param string $num the binary integer
* @return string the signed two's complement binary string
* @link http://openid.net/specs/openid-authentication-2_0.html#btwoc
*/
function _openid_btwoc($num) {
return pack('H*', $num);
}
/* ------- Hash and HMAC functions ------------------------------------------- */
/**
* Calculates a signature of an OpenID message
*
* @param array $data the data in the message
* @param array $keys a list of keys in the message to be signed (without the
* 'openid.' prefix)
* @param string $mac_key the MAC key used to sign the message, in Base64 representation
* @param string $hmac_func the HMAC function used in the signing process
* @param float $version the OpenID version
* @return string the signature encoded in Base64
*/
function openid_sign($data, $keys, $mac_key, $hmac_func = '_openid_hmac_sha1', $version = OPENID_VERSION_2) {
$signature = '';
$sign_data = array();
foreach ($keys as $key) {
if (array_key_exists('openid.' . $key, $data)) {
$sign_data[$key] = $data['openid.' . $key];
}
}
$signature_base_string = _openid_signature_base_string($sign_data, $version);
$secret = base64_decode($mac_key);
$signature = call_user_func($hmac_func, $secret, $signature_base_string);
return base64_encode($signature);
}
/**
* Calculates the base string from which an OpenID signature is generated.
*
* OpenID versions 1 and 2 specify that messages are to be encoded using Key-Value
* Encoding when generating signatures. However, future OpenID version may
* specify different ways of encoding the message, such as OAuth.
*
* @param array $data the data to sign
* @param float $version the OpenID version
* @return string the signature base string
* @link http://openid.net/specs/openid-authentication-2_0.html#anchor11
*/
function _openid_signature_base_string($data, $version) {
switch ($version) {
case OPENID_VERSION_1_1:
case OPENID_VERSION_2:
// We set OPENID_VERSION_1_1 because we don't want to sign the namespace header
$signature_base_string = openid_direct_message($data, OPENID_VERSION_1_1);
break;
default:
// We set OPENID_VERSION_1_1 because we don't want to sign the namespace header
$signature_base_string = openid_direct_message($data, OPENID_VERSION_1_1);
}
return $signature_base_string;
}
/**
* Obtains the SHA1 hash of a string in binary representation.
*
* @param string $text the text to be hashed
* @return string the hash in binary representation
*/
function _openid_sha1($text) {
return sha1($text, true);
}
/**
* Obtains the keyed hash value using the HMAC method and the SHA1 algorithm
*
* @param string $key the key in binary representation
* @param string $text the text to be hashed
* @return string the hash in binary representation
*/
function _openid_hmac_sha1($key, $text) {
if (function_exists('hash_hmac') && function_exists('hash_algos') && (in_array('sha1', hash_algos()))) {
return hash_hmac('sha1', $text, $key, true);
} else {
if (!defined('OPENID_SHA1_BLOCKSIZE')) define('OPENID_SHA1_BLOCKSIZE', 64);
if (strlen($key) > OPENID_SHA1_BLOCKSIZE) {
$key = _openid_sha1($key);
}
$key = str_pad($key, OPENID_SHA1_BLOCKSIZE, chr(0x00));
$ipad = str_repeat(chr(0x36), OPENID_SHA1_BLOCKSIZE);
$opad = str_repeat(chr(0x5c), OPENID_SHA1_BLOCKSIZE);
$hash1 = _openid_sha1(($key ^ $ipad) . $text);
$hmac = _openid_sha1(($key ^ $opad) . $hash1);
return $hmac;
}
}
// Check if SHA-256 support is available
if (function_exists('hash_hmac') && function_exists('hash_algos') && (in_array('sha256', hash_algos()))) {
/**
* Whether the current installation of PHP supports SHA256. SHA256 is supported
* if the hash module is properly compiled and loaded into PHP.
*/
define('OPENID_SHA256_SUPPORTED', true);
/**
* Obtains the SHA256 hash of a string in binary representation.
*
* @param string $text the text to be hashed
* @return string $hash the hash in binary representation
*/
function _openid_sha256($text) {
return hash('sha256', $text, true);
}
/**
* Obtains the keyed hash value using the HMAC method and the SHA256 algorithm
*
* @param string $key the key in binary representation
* @param string $text the text to be hashed
* @return string the hash in binary representation
*/
function _openid_hmac_sha256($key, $text) {
return hash_hmac('sha256', $text, $key, true);
}
} else {
/** @ignore */
define('OPENID_SHA256_SUPPORTED', false);
}
if (!function_exists('rfc3986_urlencode')) {
/**
* Encodes a URL using RFC 3986.
*
* PHP's rfc3986_urlencode function encodes a URL using RFC 1738 for PHP versions
* prior to 5.3. RFC 1738 has been
* updated by RFC 3986, which change the list of characters which needs to be
* encoded.
*
* Strictly correct encoding is required for various purposes, such as OAuth
* signature base strings.
*
* @param string $s the URL to encode
* @return string the encoded URL
*/
function rfc3986_urlencode($s) {
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
return rawurlencode($s);
} else {
return str_replace('%7E', '~', rawurlencode($s));
}
}
}
?>