80 \
fpoirotte\Pssht\Encryption\EncryptionInterface $encryptionAlgo,
88 throw new \InvalidArgumentException();
92 throw new \InvalidArgumentException();
95 $keyLength = min(20, max($encryptionAlgo->getKeySize(), 16));
96 $randBytes = openssl_random_pseudo_bytes(2 * $keyLength);
97 $y = gmp_init(bin2hex($randBytes), 16);
98 $prime = gmp_init($kexAlgo::getPrime(), 16);
99 $this->f = gmp_powm($kexAlgo::getGenerator(), $y, $prime);
100 $this->K = gmp_powm($kexDHInit->getE(), $y, $prime);
111 $sub = new \fpoirotte\Pssht\Wire\Encoder(
new \
fpoirotte\Pssht\
Buffer());
112 $this->K_S->serialize($sub);
113 $K_S = $sub->getBuffer()->get(0);
114 $sub->encodeString($this->clientIdent);
115 $sub->encodeString($this->serverIdent);
118 $sub2 = new \fpoirotte\Pssht\Wire\Encoder(
new \
fpoirotte\Pssht\
Buffer());
119 $sub2->encodeBytes($msgId);
120 $this->clientKEX->serialize($sub2);
121 $sub->encodeString($sub2->getBuffer()->get(0));
122 $sub2->encodeBytes($msgId);
123 $this->serverKEX->serialize($sub2);
124 $sub->encodeString($sub2->getBuffer()->get(0));
125 $sub->encodeString(
$K_S);
126 $sub->encodeMpint($this->kexDHInit->getE());
127 $sub->encodeMpint($this->f);
128 $sub->encodeMpint($this->K);
130 $logging = \Plop\Plop::getInstance();
131 $origData = $sub->getBuffer()->get(0);
132 $data = wordwrap(bin2hex($origData), 4,
' ',
true);
133 $data = wordwrap($data, 32 + 7, PHP_EOL,
true);
134 $logging->debug(
"Signature payload:\r\n%s", array($data));
136 $this->H = $this->kexAlgo->hash($origData);
146 $sub = new \fpoirotte\Pssht\Wire\Encoder(
new \
fpoirotte\Pssht\
Buffer());
147 $this->K_S->serialize($sub);
149 $encoder->encodeString($sub->getBuffer()->get(0));
150 $encoder->encodeMpint($this->f);
152 $sub->encodeString($this->K_S->getName());
153 $sub->encodeString($this->K_S->sign($this->H));
154 $encoder->encodeString($sub->getBuffer()->get(0));
161 throw new \RuntimeException();
$clientKEX
Algorithms supported by the client.
$kexDHInit
Client's contribution to the Diffie-Hellman Key Exchange.
static unserialize(\fpoirotte\Pssht\Wire\Decoder $decoder)
$clientIdent
Client's identification string.
$K_S
Server's public host key.
serialize(\fpoirotte\Pssht\Wire\Encoder $encoder)
$f
Server's public exponent as a GMP resource.
__construct(\fpoirotte\Pssht\Messages\KEXDH\INIT $kexDHInit,\fpoirotte\Pssht\Key\KeyInterface $key,\fpoirotte\Pssht\Encryption\EncryptionInterface $encryptionAlgo,\fpoirotte\Pssht\KEX\KEXInterface $kexAlgo,\fpoirotte\Pssht\Messages\KEXINIT $serverKEX,\fpoirotte\Pssht\Messages\KEXINIT $clientKEX, $serverIdent, $clientIdent)
$kexAlgo
Key exchange algorithm to use.
$serverKEX
Algorithms supported by the server.
$serverIdent
Server's identification string.