81 \
fpoirotte\Pssht\Encryption\EncryptionInterface $encryptionAlgo,
89 throw new \InvalidArgumentException();
93 throw new \InvalidArgumentException();
96 $curve = \fpoirotte\Pssht\ECC\Curve25519::getInstance();
97 $d_S = openssl_random_pseudo_bytes(32);
98 $this->Q_S = $curve->getPublic($d_S);
99 $Q_C = $kexDHInit->getQ();
100 $this->K = gmp_init(bin2hex($curve->getShared($d_S, $Q_C)), 16);
111 $sub = new \fpoirotte\Pssht\Wire\Encoder(
new \
fpoirotte\Pssht\
Buffer());
112 $this->K_S->serialize($sub);
113 $K_S = $sub->getBuffer()->get(0);
114 $sub->encodeString($this->clientIdent);
115 $sub->encodeString($this->serverIdent);
118 $sub2 = new \fpoirotte\Pssht\Wire\Encoder(
new \
fpoirotte\Pssht\
Buffer());
119 $sub2->encodeBytes($msgId);
120 $this->clientKEX->serialize($sub2);
121 $sub->encodeString($sub2->getBuffer()->get(0));
122 $sub2->encodeBytes($msgId);
123 $this->serverKEX->serialize($sub2);
124 $sub->encodeString($sub2->getBuffer()->get(0));
125 $sub->encodeString(
$K_S);
126 $sub->encodeString($Q_C);
127 $sub->encodeString($this->Q_S);
128 $sub->encodeMpint($this->K);
130 $logging = \Plop\Plop::getInstance();
131 $origData = $sub->getBuffer()->get(0);
132 $data = wordwrap(bin2hex($origData), 4,
' ',
true);
133 $data = wordwrap($data, 32 + 7, PHP_EOL,
true);
134 $logging->debug(
"Signature payload:\r\n%s", array($data));
136 $this->H = $this->kexAlgo->hash($origData);
146 $sub = new \fpoirotte\Pssht\Wire\Encoder(
new \
fpoirotte\Pssht\
Buffer());
147 $this->K_S->serialize($sub);
149 $encoder->encodeString($sub->getBuffer()->get(0));
150 $encoder->encodeString($this->Q_S);
152 $sub->encodeString($this->K_S->getName());
153 $sub->encodeString($this->K_S->sign($this->H));
154 $encoder->encodeString($sub->getBuffer()->get(0));
161 throw new \RuntimeException();
$kexAlgo
Key exchange algorithm to use.
$K_S
Server's public host key.
$serverIdent
Server's identification string.
$clientIdent
Client's identification string.
serialize(\fpoirotte\Pssht\Wire\Encoder $encoder)
static unserialize(\fpoirotte\Pssht\Wire\Decoder $decoder)
$clientKEX
Algorithms supported by the client.
$kexDHInit
Client's contribution to the Diffie-Hellman Key Exchange.
$serverKEX
Algorithms supported by the server.
__construct(\fpoirotte\Pssht\Messages\KEX\ECDH\INIT\Curve25519 $kexDHInit,\fpoirotte\Pssht\Key\KeyInterface $key,\fpoirotte\Pssht\Encryption\EncryptionInterface $encryptionAlgo,\fpoirotte\Pssht\KEX\KEXInterface $kexAlgo,\fpoirotte\Pssht\Messages\KEXINIT $serverKEX,\fpoirotte\Pssht\Messages\KEXINIT $clientKEX, $serverIdent, $clientIdent)
$Q_S
Server's ephemeral public key.