| Methods |
public
|
__construct(string $dh_modulus = null, string $dh_gen = null, string $algo = 'sha1')
Creates a new instance.
The modulus and generator are specified in the $dh_modulus and $dh_gen
parameters. If these are set to NULL, the default from the OpenID
specification are used.
Parameters
| $dh_modulus |
modulus
|
| $dh_gen |
generator
|
| $algo |
the hashing algorithm
|
|
#
|
public
|
associateAsServer(string $mac_key, string $dh_consumer_public): array<string, string>
Generates the cryptographic values required for responding to association
requests
Generates the cryptographic values required for responding to association
requests
This involves generating a key pair for the OpenID provider, then calculating
the shared secret. The shared secret is then used to encrypt the MAC key.
Parameters
| $mac_key |
the MAC key, in binary representation
|
| $dh_consumer_public |
the consumer's public key, in Base64 representation
|
Returns
an array containing (a) dh_server_public - the server's public key (in Base64), and (b)
enc_mac_key encrypted MAC key (in Base64), encrypted using the Diffie-Hellman shared secret
|
#
|
public
|
associateAsConsumer(string $enc_mac_key, string $dh_server_public): string
Complete association by obtaining the session MAC key from the key obtained
from the Diffie-Hellman key exchange
Complete association by obtaining the session MAC key from the key obtained
from the Diffie-Hellman key exchange
Parameters
| $enc_mac_key |
the encrypted session MAC key, in Base64 represnetation
|
| $dh_server_public |
the server's public key, in Base64 representation
|
Returns
the decrypted session MAC key, in Base64 representation
|
#
|
public
|
getPublicKey(): string
|
#
|
protected
|
getSharedSecret(string $their_public): BigNum
Calculates the shared secret for Diffie-Hellman key exchange.
Calculates the shared secret for Diffie-Hellman key exchange.
This is the second step in the Diffle-Hellman key exchange process. The other
party (in OpenID 1.0 terms, the consumer) has already generated the public
key ($dh_consumer_public) and sent it to this party (the server).
Parameters
| $their_public |
the other party's public key, in Base64 representation
|
Returns
|
#
|
protected
|
cryptMACKey(BigNum $ZZ, string $mac_key): string
Encrypts/decrypts and encodes the MAC key.
Encrypts/decrypts and encodes the MAC key.
Parameters
| $ZZ |
the Diffie-Hellman key exchange shared secret as a bignum
|
| $mac_key |
a byte stream containing the MAC key
|
Returns
the encrypted MAC key in Base64 representation
|
#
|
protected
|
xorCrypt(BigNum $key, string $plain_cipher): string
Encrypts/decrypts using XOR.
Encrypts/decrypts using XOR.
Parameters
| $key |
the encryption key. This is usually
the shared secret (ZZ) calculated from the Diffie-Hellman key exchange
|
| $plain_cipher |
the plaintext or ciphertext
|
Returns
the ciphertext or plaintext
|
#
|