📄 openid.php
字号:
* redirects when retrieving their content and finally applying the * rules in Section 6 of [RFC3986] to the final destination URL. * @param string &$id identifier to be normalized * @return bool */ static public function normalize(&$id) { $id = trim($id); if (strlen($id) === 0) { return true; } // 7.2.1 if (strpos($id, 'xri://$ip*') === 0) { $id = substr($id, strlen('xri://$ip*')); } else if (strpos($id, 'xri://$dns*') === 0) { $id = substr($id, strlen('xri://$dns*')); } else if (strpos($id, 'xri://') === 0) { $id = substr($id, strlen('xri://')); } // 7.2.2 if ($id[0] == '=' || $id[0] == '@' || $id[0] == '+' || $id[0] == '$' || $id[0] == '!') { return true; } // 7.2.3 if (strpos($id, "://") === false) { $id = 'http://' . $id; } // 7.2.4 return self::normalizeURL($id); } /** * Performs a HTTP redirection to specified URL with additional data. * It may generate redirected request using GET or POST HTTP method. * The function never returns. * * @param string $url URL to redirect to * @param array $params additional variable/value pairs to send * @param Zend_Controller_Response_Abstract $response * @param string $method redirection method ('GET' or 'POST') */ static public function redirect($url, $params = null, Zend_Controller_Response_Abstract $response = null, $method = 'GET') { $url = Zend_OpenId::absoluteUrl($url); $body = ""; if (null === $response) { require_once "Zend/Controller/Response/Http.php"; $response = new Zend_Controller_Response_Http(); } if ($method == 'POST') { $body = "<html><body onLoad=\"document.forms[0].submit();\">\n"; $body .= "<form method=\"POST\" action=\"$url\">\n"; if (is_array($params) && count($params) > 0) { foreach($params as $key => $value) { $body .= '<input type="hidden" name="' . $key . '" value="' . $value . "\">\n"; } } $body .= "<input type=\"submit\" value=\"Continue OpenID transaction\">\n"; $body .= "</form></body></html>\n"; } else if (is_array($params) && count($params) > 0) { if (strpos($url, '?') === false) { $url .= '?' . self::paramsToQuery($params); } else { $url .= '&' . self::paramsToQuery($params); } } if (!empty($body)) { $response->setBody($body); } else if (!$response->canSendHeaders()) { $response->setBody("<script language=\"JavaScript\"" . " type=\"text/javascript\">window.location='$url';" . "</script>"); } else { $response->setRedirect($url); } $response->sendResponse(); if (self::$exitOnRedirect) { exit(); } } /** * Produces string of random byte of given length. * * @param integer $len length of requested string * @return string RAW random binary string */ static public function randomBytes($len) { $key = ''; for($i=0; $i < $len; $i++) { $key .= chr(mt_rand(0, 255)); } return $key; } /** * Generates a hash value (message digest) according to given algorithm. * It returns RAW binary string. * * This is a wrapper function that uses one of available internal function * dependent on given PHP configuration. It may use various functions from * ext/openssl, ext/hash, ext/mhash or ext/standard. * * @param string $func digest algorithm * @param string $data data to sign * @return string RAW digital signature * @throws Zend_OpenId_Exception */ static public function digest($func, $data) { if (function_exists('openssl_digest')) { return openssl_digest($data, $func, true); } else if (function_exists('hash')) { return hash($func, $data, true); } else if ($func === 'sha1') { return sha1($data, true); } else if ($func === 'sha256') { if (function_exists('mhash')) { return mhash(MHASH_SHA256 , $data); } } throw new Zend_OpenId_Exception( 'Unsupported digest algorithm "' . $func . '".', Zend_OpenId_Exception::UNSUPPORTED_DIGEST); } /** * Generates a keyed hash value using the HMAC method. It uses ext/hash * if available or user-level PHP implementation, that is not significantly * slower. * * @param string $macFunc name of selected hashing algorithm (sha1, sha256) * @param string $data data to sign * @param string $secret shared secret key used for generating the HMAC * variant of the message digest * @return string RAW HMAC value */ static public function hashHmac($macFunc, $data, $secret) {// require_once "Zend/Crypt/Hmac.php";// return Zend_Crypt_Hmac::compute($secret, $macFunc, $data, Zend_Crypt_Hmac::BINARY); if (function_exists('hash_hmac')) { return hash_hmac($macFunc, $data, $secret, 1); } else { if (strlen($secret) > 64) { $secret = self::digest($macFunc, $secret); } $secret = str_pad($secret, 64, chr(0x00)); $ipad = str_repeat(chr(0x36), 64); $opad = str_repeat(chr(0x5c), 64); $hash1 = self::digest($macFunc, ($secret ^ $ipad) . $data); return self::digest($macFunc, ($secret ^ $opad) . $hash1); } } /** * Converts binary representation into ext/gmp or ext/bcmath big integer * representation. * * @param string $bin binary representation of big number * @return mixed * @throws Zend_OpenId_Exception */ static protected function binToBigNum($bin) { if (extension_loaded('gmp')) { return gmp_init(bin2hex($bin), 16); } else if (extension_loaded('bcmath')) { $bn = 0; $len = strlen($bin); for ($i = 0; $i < $len; $i++) { $bn = bcmul($bn, 256); $bn = bcadd($bn, ord($bin[$i])); } return $bn; } throw new Zend_OpenId_Exception( 'The system doesn\'t have proper big integer extension', Zend_OpenId_Exception::UNSUPPORTED_LONG_MATH); } /** * Converts internal ext/gmp or ext/bcmath big integer representation into * binary string. * * @param mixed $bn big number * @return string * @throws Zend_OpenId_Exception */ static protected function bigNumToBin($bn) { if (extension_loaded('gmp')) { $s = gmp_strval($bn, 16); if (strlen($s) % 2 != 0) { $s = '0' . $s; } return pack("H*", $s); } else if (extension_loaded('bcmath')) { $cmp = bccomp($bn, 0); if ($cmp == 0) { return (chr(0)); } else if ($cmp < 0) { throw new Zend_OpenId_Exception( 'Big integer arithmetic error', Zend_OpenId_Exception::ERROR_LONG_MATH); } $bin = ""; while (bccomp($bn, 0) > 0) { $bin = chr(bcmod($bn, 256)) . $bin; $bn = bcdiv($bn, 256); } return $bin; } throw new Zend_OpenId_Exception( 'The system doesn\'t have proper big integer extension', Zend_OpenId_Exception::UNSUPPORTED_LONG_MATH); } /** * Performs the first step of a Diffie-Hellman key exchange by generating * private and public DH values based on given prime number $p and * generator $g. Both sides of key exchange MUST have the same prime number * and generator. In this case they will able to create a random shared * secret that is never send from one to the other. * * @param string $p prime number in binary representation * @param string $g generator in binary representation * @param string $priv_key private key in binary representation * @return mixed */ static public function createDhKey($p, $g, $priv_key = null) { if (function_exists('openssl_dh_compute_key')) { $dh_details = array( 'p' => $p, 'g' => $g ); if (!is_null($priv_key)) { $dh_details['priv_key'] = $priv_key; } return openssl_pkey_new(array('dh'=>$dh_details)); } else { $bn_p = self::binToBigNum($p); $bn_g = self::binToBigNum($g); if (is_null($priv_key)) { $priv_key = self::randomBytes(strlen($p)); } $bn_priv_key = self::binToBigNum($priv_key); if (extension_loaded('gmp')) { $bn_pub_key = gmp_powm($bn_g, $bn_priv_key, $bn_p); } else if (extension_loaded('bcmath')) { $bn_pub_key = bcpowmod($bn_g, $bn_priv_key, $bn_p); } $pub_key = self::bigNumToBin($bn_pub_key); return array( 'p' => $bn_p, 'g' => $bn_g, 'priv_key' => $bn_priv_key, 'pub_key' => $bn_pub_key, 'details' => array( 'p' => $p, 'g' => $g, 'priv_key' => $priv_key, 'pub_key' => $pub_key)); } } /** * Returns an associative array with Diffie-Hellman key components in * binary representation. The array includes original prime number 'p' and * generator 'g', random private key 'priv_key' and corresponding public * key 'pub_key'. * * @param mixed $dh Diffie-Hellman key * @return array */ static public function getDhKeyDetails($dh) { if (function_exists('openssl_dh_compute_key')) { $details = openssl_pkey_get_details($dh); if (isset($details['dh'])) { return $details['dh']; } } else { return $dh['details']; } } /** * Computes the shared secret from the private DH value $dh and the other * party's public value in $pub_key * * @param string $pub_key other party's public value * @param mixed $dh Diffie-Hellman key * @return string * @throws Zend_OpenId_Exception */ static public function computeDhSecret($pub_key, $dh) { if (function_exists('openssl_dh_compute_key')) { $ret = openssl_dh_compute_key($pub_key, $dh); return $ret; } else if (extension_loaded('gmp')) { $bn_pub_key = self::binToBigNum($pub_key); $bn_secret = gmp_powm($bn_pub_key, $dh['priv_key'], $dh['p']); return self::bigNumToBin($bn_secret); } else if (extension_loaded('bcmath')) { $bn_pub_key = self::binToBigNum($pub_key); $bn_secret = bcpowmod($bn_pub_key, $dh['priv_key'], $dh['p']); return self::bigNumToBin($bn_secret); } throw new Zend_OpenId_Exception( 'The system doesn\'t have proper big integer extension', Zend_OpenId_Exception::UNSUPPORTED_LONG_MATH); } /** * Takes an arbitrary precision integer and returns its shortest big-endian * two's complement representation. * * Arbitrary precision integers MUST be encoded as big-endian signed two's * complement binary strings. Henceforth, "btwoc" is a function that takes * an arbitrary precision integer and returns its shortest big-endian two's * complement representation. All integers that are used with * Diffie-Hellman Key Exchange are positive. This means that the left-most * bit of the two's complement representation MUST be zero. If it is not, * implementations MUST add a zero byte at the front of the string. * * @param string $str binary representation of arbitrary precision integer * @return string big-endian signed representation */ static public function btwoc($str) { if (ord($str[0]) > 127) { return chr(0) . $str; } return $str; }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -