diff --git a/Crypt/AES.php b/Crypt/AES.php index d297f7a..832be25 100755 --- a/Crypt/AES.php +++ b/Crypt/AES.php @@ -1,16 +1,15 @@ * - * @copyright MMVIII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_AES + * @author Jim Wigginton + * @copyright MMVIII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** * Include Crypt_Rijndael */ if (!class_exists('Crypt_Rijndael')) { - require_once 'Rijndael.php'; + include_once 'Rijndael.php'; } /**#@+ @@ -81,172 +80,71 @@ if (!class_exists('Crypt_Rijndael')) { * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 */ -define('CRYPT_AES_MODE_CTR', -1); +define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR); /** * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 */ -define('CRYPT_AES_MODE_ECB', 1); +define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB); /** * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 */ -define('CRYPT_AES_MODE_CBC', 2); +define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 */ -define('CRYPT_AES_MODE_CFB', 3); +define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 */ -define('CRYPT_AES_MODE_OFB', 4); +define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB); /**#@-*/ /**#@+ * @access private - * @see Crypt_AES::Crypt_AES() + * @see Crypt_Base::Crypt_Base() */ /** * Toggles the internal implementation */ -define('CRYPT_AES_MODE_INTERNAL', 1); +define('CRYPT_AES_MODE_INTERNAL', CRYPT_MODE_INTERNAL); /** * Toggles the mcrypt implementation */ -define('CRYPT_AES_MODE_MCRYPT', 2); +define('CRYPT_AES_MODE_MCRYPT', CRYPT_MODE_MCRYPT); /**#@-*/ /** * Pure-PHP implementation of AES. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Crypt_AES + * @author Jim Wigginton + * @access public */ -class Crypt_AES extends Crypt_Rijndael { +class Crypt_AES extends Crypt_Rijndael +{ /** - * mcrypt resource for encryption + * The namespace used by the cipher for its constants. * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_AES::encrypt() + * @see Crypt_Base::const_namespace * @var String * @access private */ - var $enmcrypt; - - /** - * mcrypt resource for decryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_AES::decrypt() - * @var String - * @access private - */ - var $demcrypt; - - /** - * mcrypt resource for CFB mode - * - * @see Crypt_AES::encrypt() - * @see Crypt_AES::decrypt() - * @var String - * @access private - */ - var $ecb; - - /** - * Default Constructor. - * - * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be - * CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC. If not explictly set, CRYPT_AES_MODE_CBC will be used. - * - * @param optional Integer $mode - * @return Crypt_AES - * @access public - */ - function Crypt_AES($mode = CRYPT_AES_MODE_CBC) - { - if ( !defined('CRYPT_AES_MODE') ) { - switch (true) { - case extension_loaded('mcrypt') && in_array('rijndael-128', mcrypt_list_algorithms()): - define('CRYPT_AES_MODE', CRYPT_AES_MODE_MCRYPT); - break; - default: - define('CRYPT_AES_MODE', CRYPT_AES_MODE_INTERNAL); - } - } - - switch ( CRYPT_AES_MODE ) { - case CRYPT_AES_MODE_MCRYPT: - switch ($mode) { - case CRYPT_AES_MODE_ECB: - $this->paddable = true; - $this->mode = MCRYPT_MODE_ECB; - break; - case CRYPT_AES_MODE_CTR: - // ctr doesn't have a constant associated with it even though it appears to be fairly widely - // supported. in lieu of knowing just how widely supported it is, i've, for now, opted not to - // include a compatibility layer. the layer has been implemented but, for now, is commented out. - $this->mode = 'ctr'; - //$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_AES_MODE_CTR; - break; - case CRYPT_AES_MODE_CFB: - $this->mode = 'ncfb'; - break; - case CRYPT_AES_MODE_OFB: - $this->mode = MCRYPT_MODE_NOFB; - break; - case CRYPT_AES_MODE_CBC: - default: - $this->paddable = true; - $this->mode = MCRYPT_MODE_CBC; - } - - break; - default: - switch ($mode) { - case CRYPT_AES_MODE_ECB: - $this->paddable = true; - $this->mode = CRYPT_RIJNDAEL_MODE_ECB; - break; - case CRYPT_AES_MODE_CTR: - $this->mode = CRYPT_RIJNDAEL_MODE_CTR; - break; - case CRYPT_AES_MODE_CFB: - $this->mode = CRYPT_RIJNDAEL_MODE_CFB; - break; - case CRYPT_AES_MODE_OFB: - $this->mode = CRYPT_RIJNDAEL_MODE_OFB; - break; - case CRYPT_AES_MODE_CBC: - default: - $this->paddable = true; - $this->mode = CRYPT_RIJNDAEL_MODE_CBC; - } - } - - if (CRYPT_AES_MODE == CRYPT_AES_MODE_INTERNAL) { - parent::Crypt_Rijndael($this->mode); - } - - } + var $const_namespace = 'AES'; /** * Dummy function * * Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything. * + * @see Crypt_Rijndael::setBlockLength() * @access public * @param Integer $length */ @@ -256,285 +154,54 @@ class Crypt_AES extends Crypt_Rijndael { } /** - * Sets the initialization vector. (optional) + * Sets the key length * - * SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all zero's. + * Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to + * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. * + * @see Crypt_Rijndael:setKeyLength() * @access public - * @param String $iv + * @param Integer $length */ - function setIV($iv) + function setKeyLength($length) { - parent::setIV($iv); - if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) { - $this->changed = true; + switch ($length) { + case 160: + $length = 192; + break; + case 224: + $length = 256; } + parent::setKeyLength($length); } /** - * Encrypts a message. + * Sets the key. * - * $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the - * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following - * URL: + * Rijndael supports five different key lengths, AES only supports three. * - * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} - * - * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. - * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that - * length. - * - * @see Crypt_AES::decrypt() + * @see Crypt_Rijndael:setKey() + * @see setKeyLength() * @access public - * @param String $plaintext + * @param String $key */ - function encrypt($plaintext) + function setKey($key) { - if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) { - $this->_mcryptSetup(); - - // re: http://phpseclib.sourceforge.net/cfb-demo.phps - // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's - // rewritten CFB implementation the above outputs the same thing twice. - if ($this->mode == 'ncfb' && $this->continuousBuffer) { - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - $len = strlen($plaintext); - $ciphertext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 16 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $this->enbuffer['enmcrypt_init'] = true; - } - if ($len >= 16) { - if ($this->enbuffer['enmcrypt_init'] === false || $len > 280) { - if ($this->enbuffer['enmcrypt_init'] === true) { - mcrypt_generic_init($this->enmcrypt, $this->key, $iv); - $this->enbuffer['enmcrypt_init'] = false; - } - $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 16)); - $iv = substr($ciphertext, -16); - $len%= 16; - } else { - while ($len >= 16) { - $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 16); - $ciphertext.= $iv; - $len-= 16; - $i+= 16; - } - } - } - - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $block = $iv ^ substr($plaintext, -$len); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - - return $ciphertext; - } - - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } - - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); - } - - return $ciphertext; - } - - return parent::encrypt($plaintext); - } - - /** - * Decrypts a message. - * - * If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is. - * - * @see Crypt_AES::encrypt() - * @access public - * @param String $ciphertext - */ - function decrypt($ciphertext) - { - if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) { - $this->_mcryptSetup(); - - if ($this->mode == 'ncfb' && $this->continuousBuffer) { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - $len = strlen($ciphertext); - $plaintext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 16 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - if ($len >= 16) { - $cb = substr($ciphertext, $i, $len - $len % 16); - $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; - $iv = substr($cb, -16); - $len%= 16; - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $plaintext.= $iv ^ substr($ciphertext, -$len); - $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); - $pos = $len; - } - - return $plaintext; - } - - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic : - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 15) & 0xFFFFFFF0, chr(0)); - } - - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->iv); - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - return parent::decrypt($ciphertext); - } - - /** - * Setup mcrypt - * - * Validates all the variables. - * - * @access private - */ - function _mcryptSetup() - { - if (!$this->changed) { - return; - } + parent::setKey($key); if (!$this->explicit_key_length) { - // this just copied from Crypt_Rijndael::_setup() - $length = strlen($this->key) >> 2; - if ($length > 8) { - $length = 8; - } else if ($length < 4) { - $length = 4; + $length = strlen($key); + switch (true) { + case $length <= 16: + $this->key_size = 16; + break; + case $length <= 24: + $this->key_size = 24; + break; + default: + $this->key_size = 32; } - $this->Nk = $length; - $this->key_size = $length << 2; - } - - switch ($this->Nk) { - case 4: // 128 - $this->key_size = 16; - break; - case 5: // 160 - case 6: // 192 - $this->key_size = 24; - break; - case 7: // 224 - case 8: // 256 - $this->key_size = 32; - } - - $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0)); - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, 16), 16, chr(0)); - - if (!isset($this->enmcrypt)) { - $mode = $this->mode; - //$mode = $this->mode == CRYPT_AES_MODE_CTR ? MCRYPT_MODE_ECB : $this->mode; - - $this->demcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, ''); - $this->enmcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, ''); - - if ($mode == 'ncfb') { - $this->ecb = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, ''); - } - - } // else should mcrypt_generic_deinit be called? - - mcrypt_generic_init($this->demcrypt, $this->key, $this->iv); - mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); - - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); - } - - $this->changed = false; - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * The default behavior. - * - * @see Crypt_Rijndael::disableContinuousBuffer() - * @access public - */ - function enableContinuousBuffer() - { - parent::enableContinuousBuffer(); - - if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { - $this->enbuffer['enmcrypt_init'] = true; - $this->debuffer['demcrypt_init'] = true; - } - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see Crypt_Rijndael::enableContinuousBuffer() - * @access public - */ - function disableContinuousBuffer() - { - parent::disableContinuousBuffer(); - - if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); - mcrypt_generic_init($this->demcrypt, $this->key, $this->iv); + $this->_setupEngine(); } } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/Crypt/Base.php b/Crypt/Base.php new file mode 100755 index 0000000..2248ed4 --- /dev/null +++ b/Crypt/Base.php @@ -0,0 +1,2011 @@ + + * @author Hans-Juergen Petrich + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +/**#@+ + * @access public + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + */ +/** + * Encrypt / decrypt using the Counter mode. + * + * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 + */ +define('CRYPT_MODE_CTR', -1); +/** + * Encrypt / decrypt using the Electronic Code Book mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 + */ +define('CRYPT_MODE_ECB', 1); +/** + * Encrypt / decrypt using the Code Book Chaining mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 + */ +define('CRYPT_MODE_CBC', 2); +/** + * Encrypt / decrypt using the Cipher Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 + */ +define('CRYPT_MODE_CFB', 3); +/** + * Encrypt / decrypt using the Output Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 + */ +define('CRYPT_MODE_OFB', 4); +/** + * Encrypt / decrypt using streaming mode. + * + */ +define('CRYPT_MODE_STREAM', 5); +/**#@-*/ + +/**#@+ + * @access private + * @see Crypt_Base::Crypt_Base() + */ +/** + * Base value for the internal implementation $engine switch + */ +define('CRYPT_MODE_INTERNAL', 1); +/** + * Base value for the mcrypt implementation $engine switch + */ +define('CRYPT_MODE_MCRYPT', 2); +/**#@-*/ + +/** + * Base Class for all Crypt_* cipher classes + * + * @package Crypt_Base + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @access public + */ +class Crypt_Base +{ + /** + * The Encryption Mode + * + * @see Crypt_Base::Crypt_Base() + * @var Integer + * @access private + */ + var $mode; + + /** + * The Block Length of the block cipher + * + * @var Integer + * @access private + */ + var $block_size = 16; + + /** + * The Key + * + * @see Crypt_Base::setKey() + * @var String + * @access private + */ + var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + + /** + * The Initialization Vector + * + * @see Crypt_Base::setIV() + * @var String + * @access private + */ + var $iv; + + /** + * A "sliding" Initialization Vector + * + * @see Crypt_Base::enableContinuousBuffer() + * @see Crypt_Base::_clearBuffers() + * @var String + * @access private + */ + var $encryptIV; + + /** + * A "sliding" Initialization Vector + * + * @see Crypt_Base::enableContinuousBuffer() + * @see Crypt_Base::_clearBuffers() + * @var String + * @access private + */ + var $decryptIV; + + /** + * Continuous Buffer status + * + * @see Crypt_Base::enableContinuousBuffer() + * @var Boolean + * @access private + */ + var $continuousBuffer = false; + + /** + * Encryption buffer for CTR, OFB and CFB modes + * + * @see Crypt_Base::encrypt() + * @see Crypt_Base::_clearBuffers() + * @var Array + * @access private + */ + var $enbuffer; + + /** + * Decryption buffer for CTR, OFB and CFB modes + * + * @see Crypt_Base::decrypt() + * @see Crypt_Base::_clearBuffers() + * @var Array + * @access private + */ + var $debuffer; + + /** + * mcrypt resource for encryption + * + * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. + * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. + * + * @see Crypt_Base::encrypt() + * @var Resource + * @access private + */ + var $enmcrypt; + + /** + * mcrypt resource for decryption + * + * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. + * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. + * + * @see Crypt_Base::decrypt() + * @var Resource + * @access private + */ + var $demcrypt; + + /** + * Does the enmcrypt resource need to be (re)initialized? + * + * @see Crypt_Twofish::setKey() + * @see Crypt_Twofish::setIV() + * @var Boolean + * @access private + */ + var $enchanged = true; + + /** + * Does the demcrypt resource need to be (re)initialized? + * + * @see Crypt_Twofish::setKey() + * @see Crypt_Twofish::setIV() + * @var Boolean + * @access private + */ + var $dechanged = true; + + /** + * mcrypt resource for CFB mode + * + * mcrypt's CFB mode, in (and only in) buffered context, + * is broken, so phpseclib implements the CFB mode by it self, + * even when the mcrypt php extension is available. + * + * In order to do the CFB-mode work (fast) phpseclib + * use a separate ECB-mode mcrypt resource. + * + * @link http://phpseclib.sourceforge.net/cfb-demo.phps + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + * @see Crypt_Base::_setupMcrypt() + * @var Resource + * @access private + */ + var $ecb; + + /** + * Optimizing value while CFB-encrypting + * + * Only relevant if $continuousBuffer enabled + * and $engine == CRYPT_MODE_MCRYPT + * + * It's faster to re-init $enmcrypt if + * $buffer bytes > $cfb_init_len than + * using the $ecb resource furthermore. + * + * This value depends of the chosen cipher + * and the time it would be needed for it's + * initialization [by mcrypt_generic_init()] + * which, typically, depends on the complexity + * on its internaly Key-expanding algorithm. + * + * @see Crypt_Base::encrypt() + * @var Integer + * @access private + */ + var $cfb_init_len = 600; + + /** + * Does internal cipher state need to be (re)initialized? + * + * @see setKey() + * @see setIV() + * @see disableContinuousBuffer() + * @var Boolean + * @access private + */ + var $changed = true; + + /** + * Padding status + * + * @see Crypt_Base::enablePadding() + * @var Boolean + * @access private + */ + var $padding = true; + + /** + * Is the mode one that is paddable? + * + * @see Crypt_Base::Crypt_Base() + * @var Boolean + * @access private + */ + var $paddable = false; + + /** + * Holds which crypt engine internaly should be use, + * which will be determined automatically on __construct() + * + * Currently available $engines are: + * - CRYPT_MODE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) + * - CRYPT_MODE_INTERNAL (slower, pure php-engine, no php-extension required) + * + * In the pipeline... maybe. But currently not available: + * - CRYPT_MODE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) + * + * If possible, CRYPT_MODE_MCRYPT will be used for each cipher. + * Otherwise CRYPT_MODE_INTERNAL + * + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + * @var Integer + * @access private + */ + var $engine; + + /** + * The mcrypt specific name of the cipher + * + * Only used if $engine == CRYPT_MODE_MCRYPT + * + * @link http://www.php.net/mcrypt_module_open + * @link http://www.php.net/mcrypt_list_algorithms + * @see Crypt_Base::_setupMcrypt() + * @var String + * @access private + */ + var $cipher_name_mcrypt; + + /** + * The default password key_size used by setPassword() + * + * @see Crypt_Base::setPassword() + * @var Integer + * @access private + */ + var $password_key_size = 32; + + /** + * The default salt used by setPassword() + * + * @see Crypt_Base::setPassword() + * @var String + * @access private + */ + var $password_default_salt = 'phpseclib/salt'; + + /** + * The namespace used by the cipher for its constants. + * + * ie: AES.php is using CRYPT_AES_MODE_* for its constants + * so $const_namespace is AES + * + * DES.php is using CRYPT_DES_MODE_* for its constants + * so $const_namespace is DES... and so on + * + * All CRYPT_<$const_namespace>_MODE_* are aliases of + * the generic CRYPT_MODE_* constants, so both could be used + * for each cipher. + * + * Example: + * $aes = new Crypt_AES(CRYPT_AES_MODE_CFB); // $aes will operate in cfb mode + * $aes = new Crypt_AES(CRYPT_MODE_CFB); // identical + * + * @see Crypt_Base::Crypt_Base() + * @var String + * @access private + */ + var $const_namespace; + + /** + * The name of the performance-optimized callback function + * + * Used by encrypt() / decrypt() + * only if $engine == CRYPT_MODE_INTERNAL + * + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + * @see Crypt_Base::_setupInlineCrypt() + * @see Crypt_Base::$use_inline_crypt + * @var Callback + * @access private + */ + var $inline_crypt; + + /** + * Holds whether performance-optimized $inline_crypt() can/should be used. + * + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + * @see Crypt_Base::inline_crypt + * @var mixed + * @access private + */ + var $use_inline_crypt; + + /** + * Default Constructor. + * + * Determines whether or not the mcrypt extension should be used. + * + * $mode could be: + * + * - CRYPT_MODE_ECB + * + * - CRYPT_MODE_CBC + * + * - CRYPT_MODE_CTR + * + * - CRYPT_MODE_CFB + * + * - CRYPT_MODE_OFB + * + * (or the alias constants of the chosen cipher, for example for AES: CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC ...) + * + * If not explicitly set, CRYPT_MODE_CBC will be used. + * + * @param optional Integer $mode + * @access public + */ + function Crypt_Base($mode = CRYPT_MODE_CBC) + { + $const_crypt_mode = 'CRYPT_' . $this->const_namespace . '_MODE'; + + // Determining the availibility of mcrypt support for the cipher + if (!defined($const_crypt_mode)) { + switch (true) { + case extension_loaded('mcrypt') && in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms()): + define($const_crypt_mode, CRYPT_MODE_MCRYPT); + break; + default: + define($const_crypt_mode, CRYPT_MODE_INTERNAL); + } + } + + // Determining which internal $engine should be used. + // The fastes possible first. + switch (true) { + case empty($this->cipher_name_mcrypt): // The cipher module has no mcrypt-engine support at all so we force CRYPT_MODE_INTERNAL + $this->engine = CRYPT_MODE_INTERNAL; + break; + case constant($const_crypt_mode) == CRYPT_MODE_MCRYPT: + $this->engine = CRYPT_MODE_MCRYPT; + break; + default: + $this->engine = CRYPT_MODE_INTERNAL; + } + + // $mode dependent settings + switch ($mode) { + case CRYPT_MODE_ECB: + $this->paddable = true; + $this->mode = $mode; + break; + case CRYPT_MODE_CTR: + case CRYPT_MODE_CFB: + case CRYPT_MODE_OFB: + case CRYPT_MODE_STREAM: + $this->mode = $mode; + break; + case CRYPT_MODE_CBC: + default: + $this->paddable = true; + $this->mode = CRYPT_MODE_CBC; + } + + // Determining whether inline crypting can be used by the cipher + if ($this->use_inline_crypt !== false && function_exists('create_function')) { + $this->use_inline_crypt = true; + } + } + + /** + * Sets the initialization vector. (optional) + * + * SetIV is not required when CRYPT_MODE_ECB (or ie for AES: CRYPT_AES_MODE_ECB) is being used. If not explicitly set, it'll be assumed + * to be all zero's. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @access public + * @param String $iv + */ + function setIV($iv) + { + if ($this->mode == CRYPT_MODE_ECB) { + return; + } + + $this->iv = $iv; + $this->changed = true; + } + + /** + * Sets the key. + * + * The min/max length(s) of the key depends on the cipher which is used. + * If the key not fits the length(s) of the cipher it will paded with null bytes + * up to the closest valid key length. If the key is more than max length, + * we trim the excess bits. + * + * If the key is not explicitly set, it'll be assumed to be all null bytes. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @access public + * @param String $key + */ + function setKey($key) + { + $this->key = $key; + $this->changed = true; + } + + /** + * Sets the password. + * + * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: + * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2} or pbkdf1: + * $hash, $salt, $count, $dkLen + * + * Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see Crypt/Hash.php + * @param String $password + * @param optional String $method + * @return Boolean + * @access public + */ + function setPassword($password, $method = 'pbkdf2') + { + $key = ''; + + switch ($method) { + default: // 'pbkdf2' or 'pbkdf1' + $func_args = func_get_args(); + + // Hash function + $hash = isset($func_args[2]) ? $func_args[2] : 'sha1'; + + // WPA and WPA2 use the SSID as the salt + $salt = isset($func_args[3]) ? $func_args[3] : $this->password_default_salt; + + // RFC2898#section-4.2 uses 1,000 iterations by default + // WPA and WPA2 use 4,096. + $count = isset($func_args[4]) ? $func_args[4] : 1000; + + // Keylength + if (isset($func_args[5])) { + $dkLen = $func_args[5]; + } else { + $dkLen = $method == 'pbkdf1' ? 2 * $this->password_key_size : $this->password_key_size; + } + + switch (true) { + case $method == 'pbkdf1': + if (!class_exists('Crypt_Hash')) { + include_once 'Crypt/Hash.php'; + } + $hashObj = new Crypt_Hash(); + $hashObj->setHash($hash); + if ($dkLen > $hashObj->getLength()) { + user_error('Derived key too long'); + return false; + } + $t = $password . $salt; + for ($i = 0; $i < $count; ++$i) { + $t = $hashObj->hash($t); + } + $key = substr($t, 0, $dkLen); + + $this->setKey(substr($key, 0, $dkLen >> 1)); + $this->setIV(substr($key, $dkLen >> 1)); + + return true; + // Determining if php[>=5.5.0]'s hash_pbkdf2() function avail- and useable + case !function_exists('hash_pbkdf2'): + case !function_exists('hash_algos'): + case !in_array($hash, hash_algos()): + if (!class_exists('Crypt_Hash')) { + include_once 'Crypt/Hash.php'; + } + $i = 1; + while (strlen($key) < $dkLen) { + $hmac = new Crypt_Hash(); + $hmac->setHash($hash); + $hmac->setKey($password); + $f = $u = $hmac->hash($salt . pack('N', $i++)); + for ($j = 2; $j <= $count; ++$j) { + $u = $hmac->hash($u); + $f^= $u; + } + $key.= $f; + } + $key = substr($key, 0, $dkLen); + break; + default: + $key = hash_pbkdf2($hash, $password, $salt, $count, $dkLen, true); + } + } + + $this->setKey($key); + + return true; + } + + /** + * Encrypts a message. + * + * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other cipher + * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's + * necessary are discussed in the following + * URL: + * + * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} + * + * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. + * strlen($plaintext) will still need to be a multiple of the block size, however, arbitrary values can be added to make it that + * length. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see Crypt_Base::decrypt() + * @access public + * @param String $plaintext + * @return String $cipertext + */ + function encrypt($plaintext) + { + if ($this->engine == CRYPT_MODE_MCRYPT) { + if ($this->changed) { + $this->_setupMcrypt(); + $this->changed = false; + } + if ($this->enchanged) { + mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); + $this->enchanged = false; + } + + // re: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} + // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's + // rewritten CFB implementation the above outputs the same thing twice. + if ($this->mode == CRYPT_MODE_CFB && $this->continuousBuffer) { + $block_size = $this->block_size; + $iv = &$this->encryptIV; + $pos = &$this->enbuffer['pos']; + $len = strlen($plaintext); + $ciphertext = ''; + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len-= $max; + $pos = 0; + } else { + $i = $len; + $pos+= $len; + $len = 0; + } + $ciphertext = substr($iv, $orig_pos) ^ $plaintext; + $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); + $this->enbuffer['enmcrypt_init'] = true; + } + if ($len >= $block_size) { + if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) { + if ($this->enbuffer['enmcrypt_init'] === true) { + mcrypt_generic_init($this->enmcrypt, $this->key, $iv); + $this->enbuffer['enmcrypt_init'] = false; + } + $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size)); + $iv = substr($ciphertext, -$block_size); + $len%= $block_size; + } else { + while ($len >= $block_size) { + $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size); + $ciphertext.= $iv; + $len-= $block_size; + $i+= $block_size; + } + } + } + + if ($len) { + $iv = mcrypt_generic($this->ecb, $iv); + $block = $iv ^ substr($plaintext, -$len); + $iv = substr_replace($iv, $block, 0, $len); + $ciphertext.= $block; + $pos = $len; + } + + return $ciphertext; + } + + if ($this->paddable) { + $plaintext = $this->_pad($plaintext); + } + + $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); + + if (!$this->continuousBuffer) { + mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); + } + + return $ciphertext; + } + + if ($this->changed) { + $this->_setup(); + $this->changed = false; + } + if ($this->use_inline_crypt) { + $inline = $this->inline_crypt; + return $inline('encrypt', $this, $plaintext); + } + if ($this->paddable) { + $plaintext = $this->_pad($plaintext); + } + + $buffer = &$this->enbuffer; + $block_size = $this->block_size; + $ciphertext = ''; + switch ($this->mode) { + case CRYPT_MODE_ECB: + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size)); + } + break; + case CRYPT_MODE_CBC: + $xor = $this->encryptIV; + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $block = substr($plaintext, $i, $block_size); + $block = $this->_encryptBlock($block ^ $xor); + $xor = $block; + $ciphertext.= $block; + } + if ($this->continuousBuffer) { + $this->encryptIV = $xor; + } + break; + case CRYPT_MODE_CTR: + $xor = $this->encryptIV; + if (strlen($buffer['encrypted'])) { + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $block = substr($plaintext, $i, $block_size); + if (strlen($block) > strlen($buffer['encrypted'])) { + $buffer['encrypted'].= $this->_encryptBlock($this->_generateXor($xor, $block_size)); + } + $key = $this->_stringShift($buffer['encrypted'], $block_size); + $ciphertext.= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $block = substr($plaintext, $i, $block_size); + $key = $this->_encryptBlock($this->_generateXor($xor, $block_size)); + $ciphertext.= $block ^ $key; + } + } + if ($this->continuousBuffer) { + $this->encryptIV = $xor; + if ($start = strlen($plaintext) % $block_size) { + $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted']; + } + } + break; + case CRYPT_MODE_CFB: + // cfb loosely routines inspired by openssl's: + // {@link http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1} + if ($this->continuousBuffer) { + $iv = &$this->encryptIV; + $pos = &$buffer['pos']; + } else { + $iv = $this->encryptIV; + $pos = 0; + } + $len = strlen($plaintext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len-= $max; + $pos = 0; + } else { + $i = $len; + $pos+= $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $ciphertext = substr($iv, $orig_pos) ^ $plaintext; + $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); + } + while ($len >= $block_size) { + $iv = $this->_encryptBlock($iv) ^ substr($plaintext, $i, $block_size); + $ciphertext.= $iv; + $len-= $block_size; + $i+= $block_size; + } + if ($len) { + $iv = $this->_encryptBlock($iv); + $block = $iv ^ substr($plaintext, $i); + $iv = substr_replace($iv, $block, 0, $len); + $ciphertext.= $block; + $pos = $len; + } + break; + case CRYPT_MODE_OFB: + $xor = $this->encryptIV; + if (strlen($buffer['xor'])) { + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $block = substr($plaintext, $i, $block_size); + if (strlen($block) > strlen($buffer['xor'])) { + $xor = $this->_encryptBlock($xor); + $buffer['xor'].= $xor; + } + $key = $this->_stringShift($buffer['xor'], $block_size); + $ciphertext.= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { + $xor = $this->_encryptBlock($xor); + $ciphertext.= substr($plaintext, $i, $block_size) ^ $xor; + } + $key = $xor; + } + if ($this->continuousBuffer) { + $this->encryptIV = $xor; + if ($start = strlen($plaintext) % $block_size) { + $buffer['xor'] = substr($key, $start) . $buffer['xor']; + } + } + break; + case CRYPT_MODE_STREAM: + $ciphertext = $this->_encryptBlock($plaintext); + break; + } + + return $ciphertext; + } + + /** + * Decrypts a message. + * + * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until + * it is. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see Crypt_Base::encrypt() + * @access public + * @param String $ciphertext + * @return String $plaintext + */ + function decrypt($ciphertext) + { + if ($this->engine == CRYPT_MODE_MCRYPT) { + $block_size = $this->block_size; + if ($this->changed) { + $this->_setupMcrypt(); + $this->changed = false; + } + if ($this->dechanged) { + mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); + $this->dechanged = false; + } + + if ($this->mode == CRYPT_MODE_CFB && $this->continuousBuffer) { + $iv = &$this->decryptIV; + $pos = &$this->debuffer['pos']; + $len = strlen($ciphertext); + $plaintext = ''; + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len-= $max; + $pos = 0; + } else { + $i = $len; + $pos+= $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $plaintext = substr($iv, $orig_pos) ^ $ciphertext; + $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); + } + if ($len >= $block_size) { + $cb = substr($ciphertext, $i, $len - $len % $block_size); + $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; + $iv = substr($cb, -$block_size); + $len%= $block_size; + } + if ($len) { + $iv = mcrypt_generic($this->ecb, $iv); + $plaintext.= $iv ^ substr($ciphertext, -$len); + $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); + $pos = $len; + } + + return $plaintext; + } + + if ($this->paddable) { + // we pad with chr(0) since that's what mcrypt_generic does. to quote from {@link http://www.php.net/function.mcrypt-generic}: + // "The data is padded with "\0" to make sure the length of the data is n * blocksize." + $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($block_size - strlen($ciphertext) % $block_size) % $block_size, chr(0)); + } + + $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); + + if (!$this->continuousBuffer) { + mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); + } + + return $this->paddable ? $this->_unpad($plaintext) : $plaintext; + } + + if ($this->changed) { + $this->_setup(); + $this->changed = false; + } + if ($this->use_inline_crypt) { + $inline = $this->inline_crypt; + return $inline('decrypt', $this, $ciphertext); + } + + $block_size = $this->block_size; + if ($this->paddable) { + // we pad with chr(0) since that's what mcrypt_generic does [...] + $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($block_size - strlen($ciphertext) % $block_size) % $block_size, chr(0)); + } + + $buffer = &$this->debuffer; + $plaintext = ''; + switch ($this->mode) { + case CRYPT_MODE_ECB: + for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { + $plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size)); + } + break; + case CRYPT_MODE_CBC: + $xor = $this->decryptIV; + for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { + $block = substr($ciphertext, $i, $block_size); + $plaintext.= $this->_decryptBlock($block) ^ $xor; + $xor = $block; + } + if ($this->continuousBuffer) { + $this->decryptIV = $xor; + } + break; + case CRYPT_MODE_CTR: + $xor = $this->decryptIV; + if (strlen($buffer['ciphertext'])) { + for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { + $block = substr($ciphertext, $i, $block_size); + if (strlen($block) > strlen($buffer['ciphertext'])) { + $buffer['ciphertext'].= $this->_encryptBlock($this->_generateXor($xor, $block_size)); + } + $key = $this->_stringShift($buffer['ciphertext'], $block_size); + $plaintext.= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { + $block = substr($ciphertext, $i, $block_size); + $key = $this->_encryptBlock($this->_generateXor($xor, $block_size)); + $plaintext.= $block ^ $key; + } + } + if ($this->continuousBuffer) { + $this->decryptIV = $xor; + if ($start = strlen($ciphertext) % $block_size) { + $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; + } + } + break; + case CRYPT_MODE_CFB: + if ($this->continuousBuffer) { + $iv = &$this->decryptIV; + $pos = &$buffer['pos']; + } else { + $iv = $this->decryptIV; + $pos = 0; + } + $len = strlen($ciphertext); + $i = 0; + if ($pos) { + $orig_pos = $pos; + $max = $block_size - $pos; + if ($len >= $max) { + $i = $max; + $len-= $max; + $pos = 0; + } else { + $i = $len; + $pos+= $len; + $len = 0; + } + // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize + $plaintext = substr($iv, $orig_pos) ^ $ciphertext; + $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); + } + while ($len >= $block_size) { + $iv = $this->_encryptBlock($iv); + $cb = substr($ciphertext, $i, $block_size); + $plaintext.= $iv ^ $cb; + $iv = $cb; + $len-= $block_size; + $i+= $block_size; + } + if ($len) { + $iv = $this->_encryptBlock($iv); + $plaintext.= $iv ^ substr($ciphertext, $i); + $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len); + $pos = $len; + } + break; + case CRYPT_MODE_OFB: + $xor = $this->decryptIV; + if (strlen($buffer['xor'])) { + for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { + $block = substr($ciphertext, $i, $block_size); + if (strlen($block) > strlen($buffer['xor'])) { + $xor = $this->_encryptBlock($xor); + $buffer['xor'].= $xor; + } + $key = $this->_stringShift($buffer['xor'], $block_size); + $plaintext.= $block ^ $key; + } + } else { + for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { + $xor = $this->_encryptBlock($xor); + $plaintext.= substr($ciphertext, $i, $block_size) ^ $xor; + } + $key = $xor; + } + if ($this->continuousBuffer) { + $this->decryptIV = $xor; + if ($start = strlen($ciphertext) % $block_size) { + $buffer['xor'] = substr($key, $start) . $buffer['xor']; + } + } + break; + case CRYPT_MODE_STREAM: + $plaintext = $this->_decryptBlock($ciphertext); + break; + } + return $this->paddable ? $this->_unpad($plaintext) : $plaintext; + } + + /** + * Pad "packets". + * + * Block ciphers working by encrypting between their specified [$this->]block_size at a time + * If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to + * pad the input so that it is of the proper length. + * + * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, + * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping + * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is + * transmitted separately) + * + * @see Crypt_Base::disablePadding() + * @access public + */ + function enablePadding() + { + $this->padding = true; + } + + /** + * Do not pad packets. + * + * @see Crypt_Base::enablePadding() + * @access public + */ + function disablePadding() + { + $this->padding = false; + } + + /** + * Treat consecutive "packets" as if they are a continuous buffer. + * + * Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets + * will yield different outputs: + * + * + * echo $rijndael->encrypt(substr($plaintext, 0, 16)); + * echo $rijndael->encrypt(substr($plaintext, 16, 16)); + * + * + * echo $rijndael->encrypt($plaintext); + * + * + * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates + * another, as demonstrated with the following: + * + * + * $rijndael->encrypt(substr($plaintext, 0, 16)); + * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); + * + * + * echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); + * + * + * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different + * outputs. The reason is due to the fact that the initialization vector's change after every encryption / + * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. + * + * Put another way, when the continuous buffer is enabled, the state of the Crypt_*() object changes after each + * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that + * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), + * however, they are also less intuitive and more likely to cause you problems. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see Crypt_Base::disableContinuousBuffer() + * @access public + */ + function enableContinuousBuffer() + { + if ($this->mode == CRYPT_MODE_ECB) { + return; + } + + $this->continuousBuffer = true; + } + + /** + * Treat consecutive packets as if they are a discontinuous buffer. + * + * The default behavior. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see Crypt_Base::enableContinuousBuffer() + * @access public + */ + function disableContinuousBuffer() + { + if ($this->mode == CRYPT_MODE_ECB) { + return; + } + if (!$this->continuousBuffer) { + return; + } + + $this->continuousBuffer = false; + $this->changed = true; + } + + /** + * Encrypts a block + * + * Note: Must extend by the child Crypt_* class + * + * @access private + * @param String $in + * @return String + */ + function _encryptBlock($in) + { + user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); + } + + /** + * Decrypts a block + * + * Note: Must extend by the child Crypt_* class + * + * @access private + * @param String $in + * @return String + */ + function _decryptBlock($in) + { + user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); + } + + /** + * Setup the key (expansion) + * + * Only used if $engine == CRYPT_MODE_INTERNAL + * + * Note: Must extend by the child Crypt_* class + * + * @see Crypt_Base::_setup() + * @access private + */ + function _setupKey() + { + user_error((version_compare(PHP_VERSION, '5.0.0', '>=') ? __METHOD__ : __FUNCTION__) . '() must extend by class ' . get_class($this), E_USER_ERROR); + } + + /** + * Setup the CRYPT_MODE_INTERNAL $engine + * + * (re)init, if necessary, the internal cipher $engine and flush all $buffers + * Used (only) if $engine == CRYPT_MODE_INTERNAL + * + * _setup() will be called each time if $changed === true + * typically this happens when using one or more of following public methods: + * + * - setKey() + * + * - setIV() + * + * - disableContinuousBuffer() + * + * - First run of encrypt() / decrypt() with no init-settings + * + * Internally: _setup() is called always before(!) en/decryption. + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see setKey() + * @see setIV() + * @see disableContinuousBuffer() + * @access private + */ + function _setup() + { + $this->_clearBuffers(); + $this->_setupKey(); + + if ($this->use_inline_crypt) { + $this->_setupInlineCrypt(); + } + } + + /** + * Setup the CRYPT_MODE_MCRYPT $engine + * + * (re)init, if necessary, the (ext)mcrypt resources and flush all $buffers + * Used (only) if $engine = CRYPT_MODE_MCRYPT + * + * _setupMcrypt() will be called each time if $changed === true + * typically this happens when using one or more of following public methods: + * + * - setKey() + * + * - setIV() + * + * - disableContinuousBuffer() + * + * - First run of encrypt() / decrypt() + * + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @see setKey() + * @see setIV() + * @see disableContinuousBuffer() + * @access private + */ + function _setupMcrypt() + { + $this->_clearBuffers(); + $this->enchanged = $this->dechanged = true; + + if (!isset($this->enmcrypt)) { + static $mcrypt_modes = array( + CRYPT_MODE_CTR => 'ctr', + CRYPT_MODE_ECB => MCRYPT_MODE_ECB, + CRYPT_MODE_CBC => MCRYPT_MODE_CBC, + CRYPT_MODE_CFB => 'ncfb', + CRYPT_MODE_OFB => MCRYPT_MODE_NOFB, + CRYPT_MODE_STREAM => MCRYPT_MODE_STREAM, + ); + + $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); + $this->enmcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], ''); + + // we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer() + // to workaround mcrypt's broken ncfb implementation in buffered mode + // see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps} + if ($this->mode == CRYPT_MODE_CFB) { + $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, ''); + } + + } // else should mcrypt_generic_deinit be called? + + if ($this->mode == CRYPT_MODE_CFB) { + mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size)); + } + } + + /** + * Pads a string + * + * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. + * $this->block_size - (strlen($text) % $this->block_size) bytes are added, each of which is equal to + * chr($this->block_size - (strlen($text) % $this->block_size) + * + * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless + * and padding will, hence forth, be enabled. + * + * @see Crypt_Base::_unpad() + * @param String $text + * @access private + * @return String + */ + function _pad($text) + { + $length = strlen($text); + + if (!$this->padding) { + if ($length % $this->block_size == 0) { + return $text; + } else { + user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})"); + $this->padding = true; + } + } + + $pad = $this->block_size - ($length % $this->block_size); + + return str_pad($text, $length + $pad, chr($pad)); + } + + /** + * Unpads a string. + * + * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong + * and false will be returned. + * + * @see Crypt_Base::_pad() + * @param String $text + * @access private + * @return String + */ + function _unpad($text) + { + if (!$this->padding) { + return $text; + } + + $length = ord($text[strlen($text) - 1]); + + if (!$length || $length > $this->block_size) { + return false; + } + + return substr($text, 0, -$length); + } + + /** + * Clears internal buffers + * + * Clearing/resetting the internal buffers is done everytime + * after disableContinuousBuffer() or on cipher $engine (re)init + * ie after setKey() or setIV() + * + * Note: Could, but not must, extend by the child Crypt_* class + * + * @access public + */ + function _clearBuffers() + { + $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); + $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); + + // mcrypt's handling of invalid's $iv: + // $this->encryptIV = $this->decryptIV = strlen($this->iv) == $this->block_size ? $this->iv : str_repeat("\0", $this->block_size); + $this->encryptIV = $this->decryptIV = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, "\0"); + } + + /** + * String Shift + * + * Inspired by array_shift + * + * @param String $string + * @param optional Integer $index + * @access private + * @return String + */ + function _stringShift(&$string, $index = 1) + { + $substr = substr($string, 0, $index); + $string = substr($string, $index); + return $substr; + } + + /** + * Generate CTR XOR encryption key + * + * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the + * plaintext / ciphertext in CTR mode. + * + * @see Crypt_Base::decrypt() + * @see Crypt_Base::encrypt() + * @param String $iv + * @param Integer $length + * @access private + * @return String $xor + */ + function _generateXor(&$iv, $length) + { + $xor = ''; + $block_size = $this->block_size; + $num_blocks = floor(($length + ($block_size - 1)) / $block_size); + for ($i = 0; $i < $num_blocks; $i++) { + $xor.= $iv; + for ($j = 4; $j <= $block_size; $j+= 4) { + $temp = substr($iv, -$j, 4); + switch ($temp) { + case "\xFF\xFF\xFF\xFF": + $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4); + break; + case "\x7F\xFF\xFF\xFF": + $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4); + break 2; + default: + extract(unpack('Ncount', $temp)); + $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4); + break 2; + } + } + } + + return $xor; + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * Stores the created (or existing) callback function-name + * in $this->inline_crypt + * + * Internally for phpseclib developers: + * + * _setupInlineCrypt() would be called only if: + * + * - $engine == CRYPT_MODE_INTERNAL and + * + * - $use_inline_crypt === true + * + * - each time on _setup(), after(!) _setupKey() + * + * + * This ensures that _setupInlineCrypt() has always a + * full ready2go initializated internal cipher $engine state + * where, for example, the keys allready expanded, + * keys/block_size calculated and such. + * + * It is, each time if called, the responsibility of _setupInlineCrypt(): + * + * - to set $this->inline_crypt to a valid and fully working callback function + * as a (faster) replacement for encrypt() / decrypt() + * + * - NOT to create unlimited callback functions (for memory reasons!) + * no matter how often _setupInlineCrypt() would be called. At some + * point of amount they must be generic re-useable. + * + * - the code of _setupInlineCrypt() it self, + * and the generated callback code, + * must be, in following order: + * - 100% safe + * - 100% compatible to encrypt()/decrypt() + * - using only php5+ features/lang-constructs/php-extensions if + * compatibility (down to php4) or fallback is provided + * - readable/maintainable/understandable/commented and... not-cryptic-styled-code :-) + * - >= 10% faster than encrypt()/decrypt() [which is, by the way, + * the reason for the existence of _setupInlineCrypt() :-)] + * - memory-nice + * - short (as good as possible) + * + * Note: - _setupInlineCrypt() is using _createInlineCryptFunction() to create the full callback function code. + * - In case of using inline crypting, _setupInlineCrypt() must extend by the child Crypt_* class. + * - The following variable names are reserved: + * - $_* (all variable names prefixed with an underscore) + * - $self (object reference to it self. Do not use $this, but $self instead) + * - $in (the content of $in has to en/decrypt by the generated code) + * - The callback function should not use the 'return' statement, but en/decrypt'ing the content of $in only + * + * + * @see Crypt_Base::_setup() + * @see Crypt_Base::_createInlineCryptFunction() + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + * @access private + */ + function _setupInlineCrypt() + { + // If a Crypt_* class providing inline crypting it must extend _setupInlineCrypt() + + // If, for any reason, an extending Crypt_Base() Crypt_* class + // not using inline crypting then it must be ensured that: $this->use_inline_crypt = false + // ie in the class var declaration of $use_inline_crypt in general for the Crypt_* class, + // in the constructor at object instance-time + // or, if it's runtime-specific, at runtime + + $this->use_inline_crypt = false; + } + + /** + * Creates the performance-optimized function for en/decrypt() + * + * Internally for phpseclib developers: + * + * _createInlineCryptFunction(): + * + * - merge the $cipher_code [setup'ed by _setupInlineCrypt()] + * with the current [$this->]mode of operation code + * + * - create the $inline function, which called by encrypt() / decrypt() + * as its replacement to speed up the en/decryption operations. + * + * - return the name of the created $inline callback function + * + * - used to speed up en/decryption + * + * + * + * The main reason why can speed up things [up to 50%] this way are: + * + * - using variables more effective then regular. + * (ie no use of expensive arrays but integers $k_0, $k_1 ... + * or even, for example, the pure $key[] values hardcoded) + * + * - avoiding 1000's of function calls of ie _encryptBlock() + * but inlining the crypt operations. + * in the mode of operation for() loop. + * + * - full loop unroll the (sometimes key-dependent) rounds + * avoiding this way ++$i counters and runtime-if's etc... + * + * The basic code architectur of the generated $inline en/decrypt() + * lambda function, in pseudo php, is: + * + * + * +----------------------------------------------------------------------------------------------+ + * | callback $inline = create_function: | + * | lambda_function_0001_crypt_ECB($action, $text) | + * | { | + * | INSERT PHP CODE OF: | + * | $cipher_code['init_crypt']; // general init code. | + * | // ie: $sbox'es declarations used for | + * | // encrypt and decrypt'ing. | + * | | + * | switch ($action) { | + * | case 'encrypt': | + * | INSERT PHP CODE OF: | + * | $cipher_code['init_encrypt']; // encrypt sepcific init code. | + * | ie: specified $key or $box | + * | declarations for encrypt'ing. | + * | | + * | foreach ($ciphertext) { | + * | $in = $block_size of $ciphertext; | + * | | + * | INSERT PHP CODE OF: | + * | $cipher_code['encrypt_block']; // encrypt's (string) $in, which is always: | + * | // strlen($in) == $this->block_size | + * | // here comes the cipher algorithm in action | + * | // for encryption. | + * | // $cipher_code['encrypt_block'] has to | + * | // encrypt the content of the $in variable | + * | | + * | $plaintext .= $in; | + * | } | + * | return $plaintext; | + * | | + * | case 'decrypt': | + * | INSERT PHP CODE OF: | + * | $cipher_code['init_decrypt']; // decrypt sepcific init code | + * | ie: specified $key or $box | + * | declarations for decrypt'ing. | + * | foreach ($plaintext) { | + * | $in = $block_size of $plaintext; | + * | | + * | INSERT PHP CODE OF: | + * | $cipher_code['decrypt_block']; // decrypt's (string) $in, which is always | + * | // strlen($in) == $this->block_size | + * | // here comes the cipher algorithm in action | + * | // for decryption. | + * | // $cipher_code['decrypt_block'] has to | + * | // decrypt the content of the $in variable | + * | $ciphertext .= $in; | + * | } | + * | return $ciphertext; | + * | } | + * | } | + * +----------------------------------------------------------------------------------------------+ + * + * + * See also the Crypt_*::_setupInlineCrypt()'s for + * productive inline $cipher_code's how they works. + * + * Structure of: + * + * $cipher_code = array( + * 'init_crypt' => (string) '', // optional + * 'init_encrypt' => (string) '', // optional + * 'init_decrypt' => (string) '', // optional + * 'encrypt_block' => (string) '', // required + * 'decrypt_block' => (string) '' // required + * ); + * + * + * @see Crypt_Base::_setupInlineCrypt() + * @see Crypt_Base::encrypt() + * @see Crypt_Base::decrypt() + * @param Array $cipher_code + * @access private + * @return String (the name of the created callback function) + */ + function _createInlineCryptFunction($cipher_code) + { + $block_size = $this->block_size; + + // optional + $init_crypt = isset($cipher_code['init_crypt']) ? $cipher_code['init_crypt'] : ''; + $init_encrypt = isset($cipher_code['init_encrypt']) ? $cipher_code['init_encrypt'] : ''; + $init_decrypt = isset($cipher_code['init_decrypt']) ? $cipher_code['init_decrypt'] : ''; + // required + $encrypt_block = $cipher_code['encrypt_block']; + $decrypt_block = $cipher_code['decrypt_block']; + + // Generating mode of operation inline code, + // merged with the $cipher_code algorithm + // for encrypt- and decryption. + switch ($this->mode) { + case CRYPT_MODE_ECB: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_text = $self->_pad($_text); + $_plaintext_len = strlen($_text); + + for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { + $in = substr($_text, $_i, '.$block_size.'); + '.$encrypt_block.' + $_ciphertext.= $in; + } + + return $_ciphertext; + '; + + $decrypt = $init_decrypt . ' + $_plaintext = ""; + $_text = str_pad($_text, strlen($_text) + ('.$block_size.' - strlen($_text) % '.$block_size.') % '.$block_size.', chr(0)); + $_ciphertext_len = strlen($_text); + + for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { + $in = substr($_text, $_i, '.$block_size.'); + '.$decrypt_block.' + $_plaintext.= $in; + } + + return $self->_unpad($_plaintext); + '; + break; + case CRYPT_MODE_CTR: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_plaintext_len = strlen($_text); + $_xor = $self->encryptIV; + $_buffer = &$self->enbuffer; + + if (strlen($_buffer["encrypted"])) { + for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { + $_block = substr($_text, $_i, '.$block_size.'); + if (strlen($_block) > strlen($_buffer["encrypted"])) { + $in = $self->_generateXor($_xor, '.$block_size.'); + '.$encrypt_block.' + $_buffer["encrypted"].= $in; + } + $_key = $self->_stringShift($_buffer["encrypted"], '.$block_size.'); + $_ciphertext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { + $_block = substr($_text, $_i, '.$block_size.'); + $in = $self->_generateXor($_xor, '.$block_size.'); + '.$encrypt_block.' + $_key = $in; + $_ciphertext.= $_block ^ $_key; + } + } + if ($self->continuousBuffer) { + $self->encryptIV = $_xor; + if ($_start = $_plaintext_len % '.$block_size.') { + $_buffer["encrypted"] = substr($_key, $_start) . $_buffer["encrypted"]; + } + } + + return $_ciphertext; + '; + + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_ciphertext_len = strlen($_text); + $_xor = $self->decryptIV; + $_buffer = &$self->debuffer; + + if (strlen($_buffer["ciphertext"])) { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { + $_block = substr($_text, $_i, '.$block_size.'); + if (strlen($_block) > strlen($_buffer["ciphertext"])) { + $in = $self->_generateXor($_xor, '.$block_size.'); + '.$encrypt_block.' + $_buffer["ciphertext"].= $in; + } + $_key = $self->_stringShift($_buffer["ciphertext"], '.$block_size.'); + $_plaintext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { + $_block = substr($_text, $_i, '.$block_size.'); + $in = $self->_generateXor($_xor, '.$block_size.'); + '.$encrypt_block.' + $_key = $in; + $_plaintext.= $_block ^ $_key; + } + } + if ($self->continuousBuffer) { + $self->decryptIV = $_xor; + if ($_start = $_ciphertext_len % '.$block_size.') { + $_buffer["ciphertext"] = substr($_key, $_start) . $_buffer["ciphertext"]; + } + } + + return $_plaintext; + '; + break; + case CRYPT_MODE_CFB: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_buffer = &$self->enbuffer; + + if ($self->continuousBuffer) { + $_iv = &$self->encryptIV; + $_pos = &$_buffer["pos"]; + } else { + $_iv = $self->encryptIV; + $_pos = 0; + } + $_len = strlen($_text); + $_i = 0; + if ($_pos) { + $_orig_pos = $_pos; + $_max = '.$block_size.' - $_pos; + if ($_len >= $_max) { + $_i = $_max; + $_len-= $_max; + $_pos = 0; + } else { + $_i = $_len; + $_pos+= $_len; + $_len = 0; + } + $_ciphertext = substr($_iv, $_orig_pos) ^ $_text; + $_iv = substr_replace($_iv, $_ciphertext, $_orig_pos, $_i); + } + while ($_len >= '.$block_size.') { + $in = $_iv; + '.$encrypt_block.'; + $_iv = $in ^ substr($_text, $_i, '.$block_size.'); + $_ciphertext.= $_iv; + $_len-= '.$block_size.'; + $_i+= '.$block_size.'; + } + if ($_len) { + $in = $_iv; + '.$encrypt_block.' + $_iv = $in; + $_block = $_iv ^ substr($_text, $_i); + $_iv = substr_replace($_iv, $_block, 0, $_len); + $_ciphertext.= $_block; + $_pos = $_len; + } + return $_ciphertext; + '; + + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_buffer = &$self->debuffer; + + if ($self->continuousBuffer) { + $_iv = &$self->decryptIV; + $_pos = &$_buffer["pos"]; + } else { + $_iv = $self->decryptIV; + $_pos = 0; + } + $_len = strlen($_text); + $_i = 0; + if ($_pos) { + $_orig_pos = $_pos; + $_max = '.$block_size.' - $_pos; + if ($_len >= $_max) { + $_i = $_max; + $_len-= $_max; + $_pos = 0; + } else { + $_i = $_len; + $_pos+= $_len; + $_len = 0; + } + $_plaintext = substr($_iv, $_orig_pos) ^ $_text; + $_iv = substr_replace($_iv, substr($_text, 0, $_i), $_orig_pos, $_i); + } + while ($_len >= '.$block_size.') { + $in = $_iv; + '.$encrypt_block.' + $_iv = $in; + $cb = substr($_text, $_i, '.$block_size.'); + $_plaintext.= $_iv ^ $cb; + $_iv = $cb; + $_len-= '.$block_size.'; + $_i+= '.$block_size.'; + } + if ($_len) { + $in = $_iv; + '.$encrypt_block.' + $_iv = $in; + $_plaintext.= $_iv ^ substr($_text, $_i); + $_iv = substr_replace($_iv, substr($_text, $_i), 0, $_len); + $_pos = $_len; + } + + return $_plaintext; + '; + break; + case CRYPT_MODE_OFB: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_plaintext_len = strlen($_text); + $_xor = $self->encryptIV; + $_buffer = &$self->enbuffer; + + if (strlen($_buffer["xor"])) { + for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { + $_block = substr($_text, $_i, '.$block_size.'); + if (strlen($_block) > strlen($_buffer["xor"])) { + $in = $_xor; + '.$encrypt_block.' + $_xor = $in; + $_buffer["xor"].= $_xor; + } + $_key = $self->_stringShift($_buffer["xor"], '.$block_size.'); + $_ciphertext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { + $in = $_xor; + '.$encrypt_block.' + $_xor = $in; + $_ciphertext.= substr($_text, $_i, '.$block_size.') ^ $_xor; + } + $_key = $_xor; + } + if ($self->continuousBuffer) { + $self->encryptIV = $_xor; + if ($_start = $_plaintext_len % '.$block_size.') { + $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; + } + } + return $_ciphertext; + '; + + $decrypt = $init_encrypt . ' + $_plaintext = ""; + $_ciphertext_len = strlen($_text); + $_xor = $self->decryptIV; + $_buffer = &$self->debuffer; + + if (strlen($_buffer["xor"])) { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { + $_block = substr($_text, $_i, '.$block_size.'); + if (strlen($_block) > strlen($_buffer["xor"])) { + $in = $_xor; + '.$encrypt_block.' + $_xor = $in; + $_buffer["xor"].= $_xor; + } + $_key = $self->_stringShift($_buffer["xor"], '.$block_size.'); + $_plaintext.= $_block ^ $_key; + } + } else { + for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { + $in = $_xor; + '.$encrypt_block.' + $_xor = $in; + $_plaintext.= substr($_text, $_i, '.$block_size.') ^ $_xor; + } + $_key = $_xor; + } + if ($self->continuousBuffer) { + $self->decryptIV = $_xor; + if ($_start = $_ciphertext_len % '.$block_size.') { + $_buffer["xor"] = substr($_key, $_start) . $_buffer["xor"]; + } + } + return $_plaintext; + '; + break; + case CRYPT_MODE_STREAM: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + '.$encrypt_block.' + return $_ciphertext; + '; + $decrypt = $init_decrypt . ' + $_plaintext = ""; + '.$decrypt_block.' + return $_plaintext; + '; + break; + // case CRYPT_MODE_CBC: + default: + $encrypt = $init_encrypt . ' + $_ciphertext = ""; + $_text = $self->_pad($_text); + $_plaintext_len = strlen($_text); + + $in = $self->encryptIV; + + for ($_i = 0; $_i < $_plaintext_len; $_i+= '.$block_size.') { + $in = substr($_text, $_i, '.$block_size.') ^ $in; + '.$encrypt_block.' + $_ciphertext.= $in; + } + + if ($self->continuousBuffer) { + $self->encryptIV = $in; + } + + return $_ciphertext; + '; + + $decrypt = $init_decrypt . ' + $_plaintext = ""; + $_text = str_pad($_text, strlen($_text) + ('.$block_size.' - strlen($_text) % '.$block_size.') % '.$block_size.', chr(0)); + $_ciphertext_len = strlen($_text); + + $_iv = $self->decryptIV; + + for ($_i = 0; $_i < $_ciphertext_len; $_i+= '.$block_size.') { + $in = $_block = substr($_text, $_i, '.$block_size.'); + '.$decrypt_block.' + $_plaintext.= $in ^ $_iv; + $_iv = $_block; + } + + if ($self->continuousBuffer) { + $self->decryptIV = $_iv; + } + + return $self->_unpad($_plaintext); + '; + break; + } + + // Create the $inline function and return its name as string. Ready to run! + return create_function('$_action, &$self, $_text', $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }'); + } + + /** + * Holds the lambda_functions table (classwide) + * + * Each name of the lambda function, created from + * _setupInlineCrypt() && _createInlineCryptFunction() + * is stored, classwide (!), here for reusing. + * + * The string-based index of $function is a classwide + * uniqe value representing, at least, the $mode of + * operation (or more... depends of the optimizing level) + * for which $mode the lambda function was created. + * + * @access private + * @return &Array + */ + function &_getLambdaFunctions() + { + static $functions = array(); + return $functions; + } +} diff --git a/Crypt/Blowfish.php b/Crypt/Blowfish.php index 46711ef..7d4987c 100755 --- a/Crypt/Blowfish.php +++ b/Crypt/Blowfish.php @@ -1,5 +1,4 @@ * - * @author Hans-Juergen Petrich - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @version 1.0 - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_Blowfish + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ +/** + * Include Crypt_Base + * + * Base cipher class + */ +if (!class_exists('Crypt_Base')) { + include_once 'Base.php'; +} + /**#@+ * @access public * @see Crypt_Blowfish::encrypt() @@ -67,208 +74,102 @@ * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 */ -define('CRYPT_BLOWFISH_MODE_CTR', -1); +define('CRYPT_BLOWFISH_MODE_CTR', CRYPT_MODE_CTR); /** * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 */ -define('CRYPT_BLOWFISH_MODE_ECB', 1); +define('CRYPT_BLOWFISH_MODE_ECB', CRYPT_MODE_ECB); /** * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 */ -define('CRYPT_BLOWFISH_MODE_CBC', 2); +define('CRYPT_BLOWFISH_MODE_CBC', CRYPT_MODE_CBC); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 */ -define('CRYPT_BLOWFISH_MODE_CFB', 3); +define('CRYPT_BLOWFISH_MODE_CFB', CRYPT_MODE_CFB); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 */ -define('CRYPT_BLOWFISH_MODE_OFB', 4); +define('CRYPT_BLOWFISH_MODE_OFB', CRYPT_MODE_OFB); /**#@-*/ /**#@+ * @access private - * @see Crypt_Blowfish::Crypt_Blowfish() + * @see Crypt_Base::Crypt_Base() */ /** * Toggles the internal implementation */ -define('CRYPT_BLOWFISH_MODE_INTERNAL', 1); +define('CRYPT_BLOWFISH_MODE_INTERNAL', CRYPT_MODE_INTERNAL); /** * Toggles the mcrypt implementation */ -define('CRYPT_BLOWFISH_MODE_MCRYPT', 2); +define('CRYPT_BLOWFISH_MODE_MCRYPT', CRYPT_MODE_MCRYPT); /**#@-*/ /** * Pure-PHP implementation of Blowfish. * + * @package Crypt_Blowfish * @author Jim Wigginton * @author Hans-Juergen Petrich - * @version 1.0 * @access public - * @package Crypt_Blowfish */ -class Crypt_Blowfish { +class Crypt_Blowfish extends Crypt_Base +{ /** - * The Key as String + * Block Length of the cipher * - * @see Crypt_Blowfish::setKey() - * @var Array - * @access private - */ - var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - - /** - * The Encryption Mode - * - * @see Crypt_Blowfish::Crypt_Blowfish() + * @see Crypt_Base::block_size * @var Integer * @access private */ - var $mode; + var $block_size = 8; /** - * Continuous Buffer status + * The default password key_size used by setPassword() * - * @see Crypt_Blowfish::enableContinuousBuffer() - * @var Boolean + * @see Crypt_Base::password_key_size + * @see Crypt_Base::setPassword() + * @var Integer * @access private */ - var $continuousBuffer = false; + var $password_key_size = 56; /** - * Padding status + * The namespace used by the cipher for its constants. * - * @see Crypt_Blowfish::enablePadding() - * @var Boolean - * @access private - */ - var $padding = true; - - /** - * The Initialization Vector - * - * @see Crypt_Blowfish::setIV() + * @see Crypt_Base::const_namespace * @var String * @access private */ - var $iv = "\0\0\0\0\0\0\0\0"; + var $const_namespace = 'BLOWFISH'; /** - * A "sliding" Initialization Vector + * The mcrypt specific name of the cipher * - * @see Crypt_Blowfish::enableContinuousBuffer() + * @see Crypt_Base::cipher_name_mcrypt * @var String * @access private */ - var $encryptIV = "\0\0\0\0\0\0\0\0"; + var $cipher_name_mcrypt = 'blowfish'; /** - * A "sliding" Initialization Vector + * Optimizing value while CFB-encrypting * - * @see Crypt_Blowfish::enableContinuousBuffer() - * @var String + * @see Crypt_Base::cfb_init_len + * @var Integer * @access private */ - var $decryptIV = "\0\0\0\0\0\0\0\0"; - - /** - * mcrypt resource for encryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_Blowfish::encrypt() - * @var String - * @access private - */ - var $enmcrypt; - - /** - * mcrypt resource for decryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_Blowfish::decrypt() - * @var String - * @access private - */ - var $demcrypt; - - /** - * Does the enmcrypt resource need to be (re)initialized? - * - * @see Crypt_Blowfish::setKey() - * @see Crypt_Blowfish::setIV() - * @var Boolean - * @access private - */ - var $enchanged = true; - - /** - * Does the demcrypt resource need to be (re)initialized? - * - * @see Crypt_Blowfish::setKey() - * @see Crypt_Blowfish::setIV() - * @var Boolean - * @access private - */ - var $dechanged = true; - - /** - * Is the mode one that is paddable? - * - * @see Crypt_Blowfish::Crypt_Blowfish() - * @var Boolean - * @access private - */ - var $paddable = false; - - /** - * Encryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_Blowfish::encrypt() - * @var Array - * @access private - */ - var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - - /** - * Decryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_Blowfish::decrypt() - * @var Array - * @access private - */ - var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - /** - * mcrypt resource for CFB mode - * - * @see Crypt_Blowfish::encrypt() - * @see Crypt_Blowfish::decrypt() - * @var String - * @access private - */ - var $ecb; - - /** - * Performance-optimized callback function for en/decrypt() - * - * @var Callback - * @access private - */ - var $inline_crypt; + var $cfb_init_len = 500; /** * The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each @@ -456,74 +357,15 @@ class Crypt_Blowfish { * @var array $bctx * @access private */ - var $bctx = array(); + var $bctx; /** - * Default Constructor. + * Holds the last used key * - * Determines whether or not the mcrypt extension should be used. - * If not explictly set, CRYPT_BLOWFISH_MODE_CBC will be used. - * - * @param optional Integer $mode - * @access public + * @var Array + * @access private */ - function Crypt_Blowfish($mode = CRYPT_BLOWFISH_MODE_CBC) - { - if ( !defined('CRYPT_BLOWFISH_MODE') ) { - switch (true) { - case extension_loaded('mcrypt') && in_array('blowfish', mcrypt_list_algorithms()): - define('CRYPT_BLOWFISH_MODE', CRYPT_BLOWFISH_MODE_MCRYPT); - break; - default: - define('CRYPT_BLOWFISH_MODE', CRYPT_BLOWFISH_MODE_INTERNAL); - } - } - - switch ( CRYPT_BLOWFISH_MODE ) { - case CRYPT_BLOWFISH_MODE_MCRYPT: - switch ($mode) { - case CRYPT_BLOWFISH_MODE_ECB: - $this->paddable = true; - $this->mode = MCRYPT_MODE_ECB; - break; - case CRYPT_BLOWFISH_MODE_CTR: - $this->mode = 'ctr'; - break; - case CRYPT_BLOWFISH_MODE_CFB: - $this->mode = 'ncfb'; - $this->ecb = mcrypt_module_open(MCRYPT_BLOWFISH, '', MCRYPT_MODE_ECB, ''); - break; - case CRYPT_BLOWFISH_MODE_OFB: - $this->mode = MCRYPT_MODE_NOFB; - break; - case CRYPT_BLOWFISH_MODE_CBC: - default: - $this->paddable = true; - $this->mode = MCRYPT_MODE_CBC; - } - $this->enmcrypt = mcrypt_module_open(MCRYPT_BLOWFISH, '', $this->mode, ''); - $this->demcrypt = mcrypt_module_open(MCRYPT_BLOWFISH, '', $this->mode, ''); - - break; - default: - switch ($mode) { - case CRYPT_BLOWFISH_MODE_ECB: - case CRYPT_BLOWFISH_MODE_CBC: - $this->paddable = true; - $this->mode = $mode; - break; - case CRYPT_BLOWFISH_MODE_CTR: - case CRYPT_BLOWFISH_MODE_CFB: - case CRYPT_BLOWFISH_MODE_OFB: - $this->mode = $mode; - break; - default: - $this->paddable = true; - $this->mode = CRYPT_BLOWFISH_MODE_CBC; - } - $this->inline_crypt_setup(); - } - } + var $kl; /** * Sets the key. @@ -537,6 +379,7 @@ class Crypt_Blowfish { * If the key is not explicitly set, or empty, it'll be assumed a 128 bits key to be all null bytes. * * @access public + * @see Crypt_Base::setKey() * @param String $key */ function setKey($key) @@ -545,19 +388,26 @@ class Crypt_Blowfish { if (!$keylength) { $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - } - elseif ($keylength > 56) { + } elseif ($keylength > 56) { $key = substr($key, 0, 56); } - $this->key = $key; + parent::setKey($key); + } - $this->enchanged = true; - $this->dechanged = true; - - if (CRYPT_BLOWFISH_MODE == CRYPT_BLOWFISH_MODE_MCRYPT) { + /** + * Setup the key (expansion) + * + * @see Crypt_Base::_setupKey() + * @access private + */ + function _setupKey() + { + if (isset($this->kl['key']) && $this->key === $this->kl['key']) { + // already expanded return; } + $this->kl = array('key' => $this->key); /* key-expanding p[] and S-Box building sb[] */ $this->bctx = array( @@ -571,7 +421,7 @@ class Crypt_Blowfish { ); // unpack binary string in unsigned chars - $key = array_values(unpack('C*', $key)); + $key = array_values(unpack('C*', $this->key)); $keyl = count($key); for ($j = 0, $i = 0; $i < 18; ++$i) { // xor P1 with the first 32-bits of the key, xor P2 with the second 32-bits ... @@ -586,530 +436,185 @@ class Crypt_Blowfish { // encrypt the zero-string, replace P1 and P2 with the encrypted data, // encrypt P3 and P4 with the new P1 and P2, do it with all P-array and subkeys - $datal = 0; - $datar = 0; + $data = "\0\0\0\0\0\0\0\0"; for ($i = 0; $i < 18; $i += 2) { - $this->_encryptBlock($datal, $datar); - $this->bctx['p'][$i ] = $datal; - $this->bctx['p'][$i + 1] = $datar; + list($l, $r) = array_values(unpack('N*', $data = $this->_encryptBlock($data))); + $this->bctx['p'][$i ] = $l; + $this->bctx['p'][$i + 1] = $r; } for ($i = 0; $i < 4; ++$i) { for ($j = 0; $j < 256; $j += 2) { - $this->_encryptBlock($datal, $datar); - $this->bctx['sb'][$i][$j ] = $datal; - $this->bctx['sb'][$i][$j + 1] = $datar; + list($l, $r) = array_values(unpack('N*', $data = $this->_encryptBlock($data))); + $this->bctx['sb'][$i][$j ] = $l; + $this->bctx['sb'][$i][$j + 1] = $r; } } } /** - * Encrypt the block. + * Encrypts a block * * @access private - * @param int $Xl left uInt32 part of the block - * @param int $Xr right uInt32 part of the block - * @return void + * @param String $in + * @return String */ - function _encryptBlock(&$Xl, &$Xr) + function _encryptBlock($in) { - $p = $this->bctx['p']; - $sb_0 = $this->bctx['sb'][0]; - $sb_1 = $this->bctx['sb'][1]; - $sb_2 = $this->bctx['sb'][2]; - $sb_3 = $this->bctx['sb'][3]; - $l = $Xl; - $r = $Xr; + $p = $this->bctx["p"]; + // extract($this->bctx["sb"], EXTR_PREFIX_ALL, "sb"); // slower + $sb_0 = $this->bctx["sb"][0]; + $sb_1 = $this->bctx["sb"][1]; + $sb_2 = $this->bctx["sb"][2]; + $sb_3 = $this->bctx["sb"][3]; - $i = -1; - while ($i < 15) { - $l^= $p[++$i]; + $in = unpack("N*", $in); + $l = $in[1]; + $r = $in[2]; + + for ($i = 0; $i < 16; $i+= 2) { + $l^= $p[$i]; + $r^= ($sb_0[$l >> 24 & 0xff] + + $sb_1[$l >> 16 & 0xff] ^ + $sb_2[$l >> 8 & 0xff]) + + $sb_3[$l & 0xff]; + + $r^= $p[$i + 1]; + $l^= ($sb_0[$r >> 24 & 0xff] + + $sb_1[$r >> 16 & 0xff] ^ + $sb_2[$r >> 8 & 0xff]) + + $sb_3[$r & 0xff]; + } + return pack("N*", $r ^ $p[17], $l ^ $p[16]); + } + + /** + * Decrypts a block + * + * @access private + * @param String $in + * @return String + */ + function _decryptBlock($in) + { + $p = $this->bctx["p"]; + $sb_0 = $this->bctx["sb"][0]; + $sb_1 = $this->bctx["sb"][1]; + $sb_2 = $this->bctx["sb"][2]; + $sb_3 = $this->bctx["sb"][3]; + + $in = unpack("N*", $in); + $l = $in[1]; + $r = $in[2]; + + for ($i = 17; $i > 2; $i-= 2) { + $l^= $p[$i]; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; - $r^= $p[++$i]; + $r^= $p[$i - 1]; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; - - } - $Xr = $l ^ $p[16]; - $Xl = $r ^ $p[17]; - } - - /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: - * $hash, $salt, $count - * - * @param String $password - * @param optional String $method - * @access public - */ - function setPassword($password, $method = 'pbkdf2') - { - $key = ''; - - switch ($method) { - default: // 'pbkdf2' - list(, , $hash, $salt, $count) = func_get_args(); - if (!isset($hash)) { - $hash = 'sha1'; - } - // WPA and WPA2 use the SSID as the salt - if (!isset($salt)) { - $salt = 'phpseclib/salt'; - } - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - if (!isset($count)) { - $count = 1000; - } - - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - - $i = 1; - while (strlen($key) < 56) { - //$dk.= $this->_pbkdf($password, $salt, $count, $i++); - $hmac = new Crypt_Hash(); - $hmac->setHash($hash); - $hmac->setKey($password); - $f = $u = $hmac->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; $j++) { - $u = $hmac->hash($u); - $f^= $u; - } - $key.= $f; - } } - $this->setKey($key); + return pack("N*", $r ^ $p[0], $l ^ $p[1]); } /** - * Sets the initialization vector. (optional) + * Setup the performance-optimized function for de/encrypt() * - * SetIV is not required when CRYPT_BLOWFISH_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all null bytes. - * - * @access public - * @param String $iv - */ - function setIV($iv) - { - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0)); - $this->enchanged = true; - $this->dechanged = true; - } - - /** - * Encrypts a message. - * - * $plaintext will be padded with up to 8 additional bytes. Other Blowfish implementations may or may not pad in the - * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following - * URL: - * - * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} - * - * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. - * strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that - * length. - * - * @see Crypt_Blowfish::decrypt() - * @access public - * @param String $plaintext - */ - function encrypt($plaintext) - { - if ( CRYPT_BLOWFISH_MODE == CRYPT_BLOWFISH_MODE_MCRYPT ) { - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } - - if ($this->enchanged) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0"); - } - $this->enchanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); - } else { - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - $len = strlen($plaintext); - $ciphertext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $this->enbuffer['enmcrypt_init'] = true; - } - if ($len >= 8) { - if ($this->enbuffer['enmcrypt_init'] === false || $len > 600) { - if ($this->enbuffer['enmcrypt_init'] === true) { - mcrypt_generic_init($this->enmcrypt, $this->key, $iv); - $this->enbuffer['enmcrypt_init'] = false; - } - $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 8)); - $iv = substr($ciphertext, -8); - $len%= 8; - } else { - while ($len >= 8) { - $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 8); - $ciphertext.= $iv; - $len-= 8; - $i+= 8; - } - } - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $block = $iv ^ substr($plaintext, -$len); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); - } - - return $ciphertext; - } - - if (empty($this->bctx)) { - $this->setKey($this->key); - } - - $inline = $this->inline_crypt; - return $inline('encrypt', $this, $plaintext); - } - - /** - * Decrypts a message. - * - * If strlen($ciphertext) is not a multiple of 8, null bytes will be added to the end of the string until it is. - * - * @see Crypt_Blowfish::encrypt() - * @access public - * @param String $ciphertext - */ - function decrypt($ciphertext) - { - if ( CRYPT_BLOWFISH_MODE == CRYPT_BLOWFISH_MODE_MCRYPT ) { - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic : - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, strlen($ciphertext) + (8 - strlen($ciphertext) % 8) % 8, chr(0)); - } - - if ($this->dechanged) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0"); - } - $this->dechanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); - } else { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - $len = strlen($ciphertext); - $plaintext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - if ($len >= 8) { - $cb = substr($ciphertext, $i, $len - $len % 8); - $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; - $iv = substr($cb, -8); - $len%= 8; - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $plaintext.= $iv ^ substr($ciphertext, -$len); - $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); - $pos = $len; - } - return $plaintext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - if (empty($this->bctx)) { - $this->setKey($this->key); - } - - $inline = $this->inline_crypt; - return $inline('decrypt', $this, $ciphertext); - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * @see Crypt_Blowfish::disableContinuousBuffer() - * @access public - */ - function enableContinuousBuffer() - { - $this->continuousBuffer = true; - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see Crypt_Blowfish::enableContinuousBuffer() - * @access public - */ - function disableContinuousBuffer() - { - $this->continuousBuffer = false; - $this->encryptIV = $this->iv; - $this->decryptIV = $this->iv; - $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - if (CRYPT_BLOWFISH_MODE == CRYPT_BLOWFISH_MODE_MCRYPT) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); - mcrypt_generic_init($this->demcrypt, $this->key, $this->iv); - } - } - - /** - * Pad "packets". - * - * Blowfish works by encrypting 8 bytes at a time. If you ever need to encrypt or decrypt something that's not - * a multiple of 8, it becomes necessary to pad the input so that it's length is a multiple of eight. - * - * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1, - * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping - * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is - * transmitted separately) - * - * @see Crypt_Blowfish::disablePadding() - * @access public - */ - function enablePadding() - { - $this->padding = true; - } - - /** - * Do not pad packets. - * - * @see Crypt_Blowfish::enablePadding() - * @access public - */ - function disablePadding() - { - $this->padding = false; - } - - /** - * Pads a string - * - * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8). - * - * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless - * and padding will, hence forth, be enabled. - * - * @see Crypt_Blowfish::_unpad() + * @see Crypt_Base::_setupInlineCrypt() * @access private */ - function _pad($text) + function _setupInlineCrypt() { - $length = strlen($text); + $lambda_functions =& Crypt_Blowfish::_getLambdaFunctions(); - if (!$this->padding) { - if ($length % 8 == 0) { - return $text; - } else { - user_error("The plaintext's length ($length) is not a multiple of the block size (8)"); - $this->padding = true; - } + // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. + // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one. + $gen_hi_opt_code = (bool)( count($lambda_functions) < 10); + + switch (true) { + case $gen_hi_opt_code: + $code_hash = md5(str_pad("Crypt_Blowfish, {$this->mode}, ", 32, "\0") . $this->key); + break; + default: + $code_hash = "Crypt_Blowfish, {$this->mode}"; } - $pad = 8 - ($length % 8); - - return str_pad($text, $length + $pad, chr($pad)); - } - - /** - * Unpads a string - * - * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong - * and false will be returned. - * - * @see Crypt_Blowfish::_pad() - * @access private - */ - function _unpad($text) - { - if (!$this->padding) { - return $text; - } - - $length = ord($text[strlen($text) - 1]); - - if (!$length || $length > 8) { - return false; - } - - return substr($text, 0, -$length); - } - - /** - * String Shift - * - * Inspired by array_shift - * - * @param String $string - * @return String - * @access private - */ - function _string_shift(&$string) - { - $substr = substr($string, 0, 8); - $string = substr($string, 8); - return $substr; - } - - /** - * Generate CTR XOR encryption key - * - * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the - * plaintext / ciphertext in CTR mode. - * - * @see Crypt_Blowfish::decrypt() - * @see Crypt_Blowfish::encrypt() - * @access public - * @param String $iv - */ - function _generate_xor(&$iv) - { - $xor = $iv; - for ($j = 4; $j <= 8; $j+=4) { - $temp = substr($iv, -$j, 4); - switch ($temp) { - case "\xFF\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4); - break; - case "\x7F\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4); - break 2; - default: - extract(unpack('Ncount', $temp)); - $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4); - break 2; - } - } - - return $xor; - } - - /** - * Creates performance-optimized function for de/encrypt(), storing it in $this->inline_crypt - * - * @access private - */ - function inline_crypt_setup() - {/*{{{*/ - $lambda_functions =& Crypt_Blowfish::get_lambda_functions(); - $block_size = 8; - $mode = $this->mode; - $code_hash = "$mode"; - if (!isset($lambda_functions[$code_hash])) { - $init_cryptBlock = ' - extract($self->bctx["p"], EXTR_PREFIX_ALL, "p"); - extract($self->bctx["sb"], EXTR_PREFIX_ALL, "sb"); - '; + switch (true) { + case $gen_hi_opt_code: + $p = $this->bctx['p']; + $init_crypt = ' + static $sb_0, $sb_1, $sb_2, $sb_3; + if (!$sb_0) { + $sb_0 = $self->bctx["sb"][0]; + $sb_1 = $self->bctx["sb"][1]; + $sb_2 = $self->bctx["sb"][2]; + $sb_3 = $self->bctx["sb"][3]; + } + '; + break; + default: + $p = array(); + for ($i = 0; $i < 18; ++$i) { + $p[] = '$p_' . $i; + } + $init_crypt = ' + list($sb_0, $sb_1, $sb_2, $sb_3) = $self->bctx["sb"]; + list(' . implode(',', $p) . ') = $self->bctx["p"]; + + '; + } // Generating encrypt code: - $_encryptBlock = ' + $encrypt_block = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 0; $i < 16; $i+= 2) { - $_encryptBlock.= ' - $l^= $p_'.($i).'; + $encrypt_block.= ' + $l^= ' . $p[$i] . '; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; - $r^= $p_'.($i + 1).'; + $r^= ' . $p[$i + 1] . '; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]; '; } - $_encryptBlock.= ' - $in = pack("N*", $r ^ $p_17, $l ^ $p_16); + $encrypt_block.= ' + $in = pack("N*", + $r ^ ' . $p[17] . ', + $l ^ ' . $p[16] . ' + ); '; // Generating decrypt code: - $_decryptBlock = ' + $decrypt_block = ' $in = unpack("N*", $in); $l = $in[1]; $r = $in[2]; '; for ($i = 17; $i > 2; $i-= 2) { - $_decryptBlock.= ' - $l^= $p_'.($i).'; + $decrypt_block.= ' + $l^= ' . $p[$i] . '; $r^= ($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff] ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]; - $r^= $p_'.($i - 1).'; + $r^= ' . $p[$i - 1] . '; $l^= ($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff] ^ $sb_2[$r >> 8 & 0xff]) + @@ -1117,352 +622,23 @@ class Crypt_Blowfish { '; } - $_decryptBlock.= ' - $in = pack("N*", $r ^ $p_0, $l ^ $p_1); + $decrypt_block.= ' + $in = pack("N*", + $r ^ ' . $p[0] . ', + $l ^ ' . $p[1] . ' + ); '; - // Generating mode of operation code: - switch ($mode) { - case CRYPT_BLOWFISH_MODE_ECB: - $encrypt = ' - $ciphertext = ""; - $text = $self->_pad($text); - $plaintext_len = strlen($text); - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_encryptBlock.' - $ciphertext.= $in; - } - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $text = str_pad($text, strlen($text) + ('.$block_size.' - strlen($text) % '.$block_size.') % '.$block_size.', chr(0)); - $ciphertext_len = strlen($text); - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_decryptBlock.' - $plaintext.= $in; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_BLOWFISH_MODE_CBC: - $encrypt = ' - $ciphertext = ""; - $text = $self->_pad($text); - $plaintext_len = strlen($text); - - $in = $self->encryptIV; - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.') ^ $in; - '.$_encryptBlock.' - $ciphertext.= $in; - } - - if ($self->continuousBuffer) { - $self->encryptIV = $in; - } - - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $text = str_pad($text, strlen($text) + ('.$block_size.' - strlen($text) % '.$block_size.') % '.$block_size.', chr(0)); - $ciphertext_len = strlen($text); - - $iv = $self->decryptIV; - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $block = substr($text, $i, '.$block_size.'); - '.$_decryptBlock.' - $plaintext.= $in ^ $iv; - $iv = $block; - } - - if ($self->continuousBuffer) { - $self->decryptIV = $iv; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_BLOWFISH_MODE_CTR: - $encrypt = ' - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["encrypted"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["encrypted"])) { - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $buffer["encrypted"].= $in; - } - $key = $self->_string_shift($buffer["encrypted"]); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $key = $in; - $ciphertext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"]; - } - } - - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["ciphertext"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["ciphertext"])) { - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $buffer["ciphertext"].= $in; - } - $key = $self->_string_shift($buffer["ciphertext"]); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $key = $in; - $plaintext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"]; - } - } - return $plaintext; - '; - break; - case CRYPT_BLOWFISH_MODE_CFB: - $encrypt = ' - $ciphertext = ""; - $buffer = &$self->enbuffer; - - if ($self->continuousBuffer) { - $iv = &$self->encryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->encryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_encryptBlock.'; - $iv = $in ^ substr($text, $i, '.$block_size.'); - $ciphertext.= $iv; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $block = $iv ^ substr($text, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $buffer = &$self->debuffer; - - if ($self->continuousBuffer) { - $iv = &$self->decryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->decryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $cb = substr($text, $i, '.$block_size.'); - $plaintext.= $iv ^ $cb; - $iv = $cb; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $plaintext.= $iv ^ substr($text, $i); - $iv = substr_replace($iv, substr($text, $i), 0, $len); - $pos = $len; - } - - return $plaintext; - '; - break; - case CRYPT_BLOWFISH_MODE_OFB: - $encrypt = ' - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"]); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $ciphertext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"]); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $plaintext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $plaintext; - '; - break; - } - $fnc_head = '$action, &$self, $text'; - $fnc_body = $init_cryptBlock . 'if ($action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }'; - - if (function_exists('create_function') && is_callable('create_function')) { - $lambda_functions[$code_hash] = create_function($fnc_head, $fnc_body); - } else { - eval('function ' . ($lambda_functions[$code_hash] = 'f' . md5(microtime())) . '(' . $fnc_head . ') { ' . $fnc_body . ' }'); - } + $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( + array( + 'init_crypt' => $init_crypt, + 'init_encrypt' => '', + 'init_decrypt' => '', + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ) + ); } $this->inline_crypt = $lambda_functions[$code_hash]; - }/*}}}*/ - - /** - * Holds the lambda_functions table (classwide) - * - * @see inline_crypt_setup() - * @return Array - * @access private - */ - function &get_lambda_functions() - { - static $functions = array(); - return $functions; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/Crypt/DES.php b/Crypt/DES.php index 27a0d52..f8e6a83 100755 --- a/Crypt/DES.php +++ b/Crypt/DES.php @@ -1,5 +1,4 @@ * - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_DES + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ +/** + * Include Crypt_Base + * + * Base cipher class + */ +if (!class_exists('Crypt_Base')) { + include_once 'Base.php'; +} + /**#@+ * @access private - * @see Crypt_DES::_prepareKey() + * @see Crypt_DES::_setupKey() * @see Crypt_DES::_processBlock() */ /** - * Contains array_reverse($keys[CRYPT_DES_DECRYPT]) + * Contains $keys[CRYPT_DES_ENCRYPT] */ define('CRYPT_DES_ENCRYPT', 0); /** - * Contains array_reverse($keys[CRYPT_DES_ENCRYPT]) + * Contains $keys[CRYPT_DES_DECRYPT] */ define('CRYPT_DES_DECRYPT', 1); -/** - * Contains $keys[CRYPT_DES_ENCRYPT] as 1-dim array - */ -define('CRYPT_DES_ENCRYPT_1DIM', 2); -/** - * Contains $keys[CRYPT_DES_DECRYPT] as 1-dim array - */ -define('CRYPT_DES_DECRYPT_1DIM', 3); /**#@-*/ /**#@+ @@ -94,215 +94,141 @@ define('CRYPT_DES_DECRYPT_1DIM', 3); * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 */ -define('CRYPT_DES_MODE_CTR', -1); +define('CRYPT_DES_MODE_CTR', CRYPT_MODE_CTR); /** * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 */ -define('CRYPT_DES_MODE_ECB', 1); +define('CRYPT_DES_MODE_ECB', CRYPT_MODE_ECB); /** * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 */ -define('CRYPT_DES_MODE_CBC', 2); +define('CRYPT_DES_MODE_CBC', CRYPT_MODE_CBC); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 */ -define('CRYPT_DES_MODE_CFB', 3); +define('CRYPT_DES_MODE_CFB', CRYPT_MODE_CFB); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 */ -define('CRYPT_DES_MODE_OFB', 4); +define('CRYPT_DES_MODE_OFB', CRYPT_MODE_OFB); /**#@-*/ /**#@+ * @access private - * @see Crypt_DES::Crypt_DES() + * @see Crypt_Base::Crypt_Base() */ /** * Toggles the internal implementation */ -define('CRYPT_DES_MODE_INTERNAL', 1); +define('CRYPT_DES_MODE_INTERNAL', CRYPT_MODE_INTERNAL); /** * Toggles the mcrypt implementation */ -define('CRYPT_DES_MODE_MCRYPT', 2); +define('CRYPT_DES_MODE_MCRYPT', CRYPT_MODE_MCRYPT); /**#@-*/ /** * Pure-PHP implementation of DES. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Crypt_DES + * @author Jim Wigginton + * @access public */ -class Crypt_DES { +class Crypt_DES extends Crypt_Base +{ /** - * The Key Schedule + * Block Length of the cipher * - * @see Crypt_DES::setKey() - * @var Array - * @access private - */ - var $keys = "\0\0\0\0\0\0\0\0"; - - /** - * The Encryption Mode - * - * @see Crypt_DES::Crypt_DES() + * @see Crypt_Base::block_size * @var Integer * @access private */ - var $mode; + var $block_size = 8; /** - * Continuous Buffer status + * The Key * - * @see Crypt_DES::enableContinuousBuffer() - * @var Boolean - * @access private - */ - var $continuousBuffer = false; - - /** - * Padding status - * - * @see Crypt_DES::enablePadding() - * @var Boolean - * @access private - */ - var $padding = true; - - /** - * The Initialization Vector - * - * @see Crypt_DES::setIV() + * @see Crypt_Base::key + * @see setKey() * @var String * @access private */ - var $iv = "\0\0\0\0\0\0\0\0"; + var $key = "\0\0\0\0\0\0\0\0"; /** - * A "sliding" Initialization Vector + * The default password key_size used by setPassword() * - * @see Crypt_DES::enableContinuousBuffer() + * @see Crypt_Base::password_key_size + * @see Crypt_Base::setPassword() + * @var Integer + * @access private + */ + var $password_key_size = 8; + + /** + * The namespace used by the cipher for its constants. + * + * @see Crypt_Base::const_namespace * @var String * @access private */ - var $encryptIV = "\0\0\0\0\0\0\0\0"; + var $const_namespace = 'DES'; /** - * A "sliding" Initialization Vector + * The mcrypt specific name of the cipher * - * @see Crypt_DES::enableContinuousBuffer() + * @see Crypt_Base::cipher_name_mcrypt * @var String * @access private */ - var $decryptIV = "\0\0\0\0\0\0\0\0"; + var $cipher_name_mcrypt = 'des'; /** - * mcrypt resource for encryption + * Optimizing value while CFB-encrypting * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_DES::encrypt() - * @var String + * @see Crypt_Base::cfb_init_len + * @var Integer * @access private */ - var $enmcrypt; + var $cfb_init_len = 500; /** - * mcrypt resource for decryption + * Switch for DES/3DES encryption * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. + * Used only if $engine == CRYPT_DES_MODE_INTERNAL * - * @see Crypt_DES::decrypt() - * @var String + * @see Crypt_DES::_setupKey() + * @see Crypt_DES::_processBlock() + * @var Integer * @access private */ - var $demcrypt; + var $des_rounds = 1; /** - * Does the enmcrypt resource need to be (re)initialized? + * max possible size of $key * * @see Crypt_DES::setKey() - * @see Crypt_DES::setIV() - * @var Boolean + * @var String * @access private */ - var $enchanged = true; + var $key_size_max = 8; /** - * Does the demcrypt resource need to be (re)initialized? + * The Key Schedule * - * @see Crypt_DES::setKey() - * @see Crypt_DES::setIV() - * @var Boolean - * @access private - */ - var $dechanged = true; - - /** - * Is the mode one that is paddable? - * - * @see Crypt_DES::Crypt_DES() - * @var Boolean - * @access private - */ - var $paddable = false; - - /** - * Encryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_DES::encrypt() + * @see Crypt_DES::_setupKey() * @var Array * @access private */ - var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - - /** - * Decryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_DES::decrypt() - * @var Array - * @access private - */ - var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - /** - * mcrypt resource for CFB mode - * - * @see Crypt_DES::encrypt() - * @see Crypt_DES::decrypt() - * @var String - * @access private - */ - var $ecb; - - /** - * Performance-optimized callback function for en/decrypt() - * - * @var Callback - * @access private - */ - var $inline_crypt; - - /** - * Holds whether performance-optimized $inline_crypt should be used or not. - * - * @var Boolean - * @access private - */ - var $use_inline_crypt = false; + var $keys; /** * Shuffle table. @@ -312,7 +238,7 @@ class Crypt_DES { * corresponding bit in the index value. * * @see Crypt_DES::_processBlock() - * @see Crypt_DES::_prepareKey() + * @see Crypt_DES::_setupKey() * @var Array * @access private */ @@ -735,78 +661,6 @@ class Crypt_DES { 0x00000820, 0x00020020, 0x08000000, 0x08020800 ); - /** - * Default Constructor. - * - * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be - * CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used. - * - * @param optional Integer $mode - * @return Crypt_DES - * @access public - */ - function Crypt_DES($mode = CRYPT_DES_MODE_CBC) - { - if ( !defined('CRYPT_DES_MODE') ) { - switch (true) { - case extension_loaded('mcrypt') && in_array('des', mcrypt_list_algorithms()): - define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT); - break; - default: - define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL); - } - } - - switch ( CRYPT_DES_MODE ) { - case CRYPT_DES_MODE_MCRYPT: - switch ($mode) { - case CRYPT_DES_MODE_ECB: - $this->paddable = true; - $this->mode = MCRYPT_MODE_ECB; - break; - case CRYPT_DES_MODE_CTR: - $this->mode = 'ctr'; - //$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_DES_MODE_CTR; - break; - case CRYPT_DES_MODE_CFB: - $this->mode = 'ncfb'; - $this->ecb = mcrypt_module_open(MCRYPT_DES, '', MCRYPT_MODE_ECB, ''); - break; - case CRYPT_DES_MODE_OFB: - $this->mode = MCRYPT_MODE_NOFB; - break; - case CRYPT_DES_MODE_CBC: - default: - $this->paddable = true; - $this->mode = MCRYPT_MODE_CBC; - } - $this->enmcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, ''); - $this->demcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, ''); - - break; - default: - switch ($mode) { - case CRYPT_DES_MODE_ECB: - case CRYPT_DES_MODE_CBC: - $this->paddable = true; - $this->mode = $mode; - break; - case CRYPT_DES_MODE_CTR: - case CRYPT_DES_MODE_CFB: - case CRYPT_DES_MODE_OFB: - $this->mode = $mode; - break; - default: - $this->paddable = true; - $this->mode = CRYPT_DES_MODE_CBC; - } - if (function_exists('create_function') && is_callable('create_function')) { - $this->inline_crypt_setup(); - $this->use_inline_crypt = true; - } - } - } - /** * Sets the key. * @@ -818,673 +672,50 @@ class Crypt_DES { * * If the key is not explicitly set, it'll be assumed to be all zero's. * + * @see Crypt_Base::setKey() * @access public * @param String $key */ function setKey($key) { - $this->keys = ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) ? str_pad(substr($key, 0, 8), 8, chr(0)) : $this->_prepareKey($key); - $this->enchanged = true; - $this->dechanged = true; - } - - /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: - * $hash, $salt, $count - * - * @param String $password - * @param optional String $method - * @access public - */ - function setPassword($password, $method = 'pbkdf2') - { - $key = ''; - - switch ($method) { - default: // 'pbkdf2' - list(, , $hash, $salt, $count) = func_get_args(); - if (!isset($hash)) { - $hash = 'sha1'; - } - // WPA and WPA2 use the SSID as the salt - if (!isset($salt)) { - $salt = 'phpseclib/salt'; - } - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - if (!isset($count)) { - $count = 1000; - } - - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - - $i = 1; - while (strlen($key) < 8) { // $dkLen == 8 - //$dk.= $this->_pbkdf($password, $salt, $count, $i++); - $hmac = new Crypt_Hash(); - $hmac->setHash($hash); - $hmac->setKey($password); - $f = $u = $hmac->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; $j++) { - $u = $hmac->hash($u); - $f^= $u; - } - $key.= $f; - } + // We check/cut here only up to max length of the key. + // Key padding to the proper length will be done in _setupKey() + if (strlen($key) > $this->key_size_max) { + $key = substr($key, 0, $this->key_size_max); } - $this->setKey($key); + // Sets the key + parent::setKey($key); } /** - * Sets the initialization vector. (optional) + * Encrypts a block * - * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all zero's. - * - * @access public - * @param String $iv - */ - function setIV($iv) - { - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0)); - $this->enchanged = true; - $this->dechanged = true; - } - - /** - * Generate CTR XOR encryption key - * - * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the - * plaintext / ciphertext in CTR mode. - * - * @see Crypt_DES::decrypt() + * @see Crypt_Base::_encryptBlock() + * @see Crypt_Base::encrypt() * @see Crypt_DES::encrypt() - * @access public - * @param String $iv + * @access private + * @param String $in + * @return String */ - function _generate_xor(&$iv) + function _encryptBlock($in) { - $xor = $iv; - for ($j = 4; $j <= 8; $j+=4) { - $temp = substr($iv, -$j, 4); - switch ($temp) { - case "\xFF\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4); - break; - case "\x7F\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4); - break 2; - default: - extract(unpack('Ncount', $temp)); - $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4); - break 2; - } - } - - return $xor; + return $this->_processBlock($in, CRYPT_DES_ENCRYPT); } /** - * Encrypts a message. - * - * $plaintext will be padded with up to 8 additional bytes. Other DES implementations may or may not pad in the - * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following - * URL: - * - * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} - * - * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. - * strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that - * length. + * Decrypts a block * + * @see Crypt_Base::_decryptBlock() + * @see Crypt_Base::decrypt() * @see Crypt_DES::decrypt() - * @access public - * @param String $plaintext - */ - function encrypt($plaintext) - { - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } - - if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) { - if ($this->enchanged) { - mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->keys, "\0\0\0\0\0\0\0\0"); - } - $this->enchanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); - } else { - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - $len = strlen($plaintext); - $ciphertext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $this->enbuffer['enmcrypt_init'] = true; - } - if ($len >= 8) { - if ($this->enbuffer['enmcrypt_init'] === false || $len > 600) { - if ($this->enbuffer['enmcrypt_init'] === true) { - mcrypt_generic_init($this->enmcrypt, $this->keys, $iv); - $this->enbuffer['enmcrypt_init'] = false; - } - $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 8)); - $iv = substr($ciphertext, -8); - $len%= 8; - } else { - while ($len >= 8) { - $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 8); - $ciphertext.= $iv; - $len-= 8; - $i+= 8; - } - } - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $block = $iv ^ substr($plaintext, -$len); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV); - } - - return $ciphertext; - } - - if (!is_array($this->keys)) { - $this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0"); - } - - if ($this->use_inline_crypt) { - $inline = $this->inline_crypt; - return $inline('encrypt', $this, $plaintext); - } - - $buffer = &$this->enbuffer; - $continuousBuffer = $this->continuousBuffer; - $ciphertext = ''; - switch ($this->mode) { - case CRYPT_DES_MODE_ECB: - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $ciphertext.= $this->_processBlock(substr($plaintext, $i, 8), CRYPT_DES_ENCRYPT); - } - break; - case CRYPT_DES_MODE_CBC: - $xor = $this->encryptIV; - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - $block = $this->_processBlock($block ^ $xor, CRYPT_DES_ENCRYPT); - $xor = $block; - $ciphertext.= $block; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - } - break; - case CRYPT_DES_MODE_CTR: - $xor = $this->encryptIV; - if (strlen($buffer['encrypted'])) { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - if (strlen($block) > strlen($buffer['encrypted'])) { - $buffer['encrypted'].= $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT); - } - $key = $this->_string_shift($buffer['encrypted']); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - $key = $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT); - $ciphertext.= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) & 7) { - $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted']; - } - } - break; - case CRYPT_DES_MODE_CFB: - if ($this->continuousBuffer) { - $iv = &$this->encryptIV; - $pos = &$buffer['pos']; - } else { - $iv = $this->encryptIV; - $pos = 0; - } - $len = strlen($plaintext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= 8) { - $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT) ^ substr($plaintext, $i, 8); - $ciphertext.= $iv; - $len-= 8; - $i+= 8; - } - if ($len) { - $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT); - $block = $iv ^ substr($plaintext, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - case CRYPT_DES_MODE_OFB: - $xor = $this->encryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT); - $buffer['xor'].= $xor; - } - $key = $this->_string_shift($buffer['xor']); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT); - $ciphertext.= substr($plaintext, $i, 8) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) & 7) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - } - - return $ciphertext; - } - - /** - * Decrypts a message. - * - * If strlen($ciphertext) is not a multiple of 8, null bytes will be added to the end of the string until it is. - * - * @see Crypt_DES::encrypt() - * @access public - * @param String $ciphertext - */ - function decrypt($ciphertext) - { - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic : - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0)); - } - - if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) { - if ($this->dechanged) { - mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->keys, "\0\0\0\0\0\0\0\0"); - } - $this->dechanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); - } else { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - $len = strlen($ciphertext); - $plaintext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - if ($len >= 8) { - $cb = substr($ciphertext, $i, $len - $len % 8); - $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; - $iv = substr($cb, -8); - $len%= 8; - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $plaintext.= $iv ^ substr($ciphertext, -$len); - $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); - $pos = $len; - } - return $plaintext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV); - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - if (!is_array($this->keys)) { - $this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0"); - } - - if ($this->use_inline_crypt) { - $inline = $this->inline_crypt; - return $inline('decrypt', $this, $ciphertext); - } - - $buffer = &$this->debuffer; - $continuousBuffer = $this->continuousBuffer; - $plaintext = ''; - switch ($this->mode) { - case CRYPT_DES_MODE_ECB: - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $plaintext.= $this->_processBlock(substr($ciphertext, $i, 8), CRYPT_DES_DECRYPT); - } - break; - case CRYPT_DES_MODE_CBC: - $xor = $this->decryptIV; - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - $plaintext.= $this->_processBlock($block, CRYPT_DES_DECRYPT) ^ $xor; - $xor = $block; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - } - break; - case CRYPT_DES_MODE_CTR: - $xor = $this->decryptIV; - if (strlen($buffer['ciphertext'])) { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - if (strlen($block) > strlen($buffer['ciphertext'])) { - $buffer['ciphertext'].= $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT); - } - $key = $this->_string_shift($buffer['ciphertext']); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - $key = $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT); - $plaintext.= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) % 8) { - $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; - } - } - break; - case CRYPT_DES_MODE_CFB: - if ($this->continuousBuffer) { - $iv = &$this->decryptIV; - $pos = &$buffer['pos']; - } else { - $iv = $this->decryptIV; - $pos = 0; - } - $len = strlen($ciphertext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - while ($len >= 8) { - $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT); - $cb = substr($ciphertext, $i, 8); - $plaintext.= $iv ^ $cb; - $iv = $cb; - $len-= 8; - $i+= 8; - } - if ($len) { - $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT); - $plaintext.= $iv ^ substr($ciphertext, $i); - $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len); - $pos = $len; - } - return $plaintext; - case CRYPT_DES_MODE_OFB: - $xor = $this->decryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT); - $buffer['xor'].= $xor; - } - $key = $this->_string_shift($buffer['xor']); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT); - $plaintext.= substr($ciphertext, $i, 8) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) % 8) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets - * will yield different outputs: - * - * - * echo $des->encrypt(substr($plaintext, 0, 8)); - * echo $des->encrypt(substr($plaintext, 8, 8)); - * - * - * echo $des->encrypt($plaintext); - * - * - * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates - * another, as demonstrated with the following: - * - * - * $des->encrypt(substr($plaintext, 0, 8)); - * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); - * - * - * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); - * - * - * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different - * outputs. The reason is due to the fact that the initialization vector's change after every encryption / - * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. - * - * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each - * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that - * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), - * however, they are also less intuitive and more likely to cause you problems. - * - * @see Crypt_DES::disableContinuousBuffer() - * @access public - */ - function enableContinuousBuffer() - { - $this->continuousBuffer = true; - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see Crypt_DES::enableContinuousBuffer() - * @access public - */ - function disableContinuousBuffer() - { - $this->continuousBuffer = false; - $this->encryptIV = $this->iv; - $this->decryptIV = $this->iv; - $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - if (CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT) { - mcrypt_generic_init($this->enmcrypt, $this->keys, $this->iv); - mcrypt_generic_init($this->demcrypt, $this->keys, $this->iv); - } - } - - /** - * Pad "packets". - * - * DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not - * a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight. - * - * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1, - * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping - * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is - * transmitted separately) - * - * @see Crypt_DES::disablePadding() - * @access public - */ - function enablePadding() - { - $this->padding = true; - } - - /** - * Do not pad packets. - * - * @see Crypt_DES::enablePadding() - * @access public - */ - function disablePadding() - { - $this->padding = false; - } - - /** - * Pads a string - * - * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8). - * 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7) - * - * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless - * and padding will, hence forth, be enabled. - * - * @see Crypt_DES::_unpad() * @access private + * @param String $in + * @return String */ - function _pad($text) + function _decryptBlock($in) { - $length = strlen($text); - - if (!$this->padding) { - if (($length & 7) == 0) { - return $text; - } else { - user_error("The plaintext's length ($length) is not a multiple of the block size (8)"); - $this->padding = true; - } - } - - $pad = 8 - ($length & 7); - return str_pad($text, $length + $pad, chr($pad)); - } - - /** - * Unpads a string - * - * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong - * and false will be returned. - * - * @see Crypt_DES::_pad() - * @access private - */ - function _unpad($text) - { - if (!$this->padding) { - return $text; - } - - $length = ord($text[strlen($text) - 1]); - - if (!$length || $length > 8) { - return false; - } - - return substr($text, 0, -$length); + return $this->_processBlock($in, CRYPT_DES_DECRYPT); } /** @@ -1494,6 +725,8 @@ class Crypt_DES { * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general * idea of what this function does. * + * @see Crypt_DES::_encryptBlock() + * @see Crypt_DES::_decryptBlock() * @access private * @param String $block * @param Integer $mode @@ -1501,74 +734,93 @@ class Crypt_DES { */ function _processBlock($block, $mode) { - $shuffle = $this->shuffle; - $invipmap = $this->invipmap; - $ipmap = $this->ipmap; - $sbox1 = $this->sbox1; - $sbox2 = $this->sbox2; - $sbox3 = $this->sbox3; - $sbox4 = $this->sbox4; - $sbox5 = $this->sbox5; - $sbox6 = $this->sbox6; - $sbox7 = $this->sbox7; - $sbox8 = $this->sbox8; + static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; + if (!$sbox1) { + $sbox1 = array_map("intval", $this->sbox1); + $sbox2 = array_map("intval", $this->sbox2); + $sbox3 = array_map("intval", $this->sbox3); + $sbox4 = array_map("intval", $this->sbox4); + $sbox5 = array_map("intval", $this->sbox5); + $sbox6 = array_map("intval", $this->sbox6); + $sbox7 = array_map("intval", $this->sbox7); + $sbox8 = array_map("intval", $this->sbox8); + /* Merge $shuffle with $[inv]ipmap */ + for ($i = 0; $i < 256; ++$i) { + $shuffleip[] = $this->shuffle[$this->ipmap[$i]]; + $shuffleinvip[] = $this->shuffle[$this->invipmap[$i]]; + } + } + $keys = $this->keys[$mode]; + $ki = -1; // Do the initial IP permutation. $t = unpack('Nl/Nr', $block); list($l, $r) = array($t['l'], $t['r']); - $block = ($shuffle[$ipmap[$r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffle[$ipmap[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffle[$ipmap[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffle[$ipmap[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffle[$ipmap[$l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffle[$ipmap[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffle[$ipmap[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffle[$ipmap[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x01"); + $block = ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); // Extract L0 and R0. $t = unpack('Nl/Nr', $block); list($l, $r) = array($t['l'], $t['r']); - // Perform the 16 steps. - for ($i = 0; $i < 16; $i++) { - // start of "the Feistel (F) function" - see the following URL: - // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png - // Merge key schedule. - $b1 = (($r >> 3) & 0x1FFFFFFF) ^ ($r << 29) ^ $keys[$i][0]; - $b2 = (($r >> 31) & 0x00000001) ^ ($r << 1) ^ $keys[$i][1]; + for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { + // Perform the 16 steps. + for ($i = 0; $i < 16; $i++) { + // start of "the Feistel (F) function" - see the following URL: + // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png + // Merge key schedule. + $b1 = (($r >> 3) & 0x1FFFFFFF) ^ ($r << 29) ^ $keys[++$ki]; + $b2 = (($r >> 31) & 0x00000001) ^ ($r << 1) ^ $keys[++$ki]; - // S-box indexing. - $t = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ - $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ - $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ - $sbox7[$b1 & 0x3F] ^ $sbox8[$b2 & 0x3F] ^ $l; - // end of "the Feistel (F) function" + // S-box indexing. + $t = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ + $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ + $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ + $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ $l; + // end of "the Feistel (F) function" + $l = $r; + $r = $t; + } + + // Last step should not permute L & R. + $t = $l; $l = $r; $r = $t; } // Perform the inverse IP permutation. - return ($shuffle[$invipmap[($l >> 24) & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffle[$invipmap[($r >> 24) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffle[$invipmap[($l >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffle[$invipmap[($r >> 16) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffle[$invipmap[($l >> 8) & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffle[$invipmap[($r >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffle[$invipmap[$l & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffle[$invipmap[$r & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x01"); + return ($shuffleinvip[($r >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleinvip[($l >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleinvip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleinvip[($l >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleinvip[($r >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleinvip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleinvip[ $r & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleinvip[ $l & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); } /** - * Creates the key schedule. + * Creates the key schedule * + * @see Crypt_Base::_setupKey() * @access private - * @param String $key - * @return Array */ - function _prepareKey($key) + function _setupKey() { + if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->des_rounds === $this->kl['des_rounds']) { + // already expanded + return; + } + $this->kl = array('key' => $this->key, 'des_rounds' => $this->des_rounds); + static $shifts = array( // number of key bits shifted per round 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1 ); @@ -2018,519 +1270,237 @@ class Crypt_DES { 0x10081108, 0x10081508, 0x11081108, 0x11081508 ); - // pad the key and remove extra characters as appropriate. - $key = str_pad(substr($key, 0, 8), 8, chr(0)); - - // Perform the PC/1 transformation and compute C and D. - $t = unpack('Nl/Nr', $key); - list($l, $r) = array($t['l'], $t['r']); - $key = ($this->shuffle[$pc1map[$r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x00") | - ($this->shuffle[$pc1map[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x00") | - ($this->shuffle[$pc1map[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x00") | - ($this->shuffle[$pc1map[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x00") | - ($this->shuffle[$pc1map[$l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x00") | - ($this->shuffle[$pc1map[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x00") | - ($this->shuffle[$pc1map[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x00") | - ($this->shuffle[$pc1map[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x00"); - $key = unpack('Nc/Nd', $key); - $c = ($key['c'] >> 4) & 0x0FFFFFFF; - $d = (($key['d'] >> 4) & 0x0FFFFFF0) | ($key['c'] & 0x0F); - $keys = array(); - for ($i = 0; $i < 16; $i++) { - $c <<= $shifts[$i]; - $c = ($c | ($c >> 28)) & 0x0FFFFFFF; - $d <<= $shifts[$i]; - $d = ($d | ($d >> 28)) & 0x0FFFFFFF; + for ($des_round = 0; $des_round < $this->des_rounds; ++$des_round) { + // pad the key and remove extra characters as appropriate. + $key = str_pad(substr($this->key, $des_round * 8, 8), 8, "\0"); - // Perform the PC-2 transformation. - $cp = $pc2mapc1[$c >> 24] | $pc2mapc2[($c >> 16) & 0xFF] | - $pc2mapc3[($c >> 8) & 0xFF] | $pc2mapc4[$c & 0xFF]; - $dp = $pc2mapd1[$d >> 24] | $pc2mapd2[($d >> 16) & 0xFF] | - $pc2mapd3[($d >> 8) & 0xFF] | $pc2mapd4[$d & 0xFF]; + // Perform the PC/1 transformation and compute C and D. + $t = unpack('Nl/Nr', $key); + list($l, $r) = array($t['l'], $t['r']); + $key = ($this->shuffle[$pc1map[ $r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x00") | + ($this->shuffle[$pc1map[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x00") | + ($this->shuffle[$pc1map[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x00") | + ($this->shuffle[$pc1map[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x00") | + ($this->shuffle[$pc1map[ $l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x00") | + ($this->shuffle[$pc1map[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x00") | + ($this->shuffle[$pc1map[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x00") | + ($this->shuffle[$pc1map[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x00"); + $key = unpack('Nc/Nd', $key); + $c = ( $key['c'] >> 4) & 0x0FFFFFFF; + $d = (($key['d'] >> 4) & 0x0FFFFFF0) | ($key['c'] & 0x0F); - // Reorder: odd bytes/even bytes. Push the result in key schedule. - $keys[] = array( - ($cp & 0xFF000000) | (($cp << 8) & 0x00FF0000) | - (($dp >> 16) & 0x0000FF00) | (($dp >> 8) & 0x000000FF), - (($cp << 8) & 0xFF000000) | (($cp << 16) & 0x00FF0000) | - (($dp >> 8) & 0x0000FF00) | ($dp & 0x000000FF) + $keys[$des_round] = array( + CRYPT_DES_ENCRYPT => array(), + CRYPT_DES_DECRYPT => array_fill(0, 32, 0) + ); + for ($i = 0, $ki = 31; $i < 16; ++$i, $ki-= 2) { + $c <<= $shifts[$i]; + $c = ($c | ($c >> 28)) & 0x0FFFFFFF; + $d <<= $shifts[$i]; + $d = ($d | ($d >> 28)) & 0x0FFFFFFF; + + // Perform the PC-2 transformation. + $cp = $pc2mapc1[ $c >> 24 ] | $pc2mapc2[($c >> 16) & 0xFF] | + $pc2mapc3[($c >> 8) & 0xFF] | $pc2mapc4[ $c & 0xFF]; + $dp = $pc2mapd1[ $d >> 24 ] | $pc2mapd2[($d >> 16) & 0xFF] | + $pc2mapd3[($d >> 8) & 0xFF] | $pc2mapd4[ $d & 0xFF]; + + // Reorder: odd bytes/even bytes. Push the result in key schedule. + $val1 = ( $cp & 0xFF000000) | (($cp << 8) & 0x00FF0000) | + (($dp >> 16) & 0x0000FF00) | (($dp >> 8) & 0x000000FF); + $val2 = (($cp << 8) & 0xFF000000) | (($cp << 16) & 0x00FF0000) | + (($dp >> 8) & 0x0000FF00) | ( $dp & 0x000000FF); + $keys[$des_round][CRYPT_DES_ENCRYPT][ ] = $val1; + $keys[$des_round][CRYPT_DES_DECRYPT][$ki - 1] = $val1; + $keys[$des_round][CRYPT_DES_ENCRYPT][ ] = $val2; + $keys[$des_round][CRYPT_DES_DECRYPT][$ki ] = $val2; + } + } + + switch ($this->des_rounds) { + case 3: // 3DES keys + $this->keys = array( + CRYPT_DES_ENCRYPT => array_merge( + $keys[0][CRYPT_DES_ENCRYPT], + $keys[1][CRYPT_DES_DECRYPT], + $keys[2][CRYPT_DES_ENCRYPT] + ), + CRYPT_DES_DECRYPT => array_merge( + $keys[2][CRYPT_DES_DECRYPT], + $keys[1][CRYPT_DES_ENCRYPT], + $keys[0][CRYPT_DES_DECRYPT] + ) + ); + break; + // case 1: // DES keys + default: + $this->keys = array( + CRYPT_DES_ENCRYPT => $keys[0][CRYPT_DES_ENCRYPT], + CRYPT_DES_DECRYPT => $keys[0][CRYPT_DES_DECRYPT] + ); + } + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see Crypt_Base::_setupInlineCrypt() + * @access private + */ + function _setupInlineCrypt() + { + $lambda_functions =& Crypt_DES::_getLambdaFunctions(); + + // Engine configuration for: + // - DES ($des_rounds == 1) or + // - 3DES ($des_rounds == 3) + $des_rounds = $this->des_rounds; + + // We create max. 10 hi-optimized code for memory reason. Means: For each $key one ultra fast inline-crypt function. + // After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one + $gen_hi_opt_code = (bool)( count($lambda_functions) < 10 ); + + // Generation of a uniqe hash for our generated code + switch (true) { + case $gen_hi_opt_code: + // For hi-optimized code, we create for each combination of + // $mode, $des_rounds and $this->key its own encrypt/decrypt function. + $code_hash = md5(str_pad("Crypt_DES, $des_rounds, {$this->mode}, ", 32, "\0") . $this->key); + break; + default: + // After max 10 hi-optimized functions, we create generic + // (still very fast.. but not ultra) functions for each $mode/$des_rounds + // Currently 2 * 5 generic functions will be then max. possible. + $code_hash = "Crypt_DES, $des_rounds, {$this->mode}"; + } + + // Is there a re-usable $lambda_functions in there? If not, we have to create it. + if (!isset($lambda_functions[$code_hash])) { + // Init code for both, encrypt and decrypt. + $init_crypt = 'static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; + if (!$sbox1) { + $sbox1 = array_map("intval", $self->sbox1); + $sbox2 = array_map("intval", $self->sbox2); + $sbox3 = array_map("intval", $self->sbox3); + $sbox4 = array_map("intval", $self->sbox4); + $sbox5 = array_map("intval", $self->sbox5); + $sbox6 = array_map("intval", $self->sbox6); + $sbox7 = array_map("intval", $self->sbox7); + $sbox8 = array_map("intval", $self->sbox8);' + /* Merge $shuffle with $[inv]ipmap */ . ' + for ($i = 0; $i < 256; ++$i) { + $shuffleip[] = $self->shuffle[$self->ipmap[$i]]; + $shuffleinvip[] = $self->shuffle[$self->invipmap[$i]]; + } + } + '; + + switch (true) { + case $gen_hi_opt_code: + // In Hi-optimized code mode, we use our [3]DES key schedule as hardcoded integers. + // No futher initialisation of the $keys schedule is necessary. + // That is the extra performance boost. + $k = array( + CRYPT_DES_ENCRYPT => $this->keys[CRYPT_DES_ENCRYPT], + CRYPT_DES_DECRYPT => $this->keys[CRYPT_DES_DECRYPT] + ); + $init_encrypt = ''; + $init_decrypt = ''; + break; + default: + // In generic optimized code mode, we have to use, as the best compromise [currently], + // our key schedule as $ke/$kd arrays. (with hardcoded indexes...) + $k = array( + CRYPT_DES_ENCRYPT => array(), + CRYPT_DES_DECRYPT => array() + ); + for ($i = 0, $c = count($this->keys[CRYPT_DES_ENCRYPT]); $i < $c; ++$i) { + $k[CRYPT_DES_ENCRYPT][$i] = '$ke[' . $i . ']'; + $k[CRYPT_DES_DECRYPT][$i] = '$kd[' . $i . ']'; + } + $init_encrypt = '$ke = $self->keys[CRYPT_DES_ENCRYPT];'; + $init_decrypt = '$kd = $self->keys[CRYPT_DES_DECRYPT];'; + break; + } + + // Creating code for en- and decryption. + $crypt_block = array(); + foreach (array(CRYPT_DES_ENCRYPT, CRYPT_DES_DECRYPT) as $c) { + + /* Do the initial IP permutation. */ + $crypt_block[$c] = ' + $in = unpack("N*", $in); + $l = $in[1]; + $r = $in[2]; + $in = unpack("N*", + ($shuffleip[ $r & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleip[($r >> 8) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleip[($r >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleip[($r >> 24) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleip[ $l & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleip[($l >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleip[($l >> 16) & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleip[($l >> 24) & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01") + ); + ' . /* Extract L0 and R0 */ ' + $l = $in[1]; + $r = $in[2]; + '; + + $l = '$l'; + $r = '$r'; + + // Perform DES or 3DES. + for ($ki = -1, $des_round = 0; $des_round < $des_rounds; ++$des_round) { + // Perform the 16 steps. + for ($i = 0; $i < 16; ++$i) { + // start of "the Feistel (F) function" - see the following URL: + // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png + // Merge key schedule. + $crypt_block[$c].= ' + $b1 = ((' . $r . ' >> 3) & 0x1FFFFFFF) ^ (' . $r . ' << 29) ^ ' . $k[$c][++$ki] . '; + $b2 = ((' . $r . ' >> 31) & 0x00000001) ^ (' . $r . ' << 1) ^ ' . $k[$c][++$ki] . ';' . + /* S-box indexing. */ + $l . ' = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ + $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ + $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ + $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ ' . $l . '; + '; + // end of "the Feistel (F) function" + + // swap L & R + list($l, $r) = array($r, $l); + } + list($l, $r) = array($r, $l); + } + + // Perform the inverse IP permutation. + $crypt_block[$c].= '$in = + ($shuffleinvip[($l >> 24) & 0xFF] & "\x80\x80\x80\x80\x80\x80\x80\x80") | + ($shuffleinvip[($r >> 24) & 0xFF] & "\x40\x40\x40\x40\x40\x40\x40\x40") | + ($shuffleinvip[($l >> 16) & 0xFF] & "\x20\x20\x20\x20\x20\x20\x20\x20") | + ($shuffleinvip[($r >> 16) & 0xFF] & "\x10\x10\x10\x10\x10\x10\x10\x10") | + ($shuffleinvip[($l >> 8) & 0xFF] & "\x08\x08\x08\x08\x08\x08\x08\x08") | + ($shuffleinvip[($r >> 8) & 0xFF] & "\x04\x04\x04\x04\x04\x04\x04\x04") | + ($shuffleinvip[ $l & 0xFF] & "\x02\x02\x02\x02\x02\x02\x02\x02") | + ($shuffleinvip[ $r & 0xFF] & "\x01\x01\x01\x01\x01\x01\x01\x01"); + '; + } + + // Creates the inline-crypt function + $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( + array( + 'init_crypt' => $init_crypt, + 'init_encrypt' => $init_encrypt, + 'init_decrypt' => $init_decrypt, + 'encrypt_block' => $crypt_block[CRYPT_DES_ENCRYPT], + 'decrypt_block' => $crypt_block[CRYPT_DES_DECRYPT] + ) ); } - $keys = array( - CRYPT_DES_ENCRYPT => $keys, - CRYPT_DES_DECRYPT => array_reverse($keys), - CRYPT_DES_ENCRYPT_1DIM => array(), - CRYPT_DES_DECRYPT_1DIM => array() - ); - - // Generate 1-dim arrays for inline en/decrypting - for ($i = 0; $i < 16; ++$i) { - $keys[CRYPT_DES_ENCRYPT_1DIM][] = $keys[CRYPT_DES_ENCRYPT][$i][0]; - $keys[CRYPT_DES_ENCRYPT_1DIM][] = $keys[CRYPT_DES_ENCRYPT][$i][1]; - $keys[CRYPT_DES_DECRYPT_1DIM][] = $keys[CRYPT_DES_DECRYPT][$i][0]; - $keys[CRYPT_DES_DECRYPT_1DIM][] = $keys[CRYPT_DES_DECRYPT][$i][1]; - } - - return $keys; - } - - /** - * String Shift - * - * Inspired by array_shift - * - * @param String $string - * @return String - * @access private - */ - function _string_shift(&$string) - { - $substr = substr($string, 0, 8); - $string = substr($string, 8); - return $substr; - } - - /** - * Creates performance-optimized function for de/encrypt(), storing it in $this->inline_crypt - * - * @param optional Integer $des_rounds (1 = DES[default], 3 = TribleDES) - * @access private - */ - function inline_crypt_setup($des_rounds = 1) - { - $lambda_functions =& Crypt_DES::get_lambda_functions(); - $block_size = 8; - $mode = $this->mode; - - $code_hash = "$mode,$des_rounds"; - - if (!isset($lambda_functions[$code_hash])) { - // Generating encrypt code: - $ki = -1; - $init_cryptBlock = ' - $shuffle = $self->shuffle; - $invipmap = $self->invipmap; - $ipmap = $self->ipmap; - $sbox1 = $self->sbox1; - $sbox2 = $self->sbox2; - $sbox3 = $self->sbox3; - $sbox4 = $self->sbox4; - $sbox5 = $self->sbox5; - $sbox6 = $self->sbox6; - $sbox7 = $self->sbox7; - $sbox8 = $self->sbox8; - '; - - $_cryptBlock = '$in = unpack("N*", $in);'."\n"; - // Do the initial IP permutation. - $_cryptBlock .= ' - $l = $in[1]; - $r = $in[2]; - $in = unpack("N*", - ($shuffle[$ipmap[ $r & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffle[$ipmap[($r >> 8) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffle[$ipmap[($r >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffle[$ipmap[($r >> 24) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffle[$ipmap[ $l & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffle[$ipmap[($l >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffle[$ipmap[($l >> 16) & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffle[$ipmap[($l >> 24) & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x01") - ); - - '.'' /* Extract L0 and R0 */ .' - $l = $in[1]; - $r = $in[2]; - '; - - $l = 'l'; - $r = 'r'; - for ($des_round = 0; $des_round < $des_rounds; ++$des_round) { - // Perform the 16 steps. - // start of "the Feistel (F) function" - see the following URL: - // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png - // Merge key schedule. - for ($i = 0; $i < 8; ++$i) { - $_cryptBlock .= ' - $b1 = (($' . $r . ' >> 3) & 0x1FFFFFFF) ^ ($' . $r . ' << 29) ^ $k_'.(++$ki).'; - $b2 = (($' . $r . ' >> 31) & 0x00000001) ^ ($' . $r . ' << 1) ^ $k_'.(++$ki).'; - $' . $l . ' = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ - $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ - $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ - $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ $' . $l . '; - - $b1 = (($' . $l . ' >> 3) & 0x1FFFFFFF) ^ ($' . $l . ' << 29) ^ $k_'.(++$ki).'; - $b2 = (($' . $l . ' >> 31) & 0x00000001) ^ ($' . $l . ' << 1) ^ $k_'.(++$ki).'; - $' . $r . ' = $sbox1[($b1 >> 24) & 0x3F] ^ $sbox2[($b2 >> 24) & 0x3F] ^ - $sbox3[($b1 >> 16) & 0x3F] ^ $sbox4[($b2 >> 16) & 0x3F] ^ - $sbox5[($b1 >> 8) & 0x3F] ^ $sbox6[($b2 >> 8) & 0x3F] ^ - $sbox7[ $b1 & 0x3F] ^ $sbox8[ $b2 & 0x3F] ^ $' . $r . '; - '; - } - - // Last step should not permute L & R. - $t = $l; - $l = $r; - $r = $t; - } - - // Perform the inverse IP permutation. - $_cryptBlock .= '$in = ( - ($shuffle[$invipmap[($' . $r . ' >> 24) & 0xFF]] & "\x80\x80\x80\x80\x80\x80\x80\x80") | - ($shuffle[$invipmap[($' . $l . ' >> 24) & 0xFF]] & "\x40\x40\x40\x40\x40\x40\x40\x40") | - ($shuffle[$invipmap[($' . $r . ' >> 16) & 0xFF]] & "\x20\x20\x20\x20\x20\x20\x20\x20") | - ($shuffle[$invipmap[($' . $l . ' >> 16) & 0xFF]] & "\x10\x10\x10\x10\x10\x10\x10\x10") | - ($shuffle[$invipmap[($' . $r . ' >> 8) & 0xFF]] & "\x08\x08\x08\x08\x08\x08\x08\x08") | - ($shuffle[$invipmap[($' . $l . ' >> 8) & 0xFF]] & "\x04\x04\x04\x04\x04\x04\x04\x04") | - ($shuffle[$invipmap[ $' . $r . ' & 0xFF]] & "\x02\x02\x02\x02\x02\x02\x02\x02") | - ($shuffle[$invipmap[ $' . $l . ' & 0xFF]] & "\x01\x01\x01\x01\x01\x01\x01\x01") - ); - '; - - // Generating mode of operation code: - switch ($mode) { - case CRYPT_DES_MODE_ECB: - $encrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $ciphertext = ""; - $plaintext_len = strlen($text); - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_cryptBlock.' - $ciphertext.= $in; - } - - return $ciphertext; - '; - - $decrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_DECRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $plaintext = ""; - $ciphertext_len = strlen($text); - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_cryptBlock.' - $plaintext.= $in; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_DES_MODE_CBC: - $encrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $ciphertext = ""; - $plaintext_len = strlen($text); - - $in = $self->encryptIV; - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.') ^ $in; - '.$_cryptBlock.' - $ciphertext.= $in; - } - - if ($self->continuousBuffer) { - $self->encryptIV = $in; - } - - return $ciphertext; - '; - - $decrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_DECRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $plaintext = ""; - $ciphertext_len = strlen($text); - - $iv = $self->decryptIV; - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $block = substr($text, $i, '.$block_size.'); - '.$_cryptBlock.' - $plaintext.= $in ^ $iv; - $iv = $block; - } - - if ($self->continuousBuffer) { - $self->decryptIV = $iv; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_DES_MODE_CTR: - $encrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["encrypted"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["encrypted"])) { - $in = $self->_generate_xor($xor); - '.$_cryptBlock.' - $buffer["encrypted"].= $in; - } - $key = $self->_string_shift($buffer["encrypted"]); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor($xor); - '.$_cryptBlock.' - $key = $in; - $ciphertext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"]; - } - } - - return $ciphertext; - '; - - $decrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["ciphertext"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["ciphertext"])) { - $in = $self->_generate_xor($xor); - '.$_cryptBlock.' - $buffer["ciphertext"].= $in; - } - $key = $self->_string_shift($buffer["ciphertext"]); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor($xor); - '.$_cryptBlock.' - $key = $in; - $plaintext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"]; - } - } - - return $plaintext; - '; - break; - case CRYPT_DES_MODE_CFB: - $encrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $ciphertext = ""; - $buffer = &$self->enbuffer; - - if ($self->continuousBuffer) { - $iv = &$self->encryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->encryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_cryptBlock.'; - $iv = $in ^ substr($text, $i, '.$block_size.'); - $ciphertext.= $iv; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_cryptBlock.' - $iv = $in; - $block = $iv ^ substr($text, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - '; - - $decrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $plaintext = ""; - $buffer = &$self->debuffer; - - if ($self->continuousBuffer) { - $iv = &$self->decryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->decryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_cryptBlock.' - $iv = $in; - $cb = substr($text, $i, '.$block_size.'); - $plaintext.= $iv ^ $cb; - $iv = $cb; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_cryptBlock.' - $iv = $in; - $plaintext.= $iv ^ substr($text, $i); - $iv = substr_replace($iv, substr($text, $i), 0, $len); - $pos = $len; - } - - return $plaintext; - '; - break; - case CRYPT_DES_MODE_OFB: - $encrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_cryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"]); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_cryptBlock.' - $xor = $in; - $ciphertext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $ciphertext; - '; - - $decrypt = $init_cryptBlock . ' - extract($self->keys[CRYPT_DES_ENCRYPT_1DIM], EXTR_PREFIX_ALL, "k"); - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_cryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"]); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_cryptBlock.' - $xor = $in; - $plaintext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $plaintext; - '; - break; - } - $lambda_functions[$code_hash] = create_function('$action, &$self, $text', 'if ($action == "encrypt") { '.$encrypt.' } else { '.$decrypt.' }'); - } + // Set the inline-crypt function as callback in: $this->inline_crypt $this->inline_crypt = $lambda_functions[$code_hash]; } - - /** - * Holds the lambda_functions table (classwide) - * - * @see inline_crypt_setup() - * @return Array - * @access private - */ - function &get_lambda_functions() - { - static $functions = array(); - return $functions; - } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/Crypt/Hash.php b/Crypt/Hash.php index 3f95cce..d6e81e8 100755 --- a/Crypt/Hash.php +++ b/Crypt/Hash.php @@ -1,25 +1,24 @@ * - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_Hash + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /**#@+ @@ -76,12 +75,21 @@ define('CRYPT_HASH_MODE_HASH', 3); /** * Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Crypt_Hash + * @author Jim Wigginton + * @access public */ -class Crypt_Hash { +class Crypt_Hash +{ + /** + * Hash Parameter + * + * @see Crypt_Hash::setHash() + * @var Integer + * @access private + */ + var $hashParam; + /** * Byte-length of compression blocks / key (Internal HMAC) * @@ -174,6 +182,19 @@ class Crypt_Hash { $this->key = $key; } + /** + * Gets the hash function. + * + * As set by the constructor or by the setHash() method. + * + * @access public + * @return String + */ + function getHash() + { + return $this->hashParam; + } + /** * Sets the hash function. * @@ -182,10 +203,13 @@ class Crypt_Hash { */ function setHash($hash) { - $hash = strtolower($hash); + $this->hashParam = $hash = strtolower($hash); switch ($hash) { case 'md5-96': case 'sha1-96': + case 'sha256-96': + case 'sha512-96': + $hash = substr($hash, 0, -3); $this->l = 12; // 96 / 8 = 12 break; case 'md2': @@ -222,14 +246,12 @@ class Crypt_Hash { case CRYPT_HASH_MODE_MHASH: switch ($hash) { case 'md5': - case 'md5-96': $this->hash = MHASH_MD5; break; case 'sha256': $this->hash = MHASH_SHA256; break; case 'sha1': - case 'sha1-96': default: $this->hash = MHASH_SHA1; } @@ -237,7 +259,6 @@ class Crypt_Hash { case CRYPT_HASH_MODE_HASH: switch ($hash) { case 'md5': - case 'md5-96': $this->hash = 'md5'; return; case 'md2': @@ -247,7 +268,6 @@ class Crypt_Hash { $this->hash = $hash; return; case 'sha1': - case 'sha1-96': default: $this->hash = 'sha1'; } @@ -260,7 +280,6 @@ class Crypt_Hash { $this->hash = array($this, '_md2'); break; case 'md5': - case 'md5-96': $this->b = 64; $this->hash = array($this, '_md5'); break; @@ -274,7 +293,6 @@ class Crypt_Hash { $this->hash = array($this, '_sha512'); break; case 'sha1': - case 'sha1-96': default: $this->b = 64; $this->hash = array($this, '_sha1'); @@ -559,7 +577,7 @@ class Crypt_Hash { function _sha512($m) { if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); + include_once 'Math/BigInteger.php'; } static $init384, $init512, $k; @@ -567,11 +585,11 @@ class Crypt_Hash { if (!isset($k)) { // Initialize variables $init384 = array( // initial values for SHA384 - 'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939', + 'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939', '67332667ffc00b31', '8eb44a8768581511', 'db0c2e0d64f98fa7', '47b5481dbefa4fa4' ); $init512 = array( // initial values for SHA512 - '6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1', + '6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1', '510e527fade682d1', '9b05688c2b3e6c1f', '1f83d9abfb41bd6b', '5be0cd19137e2179' ); diff --git a/Crypt/RC2.php b/Crypt/RC2.php new file mode 100755 index 0000000..96c9f18 --- /dev/null +++ b/Crypt/RC2.php @@ -0,0 +1,652 @@ + + * setKey('abcdefgh'); + * + * $plaintext = str_repeat('a', 1024); + * + * echo $rc2->decrypt($rc2->encrypt($plaintext)); + * ?> + * + * + * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @category Crypt + * @package Crypt_RC2 + * @author Patrick Monnerat + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ + +/** + * Include Crypt_Base + * + * Base cipher class + */ +if (!class_exists('Crypt_Base')) { + include_once 'Base.php'; +} + +/**#@+ + * @access public + * @see Crypt_RC2::encrypt() + * @see Crypt_RC2::decrypt() + */ +/** + * Encrypt / decrypt using the Counter mode. + * + * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 + */ +define('CRYPT_RC2_MODE_CTR', CRYPT_MODE_CTR); +/** + * Encrypt / decrypt using the Electronic Code Book mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 + */ +define('CRYPT_RC2_MODE_ECB', CRYPT_MODE_ECB); +/** + * Encrypt / decrypt using the Code Book Chaining mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 + */ +define('CRYPT_RC2_MODE_CBC', CRYPT_MODE_CBC); +/** + * Encrypt / decrypt using the Cipher Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 + */ +define('CRYPT_RC2_MODE_CFB', CRYPT_MODE_CFB); +/** + * Encrypt / decrypt using the Cipher Feedback mode. + * + * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 + */ +define('CRYPT_RC2_MODE_OFB', CRYPT_MODE_OFB); +/**#@-*/ + +/**#@+ + * @access private + * @see Crypt_RC2::Crypt_RC2() + */ +/** + * Toggles the internal implementation + */ +define('CRYPT_RC2_MODE_INTERNAL', CRYPT_MODE_INTERNAL); +/** + * Toggles the mcrypt implementation + */ +define('CRYPT_RC2_MODE_MCRYPT', CRYPT_MODE_MCRYPT); +/**#@-*/ + +/** + * Pure-PHP implementation of RC2. + * + * @package Crypt_RC2 + * @access public + */ +class Crypt_RC2 extends Crypt_Base +{ + /** + * Block Length of the cipher + * + * @see Crypt_Base::block_size + * @var Integer + * @access private + */ + var $block_size = 8; + + /** + * The Key + * + * @see Crypt_Base::key + * @see setKey() + * @var String + * @access private + */ + var $key = "\0"; + + /** + * The default password key_size used by setPassword() + * + * @see Crypt_Base::password_key_size + * @see Crypt_Base::setPassword() + * @var Integer + * @access private + */ + var $password_key_size = 16; // = 128 bits + + /** + * The namespace used by the cipher for its constants. + * + * @see Crypt_Base::const_namespace + * @var String + * @access private + */ + var $const_namespace = 'RC2'; + + /** + * The mcrypt specific name of the cipher + * + * @see Crypt_Base::cipher_name_mcrypt + * @var String + * @access private + */ + var $cipher_name_mcrypt = 'rc2'; + + /** + * Optimizing value while CFB-encrypting + * + * @see Crypt_Base::cfb_init_len + * @var Integer + * @access private + */ + var $cfb_init_len = 500; + + /** + * The key length in bits. + * + * @see Crypt_RC2::setKeyLength() + * @see Crypt_RC2::setKey() + * @var Integer + * @access private + * @internal Should be in range [1..1024]. + * @internal Changing this value after setting the key has no effect. + */ + var $default_key_length = 1024; + + /** + * The Key Schedule + * + * @see Crypt_RC2::_setupKey() + * @var Array + * @access private + */ + var $keys; + + /** + * Key expansion randomization table. + * Twice the same 256-value sequence to save a modulus in key expansion. + * + * @see Crypt_RC2::setKey() + * @var Array + * @access private + */ + var $pitable = array( + 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, + 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, + 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, + 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, + 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, + 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, + 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, + 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, + 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, + 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, + 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, + 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, + 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, + 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, + 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, + 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, + 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, + 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, + 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, + 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, + 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, + 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, + 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, + 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, + 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, + 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, + 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, + 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, + 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, + 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, + 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, + 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD, + 0xD9, 0x78, 0xF9, 0xC4, 0x19, 0xDD, 0xB5, 0xED, + 0x28, 0xE9, 0xFD, 0x79, 0x4A, 0xA0, 0xD8, 0x9D, + 0xC6, 0x7E, 0x37, 0x83, 0x2B, 0x76, 0x53, 0x8E, + 0x62, 0x4C, 0x64, 0x88, 0x44, 0x8B, 0xFB, 0xA2, + 0x17, 0x9A, 0x59, 0xF5, 0x87, 0xB3, 0x4F, 0x13, + 0x61, 0x45, 0x6D, 0x8D, 0x09, 0x81, 0x7D, 0x32, + 0xBD, 0x8F, 0x40, 0xEB, 0x86, 0xB7, 0x7B, 0x0B, + 0xF0, 0x95, 0x21, 0x22, 0x5C, 0x6B, 0x4E, 0x82, + 0x54, 0xD6, 0x65, 0x93, 0xCE, 0x60, 0xB2, 0x1C, + 0x73, 0x56, 0xC0, 0x14, 0xA7, 0x8C, 0xF1, 0xDC, + 0x12, 0x75, 0xCA, 0x1F, 0x3B, 0xBE, 0xE4, 0xD1, + 0x42, 0x3D, 0xD4, 0x30, 0xA3, 0x3C, 0xB6, 0x26, + 0x6F, 0xBF, 0x0E, 0xDA, 0x46, 0x69, 0x07, 0x57, + 0x27, 0xF2, 0x1D, 0x9B, 0xBC, 0x94, 0x43, 0x03, + 0xF8, 0x11, 0xC7, 0xF6, 0x90, 0xEF, 0x3E, 0xE7, + 0x06, 0xC3, 0xD5, 0x2F, 0xC8, 0x66, 0x1E, 0xD7, + 0x08, 0xE8, 0xEA, 0xDE, 0x80, 0x52, 0xEE, 0xF7, + 0x84, 0xAA, 0x72, 0xAC, 0x35, 0x4D, 0x6A, 0x2A, + 0x96, 0x1A, 0xD2, 0x71, 0x5A, 0x15, 0x49, 0x74, + 0x4B, 0x9F, 0xD0, 0x5E, 0x04, 0x18, 0xA4, 0xEC, + 0xC2, 0xE0, 0x41, 0x6E, 0x0F, 0x51, 0xCB, 0xCC, + 0x24, 0x91, 0xAF, 0x50, 0xA1, 0xF4, 0x70, 0x39, + 0x99, 0x7C, 0x3A, 0x85, 0x23, 0xB8, 0xB4, 0x7A, + 0xFC, 0x02, 0x36, 0x5B, 0x25, 0x55, 0x97, 0x31, + 0x2D, 0x5D, 0xFA, 0x98, 0xE3, 0x8A, 0x92, 0xAE, + 0x05, 0xDF, 0x29, 0x10, 0x67, 0x6C, 0xBA, 0xC9, + 0xD3, 0x00, 0xE6, 0xCF, 0xE1, 0x9E, 0xA8, 0x2C, + 0x63, 0x16, 0x01, 0x3F, 0x58, 0xE2, 0x89, 0xA9, + 0x0D, 0x38, 0x34, 0x1B, 0xAB, 0x33, 0xFF, 0xB0, + 0xBB, 0x48, 0x0C, 0x5F, 0xB9, 0xB1, 0xCD, 0x2E, + 0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, + 0x0A, 0xA6, 0x20, 0x68, 0xFE, 0x7F, 0xC1, 0xAD + ); + + /** + * Inverse key expansion randomization table. + * + * @see Crypt_RC2::setKey() + * @var Array + * @access private + */ + var $invpitable = array( + 0xD1, 0xDA, 0xB9, 0x6F, 0x9C, 0xC8, 0x78, 0x66, + 0x80, 0x2C, 0xF8, 0x37, 0xEA, 0xE0, 0x62, 0xA4, + 0xCB, 0x71, 0x50, 0x27, 0x4B, 0x95, 0xD9, 0x20, + 0x9D, 0x04, 0x91, 0xE3, 0x47, 0x6A, 0x7E, 0x53, + 0xFA, 0x3A, 0x3B, 0xB4, 0xA8, 0xBC, 0x5F, 0x68, + 0x08, 0xCA, 0x8F, 0x14, 0xD7, 0xC0, 0xEF, 0x7B, + 0x5B, 0xBF, 0x2F, 0xE5, 0xE2, 0x8C, 0xBA, 0x12, + 0xE1, 0xAF, 0xB2, 0x54, 0x5D, 0x59, 0x76, 0xDB, + 0x32, 0xA2, 0x58, 0x6E, 0x1C, 0x29, 0x64, 0xF3, + 0xE9, 0x96, 0x0C, 0x98, 0x19, 0x8D, 0x3E, 0x26, + 0xAB, 0xA5, 0x85, 0x16, 0x40, 0xBD, 0x49, 0x67, + 0xDC, 0x22, 0x94, 0xBB, 0x3C, 0xC1, 0x9B, 0xEB, + 0x45, 0x28, 0x18, 0xD8, 0x1A, 0x42, 0x7D, 0xCC, + 0xFB, 0x65, 0x8E, 0x3D, 0xCD, 0x2A, 0xA3, 0x60, + 0xAE, 0x93, 0x8A, 0x48, 0x97, 0x51, 0x15, 0xF7, + 0x01, 0x0B, 0xB7, 0x36, 0xB1, 0x2E, 0x11, 0xFD, + 0x84, 0x2D, 0x3F, 0x13, 0x88, 0xB3, 0x34, 0x24, + 0x1B, 0xDE, 0xC5, 0x1D, 0x4D, 0x2B, 0x17, 0x31, + 0x74, 0xA9, 0xC6, 0x43, 0x6D, 0x39, 0x90, 0xBE, + 0xC3, 0xB0, 0x21, 0x6B, 0xF6, 0x0F, 0xD5, 0x99, + 0x0D, 0xAC, 0x1F, 0x5C, 0x9E, 0xF5, 0xF9, 0x4C, + 0xD6, 0xDF, 0x89, 0xE4, 0x8B, 0xFF, 0xC7, 0xAA, + 0xE7, 0xED, 0x46, 0x25, 0xB6, 0x06, 0x5E, 0x35, + 0xB5, 0xEC, 0xCE, 0xE8, 0x6C, 0x30, 0x55, 0x61, + 0x4A, 0xFE, 0xA0, 0x79, 0x03, 0xF0, 0x10, 0x72, + 0x7C, 0xCF, 0x52, 0xA6, 0xA7, 0xEE, 0x44, 0xD3, + 0x9A, 0x57, 0x92, 0xD0, 0x5A, 0x7A, 0x41, 0x7F, + 0x0E, 0x00, 0x63, 0xF2, 0x4F, 0x05, 0x83, 0xC9, + 0xA1, 0xD4, 0xDD, 0xC4, 0x56, 0xF4, 0xD2, 0x77, + 0x81, 0x09, 0x82, 0x33, 0x9F, 0x07, 0x86, 0x75, + 0x38, 0x4E, 0x69, 0xF1, 0xAD, 0x23, 0x73, 0x87, + 0x70, 0x02, 0xC2, 0x1E, 0xB8, 0x0A, 0xFC, 0xE6 + ); + + /** + * Default Constructor. + * + * Determines whether or not the mcrypt extension should be used. + * + * $mode could be: + * + * - CRYPT_RC2_MODE_ECB + * + * - CRYPT_RC2_MODE_CBC + * + * - CRYPT_RC2_MODE_CTR + * + * - CRYPT_RC2_MODE_CFB + * + * - CRYPT_RC2_MODE_OFB + * + * If not explicitly set, CRYPT_RC2_MODE_CBC will be used. + * + * @see Crypt_Base::Crypt_Base() + * @param optional Integer $mode + * @access public + */ + function Crypt_RC2($mode = CRYPT_RC2_MODE_CBC) + { + parent::Crypt_Base($mode); + $this->setKey(''); + } + + /** + * Sets the key length + * + * Valid key lengths are 1 to 1024. + * Calling this function after setting the key has no effect until the next + * Crypt_RC2::setKey() call. + * + * @access public + * @param Integer $length in bits + */ + function setKeyLength($length) + { + if ($length >= 1 && $length <= 1024) { + $this->default_key_length = $length; + } + } + + /** + * Sets the key. + * + * Keys can be of any length. RC2, itself, uses 1 to 1024 bit keys (eg. + * strlen($key) <= 128), however, we only use the first 128 bytes if $key + * has more then 128 bytes in it, and set $key to a single null byte if + * it is empty. + * + * If the key is not explicitly set, it'll be assumed to be a single + * null byte. + * + * @see Crypt_Base::setKey() + * @access public + * @param String $key + * @param Integer $t1 optional Effective key length in bits. + */ + function setKey($key, $t1 = 0) + { + if ($t1 <= 0) { + $t1 = $this->default_key_length; + } else if ($t1 > 1024) { + $t1 = 1024; + } + // Key byte count should be 1..128. + $key = strlen($key) ? substr($key, 0, 128) : "\x00"; + $t = strlen($key); + + // The mcrypt RC2 implementation only supports effective key length + // of 1024 bits. It is however possible to handle effective key + // lengths in range 1..1024 by expanding the key and applying + // inverse pitable mapping to the first byte before submitting it + // to mcrypt. + + // Key expansion. + $l = array_values(unpack('C*', $key)); + $t8 = ($t1 + 7) >> 3; + $tm = 0xFF >> (8 * $t8 - $t1); + + // Expand key. + $pitable = $this->pitable; + for ($i = $t; $i < 128; $i++) { + $l[$i] = $pitable[$l[$i - 1] + $l[$i - $t]]; + } + $i = 128 - $t8; + $l[$i] = $pitable[$l[$i] & $tm]; + while ($i--) { + $l[$i] = $pitable[$l[$i + 1] ^ $l[$i + $t8]]; + } + + // Prepare the key for mcrypt. + $l[0] = $this->invpitable[$l[0]]; + array_unshift($l, 'C*'); + parent::setKey(call_user_func_array('pack', $l)); + } + + /** + * Encrypts a block + * + * @see Crypt_Base::_encryptBlock() + * @see Crypt_Base::encrypt() + * @access private + * @param String $in + * @return String + */ + function _encryptBlock($in) + { + list($r0, $r1, $r2, $r3) = array_values(unpack('v*', $in)); + $keys = $this->keys; + $limit = 20; + $actions = array($limit => 44, 44 => 64); + $j = 0; + + for (;;) { + // Mixing round. + $r0 = (($r0 + $keys[$j++] + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; + $r0 |= $r0 >> 16; + $r1 = (($r1 + $keys[$j++] + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; + $r1 |= $r1 >> 16; + $r2 = (($r2 + $keys[$j++] + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; + $r2 |= $r2 >> 16; + $r3 = (($r3 + $keys[$j++] + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; + $r3 |= $r3 >> 16; + + if ($j === $limit) { + if ($limit === 64) { + break; + } + + // Mashing round. + $r0 += $keys[$r3 & 0x3F]; + $r1 += $keys[$r0 & 0x3F]; + $r2 += $keys[$r1 & 0x3F]; + $r3 += $keys[$r2 & 0x3F]; + $limit = $actions[$limit]; + } + } + + return pack('vvvv', $r0, $r1, $r2, $r3); + } + + /** + * Decrypts a block + * + * @see Crypt_Base::_decryptBlock() + * @see Crypt_Base::decrypt() + * @access private + * @param String $in + * @return String + */ + function _decryptBlock($in) + { + list($r0, $r1, $r2, $r3) = array_values(unpack('v*', $in)); + $keys = $this->keys; + $limit = 44; + $actions = array($limit => 20, 20 => 0); + $j = 64; + + for (;;) { + // R-mixing round. + $r3 = ($r3 | ($r3 << 16)) >> 5; + $r3 = ($r3 - $keys[--$j] - ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; + $r2 = ($r2 | ($r2 << 16)) >> 3; + $r2 = ($r2 - $keys[--$j] - ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; + $r1 = ($r1 | ($r1 << 16)) >> 2; + $r1 = ($r1 - $keys[--$j] - ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; + $r0 = ($r0 | ($r0 << 16)) >> 1; + $r0 = ($r0 - $keys[--$j] - ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF; + + if ($j === $limit) { + if ($limit === 0) { + break; + } + + // R-mashing round. + $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; + $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; + $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; + $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF; + $limit = $actions[$limit]; + } + } + + return pack('vvvv', $r0, $r1, $r2, $r3); + } + + /** + * Creates the key schedule + * + * @see Crypt_Base::_setupKey() + * @access private + */ + function _setupKey() + { + // Key has already been expanded in Crypt_RC2::setKey(): + // Only the first value must be altered. + $l = unpack('Ca/Cb/v*', $this->key); + array_unshift($l, $this->pitable[$l['a']] | ($l['b'] << 8)); + unset($l['a']); + unset($l['b']); + $this->keys = $l; + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see Crypt_Base::_setupInlineCrypt() + * @access private + */ + function _setupInlineCrypt() + { + $lambda_functions = &Crypt_RC2::_getLambdaFunctions(); + + // The first 10 generated $lambda_functions will use the $keys hardcoded as integers + // for the mixing rounds, for better inline crypt performance [~20% faster]. + // But for memory reason we have to limit those ultra-optimized $lambda_functions to an amount of 10. + $keys = $this->keys; + if (count($lambda_functions) >= 10) { + foreach ($this->keys as $k => $v) { + $keys[$k] = '$keys[' . $k . ']'; + } + } + + $code_hash = md5(str_pad("Crypt_RC2, {$this->mode}, ", 32, "\0") . implode(',', $keys)); + + // Is there a re-usable $lambda_functions in there? + // If not, we have to create it. + if (!isset($lambda_functions[$code_hash])) { + // Init code for both, encrypt and decrypt. + $init_crypt = '$keys = $self->keys;'; + + // $in is the current 8 bytes block which has to be en/decrypt + $encrypt_block = $decrypt_block = ' + $in = unpack("v4", $in); + $r0 = $in[1]; + $r1 = $in[2]; + $r2 = $in[3]; + $r3 = $in[4]; + '; + + // Create code for encryption. + $limit = 20; + $actions = array($limit => 44, 44 => 64); + $j = 0; + + for (;;) { + // Mixing round. + $encrypt_block .= ' + $r0 = (($r0 + ' . $keys[$j++] . ' + + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF) << 1; + $r0 |= $r0 >> 16; + $r1 = (($r1 + ' . $keys[$j++] . ' + + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF) << 2; + $r1 |= $r1 >> 16; + $r2 = (($r2 + ' . $keys[$j++] . ' + + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF) << 3; + $r2 |= $r2 >> 16; + $r3 = (($r3 + ' . $keys[$j++] . ' + + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF) << 5; + $r3 |= $r3 >> 16;'; + + if ($j === $limit) { + if ($limit === 64) { + break; + } + + // Mashing round. + $encrypt_block .= ' + $r0 += $keys[$r3 & 0x3F]; + $r1 += $keys[$r0 & 0x3F]; + $r2 += $keys[$r1 & 0x3F]; + $r3 += $keys[$r2 & 0x3F];'; + $limit = $actions[$limit]; + } + } + + $encrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; + + // Create code for decryption. + $limit = 44; + $actions = array($limit => 20, 20 => 0); + $j = 64; + + for (;;) { + // R-mixing round. + $decrypt_block .= ' + $r3 = ($r3 | ($r3 << 16)) >> 5; + $r3 = ($r3 - ' . $keys[--$j] . ' - + ((($r0 ^ $r1) & $r2) ^ $r0)) & 0xFFFF; + $r2 = ($r2 | ($r2 << 16)) >> 3; + $r2 = ($r2 - ' . $keys[--$j] . ' - + ((($r3 ^ $r0) & $r1) ^ $r3)) & 0xFFFF; + $r1 = ($r1 | ($r1 << 16)) >> 2; + $r1 = ($r1 - ' . $keys[--$j] . ' - + ((($r2 ^ $r3) & $r0) ^ $r2)) & 0xFFFF; + $r0 = ($r0 | ($r0 << 16)) >> 1; + $r0 = ($r0 - ' . $keys[--$j] . ' - + ((($r1 ^ $r2) & $r3) ^ $r1)) & 0xFFFF;'; + + if ($j === $limit) { + if ($limit === 0) { + break; + } + + // R-mashing round. + $decrypt_block .= ' + $r3 = ($r3 - $keys[$r2 & 0x3F]) & 0xFFFF; + $r2 = ($r2 - $keys[$r1 & 0x3F]) & 0xFFFF; + $r1 = ($r1 - $keys[$r0 & 0x3F]) & 0xFFFF; + $r0 = ($r0 - $keys[$r3 & 0x3F]) & 0xFFFF;'; + $limit = $actions[$limit]; + } + } + + $decrypt_block .= '$in = pack("v4", $r0, $r1, $r2, $r3);'; + + // Creates the inline-crypt function + $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( + array( + 'init_crypt' => $init_crypt, + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ) + ); + } + + // Set the inline-crypt function as callback in: $this->inline_crypt + $this->inline_crypt = $lambda_functions[$code_hash]; + } +} diff --git a/Crypt/RC4.php b/Crypt/RC4.php index 39c8d1d..24ae0a9 100755 --- a/Crypt/RC4.php +++ b/Crypt/RC4.php @@ -1,5 +1,4 @@ * - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_RC4 + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ +/** + * Include Crypt_Base + * + * Base cipher class + */ +if (!class_exists('Crypt_Base')) { + include_once 'Base.php'; +} + /**#@+ * @access private * @see Crypt_RC4::Crypt_RC4() @@ -68,11 +76,11 @@ /** * Toggles the internal implementation */ -define('CRYPT_RC4_MODE_INTERNAL', 1); +define('CRYPT_RC4_MODE_INTERNAL', CRYPT_MODE_INTERNAL); /** * Toggles the mcrypt implementation */ -define('CRYPT_RC4_MODE_MCRYPT', 2); +define('CRYPT_RC4_MODE_MCRYPT', CRYPT_MODE_MCRYPT); /**#@-*/ /**#@+ @@ -86,12 +94,61 @@ define('CRYPT_RC4_DECRYPT', 1); /** * Pure-PHP implementation of RC4. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Crypt_RC4 + * @author Jim Wigginton + * @access public */ -class Crypt_RC4 { +class Crypt_RC4 extends Crypt_Base +{ + /** + * Block Length of the cipher + * + * RC4 is a stream cipher + * so we the block_size to 0 + * + * @see Crypt_Base::block_size + * @var Integer + * @access private + */ + var $block_size = 0; + + /** + * The default password key_size used by setPassword() + * + * @see Crypt_Base::password_key_size + * @see Crypt_Base::setPassword() + * @var Integer + * @access private + */ + var $password_key_size = 128; // = 1024 bits + + /** + * The namespace used by the cipher for its constants. + * + * @see Crypt_Base::const_namespace + * @var String + * @access private + */ + var $const_namespace = 'RC4'; + + /** + * The mcrypt specific name of the cipher + * + * @see Crypt_Base::cipher_name_mcrypt + * @var String + * @access private + */ + var $cipher_name_mcrypt = 'arcfour'; + + /** + * Holds whether performance-optimized $inline_crypt() can/should be used. + * + * @see Crypt_Base::inline_crypt + * @var mixed + * @access private + */ + var $use_inline_crypt = false; // currently not available + /** * The Key * @@ -102,190 +159,26 @@ class Crypt_RC4 { var $key = "\0"; /** - * The Key Stream for encryption - * - * If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object + * The Key Stream for decryption and encryption * * @see Crypt_RC4::setKey() * @var Array * @access private */ - var $encryptStream = false; - - /** - * The Key Stream for decryption - * - * If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object - * - * @see Crypt_RC4::setKey() - * @var Array - * @access private - */ - var $decryptStream = false; - - /** - * The $i and $j indexes for encryption - * - * @see Crypt_RC4::_crypt() - * @var Integer - * @access private - */ - var $encryptIndex = 0; - - /** - * The $i and $j indexes for decryption - * - * @see Crypt_RC4::_crypt() - * @var Integer - * @access private - */ - var $decryptIndex = 0; - - /** - * The Encryption Algorithm - * - * Only used if CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT. Only possible values are MCRYPT_RC4 or MCRYPT_ARCFOUR. - * - * @see Crypt_RC4::Crypt_RC4() - * @var Integer - * @access private - */ - var $mode; - - /** - * Continuous Buffer status - * - * @see Crypt_RC4::enableContinuousBuffer() - * @var Boolean - * @access private - */ - var $continuousBuffer = false; + var $stream; /** * Default Constructor. * * Determines whether or not the mcrypt extension should be used. * + * @see Crypt_Base::Crypt_Base() * @return Crypt_RC4 * @access public */ function Crypt_RC4() { - if ( !defined('CRYPT_RC4_MODE') ) { - switch (true) { - case extension_loaded('mcrypt') && (defined('MCRYPT_ARCFOUR') || defined('MCRYPT_RC4')) && in_array('arcfour', mcrypt_list_algorithms()): - define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_MCRYPT); - break; - default: - define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_INTERNAL); - } - } - - switch ( CRYPT_RC4_MODE ) { - case CRYPT_RC4_MODE_MCRYPT: - switch (true) { - case defined('MCRYPT_ARCFOUR'): - $this->mode = MCRYPT_ARCFOUR; - break; - case defined('MCRYPT_RC4'); - $this->mode = MCRYPT_RC4; - } - $this->encryptStream = mcrypt_module_open($this->mode, '', MCRYPT_MODE_STREAM, ''); - $this->decryptStream = mcrypt_module_open($this->mode, '', MCRYPT_MODE_STREAM, ''); - - } - } - - /** - * Sets the key. - * - * Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will - * be used. If no key is explicitly set, it'll be assumed to be a single null byte. - * - * @access public - * @param String $key - */ - function setKey($key) - { - $this->key = $key; - - if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) { - mcrypt_generic_init($this->encryptStream, $this->key, ''); - mcrypt_generic_init($this->decryptStream, $this->key, ''); - return; - } - - $keyLength = strlen($key); - $keyStream = array(); - for ($i = 0; $i < 256; $i++) { - $keyStream[$i] = $i; - } - $j = 0; - for ($i = 0; $i < 256; $i++) { - $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; - $temp = $keyStream[$i]; - $keyStream[$i] = $keyStream[$j]; - $keyStream[$j] = $temp; - } - - $this->encryptIndex = $this->decryptIndex = array(0, 0); - $this->encryptStream = $this->decryptStream = $keyStream; - } - - /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: - * $hash, $salt, $count, $dkLen - * - * @param String $password - * @param optional String $method - * @access public - */ - function setPassword($password, $method = 'pbkdf2') - { - $key = ''; - - switch ($method) { - default: // 'pbkdf2' - list(, , $hash, $salt, $count) = func_get_args(); - if (!isset($hash)) { - $hash = 'sha1'; - } - // WPA and WPA2 use the SSID as the salt - if (!isset($salt)) { - $salt = 'phpseclib/salt'; - } - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - if (!isset($count)) { - $count = 1000; - } - if (!isset($dkLen)) { - $dkLen = 128; - } - - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - - $i = 1; - while (strlen($key) < $dkLen) { - //$dk.= $this->_pbkdf($password, $salt, $count, $i++); - $hmac = new Crypt_Hash(); - $hmac->setHash($hash); - $hmac->setKey($password); - $f = $u = $hmac->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; $j++) { - $u = $hmac->hash($u); - $f^= $u; - } - $key.= $f; - } - } - - $this->setKey(substr($key, 0, $dkLen)); + parent::Crypt_Base(CRYPT_MODE_STREAM); } /** @@ -311,15 +204,35 @@ class Crypt_RC4 { { } + /** + * Sets the key. + * + * Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will + * be used. If no key is explicitly set, it'll be assumed to be a single null byte. + * + * @access public + * @see Crypt_Base::setKey() + * @param String $key + */ + function setKey($key) + { + parent::setKey(substr($key, 0, 256)); + } + /** * Encrypts a message. * + * @see Crypt_Base::decrypt() * @see Crypt_RC4::_crypt() * @access public * @param String $plaintext + * @return String $ciphertext */ function encrypt($plaintext) { + if ($this->engine == CRYPT_MODE_MCRYPT) { + return parent::encrypt($plaintext); + } return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT); } @@ -327,17 +240,50 @@ class Crypt_RC4 { * Decrypts a message. * * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). - * Atleast if the continuous buffer is disabled. + * At least if the continuous buffer is disabled. * + * @see Crypt_Base::encrypt() * @see Crypt_RC4::_crypt() * @access public * @param String $ciphertext + * @return String $plaintext */ function decrypt($ciphertext) { + if ($this->engine == CRYPT_MODE_MCRYPT) { + return parent::decrypt($ciphertext); + } return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT); } + + /** + * Setup the key (expansion) + * + * @see Crypt_Base::_setupKey() + * @access private + */ + function _setupKey() + { + $key = $this->key; + $keyLength = strlen($key); + $keyStream = range(0, 255); + $j = 0; + for ($i = 0; $i < 256; $i++) { + $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; + $temp = $keyStream[$i]; + $keyStream[$i] = $keyStream[$j]; + $keyStream[$j] = $temp; + } + + $this->stream = array(); + $this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array( + 0, // index $i + 0, // index $j + $keyStream + ); + } + /** * Encrypts or decrypts a message. * @@ -346,147 +292,38 @@ class Crypt_RC4 { * @access private * @param String $text * @param Integer $mode + * @return String $text */ function _crypt($text, $mode) { - if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) { - $keyStream = $mode == CRYPT_RC4_ENCRYPT ? 'encryptStream' : 'decryptStream'; - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->$keyStream, $this->key, ''); - } - - return mcrypt_generic($this->$keyStream, $text); - } - - if ($this->encryptStream === false) { - $this->setKey($this->key); - } - - switch ($mode) { - case CRYPT_RC4_ENCRYPT: - $keyStream = $this->encryptStream; - list($i, $j) = $this->encryptIndex; - break; - case CRYPT_RC4_DECRYPT: - $keyStream = $this->decryptStream; - list($i, $j) = $this->decryptIndex; - } - - $newText = ''; - for ($k = 0; $k < strlen($text); $k++) { - $i = ($i + 1) & 255; - $j = ($j + $keyStream[$i]) & 255; - $temp = $keyStream[$i]; - $keyStream[$i] = $keyStream[$j]; - $keyStream[$j] = $temp; - $temp = $keyStream[($keyStream[$i] + $keyStream[$j]) & 255]; - $newText.= chr(ord($text[$k]) ^ $temp); + if ($this->changed) { + $this->_setup(); + $this->changed = false; } + $stream = &$this->stream[$mode]; if ($this->continuousBuffer) { - switch ($mode) { - case CRYPT_RC4_ENCRYPT: - $this->encryptStream = $keyStream; - $this->encryptIndex = array($i, $j); - break; - case CRYPT_RC4_DECRYPT: - $this->decryptStream = $keyStream; - $this->decryptIndex = array($i, $j); - } + $i = &$stream[0]; + $j = &$stream[1]; + $keyStream = &$stream[2]; + } else { + $i = $stream[0]; + $j = $stream[1]; + $keyStream = $stream[2]; } - return $newText; - } + $len = strlen($text); + for ($k = 0; $k < $len; ++$k) { + $i = ($i + 1) & 255; + $ksi = $keyStream[$i]; + $j = ($j + $ksi) & 255; + $ksj = $keyStream[$j]; - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets - * will yield different outputs: - * - * - * echo $rc4->encrypt(substr($plaintext, 0, 8)); - * echo $rc4->encrypt(substr($plaintext, 8, 8)); - * - * - * echo $rc4->encrypt($plaintext); - * - * - * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates - * another, as demonstrated with the following: - * - * - * $rc4->encrypt(substr($plaintext, 0, 8)); - * echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8))); - * - * - * echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8))); - * - * - * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different - * outputs. The reason is due to the fact that the initialization vector's change after every encryption / - * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. - * - * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each - * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that - * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), - * however, they are also less intuitive and more likely to cause you problems. - * - * @see Crypt_RC4::disableContinuousBuffer() - * @access public - */ - function enableContinuousBuffer() - { - if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) { - mcrypt_generic_init($this->encryptStream, $this->key, ''); - mcrypt_generic_init($this->decryptStream, $this->key, ''); + $keyStream[$i] = $ksj; + $keyStream[$j] = $ksi; + $text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]); } - $this->continuousBuffer = true; - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see Crypt_RC4::enableContinuousBuffer() - * @access public - */ - function disableContinuousBuffer() - { - if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_INTERNAL ) { - $this->encryptIndex = $this->decryptIndex = array(0, 0); - $this->encryptStream = $this->decryptStream = false; - } - - $this->continuousBuffer = false; - } - - /** - * Dummy function. - * - * Since RC4 is a stream cipher and not a block cipher, no padding is necessary. The only reason this function is - * included is so that you can switch between a block cipher and a stream cipher transparently. - * - * @see Crypt_RC4::disablePadding() - * @access public - */ - function enablePadding() - { - } - - /** - * Dummy function. - * - * @see Crypt_RC4::enablePadding() - * @access public - */ - function disablePadding() - { + return $text; } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/Crypt/RSA.php b/Crypt/RSA.php index b327007..823044b 100755 --- a/Crypt/RSA.php +++ b/Crypt/RSA.php @@ -1,5 +1,4 @@ * createKey()); @@ -27,7 +26,7 @@ * Here's an example of how to create signatures and verify signatures with this library: * * createKey()); @@ -48,10 +47,10 @@ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -60,12 +59,12 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Crypt - * @package Crypt_RSA - * @author Jim Wigginton - * @copyright MMIX Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_RSA + * @author Jim Wigginton + * @copyright MMIX Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** @@ -73,17 +72,17 @@ */ // the class_exists() will only be called if the crypt_random_string function hasn't been defined and // will trigger a call to __autoload() if you're wanting to auto-load classes -// call function_exists() a second time to stop the require_once from being called outside +// call function_exists() a second time to stop the include_once from being called outside // of the auto loader if (!function_exists('crypt_random_string')) { - require_once('Random.php'); + include_once 'Random.php'; } /** * Include Crypt_Hash */ if (!class_exists('Crypt_Hash')) { - require_once('Hash.php'); + include_once 'Hash.php'; } /**#@+ @@ -105,7 +104,7 @@ define('CRYPT_RSA_ENCRYPTION_OAEP', 1); * Use PKCS#1 padding. * * Although CRYPT_RSA_ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards - * compatability with protocols (like SSH-1) written before OAEP's introduction. + * compatibility with protocols (like SSH-1) written before OAEP's introduction. */ define('CRYPT_RSA_ENCRYPTION_PKCS1', 2); /**#@-*/ @@ -129,7 +128,7 @@ define('CRYPT_RSA_SIGNATURE_PSS', 1); * Use the PKCS#1 scheme by default. * * Although CRYPT_RSA_SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards - * compatability with protocols (like SSH-2) written before PSS's introduction. + * compatibility with protocols (like SSH-2) written before PSS's introduction. */ define('CRYPT_RSA_SIGNATURE_PKCS1', 2); /**#@-*/ @@ -141,15 +140,23 @@ define('CRYPT_RSA_SIGNATURE_PKCS1', 2); /** * ASN1 Integer */ -define('CRYPT_RSA_ASN1_INTEGER', 2); +define('CRYPT_RSA_ASN1_INTEGER', 2); /** * ASN1 Bit String */ -define('CRYPT_RSA_ASN1_BITSTRING', 3); +define('CRYPT_RSA_ASN1_BITSTRING', 3); +/** + * ASN1 Octet String + */ +define('CRYPT_RSA_ASN1_OCTETSTRING', 4); +/** + * ASN1 Object Identifier + */ +define('CRYPT_RSA_ASN1_OBJECT', 6); /** * ASN1 Sequence (with the constucted bit set) */ -define('CRYPT_RSA_ASN1_SEQUENCE', 48); +define('CRYPT_RSA_ASN1_SEQUENCE', 48); /**#@-*/ /**#@+ @@ -173,7 +180,6 @@ define('CRYPT_RSA_MODE_OPENSSL', 2); */ define('CRYPT_RSA_OPENSSL_CONFIG', dirname(__FILE__) . '/../openssl.cnf'); - /**#@+ * @access public * @see Crypt_RSA::createKey() @@ -193,6 +199,10 @@ define('CRYPT_RSA_PRIVATE_FORMAT_PUTTY', 1); * XML formatted private key */ define('CRYPT_RSA_PRIVATE_FORMAT_XML', 2); +/** + * PKCS#8 formatted private key + */ +define('CRYPT_RSA_PRIVATE_FORMAT_PKCS8', 3); /**#@-*/ /**#@+ @@ -218,7 +228,14 @@ define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3); * PKCS#1 formatted public key (raw) * * Used by File/X509.php + * + * Has the following header: + * + * -----BEGIN RSA PUBLIC KEY----- + * + * Analogous to ssh-keygen's pem format (as specified by -m) */ +define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 4); define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4); /** * XML formatted public key @@ -234,19 +251,27 @@ define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6); * PKCS#1 formatted public key (encapsulated) * * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set) + * + * Has the following header: + * + * -----BEGIN PUBLIC KEY----- + * + * Analogous to ssh-keygen's pkcs8 format (as specified by -m). Although PKCS8 + * is specific to private keys it's basically creating a DER-encoded wrapper + * for keys. This just extends that same concept to public keys (much like ssh-keygen) */ -define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 7); +define('CRYPT_RSA_PUBLIC_FORMAT_PKCS8', 7); /**#@-*/ /** * Pure-PHP PKCS#1 compliant implementation of RSA. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Crypt_RSA + * @author Jim Wigginton + * @access public */ -class Crypt_RSA { +class Crypt_RSA +{ /** * Precomputed Zero * @@ -277,7 +302,7 @@ class Crypt_RSA { * @var Integer * @access public */ - var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS1; + var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS8; /** * Modulus (ie. n) @@ -434,7 +459,7 @@ class Crypt_RSA { /** * OpenSSL configuration file name. * - * Set to NULL to use system configuration file. + * Set to null to use system configuration file. * @see Crypt_RSA::createKey() * @var Mixed * @Access public @@ -462,15 +487,50 @@ class Crypt_RSA { function Crypt_RSA() { if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); + include_once 'Math/BigInteger.php'; } $this->configFile = CRYPT_RSA_OPENSSL_CONFIG; if ( !defined('CRYPT_RSA_MODE') ) { switch (true) { + // Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular, + // Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger + // can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either. + case defined('MATH_BIGINTEGER_OPENSSL_DISABLE'): + define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); + break; + // openssl_pkey_get_details - which is used in the only place Crypt/RSA.php uses OpenSSL - was introduced in PHP 5.2.0 + case !function_exists('openssl_pkey_get_details'): + define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); + break; case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>=') && file_exists($this->configFile): - define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL); + // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work + ob_start(); + @phpinfo(); + $content = ob_get_contents(); + ob_end_clean(); + + preg_match_all('#OpenSSL (Header|Library) Version(.*)#im', $content, $matches); + + $versions = array(); + if (!empty($matches[1])) { + for ($i = 0; $i < count($matches[1]); $i++) { + $versions[$matches[1][$i]] = trim(str_replace('=>', '', strip_tags($matches[2][$i]))); + } + } + + // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+ + switch (true) { + case !isset($versions['Header']): + case !isset($versions['Library']): + case $versions['Header'] == $versions['Library']: + define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL); + break; + default: + define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); + define('MATH_BIGINTEGER_OPENSSL_DISABLE', true); + } break; default: define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); @@ -524,7 +584,7 @@ class Crypt_RSA { $config['config'] = $this->configFile; } $rsa = openssl_pkey_new(array('private_key_bits' => $bits) + $config); - openssl_pkey_export($rsa, $privatekey, NULL, $config); + openssl_pkey_export($rsa, $privatekey, null, $config); $publickey = openssl_pkey_get_details($rsa); $publickey = $publickey['key']; @@ -642,12 +702,12 @@ class Crypt_RSA { $exponents[$i] = $e->modInverse($temp); } - list($lcm) = $lcm['top']->divide($lcm['bottom']); - $gcd = $lcm->gcd($e); + list($temp) = $lcm['top']->divide($lcm['bottom']); + $gcd = $temp->gcd($e); $i0 = 1; } while (!$gcd->equals($this->one)); - $d = $e->modInverse($lcm); + $d = $e->modInverse($temp); $coefficients[2] = $primes[2]->modInverse($primes[1]); @@ -682,17 +742,18 @@ class Crypt_RSA { */ function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients) { + $signed = $this->privateKeyFormat != CRYPT_RSA_PRIVATE_FORMAT_XML; $num_primes = count($primes); $raw = array( 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi - 'modulus' => $n->toBytes(true), - 'publicExponent' => $e->toBytes(true), - 'privateExponent' => $d->toBytes(true), - 'prime1' => $primes[1]->toBytes(true), - 'prime2' => $primes[2]->toBytes(true), - 'exponent1' => $exponents[1]->toBytes(true), - 'exponent2' => $exponents[2]->toBytes(true), - 'coefficient' => $coefficients[2]->toBytes(true) + 'modulus' => $n->toBytes($signed), + 'publicExponent' => $e->toBytes($signed), + 'privateExponent' => $d->toBytes($signed), + 'prime1' => $primes[1]->toBytes($signed), + 'prime2' => $primes[2]->toBytes($signed), + 'exponent1' => $exponents[1]->toBytes($signed), + 'exponent2' => $exponents[2]->toBytes($signed), + 'coefficient' => $coefficients[2]->toBytes($signed) ); // if the format in question does not support multi-prime rsa and multi-prime rsa was used, @@ -725,11 +786,11 @@ class Crypt_RSA { strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus'] ); $source = pack('Na*Na*Na*Na*', - strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, - strlen($this->comment), $this->comment, strlen($public), $public + strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, + strlen($this->comment), $this->comment, strlen($public), $public ); $public = base64_encode($public); - $key.= "Public-Lines: " . ((strlen($public) + 32) >> 6) . "\r\n"; + $key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; $key.= chunk_split($public, 64); $private = pack('Na*Na*Na*Na*', strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'], @@ -742,7 +803,7 @@ class Crypt_RSA { $private.= crypt_random_string(16 - (strlen($private) & 15)); $source.= pack('Na*', strlen($private), $private); if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + include_once 'Crypt/AES.php'; } $sequence = 0; $symkey = ''; @@ -760,10 +821,10 @@ class Crypt_RSA { } $private = base64_encode($private); - $key.= 'Private-Lines: ' . ((strlen($private) + 32) >> 6) . "\r\n"; + $key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n"; $key.= chunk_split($private, 64); if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); + include_once 'Crypt/Hash.php'; } $hash = new Crypt_Hash('sha1'); $hash->setKey(pack('H*', sha1($hashkey))); @@ -798,12 +859,58 @@ class Crypt_RSA { $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + if ($this->privateKeyFormat == CRYPT_RSA_PRIVATE_FORMAT_PKCS8) { + $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA + $RSAPrivateKey = pack('Ca*a*Ca*a*', + CRYPT_RSA_ASN1_INTEGER, "\01\00", $rsaOID, 4, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey + ); + $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + if (!empty($this->password) || is_string($this->password)) { + $salt = crypt_random_string(8); + $iterationCount = 2048; + + if (!class_exists('Crypt_DES')) { + include_once 'Crypt/DES.php'; + } + $crypto = new Crypt_DES(); + $crypto->setPassword($this->password, 'pbkdf1', 'md5', $salt, $iterationCount); + $RSAPrivateKey = $crypto->encrypt($RSAPrivateKey); + + $parameters = pack('Ca*a*Ca*N', + CRYPT_RSA_ASN1_OCTETSTRING, $this->_encodeLength(strlen($salt)), $salt, + CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(4), $iterationCount + ); + $pbeWithMD5AndDES_CBC = "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03"; + + $encryptionAlgorithm = pack('Ca*a*Ca*a*', + CRYPT_RSA_ASN1_OBJECT, $this->_encodeLength(strlen($pbeWithMD5AndDES_CBC)), $pbeWithMD5AndDES_CBC, + CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($parameters)), $parameters + ); + + $RSAPrivateKey = pack('Ca*a*Ca*a*', + CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($encryptionAlgorithm)), $encryptionAlgorithm, + CRYPT_RSA_ASN1_OCTETSTRING, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey + ); + + $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); + + $RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . + chunk_split(base64_encode($RSAPrivateKey), 64) . + '-----END ENCRYPTED PRIVATE KEY-----'; + } else { + $RSAPrivateKey = "-----BEGIN PRIVATE KEY-----\r\n" . + chunk_split(base64_encode($RSAPrivateKey), 64) . + '-----END PRIVATE KEY-----'; + } + return $RSAPrivateKey; + } + if (!empty($this->password) || is_string($this->password)) { $iv = crypt_random_string(8); $symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8); if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $des = new Crypt_TripleDES(); $des->setKey($symkey); @@ -835,8 +942,10 @@ class Crypt_RSA { */ function _convertPublicKey($n, $e) { - $modulus = $n->toBytes(true); - $publicExponent = $e->toBytes(true); + $signed = $this->publicKeyFormat != CRYPT_RSA_PUBLIC_FORMAT_XML; + + $modulus = $n->toBytes($signed); + $publicExponent = $e->toBytes($signed); switch ($this->publicKeyFormat) { case CRYPT_RSA_PUBLIC_FORMAT_RAW: @@ -872,7 +981,11 @@ class Crypt_RSA { $components['modulus'], $components['publicExponent'] ); - if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1) { + if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW) { + $RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" . + chunk_split(base64_encode($RSAPublicKey), 64) . + '-----END RSA PUBLIC KEY-----'; + } else { // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption. $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $RSAPublicKey = chr(0) . $RSAPublicKey; @@ -881,11 +994,11 @@ class Crypt_RSA { $RSAPublicKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey ); - } - $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . - chunk_split(base64_encode($RSAPublicKey), 64) . - '-----END PUBLIC KEY-----'; + $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . + chunk_split(base64_encode($RSAPublicKey), 64) . + '-----END PUBLIC KEY-----'; + } return $RSAPublicKey; } @@ -941,6 +1054,7 @@ class Crypt_RSA { } return isset($components['modulus']) && isset($components['publicExponent']) ? $components : false; case CRYPT_RSA_PRIVATE_FORMAT_PKCS1: + case CRYPT_RSA_PRIVATE_FORMAT_PKCS8: case CRYPT_RSA_PUBLIC_FORMAT_PKCS1: /* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to @@ -953,7 +1067,7 @@ class Crypt_RSA { DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell. DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's - own implementation. ie. the implementation *is* the standard and any bugs that may exist in that + own implementation. ie. the implementation *is* the standard and any bugs that may exist in that implementation are part of the standard, as well. * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */ @@ -961,41 +1075,42 @@ class Crypt_RSA { $iv = pack('H*', trim($matches[2])); $symkey = pack('H*', md5($this->password . substr($iv, 0, 8))); // symkey is short for symmetric key $symkey.= pack('H*', md5($symkey . $this->password . substr($iv, 0, 8))); - $ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-| #s', '', $key); - $ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false; + // remove the Proc-Type / DEK-Info sections as they're no longer needed + $key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key); + $ciphertext = $this->_extractBER($key); if ($ciphertext === false) { $ciphertext = $key; } switch ($matches[1]) { case 'AES-256-CBC': if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + include_once 'Crypt/AES.php'; } $crypto = new Crypt_AES(); break; case 'AES-128-CBC': if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + include_once 'Crypt/AES.php'; } $symkey = substr($symkey, 0, 16); $crypto = new Crypt_AES(); break; case 'DES-EDE3-CFB': if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CFB); break; case 'DES-EDE3-CBC': if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $symkey = substr($symkey, 0, 24); $crypto = new Crypt_TripleDES(); break; case 'DES-CBC': if (!class_exists('Crypt_DES')) { - require_once('Crypt/DES.php'); + include_once 'Crypt/DES.php'; } $crypto = new Crypt_DES(); break; @@ -1006,8 +1121,7 @@ class Crypt_RSA { $crypto->setIV($iv); $decoded = $crypto->decrypt($ciphertext); } else { - $decoded = preg_replace('#-.+-|[\r\n]| #', '', $key); - $decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false; + $decoded = $this->_extractBER($key); } if ($decoded !== false) { @@ -1031,7 +1145,9 @@ class Crypt_RSA { 7:d=1 hl=2 l= 13 cons: SEQUENCE 9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 20:d=2 hl=2 l= 0 prim: NULL - 22:d=1 hl=4 l= 609 prim: OCTET STRING */ + 22:d=1 hl=4 l= 609 prim: OCTET STRING + + ie. PKCS8 keys*/ if ($tag == CRYPT_RSA_ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") { $this->_string_shift($key, 3); @@ -1039,6 +1155,52 @@ class Crypt_RSA { } if ($tag == CRYPT_RSA_ASN1_SEQUENCE) { + $temp = $this->_string_shift($key, $this->_decodeLength($key)); + if (ord($this->_string_shift($temp)) != CRYPT_RSA_ASN1_OBJECT) { + return false; + } + $length = $this->_decodeLength($temp); + switch ($this->_string_shift($temp, $length)) { + case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption + break; + case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC + /* + PBEParameter ::= SEQUENCE { + salt OCTET STRING (SIZE(8)), + iterationCount INTEGER } + */ + if (ord($this->_string_shift($temp)) != CRYPT_RSA_ASN1_SEQUENCE) { + return false; + } + if ($this->_decodeLength($temp) != strlen($temp)) { + return false; + } + $this->_string_shift($temp); // assume it's an octet string + $salt = $this->_string_shift($temp, $this->_decodeLength($temp)); + if (ord($this->_string_shift($temp)) != CRYPT_RSA_ASN1_INTEGER) { + return false; + } + $this->_decodeLength($temp); + list(, $iterationCount) = unpack('N', str_pad($temp, 4, chr(0), STR_PAD_LEFT)); + $this->_string_shift($key); // assume it's an octet string + $length = $this->_decodeLength($key); + if (strlen($key) != $length) { + return false; + } + + if (!class_exists('Crypt_DES')) { + include_once 'Crypt/DES.php'; + } + $crypto = new Crypt_DES(); + $crypto->setPassword($this->password, 'pbkdf1', 'md5', $salt, $iterationCount); + $key = $crypto->decrypt($key); + if ($key === false) { + return false; + } + return $this->_parseKey($key, CRYPT_RSA_PRIVATE_FORMAT_PKCS1); + default: + return false; + } /* intended for keys for which OpenSSL's asn1parse returns the following: 0:d=0 hl=4 l= 290 cons: SEQUENCE @@ -1046,7 +1208,6 @@ class Crypt_RSA { 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 17:d=2 hl=2 l= 0 prim: NULL 19:d=1 hl=4 l= 271 prim: BIT STRING */ - $this->_string_shift($key, $this->_decodeLength($key)); $tag = ord($this->_string_shift($key)); // skip over the BIT STRING / OCTET STRING tag $this->_decodeLength($key); // skip over the BIT STRING / OCTET STRING length // "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of @@ -1209,7 +1370,7 @@ class Crypt_RSA { switch ($encryption) { case 'aes256-cbc': if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + include_once 'Crypt/AES.php'; } $symkey = ''; $sequence = 0; @@ -1311,9 +1472,6 @@ class Crypt_RSA { break; case 'D': $this->current = &$this->components['privateExponent']; - break; - default: - unset($this->current); } $this->current = ''; } @@ -1329,11 +1487,10 @@ class Crypt_RSA { */ function _stop_element_handler($parser, $name) { - //$name = strtoupper($name); - if ($name == 'RSAKEYVALUE') { - return; + if (isset($this->current)) { + $this->current = new Math_BigInteger(base64_decode($this->current), 256); + unset($this->current); } - $this->current = new Math_BigInteger(base64_decode($this->current), 256); } /** @@ -1364,6 +1521,53 @@ class Crypt_RSA { */ function loadKey($key, $type = false) { + if (is_object($key) && strtolower(get_class($key)) == 'crypt_rsa') { + $this->privateKeyFormat = $key->privateKeyFormat; + $this->publicKeyFormat = $key->publicKeyFormat; + $this->k = $key->k; + $this->hLen = $key->hLen; + $this->sLen = $key->sLen; + $this->mgfHLen = $key->mgfHLen; + $this->encryptionMode = $key->encryptionMode; + $this->signatureMode = $key->signatureMode; + $this->password = $key->password; + $this->configFile = $key->configFile; + $this->comment = $key->comment; + + if (is_object($key->hash)) { + $this->hash = new Crypt_Hash($key->hash->getHash()); + } + if (is_object($key->mgfHash)) { + $this->mgfHash = new Crypt_Hash($key->mgfHash->getHash()); + } + + if (is_object($key->modulus)) { + $this->modulus = $key->modulus->copy(); + } + if (is_object($key->exponent)) { + $this->exponent = $key->exponent->copy(); + } + if (is_object($key->publicExponent)) { + $this->publicExponent = $key->publicExponent->copy(); + } + + $this->primes = array(); + $this->exponents = array(); + $this->coefficients = array(); + + foreach ($this->primes as $prime) { + $this->primes[] = $prime->copy(); + } + foreach ($this->exponents as $exponent) { + $this->exponents[] = $exponent->copy(); + } + foreach ($this->coefficients as $coefficient) { + $this->coefficients[] = $coefficient->copy(); + } + + return true; + } + if ($type === false) { $types = array( CRYPT_RSA_PUBLIC_FORMAT_RAW, @@ -1378,7 +1582,7 @@ class Crypt_RSA { break; } } - + } else { $components = $this->_parseKey($key, $type); } @@ -1405,6 +1609,19 @@ class Crypt_RSA { $this->publicExponent = false; } + switch ($type) { + case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH: + case CRYPT_RSA_PUBLIC_FORMAT_RAW: + $this->setPublicKey(); + break; + case CRYPT_RSA_PRIVATE_FORMAT_PKCS1: + switch (true) { + case strpos($key, '-BEGIN PUBLIC KEY-') !== false: + case strpos($key, '-BEGIN RSA PUBLIC KEY-') !== false: + $this->setPublicKey(); + } + } + return true; } @@ -1431,7 +1648,9 @@ class Crypt_RSA { * used in certain contexts. For example, in SSH-2, RSA authentication works by sending the public key along with a * message signed by the private key to the server. The SSH-2 server looks the public key up in an index of public keys * and if it's present then proceeds to verify the signature. Problem is, if your private key doesn't include the public - * exponent this won't work unless you manually add the public exponent. + * exponent this won't work unless you manually add the public exponent. phpseclib tries to guess if the key being used + * is the public key but in the event that it guesses incorrectly you might still want to explicitly set the key as being + * public. * * Do note that when a new key is loaded the index will be cleared. * @@ -1445,6 +1664,11 @@ class Crypt_RSA { */ function setPublicKey($key = false, $type = false) { + // if a public key has already been loaded return false + if (!empty($this->publicExponent)) { + return false; + } + if ($key === false && !empty($this->modulus)) { $this->publicExponent = $this->exponent; return true; @@ -1482,6 +1706,40 @@ class Crypt_RSA { return true; } + /** + * Defines the private key + * + * If phpseclib guessed a private key was a public key and loaded it as such it might be desirable to force + * phpseclib to treat the key as a private key. This function will do that. + * + * Do note that when a new key is loaded the index will be cleared. + * + * Returns true on success, false on failure + * + * @see getPublicKey() + * @access public + * @param String $key optional + * @param Integer $type optional + * @return Boolean + */ + function setPrivateKey($key = false, $type = false) + { + if ($key === false && !empty($this->publicExponent)) { + unset($this->publicExponent); + return true; + } + + $rsa = new Crypt_RSA(); + if (!$rsa->loadKey($key, $type)) { + return false; + } + unset($rsa->publicExponent); + + // don't overwrite the old key if the new key is invalid + $this->loadKey($rsa); + return true; + } + /** * Returns the public key * @@ -1494,7 +1752,7 @@ class Crypt_RSA { * @param String $key * @param Integer $type optional */ - function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1) + function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS8) { if (empty($this->modulus) || empty($this->publicExponent)) { return false; @@ -1541,7 +1799,7 @@ class Crypt_RSA { * @param String $key * @param Integer $type optional */ - function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS1) + function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS8) { if (empty($this->modulus) || empty($this->exponent)) { return false; @@ -1569,6 +1827,18 @@ class Crypt_RSA { return $key !== false ? $key : ''; } + /** + * __clone() magic method + * + * @access public + */ + function __clone() + { + $key = new Crypt_RSA(); + $key->loadKey($this); + return $key; + } + /** * Generates the smallest and largest numbers requiring $bits bits * @@ -2061,7 +2331,7 @@ class Crypt_RSA { * * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error * messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2: - * + * * Note. Care must be taken to ensure that an opponent cannot * distinguish the different error conditions in Step 3.g, whether by * error message or timing, or, more generally, learn partial @@ -2184,11 +2454,11 @@ class Crypt_RSA { * * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}. * - * For compatability purposes, this function departs slightly from the description given in RFC3447. + * For compatibility purposes, this function departs slightly from the description given in RFC3447. * The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the * private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the * public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed - * to be 2 regardless of which key is used. For compatability purposes, we'll just check to make sure the + * to be 2 regardless of which key is used. For compatibility purposes, we'll just check to make sure the * second byte is 2 or less. If it is, we'll accept the decrypted string as valid. * * As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt @@ -2690,4 +2960,31 @@ class Crypt_RSA { return $this->_rsassa_pss_verify($message, $signature); } } + + /** + * Extract raw BER from Base64 encoding + * + * @access private + * @param String $str + * @return String + */ + function _extractBER($str) + { + /* X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them + * above and beyond the ceritificate. + * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: + * + * Bag Attributes + * localKeyID: 01 00 00 00 + * subject=/O=organization/OU=org unit/CN=common name + * issuer=/O=organization/CN=common name + */ + $temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1); + // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff + $temp = preg_replace('#-+[^-]+-+#', '', $temp); + // remove new lines + $temp = str_replace(array("\r", "\n", ' '), '', $temp); + $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false; + return $temp != false ? $temp : $str; + } } diff --git a/Crypt/Random.php b/Crypt/Random.php index d4e4898..5a3d28c 100755 --- a/Crypt/Random.php +++ b/Crypt/Random.php @@ -1,15 +1,17 @@ * @@ -21,10 +23,10 @@ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -33,186 +35,213 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Crypt - * @package Crypt_Random - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_Random + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ -/** - * "Is Windows" test - * - * @access private - */ -define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); +// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently, +// have phpseclib as a requirement as well. if you're developing such a program you may encounter +// a "Cannot redeclare crypt_random_string()" error. +if (!function_exists('crypt_random_string')) { + /** + * "Is Windows" test + * + * @access private + */ + define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); -/** - * Generate a random string. - * - * Although microoptimizations are generally discouraged as they impair readability this function is ripe with - * microoptimizations because this function has the potential of being called a huge number of times. - * eg. for RSA key generation. - * - * @param Integer $length - * @return String - * @access public - */ -function crypt_random_string($length) -{ - if (CRYPT_RANDOM_IS_WINDOWS) { - // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call. - // ie. class_alias is a function that was introduced in PHP 5.3 - if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) { - return mcrypt_create_iv($length); - } - // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was, - // to quote , "possible blocking behavior". as of 5.3.4 - // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both - // call php_win32_get_random_bytes(): - // - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008 - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392 - // - // php_win32_get_random_bytes() is defined thusly: - // - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80 - // - // we're calling it, all the same, in the off chance that the mcrypt extension is not available - if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) { - return openssl_random_pseudo_bytes($length); - } - } else { - // method 1. the fastest - if (function_exists('openssl_random_pseudo_bytes')) { - return openssl_random_pseudo_bytes($length); - } - // method 2 - static $fp = true; - if ($fp === true) { - // warning's will be output unles the error suppression operator is used. errors such as - // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc. - $fp = @fopen('/dev/urandom', 'rb'); - } - if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() - return fread($fp, $length); - } - // method 3. pretty much does the same thing as method 2 per the following url: - // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 - // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're - // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir - // restrictions or some such - if (function_exists('mcrypt_create_iv')) { - return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); - } - } - // at this point we have no choice but to use a pure-PHP CSPRNG - - // cascade entropy across multiple PHP instances by fixing the session and collecting all - // environmental variables, including the previous session data and the current session - // data. - // - // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) - // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but - // PHP isn't low level to be able to use those as sources and on a web server there's not likely - // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use - // however. a ton of people visiting the website. obviously you don't want to base your seeding - // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled - // by the user and (2) this isn't just looking at the data sent by the current user - it's based - // on the data sent by all users. one user requests the page and a hash of their info is saved. - // another user visits the page and the serialization of their data is utilized along with the - // server envirnment stuff and a hash of the previous http request data (which itself utilizes - // a hash of the session data before that). certainly an attacker should be assumed to have - // full control over his own http requests. he, however, is not going to have control over - // everyone's http requests. - static $crypto = false, $v; - if ($crypto === false) { - // save old session data - $old_session_id = session_id(); - $old_use_cookies = ini_get('session.use_cookies'); - $old_session_cache_limiter = session_cache_limiter(); - if (isset($_SESSION)) { - $_OLD_SESSION = $_SESSION; - } - if ($old_session_id != '') { - session_write_close(); - } - - session_id(1); - ini_set('session.use_cookies', 0); - session_cache_limiter(''); - session_start(); - - $v = $seed = $_SESSION['seed'] = pack('H*', sha1( - serialize($_SERVER) . - serialize($_POST) . - serialize($_GET) . - serialize($_COOKIE) . - serialize($GLOBALS) . - serialize($_SESSION) . - serialize($_OLD_SESSION) - )); - if (!isset($_SESSION['count'])) { - $_SESSION['count'] = 0; - } - $_SESSION['count']++; - - session_write_close(); - - // restore old session data - if ($old_session_id != '') { - session_id($old_session_id); - session_start(); - ini_set('session.use_cookies', $old_use_cookies); - session_cache_limiter($old_session_cache_limiter); + /** + * Generate a random string. + * + * Although microoptimizations are generally discouraged as they impair readability this function is ripe with + * microoptimizations because this function has the potential of being called a huge number of times. + * eg. for RSA key generation. + * + * @param Integer $length + * @return String + * @access public + */ + function crypt_random_string($length) + { + if (CRYPT_RANDOM_IS_WINDOWS) { + // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call. + // ie. class_alias is a function that was introduced in PHP 5.3 + if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) { + return mcrypt_create_iv($length); + } + // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was, + // to quote , "possible blocking behavior". as of 5.3.4 + // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both + // call php_win32_get_random_bytes(): + // + // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008 + // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392 + // + // php_win32_get_random_bytes() is defined thusly: + // + // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80 + // + // we're calling it, all the same, in the off chance that the mcrypt extension is not available + if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) { + return openssl_random_pseudo_bytes($length); + } } else { - if (isset($_OLD_SESSION)) { - $_SESSION = $_OLD_SESSION; - unset($_OLD_SESSION); - } else { - unset($_SESSION); + // method 1. the fastest + if (function_exists('openssl_random_pseudo_bytes')) { + return openssl_random_pseudo_bytes($length); + } + // method 2 + static $fp = true; + if ($fp === true) { + // warning's will be output unles the error suppression operator is used. errors such as + // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc. + $fp = @fopen('/dev/urandom', 'rb'); + } + if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() + return fread($fp, $length); + } + // method 3. pretty much does the same thing as method 2 per the following url: + // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 + // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're + // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir + // restrictions or some such + if (function_exists('mcrypt_create_iv')) { + return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); } } + // at this point we have no choice but to use a pure-PHP CSPRNG - // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. - // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. - // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the - // original hash and the current hash. we'll be emulating that. for more info see the following URL: + // cascade entropy across multiple PHP instances by fixing the session and collecting all + // environmental variables, including the previous session data and the current session + // data. // - // http://tools.ietf.org/html/rfc4253#section-7.2 - // - // see the is_string($crypto) part for an example of how to expand the keys - $key = pack('H*', sha1($seed . 'A')); - $iv = pack('H*', sha1($seed . 'C')); + // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) + // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but + // PHP isn't low level to be able to use those as sources and on a web server there's not likely + // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use + // however, a ton of people visiting the website. obviously you don't want to base your seeding + // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled + // by the user and (2) this isn't just looking at the data sent by the current user - it's based + // on the data sent by all users. one user requests the page and a hash of their info is saved. + // another user visits the page and the serialization of their data is utilized along with the + // server envirnment stuff and a hash of the previous http request data (which itself utilizes + // a hash of the session data before that). certainly an attacker should be assumed to have + // full control over his own http requests. he, however, is not going to have control over + // everyone's http requests. + static $crypto = false, $v; + if ($crypto === false) { + // save old session data + $old_session_id = session_id(); + $old_use_cookies = ini_get('session.use_cookies'); + $old_session_cache_limiter = session_cache_limiter(); + $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; + if ($old_session_id != '') { + session_write_close(); + } - // ciphers are used as per the nist.gov link below. also, see this link: - // - // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives - switch (true) { - case class_exists('Crypt_AES'): - $crypto = new Crypt_AES(CRYPT_AES_MODE_CTR); - break; - case class_exists('Crypt_TripleDES'): - $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); - break; - case class_exists('Crypt_DES'): - $crypto = new Crypt_DES(CRYPT_DES_MODE_CTR); - break; - case class_exists('Crypt_RC4'): - $crypto = new Crypt_RC4(); - break; - default: - $crypto = $seed; - return crypt_random_string($length); + session_id(1); + ini_set('session.use_cookies', 0); + session_cache_limiter(''); + session_start(); + + $v = $seed = $_SESSION['seed'] = pack('H*', sha1( + serialize($_SERVER) . + serialize($_POST) . + serialize($_GET) . + serialize($_COOKIE) . + serialize($GLOBALS) . + serialize($_SESSION) . + serialize($_OLD_SESSION) + )); + if (!isset($_SESSION['count'])) { + $_SESSION['count'] = 0; + } + $_SESSION['count']++; + + session_write_close(); + + // restore old session data + if ($old_session_id != '') { + session_id($old_session_id); + session_start(); + ini_set('session.use_cookies', $old_use_cookies); + session_cache_limiter($old_session_cache_limiter); + } else { + if ($_OLD_SESSION !== false) { + $_SESSION = $_OLD_SESSION; + unset($_OLD_SESSION); + } else { + unset($_SESSION); + } + } + + // in SSH2 a shared secret and an exchange hash are generated through the key exchange process. + // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. + // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the + // original hash and the current hash. we'll be emulating that. for more info see the following URL: + // + // http://tools.ietf.org/html/rfc4253#section-7.2 + // + // see the is_string($crypto) part for an example of how to expand the keys + $key = pack('H*', sha1($seed . 'A')); + $iv = pack('H*', sha1($seed . 'C')); + + // ciphers are used as per the nist.gov link below. also, see this link: + // + // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives + switch (true) { + case phpseclib_resolve_include_path('Crypt/AES.php'): + if (!class_exists('Crypt_AES')) { + include_once 'AES.php'; + } + $crypto = new Crypt_AES(CRYPT_AES_MODE_CTR); + break; + case phpseclib_resolve_include_path('Crypt/Twofish.php'): + if (!class_exists('Crypt_Twofish')) { + include_once 'Twofish.php'; + } + $crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); + break; + case phpseclib_resolve_include_path('Crypt/Blowfish.php'): + if (!class_exists('Crypt_Blowfish')) { + include_once 'Blowfish.php'; + } + $crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); + break; + case phpseclib_resolve_include_path('Crypt/TripleDES.php'): + if (!class_exists('Crypt_TripleDES')) { + include_once 'TripleDES.php'; + } + $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); + break; + case phpseclib_resolve_include_path('Crypt/DES.php'): + if (!class_exists('Crypt_DES')) { + include_once 'DES.php'; + } + $crypto = new Crypt_DES(CRYPT_DES_MODE_CTR); + break; + case phpseclib_resolve_include_path('Crypt/RC4.php'): + if (!class_exists('Crypt_RC4')) { + include_once 'RC4.php'; + } + $crypto = new Crypt_RC4(); + break; + default: + user_error('crypt_random_string requires at least one symmetric cipher be loaded'); + return false; + } + + $crypto->setKey($key); + $crypto->setIV($iv); + $crypto->enableContinuousBuffer(); } - $crypto->setKey($key); - $crypto->setIV($iv); - $crypto->enableContinuousBuffer(); - } + //return $crypto->encrypt(str_repeat("\0", $length)); - if (is_string($crypto)) { // the following is based off of ANSI X9.31: // // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf @@ -221,29 +250,51 @@ function crypt_random_string($length) // // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c // (do a search for "ANS X9.31 A.2.4") - // - // ANSI X9.31 recommends ciphers be used and phpseclib does use them if they're available (see - // later on in the code) but if they're not we'll use sha1 $result = ''; - while (strlen($result) < $length) { // each loop adds 20 bytes - // microtime() isn't packed as "densely" as it could be but then neither is that the idea. - // the idea is simply to ensure that each "block" has a unique element to it. - $i = pack('H*', sha1(microtime())); - $r = pack('H*', sha1($i ^ $v)); - $v = pack('H*', sha1($r ^ $i)); + while (strlen($result) < $length) { + $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 + $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 + $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 $result.= $r; } return substr($result, 0, $length); } - - //return $crypto->encrypt(str_repeat("\0", $length)); - - $result = ''; - while (strlen($result) < $length) { - $i = $crypto->encrypt(microtime()); - $r = $crypto->encrypt($i ^ $v); - $v = $crypto->encrypt($r ^ $i); - $result.= $r; - } - return substr($result, 0, $length); +} + +if (!function_exists('phpseclib_resolve_include_path')) { + /** + * Resolve filename against the include path. + * + * Wrapper around stream_resolve_include_path() (which was introduced in + * PHP 5.3.2) with fallback implementation for earlier PHP versions. + * + * @param string $filename + * @return mixed Filename (string) on success, false otherwise. + * @access public + */ + function phpseclib_resolve_include_path($filename) + { + if (function_exists('stream_resolve_include_path')) { + return stream_resolve_include_path($filename); + } + + // handle non-relative paths + if (file_exists($filename)) { + return realpath($filename); + } + + $paths = PATH_SEPARATOR == ':' ? + preg_split('#(? * - * @copyright MMVIII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_Rijndael + * @author Jim Wigginton + * @copyright MMVIII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ +/** + * Include Crypt_Base + * + * Base cipher class + */ +if (!class_exists('Crypt_Base')) { + include_once 'Base.php'; +} + /**#@+ * @access public * @see Crypt_Rijndael::encrypt() @@ -82,129 +91,100 @@ * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 */ -define('CRYPT_RIJNDAEL_MODE_CTR', -1); +define('CRYPT_RIJNDAEL_MODE_CTR', CRYPT_MODE_CTR); /** * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 */ -define('CRYPT_RIJNDAEL_MODE_ECB', 1); +define('CRYPT_RIJNDAEL_MODE_ECB', CRYPT_MODE_ECB); /** * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 */ -define('CRYPT_RIJNDAEL_MODE_CBC', 2); +define('CRYPT_RIJNDAEL_MODE_CBC', CRYPT_MODE_CBC); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 */ -define('CRYPT_RIJNDAEL_MODE_CFB', 3); +define('CRYPT_RIJNDAEL_MODE_CFB', CRYPT_MODE_CFB); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 */ -define('CRYPT_RIJNDAEL_MODE_OFB', 4); +define('CRYPT_RIJNDAEL_MODE_OFB', CRYPT_MODE_OFB); /**#@-*/ /**#@+ * @access private - * @see Crypt_Rijndael::Crypt_Rijndael() + * @see Crypt_Base::Crypt_Base() */ /** * Toggles the internal implementation */ -define('CRYPT_RIJNDAEL_MODE_INTERNAL', 1); +define('CRYPT_RIJNDAEL_MODE_INTERNAL', CRYPT_MODE_INTERNAL); /** * Toggles the mcrypt implementation */ -define('CRYPT_RIJNDAEL_MODE_MCRYPT', 2); +define('CRYPT_RIJNDAEL_MODE_MCRYPT', CRYPT_MODE_MCRYPT); /**#@-*/ /** * Pure-PHP implementation of Rijndael. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Crypt_Rijndael + * @author Jim Wigginton + * @access public */ -class Crypt_Rijndael { +class Crypt_Rijndael extends Crypt_Base +{ /** - * The Encryption Mode + * The default password key_size used by setPassword() * - * @see Crypt_Rijndael::Crypt_Rijndael() + * @see Crypt_Base::password_key_size + * @see Crypt_Base::setPassword() * @var Integer * @access private */ - var $mode; + var $password_key_size = 16; /** - * The Key + * The namespace used by the cipher for its constants. * - * @see Crypt_Rijndael::setKey() + * @see Crypt_Base::const_namespace * @var String * @access private */ - var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + var $const_namespace = 'RIJNDAEL'; /** - * The Initialization Vector + * The mcrypt specific name of the cipher * - * @see Crypt_Rijndael::setIV() + * Mcrypt is useable for 128/192/256-bit $block_size/$key_size. For 160/224 not. + * Crypt_Rijndael determines automatically whether mcrypt is useable + * or not for the current $block_size/$key_size. + * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. + * + * @see Crypt_Base::cipher_name_mcrypt + * @see Crypt_Base::engine + * @see _setupEngine() * @var String * @access private */ - var $iv = ''; + var $cipher_name_mcrypt = 'rijndael-128'; /** - * A "sliding" Initialization Vector + * The default salt used by setPassword() * - * @see Crypt_Rijndael::enableContinuousBuffer() + * @see Crypt_Base::password_default_salt + * @see Crypt_Base::setPassword() * @var String * @access private */ - var $encryptIV = ''; - - /** - * A "sliding" Initialization Vector - * - * @see Crypt_Rijndael::enableContinuousBuffer() - * @var String - * @access private - */ - var $decryptIV = ''; - - /** - * Continuous Buffer status - * - * @see Crypt_Rijndael::enableContinuousBuffer() - * @var Boolean - * @access private - */ - var $continuousBuffer = false; - - /** - * Padding status - * - * @see Crypt_Rijndael::enablePadding() - * @var Boolean - * @access private - */ - var $padding = true; - - /** - * Does the key schedule need to be (re)calculated? - * - * @see setKey() - * @see setBlockLength() - * @see setKeyLength() - * @var Boolean - * @access private - */ - var $changed = true; + var $password_default_salt = 'phpseclib'; /** * Has the key length explicitly been set or should it be derived from the key, itself? @@ -233,25 +213,14 @@ class Crypt_Rijndael { */ var $dw; - /** - * The Block Length - * - * @see setBlockLength() - * @var Integer - * @access private - * @internal The max value is 32, the min value is 16. All valid values are multiples of 4. Exists in conjunction with - * $Nb because we need this value and not $Nb to pad strings appropriately. - */ - var $block_size = 16; - /** * The Block Length divided by 32 * * @see setBlockLength() * @var Integer * @access private - * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size - * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could + * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size + * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. * @@ -264,8 +233,8 @@ class Crypt_Rijndael { * @see setKeyLength() * @var Integer * @access private - * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $key_size - * because the encryption / decryption / key schedule creation requires this number and not $key_size. We could + * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk + * because the encryption / decryption / key schedule creation requires this number and not $key_size. We could * derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once. */ @@ -299,76 +268,360 @@ class Crypt_Rijndael { var $c; /** - * Precomputed mixColumns table + * Holds the last used key- and block_size information * - * @see Crypt_Rijndael() * @var Array * @access private */ - var $t0; + var $kl; /** * Precomputed mixColumns table * - * @see Crypt_Rijndael() + * According to (section 5.2.1), + * precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so + * those are the names we'll use. + * + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $t1; + var $t0 = array( + 0xC66363A5, 0xF87C7C84, 0xEE777799, 0xF67B7B8D, 0xFFF2F20D, 0xD66B6BBD, 0xDE6F6FB1, 0x91C5C554, + 0x60303050, 0x02010103, 0xCE6767A9, 0x562B2B7D, 0xE7FEFE19, 0xB5D7D762, 0x4DABABE6, 0xEC76769A, + 0x8FCACA45, 0x1F82829D, 0x89C9C940, 0xFA7D7D87, 0xEFFAFA15, 0xB25959EB, 0x8E4747C9, 0xFBF0F00B, + 0x41ADADEC, 0xB3D4D467, 0x5FA2A2FD, 0x45AFAFEA, 0x239C9CBF, 0x53A4A4F7, 0xE4727296, 0x9BC0C05B, + 0x75B7B7C2, 0xE1FDFD1C, 0x3D9393AE, 0x4C26266A, 0x6C36365A, 0x7E3F3F41, 0xF5F7F702, 0x83CCCC4F, + 0x6834345C, 0x51A5A5F4, 0xD1E5E534, 0xF9F1F108, 0xE2717193, 0xABD8D873, 0x62313153, 0x2A15153F, + 0x0804040C, 0x95C7C752, 0x46232365, 0x9DC3C35E, 0x30181828, 0x379696A1, 0x0A05050F, 0x2F9A9AB5, + 0x0E070709, 0x24121236, 0x1B80809B, 0xDFE2E23D, 0xCDEBEB26, 0x4E272769, 0x7FB2B2CD, 0xEA75759F, + 0x1209091B, 0x1D83839E, 0x582C2C74, 0x341A1A2E, 0x361B1B2D, 0xDC6E6EB2, 0xB45A5AEE, 0x5BA0A0FB, + 0xA45252F6, 0x763B3B4D, 0xB7D6D661, 0x7DB3B3CE, 0x5229297B, 0xDDE3E33E, 0x5E2F2F71, 0x13848497, + 0xA65353F5, 0xB9D1D168, 0x00000000, 0xC1EDED2C, 0x40202060, 0xE3FCFC1F, 0x79B1B1C8, 0xB65B5BED, + 0xD46A6ABE, 0x8DCBCB46, 0x67BEBED9, 0x7239394B, 0x944A4ADE, 0x984C4CD4, 0xB05858E8, 0x85CFCF4A, + 0xBBD0D06B, 0xC5EFEF2A, 0x4FAAAAE5, 0xEDFBFB16, 0x864343C5, 0x9A4D4DD7, 0x66333355, 0x11858594, + 0x8A4545CF, 0xE9F9F910, 0x04020206, 0xFE7F7F81, 0xA05050F0, 0x783C3C44, 0x259F9FBA, 0x4BA8A8E3, + 0xA25151F3, 0x5DA3A3FE, 0x804040C0, 0x058F8F8A, 0x3F9292AD, 0x219D9DBC, 0x70383848, 0xF1F5F504, + 0x63BCBCDF, 0x77B6B6C1, 0xAFDADA75, 0x42212163, 0x20101030, 0xE5FFFF1A, 0xFDF3F30E, 0xBFD2D26D, + 0x81CDCD4C, 0x180C0C14, 0x26131335, 0xC3ECEC2F, 0xBE5F5FE1, 0x359797A2, 0x884444CC, 0x2E171739, + 0x93C4C457, 0x55A7A7F2, 0xFC7E7E82, 0x7A3D3D47, 0xC86464AC, 0xBA5D5DE7, 0x3219192B, 0xE6737395, + 0xC06060A0, 0x19818198, 0x9E4F4FD1, 0xA3DCDC7F, 0x44222266, 0x542A2A7E, 0x3B9090AB, 0x0B888883, + 0x8C4646CA, 0xC7EEEE29, 0x6BB8B8D3, 0x2814143C, 0xA7DEDE79, 0xBC5E5EE2, 0x160B0B1D, 0xADDBDB76, + 0xDBE0E03B, 0x64323256, 0x743A3A4E, 0x140A0A1E, 0x924949DB, 0x0C06060A, 0x4824246C, 0xB85C5CE4, + 0x9FC2C25D, 0xBDD3D36E, 0x43ACACEF, 0xC46262A6, 0x399191A8, 0x319595A4, 0xD3E4E437, 0xF279798B, + 0xD5E7E732, 0x8BC8C843, 0x6E373759, 0xDA6D6DB7, 0x018D8D8C, 0xB1D5D564, 0x9C4E4ED2, 0x49A9A9E0, + 0xD86C6CB4, 0xAC5656FA, 0xF3F4F407, 0xCFEAEA25, 0xCA6565AF, 0xF47A7A8E, 0x47AEAEE9, 0x10080818, + 0x6FBABAD5, 0xF0787888, 0x4A25256F, 0x5C2E2E72, 0x381C1C24, 0x57A6A6F1, 0x73B4B4C7, 0x97C6C651, + 0xCBE8E823, 0xA1DDDD7C, 0xE874749C, 0x3E1F1F21, 0x964B4BDD, 0x61BDBDDC, 0x0D8B8B86, 0x0F8A8A85, + 0xE0707090, 0x7C3E3E42, 0x71B5B5C4, 0xCC6666AA, 0x904848D8, 0x06030305, 0xF7F6F601, 0x1C0E0E12, + 0xC26161A3, 0x6A35355F, 0xAE5757F9, 0x69B9B9D0, 0x17868691, 0x99C1C158, 0x3A1D1D27, 0x279E9EB9, + 0xD9E1E138, 0xEBF8F813, 0x2B9898B3, 0x22111133, 0xD26969BB, 0xA9D9D970, 0x078E8E89, 0x339494A7, + 0x2D9B9BB6, 0x3C1E1E22, 0x15878792, 0xC9E9E920, 0x87CECE49, 0xAA5555FF, 0x50282878, 0xA5DFDF7A, + 0x038C8C8F, 0x59A1A1F8, 0x09898980, 0x1A0D0D17, 0x65BFBFDA, 0xD7E6E631, 0x844242C6, 0xD06868B8, + 0x824141C3, 0x299999B0, 0x5A2D2D77, 0x1E0F0F11, 0x7BB0B0CB, 0xA85454FC, 0x6DBBBBD6, 0x2C16163A + ); /** * Precomputed mixColumns table * - * @see Crypt_Rijndael() + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $t2; + var $t1 = array( + 0xA5C66363, 0x84F87C7C, 0x99EE7777, 0x8DF67B7B, 0x0DFFF2F2, 0xBDD66B6B, 0xB1DE6F6F, 0x5491C5C5, + 0x50603030, 0x03020101, 0xA9CE6767, 0x7D562B2B, 0x19E7FEFE, 0x62B5D7D7, 0xE64DABAB, 0x9AEC7676, + 0x458FCACA, 0x9D1F8282, 0x4089C9C9, 0x87FA7D7D, 0x15EFFAFA, 0xEBB25959, 0xC98E4747, 0x0BFBF0F0, + 0xEC41ADAD, 0x67B3D4D4, 0xFD5FA2A2, 0xEA45AFAF, 0xBF239C9C, 0xF753A4A4, 0x96E47272, 0x5B9BC0C0, + 0xC275B7B7, 0x1CE1FDFD, 0xAE3D9393, 0x6A4C2626, 0x5A6C3636, 0x417E3F3F, 0x02F5F7F7, 0x4F83CCCC, + 0x5C683434, 0xF451A5A5, 0x34D1E5E5, 0x08F9F1F1, 0x93E27171, 0x73ABD8D8, 0x53623131, 0x3F2A1515, + 0x0C080404, 0x5295C7C7, 0x65462323, 0x5E9DC3C3, 0x28301818, 0xA1379696, 0x0F0A0505, 0xB52F9A9A, + 0x090E0707, 0x36241212, 0x9B1B8080, 0x3DDFE2E2, 0x26CDEBEB, 0x694E2727, 0xCD7FB2B2, 0x9FEA7575, + 0x1B120909, 0x9E1D8383, 0x74582C2C, 0x2E341A1A, 0x2D361B1B, 0xB2DC6E6E, 0xEEB45A5A, 0xFB5BA0A0, + 0xF6A45252, 0x4D763B3B, 0x61B7D6D6, 0xCE7DB3B3, 0x7B522929, 0x3EDDE3E3, 0x715E2F2F, 0x97138484, + 0xF5A65353, 0x68B9D1D1, 0x00000000, 0x2CC1EDED, 0x60402020, 0x1FE3FCFC, 0xC879B1B1, 0xEDB65B5B, + 0xBED46A6A, 0x468DCBCB, 0xD967BEBE, 0x4B723939, 0xDE944A4A, 0xD4984C4C, 0xE8B05858, 0x4A85CFCF, + 0x6BBBD0D0, 0x2AC5EFEF, 0xE54FAAAA, 0x16EDFBFB, 0xC5864343, 0xD79A4D4D, 0x55663333, 0x94118585, + 0xCF8A4545, 0x10E9F9F9, 0x06040202, 0x81FE7F7F, 0xF0A05050, 0x44783C3C, 0xBA259F9F, 0xE34BA8A8, + 0xF3A25151, 0xFE5DA3A3, 0xC0804040, 0x8A058F8F, 0xAD3F9292, 0xBC219D9D, 0x48703838, 0x04F1F5F5, + 0xDF63BCBC, 0xC177B6B6, 0x75AFDADA, 0x63422121, 0x30201010, 0x1AE5FFFF, 0x0EFDF3F3, 0x6DBFD2D2, + 0x4C81CDCD, 0x14180C0C, 0x35261313, 0x2FC3ECEC, 0xE1BE5F5F, 0xA2359797, 0xCC884444, 0x392E1717, + 0x5793C4C4, 0xF255A7A7, 0x82FC7E7E, 0x477A3D3D, 0xACC86464, 0xE7BA5D5D, 0x2B321919, 0x95E67373, + 0xA0C06060, 0x98198181, 0xD19E4F4F, 0x7FA3DCDC, 0x66442222, 0x7E542A2A, 0xAB3B9090, 0x830B8888, + 0xCA8C4646, 0x29C7EEEE, 0xD36BB8B8, 0x3C281414, 0x79A7DEDE, 0xE2BC5E5E, 0x1D160B0B, 0x76ADDBDB, + 0x3BDBE0E0, 0x56643232, 0x4E743A3A, 0x1E140A0A, 0xDB924949, 0x0A0C0606, 0x6C482424, 0xE4B85C5C, + 0x5D9FC2C2, 0x6EBDD3D3, 0xEF43ACAC, 0xA6C46262, 0xA8399191, 0xA4319595, 0x37D3E4E4, 0x8BF27979, + 0x32D5E7E7, 0x438BC8C8, 0x596E3737, 0xB7DA6D6D, 0x8C018D8D, 0x64B1D5D5, 0xD29C4E4E, 0xE049A9A9, + 0xB4D86C6C, 0xFAAC5656, 0x07F3F4F4, 0x25CFEAEA, 0xAFCA6565, 0x8EF47A7A, 0xE947AEAE, 0x18100808, + 0xD56FBABA, 0x88F07878, 0x6F4A2525, 0x725C2E2E, 0x24381C1C, 0xF157A6A6, 0xC773B4B4, 0x5197C6C6, + 0x23CBE8E8, 0x7CA1DDDD, 0x9CE87474, 0x213E1F1F, 0xDD964B4B, 0xDC61BDBD, 0x860D8B8B, 0x850F8A8A, + 0x90E07070, 0x427C3E3E, 0xC471B5B5, 0xAACC6666, 0xD8904848, 0x05060303, 0x01F7F6F6, 0x121C0E0E, + 0xA3C26161, 0x5F6A3535, 0xF9AE5757, 0xD069B9B9, 0x91178686, 0x5899C1C1, 0x273A1D1D, 0xB9279E9E, + 0x38D9E1E1, 0x13EBF8F8, 0xB32B9898, 0x33221111, 0xBBD26969, 0x70A9D9D9, 0x89078E8E, 0xA7339494, + 0xB62D9B9B, 0x223C1E1E, 0x92158787, 0x20C9E9E9, 0x4987CECE, 0xFFAA5555, 0x78502828, 0x7AA5DFDF, + 0x8F038C8C, 0xF859A1A1, 0x80098989, 0x171A0D0D, 0xDA65BFBF, 0x31D7E6E6, 0xC6844242, 0xB8D06868, + 0xC3824141, 0xB0299999, 0x775A2D2D, 0x111E0F0F, 0xCB7BB0B0, 0xFCA85454, 0xD66DBBBB, 0x3A2C1616 + ); /** * Precomputed mixColumns table * - * @see Crypt_Rijndael() + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $t3; + var $t2 = array( + 0x63A5C663, 0x7C84F87C, 0x7799EE77, 0x7B8DF67B, 0xF20DFFF2, 0x6BBDD66B, 0x6FB1DE6F, 0xC55491C5, + 0x30506030, 0x01030201, 0x67A9CE67, 0x2B7D562B, 0xFE19E7FE, 0xD762B5D7, 0xABE64DAB, 0x769AEC76, + 0xCA458FCA, 0x829D1F82, 0xC94089C9, 0x7D87FA7D, 0xFA15EFFA, 0x59EBB259, 0x47C98E47, 0xF00BFBF0, + 0xADEC41AD, 0xD467B3D4, 0xA2FD5FA2, 0xAFEA45AF, 0x9CBF239C, 0xA4F753A4, 0x7296E472, 0xC05B9BC0, + 0xB7C275B7, 0xFD1CE1FD, 0x93AE3D93, 0x266A4C26, 0x365A6C36, 0x3F417E3F, 0xF702F5F7, 0xCC4F83CC, + 0x345C6834, 0xA5F451A5, 0xE534D1E5, 0xF108F9F1, 0x7193E271, 0xD873ABD8, 0x31536231, 0x153F2A15, + 0x040C0804, 0xC75295C7, 0x23654623, 0xC35E9DC3, 0x18283018, 0x96A13796, 0x050F0A05, 0x9AB52F9A, + 0x07090E07, 0x12362412, 0x809B1B80, 0xE23DDFE2, 0xEB26CDEB, 0x27694E27, 0xB2CD7FB2, 0x759FEA75, + 0x091B1209, 0x839E1D83, 0x2C74582C, 0x1A2E341A, 0x1B2D361B, 0x6EB2DC6E, 0x5AEEB45A, 0xA0FB5BA0, + 0x52F6A452, 0x3B4D763B, 0xD661B7D6, 0xB3CE7DB3, 0x297B5229, 0xE33EDDE3, 0x2F715E2F, 0x84971384, + 0x53F5A653, 0xD168B9D1, 0x00000000, 0xED2CC1ED, 0x20604020, 0xFC1FE3FC, 0xB1C879B1, 0x5BEDB65B, + 0x6ABED46A, 0xCB468DCB, 0xBED967BE, 0x394B7239, 0x4ADE944A, 0x4CD4984C, 0x58E8B058, 0xCF4A85CF, + 0xD06BBBD0, 0xEF2AC5EF, 0xAAE54FAA, 0xFB16EDFB, 0x43C58643, 0x4DD79A4D, 0x33556633, 0x85941185, + 0x45CF8A45, 0xF910E9F9, 0x02060402, 0x7F81FE7F, 0x50F0A050, 0x3C44783C, 0x9FBA259F, 0xA8E34BA8, + 0x51F3A251, 0xA3FE5DA3, 0x40C08040, 0x8F8A058F, 0x92AD3F92, 0x9DBC219D, 0x38487038, 0xF504F1F5, + 0xBCDF63BC, 0xB6C177B6, 0xDA75AFDA, 0x21634221, 0x10302010, 0xFF1AE5FF, 0xF30EFDF3, 0xD26DBFD2, + 0xCD4C81CD, 0x0C14180C, 0x13352613, 0xEC2FC3EC, 0x5FE1BE5F, 0x97A23597, 0x44CC8844, 0x17392E17, + 0xC45793C4, 0xA7F255A7, 0x7E82FC7E, 0x3D477A3D, 0x64ACC864, 0x5DE7BA5D, 0x192B3219, 0x7395E673, + 0x60A0C060, 0x81981981, 0x4FD19E4F, 0xDC7FA3DC, 0x22664422, 0x2A7E542A, 0x90AB3B90, 0x88830B88, + 0x46CA8C46, 0xEE29C7EE, 0xB8D36BB8, 0x143C2814, 0xDE79A7DE, 0x5EE2BC5E, 0x0B1D160B, 0xDB76ADDB, + 0xE03BDBE0, 0x32566432, 0x3A4E743A, 0x0A1E140A, 0x49DB9249, 0x060A0C06, 0x246C4824, 0x5CE4B85C, + 0xC25D9FC2, 0xD36EBDD3, 0xACEF43AC, 0x62A6C462, 0x91A83991, 0x95A43195, 0xE437D3E4, 0x798BF279, + 0xE732D5E7, 0xC8438BC8, 0x37596E37, 0x6DB7DA6D, 0x8D8C018D, 0xD564B1D5, 0x4ED29C4E, 0xA9E049A9, + 0x6CB4D86C, 0x56FAAC56, 0xF407F3F4, 0xEA25CFEA, 0x65AFCA65, 0x7A8EF47A, 0xAEE947AE, 0x08181008, + 0xBAD56FBA, 0x7888F078, 0x256F4A25, 0x2E725C2E, 0x1C24381C, 0xA6F157A6, 0xB4C773B4, 0xC65197C6, + 0xE823CBE8, 0xDD7CA1DD, 0x749CE874, 0x1F213E1F, 0x4BDD964B, 0xBDDC61BD, 0x8B860D8B, 0x8A850F8A, + 0x7090E070, 0x3E427C3E, 0xB5C471B5, 0x66AACC66, 0x48D89048, 0x03050603, 0xF601F7F6, 0x0E121C0E, + 0x61A3C261, 0x355F6A35, 0x57F9AE57, 0xB9D069B9, 0x86911786, 0xC15899C1, 0x1D273A1D, 0x9EB9279E, + 0xE138D9E1, 0xF813EBF8, 0x98B32B98, 0x11332211, 0x69BBD269, 0xD970A9D9, 0x8E89078E, 0x94A73394, + 0x9BB62D9B, 0x1E223C1E, 0x87921587, 0xE920C9E9, 0xCE4987CE, 0x55FFAA55, 0x28785028, 0xDF7AA5DF, + 0x8C8F038C, 0xA1F859A1, 0x89800989, 0x0D171A0D, 0xBFDA65BF, 0xE631D7E6, 0x42C68442, 0x68B8D068, + 0x41C38241, 0x99B02999, 0x2D775A2D, 0x0F111E0F, 0xB0CB7BB0, 0x54FCA854, 0xBBD66DBB, 0x163A2C16 + ); + + /** + * Precomputed mixColumns table + * + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() + * @var Array + * @access private + */ + var $t3 = array( + 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, + 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, + 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, + 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, + 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, + 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, + 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, + 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, + 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, + 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, + 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, + 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, + 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, + 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, + 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, + 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, + 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, + 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, + 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, + 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, + 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, + 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, + 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, + 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, + 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, + 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, + 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, + 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, + 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, + 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, + 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, + 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C + ); /** * Precomputed invMixColumns table * - * @see Crypt_Rijndael() + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $dt0; + var $dt0 = array( + 0x51F4A750, 0x7E416553, 0x1A17A4C3, 0x3A275E96, 0x3BAB6BCB, 0x1F9D45F1, 0xACFA58AB, 0x4BE30393, + 0x2030FA55, 0xAD766DF6, 0x88CC7691, 0xF5024C25, 0x4FE5D7FC, 0xC52ACBD7, 0x26354480, 0xB562A38F, + 0xDEB15A49, 0x25BA1B67, 0x45EA0E98, 0x5DFEC0E1, 0xC32F7502, 0x814CF012, 0x8D4697A3, 0x6BD3F9C6, + 0x038F5FE7, 0x15929C95, 0xBF6D7AEB, 0x955259DA, 0xD4BE832D, 0x587421D3, 0x49E06929, 0x8EC9C844, + 0x75C2896A, 0xF48E7978, 0x99583E6B, 0x27B971DD, 0xBEE14FB6, 0xF088AD17, 0xC920AC66, 0x7DCE3AB4, + 0x63DF4A18, 0xE51A3182, 0x97513360, 0x62537F45, 0xB16477E0, 0xBB6BAE84, 0xFE81A01C, 0xF9082B94, + 0x70486858, 0x8F45FD19, 0x94DE6C87, 0x527BF8B7, 0xAB73D323, 0x724B02E2, 0xE31F8F57, 0x6655AB2A, + 0xB2EB2807, 0x2FB5C203, 0x86C57B9A, 0xD33708A5, 0x302887F2, 0x23BFA5B2, 0x02036ABA, 0xED16825C, + 0x8ACF1C2B, 0xA779B492, 0xF307F2F0, 0x4E69E2A1, 0x65DAF4CD, 0x0605BED5, 0xD134621F, 0xC4A6FE8A, + 0x342E539D, 0xA2F355A0, 0x058AE132, 0xA4F6EB75, 0x0B83EC39, 0x4060EFAA, 0x5E719F06, 0xBD6E1051, + 0x3E218AF9, 0x96DD063D, 0xDD3E05AE, 0x4DE6BD46, 0x91548DB5, 0x71C45D05, 0x0406D46F, 0x605015FF, + 0x1998FB24, 0xD6BDE997, 0x894043CC, 0x67D99E77, 0xB0E842BD, 0x07898B88, 0xE7195B38, 0x79C8EEDB, + 0xA17C0A47, 0x7C420FE9, 0xF8841EC9, 0x00000000, 0x09808683, 0x322BED48, 0x1E1170AC, 0x6C5A724E, + 0xFD0EFFFB, 0x0F853856, 0x3DAED51E, 0x362D3927, 0x0A0FD964, 0x685CA621, 0x9B5B54D1, 0x24362E3A, + 0x0C0A67B1, 0x9357E70F, 0xB4EE96D2, 0x1B9B919E, 0x80C0C54F, 0x61DC20A2, 0x5A774B69, 0x1C121A16, + 0xE293BA0A, 0xC0A02AE5, 0x3C22E043, 0x121B171D, 0x0E090D0B, 0xF28BC7AD, 0x2DB6A8B9, 0x141EA9C8, + 0x57F11985, 0xAF75074C, 0xEE99DDBB, 0xA37F60FD, 0xF701269F, 0x5C72F5BC, 0x44663BC5, 0x5BFB7E34, + 0x8B432976, 0xCB23C6DC, 0xB6EDFC68, 0xB8E4F163, 0xD731DCCA, 0x42638510, 0x13972240, 0x84C61120, + 0x854A247D, 0xD2BB3DF8, 0xAEF93211, 0xC729A16D, 0x1D9E2F4B, 0xDCB230F3, 0x0D8652EC, 0x77C1E3D0, + 0x2BB3166C, 0xA970B999, 0x119448FA, 0x47E96422, 0xA8FC8CC4, 0xA0F03F1A, 0x567D2CD8, 0x223390EF, + 0x87494EC7, 0xD938D1C1, 0x8CCAA2FE, 0x98D40B36, 0xA6F581CF, 0xA57ADE28, 0xDAB78E26, 0x3FADBFA4, + 0x2C3A9DE4, 0x5078920D, 0x6A5FCC9B, 0x547E4662, 0xF68D13C2, 0x90D8B8E8, 0x2E39F75E, 0x82C3AFF5, + 0x9F5D80BE, 0x69D0937C, 0x6FD52DA9, 0xCF2512B3, 0xC8AC993B, 0x10187DA7, 0xE89C636E, 0xDB3BBB7B, + 0xCD267809, 0x6E5918F4, 0xEC9AB701, 0x834F9AA8, 0xE6956E65, 0xAAFFE67E, 0x21BCCF08, 0xEF15E8E6, + 0xBAE79BD9, 0x4A6F36CE, 0xEA9F09D4, 0x29B07CD6, 0x31A4B2AF, 0x2A3F2331, 0xC6A59430, 0x35A266C0, + 0x744EBC37, 0xFC82CAA6, 0xE090D0B0, 0x33A7D815, 0xF104984A, 0x41ECDAF7, 0x7FCD500E, 0x1791F62F, + 0x764DD68D, 0x43EFB04D, 0xCCAA4D54, 0xE49604DF, 0x9ED1B5E3, 0x4C6A881B, 0xC12C1FB8, 0x4665517F, + 0x9D5EEA04, 0x018C355D, 0xFA877473, 0xFB0B412E, 0xB3671D5A, 0x92DBD252, 0xE9105633, 0x6DD64713, + 0x9AD7618C, 0x37A10C7A, 0x59F8148E, 0xEB133C89, 0xCEA927EE, 0xB761C935, 0xE11CE5ED, 0x7A47B13C, + 0x9CD2DF59, 0x55F2733F, 0x1814CE79, 0x73C737BF, 0x53F7CDEA, 0x5FFDAA5B, 0xDF3D6F14, 0x7844DB86, + 0xCAAFF381, 0xB968C43E, 0x3824342C, 0xC2A3405F, 0x161DC372, 0xBCE2250C, 0x283C498B, 0xFF0D9541, + 0x39A80171, 0x080CB3DE, 0xD8B4E49C, 0x6456C190, 0x7BCB8461, 0xD532B670, 0x486C5C74, 0xD0B85742 + ); /** * Precomputed invMixColumns table * - * @see Crypt_Rijndael() + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $dt1; + var $dt1 = array( + 0x5051F4A7, 0x537E4165, 0xC31A17A4, 0x963A275E, 0xCB3BAB6B, 0xF11F9D45, 0xABACFA58, 0x934BE303, + 0x552030FA, 0xF6AD766D, 0x9188CC76, 0x25F5024C, 0xFC4FE5D7, 0xD7C52ACB, 0x80263544, 0x8FB562A3, + 0x49DEB15A, 0x6725BA1B, 0x9845EA0E, 0xE15DFEC0, 0x02C32F75, 0x12814CF0, 0xA38D4697, 0xC66BD3F9, + 0xE7038F5F, 0x9515929C, 0xEBBF6D7A, 0xDA955259, 0x2DD4BE83, 0xD3587421, 0x2949E069, 0x448EC9C8, + 0x6A75C289, 0x78F48E79, 0x6B99583E, 0xDD27B971, 0xB6BEE14F, 0x17F088AD, 0x66C920AC, 0xB47DCE3A, + 0x1863DF4A, 0x82E51A31, 0x60975133, 0x4562537F, 0xE0B16477, 0x84BB6BAE, 0x1CFE81A0, 0x94F9082B, + 0x58704868, 0x198F45FD, 0x8794DE6C, 0xB7527BF8, 0x23AB73D3, 0xE2724B02, 0x57E31F8F, 0x2A6655AB, + 0x07B2EB28, 0x032FB5C2, 0x9A86C57B, 0xA5D33708, 0xF2302887, 0xB223BFA5, 0xBA02036A, 0x5CED1682, + 0x2B8ACF1C, 0x92A779B4, 0xF0F307F2, 0xA14E69E2, 0xCD65DAF4, 0xD50605BE, 0x1FD13462, 0x8AC4A6FE, + 0x9D342E53, 0xA0A2F355, 0x32058AE1, 0x75A4F6EB, 0x390B83EC, 0xAA4060EF, 0x065E719F, 0x51BD6E10, + 0xF93E218A, 0x3D96DD06, 0xAEDD3E05, 0x464DE6BD, 0xB591548D, 0x0571C45D, 0x6F0406D4, 0xFF605015, + 0x241998FB, 0x97D6BDE9, 0xCC894043, 0x7767D99E, 0xBDB0E842, 0x8807898B, 0x38E7195B, 0xDB79C8EE, + 0x47A17C0A, 0xE97C420F, 0xC9F8841E, 0x00000000, 0x83098086, 0x48322BED, 0xAC1E1170, 0x4E6C5A72, + 0xFBFD0EFF, 0x560F8538, 0x1E3DAED5, 0x27362D39, 0x640A0FD9, 0x21685CA6, 0xD19B5B54, 0x3A24362E, + 0xB10C0A67, 0x0F9357E7, 0xD2B4EE96, 0x9E1B9B91, 0x4F80C0C5, 0xA261DC20, 0x695A774B, 0x161C121A, + 0x0AE293BA, 0xE5C0A02A, 0x433C22E0, 0x1D121B17, 0x0B0E090D, 0xADF28BC7, 0xB92DB6A8, 0xC8141EA9, + 0x8557F119, 0x4CAF7507, 0xBBEE99DD, 0xFDA37F60, 0x9FF70126, 0xBC5C72F5, 0xC544663B, 0x345BFB7E, + 0x768B4329, 0xDCCB23C6, 0x68B6EDFC, 0x63B8E4F1, 0xCAD731DC, 0x10426385, 0x40139722, 0x2084C611, + 0x7D854A24, 0xF8D2BB3D, 0x11AEF932, 0x6DC729A1, 0x4B1D9E2F, 0xF3DCB230, 0xEC0D8652, 0xD077C1E3, + 0x6C2BB316, 0x99A970B9, 0xFA119448, 0x2247E964, 0xC4A8FC8C, 0x1AA0F03F, 0xD8567D2C, 0xEF223390, + 0xC787494E, 0xC1D938D1, 0xFE8CCAA2, 0x3698D40B, 0xCFA6F581, 0x28A57ADE, 0x26DAB78E, 0xA43FADBF, + 0xE42C3A9D, 0x0D507892, 0x9B6A5FCC, 0x62547E46, 0xC2F68D13, 0xE890D8B8, 0x5E2E39F7, 0xF582C3AF, + 0xBE9F5D80, 0x7C69D093, 0xA96FD52D, 0xB3CF2512, 0x3BC8AC99, 0xA710187D, 0x6EE89C63, 0x7BDB3BBB, + 0x09CD2678, 0xF46E5918, 0x01EC9AB7, 0xA8834F9A, 0x65E6956E, 0x7EAAFFE6, 0x0821BCCF, 0xE6EF15E8, + 0xD9BAE79B, 0xCE4A6F36, 0xD4EA9F09, 0xD629B07C, 0xAF31A4B2, 0x312A3F23, 0x30C6A594, 0xC035A266, + 0x37744EBC, 0xA6FC82CA, 0xB0E090D0, 0x1533A7D8, 0x4AF10498, 0xF741ECDA, 0x0E7FCD50, 0x2F1791F6, + 0x8D764DD6, 0x4D43EFB0, 0x54CCAA4D, 0xDFE49604, 0xE39ED1B5, 0x1B4C6A88, 0xB8C12C1F, 0x7F466551, + 0x049D5EEA, 0x5D018C35, 0x73FA8774, 0x2EFB0B41, 0x5AB3671D, 0x5292DBD2, 0x33E91056, 0x136DD647, + 0x8C9AD761, 0x7A37A10C, 0x8E59F814, 0x89EB133C, 0xEECEA927, 0x35B761C9, 0xEDE11CE5, 0x3C7A47B1, + 0x599CD2DF, 0x3F55F273, 0x791814CE, 0xBF73C737, 0xEA53F7CD, 0x5B5FFDAA, 0x14DF3D6F, 0x867844DB, + 0x81CAAFF3, 0x3EB968C4, 0x2C382434, 0x5FC2A340, 0x72161DC3, 0x0CBCE225, 0x8B283C49, 0x41FF0D95, + 0x7139A801, 0xDE080CB3, 0x9CD8B4E4, 0x906456C1, 0x617BCB84, 0x70D532B6, 0x74486C5C, 0x42D0B857 + ); /** * Precomputed invMixColumns table * - * @see Crypt_Rijndael() + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $dt2; + var $dt2 = array( + 0xA75051F4, 0x65537E41, 0xA4C31A17, 0x5E963A27, 0x6BCB3BAB, 0x45F11F9D, 0x58ABACFA, 0x03934BE3, + 0xFA552030, 0x6DF6AD76, 0x769188CC, 0x4C25F502, 0xD7FC4FE5, 0xCBD7C52A, 0x44802635, 0xA38FB562, + 0x5A49DEB1, 0x1B6725BA, 0x0E9845EA, 0xC0E15DFE, 0x7502C32F, 0xF012814C, 0x97A38D46, 0xF9C66BD3, + 0x5FE7038F, 0x9C951592, 0x7AEBBF6D, 0x59DA9552, 0x832DD4BE, 0x21D35874, 0x692949E0, 0xC8448EC9, + 0x896A75C2, 0x7978F48E, 0x3E6B9958, 0x71DD27B9, 0x4FB6BEE1, 0xAD17F088, 0xAC66C920, 0x3AB47DCE, + 0x4A1863DF, 0x3182E51A, 0x33609751, 0x7F456253, 0x77E0B164, 0xAE84BB6B, 0xA01CFE81, 0x2B94F908, + 0x68587048, 0xFD198F45, 0x6C8794DE, 0xF8B7527B, 0xD323AB73, 0x02E2724B, 0x8F57E31F, 0xAB2A6655, + 0x2807B2EB, 0xC2032FB5, 0x7B9A86C5, 0x08A5D337, 0x87F23028, 0xA5B223BF, 0x6ABA0203, 0x825CED16, + 0x1C2B8ACF, 0xB492A779, 0xF2F0F307, 0xE2A14E69, 0xF4CD65DA, 0xBED50605, 0x621FD134, 0xFE8AC4A6, + 0x539D342E, 0x55A0A2F3, 0xE132058A, 0xEB75A4F6, 0xEC390B83, 0xEFAA4060, 0x9F065E71, 0x1051BD6E, + 0x8AF93E21, 0x063D96DD, 0x05AEDD3E, 0xBD464DE6, 0x8DB59154, 0x5D0571C4, 0xD46F0406, 0x15FF6050, + 0xFB241998, 0xE997D6BD, 0x43CC8940, 0x9E7767D9, 0x42BDB0E8, 0x8B880789, 0x5B38E719, 0xEEDB79C8, + 0x0A47A17C, 0x0FE97C42, 0x1EC9F884, 0x00000000, 0x86830980, 0xED48322B, 0x70AC1E11, 0x724E6C5A, + 0xFFFBFD0E, 0x38560F85, 0xD51E3DAE, 0x3927362D, 0xD9640A0F, 0xA621685C, 0x54D19B5B, 0x2E3A2436, + 0x67B10C0A, 0xE70F9357, 0x96D2B4EE, 0x919E1B9B, 0xC54F80C0, 0x20A261DC, 0x4B695A77, 0x1A161C12, + 0xBA0AE293, 0x2AE5C0A0, 0xE0433C22, 0x171D121B, 0x0D0B0E09, 0xC7ADF28B, 0xA8B92DB6, 0xA9C8141E, + 0x198557F1, 0x074CAF75, 0xDDBBEE99, 0x60FDA37F, 0x269FF701, 0xF5BC5C72, 0x3BC54466, 0x7E345BFB, + 0x29768B43, 0xC6DCCB23, 0xFC68B6ED, 0xF163B8E4, 0xDCCAD731, 0x85104263, 0x22401397, 0x112084C6, + 0x247D854A, 0x3DF8D2BB, 0x3211AEF9, 0xA16DC729, 0x2F4B1D9E, 0x30F3DCB2, 0x52EC0D86, 0xE3D077C1, + 0x166C2BB3, 0xB999A970, 0x48FA1194, 0x642247E9, 0x8CC4A8FC, 0x3F1AA0F0, 0x2CD8567D, 0x90EF2233, + 0x4EC78749, 0xD1C1D938, 0xA2FE8CCA, 0x0B3698D4, 0x81CFA6F5, 0xDE28A57A, 0x8E26DAB7, 0xBFA43FAD, + 0x9DE42C3A, 0x920D5078, 0xCC9B6A5F, 0x4662547E, 0x13C2F68D, 0xB8E890D8, 0xF75E2E39, 0xAFF582C3, + 0x80BE9F5D, 0x937C69D0, 0x2DA96FD5, 0x12B3CF25, 0x993BC8AC, 0x7DA71018, 0x636EE89C, 0xBB7BDB3B, + 0x7809CD26, 0x18F46E59, 0xB701EC9A, 0x9AA8834F, 0x6E65E695, 0xE67EAAFF, 0xCF0821BC, 0xE8E6EF15, + 0x9BD9BAE7, 0x36CE4A6F, 0x09D4EA9F, 0x7CD629B0, 0xB2AF31A4, 0x23312A3F, 0x9430C6A5, 0x66C035A2, + 0xBC37744E, 0xCAA6FC82, 0xD0B0E090, 0xD81533A7, 0x984AF104, 0xDAF741EC, 0x500E7FCD, 0xF62F1791, + 0xD68D764D, 0xB04D43EF, 0x4D54CCAA, 0x04DFE496, 0xB5E39ED1, 0x881B4C6A, 0x1FB8C12C, 0x517F4665, + 0xEA049D5E, 0x355D018C, 0x7473FA87, 0x412EFB0B, 0x1D5AB367, 0xD25292DB, 0x5633E910, 0x47136DD6, + 0x618C9AD7, 0x0C7A37A1, 0x148E59F8, 0x3C89EB13, 0x27EECEA9, 0xC935B761, 0xE5EDE11C, 0xB13C7A47, + 0xDF599CD2, 0x733F55F2, 0xCE791814, 0x37BF73C7, 0xCDEA53F7, 0xAA5B5FFD, 0x6F14DF3D, 0xDB867844, + 0xF381CAAF, 0xC43EB968, 0x342C3824, 0x405FC2A3, 0xC372161D, 0x250CBCE2, 0x498B283C, 0x9541FF0D, + 0x017139A8, 0xB3DE080C, 0xE49CD8B4, 0xC1906456, 0x84617BCB, 0xB670D532, 0x5C74486C, 0x5742D0B8 + ); /** * Precomputed invMixColumns table * - * @see Crypt_Rijndael() + * @see Crypt_Rijndael:_encryptBlock() + * @see Crypt_Rijndael:_decryptBlock() * @var Array * @access private */ - var $dt3; + var $dt3 = array( + 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, + 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, + 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, + 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, + 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, + 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, + 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, + 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, + 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, + 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, + 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, + 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, + 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, + 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, + 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, + 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, + 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, + 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, + 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, + 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, + 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, + 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, + 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, + 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, + 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, + 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, + 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, + 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, + 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, + 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, + 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, + 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 + ); /** * The SubByte S-Box @@ -377,7 +630,24 @@ class Crypt_Rijndael { * @var Array * @access private */ - var $sbox; + var $sbox = array( + 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, + 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, + 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, + 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, + 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, + 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, + 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, + 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, + 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, + 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, + 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, + 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, + 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, + 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, + 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, + 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 + ); /** * The inverse SubByte S-Box @@ -386,223 +656,24 @@ class Crypt_Rijndael { * @var Array * @access private */ - var $isbox; - - /** - * Performance-optimized callback function for en/decrypt() - * - * @see Crypt_Rijndael::encrypt() - * @see Crypt_Rijndael::decrypt() - * @see Crypt_Rijndael::inline_crypt_setup() - * @see Crypt_Rijndael::$use_inline_crypt - * @var Callback - * @access private - */ - var $inline_crypt; - - /** - * Holds whether performance-optimized $inline_crypt should be used or not. - * - * @see Crypt_Rijndael::Crypt_Rijndael() - * @see Crypt_Rijndael::inline_crypt_setup() - * @see Crypt_Rijndael::$inline_crypt - * @var Boolean - * @access private - */ - var $use_inline_crypt = true; - - /** - * Is the mode one that is paddable? - * - * @see Crypt_Rijndael::Crypt_Rijndael() - * @var Boolean - * @access private - */ - var $paddable = false; - - /** - * Encryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_Rijndael::encrypt() - * @var String - * @access private - */ - var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0); - - /** - * Decryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_Rijndael::decrypt() - * @var String - * @access private - */ - var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0); - - /** - * Default Constructor. - * - * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be - * CRYPT_RIJNDAEL_MODE_ECB or CRYPT_RIJNDAEL_MODE_CBC. If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used. - * - * @param optional Integer $mode - * @return Crypt_Rijndael - * @access public - */ - function Crypt_Rijndael($mode = CRYPT_RIJNDAEL_MODE_CBC) - { - switch ($mode) { - case CRYPT_RIJNDAEL_MODE_ECB: - case CRYPT_RIJNDAEL_MODE_CBC: - $this->paddable = true; - $this->mode = $mode; - break; - case CRYPT_RIJNDAEL_MODE_CTR: - case CRYPT_RIJNDAEL_MODE_CFB: - case CRYPT_RIJNDAEL_MODE_OFB: - $this->mode = $mode; - break; - default: - $this->paddable = true; - $this->mode = CRYPT_RIJNDAEL_MODE_CBC; - } - - $t3 = &$this->t3; - $t2 = &$this->t2; - $t1 = &$this->t1; - $t0 = &$this->t0; - - $dt3 = &$this->dt3; - $dt2 = &$this->dt2; - $dt1 = &$this->dt1; - $dt0 = &$this->dt0; - - // according to (section 5.2.1), - // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so - // those are the names we'll use. - $t3 = array( - 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491, - 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC, - 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB, - 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B, - 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83, - 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A, - 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F, - 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA, - 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B, - 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713, - 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6, - 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85, - 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411, - 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B, - 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1, - 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF, - 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E, - 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6, - 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B, - 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD, - 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8, - 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2, - 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049, - 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810, - 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197, - 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F, - 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C, - 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927, - 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733, - 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5, - 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0, - 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C - ); - - $dt3 = array( - 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B, - 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5, - 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B, - 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E, - 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D, - 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9, - 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66, - 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED, - 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4, - 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD, - 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60, - 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79, - 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C, - 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24, - 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C, - 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814, - 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B, - 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084, - 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077, - 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22, - 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F, - 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582, - 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB, - 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF, - 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035, - 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17, - 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46, - 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D, - 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A, - 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678, - 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF, - 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 - ); - - for ($i = 0; $i < 256; $i++) { - $t2[] = (($t3[$i] << 8) & 0xFFFFFF00) | (($t3[$i] >> 24) & 0x000000FF); - $t1[] = (($t3[$i] << 16) & 0xFFFF0000) | (($t3[$i] >> 16) & 0x0000FFFF); - $t0[] = (($t3[$i] << 24) & 0xFF000000) | (($t3[$i] >> 8) & 0x00FFFFFF); - - $dt2[] = (($dt3[$i] << 8) & 0xFFFFFF00) | (($dt3[$i] >> 24) & 0x000000FF); - $dt1[] = (($dt3[$i] << 16) & 0xFFFF0000) | (($dt3[$i] >> 16) & 0x0000FFFF); - $dt0[] = (($dt3[$i] << 24) & 0xFF000000) | (($dt3[$i] >> 8) & 0x00FFFFFF); - } - - // sbox for the S-Box substitution - $this->sbox = array( - 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76, - 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0, - 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15, - 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75, - 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84, - 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF, - 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8, - 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2, - 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73, - 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB, - 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79, - 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08, - 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A, - 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E, - 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF, - 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 - ); - - // sbox for the inverse S-Box substitution - $this->isbox = array( - 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, - 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, - 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, - 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, - 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, - 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, - 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, - 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, - 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, - 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, - 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, - 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, - 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, - 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, - 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, - 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D - ); - - if (!function_exists('create_function') || !is_callable('create_function')) { - $this->use_inline_crypt = false; - } - } + var $isbox = array( + 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB, + 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB, + 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E, + 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25, + 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92, + 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84, + 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06, + 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B, + 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73, + 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E, + 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B, + 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4, + 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F, + 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF, + 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61, + 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D + ); /** * Sets the key. @@ -614,27 +685,37 @@ class Crypt_Rijndael { * * If the key is not explicitly set, it'll be assumed to be all null bytes. * + * Note: 160/224-bit keys must explicitly set by setKeyLength(), otherwise they will be round/pad up to 192/256 bits. + * + * @see Crypt_Base:setKey() + * @see setKeyLength() * @access public * @param String $key */ function setKey($key) { - $this->key = $key; - $this->changed = true; - } + parent::setKey($key); - /** - * Sets the initialization vector. (optional) - * - * SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all zero's. - * - * @access public - * @param String $iv - */ - function setIV($iv) - { - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, $this->block_size), $this->block_size, chr(0)); + if (!$this->explicit_key_length) { + $length = strlen($key); + switch (true) { + case $length <= 16: + $this->key_size = 16; + break; + case $length <= 20: + $this->key_size = 20; + break; + case $length <= 24: + $this->key_size = 24; + break; + case $length <= 28: + $this->key_size = 28; + break; + default: + $this->key_size = 32; + } + $this->_setupEngine(); + } } /** @@ -643,76 +724,42 @@ class Crypt_Rijndael { * Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. * + * Note: phpseclib extends Rijndael (and AES) for using 160- and 224-bit keys but they are officially not defined + * and the most (if not all) implementations are not able using 160/224-bit keys but round/pad them up to + * 192/256 bits as, for example, mcrypt will do. + * + * That said, if you want be compatible with other Rijndael and AES implementations, + * you should not setKeyLength(160) or setKeyLength(224). + * + * Additional: In case of 160- and 224-bit keys, phpseclib will/can, for that reason, not use + * the mcrypt php extension, even if available. + * This results then in slower encryption. + * * @access public * @param Integer $length */ function setKeyLength($length) { - $length >>= 5; - if ($length > 8) { - $length = 8; - } else if ($length < 4) { - $length = 4; + switch (true) { + case $length == 160: + $this->key_size = 20; + break; + case $length == 224: + $this->key_size = 28; + break; + case $length <= 128: + $this->key_size = 16; + break; + case $length <= 192: + $this->key_size = 24; + break; + default: + $this->key_size = 32; } - $this->Nk = $length; - $this->key_size = $length << 2; $this->explicit_key_length = true; $this->changed = true; - } - - /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: - * $hash, $salt, $method - * Set $dkLen by calling setKeyLength() - * - * @param String $password - * @param optional String $method - * @access public - */ - function setPassword($password, $method = 'pbkdf2') - { - $key = ''; - - switch ($method) { - default: // 'pbkdf2' - list(, , $hash, $salt, $count) = func_get_args(); - if (!isset($hash)) { - $hash = 'sha1'; - } - // WPA and WPA2 use the SSID as the salt - if (!isset($salt)) { - $salt = 'phpseclib'; - } - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - if (!isset($count)) { - $count = 1000; - } - - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - - $i = 1; - while (strlen($key) < $this->key_size) { // $dkLen == $this->key_size - //$dk.= $this->_pbkdf($password, $salt, $count, $i++); - $hmac = new Crypt_Hash(); - $hmac->setHash($hash); - $hmac->setKey($password); - $f = $u = $hmac->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; $j++) { - $u = $hmac->hash($u); - $f^= $u; - } - $key.= $f; - } - } - - $this->setKey(substr($key, 0, $this->key_size)); + $this->_setupEngine(); } /** @@ -735,335 +782,76 @@ class Crypt_Rijndael { $this->Nb = $length; $this->block_size = $length << 2; $this->changed = true; + $this->_setupEngine(); } /** - * Generate CTR XOR encryption key + * Setup the fastest possible $engine * - * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the - * plaintext / ciphertext in CTR mode. + * Determines if the mcrypt (MODE_MCRYPT) $engine available + * and usable for the current $block_size and $key_size. * - * @see Crypt_Rijndael::decrypt() - * @see Crypt_Rijndael::encrypt() - * @access public - * @param Integer $length - * @param String $iv + * If not, the slower MODE_INTERNAL $engine will be set. + * + * @see setKey() + * @see setKeyLength() + * @see setBlockLength() + * @access private */ - function _generate_xor($length, &$iv) + function _setupEngine() { - $xor = ''; - $block_size = $this->block_size; - $num_blocks = floor(($length + ($block_size - 1)) / $block_size); - for ($i = 0; $i < $num_blocks; $i++) { - $xor.= $iv; - for ($j = 4; $j <= $block_size; $j+=4) { - $temp = substr($iv, -$j, 4); - switch ($temp) { - case "\xFF\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4); - break; - case "\x7F\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4); - break 2; - default: - extract(unpack('Ncount', $temp)); - $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4); - break 2; - } + if (constant('CRYPT_' . $this->const_namespace . '_MODE') == CRYPT_MODE_INTERNAL) { + // No mcrypt support at all for rijndael + return; + } + + // The required mcrypt module name for the current $block_size of rijndael + $cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3); + + // Determining the availibility/usability of $cipher_name_mcrypt + switch (true) { + case $this->key_size % 8: // mcrypt is not usable for 160/224-bit keys, only for 128/192/256-bit keys + case !in_array($cipher_name_mcrypt, mcrypt_list_algorithms()): // $cipher_name_mcrypt is not available for the current $block_size + $engine = CRYPT_MODE_INTERNAL; + break; + default: + $engine = CRYPT_MODE_MCRYPT; + } + + if ($this->engine == $engine && $this->cipher_name_mcrypt == $cipher_name_mcrypt) { + // allready set, so we not unnecessary close $this->enmcrypt/demcrypt/ecb + return; + } + + // Set the $engine + $this->engine = $engine; + $this->cipher_name_mcrypt = $cipher_name_mcrypt; + + if ($this->enmcrypt) { + // Closing the current mcrypt resource(s). _mcryptSetup() will, if needed, + // (re)open them with the module named in $this->cipher_name_mcrypt + mcrypt_module_close($this->enmcrypt); + mcrypt_module_close($this->demcrypt); + $this->enmcrypt = null; + $this->demcrypt = null; + + if ($this->ecb) { + mcrypt_module_close($this->ecb); + $this->ecb = null; } } - - return $xor; } /** - * Encrypts a message. + * Setup the CRYPT_MODE_MCRYPT $engine * - * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other Rjindael - * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's - * necessary are discussed in the following - * URL: - * - * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} - * - * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. - * strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that - * length. - * - * @see Crypt_Rijndael::decrypt() - * @access public - * @param String $plaintext + * @see Crypt_Base::_setupMcrypt() + * @access private */ - function encrypt($plaintext) + function _setupMcrypt() { - if ($this->changed) { - $this->_setup(); - } - if ($this->use_inline_crypt) { - $inline = $this->inline_crypt; - return $inline('encrypt', $this, $plaintext); - } - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } - - $block_size = $this->block_size; - $buffer = &$this->enbuffer; - $ciphertext = ''; - switch ($this->mode) { - case CRYPT_RIJNDAEL_MODE_ECB: - for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { - $ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size)); - } - break; - case CRYPT_RIJNDAEL_MODE_CBC: - $xor = $this->encryptIV; - for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { - $block = substr($plaintext, $i, $block_size); - $block = $this->_encryptBlock($block ^ $xor); - $xor = $block; - $ciphertext.= $block; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - } - break; - case CRYPT_RIJNDAEL_MODE_CTR: - $xor = $this->encryptIV; - if (strlen($buffer['encrypted'])) { - for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { - $block = substr($plaintext, $i, $block_size); - if (strlen($block) > strlen($buffer['encrypted'])) { - $buffer['encrypted'].= $this->_encryptBlock($this->_generate_xor($block_size, $xor)); - } - $key = $this->_string_shift($buffer['encrypted'], $block_size); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { - $block = substr($plaintext, $i, $block_size); - $key = $this->_encryptBlock($this->_generate_xor($block_size, $xor)); - $ciphertext.= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) % $block_size) { - $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted']; - } - } - break; - case CRYPT_RIJNDAEL_MODE_CFB: - // cfb loosely routines inspired by openssl's: - // http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1 - if ($this->continuousBuffer) { - $iv = &$this->encryptIV; - $pos = &$buffer['pos']; - } else { - $iv = $this->encryptIV; - $pos = 0; - } - $len = strlen($plaintext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $block_size - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= $block_size) { - $iv = $this->_encryptBlock($iv) ^ substr($plaintext, $i, $block_size); - $ciphertext.= $iv; - $len-= $block_size; - $i+= $block_size; - } - if ($len) { - $iv = $this->_encryptBlock($iv); - $block = $iv ^ substr($plaintext, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - break; - case CRYPT_RIJNDAEL_MODE_OFB: - $xor = $this->encryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { - $block = substr($plaintext, $i, $block_size); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $this->_encryptBlock($xor); - $buffer['xor'].= $xor; - } - $key = $this->_string_shift($buffer['xor'], $block_size); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i+=$block_size) { - $xor = $this->_encryptBlock($xor); - $ciphertext.= substr($plaintext, $i, $block_size) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) % $block_size) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - } - - return $ciphertext; - } - - /** - * Decrypts a message. - * - * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until - * it is. - * - * @see Crypt_Rijndael::encrypt() - * @access public - * @param String $ciphertext - */ - function decrypt($ciphertext) - { - if ($this->changed) { - $this->_setup(); - } - if ($this->use_inline_crypt) { - $inline = $this->inline_crypt; - return $inline('decrypt', $this, $ciphertext); - } - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic : - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($this->block_size - strlen($ciphertext) % $this->block_size) % $this->block_size, chr(0)); - } - - $block_size = $this->block_size; - $buffer = &$this->debuffer; - $plaintext = ''; - switch ($this->mode) { - case CRYPT_RIJNDAEL_MODE_ECB: - for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { - $plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size)); - } - break; - case CRYPT_RIJNDAEL_MODE_CBC: - $xor = $this->decryptIV; - for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { - $block = substr($ciphertext, $i, $block_size); - $plaintext.= $this->_decryptBlock($block) ^ $xor; - $xor = $block; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - } - break; - case CRYPT_RIJNDAEL_MODE_CTR: - $xor = $this->decryptIV; - if (strlen($buffer['ciphertext'])) { - for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { - $block = substr($ciphertext, $i, $block_size); - if (strlen($block) > strlen($buffer['ciphertext'])) { - $buffer['ciphertext'].= $this->_encryptBlock($this->_generate_xor($block_size, $xor)); - } - $key = $this->_string_shift($buffer['ciphertext'], $block_size); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { - $block = substr($ciphertext, $i, $block_size); - $key = $this->_encryptBlock($this->_generate_xor($block_size, $xor)); - $plaintext.= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) % $block_size) { - $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; - } - } - break; - case CRYPT_RIJNDAEL_MODE_CFB: - if ($this->continuousBuffer) { - $iv = &$this->decryptIV; - $pos = &$buffer['pos']; - } else { - $iv = $this->decryptIV; - $pos = 0; - } - $len = strlen($ciphertext); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = $block_size - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - while ($len >= $block_size) { - $iv = $this->_encryptBlock($iv); - $cb = substr($ciphertext, $i, $block_size); - $plaintext.= $iv ^ $cb; - $iv = $cb; - $len-= $block_size; - $i+= $block_size; - } - if ($len) { - $iv = $this->_encryptBlock($iv); - $plaintext.= $iv ^ substr($ciphertext, $i); - $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len); - $pos = $len; - } - break; - case CRYPT_RIJNDAEL_MODE_OFB: - $xor = $this->decryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { - $block = substr($ciphertext, $i, $block_size); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $this->_encryptBlock($xor); - $buffer['xor'].= $xor; - } - $key = $this->_string_shift($buffer['xor'], $block_size); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) { - $xor = $this->_encryptBlock($xor); - $plaintext.= substr($ciphertext, $i, $block_size) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) % $block_size) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; + $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, "\0"); + parent::_setupMcrypt(); } /** @@ -1075,17 +863,24 @@ class Crypt_Rijndael { */ function _encryptBlock($in) { - $state = array(); - $words = unpack('N*word', $in); + static $t0, $t1, $t2, $t3, $sbox; + if (!$t0) { + for ($i = 0; $i < 256; ++$i) { + $t0[] = (int)$this->t0[$i]; + $t1[] = (int)$this->t1[$i]; + $t2[] = (int)$this->t2[$i]; + $t3[] = (int)$this->t3[$i]; + $sbox[] = (int)$this->sbox[$i]; + } + } + $state = array(); + $words = unpack('N*', $in); + + $c = $this->c; $w = $this->w; - $t0 = $this->t0; - $t1 = $this->t1; - $t2 = $this->t2; - $t3 = $this->t3; $Nb = $this->Nb; $Nr = $this->Nr; - $c = $this->c; // addRoundKey $i = -1; @@ -1093,11 +888,11 @@ class Crypt_Rijndael { $state[] = $word ^ $w[0][++$i]; } - // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components - - // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding + // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components - + // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding // Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf. // Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization. - // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1], + // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1], // equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well. // [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf @@ -1124,7 +919,10 @@ class Crypt_Rijndael { // subWord for ($i = 0; $i < $Nb; ++$i) { - $state[$i] = $this->_subWord($state[$i]); + $state[$i] = $sbox[$state[$i] & 0x000000FF] | + ($sbox[$state[$i] >> 8 & 0x000000FF] << 8) | + ($sbox[$state[$i] >> 16 & 0x000000FF] << 16) | + ($sbox[$state[$i] >> 24 & 0x000000FF] << 24); } // shiftRows + addRoundKey @@ -1144,7 +942,6 @@ class Crypt_Rijndael { $l = ($l + 1) % $Nb; } - // 100% ugly switch/case code... but ~5% faster ("smart code" below commented out) switch ($Nb) { case 8: return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]); @@ -1157,13 +954,6 @@ class Crypt_Rijndael { default: return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3]); } - /* - $state = $temp; - - array_unshift($state, 'N*'); - - return call_user_func_array('pack', $state); - */ } /** @@ -1175,17 +965,24 @@ class Crypt_Rijndael { */ function _decryptBlock($in) { - $state = array(); - $words = unpack('N*word', $in); + static $dt0, $dt1, $dt2, $dt3, $isbox; + if (!$dt0) { + for ($i = 0; $i < 256; ++$i) { + $dt0[] = (int)$this->dt0[$i]; + $dt1[] = (int)$this->dt1[$i]; + $dt2[] = (int)$this->dt2[$i]; + $dt3[] = (int)$this->dt3[$i]; + $isbox[] = (int)$this->isbox[$i]; + } + } + $state = array(); + $words = unpack('N*', $in); + + $c = $this->c; $dw = $this->dw; - $dt0 = $this->dt0; - $dt1 = $this->dt1; - $dt2 = $this->dt2; - $dt3 = $this->dt3; $Nb = $this->Nb; $Nr = $this->Nr; - $c = $this->c; // addRoundKey $i = -1; @@ -1221,11 +1018,15 @@ class Crypt_Rijndael { $l = $Nb - $c[3]; while ($i < $Nb) { - $temp[$i] = $dw[0][$i] ^ - $this->_invSubWord(($state[$i] & 0xFF000000) | - ($state[$j] & 0x00FF0000) | - ($state[$k] & 0x0000FF00) | - ($state[$l] & 0x000000FF)); + $word = ($state[$i] & 0xFF000000) | + ($state[$j] & 0x00FF0000) | + ($state[$k] & 0x0000FF00) | + ($state[$l] & 0x000000FF); + + $temp[$i] = $dw[0][$i] ^ ($isbox[$word & 0x000000FF] | + ($isbox[$word >> 8 & 0x000000FF] << 8) | + ($isbox[$word >> 16 & 0x000000FF] << 16) | + ($isbox[$word >> 24 & 0x000000FF] << 24)); ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; @@ -1244,24 +1045,15 @@ class Crypt_Rijndael { default: return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3]); } - /* - $state = $temp; - - array_unshift($state, 'N*'); - - return call_user_func_array('pack', $state); - */ } /** - * Setup Rijndael - * - * Validates all the variables and calculates $Nr - the number of rounds that need to be performed - and $w - the key - * key schedule. + * Setup the key (expansion) * + * @see Crypt_Base::_setupKey() * @access private */ - function _setup() + function _setupKey() { // Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field. // See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse @@ -1274,21 +1066,15 @@ class Crypt_Rijndael { 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000 ); - if (!$this->explicit_key_length) { - // we do >> 2, here, and not >> 5, as we do above, since strlen($this->key) tells us the number of bytes - not bits - $length = strlen($this->key) >> 2; - if ($length > 8) { - $length = 8; - } else if ($length < 4) { - $length = 4; - } - $this->Nk = $length; - $this->key_size = $length << 2; + $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, "\0"); + + if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_size === $this->kl['key_size'] && $this->block_size === $this->kl['block_size']) { + // already expanded + return; } + $this->kl = array('key' => $this->key, 'key_size' => $this->key_size, 'block_size' => $this->block_size); - $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0)); - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, chr(0)); - + $this->Nk = $this->key_size >> 2; // see Rijndael-ammended.pdf#page=44 $this->Nr = max($this->Nk, $this->Nb) + 6; @@ -1309,9 +1095,7 @@ class Crypt_Rijndael { $this->c = array(0, 1, 3, 4); } - $key = $this->key; - - $w = array_values(unpack('N*words', $key)); + $w = array_values(unpack('N*words', $this->key)); $length = $this->Nb * ($this->Nr + 1); for ($i = $this->Nk; $i < $length; $i++) { @@ -1331,7 +1115,7 @@ class Crypt_Rijndael { // convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns // and generate the inverse key schedule. more specifically, - // according to (section 5.3.3), + // according to (section 5.3.3), // "The key expansion for the Inverse Cipher is defined as follows: // 1. Apply the Key Expansion. // 2. Apply InvMixColumn to all Round Keys except the first and the last one." @@ -1346,9 +1130,9 @@ class Crypt_Rijndael { $j = 0; while ($j < $this->Nb) { $dw = $this->_subWord($this->w[$row][$j]); - $temp[$j] = $this->dt0[$dw >> 24 & 0x000000FF] ^ - $this->dt1[$dw >> 16 & 0x000000FF] ^ - $this->dt2[$dw >> 8 & 0x000000FF] ^ + $temp[$j] = $this->dt0[$dw >> 24 & 0x000000FF] ^ + $this->dt1[$dw >> 16 & 0x000000FF] ^ + $this->dt2[$dw >> 8 & 0x000000FF] ^ $this->dt3[$dw & 0x000000FF]; $j++; } @@ -1376,17 +1160,14 @@ class Crypt_Rijndael { } $this->w = $w; $this->dw = $dw; - - $this->inline_crypt_setup(); } - - $this->changed = false; } /** * Performs S-Box substitutions * * @access private + * @param Integer $word */ function _subWord($word) { @@ -1399,217 +1180,37 @@ class Crypt_Rijndael { } /** - * Performs inverse S-Box substitutions + * Setup the performance-optimized function for de/encrypt() * + * @see Crypt_Base::_setupInlineCrypt() * @access private */ - function _invSubWord($word) + function _setupInlineCrypt() { - $isbox = $this->isbox; - - return $isbox[$word & 0x000000FF] | - ($isbox[$word >> 8 & 0x000000FF] << 8) | - ($isbox[$word >> 16 & 0x000000FF] << 16) | - ($isbox[$word >> 24 & 0x000000FF] << 24); - } - - /** - * Pad "packets". - * - * Rijndael works by encrypting between sixteen and thirty-two bytes at a time, provided that number is also a multiple - * of four. If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to - * pad the input so that it is of the proper length. - * - * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, - * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping - * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is - * transmitted separately) - * - * @see Crypt_Rijndael::disablePadding() - * @access public - */ - function enablePadding() - { - $this->padding = true; - } - - /** - * Do not pad packets. - * - * @see Crypt_Rijndael::enablePadding() - * @access public - */ - function disablePadding() - { - $this->padding = false; - } - - /** - * Pads a string - * - * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. - * $block_size - (strlen($text) % $block_size) bytes are added, each of which is equal to - * chr($block_size - (strlen($text) % $block_size) - * - * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless - * and padding will, hence forth, be enabled. - * - * @see Crypt_Rijndael::_unpad() - * @access private - */ - function _pad($text) - { - $length = strlen($text); - - if (!$this->padding) { - if ($length % $this->block_size == 0) { - return $text; - } else { - user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})"); - $this->padding = true; - } - } - - $pad = $this->block_size - ($length % $this->block_size); - - return str_pad($text, $length + $pad, chr($pad)); - } - - /** - * Unpads a string. - * - * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong - * and false will be returned. - * - * @see Crypt_Rijndael::_pad() - * @access private - */ - function _unpad($text) - { - if (!$this->padding) { - return $text; - } - - $length = ord($text[strlen($text) - 1]); - - if (!$length || $length > $this->block_size) { - return false; - } - - return substr($text, 0, -$length); - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets - * will yield different outputs: - * - * - * echo $rijndael->encrypt(substr($plaintext, 0, 16)); - * echo $rijndael->encrypt(substr($plaintext, 16, 16)); - * - * - * echo $rijndael->encrypt($plaintext); - * - * - * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates - * another, as demonstrated with the following: - * - * - * $rijndael->encrypt(substr($plaintext, 0, 16)); - * echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16))); - * - * - * echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16))); - * - * - * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different - * outputs. The reason is due to the fact that the initialization vector's change after every encryption / - * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. - * - * Put another way, when the continuous buffer is enabled, the state of the Crypt_Rijndael() object changes after each - * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that - * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), - * however, they are also less intuitive and more likely to cause you problems. - * - * @see Crypt_Rijndael::disableContinuousBuffer() - * @access public - */ - function enableContinuousBuffer() - { - $this->continuousBuffer = true; - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see Crypt_Rijndael::enableContinuousBuffer() - * @access public - */ - function disableContinuousBuffer() - { - $this->continuousBuffer = false; - $this->encryptIV = $this->iv; - $this->decryptIV = $this->iv; - $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0); - $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0); - } - - /** - * String Shift - * - * Inspired by array_shift - * - * @param String $string - * @param optional Integer $index - * @return String - * @access private - */ - function _string_shift(&$string, $index = 1) - { - $substr = substr($string, 0, $index); - $string = substr($string, $index); - return $substr; - } - - /** - * Creates performance-optimized function for de/encrypt(), storing it in $this->inline_crypt - * - * @see Crypt_Rijndael::encrypt() - * @see Crypt_Rijndael::decrypt() - * @access private - */ - function inline_crypt_setup() - { - // Note: inline_crypt_setup() will be called only if $this->changed === true + // Note: _setupInlineCrypt() will be called only if $this->changed === true // So here we are'nt under the same heavy timing-stress as we are in _de/encryptBlock() or de/encrypt(). // However...the here generated function- $code, stored as php callback in $this->inline_crypt, must work as fast as even possible. - $lambda_functions =& Crypt_Rijndael::get_lambda_functions(); - $block_size = $this->block_size; - $mode = $this->mode; + $lambda_functions =& Crypt_Rijndael::_getLambdaFunctions(); - // The first 5 generated $lambda_functions will use the key-words hardcoded for better performance. - // For memory reason we limit those ultra-optimized function code to 5. + // The first 10 generated $lambda_functions will use the key-words hardcoded for better performance. + // For memory reason we limit those ultra-optimized functions. // After that, we use pure (extracted) integer vars for the key-words which is faster than accessing them via array. - if (count($lambda_functions) < 5) { + if (count($lambda_functions) < 10) { $w = $this->w; $dw = $this->dw; - $init_encryptBlock = ''; - $init_decryptBlock = ''; + $init_encrypt = ''; + $init_decrypt = ''; } else { for ($i = 0, $cw = count($this->w); $i < $cw; ++$i) { - $w[] = '$w_'.$i; - $dw[] = '$dw_'.$i; + $w[] = '$w[' . $i . ']'; + $dw[] = '$dw[' . $i . ']'; } - $init_encryptBlock = 'extract($self->w, EXTR_PREFIX_ALL, "w");'; - $init_decryptBlock = 'extract($self->dw, EXTR_PREFIX_ALL, "dw");'; + $init_encrypt = '$w = $self->w;'; + $init_decrypt = '$dw = $self->dw;'; } - $code_hash = md5("$mode, $block_size, " . implode(',', $w)); + $code_hash = md5(str_pad("Crypt_Rijndael, {$this->mode}, {$this->block_size}, ", 32, "\0") . implode(',', $w)); if (!isset($lambda_functions[$code_hash])) { $Nr = $this->Nr; @@ -1617,28 +1218,34 @@ class Crypt_Rijndael { $c = $this->c; // Generating encrypt code: - $init_encryptBlock.= ' - $t0 = $self->t0; - $t1 = $self->t1; - $t2 = $self->t2; - $t3 = $self->t3; - $sbox = $self->sbox;'; + $init_encrypt.= ' + static $t0, $t1, $t2, $t3, $sbox; + if (!$t0) { + for ($i = 0; $i < 256; ++$i) { + $t0[$i] = (int)$self->t0[$i]; + $t1[$i] = (int)$self->t1[$i]; + $t2[$i] = (int)$self->t2[$i]; + $t3[$i] = (int)$self->t3[$i]; + $sbox[$i] = (int)$self->sbox[$i]; + } + } + '; $s = 'e'; $e = 's'; $wc = $Nb - 1; // Preround: addRoundKey - $_encryptBlock = '$in = unpack("N*", $in);'."\n"; + $encrypt_block = '$in = unpack("N*", $in);'."\n"; for ($i = 0; $i < $Nb; ++$i) { - $_encryptBlock .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$w[++$wc].";\n"; + $encrypt_block .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$w[++$wc].";\n"; } // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey for ($round = 1; $round < $Nr; ++$round) { list($s, $e) = array($e, $s); for ($i = 0; $i < $Nb; ++$i) { - $_encryptBlock.= + $encrypt_block.= '$'.$e.$i.' = $t0[($'.$s.$i .' >> 24) & 0xff] ^ $t1[($'.$s.(($i + $c[1]) % $Nb).' >> 16) & 0xff] ^ @@ -1650,47 +1257,53 @@ class Crypt_Rijndael { // Finalround: subWord + shiftRows + addRoundKey for ($i = 0; $i < $Nb; ++$i) { - $_encryptBlock.= + $encrypt_block.= '$'.$e.$i.' = $sbox[ $'.$e.$i.' & 0xff] | ($sbox[($'.$e.$i.' >> 8) & 0xff] << 8) | ($sbox[($'.$e.$i.' >> 16) & 0xff] << 16) | ($sbox[($'.$e.$i.' >> 24) & 0xff] << 24);'."\n"; } - $_encryptBlock .= '$in = pack("N*"'."\n"; + $encrypt_block .= '$in = pack("N*"'."\n"; for ($i = 0; $i < $Nb; ++$i) { - $_encryptBlock.= ', + $encrypt_block.= ', ($'.$e.$i .' & 0xFF000000) ^ ($'.$e.(($i + $c[1]) % $Nb).' & 0x00FF0000) ^ ($'.$e.(($i + $c[2]) % $Nb).' & 0x0000FF00) ^ ($'.$e.(($i + $c[3]) % $Nb).' & 0x000000FF) ^ '.$w[$i]."\n"; } - $_encryptBlock .= ');'; + $encrypt_block .= ');'; // Generating decrypt code: - $init_decryptBlock.= ' - $dt0 = $self->dt0; - $dt1 = $self->dt1; - $dt2 = $self->dt2; - $dt3 = $self->dt3; - $isbox = $self->isbox;'; + $init_decrypt.= ' + static $dt0, $dt1, $dt2, $dt3, $isbox; + if (!$dt0) { + for ($i = 0; $i < 256; ++$i) { + $dt0[$i] = (int)$self->dt0[$i]; + $dt1[$i] = (int)$self->dt1[$i]; + $dt2[$i] = (int)$self->dt2[$i]; + $dt3[$i] = (int)$self->dt3[$i]; + $isbox[$i] = (int)$self->isbox[$i]; + } + } + '; $s = 'e'; $e = 's'; $wc = $Nb - 1; // Preround: addRoundKey - $_decryptBlock = '$in = unpack("N*", $in);'."\n"; + $decrypt_block = '$in = unpack("N*", $in);'."\n"; for ($i = 0; $i < $Nb; ++$i) { - $_decryptBlock .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$dw[++$wc].';'."\n"; + $decrypt_block .= '$s'.$i.' = $in['.($i + 1).'] ^ '.$dw[++$wc].';'."\n"; } // Mainrounds: shiftRows + subWord + mixColumns + addRoundKey for ($round = 1; $round < $Nr; ++$round) { list($s, $e) = array($e, $s); for ($i = 0; $i < $Nb; ++$i) { - $_decryptBlock.= + $decrypt_block.= '$'.$e.$i.' = $dt0[($'.$s.$i .' >> 24) & 0xff] ^ $dt1[($'.$s.(($Nb + $i - $c[1]) % $Nb).' >> 16) & 0xff] ^ @@ -1702,361 +1315,34 @@ class Crypt_Rijndael { // Finalround: subWord + shiftRows + addRoundKey for ($i = 0; $i < $Nb; ++$i) { - $_decryptBlock.= + $decrypt_block.= '$'.$e.$i.' = $isbox[ $'.$e.$i.' & 0xff] | ($isbox[($'.$e.$i.' >> 8) & 0xff] << 8) | ($isbox[($'.$e.$i.' >> 16) & 0xff] << 16) | ($isbox[($'.$e.$i.' >> 24) & 0xff] << 24);'."\n"; } - $_decryptBlock .= '$in = pack("N*"'."\n"; + $decrypt_block .= '$in = pack("N*"'."\n"; for ($i = 0; $i < $Nb; ++$i) { - $_decryptBlock.= ', + $decrypt_block.= ', ($'.$e.$i. ' & 0xFF000000) ^ ($'.$e.(($Nb + $i - $c[1]) % $Nb).' & 0x00FF0000) ^ ($'.$e.(($Nb + $i - $c[2]) % $Nb).' & 0x0000FF00) ^ ($'.$e.(($Nb + $i - $c[3]) % $Nb).' & 0x000000FF) ^ '.$dw[$i]."\n"; } - $_decryptBlock .= ');'; + $decrypt_block .= ');'; - // Generating mode of operation code: - switch ($mode) { - case CRYPT_RIJNDAEL_MODE_ECB: - $encrypt = $init_encryptBlock . ' - $ciphertext = ""; - $text = $self->_pad($text); - $plaintext_len = strlen($text); - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_encryptBlock.' - $ciphertext.= $in; - } - - return $ciphertext; - '; - - $decrypt = $init_decryptBlock . ' - $plaintext = ""; - $text = str_pad($text, strlen($text) + ('.$block_size.' - strlen($text) % '.$block_size.') % '.$block_size.', chr(0)); - $ciphertext_len = strlen($text); - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_decryptBlock.' - $plaintext.= $in; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_RIJNDAEL_MODE_CBC: - $encrypt = $init_encryptBlock . ' - $ciphertext = ""; - $text = $self->_pad($text); - $plaintext_len = strlen($text); - - $in = $self->encryptIV; - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.') ^ $in; - '.$_encryptBlock.' - $ciphertext.= $in; - } - - if ($self->continuousBuffer) { - $self->encryptIV = $in; - } - - return $ciphertext; - '; - - $decrypt = $init_decryptBlock . ' - $plaintext = ""; - $text = str_pad($text, strlen($text) + ('.$block_size.' - strlen($text) % '.$block_size.') % '.$block_size.', chr(0)); - $ciphertext_len = strlen($text); - - $iv = $self->decryptIV; - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $block = substr($text, $i, '.$block_size.'); - '.$_decryptBlock.' - $plaintext.= $in ^ $iv; - $iv = $block; - } - - if ($self->continuousBuffer) { - $self->decryptIV = $iv; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_RIJNDAEL_MODE_CTR: - $encrypt = $init_encryptBlock . ' - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["encrypted"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["encrypted"])) { - $in = $self->_generate_xor('.$block_size.', $xor); - '.$_encryptBlock.' - $buffer["encrypted"].= $in; - } - $key = $self->_string_shift($buffer["encrypted"], '.$block_size.'); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor('.$block_size.', $xor); - '.$_encryptBlock.' - $key = $in; - $ciphertext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"]; - } - } - - return $ciphertext; - '; - - $decrypt = $init_encryptBlock . ' - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["ciphertext"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["ciphertext"])) { - $in = $self->_generate_xor('.$block_size.', $xor); - '.$_encryptBlock.' - $buffer["ciphertext"].= $in; - } - $key = $self->_string_shift($buffer["ciphertext"], '.$block_size.'); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor('.$block_size.', $xor); - '.$_encryptBlock.' - $key = $in; - $plaintext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"]; - } - } - - return $plaintext; - '; - break; - case CRYPT_RIJNDAEL_MODE_CFB: - $encrypt = $init_encryptBlock . ' - $ciphertext = ""; - $buffer = &$self->enbuffer; - - if ($self->continuousBuffer) { - $iv = &$self->encryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->encryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_encryptBlock.'; - $iv = $in ^ substr($text, $i, '.$block_size.'); - $ciphertext.= $iv; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $block = $iv ^ substr($text, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - '; - - $decrypt = $init_encryptBlock . ' - $plaintext = ""; - $buffer = &$self->debuffer; - - if ($self->continuousBuffer) { - $iv = &$self->decryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->decryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $cb = substr($text, $i, '.$block_size.'); - $plaintext.= $iv ^ $cb; - $iv = $cb; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $plaintext.= $iv ^ substr($text, $i); - $iv = substr_replace($iv, substr($text, $i), 0, $len); - $pos = $len; - } - - return $plaintext; - '; - break; - case CRYPT_RIJNDAEL_MODE_OFB: - $encrypt = $init_encryptBlock . ' - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"], '.$block_size.'); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $ciphertext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $ciphertext; - '; - - $decrypt = $init_encryptBlock . ' - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"], '.$block_size.'); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $plaintext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $plaintext; - '; - break; - } - $lambda_functions[$code_hash] = create_function('$action, &$self, $text', 'if ($action == "encrypt") { '.$encrypt.' } else { '.$decrypt.' }'); + $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( + array( + 'init_crypt' => '', + 'init_encrypt' => $init_encrypt, + 'init_decrypt' => $init_decrypt, + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ) + ); } $this->inline_crypt = $lambda_functions[$code_hash]; } - - /** - * Holds the lambda_functions table (classwide) - * - * @see Crypt_Rijndael::inline_crypt_setup() - * @return Array - * @access private - */ - function &get_lambda_functions() - { - static $functions = array(); - return $functions; - } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/Crypt/TripleDES.php b/Crypt/TripleDES.php index bcf6074..175b3ac 100755 --- a/Crypt/TripleDES.php +++ b/Crypt/TripleDES.php @@ -1,5 +1,4 @@ * - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_TripleDES + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** * Include Crypt_DES */ if (!class_exists('Crypt_DES')) { - require_once('DES.php'); + include_once 'DES.php'; } /** @@ -77,15 +76,85 @@ define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC); /** * Pure-PHP implementation of Triple DES. * + * @package Crypt_TripleDES * @author Jim Wigginton - * @version 0.1.0 * @access public - * @package Crypt_TerraDES */ -class Crypt_TripleDES extends Crypt_DES { +class Crypt_TripleDES extends Crypt_DES +{ + /** + * The default password key_size used by setPassword() + * + * @see Crypt_DES::password_key_size + * @see Crypt_Base::password_key_size + * @see Crypt_Base::setPassword() + * @var Integer + * @access private + */ + var $password_key_size = 24; + + /** + * The default salt used by setPassword() + * + * @see Crypt_Base::password_default_salt + * @see Crypt_Base::setPassword() + * @var String + * @access private + */ + var $password_default_salt = 'phpseclib'; + + /** + * The namespace used by the cipher for its constants. + * + * @see Crypt_DES::const_namespace + * @see Crypt_Base::const_namespace + * @var String + * @access private + */ + var $const_namespace = 'DES'; + + /** + * The mcrypt specific name of the cipher + * + * @see Crypt_DES::cipher_name_mcrypt + * @see Crypt_Base::cipher_name_mcrypt + * @var String + * @access private + */ + var $cipher_name_mcrypt = 'tripledes'; + + /** + * Optimizing value while CFB-encrypting + * + * @see Crypt_Base::cfb_init_len + * @var Integer + * @access private + */ + var $cfb_init_len = 750; + + /** + * max possible size of $key + * + * @see Crypt_TripleDES::setKey() + * @see Crypt_DES::setKey() + * @var String + * @access private + */ + var $key_size_max = 24; + + /** + * Internal flag whether using CRYPT_DES_MODE_3CBC or not + * + * @var Boolean + * @access private + */ + var $mode_3cbc; + /** * The Crypt_DES objects * + * Used only if $mode_3cbc === true + * * @var Array * @access private */ @@ -94,99 +163,73 @@ class Crypt_TripleDES extends Crypt_DES { /** * Default Constructor. * - * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be - * CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used. + * Determines whether or not the mcrypt extension should be used. * + * $mode could be: + * + * - CRYPT_DES_MODE_ECB + * + * - CRYPT_DES_MODE_CBC + * + * - CRYPT_DES_MODE_CTR + * + * - CRYPT_DES_MODE_CFB + * + * - CRYPT_DES_MODE_OFB + * + * - CRYPT_DES_MODE_3CBC + * + * If not explicitly set, CRYPT_DES_MODE_CBC will be used. + * + * @see Crypt_DES::Crypt_DES() + * @see Crypt_Base::Crypt_Base() * @param optional Integer $mode - * @return Crypt_TripleDES * @access public */ function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC) { - if ( !defined('CRYPT_DES_MODE') ) { - switch (true) { - case extension_loaded('mcrypt') && in_array('tripledes', mcrypt_list_algorithms()): - define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT); - break; - default: - define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL); - } - } + switch ($mode) { + // In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC + // and additional flag us internally as 3CBC + case CRYPT_DES_MODE_3CBC: + parent::Crypt_Base(CRYPT_DES_MODE_CBC); + $this->mode_3cbc = true; - if ( $mode == CRYPT_DES_MODE_3CBC ) { - $this->mode = CRYPT_DES_MODE_3CBC; - $this->des = array( - new Crypt_DES(CRYPT_DES_MODE_CBC), - new Crypt_DES(CRYPT_DES_MODE_CBC), - new Crypt_DES(CRYPT_DES_MODE_CBC) - ); - $this->paddable = true; - - // we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects - $this->des[0]->disablePadding(); - $this->des[1]->disablePadding(); - $this->des[2]->disablePadding(); - - return; - } - - switch ( CRYPT_DES_MODE ) { - case CRYPT_DES_MODE_MCRYPT: - switch ($mode) { - case CRYPT_DES_MODE_ECB: - $this->paddable = true; - $this->mode = MCRYPT_MODE_ECB; - break; - case CRYPT_DES_MODE_CTR: - $this->mode = 'ctr'; - break; - case CRYPT_DES_MODE_CFB: - $this->mode = 'ncfb'; - $this->ecb = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_ECB, ''); - break; - case CRYPT_DES_MODE_OFB: - $this->mode = MCRYPT_MODE_NOFB; - break; - case CRYPT_DES_MODE_CBC: - default: - $this->paddable = true; - $this->mode = MCRYPT_MODE_CBC; - } - $this->enmcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, ''); - $this->demcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, ''); - - break; - default: + // This three $des'es will do the 3CBC work (if $key > 64bits) $this->des = array( - new Crypt_DES(CRYPT_DES_MODE_ECB), - new Crypt_DES(CRYPT_DES_MODE_ECB), - new Crypt_DES(CRYPT_DES_MODE_ECB) + new Crypt_DES(CRYPT_DES_MODE_CBC), + new Crypt_DES(CRYPT_DES_MODE_CBC), + new Crypt_DES(CRYPT_DES_MODE_CBC), ); - + // we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects $this->des[0]->disablePadding(); $this->des[1]->disablePadding(); $this->des[2]->disablePadding(); + break; + // If not 3CBC, we init as usual + default: + parent::Crypt_Base($mode); + } + } - switch ($mode) { - case CRYPT_DES_MODE_ECB: - case CRYPT_DES_MODE_CBC: - $this->paddable = true; - $this->mode = $mode; - break; - case CRYPT_DES_MODE_CTR: - case CRYPT_DES_MODE_CFB: - case CRYPT_DES_MODE_OFB: - $this->mode = $mode; - break; - default: - $this->paddable = true; - $this->mode = CRYPT_DES_MODE_CBC; - } - if (function_exists('create_function') && is_callable('create_function')) { - $this->inline_crypt_setup(3); - $this->use_inline_crypt = true; - } + /** + * Sets the initialization vector. (optional) + * + * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed + * to be all zero's. + * + * @see Crypt_Base::setIV() + * @access public + * @param String $iv + */ + function setIV($iv) + { + parent::setIV($iv); + if ($this->mode_3cbc) { + $this->des[0]->setIV($iv); + $this->des[1]->setIV($iv); + $this->des[2]->setIV($iv); } } @@ -198,571 +241,87 @@ class Crypt_TripleDES extends Crypt_DES { * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * - * If the key is not explicitly set, it'll be assumed to be all zero's. + * If the key is not explicitly set, it'll be assumed to be all null bytes. * * @access public + * @see Crypt_DES::setKey() + * @see Crypt_Base::setKey() * @param String $key */ function setKey($key) { $length = strlen($key); if ($length > 8) { - $key = str_pad($key, 24, chr(0)); + $key = str_pad(substr($key, 0, 24), 24, chr(0)); // if $key is between 64 and 128-bits, use the first 64-bits as the last, per this: // http://php.net/function.mcrypt-encrypt#47973 //$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24); } else { $key = str_pad($key, 8, chr(0)); } - $this->key = $key; - switch (true) { - case CRYPT_DES_MODE == CRYPT_DES_MODE_INTERNAL: - case $this->mode == CRYPT_DES_MODE_3CBC: - $this->des[0]->setKey(substr($key, 0, 8)); - $this->des[1]->setKey(substr($key, 8, 8)); - $this->des[2]->setKey(substr($key, 16, 8)); + parent::setKey($key); - // Merge the three DES-1-dim-key-arrays for 3DES-inline-en/decrypting - if ($this->use_inline_crypt && $this->mode != CRYPT_DES_MODE_3CBC) { - $this->keys = array( - CRYPT_DES_ENCRYPT_1DIM => array_merge( - $this->des[0]->keys[CRYPT_DES_ENCRYPT_1DIM], - $this->des[1]->keys[CRYPT_DES_DECRYPT_1DIM], - $this->des[2]->keys[CRYPT_DES_ENCRYPT_1DIM] - ), - CRYPT_DES_DECRYPT_1DIM => array_merge( - $this->des[2]->keys[CRYPT_DES_DECRYPT_1DIM], - $this->des[1]->keys[CRYPT_DES_ENCRYPT_1DIM], - $this->des[0]->keys[CRYPT_DES_DECRYPT_1DIM] - ), - ); - } + // And in case of CRYPT_DES_MODE_3CBC: + // if key <= 64bits we not need the 3 $des to work, + // because we will then act as regular DES-CBC with just a <= 64bit key. + // So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des. + if ($this->mode_3cbc && $length > 8) { + $this->des[0]->setKey(substr($key, 0, 8)); + $this->des[1]->setKey(substr($key, 8, 8)); + $this->des[2]->setKey(substr($key, 16, 8)); } - $this->enchanged = $this->dechanged = true; - } - - /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: - * $hash, $salt, $method - * - * @param String $password - * @param optional String $method - * @access public - */ - function setPassword($password, $method = 'pbkdf2') - { - $key = ''; - - switch ($method) { - default: // 'pbkdf2' - list(, , $hash, $salt, $count) = func_get_args(); - if (!isset($hash)) { - $hash = 'sha1'; - } - // WPA and WPA2 use the SSID as the salt - if (!isset($salt)) { - $salt = 'phpseclib'; - } - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - if (!isset($count)) { - $count = 1000; - } - - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - - $i = 1; - while (strlen($key) < 24) { // $dkLen == 24 - $hmac = new Crypt_Hash(); - $hmac->setHash($hash); - $hmac->setKey($password); - $f = $u = $hmac->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; $j++) { - $u = $hmac->hash($u); - $f^= $u; - } - $key.= $f; - } - } - - $this->setKey($key); - } - - /** - * Sets the initialization vector. (optional) - * - * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all zero's. - * - * @access public - * @param String $iv - */ - function setIV($iv) - { - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0)); - if ($this->mode == CRYPT_DES_MODE_3CBC) { - $this->des[0]->setIV($iv); - $this->des[1]->setIV($iv); - $this->des[2]->setIV($iv); - } - $this->enchanged = $this->dechanged = true; } /** * Encrypts a message. * + * @see Crypt_Base::encrypt() * @access public * @param String $plaintext + * @return String $cipertext */ function encrypt($plaintext) { - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } + // parent::en/decrypt() is able to do all the work for all modes and keylengths, + // except for: CRYPT_DES_MODE_3CBC (inner chaining CBC) with a key > 64bits // if the key is smaller then 8, do what we'd normally do - if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) { - $ciphertext = $this->des[2]->encrypt($this->des[1]->decrypt($this->des[0]->encrypt($plaintext))); - - return $ciphertext; + if ($this->mode_3cbc && strlen($this->key) > 8) { + return $this->des[2]->encrypt( + $this->des[1]->decrypt( + $this->des[0]->encrypt( + $this->_pad($plaintext) + ) + ) + ); } - if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) { - if ($this->enchanged) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0"); - } - $this->enchanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); - } else { - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - $len = strlen($plaintext); - $ciphertext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $this->enbuffer['enmcrypt_init'] = true; - } - if ($len >= 8) { - if ($this->enbuffer['enmcrypt_init'] === false || $len > 950) { - if ($this->enbuffer['enmcrypt_init'] === true) { - mcrypt_generic_init($this->enmcrypt, $this->key, $iv); - $this->enbuffer['enmcrypt_init'] = false; - } - $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 8)); - $iv = substr($ciphertext, -8); - $i = strlen($ciphertext); - $len%= 8; - } else { - while ($len >= 8) { - $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 8); - $ciphertext.= $iv; - $len-= 8; - $i+= 8; - } - } - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $block = $iv ^ substr($plaintext, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); - } - - return $ciphertext; - } - - if (strlen($this->key) <= 8) { - $this->des[0]->mode = $this->mode; - - return $this->des[0]->encrypt($plaintext); - } - - if ($this->use_inline_crypt) { - $inline = $this->inline_crypt; - return $inline('encrypt', $this, $plaintext); - } - - $des = $this->des; - - $buffer = &$this->enbuffer; - $continuousBuffer = $this->continuousBuffer; - $ciphertext = ''; - switch ($this->mode) { - case CRYPT_DES_MODE_ECB: - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - // all of these _processBlock calls could, in theory, be put in a function - say Crypt_TripleDES::_ede_encrypt() or something. - // only problem with that: it would slow encryption and decryption down. $this->des would have to be called every time that - // function is called, instead of once for the whole string of text that's being encrypted, which would, in turn, make - // encryption and decryption take more time, per this: - // - // http://blog.libssh2.org/index.php?/archives/21-Compiled-Variables.html - $block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT); - $block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT); - $block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT); - $ciphertext.= $block; - } - break; - case CRYPT_DES_MODE_CBC: - $xor = $this->encryptIV; - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8) ^ $xor; - $block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT); - $block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT); - $block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT); - $xor = $block; - $ciphertext.= $block; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - } - break; - case CRYPT_DES_MODE_CTR: - $xor = $this->encryptIV; - if (strlen($buffer['encrypted'])) { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - if (strlen($block) > strlen($buffer['encrypted'])) { - $key = $this->_generate_xor($xor); - $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT); - $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT); - $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT); - $buffer['encrypted'].= $key; - } - $key = $this->_string_shift($buffer['encrypted']); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - $key = $this->_generate_xor($xor); - $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT); - $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT); - $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT); - $ciphertext.= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) & 7) { - $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted']; - } - } - break; - case CRYPT_DES_MODE_CFB: - if (strlen($buffer['xor'])) { - $ciphertext = $plaintext ^ $buffer['xor']; - $iv = $buffer['encrypted'] . $ciphertext; - $start = strlen($ciphertext); - $buffer['encrypted'].= $ciphertext; - $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext)); - } else { - $ciphertext = ''; - $iv = $this->encryptIV; - $start = 0; - } - - for ($i = $start; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - $iv = $des[0]->_processBlock($iv, CRYPT_DES_ENCRYPT); - $iv = $des[1]->_processBlock($iv, CRYPT_DES_DECRYPT); - $xor= $des[2]->_processBlock($iv, CRYPT_DES_ENCRYPT); - - $iv = $block ^ $xor; - if ($continuousBuffer && strlen($iv) != 8) { - $buffer = array( - 'encrypted' => $iv, - 'xor' => substr($xor, strlen($iv)) - ); - } - $ciphertext.= $iv; - } - - if ($this->continuousBuffer) { - $this->encryptIV = $iv; - } - break; - case CRYPT_DES_MODE_OFB: - $xor = $this->encryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $block = substr($plaintext, $i, 8); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $buffer['xor'].= $xor; - } - $key = $this->_string_shift($buffer['xor']); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($plaintext); $i+=8) { - $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $ciphertext.= substr($plaintext, $i, 8) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->encryptIV = $xor; - if ($start = strlen($plaintext) & 7) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - } - - return $ciphertext; + return parent::encrypt($plaintext); } /** * Decrypts a message. * + * @see Crypt_Base::decrypt() * @access public * @param String $ciphertext + * @return String $plaintext */ function decrypt($ciphertext) { - if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) { - $plaintext = $this->des[0]->decrypt($this->des[1]->encrypt($this->des[2]->decrypt($ciphertext))); - - return $this->_unpad($plaintext); + if ($this->mode_3cbc && strlen($this->key) > 8) { + return $this->_unpad( + $this->des[0]->decrypt( + $this->des[1]->encrypt( + $this->des[2]->decrypt( + str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") + ) + ) + ) + ); } - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic : - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0)); - } - - if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) { - if ($this->dechanged) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0"); - } - $this->dechanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); - } else { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - $len = strlen($ciphertext); - $plaintext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 8 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - if ($len >= 8) { - $cb = substr($ciphertext, $i, $len - $len % 8); - $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; - $iv = substr($cb, -8); - $len%= 8; - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $cb = substr($ciphertext, -$len); - $plaintext.= $iv ^ $cb; - $iv = substr_replace($iv, $cb, 0, $len); - $pos = $len; - } - return $plaintext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - if (strlen($this->key) <= 8) { - $this->des[0]->mode = $this->mode; - $plaintext = $this->des[0]->decrypt($ciphertext); - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - if ($this->use_inline_crypt) { - $inline = $this->inline_crypt; - return $inline('decrypt', $this, $ciphertext); - } - - $des = $this->des; - - $buffer = &$this->debuffer; - $continuousBuffer = $this->continuousBuffer; - $plaintext = ''; - switch ($this->mode) { - case CRYPT_DES_MODE_ECB: - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - $block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT); - $block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT); - $block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT); - $plaintext.= $block; - } - break; - case CRYPT_DES_MODE_CBC: - $xor = $this->decryptIV; - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $orig = $block = substr($ciphertext, $i, 8); - $block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT); - $block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT); - $block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT); - $plaintext.= $block ^ $xor; - $xor = $orig; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - } - break; - case CRYPT_DES_MODE_CTR: - $xor = $this->decryptIV; - if (strlen($buffer['ciphertext'])) { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - if (strlen($block) > strlen($buffer['ciphertext'])) { - $key = $this->_generate_xor($xor); - $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT); - $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT); - $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT); - $buffer['ciphertext'].= $key; - } - $key = $this->_string_shift($buffer['ciphertext']); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - $key = $this->_generate_xor($xor); - $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT); - $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT); - $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT); - $plaintext.= $block ^ $key; - } - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($plaintext) & 7) { - $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext']; - } - } - break; - case CRYPT_DES_MODE_CFB: - if (strlen($buffer['ciphertext'])) { - $plaintext = $ciphertext ^ substr($this->decryptIV, strlen($buffer['ciphertext'])); - $buffer['ciphertext'].= substr($ciphertext, 0, strlen($plaintext)); - if (strlen($buffer['ciphertext']) != 8) { - $block = $this->decryptIV; - } else { - $block = $buffer['ciphertext']; - $xor = $des[0]->_processBlock($buffer['ciphertext'], CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $buffer['ciphertext'] = ''; - } - $start = strlen($plaintext); - } else { - $plaintext = ''; - $xor = $des[0]->_processBlock($this->decryptIV, CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $start = 0; - } - - for ($i = $start; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - $plaintext.= $block ^ $xor; - if ($continuousBuffer && strlen($block) != 8) { - $buffer['ciphertext'].= $block; - $block = $xor; - } else if (strlen($block) == 8) { - $xor = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - } - } - if ($this->continuousBuffer) { - $this->decryptIV = $block; - } - break; - case CRYPT_DES_MODE_OFB: - $xor = $this->decryptIV; - if (strlen($buffer['xor'])) { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $block = substr($ciphertext, $i, 8); - if (strlen($block) > strlen($buffer['xor'])) { - $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $buffer['xor'].= $xor; - } - $key = $this->_string_shift($buffer['xor']); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < strlen($ciphertext); $i+=8) { - $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT); - $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT); - $plaintext.= substr($ciphertext, $i, 8) ^ $xor; - } - $key = $xor; - } - if ($this->continuousBuffer) { - $this->decryptIV = $xor; - if ($start = strlen($ciphertext) & 7) { - $buffer['xor'] = substr($key, $start) . $buffer['xor']; - } - } - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; + return parent::decrypt($ciphertext); } /** @@ -799,13 +358,14 @@ class Crypt_TripleDES extends Crypt_DES { * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * however, they are also less intuitive and more likely to cause you problems. * + * @see Crypt_Base::enableContinuousBuffer() * @see Crypt_TripleDES::disableContinuousBuffer() * @access public */ function enableContinuousBuffer() { - $this->continuousBuffer = true; - if ($this->mode == CRYPT_DES_MODE_3CBC) { + parent::enableContinuousBuffer(); + if ($this->mode_3cbc) { $this->des[0]->enableContinuousBuffer(); $this->des[1]->enableContinuousBuffer(); $this->des[2]->enableContinuousBuffer(); @@ -817,26 +377,52 @@ class Crypt_TripleDES extends Crypt_DES { * * The default behavior. * + * @see Crypt_Base::disableContinuousBuffer() * @see Crypt_TripleDES::enableContinuousBuffer() * @access public */ function disableContinuousBuffer() { - $this->continuousBuffer = false; - $this->encryptIV = $this->iv; - $this->decryptIV = $this->iv; - $this->enchanged = true; - $this->dechanged = true; - $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - if ($this->mode == CRYPT_DES_MODE_3CBC) { + parent::disableContinuousBuffer(); + if ($this->mode_3cbc) { $this->des[0]->disableContinuousBuffer(); $this->des[1]->disableContinuousBuffer(); $this->des[2]->disableContinuousBuffer(); } } -} -// vim: ts=4:sw=4:et: -// vim6: fdl=1: + /** + * Creates the key schedule + * + * @see Crypt_DES::_setupKey() + * @see Crypt_Base::_setupKey() + * @access private + */ + function _setupKey() + { + switch (true) { + // if $key <= 64bits we configure our internal pure-php cipher engine + // to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same. + case strlen($this->key) <= 8: + $this->des_rounds = 1; + break; + + // otherwise, if $key > 64bits, we configure our engine to work as 3DES. + default: + $this->des_rounds = 3; + + // (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately. + if ($this->mode_3cbc) { + $this->des[0]->_setupKey(); + $this->des[1]->_setupKey(); + $this->des[2]->_setupKey(); + + // because $des[0-2] will, now, do all the work we can return here + // not need unnecessary stress parent::_setupKey() with our, now unused, $key. + return; + } + } + // setup our key + parent::_setupKey(); + } +} diff --git a/Crypt/Twofish.php b/Crypt/Twofish.php index 20b800f..4099a01 100755 --- a/Crypt/Twofish.php +++ b/Crypt/Twofish.php @@ -1,5 +1,4 @@ * setKey('12345678901234567890123456789012'); + * $twofish->setKey('12345678901234567890123456789012'); * * $plaintext = str_repeat('a', 1024); * - * echo $Twofish->decrypt($Twofish->encrypt($plaintext)); + * echo $twofish->decrypt($twofish->encrypt($plaintext)); * ?> * * @@ -45,16 +44,24 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Crypt - * @package Crypt_Twofish - * @author Jim Wigginton - * @author Hans-Juergen Petrich - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @version 1.0 - * @link http://phpseclib.sourceforge.net + * @category Crypt + * @package Crypt_Twofish + * @author Jim Wigginton + * @author Hans-Juergen Petrich + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ +/** + * Include Crypt_Base + * + * Base cipher class + */ +if (!class_exists('Crypt_Base')) { + include_once 'Base.php'; +} + /**#@+ * @access public * @see Crypt_Twofish::encrypt() @@ -67,208 +74,83 @@ * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 */ -define('CRYPT_TWOFISH_MODE_CTR', -1); +define('CRYPT_TWOFISH_MODE_CTR', CRYPT_MODE_CTR); /** * Encrypt / decrypt using the Electronic Code Book mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 */ -define('CRYPT_TWOFISH_MODE_ECB', 1); +define('CRYPT_TWOFISH_MODE_ECB', CRYPT_MODE_ECB); /** * Encrypt / decrypt using the Code Book Chaining mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 */ -define('CRYPT_TWOFISH_MODE_CBC', 2); +define('CRYPT_TWOFISH_MODE_CBC', CRYPT_MODE_CBC); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 */ -define('CRYPT_TWOFISH_MODE_CFB', 3); +define('CRYPT_TWOFISH_MODE_CFB', CRYPT_MODE_CFB); /** * Encrypt / decrypt using the Cipher Feedback mode. * * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 */ -define('CRYPT_TWOFISH_MODE_OFB', 4); +define('CRYPT_TWOFISH_MODE_OFB', CRYPT_MODE_OFB); /**#@-*/ /**#@+ * @access private - * @see Crypt_Twofish::Crypt_Twofish() + * @see Crypt_Base::Crypt_Base() */ /** * Toggles the internal implementation */ -define('CRYPT_TWOFISH_MODE_INTERNAL', 1); +define('CRYPT_TWOFISH_MODE_INTERNAL', CRYPT_MODE_INTERNAL); /** * Toggles the mcrypt implementation */ -define('CRYPT_TWOFISH_MODE_MCRYPT', 2); +define('CRYPT_TWOFISH_MODE_MCRYPT', CRYPT_MODE_MCRYPT); /**#@-*/ /** * Pure-PHP implementation of Twofish. * + * @package Crypt_Twofish * @author Jim Wigginton * @author Hans-Juergen Petrich - * @version 1.0 * @access public - * @package Crypt_Twofish */ -class Crypt_Twofish { +class Crypt_Twofish extends Crypt_Base +{ /** - * The Key as String + * The namespace used by the cipher for its constants. * - * @see Crypt_Twofish::setKey() - * @var Array + * @see Crypt_Base::const_namespace + * @var String * @access private */ - var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; + var $const_namespace = 'TWOFISH'; /** - * The Encryption Mode + * The mcrypt specific name of the cipher * - * @see Crypt_Twofish::Crypt_Twofish() + * @see Crypt_Base::cipher_name_mcrypt + * @var String + * @access private + */ + var $cipher_name_mcrypt = 'twofish'; + + /** + * Optimizing value while CFB-encrypting + * + * @see Crypt_Base::cfb_init_len * @var Integer * @access private */ - var $mode; - - /** - * Continuous Buffer status - * - * @see Crypt_Twofish::enableContinuousBuffer() - * @var Boolean - * @access private - */ - var $continuousBuffer = false; - - /** - * Padding status - * - * @see Crypt_Twofish::enablePadding() - * @var Boolean - * @access private - */ - var $padding = true; - - /** - * The Initialization Vector - * - * @see Crypt_Twofish::setIV() - * @var String - * @access private - */ - var $iv = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - - /** - * A "sliding" Initialization Vector - * - * @see Crypt_Twofish::enableContinuousBuffer() - * @var String - * @access private - */ - var $encryptIV = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - - /** - * A "sliding" Initialization Vector - * - * @see Crypt_Twofish::enableContinuousBuffer() - * @var String - * @access private - */ - var $decryptIV = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; - - /** - * mcrypt resource for encryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_Twofish::encrypt() - * @var String - * @access private - */ - var $enmcrypt; - - /** - * mcrypt resource for decryption - * - * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. - * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. - * - * @see Crypt_Twofish::decrypt() - * @var String - * @access private - */ - var $demcrypt; - - /** - * Does the enmcrypt resource need to be (re)initialized? - * - * @see Crypt_Twofish::setKey() - * @see Crypt_Twofish::setIV() - * @var Boolean - * @access private - */ - var $enchanged = true; - - /** - * Does the demcrypt resource need to be (re)initialized? - * - * @see Crypt_Twofish::setKey() - * @see Crypt_Twofish::setIV() - * @var Boolean - * @access private - */ - var $dechanged = true; - - /** - * Is the mode one that is paddable? - * - * @see Crypt_Twofish::Crypt_Twofish() - * @var Boolean - * @access private - */ - var $paddable = false; - - /** - * Encryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_Twofish::encrypt() - * @var Array - * @access private - */ - var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - - /** - * Decryption buffer for CTR, OFB and CFB modes - * - * @see Crypt_Twofish::decrypt() - * @var Array - * @access private - */ - var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - /** - * mcrypt resource for CFB mode - * - * @see Crypt_Twofish::encrypt() - * @see Crypt_Twofish::decrypt() - * @var String - * @access private - */ - var $ecb; - - /** - * Performance-optimized callback function for en/decrypt() - * - * @var Callback - * @access private - */ - var $inline_crypt; + var $cfb_init_len = 800; /** * Q-Table @@ -557,71 +439,12 @@ class Crypt_Twofish { var $S3 = array(); /** - * Default Constructor. + * Holds the last used key * - * Determines whether or not the mcrypt extension should be used. - * If not explictly set, CRYPT_TWOFISH_MODE_CBC will be used. - * - * @param optional Integer $mode - * @access public + * @var Array + * @access private */ - function Crypt_Twofish($mode = CRYPT_TWOFISH_MODE_CBC) - { - if ( !defined('CRYPT_TWOFISH_MODE') ) { - switch (true) { - case extension_loaded('mcrypt') && in_array('twofish', mcrypt_list_algorithms()): - define('CRYPT_TWOFISH_MODE', CRYPT_TWOFISH_MODE_MCRYPT); - break; - default: - define('CRYPT_TWOFISH_MODE', CRYPT_TWOFISH_MODE_INTERNAL); - } - } - - switch ( CRYPT_TWOFISH_MODE ) { - case CRYPT_TWOFISH_MODE_MCRYPT: - switch ($mode) { - case CRYPT_TWOFISH_MODE_ECB: - $this->paddable = true; - $this->mode = MCRYPT_MODE_ECB; - break; - case CRYPT_TWOFISH_MODE_CTR: - $this->mode = 'ctr'; - break; - case CRYPT_TWOFISH_MODE_CFB: - $this->mode = 'ncfb'; - $this->ecb = mcrypt_module_open(MCRYPT_TWOFISH, '', MCRYPT_MODE_ECB, ''); - break; - case CRYPT_TWOFISH_MODE_OFB: - $this->mode = MCRYPT_MODE_NOFB; - break; - case CRYPT_TWOFISH_MODE_CBC: - default: - $this->paddable = true; - $this->mode = MCRYPT_MODE_CBC; - } - $this->enmcrypt = mcrypt_module_open(MCRYPT_TWOFISH, '', $this->mode, ''); - $this->demcrypt = mcrypt_module_open(MCRYPT_TWOFISH, '', $this->mode, ''); - - break; - default: - switch ($mode) { - case CRYPT_TWOFISH_MODE_ECB: - case CRYPT_TWOFISH_MODE_CBC: - $this->paddable = true; - $this->mode = $mode; - break; - case CRYPT_TWOFISH_MODE_CTR: - case CRYPT_TWOFISH_MODE_CFB: - case CRYPT_TWOFISH_MODE_OFB: - $this->mode = $mode; - break; - default: - $this->paddable = true; - $this->mode = CRYPT_TWOFISH_MODE_CBC; - } - $this->inline_crypt_setup(); - } - } + var $kl; /** * Sets the key. @@ -633,6 +456,7 @@ class Crypt_Twofish { * If the key is not explicitly set, it'll be assumed a 128 bits key to be all null bytes. * * @access public + * @see Crypt_Base::setKey() * @param String $key */ function setKey($key) @@ -640,29 +464,37 @@ class Crypt_Twofish { $keylength = strlen($key); switch (true) { case $keylength <= 16: - $key.= str_repeat("\0", 16 - $keylength); + $key = str_pad($key, 16, "\0"); break; case $keylength <= 24: - $key.= str_repeat("\0", 24 - $keylength); + $key = str_pad($key, 24, "\0"); break; - case $keylength <= 32: - $key.= str_repeat("\0", 32 - $keylength); + case $keylength < 32: + $key = str_pad($key, 32, "\0"); break; - default: + case $keylength > 32: $key = substr($key, 0, 32); } - $this->key = $key; + parent::setKey($key); + } - $this->enchanged = true; - $this->dechanged = true; - - if (CRYPT_TWOFISH_MODE == CRYPT_TWOFISH_MODE_MCRYPT) { + /** + * Setup the key (expansion) + * + * @see Crypt_Base::_setupKey() + * @access private + */ + function _setupKey() + { + if (isset($this->kl['key']) && $this->key === $this->kl['key']) { + // already expanded return; } + $this->kl = array('key' => $this->key); /* Key expanding and generating the key-depended s-boxes */ - $le_longs = unpack('V*', $key); - $key = unpack('C*', $key); + $le_longs = unpack('V*', $this->key); + $key = unpack('C*', $this->key); $m0 = $this->m0; $m1 = $this->m1; $m2 = $this->m2; @@ -674,8 +506,8 @@ class Crypt_Twofish { switch (strlen($this->key)) { case 16: - list ($s7, $s6, $s5, $s4) = $this->mds_rem($le_longs[1], $le_longs[2]); - list ($s3, $s2, $s1, $s0) = $this->mds_rem($le_longs[3], $le_longs[4]); + list ($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[1], $le_longs[2]); + list ($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[3], $le_longs[4]); for ($i = 0, $j = 1; $i < 40; $i+= 2,$j+= 2) { $A = $m0[$q0[$q0[$i] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$i] ^ $key[10]] ^ $key[2]] ^ @@ -697,9 +529,9 @@ class Crypt_Twofish { } break; case 24: - list ($sb, $sa, $s9, $s8) = $this->mds_rem($le_longs[1], $le_longs[2]); - list ($s7, $s6, $s5, $s4) = $this->mds_rem($le_longs[3], $le_longs[4]); - list ($s3, $s2, $s1, $s0) = $this->mds_rem($le_longs[5], $le_longs[6]); + list ($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[1], $le_longs[2]); + list ($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[3], $le_longs[4]); + list ($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[5], $le_longs[6]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$q1[$i] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$q1[$i] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ @@ -721,10 +553,10 @@ class Crypt_Twofish { } break; default: // 32 - list ($sf, $se, $sd, $sc) = $this->mds_rem($le_longs[1], $le_longs[2]); - list ($sb, $sa, $s9, $s8) = $this->mds_rem($le_longs[3], $le_longs[4]); - list ($s7, $s6, $s5, $s4) = $this->mds_rem($le_longs[5], $le_longs[6]); - list ($s3, $s2, $s1, $s0) = $this->mds_rem($le_longs[7], $le_longs[8]); + list ($sf, $se, $sd, $sc) = $this->_mdsrem($le_longs[1], $le_longs[2]); + list ($sb, $sa, $s9, $s8) = $this->_mdsrem($le_longs[3], $le_longs[4]); + list ($s7, $s6, $s5, $s4) = $this->_mdsrem($le_longs[5], $le_longs[6]); + list ($s3, $s2, $s1, $s0) = $this->_mdsrem($le_longs[7], $le_longs[8]); for ($i = 0, $j = 1; $i < 40; $i+= 2, $j+= 2) { $A = $m0[$q0[$q0[$q1[$q1[$i] ^ $key[25]] ^ $key[17]] ^ $key[ 9]] ^ $key[1]] ^ $m1[$q0[$q1[$q1[$q0[$i] ^ $key[26]] ^ $key[18]] ^ $key[10]] ^ $key[2]] ^ @@ -754,425 +586,14 @@ class Crypt_Twofish { } /** - * Sets the password. - * - * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: - * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}: - * $hash, $salt, $count - * - * @param String $password - * @param optional String $method - * @access public - */ - function setPassword($password, $method = 'pbkdf2') - { - $key = ''; - - switch ($method) { - default: // 'pbkdf2' - list(, , $hash, $salt, $count) = func_get_args(); - if (!isset($hash)) { - $hash = 'sha1'; - } - // WPA and WPA2 use the SSID as the salt - if (!isset($salt)) { - $salt = 'phpseclib/salt'; - } - // RFC2898#section-4.2 uses 1,000 iterations by default - // WPA and WPA2 use 4,096. - if (!isset($count)) { - $count = 1000; - } - - if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); - } - - $i = 1; - while (strlen($key) < 32) { - $hmac = new Crypt_Hash(); - $hmac->setHash($hash); - $hmac->setKey($password); - $f = $u = $hmac->hash($salt . pack('N', $i++)); - for ($j = 2; $j <= $count; ++$j) { - $u = $hmac->hash($u); - $f^= $u; - } - $key.= $f; - } - } - - $this->setKey($key); - } - - /** - * Sets the initialization vector. (optional) - * - * SetIV is not required when CRYPT_TWOFISH_MODE_ECB is being used. If not explictly set, it'll be assumed - * to be all null bytes. - * - * @access public - * @param String $iv - */ - function setIV($iv) - { - $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 16), 16, chr(0)); - $this->enchanged = true; - $this->dechanged = true; - } - - /** - * Encrypts a message. - * - * $plaintext will be padded with up to 16 additional bytes. Other Twofish implementations may or may not pad in the - * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following - * URL: - * - * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html} - * - * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. - * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that - * length. - * - * @see Crypt_Twofish::decrypt() - * @access public - * @param String $plaintext - */ - function encrypt($plaintext) - { - if ( CRYPT_TWOFISH_MODE == CRYPT_TWOFISH_MODE_MCRYPT ) { - if ($this->paddable) { - $plaintext = $this->_pad($plaintext); - } - - if ($this->enchanged) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); - } - $this->enchanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext); - } else { - $iv = &$this->encryptIV; - $pos = &$this->enbuffer['pos']; - $len = strlen($plaintext); - $ciphertext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 16 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $plaintext; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - $this->enbuffer['enmcrypt_init'] = true; - } - if ($len >= 16) { - if ($this->enbuffer['enmcrypt_init'] === false || $len > 600) { - if ($this->enbuffer['enmcrypt_init'] === true) { - mcrypt_generic_init($this->enmcrypt, $this->key, $iv); - $this->enbuffer['enmcrypt_init'] = false; - } - $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 16)); - $iv = substr($ciphertext, -16); - $len%= 16; - } else { - while ($len >= 16) { - $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 16); - $ciphertext.= $iv; - $len-= 16; - $i+= 16; - } - } - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $block = $iv ^ substr($plaintext, -$len); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV); - } - - return $ciphertext; - } - - if (empty($this->K)) { - $this->setKey($this->key); - } - - $inline = $this->inline_crypt; - return $inline('encrypt', $this, $plaintext); - } - - /** - * Decrypts a message. - * - * If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is. - * - * @see Crypt_Twofish::encrypt() - * @access public - * @param String $ciphertext - */ - function decrypt($ciphertext) - { - if ( CRYPT_TWOFISH_MODE == CRYPT_TWOFISH_MODE_MCRYPT ) { - if ($this->paddable) { - // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic : - // "The data is padded with "\0" to make sure the length of the data is n * blocksize." - $ciphertext = str_pad($ciphertext, strlen($ciphertext) + (16 - strlen($ciphertext) % 16) % 16, chr(0)); - } - - if ($this->dechanged) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); - if ($this->mode == 'ncfb') { - mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"); - } - $this->dechanged = false; - } - - if ($this->mode != 'ncfb' || !$this->continuousBuffer) { - $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext); - } else { - $iv = &$this->decryptIV; - $pos = &$this->debuffer['pos']; - $len = strlen($ciphertext); - $plaintext = ''; - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = 16 - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $ciphertext; - $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i); - } - if ($len >= 16) { - $cb = substr($ciphertext, $i, $len - $len % 16); - $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb; - $iv = substr($cb, -16); - $len%= 16; - } - if ($len) { - $iv = mcrypt_generic($this->ecb, $iv); - $plaintext.= $iv ^ substr($ciphertext, -$len); - $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len); - $pos = $len; - } - return $plaintext; - } - - if (!$this->continuousBuffer) { - mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV); - } - - return $this->paddable ? $this->_unpad($plaintext) : $plaintext; - } - - if (empty($this->K)) { - $this->setKey($this->key); - } - - $inline = $this->inline_crypt; - return $inline('decrypt', $this, $ciphertext); - } - - /** - * Treat consecutive "packets" as if they are a continuous buffer. - * - * @see Crypt_Twofish::disableContinuousBuffer() - * @access public - */ - function enableContinuousBuffer() - { - $this->continuousBuffer = true; - } - - /** - * Treat consecutive packets as if they are a discontinuous buffer. - * - * The default behavior. - * - * @see Crypt_Twofish::enableContinuousBuffer() - * @access public - */ - function disableContinuousBuffer() - { - $this->continuousBuffer = false; - $this->encryptIV = $this->iv; - $this->decryptIV = $this->iv; - $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true); - $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true); - - if (CRYPT_TWOFISH_MODE == CRYPT_TWOFISH_MODE_MCRYPT) { - mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv); - mcrypt_generic_init($this->demcrypt, $this->key, $this->iv); - } - } - - /** - * Pad "packets". - * - * Twofish works by encrypting 16 bytes at a time. If you ever need to encrypt or decrypt something that's not - * a multiple of 16, it becomes necessary to pad the input so that it's length is a multiple of eight. - * - * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1, - * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping - * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is - * transmitted separately) - * - * @see Crypt_Twofish::disablePadding() - * @access public - */ - function enablePadding() - { - $this->padding = true; - } - - /** - * Do not pad packets. - * - * @see Crypt_Twofish::enablePadding() - * @access public - */ - function disablePadding() - { - $this->padding = false; - } - - /** - * Pads a string - * - * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (16). - * - * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless - * and padding will, hence forth, be enabled. - * - * @see Crypt_Twofish::_unpad() - * @access private - */ - function _pad($text) - { - $length = strlen($text); - - if (!$this->padding) { - if ($length % 16 == 0) { - return $text; - } else { - user_error("The plaintext's length ($length) is not a multiple of the block size (16)"); - $this->padding = true; - } - } - - $pad = 16 - ($length % 16); - - return str_pad($text, $length + $pad, chr($pad)); - } - - /** - * Unpads a string - * - * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong - * and false will be returned. - * - * @see Crypt_Twofish::_pad() - * @access private - */ - function _unpad($text) - { - if (!$this->padding) { - return $text; - } - - $length = ord($text[strlen($text) - 1]); - - if (!$length || $length > 16) { - return false; - } - - return substr($text, 0, -$length); - } - - /** - * String Shift - * - * Inspired by array_shift - * - * @param String $string - * @return String - * @access private - */ - function _string_shift(&$string) - { - $substr = substr($string, 0, 16); - $string = substr($string, 16); - return $substr; - } - - /** - * Generate CTR XOR encryption key - * - * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the - * plaintext / ciphertext in CTR mode. - * - * @see Crypt_Twofish::decrypt() - * @see Crypt_Twofish::encrypt() - * @access public - * @param String $iv - */ - function _generate_xor(&$iv) - { - $xor = $iv; - for ($j = 4; $j <= 16; $j+=4) { - $temp = substr($iv, -$j, 4); - switch ($temp) { - case "\xFF\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4); - break; - case "\x7F\xFF\xFF\xFF": - $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4); - break 2; - default: - extract(unpack('Ncount', $temp)); - $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4); - break 2; - } - } - - return $xor; - } - - /** - * mds_rem function using by the twofish cipher algorithm + * _mdsrem function using by the twofish cipher algorithm * * @access private * @param String $A * @param String $B * @return Array */ - function mds_rem($A, $B) + function _mdsrem($A, $B) { // No gain by unrolling this loop. for ($i = 0; $i < 8; ++$i) { @@ -1211,36 +632,180 @@ class Crypt_Twofish { } /** - * Creates performance-optimized function for de/encrypt(), storing it in $this->inline_crypt + * Encrypts a block * * @access private + * @param String $in + * @return String */ - function inline_crypt_setup() + function _encryptBlock($in) { - $lambda_functions =& Crypt_Twofish::get_lambda_functions(); - $block_size = 16; - $mode = $this->mode; - $code_hash = "$mode"; + $S0 = $this->S0; + $S1 = $this->S1; + $S2 = $this->S2; + $S3 = $this->S3; + $K = $this->K; + + $in = unpack("V4", $in); + $R0 = $K[0] ^ $in[1]; + $R1 = $K[1] ^ $in[2]; + $R2 = $K[2] ^ $in[3]; + $R3 = $K[3] ^ $in[4]; + + $ki = 7; + while ($ki < 39) { + $t0 = $S0[ $R0 & 0xff] ^ + $S1[($R0 >> 8) & 0xff] ^ + $S2[($R0 >> 16) & 0xff] ^ + $S3[($R0 >> 24) & 0xff]; + $t1 = $S0[($R1 >> 24) & 0xff] ^ + $S1[ $R1 & 0xff] ^ + $S2[($R1 >> 8) & 0xff] ^ + $S3[($R1 >> 16) & 0xff]; + $R2^= $t0 + $t1 + $K[++$ki]; + $R2 = ($R2 >> 1 & 0x7fffffff) | ($R2 << 31); + $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ ($t0 + ($t1 << 1) + $K[++$ki]); + + $t0 = $S0[ $R2 & 0xff] ^ + $S1[($R2 >> 8) & 0xff] ^ + $S2[($R2 >> 16) & 0xff] ^ + $S3[($R2 >> 24) & 0xff]; + $t1 = $S0[($R3 >> 24) & 0xff] ^ + $S1[ $R3 & 0xff] ^ + $S2[($R3 >> 8) & 0xff] ^ + $S3[($R3 >> 16) & 0xff]; + $R0^= ($t0 + $t1 + $K[++$ki]); + $R0 = ($R0 >> 1 & 0x7fffffff) | ($R0 << 31); + $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ ($t0 + ($t1 << 1) + $K[++$ki]); + } + + // @codingStandardsIgnoreStart + return pack("V4", $K[4] ^ $R2, + $K[5] ^ $R3, + $K[6] ^ $R0, + $K[7] ^ $R1); + // @codingStandardsIgnoreEnd + } + + /** + * Decrypts a block + * + * @access private + * @param String $in + * @return String + */ + function _decryptBlock($in) + { + $S0 = $this->S0; + $S1 = $this->S1; + $S2 = $this->S2; + $S3 = $this->S3; + $K = $this->K; + + $in = unpack("V4", $in); + $R0 = $K[4] ^ $in[1]; + $R1 = $K[5] ^ $in[2]; + $R2 = $K[6] ^ $in[3]; + $R3 = $K[7] ^ $in[4]; + + $ki = 40; + while ($ki > 8) { + $t0 = $S0[$R0 & 0xff] ^ + $S1[$R0 >> 8 & 0xff] ^ + $S2[$R0 >> 16 & 0xff] ^ + $S3[$R0 >> 24 & 0xff]; + $t1 = $S0[$R1 >> 24 & 0xff] ^ + $S1[$R1 & 0xff] ^ + $S2[$R1 >> 8 & 0xff] ^ + $S3[$R1 >> 16 & 0xff]; + $R3^= $t0 + ($t1 << 1) + $K[--$ki]; + $R3 = $R3 >> 1 & 0x7fffffff | $R3 << 31; + $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ ($t0 + $t1 + $K[--$ki]); + + $t0 = $S0[$R2 & 0xff] ^ + $S1[$R2 >> 8 & 0xff] ^ + $S2[$R2 >> 16 & 0xff] ^ + $S3[$R2 >> 24 & 0xff]; + $t1 = $S0[$R3 >> 24 & 0xff] ^ + $S1[$R3 & 0xff] ^ + $S2[$R3 >> 8 & 0xff] ^ + $S3[$R3 >> 16 & 0xff]; + $R1^= $t0 + ($t1 << 1) + $K[--$ki]; + $R1 = $R1 >> 1 & 0x7fffffff | $R1 << 31; + $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ ($t0 + $t1 + $K[--$ki]); + } + + // @codingStandardsIgnoreStart + return pack("V4", $K[0] ^ $R2, + $K[1] ^ $R3, + $K[2] ^ $R0, + $K[3] ^ $R1); + // @codingStandardsIgnoreEnd + } + + /** + * Setup the performance-optimized function for de/encrypt() + * + * @see Crypt_Base::_setupInlineCrypt() + * @access private + */ + function _setupInlineCrypt() + { + $lambda_functions =& Crypt_Twofish::_getLambdaFunctions(); + + // Max. 10 Ultra-Hi-optimized inline-crypt functions. After that, we'll (still) create very fast code, but not the ultimate fast one. + $gen_hi_opt_code = (bool)( count($lambda_functions) < 10 ); + + switch (true) { + case $gen_hi_opt_code: + $code_hash = md5(str_pad("Crypt_Twofish, {$this->mode}, ", 32, "\0") . $this->key); + break; + default: + $code_hash = "Crypt_Twofish, {$this->mode}"; + } if (!isset($lambda_functions[$code_hash])) { - $init_cryptBlock = ' - $S0 = $self->S0; - $S1 = $self->S1; - $S2 = $self->S2; - $S3 = $self->S3; - extract($self->K, EXTR_PREFIX_ALL, "K"); - '; + switch (true) { + case $gen_hi_opt_code: + $K = $this->K; + + $init_crypt = ' + static $S0, $S1, $S2, $S3; + if (!$S0) { + for ($i = 0; $i < 256; ++$i) { + $S0[] = (int)$self->S0[$i]; + $S1[] = (int)$self->S1[$i]; + $S2[] = (int)$self->S2[$i]; + $S3[] = (int)$self->S3[$i]; + } + } + '; + break; + default: + $K = array(); + for ($i = 0; $i < 40; ++$i) { + $K[] = '$K_' . $i; + } + + $init_crypt = ' + $S0 = $self->S0; + $S1 = $self->S1; + $S2 = $self->S2; + $S3 = $self->S3; + list(' . implode(',', $K) . ') = $self->K; + '; + } // Generating encrypt code: - $_encryptBlock = ' + $encrypt_block = ' $in = unpack("V4", $in); - $R0 = $K_0 ^ $in[1]; - $R1 = $K_1 ^ $in[2]; - $R2 = $K_2 ^ $in[3]; - $R3 = $K_3 ^ $in[4]; + $R0 = '.$K[0].' ^ $in[1]; + $R1 = '.$K[1].' ^ $in[2]; + $R2 = '.$K[2].' ^ $in[3]; + $R3 = '.$K[3].' ^ $in[4]; '; for ($ki = 7, $i = 0; $i < 8; ++$i) { - $_encryptBlock.= ' + $encrypt_block.= ' $t0 = $S0[ $R0 & 0xff] ^ $S1[($R0 >> 8) & 0xff] ^ $S2[($R0 >> 16) & 0xff] ^ @@ -1249,9 +814,9 @@ class Crypt_Twofish { $S1[ $R1 & 0xff] ^ $S2[($R1 >> 8) & 0xff] ^ $S3[($R1 >> 16) & 0xff]; - $R2^= ($t0 + $t1 + $K_'.(++$ki).'); + $R2^= ($t0 + $t1 + '.$K[++$ki].'); $R2 = ($R2 >> 1 & 0x7fffffff) | ($R2 << 31); - $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ ($t0 + ($t1 << 1) + $K_'.(++$ki).'); + $R3 = ((($R3 >> 31) & 1) | ($R3 << 1)) ^ ($t0 + ($t1 << 1) + '.$K[++$ki].'); $t0 = $S0[ $R2 & 0xff] ^ $S1[($R2 >> 8) & 0xff] ^ @@ -1261,28 +826,28 @@ class Crypt_Twofish { $S1[ $R3 & 0xff] ^ $S2[($R3 >> 8) & 0xff] ^ $S3[($R3 >> 16) & 0xff]; - $R0^= ($t0 + $t1 + $K_'.(++$ki).'); + $R0^= ($t0 + $t1 + '.$K[++$ki].'); $R0 = ($R0 >> 1 & 0x7fffffff) | ($R0 << 31); - $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ ($t0 + ($t1 << 1) + $K_'.(++$ki).'); + $R1 = ((($R1 >> 31) & 1) | ($R1 << 1)) ^ ($t0 + ($t1 << 1) + '.$K[++$ki].'); '; } - $_encryptBlock.= ' - $in = pack("V4", $K_4 ^ $R2, - $K_5 ^ $R3, - $K_6 ^ $R0, - $K_7 ^ $R1); + $encrypt_block.= ' + $in = pack("V4", '.$K[4].' ^ $R2, + '.$K[5].' ^ $R3, + '.$K[6].' ^ $R0, + '.$K[7].' ^ $R1); '; // Generating decrypt code: - $_decryptBlock = ' + $decrypt_block = ' $in = unpack("V4", $in); - $R0 = $K_4 ^ $in[1]; - $R1 = $K_5 ^ $in[2]; - $R2 = $K_6 ^ $in[3]; - $R3 = $K_7 ^ $in[4]; + $R0 = '.$K[4].' ^ $in[1]; + $R1 = '.$K[5].' ^ $in[2]; + $R2 = '.$K[6].' ^ $in[3]; + $R3 = '.$K[7].' ^ $in[4]; '; for ($ki = 40, $i = 0; $i < 8; ++$i) { - $_decryptBlock.= ' + $decrypt_block.= ' $t0 = $S0[$R0 & 0xff] ^ $S1[$R0 >> 8 & 0xff] ^ $S2[$R0 >> 16 & 0xff] ^ @@ -1291,9 +856,9 @@ class Crypt_Twofish { $S1[$R1 & 0xff] ^ $S2[$R1 >> 8 & 0xff] ^ $S3[$R1 >> 16 & 0xff]; - $R3^= $t0 + ($t1 << 1) + $K_'.(--$ki).'; + $R3^= $t0 + ($t1 << 1) + '.$K[--$ki].'; $R3 = $R3 >> 1 & 0x7fffffff | $R3 << 31; - $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ ($t0 + $t1 + $K_'.(--$ki).'); + $R2 = ($R2 >> 31 & 0x1 | $R2 << 1) ^ ($t0 + $t1 + '.$K[--$ki].'); $t0 = $S0[$R2 & 0xff] ^ $S1[$R2 >> 8 & 0xff] ^ @@ -1303,362 +868,28 @@ class Crypt_Twofish { $S1[$R3 & 0xff] ^ $S2[$R3 >> 8 & 0xff] ^ $S3[$R3 >> 16 & 0xff]; - $R1^= $t0 + ($t1 << 1) + $K_'.(--$ki).'; + $R1^= $t0 + ($t1 << 1) + '.$K[--$ki].'; $R1 = $R1 >> 1 & 0x7fffffff | $R1 << 31; - $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ ($t0 + $t1 + $K_'.(--$ki).'); + $R0 = ($R0 >> 31 & 0x1 | $R0 << 1) ^ ($t0 + $t1 + '.$K[--$ki].'); '; } - $_decryptBlock.= ' - $in = pack("V4", $K_0 ^ $R2, - $K_1 ^ $R3, - $K_2 ^ $R0, - $K_3 ^ $R1); + $decrypt_block.= ' + $in = pack("V4", '.$K[0].' ^ $R2, + '.$K[1].' ^ $R3, + '.$K[2].' ^ $R0, + '.$K[3].' ^ $R1); '; - // Generating mode of operation code: - switch ($mode) { - case CRYPT_TWOFISH_MODE_ECB: - $encrypt = ' - $ciphertext = ""; - $text = $self->_pad($text); - $plaintext_len = strlen($text); - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_encryptBlock.' - $ciphertext.= $in; - } - - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $text = str_pad($text, strlen($text) + ('.$block_size.' - strlen($text) % '.$block_size.') % '.$block_size.', chr(0)); - $ciphertext_len = strlen($text); - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.'); - '.$_decryptBlock.' - $plaintext.= $in; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_TWOFISH_MODE_CBC: - $encrypt = ' - $ciphertext = ""; - $text = $self->_pad($text); - $plaintext_len = strlen($text); - - $in = $self->encryptIV; - - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = substr($text, $i, '.$block_size.') ^ $in; - '.$_encryptBlock.' - $ciphertext.= $in; - } - - if ($self->continuousBuffer) { - $self->encryptIV = $in; - } - - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $text = str_pad($text, strlen($text) + ('.$block_size.' - strlen($text) % '.$block_size.') % '.$block_size.', chr(0)); - $ciphertext_len = strlen($text); - - $iv = $self->decryptIV; - - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $block = substr($text, $i, '.$block_size.'); - '.$_decryptBlock.' - $plaintext.= $in ^ $iv; - $iv = $block; - } - - if ($self->continuousBuffer) { - $self->decryptIV = $iv; - } - - return $self->_unpad($plaintext); - '; - break; - case CRYPT_TWOFISH_MODE_CTR: - $encrypt = ' - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["encrypted"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["encrypted"])) { - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $buffer["encrypted"].= $in; - } - $key = $self->_string_shift($buffer["encrypted"]); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $key = $in; - $ciphertext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["encrypted"] = substr($key, $start) . $buffer["encrypted"]; - } - } - - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["ciphertext"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["ciphertext"])) { - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $buffer["ciphertext"].= $in; - } - $key = $self->_string_shift($buffer["ciphertext"]); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - $in = $self->_generate_xor($xor); - '.$_encryptBlock.' - $key = $in; - $plaintext.= $block ^ $key; - } - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["ciphertext"] = substr($key, $start) . $buffer["ciphertext"]; - } - } - - return $plaintext; - '; - break; - case CRYPT_TWOFISH_MODE_CFB: - $encrypt = ' - $ciphertext = ""; - $buffer = &$self->enbuffer; - - if ($self->continuousBuffer) { - $iv = &$self->encryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->encryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $ciphertext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, $ciphertext, $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_encryptBlock.'; - $iv = $in ^ substr($text, $i, '.$block_size.'); - $ciphertext.= $iv; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $block = $iv ^ substr($text, $i); - $iv = substr_replace($iv, $block, 0, $len); - $ciphertext.= $block; - $pos = $len; - } - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $buffer = &$self->debuffer; - - if ($self->continuousBuffer) { - $iv = &$self->decryptIV; - $pos = &$buffer["pos"]; - } else { - $iv = $self->decryptIV; - $pos = 0; - } - $len = strlen($text); - $i = 0; - if ($pos) { - $orig_pos = $pos; - $max = '.$block_size.' - $pos; - if ($len >= $max) { - $i = $max; - $len-= $max; - $pos = 0; - } else { - $i = $len; - $pos+= $len; - $len = 0; - } - $plaintext = substr($iv, $orig_pos) ^ $text; - $iv = substr_replace($iv, substr($text, 0, $i), $orig_pos, $i); - } - while ($len >= '.$block_size.') { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $cb = substr($text, $i, '.$block_size.'); - $plaintext.= $iv ^ $cb; - $iv = $cb; - $len-= '.$block_size.'; - $i+= '.$block_size.'; - } - if ($len) { - $in = $iv; - '.$_encryptBlock.' - $iv = $in; - $plaintext.= $iv ^ substr($text, $i); - $iv = substr_replace($iv, substr($text, $i), 0, $len); - $pos = $len; - } - - return $plaintext; - '; - break; - case CRYPT_TWOFISH_MODE_OFB: - $encrypt = ' - $ciphertext = ""; - $plaintext_len = strlen($text); - $xor = $self->encryptIV; - $buffer = &$self->enbuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"]); - $ciphertext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $ciphertext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->encryptIV = $xor; - if ($start = $plaintext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $ciphertext; - '; - - $decrypt = ' - $plaintext = ""; - $ciphertext_len = strlen($text); - $xor = $self->decryptIV; - $buffer = &$self->debuffer; - - if (strlen($buffer["xor"])) { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $block = substr($text, $i, '.$block_size.'); - if (strlen($block) > strlen($buffer["xor"])) { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $buffer["xor"].= $xor; - } - $key = $self->_string_shift($buffer["xor"]); - $plaintext.= $block ^ $key; - } - } else { - for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') { - $in = $xor; - '.$_encryptBlock.' - $xor = $in; - $plaintext.= substr($text, $i, '.$block_size.') ^ $xor; - } - $key = $xor; - } - if ($self->continuousBuffer) { - $self->decryptIV = $xor; - if ($start = $ciphertext_len % '.$block_size.') { - $buffer["xor"] = substr($key, $start) . $buffer["xor"]; - } - } - return $plaintext; - '; - break; - } - $fnc_head = '$action, &$self, $text'; - $fnc_body = $init_cryptBlock . 'if ($action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }'; - - if (function_exists('create_function') && is_callable('create_function')) { - $lambda_functions[$code_hash] = create_function($fnc_head, $fnc_body); - } else { - eval('function ' . ($lambda_functions[$code_hash] = 'f' . md5(microtime())) . '(' . $fnc_head . ') { ' . $fnc_body . ' }'); - } + $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( + array( + 'init_crypt' => $init_crypt, + 'init_encrypt' => '', + 'init_decrypt' => '', + 'encrypt_block' => $encrypt_block, + 'decrypt_block' => $decrypt_block + ) + ); } $this->inline_crypt = $lambda_functions[$code_hash]; } - - /** - * Holds the lambda_functions table (classwide) - * - * @see inline_crypt_setup() - * @return Array - * @access private - */ - function &get_lambda_functions() - { - static $functions = array(); - return $functions; - } } - -// vim: ts=4:sw=4:et: -// vim6: fdl=1: diff --git a/File/ANSI.php b/File/ANSI.php index fccbdfb..ef2ccbe 100755 --- a/File/ANSI.php +++ b/File/ANSI.php @@ -1,5 +1,4 @@ - * @copyright MMXII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category File + * @package File_ANSI + * @author Jim Wigginton + * @copyright MMXII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** * Pure-PHP ANSI Decoder * - * @author Jim Wigginton - * @version 0.3.0 - * @access public * @package File_ANSI + * @author Jim Wigginton + * @access public */ -class File_ANSI { +class File_ANSI +{ /** * Max Width * @@ -351,7 +350,7 @@ class File_ANSI { $this->attrs[$this->y][$this->x] = ''; if ($this->bold) $this->attrs[$this->y][$this->x].= ''; - if ($this->underline) $this->attrs[$this->y][$this->x].= ''; + if ($this->underline) $this->attrs[$this->y][$this->x].= ''; if ($this->blink) $this->attrs[$this->y][$this->x].= ''; if ($this->color) $this->attrs[$this->y][$this->x].= ''; @@ -557,4 +556,4 @@ class File_ANSI { return '
' . $scrollback . '
'; } -} \ No newline at end of file +} diff --git a/File/ASN1.php b/File/ASN1.php index 0e23f43..c12a8d2 100755 --- a/File/ASN1.php +++ b/File/ASN1.php @@ -1,5 +1,4 @@ - * @copyright MMXII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category File + * @package File_ASN1 + * @author Jim Wigginton + * @copyright MMXII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /**#@+ @@ -58,21 +57,21 @@ define('FILE_ASN1_CLASS_PRIVATE', 3); * @access private * @link http://www.obj-sys.com/asn1tutorial/node124.html */ -define('FILE_ASN1_TYPE_BOOLEAN', 1); -define('FILE_ASN1_TYPE_INTEGER', 2); -define('FILE_ASN1_TYPE_BIT_STRING', 3); -define('FILE_ASN1_TYPE_OCTET_STRING', 4); -define('FILE_ASN1_TYPE_NULL', 5); -define('FILE_ASN1_TYPE_OBJECT_IDENTIFIER',6); -//define('FILE_ASN1_TYPE_OBJECT_DESCRIPTOR',7); -//define('FILE_ASN1_TYPE_INSTANCE_OF', 8); // EXTERNAL -define('FILE_ASN1_TYPE_REAL', 9); -define('FILE_ASN1_TYPE_ENUMERATED', 10); -//define('FILE_ASN1_TYPE_EMBEDDED', 11); -define('FILE_ASN1_TYPE_UTF8_STRING', 12); -//define('FILE_ASN1_TYPE_RELATIVE_OID', 13); -define('FILE_ASN1_TYPE_SEQUENCE', 16); // SEQUENCE OF -define('FILE_ASN1_TYPE_SET', 17); // SET OF +define('FILE_ASN1_TYPE_BOOLEAN', 1); +define('FILE_ASN1_TYPE_INTEGER', 2); +define('FILE_ASN1_TYPE_BIT_STRING', 3); +define('FILE_ASN1_TYPE_OCTET_STRING', 4); +define('FILE_ASN1_TYPE_NULL', 5); +define('FILE_ASN1_TYPE_OBJECT_IDENTIFIER', 6); +//define('FILE_ASN1_TYPE_OBJECT_DESCRIPTOR', 7); +//define('FILE_ASN1_TYPE_INSTANCE_OF', 8); // EXTERNAL +define('FILE_ASN1_TYPE_REAL', 9); +define('FILE_ASN1_TYPE_ENUMERATED', 10); +//define('FILE_ASN1_TYPE_EMBEDDED', 11); +define('FILE_ASN1_TYPE_UTF8_STRING', 12); +//define('FILE_ASN1_TYPE_RELATIVE_OID', 13); +define('FILE_ASN1_TYPE_SEQUENCE', 16); // SEQUENCE OF +define('FILE_ASN1_TYPE_SET', 17); // SET OF /**#@-*/ /**#@+ * More Tag Classes @@ -80,19 +79,19 @@ define('FILE_ASN1_TYPE_SET', 17); // SET OF * @access private * @link http://www.obj-sys.com/asn1tutorial/node10.html */ -define('FILE_ASN1_TYPE_NUMERIC_STRING', 18); -define('FILE_ASN1_TYPE_PRINTABLE_STRING',19); -define('FILE_ASN1_TYPE_TELETEX_STRING', 20); // T61String -define('FILE_ASN1_TYPE_VIDEOTEX_STRING', 21); -define('FILE_ASN1_TYPE_IA5_STRING', 22); -define('FILE_ASN1_TYPE_UTC_TIME', 23); -define('FILE_ASN1_TYPE_GENERALIZED_TIME',24); -define('FILE_ASN1_TYPE_GRAPHIC_STRING', 25); -define('FILE_ASN1_TYPE_VISIBLE_STRING', 26); // ISO646String -define('FILE_ASN1_TYPE_GENERAL_STRING', 27); -define('FILE_ASN1_TYPE_UNIVERSAL_STRING',28); -//define('FILE_ASN1_TYPE_CHARACTER_STRING',29); -define('FILE_ASN1_TYPE_BMP_STRING', 30); +define('FILE_ASN1_TYPE_NUMERIC_STRING', 18); +define('FILE_ASN1_TYPE_PRINTABLE_STRING', 19); +define('FILE_ASN1_TYPE_TELETEX_STRING', 20); // T61String +define('FILE_ASN1_TYPE_VIDEOTEX_STRING', 21); +define('FILE_ASN1_TYPE_IA5_STRING', 22); +define('FILE_ASN1_TYPE_UTC_TIME', 23); +define('FILE_ASN1_TYPE_GENERALIZED_TIME', 24); +define('FILE_ASN1_TYPE_GRAPHIC_STRING', 25); +define('FILE_ASN1_TYPE_VISIBLE_STRING', 26); // ISO646String +define('FILE_ASN1_TYPE_GENERAL_STRING', 27); +define('FILE_ASN1_TYPE_UNIVERSAL_STRING', 28); +//define('FILE_ASN1_TYPE_CHARACTER_STRING', 29); +define('FILE_ASN1_TYPE_BMP_STRING', 30); /**#@-*/ /**#@+ @@ -111,12 +110,12 @@ define('FILE_ASN1_TYPE_ANY', -2); * * Bypass normal encoding rules in File_ASN1::encodeDER() * - * @author Jim Wigginton - * @version 0.3.0 - * @access public * @package File_ASN1 + * @author Jim Wigginton + * @access public */ -class File_ASN1_Element { +class File_ASN1_Element +{ /** * Raw element value * @@ -141,12 +140,12 @@ class File_ASN1_Element { /** * Pure-PHP ASN.1 Parser * - * @author Jim Wigginton - * @version 0.3.0 - * @access public * @package File_ASN1 + * @author Jim Wigginton + * @access public */ -class File_ASN1 { +class File_ASN1 +{ /** * ASN.1 object identifier * @@ -163,7 +162,7 @@ class File_ASN1 { * @access private * @link http://php.net/class.datetime */ - var $format = 'D, d M y H:i:s O'; + var $format = 'D, d M Y H:i:s O'; /** * Default date format @@ -252,7 +251,7 @@ class File_ASN1 { if (!$static_init) { $static_init = true; if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); + include_once 'Math/BigInteger.php'; } } } @@ -273,7 +272,8 @@ class File_ASN1 { } $this->encoded = $encoded; - return $this->_decode_ber($encoded); + // encapsulate in an array for BC with the old decodeBER + return array($this->_decode_ber($encoded)); } /** @@ -288,226 +288,247 @@ class File_ASN1 { * @return Array * @access private */ - function _decode_ber(&$encoded, $start = 0) + function _decode_ber($encoded, $start = 0) { - $decoded = array(); + $current = array('start' => $start); - while ( strlen($encoded) ) { - $current = array('start' => $start); + $type = ord($this->_string_shift($encoded)); + $start++; - $type = ord($this->_string_shift($encoded)); - $start++; + $constructed = ($type >> 5) & 1; - $constructed = ($type >> 5) & 1; - - $tag = $type & 0x1F; - if ($tag == 0x1F) { - $tag = 0; - // process septets (since the eighth bit is ignored, it's not an octet) - do { - $loop = ord($encoded[0]) >> 7; - $tag <<= 7; - $tag |= ord($this->_string_shift($encoded)) & 0x7F; - $start++; - } while ( $loop ); - } - - // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 - $length = ord($this->_string_shift($encoded)); - $start++; - if ( $length == 0x80 ) { // indefinite length - // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all - // immediately available." -- paragraph 8.1.3.2.c - //if ( !$constructed ) { - // return false; - //} - $length = strlen($encoded); - } elseif ( $length & 0x80 ) { // definite length, long form - // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only - // support it up to four. - $length&= 0x7F; - $temp = $this->_string_shift($encoded, $length); - // tags of indefinite length don't really have a header length; this length includes the tag - $current+= array('headerlength' => $length + 2); - $start+= $length; - extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); - } else { - $current+= array('headerlength' => 2); - } - - // End-of-content, see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2 - if (!$type && !$length) { - return $decoded; - } - $content = $this->_string_shift($encoded, $length); - - /* Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1 - built-in types. It defines an application-independent data type that must be distinguishable from all other - data types. The other three classes are user defined. The APPLICATION class distinguishes data types that - have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within - a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the - alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this - data type; the term CONTEXT-SPECIFIC does not appear. - - -- http://www.obj-sys.com/asn1tutorial/node12.html */ - $class = ($type >> 6) & 3; - switch ($class) { - case FILE_ASN1_CLASS_APPLICATION: - case FILE_ASN1_CLASS_PRIVATE: - case FILE_ASN1_CLASS_CONTEXT_SPECIFIC: - $decoded[] = array( - 'type' => $class, - 'constant' => $tag, - 'content' => $constructed ? $this->_decode_ber($content, $start) : $content, - 'length' => $length + $start - $current['start'] - ) + $current; - $start+= $length; - continue 2; - } - - $current+= array('type' => $tag); - - // decode UNIVERSAL tags - switch ($tag) { - case FILE_ASN1_TYPE_BOOLEAN: - // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 - //if (strlen($content) != 1) { - // return false; - //} - $current['content'] = (bool) ord($content[0]); - break; - case FILE_ASN1_TYPE_INTEGER: - case FILE_ASN1_TYPE_ENUMERATED: - $current['content'] = new Math_BigInteger($content, -256); - break; - case FILE_ASN1_TYPE_REAL: // not currently supported - return false; - case FILE_ASN1_TYPE_BIT_STRING: - // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, - // the number of unused bits in the final subsequent octet. The number shall be in the range zero to - // seven. - if (!$constructed) { - $current['content'] = $content; - } else { - $temp = $this->_decode_ber($content, $start); - $length-= strlen($content); - $last = count($temp) - 1; - for ($i = 0; $i < $last; $i++) { - // all subtags should be bit strings - //if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) { - // return false; - //} - $current['content'].= substr($temp[$i]['content'], 1); - } - // all subtags should be bit strings - //if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) { - // return false; - //} - $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); - } - break; - case FILE_ASN1_TYPE_OCTET_STRING: - if (!$constructed) { - $current['content'] = $content; - } else { - $temp = $this->_decode_ber($content, $start); - $length-= strlen($content); - for ($i = 0, $size = count($temp); $i < $size; $i++) { - // all subtags should be octet strings - //if ($temp[$i]['type'] != FILE_ASN1_TYPE_OCTET_STRING) { - // return false; - //} - $current['content'].= $temp[$i]['content']; - } - // $length = - } - break; - case FILE_ASN1_TYPE_NULL: - // "The contents octets shall not contain any octets." -- paragraph 8.8.2 - //if (strlen($content)) { - // return false; - //} - break; - case FILE_ASN1_TYPE_SEQUENCE: - case FILE_ASN1_TYPE_SET: - $current['content'] = $this->_decode_ber($content, $start); - break; - case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: - $temp = ord($this->_string_shift($content)); - $current['content'] = sprintf('%d.%d', floor($temp / 40), $temp % 40); - $valuen = 0; - // process septets - while (strlen($content)) { - $temp = ord($this->_string_shift($content)); - $valuen <<= 7; - $valuen |= $temp & 0x7F; - if (~$temp & 0x80) { - $current['content'].= ".$valuen"; - $valuen = 0; - } - } - // the eighth bit of the last byte should not be 1 - //if ($temp >> 7) { - // return false; - //} - break; - /* Each character string type shall be encoded as if it had been declared: - [UNIVERSAL x] IMPLICIT OCTET STRING - - -- X.690-0207.pdf#page=23 (paragraph 8.21.3) - - Per that, we're not going to do any validation. If there are any illegal characters in the string, - we don't really care */ - case FILE_ASN1_TYPE_NUMERIC_STRING: - // 0,1,2,3,4,5,6,7,8,9, and space - case FILE_ASN1_TYPE_PRINTABLE_STRING: - // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, - // hyphen, full stop, solidus, colon, equal sign, question mark - case FILE_ASN1_TYPE_TELETEX_STRING: - // The Teletex character set in CCITT's T61, space, and delete - // see http://en.wikipedia.org/wiki/Teletex#Character_sets - case FILE_ASN1_TYPE_VIDEOTEX_STRING: - // The Videotex character set in CCITT's T.100 and T.101, space, and delete - case FILE_ASN1_TYPE_VISIBLE_STRING: - // Printing character sets of international ASCII, and space - case FILE_ASN1_TYPE_IA5_STRING: - // International Alphabet 5 (International ASCII) - case FILE_ASN1_TYPE_GRAPHIC_STRING: - // All registered G sets, and space - case FILE_ASN1_TYPE_GENERAL_STRING: - // All registered C and G sets, space and delete - case FILE_ASN1_TYPE_UTF8_STRING: - // ???? - case FILE_ASN1_TYPE_BMP_STRING: - $current['content'] = $content; - break; - case FILE_ASN1_TYPE_UTC_TIME: - case FILE_ASN1_TYPE_GENERALIZED_TIME: - $current['content'] = $this->_decodeTime($content, $tag); - default: - - } - - $start+= $length; - $decoded[] = $current + array('length' => $start - $current['start']); + $tag = $type & 0x1F; + if ($tag == 0x1F) { + $tag = 0; + // process septets (since the eighth bit is ignored, it's not an octet) + do { + $loop = ord($encoded[0]) >> 7; + $tag <<= 7; + $tag |= ord($this->_string_shift($encoded)) & 0x7F; + $start++; + } while ( $loop ); } - return $decoded; + // Length, as discussed in paragraph 8.1.3 of X.690-0207.pdf#page=13 + $length = ord($this->_string_shift($encoded)); + $start++; + if ( $length == 0x80 ) { // indefinite length + // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all + // immediately available." -- paragraph 8.1.3.2.c + $length = strlen($encoded); + } elseif ( $length & 0x80 ) { // definite length, long form + // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only + // support it up to four. + $length&= 0x7F; + $temp = $this->_string_shift($encoded, $length); + // tags of indefinte length don't really have a header length; this length includes the tag + $current+= array('headerlength' => $length + 2); + $start+= $length; + extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4))); + } else { + $current+= array('headerlength' => 2); + } + + $content = $this->_string_shift($encoded, $length); + + // at this point $length can be overwritten. it's only accurate for definite length things as is + + /* Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1 + built-in types. It defines an application-independent data type that must be distinguishable from all other + data types. The other three classes are user defined. The APPLICATION class distinguishes data types that + have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within + a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the + alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this + data type; the term CONTEXT-SPECIFIC does not appear. + + -- http://www.obj-sys.com/asn1tutorial/node12.html */ + $class = ($type >> 6) & 3; + switch ($class) { + case FILE_ASN1_CLASS_APPLICATION: + case FILE_ASN1_CLASS_PRIVATE: + case FILE_ASN1_CLASS_CONTEXT_SPECIFIC: + $newcontent = $this->_decode_ber($content, $start); + $length = $newcontent['length']; + if (substr($content, $length, 2) == "\0\0") { + $length+= 2; + } + + $start+= $length; + + return array( + 'type' => $class, + 'constant' => $tag, + // the array encapsulation is for BC with the old format + 'content' => array($newcontent), + // the only time when $content['headerlength'] isn't defined is when the length is indefinite. + // the absence of $content['headerlength'] is how we know if something is indefinite or not. + // technically, it could be defined to be 2 and then another indicator could be used but whatever. + 'length' => $start - $current['start'] + ) + $current; + } + + $current+= array('type' => $tag); + + // decode UNIVERSAL tags + switch ($tag) { + case FILE_ASN1_TYPE_BOOLEAN: + // "The contents octets shall consist of a single octet." -- paragraph 8.2.1 + //if (strlen($content) != 1) { + // return false; + //} + $current['content'] = (bool) ord($content[0]); + break; + case FILE_ASN1_TYPE_INTEGER: + case FILE_ASN1_TYPE_ENUMERATED: + $current['content'] = new Math_BigInteger($content, -256); + break; + case FILE_ASN1_TYPE_REAL: // not currently supported + return false; + case FILE_ASN1_TYPE_BIT_STRING: + // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit, + // the number of unused bits in the final subsequent octet. The number shall be in the range zero to + // seven. + if (!$constructed) { + $current['content'] = $content; + } else { + $temp = $this->_decode_ber($content, $start); + $length-= strlen($content); + $last = count($temp) - 1; + for ($i = 0; $i < $last; $i++) { + // all subtags should be bit strings + //if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) { + // return false; + //} + $current['content'].= substr($temp[$i]['content'], 1); + } + // all subtags should be bit strings + //if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) { + // return false; + //} + $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1); + } + break; + case FILE_ASN1_TYPE_OCTET_STRING: + if (!$constructed) { + $current['content'] = $content; + } else { + $current['content'] = ''; + $length = 0; + while (substr($content, 0, 2) != "\0\0") { + $temp = $this->_decode_ber($content, $length + $start); + $this->_string_shift($content, $temp['length']); + // all subtags should be octet strings + //if ($temp['type'] != FILE_ASN1_TYPE_OCTET_STRING) { + // return false; + //} + $current['content'].= $temp['content']; + $length+= $temp['length']; + } + if (substr($content, 0, 2) == "\0\0") { + $length+= 2; // +2 for the EOC + } + } + break; + case FILE_ASN1_TYPE_NULL: + // "The contents octets shall not contain any octets." -- paragraph 8.8.2 + //if (strlen($content)) { + // return false; + //} + break; + case FILE_ASN1_TYPE_SEQUENCE: + case FILE_ASN1_TYPE_SET: + $offset = 0; + $current['content'] = array(); + while (strlen($content)) { + // if indefinite length construction was used and we have an end-of-content string next + // see paragraphs 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2 + if (!isset($current['headerlength']) && substr($content, 0, 2) == "\0\0") { + $length = $offset + 2; // +2 for the EOC + break 2; + } + $temp = $this->_decode_ber($content, $start + $offset); + $this->_string_shift($content, $temp['length']); + $current['content'][] = $temp; + $offset+= $temp['length']; + } + break; + case FILE_ASN1_TYPE_OBJECT_IDENTIFIER: + $temp = ord($this->_string_shift($content)); + $current['content'] = sprintf('%d.%d', floor($temp / 40), $temp % 40); + $valuen = 0; + // process septets + while (strlen($content)) { + $temp = ord($this->_string_shift($content)); + $valuen <<= 7; + $valuen |= $temp & 0x7F; + if (~$temp & 0x80) { + $current['content'].= ".$valuen"; + $valuen = 0; + } + } + // the eighth bit of the last byte should not be 1 + //if ($temp >> 7) { + // return false; + //} + break; + /* Each character string type shall be encoded as if it had been declared: + [UNIVERSAL x] IMPLICIT OCTET STRING + + -- X.690-0207.pdf#page=23 (paragraph 8.21.3) + + Per that, we're not going to do any validation. If there are any illegal characters in the string, + we don't really care */ + case FILE_ASN1_TYPE_NUMERIC_STRING: + // 0,1,2,3,4,5,6,7,8,9, and space + case FILE_ASN1_TYPE_PRINTABLE_STRING: + // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma, + // hyphen, full stop, solidus, colon, equal sign, question mark + case FILE_ASN1_TYPE_TELETEX_STRING: + // The Teletex character set in CCITT's T61, space, and delete + // see http://en.wikipedia.org/wiki/Teletex#Character_sets + case FILE_ASN1_TYPE_VIDEOTEX_STRING: + // The Videotex character set in CCITT's T.100 and T.101, space, and delete + case FILE_ASN1_TYPE_VISIBLE_STRING: + // Printing character sets of international ASCII, and space + case FILE_ASN1_TYPE_IA5_STRING: + // International Alphabet 5 (International ASCII) + case FILE_ASN1_TYPE_GRAPHIC_STRING: + // All registered G sets, and space + case FILE_ASN1_TYPE_GENERAL_STRING: + // All registered C and G sets, space and delete + case FILE_ASN1_TYPE_UTF8_STRING: + // ???? + case FILE_ASN1_TYPE_BMP_STRING: + $current['content'] = $content; + break; + case FILE_ASN1_TYPE_UTC_TIME: + case FILE_ASN1_TYPE_GENERALIZED_TIME: + $current['content'] = $this->_decodeTime($content, $tag); + default: + } + + $start+= $length; + + // ie. length is the length of the full TLV encoding - it's not just the length of the value + return $current + array('length' => $start - $current['start']); } /** - * ASN.1 Decode + * ASN.1 Map * * Provides an ASN.1 semantic mapping ($mapping) from a parsed BER-encoding to a human readable format. * + * "Special" mappings may be applied on a per tag-name basis via $special. + * * @param Array $decoded * @param Array $mapping + * @param Array $special * @return Array * @access public */ - function asn1map($decoded, $mapping) + function asn1map($decoded, $mapping, $special = array()) { - if (isset($mapping['explicit'])) { + if (isset($mapping['explicit']) && is_array($decoded['content'])) { $decoded = $decoded['content'][0]; } @@ -519,7 +540,7 @@ class File_ASN1 { } $inmap = $this->ANYmap[$intype]; if (is_string($inmap)) { - return array($inmap => $this->asn1map($decoded, array('type' => $intype) + $mapping)); + return array($inmap => $this->asn1map($decoded, array('type' => $intype) + $mapping, $special)); } break; case $mapping['type'] == FILE_ASN1_TYPE_CHOICE: @@ -527,25 +548,36 @@ class File_ASN1 { switch (true) { case isset($option['constant']) && $option['constant'] == $decoded['constant']: case !isset($option['constant']) && $option['type'] == $decoded['type']: - $value = $this->asn1map($decoded, $option); + $value = $this->asn1map($decoded, $option, $special); break; case !isset($option['constant']) && $option['type'] == FILE_ASN1_TYPE_CHOICE: - $v = $this->asn1map($decoded, $option); + $v = $this->asn1map($decoded, $option, $special); if (isset($v)) { $value = $v; } } if (isset($value)) { + if (isset($special[$key])) { + $value = call_user_func($special[$key], $value); + } return array($key => $value); } } - return NULL; + return null; case isset($mapping['implicit']): case isset($mapping['explicit']): case $decoded['type'] == $mapping['type']: break; default: - return NULL; + // if $decoded['type'] and $mapping['type'] are both strings, but different types of strings, + // let it through + switch (true) { + case $decoded['type'] < 18: // FILE_ASN1_TYPE_NUMERIC_STRING == 18 + case $decoded['type'] > 30: // FILE_ASN1_TYPE_BMP_STRING == 30 + case $mapping['type'] < 18: + case $mapping['type'] > 30: + return null; + } } if (isset($mapping['implicit'])) { @@ -560,8 +592,8 @@ class File_ASN1 { if (isset($mapping['min']) && isset($mapping['max'])) { $child = $mapping['children']; foreach ($decoded['content'] as $content) { - if (($map[] = $this->asn1map($content, $child)) === NULL) { - return NULL; + if (($map[] = $this->asn1map($content, $child, $special)) === null) { + return null; } } @@ -579,15 +611,14 @@ class File_ASN1 { if ($child['type'] != FILE_ASN1_TYPE_CHOICE) { // Get the mapping and input class & constant. $childClass = $tempClass = FILE_ASN1_CLASS_UNIVERSAL; - $constant = NULL; + $constant = null; if (isset($temp['constant'])) { $tempClass = isset($temp['class']) ? $temp['class'] : FILE_ASN1_CLASS_CONTEXT_SPECIFIC; } if (isset($child['class'])) { $childClass = $child['class']; $constant = $child['cast']; - } - elseif (isset($child['constant'])) { + } elseif (isset($child['constant'])) { $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC; $constant = $child['constant']; } @@ -604,23 +635,26 @@ class File_ASN1 { if ($maymatch) { // Attempt submapping. - $candidate = $this->asn1map($temp, $child); - $maymatch = $candidate !== NULL; + $candidate = $this->asn1map($temp, $child, $special); + $maymatch = $candidate !== null; } if ($maymatch) { // Got the match: use it. + if (isset($special[$key])) { + $candidate = call_user_func($special[$key], $candidate); + } $map[$key] = $candidate; $i++; } elseif (isset($child['default'])) { $map[$key] = $child['default']; // Use default. } elseif (!isset($child['optional'])) { - return NULL; // Syntax error. + return null; // Syntax error. } } // Fail mapping if all input items have not been consumed. - return $i < $n? NULL: $map; + return $i < $n? null: $map; // the main diff between sets and sequences is the encapsulation of the foreach in another for loop case FILE_ASN1_TYPE_SET: @@ -630,8 +664,8 @@ class File_ASN1 { if (isset($mapping['min']) && isset($mapping['max'])) { $child = $mapping['children']; foreach ($decoded['content'] as $content) { - if (($map[] = $this->asn1map($content, $child)) === NULL) { - return NULL; + if (($map[] = $this->asn1map($content, $child, $special)) === null) { + return null; } } @@ -652,12 +686,11 @@ class File_ASN1 { $maymatch = true; if ($child['type'] != FILE_ASN1_TYPE_CHOICE) { $childClass = FILE_ASN1_CLASS_UNIVERSAL; - $constant = NULL; + $constant = null; if (isset($child['class'])) { $childClass = $child['class']; $constant = $child['cast']; - } - elseif (isset($child['constant'])) { + } elseif (isset($child['constant'])) { $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC; $constant = $child['constant']; } @@ -673,8 +706,8 @@ class File_ASN1 { if ($maymatch) { // Attempt submapping. - $candidate = $this->asn1map($temp, $child); - $maymatch = $candidate !== NULL; + $candidate = $this->asn1map($temp, $child, $special); + $maymatch = $candidate !== null; } if (!$maymatch) { @@ -682,6 +715,9 @@ class File_ASN1 { } // Got the match: use it. + if (isset($special[$key])) { + $candidate = call_user_func($special[$key], $candidate); + } $map[$key] = $candidate; break; } @@ -692,7 +728,7 @@ class File_ASN1 { if (isset($child['default'])) { $map[$key] = $child['default']; } elseif (!isset($child['optional'])) { - return NULL; + return null; } } } @@ -774,16 +810,18 @@ class File_ASN1 { * DER-encodes an ASN.1 semantic mapping ($mapping). Some libraries would probably call this function * an ASN.1 compiler. * + * "Special" mappings can be applied via $special. + * * @param String $source * @param String $mapping * @param Integer $idx * @return String * @access public */ - function encodeDER($source, $mapping) + function encodeDER($source, $mapping, $special = array()) { $this->location = array(); - return $this->_encode_der($source, $mapping); + return $this->_encode_der($source, $mapping, null, $special); } /** @@ -795,7 +833,7 @@ class File_ASN1 { * @return String * @access private */ - function _encode_der($source, $mapping, $idx = NULL) + function _encode_der($source, $mapping, $idx = null, $special = array()) { if (is_object($source) && strtolower(get_class($source)) == 'file_asn1_element') { return $source->element; @@ -807,6 +845,9 @@ class File_ASN1 { } if (isset($idx)) { + if (isset($special[$idx])) { + $source = call_user_func($special[$idx], $source); + } $this->location[] = $idx; } @@ -823,7 +864,7 @@ class File_ASN1 { $child = $mapping['children']; foreach ($source as $content) { - $temp = $this->_encode_der($content, $child); + $temp = $this->_encode_der($content, $child, null, $special); if ($temp === false) { return false; } @@ -840,7 +881,7 @@ class File_ASN1 { continue; } - $temp = $this->_encode_der($source[$key], $child, $key); + $temp = $this->_encode_der($source[$key], $child, $key, $special); if ($temp === false) { return false; } @@ -881,7 +922,7 @@ class File_ASN1 { continue; } - $temp = $this->_encode_der($source[$key], $child, $key); + $temp = $this->_encode_der($source[$key], $child, $key, $special); if ($temp === false) { return false; } @@ -918,6 +959,9 @@ class File_ASN1 { case FILE_ASN1_TYPE_INTEGER: case FILE_ASN1_TYPE_ENUMERATED: if (!isset($mapping['mapping'])) { + if (is_numeric($source)) { + $source = new Math_BigInteger($source); + } $value = $source->toBytes(true); } else { $value = array_search($source, $mapping['mapping']); @@ -926,9 +970,9 @@ class File_ASN1 { } $value = new Math_BigInteger($value); $value = $value->toBytes(true); - if (!strlen($value)) { - $value = chr(0); - } + } + if (!strlen($value)) { + $value = chr(0); } break; case FILE_ASN1_TYPE_UTC_TIME: @@ -948,6 +992,10 @@ class File_ASN1 { } } + if (isset($mapping['min']) && $mapping['min'] >= 1 && $size < $mapping['min']) { + $size = $mapping['min'] - 1; + } + $offset = 8 - (($size + 1) & 7); $offset = $offset !== 8 ? $offset : 0; @@ -1003,19 +1051,19 @@ class File_ASN1 { switch (true) { case !isset($source): - return $this->_encode_der(NULL, array('type' => FILE_ASN1_TYPE_NULL) + $mapping); + return $this->_encode_der(null, array('type' => FILE_ASN1_TYPE_NULL) + $mapping, null, $special); case is_int($source): case is_object($source) && strtolower(get_class($source)) == 'math_biginteger': - return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_INTEGER) + $mapping); + return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_INTEGER) + $mapping, null, $special); case is_float($source): - return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_REAL) + $mapping); + return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_REAL) + $mapping, null, $special); case is_bool($source): - return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_BOOLEAN) + $mapping); + return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_BOOLEAN) + $mapping, null, $special); case is_array($source) && count($source) == 1: $typename = implode('', array_keys($source)); $outtype = array_search($typename, $this->ANYmap, true); if ($outtype !== false) { - return $this->_encode_der($source[$typename], array('type' => $outtype) + $mapping); + return $this->_encode_der($source[$typename], array('type' => $outtype) + $mapping, null, $special); } } @@ -1031,7 +1079,7 @@ class File_ASN1 { user_error('No filters defined for ' . implode('/', $loc)); return false; } - return $this->_encode_der($source, $filters + $mapping); + return $this->_encode_der($source, $filters + $mapping, null, $special); case FILE_ASN1_TYPE_NULL: $value = ''; break; @@ -1061,7 +1109,12 @@ class File_ASN1 { } if (isset($mapping['cast'])) { - $tag = ($mapping['class'] << 6) | ($tag & 0x20) | $mapping['cast']; + if (isset($mapping['explicit']) || $mapping['type'] == FILE_ASN1_TYPE_CHOICE) { + $value = chr($tag) . $this->_encodeLength(strlen($value)) . $value; + $tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast']; + } else { + $tag = ($mapping['class'] << 6) | (ord($temp[0]) & 0x20) | $mapping['cast']; + } } return chr($tag) . $this->_encodeLength(strlen($value)) . $value; diff --git a/File/X509.php b/File/X509.php index 2d7ea36..1d07f67 100755 --- a/File/X509.php +++ b/File/X509.php @@ -1,5 +1,4 @@ - * @copyright MMXII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category File + * @package File_X509 + * @author Jim Wigginton + * @copyright MMXII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** * Include File_ASN1 */ if (!class_exists('File_ASN1')) { - require_once('ASN1.php'); + include_once 'ASN1.php'; } /** @@ -124,12 +123,12 @@ define('FILE_X509_ATTR_REPLACE', -3); // Clear first, then add a value. /** * Pure-PHP X.509 Parser * - * @author Jim Wigginton - * @version 0.3.1 - * @access public * @package File_X509 + * @author Jim Wigginton + * @access public */ -class File_X509 { +class File_X509 +{ /** * ASN.1 syntax for X.509 certificates * @@ -248,7 +247,7 @@ class File_X509 { * The signature subject * * There's no guarantee File_X509 is going to reencode an X.509 cert in the same way it was originally - * encoded so we take save the portion of the original cert that the signature would have made for. + * encoded so we take save the portion of the original cert that the signature would have made for. * * @var String * @access private @@ -298,6 +297,14 @@ class File_X509 { */ var $caFlag = false; + /** + * SPKAC Challenge + * + * @var String + * @access private + */ + var $challenge; + /** * Default Constructor. * @@ -306,6 +313,10 @@ class File_X509 { */ function File_X509() { + if (!class_exists('Math_BigInteger')) { + include_once 'Math/BigInteger.php'; + } + // Explicitly Tagged Module, 1988 Syntax // http://tools.ietf.org/html/rfc5280#appendix-A.1 @@ -1427,7 +1438,7 @@ class File_X509 { $this->currentCert = $cert; $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); - $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : NULL; + $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; unset($this->signatureSubject); @@ -1465,7 +1476,7 @@ class File_X509 { $this->dn = $x509['tbsCertificate']['subject']; $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier'); - $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : NULL; + $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : null; return $x509; } @@ -1492,33 +1503,33 @@ class File_X509 { default: switch ($algorithm) { case 'rsaEncryption': - $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] = - base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']))); + $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] + = base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']))); } } $asn1 = new File_ASN1(); - $asn1->loadOIDs($this->oids); $filters = array(); - $filters['tbsCertificate']['signature']['parameters'] = - $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = - $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = - $filters['tbsCertificate']['subject']['rdnSequence']['value'] = - $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = - $filters['signatureAlgorithm']['parameters'] = - $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] = - //$filters['policyQualifiers']['qualifier'] = - $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = - $filters['directoryName']['rdnSequence']['value'] = - array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $type_utf8_string = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; + $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['issuer']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['subject']['rdnSequence']['value'] = $type_utf8_string; + $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] = $type_utf8_string; + $filters['signatureAlgorithm']['parameters'] = $type_utf8_string; + $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] = $type_utf8_string; + //$filters['policyQualifiers']['qualifier'] = $type_utf8_string; + $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] = $type_utf8_string; + $filters['directoryName']['rdnSequence']['value'] = $type_utf8_string; + /* in the case of policyQualifiers/qualifier, the type has to be FILE_ASN1_TYPE_IA5_STRING. FILE_ASN1_TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random characters. */ - $filters['policyQualifiers']['qualifier'] = - array('type' => FILE_ASN1_TYPE_IA5_STRING); + $filters['policyQualifiers']['qualifier'] + = array('type' => FILE_ASN1_TYPE_IA5_STRING); $asn1->loadFilters($filters); @@ -1558,7 +1569,7 @@ class File_X509 { corresponding to the extension type identified by extnID */ $map = $this->_getMapping($id); if (!is_bool($map)) { - $mapped = $asn1->asn1map($decoded[0], $map); + $mapped = $asn1->asn1map($decoded[0], $map, array('iPAddress' => array($this, '_decodeIP'))); $value = $mapped === false ? $decoded[0] : $mapped; if ($id == 'id-ce-certificatePolicies') { @@ -1640,7 +1651,7 @@ class File_X509 { unset($extensions[$i]); } } else { - $temp = $asn1->encodeDER($value, $map); + $temp = $asn1->encodeDER($value, $map, array('iPAddress' => array($this, '_encodeIP'))); $value = base64_encode($temp); } } @@ -1711,8 +1722,7 @@ class File_X509 { if ($map === false) { user_error($id . ' is not a currently supported attribute', E_USER_NOTICE); unset($attributes[$i]); - } - elseif (is_array($attributes[$i]['value'])) { + } elseif (is_array($attributes[$i]['value'])) { $values = &$attributes[$i]['value']; for ($j = 0; $j < count($values); $j++) { switch ($id) { @@ -1959,7 +1969,7 @@ class File_X509 { * @param Integer $date optional * @access public */ - function validateDate($date = NULL) + function validateDate($date = null) { if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) { return false; @@ -1988,7 +1998,7 @@ class File_X509 { * Validate a signature * * Works on X.509 certs, CSR's and CRL's. - * Returns true if the signature is verified, false if it is not correct or NULL on error + * Returns true if the signature is verified, false if it is not correct or null on error * * By default returns false for self-signed certs. Call validateSignature(false) to make this support * self-signed. @@ -2002,7 +2012,7 @@ class File_X509 { function validateSignature($caonly = true) { if (!is_array($this->currentCert) || !isset($this->signatureSubject)) { - return 0; + return null; } /* TODO: @@ -2103,7 +2113,7 @@ class File_X509 { /** * Validates a signature * - * Returns true if the signature is verified, false if it is not correct or NULL on error + * Returns true if the signature is verified, false if it is not correct or null on error * * @param String $publicKeyAlgorithm * @param String $publicKey @@ -2118,7 +2128,7 @@ class File_X509 { switch ($publicKeyAlgorithm) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $rsa = new Crypt_RSA(); $rsa->loadKey($publicKey); @@ -2138,11 +2148,11 @@ class File_X509 { } break; default: - return NULL; + return null; } break; default: - return NULL; + return null; } return true; @@ -2163,17 +2173,47 @@ class File_X509 { switch ($algorithm) { case 'rsaEncryption': return - "-----BEGIN PUBLIC KEY-----\r\n" . + "-----BEGIN RSA PUBLIC KEY-----\r\n" . // subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits // in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do. chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) . - '-----END PUBLIC KEY-----'; + '-----END RSA PUBLIC KEY-----'; default: return $key; } } + /** + * Decodes an IP address + * + * Takes in a base64 encoded "blob" and returns a human readable IP address + * + * @param String $ip + * @access private + * @return String + */ + function _decodeIP($ip) + { + $ip = base64_decode($ip); + list(, $ip) = unpack('N', $ip); + return long2ip($ip); + } + + /** + * Encodes an IP address + * + * Takes a human readable IP address into a base64-encoded "blob" + * + * @param String $ip + * @access private + * @return String + */ + function _encodeIP($ip) + { + return base64_encode(pack('N', ip2long($ip))); + } + /** * "Normalizes" a Distinguished Name property * @@ -2199,7 +2239,7 @@ class File_X509 { case 'commonname': case 'cn': return 'id-at-commonName'; - case 'id-at-stateorprovinceName': + case 'id-at-stateorprovincename': case 'stateorprovincename': case 'state': case 'province': @@ -2333,7 +2373,7 @@ class File_X509 { * @return Mixed * @access public */ - function getDNProp($propName, $dn = NULL, $withType = false) + function getDNProp($propName, $dn = null, $withType = false) { if (!isset($dn)) { $dn = $this->dn; @@ -2387,7 +2427,7 @@ class File_X509 { function setDN($dn, $merge = false, $type = 'utf8String') { if (!$merge) { - $this->dn = NULL; + $this->dn = null; } if (is_array($dn)) { @@ -2426,7 +2466,7 @@ class File_X509 { * @access public * @return Boolean */ - function getDN($format = FILE_X509_DN_ARRAY, $dn = NULL) + function getDN($format = FILE_X509_DN_ARRAY, $dn = null) { if (!isset($dn)) { $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; @@ -2469,7 +2509,8 @@ class File_X509 { $asn1->loadFilters($filters); $result = ''; foreach ($dn['rdnSequence'] as $rdn) { - foreach ($rdn as &$attr) { + foreach ($rdn as $i=>$attr) { + $attr = &$rdn[$i]; if (is_array($attr['value'])) { foreach ($attr['value'] as $type => $v) { $type = array_search($type, $asn1->ANYmap, true); @@ -2490,7 +2531,7 @@ class File_X509 { case FILE_X509_DN_HASH: $dn = $this->getDN(FILE_X509_DN_CANON, $dn); if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); + include_once 'Crypt/Hash.php'; } $hash = new Crypt_Hash('sha1'); $hash = $hash->hash($dn); @@ -2498,7 +2539,7 @@ class File_X509 { return strtolower(bin2hex(pack('N', $hash))); } - // Defaut is to return a string. + // Default is to return a string. $start = true; $output = ''; $asn1 = new File_ASN1(); @@ -2642,7 +2683,7 @@ class File_X509 { { switch (true) { case !empty($this->dn): - return $this->getDNProp($propName, NULL, $withType); + return $this->getDNProp($propName, null, $withType); case !isset($this->currentCert) || !is_array($this->currentCert): break; case isset($this->currentCert['tbsCertificate']): @@ -2710,6 +2751,7 @@ class File_X509 { */ function setPublicKey($key) { + $key->setPublicKey(); $this->publicKey = $key; } @@ -2726,6 +2768,19 @@ class File_X509 { $this->privateKey = $key; } + /** + * Set challenge + * + * Used for SPKAC CSR's + * + * @param String $challenge + * @access public + */ + function setChallenge($challenge) + { + $this->challenge = $challenge; + } + /** * Gets the public key * @@ -2757,7 +2812,7 @@ class File_X509 { switch ($keyinfo['algorithm']['algorithm']) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $publicKey = new Crypt_RSA(); $publicKey->loadKey($key); @@ -2830,17 +2885,17 @@ class File_X509 { switch ($algorithm) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $this->publicKey = new Crypt_RSA(); $this->publicKey->loadKey($key); $this->publicKey->setPublicKey(); break; default: - $this->publicKey = NULL; + $this->publicKey = null; } - $this->currentKeyIdentifier = NULL; + $this->currentKeyIdentifier = null; $this->currentCert = $csr; return $csr; @@ -2867,8 +2922,8 @@ class File_X509 { default: switch ($algorithm) { case 'rsaEncryption': - $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] = - base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']))); + $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] + = base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']))); } } @@ -2877,8 +2932,8 @@ class File_X509 { $asn1->loadOIDs($this->oids); $filters = array(); - $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] = - array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] + = array('type' => FILE_ASN1_TYPE_UTF8_STRING); $asn1->loadFilters($filters); @@ -2905,70 +2960,114 @@ class File_X509 { * @access public * @return Mixed */ - function loadSPKAC($csr) + function loadSPKAC($spkac) { - if (is_array($csr) && isset($csr['publicKeyAndChallenge'])) { + if (is_array($spkac) && isset($spkac['publicKeyAndChallenge'])) { unset($this->currentCert); unset($this->currentKeyIdentifier); unset($this->signatureSubject); - $this->currentCert = $csr; - return $csr; + $this->currentCert = $spkac; + return $spkac; } // see http://www.w3.org/html/wg/drafts/html/master/forms.html#signedpublickeyandchallenge $asn1 = new File_ASN1(); - $temp = preg_replace('#(?:^[^=]+=)|[\r\n\\\]#', '', $csr); + // OpenSSL produces SPKAC's that are preceeded by the string SPKAC= + $temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac); $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false; if ($temp != false) { - $csr = $temp; + $spkac = $temp; } - $orig = $csr; + $orig = $spkac; - if ($csr === false) { + if ($spkac === false) { $this->currentCert = false; return false; } $asn1->loadOIDs($this->oids); - $decoded = $asn1->decodeBER($csr); + $decoded = $asn1->decodeBER($spkac); if (empty($decoded)) { $this->currentCert = false; return false; } - $csr = $asn1->asn1map($decoded[0], $this->SignedPublicKeyAndChallenge); + $spkac = $asn1->asn1map($decoded[0], $this->SignedPublicKeyAndChallenge); - if (!isset($csr) || $csr === false) { + if (!isset($spkac) || $spkac === false) { $this->currentCert = false; return false; } $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); - $algorithm = &$csr['publicKeyAndChallenge']['spki']['algorithm']['algorithm']; - $key = &$csr['publicKeyAndChallenge']['spki']['subjectPublicKey']; + $algorithm = &$spkac['publicKeyAndChallenge']['spki']['algorithm']['algorithm']; + $key = &$spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']; $key = $this->_reformatKey($algorithm, $key); switch ($algorithm) { case 'rsaEncryption': if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $this->publicKey = new Crypt_RSA(); $this->publicKey->loadKey($key); $this->publicKey->setPublicKey(); break; default: - $this->publicKey = NULL; + $this->publicKey = null; } - $this->currentKeyIdentifier = NULL; - $this->currentCert = $csr; + $this->currentKeyIdentifier = null; + $this->currentCert = $spkac; - return $csr; + return $spkac; + } + + /** + * Save a SPKAC CSR request + * + * @param Array $csr + * @param Integer $format optional + * @access public + * @return String + */ + function saveSPKAC($spkac, $format = FILE_X509_FORMAT_PEM) + { + if (!is_array($spkac) || !isset($spkac['publicKeyAndChallenge'])) { + return false; + } + + $algorithm = $this->_subArray($spkac, 'publicKeyAndChallenge/spki/algorithm/algorithm'); + switch (true) { + case !$algorithm: + case is_object($spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']); + break; + default: + switch ($algorithm) { + case 'rsaEncryption': + $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'] + = base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']))); + } + } + + $asn1 = new File_ASN1(); + + $asn1->loadOIDs($this->oids); + $spkac = $asn1->encodeDER($spkac, $this->SignedPublicKeyAndChallenge); + + switch ($format) { + case FILE_X509_FORMAT_DER: + return $spkac; + // case FILE_X509_FORMAT_PEM: + default: + // OpenSSL's implementation of SPKAC requires the SPKAC be preceeded by SPKAC= and since there are pretty much + // no other SPKAC decoders phpseclib will use that same format + return 'SPKAC=' . base64_encode($spkac); + } } /** @@ -3013,14 +3112,14 @@ class File_X509 { $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']); $this->_mapInExtensions($crl, 'tbsCertList/crlExtensions', $asn1); - $rclist = &$this->_subArray($crl,'tbsCertList/revokedCertificates'); + $rclist = &$this->_subArray($crl, 'tbsCertList/revokedCertificates'); if (is_array($rclist)) { foreach ($rclist as $i => $extension) { $this->_mapInExtensions($rclist, "$i/crlEntryExtensions", $asn1); } } - $this->currentKeyIdentifier = NULL; + $this->currentKeyIdentifier = null; $this->currentCert = $crl; return $crl; @@ -3045,25 +3144,27 @@ class File_X509 { $asn1->loadOIDs($this->oids); $filters = array(); - $filters['tbsCertList']['issuer']['rdnSequence']['value'] = - $filters['tbsCertList']['signature']['parameters'] = - $filters['signatureAlgorithm']['parameters'] = - array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['tbsCertList']['issuer']['rdnSequence']['value'] + = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['tbsCertList']['signature']['parameters'] + = array('type' => FILE_ASN1_TYPE_UTF8_STRING); + $filters['signatureAlgorithm']['parameters'] + = array('type' => FILE_ASN1_TYPE_UTF8_STRING); if (empty($crl['tbsCertList']['signature']['parameters'])) { - $filters['tbsCertList']['signature']['parameters'] = - array('type' => FILE_ASN1_TYPE_NULL); + $filters['tbsCertList']['signature']['parameters'] + = array('type' => FILE_ASN1_TYPE_NULL); } if (empty($crl['signatureAlgorithm']['parameters'])) { - $filters['signatureAlgorithm']['parameters'] = - array('type' => FILE_ASN1_TYPE_NULL); + $filters['signatureAlgorithm']['parameters'] + = array('type' => FILE_ASN1_TYPE_NULL); } $asn1->loadFilters($filters); $this->_mapOutExtensions($crl, 'tbsCertList/crlExtensions', $asn1); - $rclist = &$this->_subArray($crl,'tbsCertList/revokedCertificates'); + $rclist = &$this->_subArray($crl, 'tbsCertList/revokedCertificates'); if (is_array($rclist)) { foreach ($rclist as $i => $extension) { $this->_mapOutExtensions($rclist, "$i/crlEntryExtensions", $asn1); @@ -3081,6 +3182,28 @@ class File_X509 { } } + /** + * Helper function to build a time field according to RFC 3280 section + * - 4.1.2.5 Validity + * - 5.1.2.4 This Update + * - 5.1.2.5 Next Update + * - 5.1.2.6 Revoked Certificates + * by choosing utcTime iff year of date given is before 2050 and generalTime else. + * + * @param String $date in format date('D, d M Y H:i:s O') + * @access private + * @return Array + */ + function _timeField($date) + { + $year = @gmdate("Y", @strtotime($date)); // the same way ASN1.php parses this + if ($year < 2050) { + return array('utcTime' => $date); + } else { + return array('generalTime' => $date); + } + } + /** * Sign an X.509 certificate * @@ -3104,21 +3227,19 @@ class File_X509 { return false; } - $currentCert = isset($this->currentCert) ? $this->currentCert : NULL; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: NULL; + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertificate'])) { $this->currentCert = $subject->currentCert; - $this->currentCert['tbsCertificate']['signature']['algorithm'] = - $this->currentCert['signatureAlgorithm']['algorithm'] = - $signatureAlgorithm; + $this->currentCert['tbsCertificate']['signature']['algorithm'] = $signatureAlgorithm; + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; + if (!empty($this->startDate)) { - $this->currentCert['tbsCertificate']['validity']['notBefore']['generalTime'] = $this->startDate; - unset($this->currentCert['tbsCertificate']['validity']['notBefore']['utcTime']); + $this->currentCert['tbsCertificate']['validity']['notBefore'] = $this->_timeField($this->startDate); } if (!empty($this->endDate)) { - $this->currentCert['tbsCertificate']['validity']['notAfter']['generalTime'] = $this->endDate; - unset($this->currentCert['tbsCertificate']['validity']['notAfter']['utcTime']); + $this->currentCert['tbsCertificate']['validity']['notAfter'] = $this->_timeField($this->endDate); } if (!empty($this->serialNumber)) { $this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber; @@ -3140,8 +3261,8 @@ class File_X509 { return false; } - $startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O'); - $endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M y H:i:s O', strtotime('+1 year')); + $startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O'); + $endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M Y H:i:s O', strtotime('+1 year')); $serialNumber = !empty($this->serialNumber) ? $this->serialNumber : new Math_BigInteger(); $this->currentCert = array( @@ -3152,8 +3273,8 @@ class File_X509 { 'signature' => array('algorithm' => $signatureAlgorithm), 'issuer' => false, // this is going to be overwritten later 'validity' => array( - 'notBefore' => array('generalTime' => $startDate), // $this->setStartDate() - 'notAfter' => array('generalTime' => $endDate) // $this->setEndDate() + 'notBefore' => $this->_timeField($startDate), // $this->setStartDate() + 'notAfter' => $this->_timeField($endDate) // $this->setEndDate() ), 'subject' => $subject->dn, 'subjectPublicKeyInfo' => $subjectPublicKey @@ -3193,9 +3314,29 @@ class File_X509 { $this->setExtension('id-ce-subjectKeyIdentifier', $subject->currentKeyIdentifier); } + $altName = array(); + if (isset($subject->domains) && count($subject->domains) > 1) { - $this->setExtension('id-ce-subjectAltName', - array_map(array('File_X509', '_dnsName'), $subject->domains)); + $altName = array_map(array('File_X509', '_dnsName'), $subject->domains); + } + + if (isset($subject->ipAddresses) && count($subject->ipAddresses)) { + // should an IP address appear as the CN if no domain name is specified? idk + //$ips = count($subject->domains) ? $subject->ipAddresses : array_slice($subject->ipAddresses, 1); + $ipAddresses = array(); + foreach ($subject->ipAddresses as $ipAddress) { + $encoded = $subject->_ipAddress($ipAddress); + if ($encoded !== false) { + $ipAddresses[] = $encoded; + } + } + if (count($ipAddresses)) { + $altName = array_merge($altName, $ipAddresses); + } + } + + if (!empty($altName)) { + $this->setExtension('id-ce-subjectAltName', $altName); } if ($this->caFlag) { @@ -3257,12 +3398,11 @@ class File_X509 { } $this->publicKey = $origPublicKey; - $currentCert = isset($this->currentCert) ? $this->currentCert : NULL; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: NULL; + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['certificationRequestInfo'])) { - $this->currentCert['signatureAlgorithm']['algorithm'] = - $signatureAlgorithm; + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; if (!empty($this->dn)) { $this->currentCert['certificationRequestInfo']['subject'] = $this->dn; } @@ -3294,6 +3434,71 @@ class File_X509 { return $result; } + /** + * Sign a SPKAC + * + * @access public + * @return Mixed + */ + function signSPKAC($signatureAlgorithm = 'sha1WithRSAEncryption') + { + if (!is_object($this->privateKey)) { + return false; + } + + $origPublicKey = $this->publicKey; + $class = get_class($this->privateKey); + $this->publicKey = new $class(); + $this->publicKey->loadKey($this->privateKey->getPublicKey()); + $this->publicKey->setPublicKey(); + $publicKey = $this->_formatSubjectPublicKey(); + if (!$publicKey) { + return false; + } + $this->publicKey = $origPublicKey; + + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: null; + + // re-signing a SPKAC seems silly but since everything else supports re-signing why not? + if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['publicKeyAndChallenge'])) { + $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm; + $this->currentCert['publicKeyAndChallenge']['spki'] = $publicKey; + if (!empty($this->challenge)) { + // the bitwise AND ensures that the output is a valid IA5String + $this->currentCert['publicKeyAndChallenge']['challenge'] = $this->challenge & str_repeat("\x7F", strlen($this->challenge)); + } + } else { + $this->currentCert = array( + 'publicKeyAndChallenge' => + array( + 'spki' => $publicKey, + // quoting , + // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." + // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way + // we could alternatively do this instead if we ignored the specs: + // crypt_random_string(8) & str_repeat("\x7F", 8) + 'challenge' => !empty($this->challenge) ? $this->challenge : '' + ), + 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), + 'signature' => false // this is going to be overwritten later + ); + } + + // resync $this->signatureSubject + // save $publicKeyAndChallenge in case there are any File_ASN1_Element objects in it + $publicKeyAndChallenge = $this->currentCert['publicKeyAndChallenge']; + $this->loadSPKAC($this->saveSPKAC($this->currentCert)); + + $result = $this->_sign($this->privateKey, $signatureAlgorithm); + $result['publicKeyAndChallenge'] = $publicKeyAndChallenge; + + $this->currentCert = $currentCert; + $this->signatureSubject = $signatureSubject; + + return $result; + } + /** * Sign a CRL * @@ -3311,9 +3516,9 @@ class File_X509 { return false; } - $currentCert = isset($this->currentCert) ? $this->currentCert : NULL; - $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : NULL; - $thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O'); + $currentCert = isset($this->currentCert) ? $this->currentCert : null; + $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : null; + $thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M Y H:i:s O'); if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) { $this->currentCert = $crl->currentCert; @@ -3326,7 +3531,7 @@ class File_X509 { 'version' => 'v2', 'signature' => array('algorithm' => $signatureAlgorithm), 'issuer' => false, // this is going to be overwritten later - 'thisUpdate' => array('generalTime' => $thisUpdate) // $this->setStartDate() + 'thisUpdate' => $this->_timeField($thisUpdate) // $this->setStartDate() ), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signature' => false // this is going to be overwritten later @@ -3335,20 +3540,19 @@ class File_X509 { $tbsCertList = &$this->currentCert['tbsCertList']; $tbsCertList['issuer'] = $issuer->dn; - $tbsCertList['thisUpdate'] = array('generalTime' => $thisUpdate); + $tbsCertList['thisUpdate'] = $this->_timeField($thisUpdate); if (!empty($this->endDate)) { - $tbsCertList['nextUpdate'] = array('generalTime' => $this->endDate); // $this->setEndDate() + $tbsCertList['nextUpdate'] = $this->_timeField($this->endDate); // $this->setEndDate() } else { unset($tbsCertList['nextUpdate']); } if (!empty($this->serialNumber)) { $crlNumber = $this->serialNumber; - } - else { + } else { $crlNumber = $this->getExtension('id-ce-cRLNumber'); - $crlNumber = $crlNumber !== false ? $crlNumber->add(new Math_BigInteger(1)) : NULL; + $crlNumber = $crlNumber !== false ? $crlNumber->add(new Math_BigInteger(1)) : null; } $this->removeExtension('id-ce-authorityKeyIdentifier'); @@ -3359,8 +3563,7 @@ class File_X509 { if (!$version) { if (!empty($tbsCertList['crlExtensions'])) { $version = 1; // v2. - } - elseif (!empty($tbsCertList['revokedCertificates'])) { + } elseif (!empty($tbsCertList['revokedCertificates'])) { foreach ($tbsCertList['revokedCertificates'] as $cert) { if (!empty($cert['crlEntryExtensions'])) { $version = 1; // v2. @@ -3463,7 +3666,7 @@ class File_X509 { */ function setStartDate($date) { - $this->startDate = @date('D, d M y H:i:s O', @strtotime($date)); + $this->startDate = @date('D, d M Y H:i:s O', @strtotime($date)); } /** @@ -3487,7 +3690,7 @@ class File_X509 { $temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp; $this->endDate = new File_ASN1_Element($temp); } else { - $this->endDate = @date('D, d M y H:i:s O', @strtotime($date)); + $this->endDate = @date('D, d M Y H:i:s O', @strtotime($date)); } } @@ -3558,7 +3761,7 @@ class File_X509 { * @access private * @return array ref or false */ - function &_extensions(&$root, $path = NULL, $create = false) + function &_extensions(&$root, $path = null, $create = false) { if (!isset($root)) { $root = $this->currentCert; @@ -3612,7 +3815,7 @@ class File_X509 { * @access private * @return Boolean */ - function _removeExtension($id, $path = NULL) + function _removeExtension($id, $path = null) { $extensions = &$this->_extensions($this->currentCert, $path); @@ -3643,7 +3846,7 @@ class File_X509 { * @access private * @return Mixed */ - function _getExtension($id, $cert = NULL, $path = NULL) + function _getExtension($id, $cert = null, $path = null) { $extensions = $this->_extensions($cert, $path); @@ -3668,7 +3871,7 @@ class File_X509 { * @access private * @return Array */ - function _getExtensions($cert = NULL, $path = NULL) + function _getExtensions($cert = null, $path = null) { $exts = $this->_extensions($cert, $path); $extensions = array(); @@ -3693,7 +3896,7 @@ class File_X509 { * @access private * @return Boolean */ - function _setExtension($id, $value, $critical = false, $replace = true, $path = NULL) + function _setExtension($id, $value, $critical = false, $replace = true, $path = null) { $extensions = &$this->_extensions($this->currentCert, $path, true); @@ -3740,7 +3943,7 @@ class File_X509 { * @access public * @return Mixed */ - function getExtension($id, $cert = NULL) + function getExtension($id, $cert = null) { return $this->_getExtension($id, $cert); } @@ -3752,7 +3955,7 @@ class File_X509 { * @access public * @return Array */ - function getExtensions($cert = NULL) + function getExtensions($cert = null) { return $this->_getExtensions($cert); } @@ -3831,7 +4034,7 @@ class File_X509 { * @access public * @return Mixed */ - function getAttribute($id, $disposition = FILE_X509_ATTR_ALL, $csr = NULL) + function getAttribute($id, $disposition = FILE_X509_ATTR_ALL, $csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -3871,7 +4074,7 @@ class File_X509 { * @access public * @return Array */ - function getAttributes($csr = NULL) + function getAttributes($csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -3980,7 +4183,7 @@ class File_X509 { * @access public * @return String binary key identifier */ - function computeKeyIdentifier($key = NULL, $method = 1) + function computeKeyIdentifier($key = null, $method = 1) { if (is_null($key)) { $key = $this; @@ -4009,7 +4212,7 @@ class File_X509 { $raw = base64_decode($raw); // If the key is private, compute identifier from its corresponding public key. if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $key = new Crypt_RSA(); if (!$key->loadKey($raw)) { @@ -4032,18 +4235,16 @@ class File_X509 { } return false; default: // Should be a key object (i.e.: Crypt_RSA). - $key = $key->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW); + $key = $key->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1); break; } // If in PEM format, convert to binary. - if (preg_match('#^-----BEGIN #', $key)) { - $key = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $key)); - } + $key = $this->_extractBER($key); // Now we have the key string: compute its sha-1 sum. if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); + include_once 'Crypt/Hash.php'; } $hash = new Crypt_Hash('sha1'); $hash = $hash->hash($key); @@ -4075,7 +4276,7 @@ class File_X509 { //return new File_ASN1_Element(base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->getPublicKey()))); return array( 'algorithm' => array('algorithm' => 'rsaEncryption'), - 'subjectPublicKey' => $this->publicKey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW) + 'subjectPublicKey' => $this->publicKey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1) ); default: return false; @@ -4095,6 +4296,23 @@ class File_X509 { $this->setDNProp('id-at-commonName', $this->domains[0]); } + /** + * Set the IP Addresses's which the cert is to be valid for + * + * @access public + * @param String $ipAddress optional + */ + function setIPAddress() + { + $this->ipAddresses = func_get_args(); + /* + if (!isset($this->domains)) { + $this->removeDNProp('id-at-commonName'); + $this->setDNProp('id-at-commonName', $this->ipAddresses[0]); + } + */ + } + /** * Helper function to build domain array * @@ -4107,6 +4325,20 @@ class File_X509 { return array('dNSName' => $domain); } + /** + * Helper function to build IP Address array + * + * (IPv6 is not currently supported) + * + * @access private + * @param String $address + * @return Array + */ + function _iPAddress($address) + { + return array('iPAddress' => $address); + } + /** * Get the index of a revoked certificate. * @@ -4132,7 +4364,7 @@ class File_X509 { $i = count($rclist); $rclist[] = array('userCertificate' => $serial, - 'revocationDate' => array('generalTime' => @date('D, d M y H:i:s O'))); + 'revocationDate' => $this->_timeField(@date('D, d M Y H:i:s O'))); return $i; } @@ -4144,7 +4376,7 @@ class File_X509 { * @access public * @return Boolean */ - function revoke($serial, $date = NULL) + function revoke($serial, $date = null) { if (isset($this->currentCert['tbsCertList'])) { if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) { @@ -4152,7 +4384,7 @@ class File_X509 { if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) { if (!empty($date)) { - $rclist[$i]['revocationDate'] = array('generalTime' => $date); + $rclist[$i]['revocationDate'] = $this->_timeField($date); } return true; @@ -4209,7 +4441,7 @@ class File_X509 { * @access public * @return array */ - function listRevoked($crl = NULL) + function listRevoked($crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -4260,7 +4492,7 @@ class File_X509 { * @access public * @return Mixed */ - function getRevokedCertificateExtension($serial, $id, $crl = NULL) + function getRevokedCertificateExtension($serial, $id, $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -4283,7 +4515,7 @@ class File_X509 { * @access public * @return Array */ - function getRevokedCertificateExtensions($serial, $crl = NULL) + function getRevokedCertificateExtensions($serial, $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -4331,15 +4563,15 @@ class File_X509 { */ function _extractBER($str) { - /* - X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie. - some may have the following preceding the -----BEGIN CERTIFICATE----- line: - - Bag Attributes - localKeyID: 01 00 00 00 - subject=/O=organization/OU=org unit/CN=common name - issuer=/O=organization/CN=common name - */ + /* X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them + * above and beyond the ceritificate. + * ie. some may have the following preceding the -----BEGIN CERTIFICATE----- line: + * + * Bag Attributes + * localKeyID: 01 00 00 00 + * subject=/O=organization/OU=org unit/CN=common name + * issuer=/O=organization/CN=common name + */ $temp = preg_replace('#.*?^-+[^-]+-+#ms', '', $str, 1); // remove the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- stuff $temp = preg_replace('#-+[^-]+-+#', '', $temp); diff --git a/Math/BigInteger.php b/Math/BigInteger.php index 685e3ed..3894ae1 100755 --- a/Math/BigInteger.php +++ b/Math/BigInteger.php @@ -1,5 +1,4 @@ value = array(0, 1) * @@ -36,7 +31,7 @@ * Here's an example of how to use this library: * * - * @copyright MMVI Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://pear.php.net/package/Math_BigInteger + * @category Math + * @package Math_BigInteger + * @author Jim Wigginton + * @copyright MMVI Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://pear.php.net/package/Math_BigInteger */ /**#@+ @@ -174,12 +169,12 @@ define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25); * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256 * numbers. * - * @author Jim Wigginton - * @version 1.0.0RC4 - * @access public * @package Math_BigInteger + * @author Jim Wigginton + * @access public */ -class Math_BigInteger { +class Math_BigInteger +{ /** * Holds the BigInteger's value. * @@ -223,7 +218,7 @@ class Math_BigInteger { /** * Mode independent value used for serialization. * - * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for + * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for * a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value, * however, $this->hex is only calculated when $this->__sleep() is called. * @@ -242,13 +237,13 @@ class Math_BigInteger { * * Here's an example: * - * <?php - * include('Math/BigInteger.php'); + * toString(); // outputs 50 - * ?> + * ?> * * * @param optional $x base-10 number or base-$base number if $base set. @@ -272,7 +267,31 @@ class Math_BigInteger { } if (function_exists('openssl_public_encrypt') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) { - define('MATH_BIGINTEGER_OPENSSL_ENABLED', true); + // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work + ob_start(); + @phpinfo(); + $content = ob_get_contents(); + ob_end_clean(); + + preg_match_all('#OpenSSL (Header|Library) Version(.*)#im', $content, $matches); + + $versions = array(); + if (!empty($matches[1])) { + for ($i = 0; $i < count($matches[1]); $i++) { + $versions[$matches[1][$i]] = trim(str_replace('=>', '', strip_tags($matches[2][$i]))); + } + } + + // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+ + switch (true) { + case !isset($versions['Header']): + case !isset($versions['Library']): + case $versions['Header'] == $versions['Library']: + define('MATH_BIGINTEGER_OPENSSL_ENABLED', true); + break; + default: + define('MATH_BIGINTEGER_OPENSSL_DISABLE', true); + } } if (!defined('PHP_INT_SIZE')) { @@ -438,7 +457,6 @@ class Math_BigInteger { } $x = str_pad($x, strlen($x) + ((MATH_BIGINTEGER_MAX10_LEN - 1) * strlen($x)) % MATH_BIGINTEGER_MAX10_LEN, 0, STR_PAD_LEFT); - while (strlen($x)) { $temp = $temp->multiply($multiplier); $temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, MATH_BIGINTEGER_MAX10_LEN)), 256)); @@ -488,7 +506,7 @@ class Math_BigInteger { * Here's an example: * * * * * * = MATH_BIGINTEGER_MAX_DIGIT2; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1 $sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT2 : $sum; - $temp = (int) ($sum / MATH_BIGINTEGER_BASE_FULL); + $temp = MATH_BIGINTEGER_BASE === 26 ? intval($sum / 0x4000000) : ($sum >> 31); $value[$i] = (int) ($sum - MATH_BIGINTEGER_BASE_FULL * $temp); // eg. a faster alternative to fmod($sum, 0x4000000) $value[$j] = $temp; @@ -934,7 +952,7 @@ class Math_BigInteger { * Here's an example: * * > 31); $x_value[$i] = (int) ($sum - MATH_BIGINTEGER_BASE_FULL * $temp); $x_value[$j] = $temp; @@ -1070,7 +1088,7 @@ class Math_BigInteger { * Here's an example: * * > 31); $product_value[$j] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } @@ -1199,7 +1217,7 @@ class Math_BigInteger { for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); + $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } @@ -1287,13 +1305,13 @@ class Math_BigInteger { $i2 = $i << 1; $temp = $square_value[$i2] + $value[$i] * $value[$i]; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); + $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $square_value[$i2] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); // note how we start from $i+1 instead of 0 as we do in multiplication. for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) { $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); + $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $square_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } @@ -1354,7 +1372,7 @@ class Math_BigInteger { * Here's an example: * * _safe_divide( + $x_window[0] * MATH_BIGINTEGER_BASE_FULL + $x_window[1], $y_window[0] ); } @@ -1561,7 +1578,7 @@ class Math_BigInteger { for ($i = count($dividend) - 1; $i >= 0; --$i) { $temp = MATH_BIGINTEGER_BASE_FULL * $carry + $dividend[$i]; - $result[$i] = (int) ($temp / $divisor); + $result[$i] = $this->_safe_divide($temp, $divisor); $carry = (int) ($temp - $divisor * $result[$i]); } @@ -1574,7 +1591,7 @@ class Math_BigInteger { * Here's an example: * * _normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT)); + // the following code, although not callable, can be run independently of the above code + // although the above code performed better in my benchmarks the following could might + // perform better under different circumstances. in lieu of deleting it it's just been + // made uncallable + // is the modulo odd? if ( $n->value[0] & 1 ) { return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY)); @@ -2173,7 +2195,7 @@ class Math_BigInteger { for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0 - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); + $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$j] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } @@ -2189,7 +2211,7 @@ class Math_BigInteger { for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) { $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); + $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $product_value[$k] = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * $carry); } @@ -2238,7 +2260,7 @@ class Math_BigInteger { for ($i = 0; $i < $k; ++$i) { $temp = $result[MATH_BIGINTEGER_VALUE][$i] * $cache[MATH_BIGINTEGER_DATA][$key]; - $temp = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * ((int) ($temp / MATH_BIGINTEGER_BASE_FULL))); + $temp = $temp - MATH_BIGINTEGER_BASE_FULL * (MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); $temp = $this->_regularMultiply(array($temp), $n); $temp = array_merge($this->_array_repeat(0, $i), $temp); $result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false); @@ -2256,7 +2278,7 @@ class Math_BigInteger { /** * Montgomery Multiply * - * Interleaves the montgomery reduction and long multiplication algorithms together as described in + * Interleaves the montgomery reduction and long multiplication algorithms together as described in * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36} * * @see _prepMontgomery() @@ -2272,6 +2294,11 @@ class Math_BigInteger { $temp = $this->_multiply($x, false, $y, false); return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m); + // the following code, although not callable, can be run independently of the above code + // although the above code performed better in my benchmarks the following could might + // perform better under different circumstances. in lieu of deleting it it's just been + // made uncallable + static $cache = array( MATH_BIGINTEGER_VARIABLE => array(), MATH_BIGINTEGER_DATA => array() @@ -2290,9 +2317,9 @@ class Math_BigInteger { $a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1)); for ($i = 0; $i < $n; ++$i) { $temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] * $y[0]; - $temp = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * ((int) ($temp / MATH_BIGINTEGER_BASE_FULL))); + $temp = $temp - MATH_BIGINTEGER_BASE_FULL * (MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); $temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key]; - $temp = (int) ($temp - MATH_BIGINTEGER_BASE_FULL * ((int) ($temp / MATH_BIGINTEGER_BASE_FULL))); + $temp = $temp - MATH_BIGINTEGER_BASE_FULL * (MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31)); $temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false); $a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false); $a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1); @@ -2336,7 +2363,7 @@ class Math_BigInteger { * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85} * * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For - * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields + * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the @@ -2369,7 +2396,7 @@ class Math_BigInteger { * Here's an example: * * * * > 3); $this->_base256_lshift($leading_ones, $current_bits); - $temp = str_pad($temp, ceil($this->bits / 8), chr(0), STR_PAD_LEFT); + $temp = str_pad($temp, strlen($leading_ones), chr(0), STR_PAD_LEFT); return $this->_normalize(new Math_BigInteger($leading_ones | $temp, 256)); } @@ -3029,40 +3056,17 @@ class Math_BigInteger { } /** - * Generate a random number + * Generates a random BigInteger * - * @param optional Integer $min - * @param optional Integer $max + * Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not. + * + * @param Integer $length * @return Math_BigInteger - * @access public + * @access private */ - function random($min = false, $max = false) + function _random_number_helper($size) { - if ($min === false) { - $min = new Math_BigInteger(0); - } - - if ($max === false) { - $max = new Math_BigInteger(0x7FFFFFFF); - } - - $compare = $max->compare($min); - - if (!$compare) { - return $this->_normalize($min); - } else if ($compare < 0) { - // if $min is bigger then $max, swap $min and $max - $temp = $max; - $max = $min; - $min = $temp; - } - - $max = $max->subtract($min); - $max = ltrim($max->toBytes(), chr(0)); - $size = strlen($max) - 1; - - $crypt_random = function_exists('crypt_random_string') || (!class_exists('Crypt_Random') && function_exists('crypt_random_string')); - if ($crypt_random) { + if (function_exists('crypt_random_string')) { $random = crypt_random_string($size); } else { $random = ''; @@ -3078,25 +3082,89 @@ class Math_BigInteger { } } - $fragment = new Math_BigInteger($random, 256); - $leading = $fragment->compare(new Math_BigInteger(substr($max, 1), 256)) > 0 ? - ord($max[0]) - 1 : ord($max[0]); + return new Math_BigInteger($random, 256); + } - if (!$crypt_random) { - $msb = chr(mt_rand(0, $leading)); - } else { - $cutoff = floor(0xFF / $leading) * $leading; - while (true) { - $msb = ord(crypt_random_string(1)); - if ($msb <= $cutoff) { - $msb%= $leading; - break; - } - } - $msb = chr($msb); + /** + * Generate a random number + * + * Returns a random number between $min and $max where $min and $max + * can be defined using one of the two methods: + * + * $min->random($max) + * $max->random($min) + * + * @param Math_BigInteger $arg1 + * @param optional Math_BigInteger $arg2 + * @return Math_BigInteger + * @access public + * @internal The API for creating random numbers used to be $a->random($min, $max), where $a was a Math_BigInteger object. + * That method is still supported for BC purposes. + */ + function random($arg1, $arg2 = false) + { + if ($arg1 === false) { + return false; } - $random = new Math_BigInteger($msb . $random, 256); + if ($arg2 === false) { + $max = $arg1; + $min = $this; + } else { + $min = $arg1; + $max = $arg2; + } + + $compare = $max->compare($min); + + if (!$compare) { + return $this->_normalize($min); + } else if ($compare < 0) { + // if $min is bigger then $max, swap $min and $max + $temp = $max; + $max = $min; + $min = $temp; + } + + static $one; + if (!isset($one)) { + $one = new Math_BigInteger(1); + } + + $max = $max->subtract($min->subtract($one)); + $size = strlen(ltrim($max->toBytes(), chr(0))); + + /* + doing $random % $max doesn't work because some numbers will be more likely to occur than others. + eg. if $max is 140 and $random's max is 255 then that'd mean both $random = 5 and $random = 145 + would produce 5 whereas the only value of random that could produce 139 would be 139. ie. + not all numbers would be equally likely. some would be more likely than others. + + creating a whole new random number until you find one that is within the range doesn't work + because, for sufficiently small ranges, the likelihood that you'd get a number within that range + would be pretty small. eg. with $random's max being 255 and if your $max being 1 the probability + would be pretty high that $random would be greater than $max. + + phpseclib works around this using the technique described here: + + http://crypto.stackexchange.com/questions/5708/creating-a-small-number-from-a-cryptographically-secure-random-string + */ + $random_max = new Math_BigInteger(chr(1) . str_repeat("\0", $size), 256); + $random = $this->_random_number_helper($size); + + list($max_multiple) = $random_max->divide($max); + $max_multiple = $max_multiple->multiply($max); + + while ($random->compare($max_multiple) >= 0) { + $random = $random->subtract($max_multiple); + $random_max = $random_max->subtract($max_multiple); + $random = $random->bitwise_leftShift(8); + $random = $random->add($this->_random_number_helper(1)); + $random_max = $random_max->bitwise_leftShift(8); + list($max_multiple) = $random_max->divide($max); + $max_multiple = $max_multiple->multiply($max); + } + list(, $random) = $random->divide($max); return $this->_normalize($random->add($min)); } @@ -3107,21 +3175,25 @@ class Math_BigInteger { * If there's not a prime within the given range, false will be returned. If more than $timeout seconds have elapsed, * give up and return false. * - * @param optional Integer $min - * @param optional Integer $max + * @param Math_BigInteger $arg1 + * @param optional Math_BigInteger $arg2 * @param optional Integer $timeout - * @return Math_BigInteger + * @return Mixed * @access public * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}. */ - function randomPrime($min = false, $max = false, $timeout = false) + function randomPrime($arg1, $arg2 = false, $timeout = false) { - if ($min === false) { - $min = new Math_BigInteger(0); + if ($arg1 === false) { + return false; } - if ($max === false) { - $max = new Math_BigInteger(0x7FFFFFFF); + if ($arg2 === false) { + $max = $arg1; + $min = $this; + } else { + $min = $arg1; + $max = $arg2; } $compare = $max->compare($min); @@ -3147,6 +3219,7 @@ class Math_BigInteger { // gmp_nextprime() requires PHP 5 >= 5.2.0 per . if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && function_exists('gmp_nextprime') ) { + $p = new Math_BigInteger(); $p->value = gmp_nextprime($x->value); if ($p->compare($max) <= 0) { @@ -3229,14 +3302,14 @@ class Math_BigInteger { * Checks a numer to see if it's prime * * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the - * $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed accross multiple pageloads + * $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed across multiple pageloads * on a website instead of just one. * - * @param optional Integer $t + * @param optional Math_BigInteger $t * @return Boolean * @access public * @internal Uses the - * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See + * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}. */ function isPrime($t = false) @@ -3245,6 +3318,7 @@ class Math_BigInteger { if (!$t) { // see HAC 4.49 "Note (controlling the error probability)" + // @codingStandardsIgnoreStart if ($length >= 163) { $t = 2; } // floor(1300 / 8) else if ($length >= 106) { $t = 3; } // floor( 850 / 8) else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8) @@ -3257,6 +3331,7 @@ class Math_BigInteger { else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8) else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8) else { $t = 27; } + // @codingStandardsIgnoreEnd } // ie. gmp_testbit($this, 0) @@ -3285,16 +3360,16 @@ class Math_BigInteger { if (!isset($primes)) { $primes = array( - 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, - 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, - 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, - 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, - 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, - 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, - 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, - 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, - 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, - 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, + 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, + 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, + 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, + 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, + 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, + 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, + 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617, + 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727, + 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829, + 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947, 953, 967, 971, 977, 983, 991, 997 ); @@ -3399,7 +3474,7 @@ class Math_BigInteger { for ($i = 0; $i < count($this->value); ++$i) { $temp = $this->value[$i] * $shift + $carry; - $carry = (int) ($temp / MATH_BIGINTEGER_BASE_FULL); + $carry = MATH_BIGINTEGER_BASE === 26 ? intval($temp / 0x4000000) : ($temp >> 31); $this->value[$i] = (int) ($temp - $carry * MATH_BIGINTEGER_BASE_FULL); } @@ -3647,4 +3722,27 @@ class Math_BigInteger { $temp = ltrim(pack('N', $length), chr(0)); return pack('Ca*', 0x80 | strlen($temp), $temp); } + + /** + * Single digit division + * + * Even if int64 is being used the division operator will return a float64 value + * if the dividend is not evenly divisible by the divisor. Since a float64 doesn't + * have the precision of int64 this is a problem so, when int64 is being used, + * we'll guarantee that the dividend is divisible by first subtracting the remainder. + * + * @access private + * @param Integer $x + * @param Integer $y + * @return Integer + */ + function _safe_divide($x, $y) + { + if (MATH_BIGINTEGER_BASE === 26) { + return (int) ($x / $y); + } + + // MATH_BIGINTEGER_BASE === 31 + return ($x - ($x % $y)) / $y; + } } diff --git a/Net/SCP.php b/Net/SCP.php index 783c377..2668164 100755 --- a/Net/SCP.php +++ b/Net/SCP.php @@ -1,5 +1,4 @@ * login('username', 'password')) { @@ -30,10 +29,10 @@ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -42,12 +41,12 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Net - * @package Net_SCP - * @author Jim Wigginton - * @copyright MMX Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Net + * @package Net_SCP + * @author Jim Wigginton + * @copyright MMX Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /**#@+ @@ -82,12 +81,12 @@ define('NET_SCP_SSH2', 2); /** * Pure-PHP implementations of SCP. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Net_SCP + * @author Jim Wigginton + * @access public */ -class Net_SCP { +class Net_SCP +{ /** * SSH Object * @@ -151,7 +150,7 @@ class Net_SCP { * So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes * long, containing 'filename.ext' as its contents. * - * Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will + * Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how * large $remote_file will be, as well. * @@ -161,16 +160,19 @@ class Net_SCP { * @param String $remote_file * @param String $data * @param optional Integer $mode + * @param optional Callable $callback * @return Boolean * @access public */ - function put($remote_file, $data, $mode = NET_SCP_STRING) + function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null) { if (!isset($this->ssh)) { return false; } - $this->ssh->exec('scp -t ' . $remote_file, false); // -t = to + if (!$this->ssh->exec('scp -t "' . $remote_file . '"', false)) { // -t = to + return false; + } $temp = $this->_receive(); if ($temp !== chr(0)) { @@ -178,35 +180,51 @@ class Net_SCP { } if ($this->mode == NET_SCP_SSH2) { - $this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC]; + $this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4; } $remote_file = basename($remote_file); - $this->_send('C0644 ' . strlen($data) . ' ' . $remote_file . "\n"); + + if ($mode == NET_SCP_STRING) { + $size = strlen($data); + } else { + if (!is_file($data)) { + user_error("$data is not a valid file", E_USER_NOTICE); + return false; + } + + $fp = @fopen($data, 'rb'); + if (!$fp) { + fclose($fp); + return false; + } + $size = filesize($data); + } + + $this->_send('C0644 ' . $size . ' ' . $remote_file . "\n"); $temp = $this->_receive(); if ($temp !== chr(0)) { return false; } - if ($mode == NET_SCP_STRING) { - $this->_send($data); - } else { - if (!is_file($data)) { - user_error("$data is not a valid file", E_USER_NOTICE); - return false; + $sent = 0; + while ($sent < $size) { + $temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size); + $this->_send($temp); + $sent+= strlen($temp); + + if (is_callable($callback)) { + call_user_func($callback, $sent); } - $fp = @fopen($data, 'rb'); - if (!$fp) { - return false; - } - $size = filesize($data); - for ($i = 0; $i < $size; $i += $this->packet_size) { - $this->_send(fgets($fp, $this->packet_size)); - } - fclose($fp); } $this->_close(); + + if ($mode != NET_SCP_STRING) { + fclose($fp); + } + + return true; } /** @@ -227,7 +245,9 @@ class Net_SCP { return false; } - $this->ssh->exec('scp -f ' . $remote_file, false); // -f = from + if (!$this->ssh->exec('scp -f "' . $remote_file . '"', false)) { // -f = from + return false; + } $this->_send("\0"); @@ -332,7 +352,7 @@ class Net_SCP { { switch ($this->mode) { case NET_SCP_SSH2: - $this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC); + $this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true); break; case NET_SCP_SSH1: $this->ssh->disconnect(); diff --git a/Net/SFTP.php b/Net/SFTP.php index 332ba1e..c2045ae 100755 --- a/Net/SFTP.php +++ b/Net/SFTP.php @@ -1,5 +1,4 @@ * login('username', 'password')) { @@ -34,10 +33,10 @@ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -46,19 +45,19 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Net - * @package Net_SFTP - * @author Jim Wigginton - * @copyright MMIX Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Net + * @package Net_SFTP + * @author Jim Wigginton + * @copyright MMIX Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** * Include Net_SSH2 */ if (!class_exists('Net_SSH2')) { - require_once('SSH2.php'); + include_once 'SSH2.php'; } /**#@+ @@ -88,7 +87,7 @@ define('NET_SFTP_LOG_REALTIME', 3); * @see Net_SSH2::_get_channel_packet() * @access private */ -define('NET_SFTP_CHANNEL', 2); +define('NET_SFTP_CHANNEL', 0x100); /**#@+ * @access public @@ -97,27 +96,31 @@ define('NET_SFTP_CHANNEL', 2); /** * Reads data from a local file. */ -define('NET_SFTP_LOCAL_FILE', 1); +define('NET_SFTP_LOCAL_FILE', 1); /** * Reads data from a string. */ // this value isn't really used anymore but i'm keeping it reserved for historical reasons -define('NET_SFTP_STRING', 2); +define('NET_SFTP_STRING', 2); /** * Resumes an upload */ -define('NET_SFTP_RESUME', 4); +define('NET_SFTP_RESUME', 4); +/** + * Append a local file to an already existing remote file + */ +define('NET_SFTP_RESUME_START', 8); /**#@-*/ /** * Pure-PHP implementations of SFTP. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Net_SFTP + * @author Jim Wigginton + * @access public */ -class Net_SFTP extends Net_SSH2 { +class Net_SFTP extends Net_SSH2 +{ /** * Packet Types * @@ -226,18 +229,48 @@ class Net_SFTP extends Net_SSH2 { var $sftp_errors = array(); /** - * Directory Cache + * Stat Cache * - * Rather than always having to open a directory and close it immediately there after to see if a file is a directory or - * rather than always + * Rather than always having to open a directory and close it immediately there after to see if a file is a directory + * we'll cache the results. * - * @see Net_SFTP::_save_dir() - * @see Net_SFTP::_remove_dir() - * @see Net_SFTP::_is_dir() + * @see Net_SFTP::_update_stat_cache() + * @see Net_SFTP::_remove_from_stat_cache() + * @see Net_SFTP::_query_stat_cache() * @var Array * @access private */ - var $dirs = array(); + var $stat_cache = array(); + + /** + * Max SFTP Packet Size + * + * @see Net_SFTP::Net_SFTP() + * @see Net_SFTP::get() + * @var Array + * @access private + */ + var $max_sftp_packet; + + /** + * Stat Cache Flag + * + * @see Net_SFTP::disableStatCache() + * @see Net_SFTP::enableStatCache() + * @var Boolean + * @access private + */ + var $use_stat_cache = true; + + /** + * Sort Options + * + * @see Net_SFTP::_comparator() + * @see Net_SFTP::setListOrder() + * @var Array + * @access private + */ + var $sortOptions = array(); /** * Default Constructor. @@ -253,6 +286,9 @@ class Net_SFTP extends Net_SSH2 { function Net_SFTP($host, $port = 22, $timeout = 10) { parent::Net_SSH2($host, $port, $timeout); + + $this->max_sftp_packet = 1 << 15; + $this->packet_types = array( 1 => 'NET_SFTP_INIT', 2 => 'NET_SFTP_VERSION', @@ -276,6 +312,8 @@ class Net_SFTP extends Net_SSH2 { SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3 pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 */ 18 => 'NET_SFTP_RENAME', + 19 => 'NET_SFTP_READLINK', + 20 => 'NET_SFTP_SYMLINK', 101=> 'NET_SFTP_STATUS', 102=> 'NET_SFTP_HANDLE', @@ -330,7 +368,7 @@ class Net_SFTP extends Net_SSH2 { 0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS', 0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME', // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers - // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in + // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000. // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored. -1 << 31 => 'NET_SFTP_ATTR_EXTENDED' @@ -368,6 +406,10 @@ class Net_SFTP extends Net_SSH2 { $this->open_flags, $this->file_types ); + + if (!defined('NET_SFTP_QUEUE_SIZE')) { + define('NET_SFTP_QUEUE_SIZE', 50); + } } /** @@ -381,7 +423,7 @@ class Net_SFTP extends Net_SSH2 { function login($username) { $args = func_get_args(); - if (!call_user_func_array(array('Net_SSH2', 'login'), $args)) { + if (!call_user_func_array(array(&$this, '_login'), $args)) { return false; } @@ -502,11 +544,41 @@ class Net_SFTP extends Net_SSH2 { $this->pwd = $this->_realpath('.'); - $this->_save_dir($this->pwd); + $this->_update_stat_cache($this->pwd, array()); return true; } + /** + * Disable the stat cache + * + * @access public + */ + function disableStatCache() + { + $this->use_stat_cache = false; + } + + /** + * Enable the stat cache + * + * @access public + */ + function enableStatCache() + { + $this->use_stat_cache = true; + } + + /** + * Clear the stat cache + * + * @access public + */ + function clearStatCache() + { + $this->stat_cache = array(); + } + /** * Returns the current directory name * @@ -614,14 +686,18 @@ class Net_SFTP extends Net_SSH2 { return false; } - if ($dir[strlen($dir) - 1] != '/') { + // assume current dir if $dir is empty + if ($dir === '') { + $dir = './'; + // suffix a slash if needed + } elseif ($dir[strlen($dir) - 1] != '/') { $dir.= '/'; } $dir = $this->_realpath($dir); // confirm that $dir is, in fact, a valid directory - if ($this->_is_dir($dir)) { + if ($this->use_stat_cache && is_array($this->_query_stat_cache($dir))) { $this->pwd = $dir; return true; } @@ -649,23 +725,11 @@ class Net_SFTP extends Net_SSH2 { return false; } - if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { + if (!$this->_close_handle($handle)) { return false; } - $response = $this->_get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - user_error('Expected SSH_FXP_STATUS'); - return false; - } - - extract(unpack('Nstatus', $this->_string_shift($response, 4))); - if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); - return false; - } - - $this->_save_dir($dir); + $this->_update_stat_cache($dir, array()); $this->pwd = $dir; return true; @@ -675,39 +739,94 @@ class Net_SFTP extends Net_SSH2 { * Returns a list of files in the given directory * * @param optional String $dir + * @param optional Boolean $recursive * @return Mixed * @access public */ - function nlist($dir = '.') + function nlist($dir = '.', $recursive = false) { - return $this->_list($dir, false); + return $this->_nlist_helper($dir, $recursive, ''); + } + + /** + * Helper method for nlist + * + * @param String $dir + * @param Boolean $recursive + * @param String $relativeDir + * @return Mixed + * @access private + */ + function _nlist_helper($dir, $recursive, $relativeDir) + { + $files = $this->_list($dir, false); + + if (!$recursive) { + return $files; + } + + $result = array(); + foreach ($files as $value) { + if ($value == '.' || $value == '..') { + if ($relativeDir == '') { + $result[] = $value; + } + continue; + } + if (is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $value)))) { + $temp = $this->_nlist_helper($dir . '/' . $value, true, $relativeDir . $value . '/'); + $result = array_merge($result, $temp); + } else { + $result[] = $relativeDir . $value; + } + } + + return $result; } /** * Returns a detailed list of files in the given directory * * @param optional String $dir + * @param optional Boolean $recursive * @return Mixed * @access public */ - function rawlist($dir = '.') + function rawlist($dir = '.', $recursive = false) { - return $this->_list($dir, true); + $files = $this->_list($dir, true); + if (!$recursive || $files === false) { + return $files; + } + + static $depth = 0; + + foreach ($files as $key=>$value) { + if ($depth != 0 && $key == '..') { + unset($files[$key]); + continue; + } + if ($key != '.' && $key != '..' && is_array($this->_query_stat_cache($this->_realpath($dir . '/' . $key)))) { + $depth++; + $files[$key] = $this->rawlist($dir . '/' . $key, true); + $depth--; + } else { + $files[$key] = (object) $value; + } + } + + return $files; } /** * Reads a list, be it detailed or not, of files in the given directory * - * $realpath exists because, in the case of the recursive deletes and recursive chmod's $realpath has already - * been calculated. - * * @param String $dir * @param optional Boolean $raw - * @param optional Boolean $realpath * @return Mixed * @access private */ - function _list($dir, $raw = true, $realpath = true) + function _list($dir, $raw = true) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; @@ -740,7 +859,7 @@ class Net_SFTP extends Net_SSH2 { return false; } - $this->_save_dir($dir); + $this->_update_stat_cache($dir, array()); $contents = array(); while (true) { @@ -767,14 +886,17 @@ class Net_SFTP extends Net_SSH2 { $attributes['type'] = $fileType; } } - if (!$raw) { - $contents[] = $shortname; - } else { - $contents[$shortname] = $attributes; - } + $contents[$shortname] = $attributes + array('filename' => $shortname); if (isset($attributes['type']) && $attributes['type'] == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) { - $this->_save_dir($dir . '/' . $shortname); + $this->_update_stat_cache($dir . '/' . $shortname, array()); + } else { + if ($shortname == '..') { + $temp = $this->_realpath($dir . '/..') . '/.'; + } else { + $temp = $dir . '/' . $shortname; + } + $this->_update_stat_cache($temp, (object) $attributes); } // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the // final SSH_FXP_STATUS packet should tell us that, already. @@ -793,25 +915,115 @@ class Net_SFTP extends Net_SSH2 { } } - if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { + if (!$this->_close_handle($handle)) { return false; } - // "The client MUST release all resources associated with the handle regardless of the status." - // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 - $response = $this->_get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - user_error('Expected SSH_FXP_STATUS'); - return false; + if (count($this->sortOptions)) { + uasort($contents, array(&$this, '_comparator')); } - extract(unpack('Nstatus', $this->_string_shift($response, 4))); - if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); - return false; - } + return $raw ? $contents : array_keys($contents); + } - return $contents; + /** + * Compares two rawlist entries using parameters set by setListOrder() + * + * Intended for use with uasort() + * + * @param Array $a + * @param Array $b + * @return Integer + * @access private + */ + function _comparator($a, $b) + { + switch (true) { + case $a['filename'] === '.' || $b['filename'] === '.': + if ($a['filename'] === $b['filename']) { + return 0; + } + return $a['filename'] === '.' ? -1 : 1; + case $a['filename'] === '..' || $b['filename'] === '..': + if ($a['filename'] === $b['filename']) { + return 0; + } + return $a['filename'] === '..' ? -1 : 1; + case isset($a['type']) && $a['type'] === NET_SFTP_TYPE_DIRECTORY: + if (!isset($b['type'])) { + return 1; + } + if ($b['type'] !== $a['type']) { + return -1; + } + break; + case isset($b['type']) && $b['type'] === NET_SFTP_TYPE_DIRECTORY: + return 1; + } + foreach ($this->sortOptions as $sort => $order) { + if (!isset($a[$sort]) || !isset($b[$sort])) { + if (isset($a[$sort])) { + return -1; + } + if (isset($b[$sort])) { + return 1; + } + return 0; + } + switch ($sort) { + case 'filename': + $result = strcasecmp($a['filename'], $b['filename']); + if ($result) { + return $order === SORT_DESC ? -$result : $result; + } + break; + case 'permissions': + case 'mode': + $a[$sort]&= 07777; + $b[$sort]&= 07777; + default: + if ($a[$sort] === $b[$sort]) { + break; + } + return $order === SORT_ASC ? $a[$sort] - $b[$sort] : $b[$sort] - $a[$sort]; + } + } + } + + /** + * Defines how nlist() and rawlist() will be sorted - if at all. + * + * If sorting is enabled directories and files will be sorted independently with + * directories appearing before files in the resultant array that is returned. + * + * Any parameter returned by stat is a valid sort parameter for this function. + * Filename comparisons are case insensitive. + * + * Examples: + * + * $sftp->setListOrder('filename', SORT_ASC); + * $sftp->setListOrder('size', SORT_DESC, 'filename', SORT_ASC); + * $sftp->setListOrder(true); + * Separates directories from files but doesn't do any sorting beyond that + * $sftp->setListOrder(); + * Don't do any sort of sorting + * + * @access public + */ + function setListOrder() + { + $this->sortOptions = array(); + $args = func_get_args(); + if (empty($args)) { + return; + } + $len = count($args) & 0x7FFFFFFE; + for ($i = 0; $i < $len; $i+=2) { + $this->sortOptions[$args[$i]] = $args[$i + 1]; + } + if (!count($this->sortOptions)) { + $this->sortOptions = array('bogus' => true); + } } /** @@ -829,47 +1041,54 @@ class Net_SFTP extends Net_SSH2 { return false; } - $filename = $this->_realpath($filename); - if ($filename === false) { + $result = $this->stat($filename); + if ($result === false) { return false; } - - return $this->_size($filename); + return isset($result['size']) ? $result['size'] : -1; } /** - * Save directories to cache + * Save files / directories to cache * - * @param String $dir + * @param String $path + * @param Mixed $value * @access private */ - function _save_dir($dir) + function _update_stat_cache($path, $value) { - // preg_replace('#^/|/(?=/)|/$#', '', $dir) == str_replace('//', '/', trim($dir, '/')) - $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir)); + // preg_replace('#^/|/(?=/)|/$#', '', $dir) == str_replace('//', '/', trim($path, '/')) + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); - $temp = &$this->dirs; - foreach ($dirs as $dir) { + $temp = &$this->stat_cache; + $max = count($dirs) - 1; + foreach ($dirs as $i=>$dir) { if (!isset($temp[$dir])) { $temp[$dir] = array(); } + if ($i === $max) { + $temp[$dir] = $value; + break; + } $temp = &$temp[$dir]; } } /** - * Remove directories from cache + * Remove files / directories from cache * - * @param String $dir + * @param String $path + * @return Boolean * @access private */ - function _remove_dir($dir) + function _remove_from_stat_cache($path) { - $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir)); + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); - $temp = &$this->dirs; - foreach ($dirs as $dir) { - if ($dir == end($dirs)) { + $temp = &$this->stat_cache; + $max = count($dirs) - 1; + foreach ($dirs as $i=>$dir) { + if ($i === $max) { unset($temp[$dir]); return true; } @@ -881,26 +1100,26 @@ class Net_SFTP extends Net_SSH2 { } /** - * Checks cache for directory + * Checks cache for path * - * Mainly used by chdir, which is, in turn, also used for determining whether or not an individual - * file is a directory or not by stat() and lstat() + * Mainly used by file_exists * * @param String $dir + * @return Mixed * @access private */ - function _is_dir($dir) + function _query_stat_cache($path) { - $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir)); + $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $path)); - $temp = &$this->dirs; + $temp = &$this->stat_cache; foreach ($dirs as $dir) { if (!isset($temp[$dir])) { - return false; + return null; } $temp = &$temp[$dir]; } - return true; + return $temp; } /** @@ -923,11 +1142,26 @@ class Net_SFTP extends Net_SSH2 { return false; } + if ($this->use_stat_cache) { + $result = $this->_query_stat_cache($filename); + if (is_array($result) && isset($result['.'])) { + return (array) $result['.']; + } + if (is_object($result)) { + return (array) $result; + } + } + $stat = $this->_stat($filename, NET_SFTP_STAT); if ($stat === false) { + $this->_remove_from_stat_cache($filename); return false; } if (isset($stat['type'])) { + if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) $stat); return $stat; } @@ -937,6 +1171,11 @@ class Net_SFTP extends Net_SSH2 { NET_SFTP_TYPE_REGULAR; $this->pwd = $pwd; + if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) $stat); + return $stat; } @@ -960,18 +1199,35 @@ class Net_SFTP extends Net_SSH2 { return false; } + if ($this->use_stat_cache) { + $result = $this->_query_stat_cache($filename); + if (is_array($result) && isset($result['.'])) { + return (array) $result['.']; + } + if (is_object($result)) { + return (array) $result; + } + } + $lstat = $this->_stat($filename, NET_SFTP_LSTAT); if ($lstat === false) { + $this->_remove_from_stat_cache($filename); return false; } if (isset($lstat['type'])) { + if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) $lstat); return $lstat; } $stat = $this->_stat($filename, NET_SFTP_STAT); if ($lstat != $stat) { - return array_merge($lstat, array('type' => NET_SFTP_TYPE_SYMLINK)); + $lstat = array_merge($lstat, array('type' => NET_SFTP_TYPE_SYMLINK)); + $this->_update_stat_cache($filename, (object) $lstat); + return $stat; } $pwd = $this->pwd; @@ -980,6 +1236,11 @@ class Net_SFTP extends Net_SSH2 { NET_SFTP_TYPE_REGULAR; $this->pwd = $pwd; + if ($lstat['type'] == NET_SFTP_TYPE_DIRECTORY) { + $filename.= '/.'; + } + $this->_update_stat_cache($filename, (object) $lstat); + return $lstat; } @@ -1015,24 +1276,6 @@ class Net_SFTP extends Net_SSH2 { return false; } - /** - * Returns the file size, in bytes, or false, on failure - * - * Determines the size without calling Net_SFTP::_realpath() - * - * @param String $filename - * @return Mixed - * @access private - */ - function _size($filename) - { - $result = $this->_stat($filename, NET_SFTP_STAT); - if ($result === false) { - return false; - } - return isset($result['size']) ? $result['size'] : -1; - } - /** * Truncates a file to a given length * @@ -1043,7 +1286,7 @@ class Net_SFTP extends Net_SSH2 { */ function truncate($filename, $new_size) { - $attr = pack('N3', NET_SFTP_ATTR_SIZE, $new_size / 0x100000000, $new_size); + $attr = pack('N3', NET_SFTP_ATTR_SIZE, $new_size / 4294967296, $new_size); // 4294967296 == 0x100000000 == 1<<32 return $this->_setstat($filename, $attr, false); } @@ -1059,7 +1302,7 @@ class Net_SFTP extends Net_SSH2 { * @return Boolean * @access public */ - function touch($filename, $time = NULL, $atime = NULL) + function touch($filename, $time = null, $atime = null) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; @@ -1087,25 +1330,7 @@ class Net_SFTP extends Net_SSH2 { $response = $this->_get_sftp_packet(); switch ($this->packet_type) { case NET_SFTP_HANDLE: - $handle = substr($response, 4); - - if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { - return false; - } - - $response = $this->_get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - user_error('Expected SSH_FXP_STATUS'); - return false; - } - - extract(unpack('Nstatus', $this->_string_shift($response, 4))); - if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); - return false; - } - - return true; + return $this->_close_handle(substr($response, 4)); case NET_SFTP_STATUS: $this->_logError($response); break; @@ -1120,7 +1345,7 @@ class Net_SFTP extends Net_SSH2 { /** * Changes file or directory owner * - * Returns TRUE on success or FALSE on error. + * Returns true on success or false on error. * * @param String $filename * @param Integer $uid @@ -1140,7 +1365,7 @@ class Net_SFTP extends Net_SSH2 { /** * Changes file or directory group * - * Returns TRUE on success or FALSE on error. + * Returns true on success or false on error. * * @param String $filename * @param Integer $gid @@ -1158,8 +1383,8 @@ class Net_SFTP extends Net_SSH2 { /** * Set permissions on a file. * - * Returns the new file permissions on success or FALSE on error. - * If $recursive is true than this just returns TRUE or FALSE. + * Returns the new file permissions on success or false on error. + * If $recursive is true than this just returns true or false. * * @param Integer $mode * @param String $filename @@ -1225,6 +1450,8 @@ class Net_SFTP extends Net_SSH2 { return false; } + $this->_remove_from_stat_cache($filename); + if ($recursive) { $i = 0; $result = $this->_setstat_recursive($filename, $attr, $i); @@ -1239,7 +1466,7 @@ class Net_SFTP extends Net_SSH2 { } /* - "Because some systems must use separate system calls to set various attributes, it is possible that a failure + "Because some systems must use separate system calls to set various attributes, it is possible that a failure response will be returned, but yet some of the attributes may be have been successfully modified. If possible, servers SHOULD avoid this situation; however, clients MUST be aware that this is possible." @@ -1277,7 +1504,7 @@ class Net_SFTP extends Net_SSH2 { return false; } $i = 0; - $entries = $this->_list($path, true, false); + $entries = $this->_list($path, true); if ($entries === false) { return $this->_setstat($path, $attr, false); @@ -1289,11 +1516,8 @@ class Net_SFTP extends Net_SSH2 { return false; } + unset($entries['.'], $entries['..']); foreach ($entries as $filename=>$props) { - if ($filename == '.' || $filename == '..') { - continue; - } - if (!isset($props['type'])) { return false; } @@ -1310,7 +1534,7 @@ class Net_SFTP extends Net_SSH2 { $i++; - if ($i >= 50) { + if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } @@ -1325,7 +1549,7 @@ class Net_SFTP extends Net_SSH2 { $i++; - if ($i >= 50) { + if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } @@ -1335,6 +1559,86 @@ class Net_SFTP extends Net_SSH2 { return true; } + /** + * Return the target of a symbolic link + * + * @param String $link + * @return Mixed + * @access public + */ + function readlink($link) + { + if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { + return false; + } + + $link = $this->_realpath($link); + + if (!$this->_send_sftp_packet(NET_SFTP_READLINK, pack('Na*', strlen($link), $link))) { + return false; + } + + $response = $this->_get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_NAME: + break; + case NET_SFTP_STATUS: + $this->_logError($response); + return false; + default: + user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); + return false; + } + + extract(unpack('Ncount', $this->_string_shift($response, 4))); + // the file isn't a symlink + if (!$count) { + return false; + } + + extract(unpack('Nlength', $this->_string_shift($response, 4))); + return $this->_string_shift($response, $length); + } + + /** + * Create a symlink + * + * symlink() creates a symbolic link to the existing target with the specified name link. + * + * @param String $target + * @param String $link + * @return Boolean + * @access public + */ + function symlink($target, $link) + { + if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { + return false; + } + + $target = $this->_realpath($target); + $link = $this->_realpath($link); + + $packet = pack('Na*Na*', strlen($target), $target, strlen($link), $link); + if (!$this->_send_sftp_packet(NET_SFTP_SYMLINK, $packet)) { + return false; + } + + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + user_error('Expected SSH_FXP_STATUS'); + return false; + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + return true; + } + /** * Creates a directory. * @@ -1349,7 +1653,7 @@ class Net_SFTP extends Net_SSH2 { } $dir = $this->_realpath($dir); - // by not providing any permissions, hopefully the server will use the logged in users umask - their + // by not providing any permissions, hopefully the server will use the logged in users umask - their // default permissions. $attr = $mode == -1 ? "\0\0\0\0" : pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777); @@ -1395,8 +1699,6 @@ class Net_SFTP extends Net_SSH2 { return false; } - $this->_save_dir($dir); - return true; } @@ -1435,7 +1737,11 @@ class Net_SFTP extends Net_SSH2 { return false; } - $this->_remove_dir($dir); + $this->_remove_from_stat_cache($dir); + // the following will do a soft delete, which would be useful if you deleted a file + // and then tried to do a stat on the deleted file. the above, in contrast, does + // a hard delete + //$this->_update_stat_cache($dir, false); return true; } @@ -1447,26 +1753,42 @@ class Net_SFTP extends Net_SSH2 { * So, for example, if you set $data to 'filename.ext' and then do Net_SFTP::get(), you will get a file, twelve bytes * long, containing 'filename.ext' as its contents. * - * Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will + * Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how * large $remote_file will be, as well. * + * If $data is a resource then it'll be used as a resource instead. + * * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take * care of that, yourself. * - * As for $start... if it's negative (which it is by default) a new file will be created or an existing - * file truncated depending on $mode | NET_SFTP_RESUME. If it's zero or positive it'll be updated at that - * spot. + * $mode can take an additional two parameters - NET_SFTP_RESUME and NET_SFTP_RESUME_START. These are bitwise AND'd with + * $mode. So if you want to resume upload of a 300mb file on the local file system you'd set $mode to the following: + * + * NET_SFTP_LOCAL_FILE | NET_SFTP_RESUME + * + * If you wanted to simply append the full contents of a local file to the full contents of a remote file you'd replace + * NET_SFTP_RESUME with NET_SFTP_RESUME_START. + * + * If $mode & (NET_SFTP_RESUME | NET_SFTP_RESUME_START) then NET_SFTP_RESUME_START will be assumed. + * + * $start and $local_start give you more fine grained control over this process and take precident over NET_SFTP_RESUME + * when they're non-negative. ie. $start could let you write at the end of a file (like NET_SFTP_RESUME) or in the middle + * of one. $local_start could let you start your reading from the end of a file (like NET_SFTP_RESUME_START) or in the + * middle of one. + * + * Setting $local_start to > 0 or $mode | NET_SFTP_RESUME_START doesn't do anything unless $mode | NET_SFTP_LOCAL_FILE. * * @param String $remote_file - * @param String $data + * @param String|resource $data * @param optional Integer $mode * @param optional Integer $start + * @param optional Integer $local_start * @return Boolean * @access public * @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - Net_SFTP::setMode(). */ - function put($remote_file, $data, $mode = NET_SFTP_STRING, $start = -1) + function put($remote_file, $data, $mode = NET_SFTP_STRING, $start = -1, $local_start = -1) { if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) { return false; @@ -1477,24 +1799,23 @@ class Net_SFTP extends Net_SSH2 { return false; } + $this->_remove_from_stat_cache($remote_file); + $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE; // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file." // in practice, it doesn't seem to do that. //$flags|= ($mode & NET_SFTP_RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE; - // if NET_SFTP_OPEN_APPEND worked as it should the following (up until the -----------) wouldn't be necessary - $offset = 0; - if (($mode & NET_SFTP_RESUME) || $start >= 0) { - if ($start >= 0) { - $offset = $start; - } else { - $size = $this->_size($remote_file); - $offset = $size !== false ? $size : 0; - } + if ($start >= 0) { + $offset = $start; + } elseif ($mode & NET_SFTP_RESUME) { + // if NET_SFTP_OPEN_APPEND worked as it should _size() wouldn't need to be called + $size = $this->size($remote_file); + $offset = $size !== false ? $size : 0; } else { + $offset = 0; $flags|= NET_SFTP_OPEN_TRUNCATE; } - // -------------- $packet = pack('Na*N2', strlen($remote_file), $remote_file, $flags, 0); if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) { @@ -1514,19 +1835,34 @@ class Net_SFTP extends Net_SSH2 { return false; } - $initialize = true; - // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3 - if ($mode & NET_SFTP_LOCAL_FILE) { - if (!is_file($data)) { - user_error("$data is not a valid file"); - return false; + switch (true) { + case is_resource($data): + $mode = $mode & ~NET_SFTP_LOCAL_FILE; + $fp = $data; + break; + case $mode & NET_SFTP_LOCAL_FILE: + if (!is_file($data)) { + user_error("$data is not a valid file"); + return false; + } + $fp = @fopen($data, 'rb'); + if (!$fp) { + return false; + } + } + + if (isset($fp)) { + $stat = fstat($fp); + $size = $stat['size']; + + if ($local_start >= 0) { + fseek($fp, $local_start); + } elseif ($mode & NET_SFTP_RESUME_START) { + // do nothing + } else { + fseek($fp, $offset); } - $fp = @fopen($data, 'rb'); - if (!$fp) { - return false; - } - $size = filesize($data); } else { $size = strlen($data); } @@ -1535,20 +1871,24 @@ class Net_SFTP extends Net_SSH2 { $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size; $sftp_packet_size = 4096; // PuTTY uses 4096 + // make the SFTP packet be exactly 4096 bytes by including the bytes in the NET_SFTP_WRITE packets "header" + $sftp_packet_size-= strlen($handle) + 25; $i = 0; while ($sent < $size) { - $temp = $mode & NET_SFTP_LOCAL_FILE ? fread($fp, $sftp_packet_size) : $this->_string_shift($data, $sftp_packet_size); + $temp = isset($fp) ? fread($fp, $sftp_packet_size) : substr($data, $sent, $sftp_packet_size); $subtemp = $offset + $sent; - $packet = pack('Na*N3a*', strlen($handle), $handle, $subtemp / 0x100000000, $subtemp, strlen($temp), $temp); + $packet = pack('Na*N3a*', strlen($handle), $handle, $subtemp / 4294967296, $subtemp, strlen($temp), $temp); if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) { - fclose($fp); + if ($mode & NET_SFTP_LOCAL_FILE) { + fclose($fp); + } return false; } $sent+= strlen($temp); $i++; - if ($i == 50) { + if ($i == NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { $i = 0; break; @@ -1558,6 +1898,10 @@ class Net_SFTP extends Net_SSH2 { } if (!$this->_read_put_responses($i)) { + if ($mode & NET_SFTP_LOCAL_FILE) { + fclose($fp); + } + $this->_close_handle($handle); return false; } @@ -1565,23 +1909,7 @@ class Net_SFTP extends Net_SSH2 { fclose($fp); } - if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { - return false; - } - - $response = $this->_get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - user_error('Expected SSH_FXP_STATUS'); - return false; - } - - extract(unpack('Nstatus', $this->_string_shift($response, 4))); - if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); - return false; - } - - return true; + return $this->_close_handle($handle); } /** @@ -1613,6 +1941,36 @@ class Net_SFTP extends Net_SSH2 { return $i < 0; } + /** + * Close handle + * + * @param String $handle + * @return Boolean + * @access private + */ + function _close_handle($handle) + { + if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { + return false; + } + + // "The client MUST release all resources associated with the handle regardless of the status." + // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3 + $response = $this->_get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + user_error('Expected SSH_FXP_STATUS'); + return false; + } + + extract(unpack('Nstatus', $this->_string_shift($response, 4))); + if ($status != NET_SFTP_STATUS_OK) { + $this->_logError($response, $status); + return false; + } + + return true; + } + /** * Downloads a file from the SFTP server. * @@ -1658,20 +2016,30 @@ class Net_SFTP extends Net_SSH2 { return false; } - if ($local_file !== false) { - $fp = fopen($local_file, 'wb'); - if (!$fp) { - return false; - } + if (is_resource($local_file)) { + $fp = $local_file; + $stat = fstat($fp); + $res_offset = $stat['size']; } else { - $content = ''; + $res_offset = 0; + if ($local_file !== false) { + $fp = fopen($local_file, 'wb'); + if (!$fp) { + return false; + } + } else { + $content = ''; + } } - $size = (1 << 20) < $length || $length < 0 ? 1 << 20 : $length; + $fclose_check = $local_file !== false && !is_resource($local_file); + + $start = $offset; + $size = $this->max_sftp_packet < $length || $length < 0 ? $this->max_sftp_packet : $length; while (true) { - $packet = pack('Na*N3', strlen($handle), $handle, $offset / 0x100000000, $offset, $size); + $packet = pack('Na*N3', strlen($handle), $handle, $offset / 4294967296, $offset, $size); if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) { - if ($local_file !== false) { + if ($fclose_check) { fclose($fp); } return false; @@ -1694,51 +2062,35 @@ class Net_SFTP extends Net_SSH2 { break 2; default: user_error('Expected SSH_FXP_DATA or SSH_FXP_STATUS'); - if ($local_file !== false) { + if ($fclose_check) { fclose($fp); } return false; } - if ($length > 0 && $length <= $offset - $size) { + if ($length > 0 && $length <= $offset - $start) { break; } } - if ($length > 0 && $length <= $offset - $size) { + if ($length > 0 && $length <= $offset - $start) { if ($local_file === false) { $content = substr($content, 0, $length); } else { - ftruncate($fp, $length); + ftruncate($fp, $length + $res_offset); } } - if ($local_file !== false) { + if ($fclose_check) { fclose($fp); } - if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) { - return false; - } - - $response = $this->_get_sftp_packet(); - if ($this->packet_type != NET_SFTP_STATUS) { - user_error('Expected SSH_FXP_STATUS'); - return false; - } - - extract(unpack('Nstatus', $this->_string_shift($response, 4))); - if ($status != NET_SFTP_STATUS_OK) { - $this->_logError($response, $status); + if (!$this->_close_handle($handle)) { return false; } // if $content isn't set that means a file was written to - if (isset($content)) { - return $content; - } - - return true; + return isset($content) ? $content : true; } /** @@ -1784,6 +2136,8 @@ class Net_SFTP extends Net_SSH2 { return $result; } + $this->_remove_from_stat_cache($path); + return true; } @@ -1803,7 +2157,7 @@ class Net_SFTP extends Net_SSH2 { return false; } $i = 0; - $entries = $this->_list($path, true, false); + $entries = $this->_list($path, true); // normally $entries would have at least . and .. but it might not if the directories // permissions didn't allow reading @@ -1811,11 +2165,8 @@ class Net_SFTP extends Net_SSH2 { return false; } + unset($entries['.'], $entries['..']); foreach ($entries as $filename=>$props) { - if ($filename == '.' || $filename == '..') { - continue; - } - if (!isset($props['type'])) { return false; } @@ -1832,23 +2183,23 @@ class Net_SFTP extends Net_SSH2 { $i++; - if ($i >= 50) { + if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } $i = 0; } } + $this->_remove_from_stat_cache($path); } if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($path), $path))) { return false; } - $this->_remove_dir($path); $i++; - if ($i >= 50) { + if ($i >= NET_SFTP_QUEUE_SIZE) { if (!$this->_read_put_responses($i)) { return false; } @@ -1858,6 +2209,205 @@ class Net_SFTP extends Net_SSH2 { return true; } + /** + * Checks whether a file or directory exists + * + * @param String $path + * @return Boolean + * @access public + */ + function file_exists($path) + { + if ($this->use_stat_cache) { + $path = $this->_realpath($path); + + $result = $this->_query_stat_cache($path); + + if (isset($result)) { + // return true if $result is an array or if it's an stdClass object + return $result !== false; + } + } + + return $this->stat($path) !== false; + } + + /** + * Tells whether the filename is a directory + * + * @param String $path + * @return Boolean + * @access public + */ + function is_dir($path) + { + $result = $this->_get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_DIRECTORY; + } + + /** + * Tells whether the filename is a regular file + * + * @param String $path + * @return Boolean + * @access public + */ + function is_file($path) + { + $result = $this->_get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_REGULAR; + } + + /** + * Tells whether the filename is a symbolic link + * + * @param String $path + * @return Boolean + * @access public + */ + function is_link($path) + { + $result = $this->_get_stat_cache_prop($path, 'type'); + if ($result === false) { + return false; + } + return $result === NET_SFTP_TYPE_SYMLINK; + } + + /** + * Gets last access time of file + * + * @param String $path + * @return Mixed + * @access public + */ + function fileatime($path) + { + return $this->_get_stat_cache_prop($path, 'atime'); + } + + /** + * Gets file modification time + * + * @param String $path + * @return Mixed + * @access public + */ + function filemtime($path) + { + return $this->_get_stat_cache_prop($path, 'mtime'); + } + + /** + * Gets file permissions + * + * @param String $path + * @return Mixed + * @access public + */ + function fileperms($path) + { + return $this->_get_stat_cache_prop($path, 'permissions'); + } + + /** + * Gets file owner + * + * @param String $path + * @return Mixed + * @access public + */ + function fileowner($path) + { + return $this->_get_stat_cache_prop($path, 'uid'); + } + + /** + * Gets file group + * + * @param String $path + * @return Mixed + * @access public + */ + function filegroup($path) + { + return $this->_get_stat_cache_prop($path, 'gid'); + } + + /** + * Gets file size + * + * @param String $path + * @return Mixed + * @access public + */ + function filesize($path) + { + return $this->_get_stat_cache_prop($path, 'size'); + } + + /** + * Gets file type + * + * @param String $path + * @return Mixed + * @access public + */ + function filetype($path) + { + $type = $this->_get_stat_cache_prop($path, 'type'); + if ($type === false) { + return false; + } + + switch ($type) { + case NET_SFTP_BLOCK_DEVICE: return 'block'; + case NET_SFTP_TYPE_CHAR_DEVICE: return 'char'; + case NET_SFTP_TYPE_DIRECTORY: return 'dir'; + case NET_SFTP_TYPE_FIFO: return 'fifo'; + case NET_SFTP_TYPE_REGULAR: return 'file'; + case NET_SFTP_TYPE_SYMLINK: return 'link'; + default: return false; + } + } + + /** + * Return a stat properity + * + * Uses cache if appropriate. + * + * @param String $path + * @param String $prop + * @return Mixed + * @access private + */ + function _get_stat_cache_prop($path, $prop) + { + if ($this->use_stat_cache) { + $path = $this->_realpath($path); + + $result = $this->_query_stat_cache($path); + + if (is_object($result) && isset($result->$prop)) { + return $result->$prop; + } + } + + $result = $this->stat($path); + + if ($result === false || !isset($result[$prop])) { + return false; + } + + return $result[$prop]; + } + /** * Renames a file or a directory on the SFTP server * @@ -1897,6 +2447,12 @@ class Net_SFTP extends Net_SSH2 { return false; } + // don't move the stat cache entry over since this operation could very well change the + // atime and mtime attributes + //$this->_update_stat_cache($newname, $this->_query_stat_cache($oldname)); + $this->_remove_from_stat_cache($oldname); + $this->_remove_from_stat_cache($newname); + return true; } @@ -1923,7 +2479,7 @@ class Net_SFTP extends Net_SSH2 { // (0xFFFFFFFF bytes), anyway. as such, we'll just represent all file sizes that are bigger than // 4GB as being 4GB. extract(unpack('Nupper/Nsize', $this->_string_shift($response, 8))); - $attr['size'] = $upper ? 0x100000000 * $upper : 0; + $attr['size'] = $upper ? 4294967296 * $upper : 0; $attr['size']+= $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size; break; case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) @@ -2054,7 +2610,7 @@ class Net_SFTP extends Net_SSH2 { $stop = strtok(microtime(), ' ') + strtok(''); if (defined('NET_SFTP_LOGGING')) { - $packet_type = '-> ' . $this->packet_types[$type] . + $packet_type = '-> ' . $this->packet_types[$type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) { echo "
\r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n
\r\n"; @@ -2130,7 +2686,7 @@ class Net_SFTP extends Net_SSH2 { $packet = $this->_string_shift($this->packet_buffer, $length); if (defined('NET_SFTP_LOGGING')) { - $packet_type = '<- ' . $this->packet_types[$this->packet_type] . + $packet_type = '<- ' . $this->packet_types[$this->packet_type] . ' (' . round($stop - $start, 4) . 's)'; if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) { echo "
\r\n" . $this->_format_log(array($packet), array($packet_type)) . "\r\n
\r\n"; @@ -2220,4 +2776,4 @@ class Net_SFTP extends Net_SSH2 { $this->pwd = false; parent::_disconnect($reason); } -} \ No newline at end of file +} diff --git a/Net/SFTP/Stream.php b/Net/SFTP/Stream.php index 72341da..0c84ab4 100755 --- a/Net/SFTP/Stream.php +++ b/Net/SFTP/Stream.php @@ -1,5 +1,4 @@ - * @copyright MMXIII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Net + * @package Net_SFTP_Stream + * @author Jim Wigginton + * @copyright MMXIII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /** * SFTP Stream Wrapper * - * @author Jim Wigginton - * @version 0.3.2 - * @access public * @package Net_SFTP_Stream + * @author Jim Wigginton + * @access public */ -class Net_SFTP_Stream { +class Net_SFTP_Stream +{ /** * SFTP instances * @@ -127,6 +126,22 @@ class Net_SFTP_Stream { */ var $notification; + /** + * Registers this class as a URL wrapper. + * + * @param optional String $protocol The wrapper name to be registered. + * @return Boolean True on success, false otherwise. + * @access public + */ + static function register($protocol = 'sftp') + { + if (in_array($protocol, stream_get_wrappers(), true)) { + return false; + } + $class = function_exists('get_called_class') ? get_called_class() : __CLASS__; + return stream_wrapper_register($protocol, $class); + } + /** * The Constructor * @@ -134,8 +149,12 @@ class Net_SFTP_Stream { */ function Net_SFTP_Stream() { + if (defined('NET_SFTP_STREAM_LOGGING')) { + echo "__construct()\r\n"; + } + if (!class_exists('Net_SFTP')) { - require_once('Net/SFTP.php'); + include_once 'Net/SFTP.php'; } } @@ -153,44 +172,48 @@ class Net_SFTP_Stream { */ function _parse_path($path) { - extract(parse_url($path)); + extract(parse_url($path) + array('port' => 22)); if (!isset($host)) { return false; } - $context = stream_context_get_params($this->context); - if (isset($context['notification'])) { - $this->notification = $context['notification']; + if (isset($this->context)) { + $context = stream_context_get_params($this->context); + if (isset($context['notification'])) { + $this->notification = $context['notification']; + } } if ($host[0] == '$') { $host = substr($host, 1); global $$host; - if (!is_object($$host) || get_class($$host) != 'Net_sFTP') { + if (!is_object($$host) || get_class($$host) != 'Net_SFTP') { return false; } $this->sftp = $$host; } else { - $context = stream_context_get_options($this->context); - if (isset($context['sftp']['session'])) { - $sftp = $context['sftp']['session']; + if (isset($this->context)) { + $context = stream_context_get_options($this->context); } - if (isset($context['sftp']['sftp'])) { - $sftp = $context['sftp']['sftp']; + if (isset($context[$scheme]['session'])) { + $sftp = $context[$scheme]['session']; + } + if (isset($context[$scheme]['sftp'])) { + $sftp = $context[$scheme]['sftp']; } if (isset($sftp) && is_object($sftp) && get_class($sftp) == 'Net_SFTP') { $this->sftp = $sftp; return $path; } - if (isset($context['sftp']['username'])) { - $user = $context['sftp']['username']; + if (isset($context[$scheme]['username'])) { + $user = $context[$scheme]['username']; } - if (isset($context['sftp']['password'])) { - $pass = $context['sftp']['password']; + if (isset($context[$scheme]['password'])) { + $pass = $context[$scheme]['password']; } - if (isset($context['sftp']['privkey']) && is_object($context['sftp']['privkey']) && get_Class($context['sftp']['privkey']) == 'Crypt_RSA') { - $pass = $context['sftp']['privkey']; + if (isset($context[$scheme]['privkey']) && is_object($context[$scheme]['privkey']) && get_Class($context[$scheme]['privkey']) == 'Crypt_RSA') { + $pass = $context[$scheme]['privkey']; } if (!isset($user) || !isset($pass)) { @@ -201,7 +224,8 @@ class Net_SFTP_Stream { if (isset(self::$instances[$host][$port][$user][(string) $pass])) { $this->sftp = self::$instances[$host][$port][$user][(string) $pass]; } else { - $this->sftp = new Net_SFTP($host, isset($port) ? $port : 22); + $this->sftp = new Net_SFTP($host, $port); + $this->sftp->disableStatCache(); if (isset($this->notification) && is_callable($this->notification)) { /* if !is_callable($this->notification) we could do this: @@ -252,6 +276,7 @@ class Net_SFTP_Stream { $this->size = $this->sftp->size($path); $this->mode = preg_replace('#[bt]$#', '', $mode); + $this->eof = false; if ($this->size === false) { if ($this->mode[0] == 'r') { @@ -508,7 +533,20 @@ class Net_SFTP_Stream { * Open directory handle * * The only $options is "whether or not to enforce safe_mode (0x04)". Since safe mode was deprecated in 5.3 and - * removed in 5.4 I'm just going to ignore it + * removed in 5.4 I'm just going to ignore it. + * + * Also, nlist() is the best that this function is realistically going to be able to do. When an SFTP client + * sends a SSH_FXP_READDIR packet you don't generally get info on just one file but on multiple files. Quoting + * the SFTP specs: + * + * The SSH_FXP_NAME response has the following format: + * + * uint32 id + * uint32 count + * repeats count times: + * string filename + * string longname + * ATTRS attrs * * @param String $path * @param Integer $options @@ -761,6 +799,4 @@ class Net_SFTP_Stream { } } -if (function_exists('stream_wrapper_register')) { - stream_wrapper_register('sftp', 'Net_SFTP_Stream'); -} +Net_SFTP_Stream::register(); diff --git a/Net/SSH1.php b/Net/SSH1.php index 17196a3..35e6d5e 100755 --- a/Net/SSH1.php +++ b/Net/SSH1.php @@ -1,5 +1,4 @@ * login('username', 'password')) { @@ -23,7 +22,7 @@ * Here's another short example: * * login('username', 'password')) { @@ -36,7 +35,7 @@ * ?> * * - * More information on the SSHv1 specification can be found by reading + * More information on the SSHv1 specification can be found by reading * {@link http://www.snailbook.com/docs/protocol-1.5.txt protocol-1.5.txt}. * * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy @@ -45,10 +44,10 @@ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -57,12 +56,12 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Net - * @package Net_SSH1 - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Net + * @package Net_SSH1 + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /**#@+ @@ -183,8 +182,9 @@ define('NET_SSH1_RESPONSE_DATA', 2); * @access private */ define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001); -define('NET_SSH1_MASK_LOGIN', 0x00000002); -define('NET_SSH1_MASK_SHELL', 0x00000004); +define('NET_SSH1_MASK_CONNECTED', 0x00000002); +define('NET_SSH1_MASK_LOGIN', 0x00000004); +define('NET_SSH1_MASK_SHELL', 0x00000008); /**#@-*/ /**#@+ @@ -202,11 +202,11 @@ define('NET_SSH1_LOG_COMPLEX', 2); /** * Outputs the content real-time */ -define('NET_SSH2_LOG_REALTIME', 3); +define('NET_SSH1_LOG_REALTIME', 3); /** * Dumps the content real-time to a file */ -define('NET_SSH2_LOG_REALTIME_FILE', 4); +define('NET_SSH1_LOG_REALTIME_FILE', 4); /**#@-*/ /**#@+ @@ -226,12 +226,12 @@ define('NET_SSH1_READ_REGEX', 2); /** * Pure-PHP implementation of SSHv1. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Net_SSH1 + * @author Jim Wigginton + * @access public */ -class Net_SSH1 { +class Net_SSH1 +{ /** * The SSH identifier * @@ -429,11 +429,80 @@ class Net_SSH1 { /** * Current Timeout * - * @see Net_SSH2::_get_channel_packet() + * @see Net_SSH1::_get_channel_packet() * @access private */ var $curTimeout; + /** + * Log Boundary + * + * @see Net_SSH1::_format_log + * @access private + */ + var $log_boundary = ':'; + + /** + * Log Long Width + * + * @see Net_SSH1::_format_log + * @access private + */ + var $log_long_width = 65; + + /** + * Log Short Width + * + * @see Net_SSH1::_format_log + * @access private + */ + var $log_short_width = 16; + + /** + * Hostname + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var String + * @access private + */ + var $host; + + /** + * Port Number + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var Integer + * @access private + */ + var $port; + + /** + * Timeout for initial connection + * + * Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like + * exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor, + * however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be + * 10 seconds. It is used by fsockopen() in that function. + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var Integer + * @access private + */ + var $connectionTimeout; + + /** + * Default cipher + * + * @see Net_SSH1::Net_SSH1() + * @see Net_SSH1::_connect() + * @var Integer + * @access private + */ + var $cipher; + /** * Default Constructor. * @@ -449,16 +518,16 @@ class Net_SSH1 { function Net_SSH1($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES) { if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); + include_once 'Math/BigInteger.php'; } // Include Crypt_Random // the class_exists() will only be called if the crypt_random_string function hasn't been defined and // will trigger a call to __autoload() if you're wanting to auto-load classes - // call function_exists() a second time to stop the require_once from being called outside + // call function_exists() a second time to stop the include_once from being called outside // of the auto loader if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) { - require_once('Crypt/Random.php'); + include_once 'Crypt/Random.php'; } $this->protocol_flags = array( @@ -482,10 +551,24 @@ class Net_SSH1 { $this->_define_array($this->protocol_flags); - $this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout); + $this->host = $host; + $this->port = $port; + $this->connectionTimeout = $timeout; + $this->cipher = $cipher; + } + + /** + * Connect to an SSHv1 server + * + * @return Boolean + * @access private + */ + function _connect() + { + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $this->connectionTimeout); if (!$this->fsock) { - user_error(rtrim("Cannot connect to $host. Error $errno. $errstr")); - return; + user_error(rtrim("Cannot connect to {$this->host}:{$this->port}. Error $errno. $errstr")); + return false; } $this->server_identification = $init_line = fgets($this->fsock, 255); @@ -497,11 +580,11 @@ class Net_SSH1 { if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) { user_error('Can only connect to SSH servers'); - return; + return false; } if ($parts[1][0] != 1) { user_error("Cannot connect to SSH $parts[1] servers"); - return; + return false; } fputs($this->fsock, $this->identifier."\r\n"); @@ -509,7 +592,7 @@ class Net_SSH1 { $response = $this->_get_binary_packet(); if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) { user_error('Expected SSH_SMSG_PUBLIC_KEY'); - return; + return false; } $anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8); @@ -589,12 +672,12 @@ class Net_SSH1 { ); } - $cipher = isset($this->supported_ciphers[$cipher]) ? $cipher : NET_SSH1_CIPHER_3DES; + $cipher = isset($this->supported_ciphers[$this->cipher]) ? $this->cipher : NET_SSH1_CIPHER_3DES; $data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0); if (!$this->_send_binary_packet($data)) { user_error('Error sending SSH_CMSG_SESSION_KEY'); - return; + return false; } switch ($cipher) { @@ -603,7 +686,7 @@ class Net_SSH1 { // break; case NET_SSH1_CIPHER_DES: if (!class_exists('Crypt_DES')) { - require_once('Crypt/DES.php'); + include_once 'Crypt/DES.php'; } $this->crypto = new Crypt_DES(); $this->crypto->disablePadding(); @@ -612,7 +695,7 @@ class Net_SSH1 { break; case NET_SSH1_CIPHER_3DES: if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $this->crypto = new Crypt_TripleDES(CRYPT_DES_MODE_3CBC); $this->crypto->disablePadding(); @@ -621,7 +704,7 @@ class Net_SSH1 { break; //case NET_SSH1_CIPHER_RC4: // if (!class_exists('Crypt_RC4')) { - // require_once('Crypt/RC4.php'); + // include_once 'Crypt/RC4.php'; // } // $this->crypto = new Crypt_RC4(); // $this->crypto->enableContinuousBuffer(); @@ -633,10 +716,12 @@ class Net_SSH1 { if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) { user_error('Expected SSH_SMSG_SUCCESS'); - return; + return false; } - $this->bitmap = NET_SSH1_MASK_CONSTRUCTOR; + $this->bitmap = NET_SSH1_MASK_CONNECTED; + + return true; } /** @@ -650,6 +735,13 @@ class Net_SSH1 { function login($username, $password = '') { if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) { + $this->bitmap |= NET_SSH1_MASK_CONSTRUCTOR; + if (!$this->_connect()) { + return false; + } + } + + if (!($this->bitmap & NET_SSH1_MASK_CONNECTED)) { return false; } @@ -1017,7 +1109,7 @@ class Net_SSH1 { if ($this->curTimeout) { $read = array($this->fsock); - $write = $except = NULL; + $write = $except = null; $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $sec = floor($this->curTimeout); @@ -1253,7 +1345,7 @@ class Net_SSH1 { { /* if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $rsa = new Crypt_RSA(); @@ -1318,7 +1410,7 @@ class Net_SSH1 { /** * Returns a log of the packets that have been sent and received. * - * Returns a string if NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX, an array if NET_SSH2_LOGGING == NET_SSH2_LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING') + * Returns a string if NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX, an array if NET_SSH1_LOGGING == NET_SSH1_LOG_SIMPLE and false if !defined('NET_SSH1_LOGGING') * * @access public * @return String or Array @@ -1351,8 +1443,6 @@ class Net_SSH1 { */ function _format_log($message_log, $message_number_log) { - static $boundary = ':', $long_width = 65, $short_width = 16; - $output = ''; for ($i = 0; $i < count($message_log); $i++) { $output.= $message_number_log[$i] . "\r\n"; @@ -1362,19 +1452,13 @@ class Net_SSH1 { if (strlen($current_log)) { $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } - $fragment = $this->_string_shift($current_log, $short_width); - $hex = substr( - preg_replace( - '#(.)#es', - '"' . $boundary . '" . str_pad(dechex(ord(substr("\\1", -1))), 2, "0", STR_PAD_LEFT)', - $fragment), - strlen($boundary) - ); + $fragment = $this->_string_shift($current_log, $this->log_short_width); + $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment); - $output.= str_pad($hex, $long_width - $short_width, ' ') . $raw . "\r\n"; + $output.= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; $j++; } while (strlen($current_log)); $output.= "\r\n"; @@ -1383,6 +1467,20 @@ class Net_SSH1 { return $output; } + /** + * Helper function for _format_log + * + * For use with preg_replace_callback() + * + * @param Array $matches + * @access private + * @return String + */ + function _format_log_helper($matches) + { + return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); + } + /** * Return the server key public exponent * @@ -1496,57 +1594,57 @@ class Net_SSH1 { */ function _append_log($protocol_flags, $message) { - switch (NET_SSH1_LOGGING) { - // useful for benchmarks - case NET_SSH1_LOG_SIMPLE: - $this->protocol_flags_log[] = $protocol_flags; + switch (NET_SSH1_LOGGING) { + // useful for benchmarks + case NET_SSH1_LOG_SIMPLE: + $this->protocol_flags_log[] = $protocol_flags; + break; + // the most useful log for SSH1 + case NET_SSH1_LOG_COMPLEX: + $this->protocol_flags_log[] = $protocol_flags; + $this->_string_shift($message); + $this->log_size+= strlen($message); + $this->message_log[] = $message; + while ($this->log_size > NET_SSH1_LOG_MAX_SIZE) { + $this->log_size-= strlen(array_shift($this->message_log)); + array_shift($this->protocol_flags_log); + } + break; + // dump the output out realtime; packets may be interspersed with non packets, + // passwords won't be filtered out and select other packets may not be correctly + // identified + case NET_SSH1_LOG_REALTIME: + echo "
\r\n" . $this->_format_log(array($message), array($protocol_flags)) . "\r\n
\r\n"; + @flush(); + @ob_flush(); + break; + // basically the same thing as NET_SSH1_LOG_REALTIME with the caveat that NET_SSH1_LOG_REALTIME_FILE + // needs to be defined and that the resultant log file will be capped out at NET_SSH1_LOG_MAX_SIZE. + // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily + // at the beginning of the file + case NET_SSH1_LOG_REALTIME_FILE: + if (!isset($this->realtime_log_file)) { + // PHP doesn't seem to like using constants in fopen() + $filename = NET_SSH1_LOG_REALTIME_FILE; + $fp = fopen($filename, 'w'); + $this->realtime_log_file = $fp; + } + if (!is_resource($this->realtime_log_file)) { break; - // the most useful log for SSH1 - case NET_SSH1_LOG_COMPLEX: - $this->protocol_flags_log[] = $protocol_flags; - $this->_string_shift($message); - $this->log_size+= strlen($message); - $this->message_log[] = $message; - while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) { - $this->log_size-= strlen(array_shift($this->message_log)); - array_shift($this->protocol_flags_log); - } - break; - // dump the output out realtime; packets may be interspersed with non packets, - // passwords won't be filtered out and select other packets may not be correctly - // identified - case NET_SSH1_LOG_REALTIME: - echo "
\r\n" . $this->_format_log(array($message), array($protocol_flags)) . "\r\n
\r\n"; - @flush(); - @ob_flush(); - break; - // basically the same thing as NET_SSH1_LOG_REALTIME with the caveat that NET_SSH1_LOG_REALTIME_FILE - // needs to be defined and that the resultant log file will be capped out at NET_SSH1_LOG_MAX_SIZE. - // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily - // at the beginning of the file - case NET_SSH1_LOG_REALTIME_FILE: - if (!isset($this->realtime_log_file)) { - // PHP doesn't seem to like using constants in fopen() - $filename = NET_SSH2_LOG_REALTIME_FILE; - $fp = fopen($filename, 'w'); - $this->realtime_log_file = $fp; - } - if (!is_resource($this->realtime_log_file)) { - break; - } - $entry = $this->_format_log(array($message), array($protocol_flags)); - if ($this->realtime_log_wrap) { - $temp = "<<< START >>>\r\n"; - $entry.= $temp; - fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); - } - $this->realtime_log_size+= strlen($entry); - if ($this->realtime_log_size > NET_SSH1_LOG_MAX_SIZE) { - fseek($this->realtime_log_file, 0); - $this->realtime_log_size = strlen($entry); - $this->realtime_log_wrap = true; - } - fputs($this->realtime_log_file, $entry); - } + } + $entry = $this->_format_log(array($message), array($protocol_flags)); + if ($this->realtime_log_wrap) { + $temp = "<<< START >>>\r\n"; + $entry.= $temp; + fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); + } + $this->realtime_log_size+= strlen($entry); + if ($this->realtime_log_size > NET_SSH1_LOG_MAX_SIZE) { + fseek($this->realtime_log_file, 0); + $this->realtime_log_size = strlen($entry); + $this->realtime_log_wrap = true; + } + fputs($this->realtime_log_file, $entry); + } } } diff --git a/Net/SSH2.php b/Net/SSH2.php index f1359e7..e3947d5 100755 --- a/Net/SSH2.php +++ b/Net/SSH2.php @@ -1,5 +1,4 @@ * login('username', 'password')) { @@ -23,8 +22,8 @@ * * * setPassword('whatever'); @@ -47,10 +46,10 @@ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * copies of the Software, and to permit persons to whom the Software is * furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -59,12 +58,12 @@ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. * - * @category Net - * @package Net_SSH2 - * @author Jim Wigginton - * @copyright MMVII Jim Wigginton - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @link http://phpseclib.sourceforge.net + * @category Net + * @package Net_SSH2 + * @author Jim Wigginton + * @copyright MMVII Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net */ /**#@+ @@ -73,10 +72,12 @@ * @see Net_SSH2::bitmap * @access private */ -define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001); -define('NET_SSH2_MASK_LOGIN_REQ', 0x00000002); -define('NET_SSH2_MASK_LOGIN', 0x00000004); -define('NET_SSH2_MASK_SHELL', 0x00000008); +define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001); +define('NET_SSH2_MASK_CONNECTED', 0x00000002); +define('NET_SSH2_MASK_LOGIN_REQ', 0x00000004); +define('NET_SSH2_MASK_LOGIN', 0x00000008); +define('NET_SSH2_MASK_SHELL', 0x00000010); +define('NET_SSH2_MASK_WINDOW_ADJUST', 0X00000020); /**#@-*/ /**#@+ @@ -95,8 +96,9 @@ define('NET_SSH2_MASK_SHELL', 0x00000008); * @see Net_SSH2::_get_channel_packet() * @access private */ -define('NET_SSH2_CHANNEL_EXEC', 0); // PuTTy uses 0x100 -define('NET_SSH2_CHANNEL_SHELL',1); +define('NET_SSH2_CHANNEL_EXEC', 0); // PuTTy uses 0x100 +define('NET_SSH2_CHANNEL_SHELL', 1); +define('NET_SSH2_CHANNEL_SUBSYSTEM', 2); /**#@-*/ /**#@+ @@ -142,19 +144,19 @@ define('NET_SSH2_LOG_MAX_SIZE', 1024 * 1024); /** * Pure-PHP implementation of SSHv2. * - * @author Jim Wigginton - * @version 0.1.0 - * @access public * @package Net_SSH2 + * @author Jim Wigginton + * @access public */ -class Net_SSH2 { +class Net_SSH2 +{ /** * The SSH identifier * * @var String * @access private */ - var $identifier = 'SSH-2.0-phpseclib_0.3'; + var $identifier; /** * The Socket Object @@ -189,100 +191,100 @@ class Net_SSH2 { * Server Identifier * * @see Net_SSH2::getServerIdentification() - * @var String + * @var mixed false or Array * @access private */ - var $server_identifier = ''; + var $server_identifier = false; /** * Key Exchange Algorithms * * @see Net_SSH2::getKexAlgorithims() - * @var Array + * @var mixed false or Array * @access private */ - var $kex_algorithms; + var $kex_algorithms = false; /** * Server Host Key Algorithms * * @see Net_SSH2::getServerHostKeyAlgorithms() - * @var Array + * @var mixed false or Array * @access private */ - var $server_host_key_algorithms; + var $server_host_key_algorithms = false; /** * Encryption Algorithms: Client to Server * * @see Net_SSH2::getEncryptionAlgorithmsClient2Server() - * @var Array + * @var mixed false or Array * @access private */ - var $encryption_algorithms_client_to_server; + var $encryption_algorithms_client_to_server = false; /** * Encryption Algorithms: Server to Client * * @see Net_SSH2::getEncryptionAlgorithmsServer2Client() - * @var Array + * @var mixed false or Array * @access private */ - var $encryption_algorithms_server_to_client; + var $encryption_algorithms_server_to_client = false; /** * MAC Algorithms: Client to Server * * @see Net_SSH2::getMACAlgorithmsClient2Server() - * @var Array + * @var mixed false or Array * @access private */ - var $mac_algorithms_client_to_server; + var $mac_algorithms_client_to_server = false; /** * MAC Algorithms: Server to Client * * @see Net_SSH2::getMACAlgorithmsServer2Client() - * @var Array + * @var mixed false or Array * @access private */ - var $mac_algorithms_server_to_client; + var $mac_algorithms_server_to_client = false; /** * Compression Algorithms: Client to Server * * @see Net_SSH2::getCompressionAlgorithmsClient2Server() - * @var Array + * @var mixed false or Array * @access private */ - var $compression_algorithms_client_to_server; + var $compression_algorithms_client_to_server = false; /** * Compression Algorithms: Server to Client * * @see Net_SSH2::getCompressionAlgorithmsServer2Client() - * @var Array + * @var mixed false or Array * @access private */ - var $compression_algorithms_server_to_client; + var $compression_algorithms_server_to_client = false; /** * Languages: Server to Client * * @see Net_SSH2::getLanguagesServer2Client() - * @var Array + * @var mixed false or Array * @access private */ - var $languages_server_to_client; + var $languages_server_to_client = false; /** * Languages: Client to Server * * @see Net_SSH2::getLanguagesClient2Server() - * @var Array + * @var mixed false or Array * @access private */ - var $languages_client_to_server; + var $languages_client_to_server = false; /** * Block Size for Server to Client Encryption @@ -542,7 +544,7 @@ class Net_SSH2 { var $window_size = 0x7FFFFFFF; /** - * Window size + * Window size, server to client * * Window size indexed by channel * @@ -552,6 +554,17 @@ class Net_SSH2 { */ var $window_size_server_to_client = array(); + /** + * Window size, client to server + * + * Window size indexed by channel + * + * @see Net_SSH2::_get_channel_packet() + * @var Array + * @access private + */ + var $window_size_client_to_server = array(); + /** * Server signature * @@ -657,6 +670,7 @@ class Net_SSH2 { /** * Time of first network activity * + * @var Integer * @access private */ var $last_packet; @@ -672,6 +686,7 @@ class Net_SSH2 { /** * Flag to request a PTY when using exec() * + * @var Boolean * @see Net_SSH2::enablePTY() * @access private */ @@ -680,13 +695,23 @@ class Net_SSH2 { /** * Flag set while exec() is running when using enablePTY() * + * @var Boolean * @access private */ var $in_request_pty_exec = false; + /** + * Flag set after startSubsystem() is called + * + * @var Boolean + * @access private + */ + var $in_subsystem; + /** * Contents of stdError * + * @var String * @access private */ var $stdErrorLog; @@ -695,6 +720,7 @@ class Net_SSH2 { * The Last Interactive Response * * @see Net_SSH2::_keyboard_interactive_process() + * @var String * @access private */ var $last_interactive_response = ''; @@ -703,6 +729,7 @@ class Net_SSH2 { * Keyboard Interactive Request / Responses * * @see Net_SSH2::_keyboard_interactive_process() + * @var Array * @access private */ var $keyboard_requests_responses = array(); @@ -715,6 +742,7 @@ class Net_SSH2 { * * @see Net_SSH2::_filter() * @see Net_SSH2::getBannerMessage() + * @var String * @access private */ var $banner_message = ''; @@ -722,19 +750,103 @@ class Net_SSH2 { /** * Did read() timeout or return normally? * - * @see Net_SSH2::isTimeout + * @see Net_SSH2::isTimeout() + * @var Boolean * @access private */ var $is_timeout = false; /** - * Default Constructor. + * Log Boundary * - * Connects to an SSHv2 server + * @see Net_SSH2::_format_log() + * @var String + * @access private + */ + var $log_boundary = ':'; + + /** + * Log Long Width + * + * @see Net_SSH2::_format_log() + * @var Integer + * @access private + */ + var $log_long_width = 65; + + /** + * Log Short Width + * + * @see Net_SSH2::_format_log() + * @var Integer + * @access private + */ + var $log_short_width = 16; + + /** + * Hostname + * + * @see Net_SSH2::Net_SSH2() + * @see Net_SSH2::_connect() + * @var String + * @access private + */ + var $host; + + /** + * Port Number + * + * @see Net_SSH2::Net_SSH2() + * @see Net_SSH2::_connect() + * @var Integer + * @access private + */ + var $port; + + /** + * Timeout for initial connection + * + * Set by the constructor call. Calling setTimeout() is optional. If it's not called functions like + * exec() won't timeout unless some PHP setting forces it too. The timeout specified in the constructor, + * however, is non-optional. There will be a timeout, whether or not you set it. If you don't it'll be + * 10 seconds. It is used by fsockopen() and the initial stream_select in that function. + * + * @see Net_SSH2::Net_SSH2() + * @see Net_SSH2::_connect() + * @var Integer + * @access private + */ + var $connectionTimeout; + + /** + * Number of columns for terminal window size + * + * @see Net_SSH2::getWindowColumns() + * @see Net_SSH2::setWindowColumns() + * @see Net_SSH2::setWindowSize() + * @var Integer + * @access private + */ + var $windowColumns = 80; + + /** + * Number of columns for terminal window size + * + * @see Net_SSH2::getWindowRows() + * @see Net_SSH2::setWindowRows() + * @see Net_SSH2::setWindowSize() + * @var Integer + * @access private + */ + var $windowRows = 24; + + /** + * Default Constructor. * * @param String $host * @param optional Integer $port * @param optional Integer $timeout + * @see Net_SSH2::login() * @return Net_SSH2 * @access public */ @@ -743,18 +855,17 @@ class Net_SSH2 { // Include Math_BigInteger // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. if (!class_exists('Math_BigInteger')) { - require_once('Math/BigInteger.php'); + include_once 'Math/BigInteger.php'; } if (!function_exists('crypt_random_string')) { - require_once('Crypt/Random.php'); + include_once 'Crypt/Random.php'; } if (!class_exists('Crypt_Hash')) { - require_once('Crypt/Hash.php'); + include_once 'Crypt/Hash.php'; } - $this->last_packet = strtok(microtime(), ' ') + strtok(''); // == microtime(true) in PHP5 $this->message_numbers = array( 1 => 'NET_SSH2_MSG_DISCONNECT', 2 => 'NET_SSH2_MSG_IGNORE', @@ -825,11 +936,35 @@ class Net_SSH2 { 61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE') ); + $this->host = $host; + $this->port = $port; + $this->connectionTimeout = $timeout; + } + + /** + * Connect to an SSHv2 server + * + * @return Boolean + * @access private + */ + function _connect() + { + if ($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) { + return false; + } + + $this->bitmap |= NET_SSH2_MASK_CONSTRUCTOR; + + $timeout = $this->connectionTimeout; + $host = $this->host . ':' . $this->port; + + $this->last_packet = strtok(microtime(), ' ') + strtok(''); // == microtime(true) in PHP5 + $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 - $this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout); + $this->fsock = @fsockopen($this->host, $this->port, $errno, $errstr, $timeout); if (!$this->fsock) { user_error(rtrim("Cannot connect to $host. Error $errno. $errstr")); - return; + return false; } $elapsed = strtok(microtime(), ' ') + strtok('') - $start; @@ -837,11 +972,11 @@ class Net_SSH2 { if ($timeout <= 0) { user_error(rtrim("Cannot connect to $host. Timeout error")); - return; + return false; } $read = array($this->fsock); - $write = $except = NULL; + $write = $except = null; $sec = floor($timeout); $usec = 1000000 * ($timeout - $sec); @@ -850,7 +985,7 @@ class Net_SSH2 { // the !count() is done as a workaround for if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) { user_error(rtrim("Cannot connect to $host. Banner timeout")); - return; + return false; } /* According to the SSH2 specs, @@ -875,19 +1010,7 @@ class Net_SSH2 { return false; } - $ext = array(); - if (extension_loaded('mcrypt')) { - $ext[] = 'mcrypt'; - } - if (extension_loaded('gmp')) { - $ext[] = 'gmp'; - } else if (extension_loaded('bcmath')) { - $ext[] = 'bcmath'; - } - - if (!empty($ext)) { - $this->identifier.= ' (' . implode(', ', $ext) . ')'; - } + $this->identifier = $this->_generate_identifier(); if (defined('NET_SSH2_LOGGING')) { $this->_append_log('<-', $extra . $temp); @@ -901,7 +1024,7 @@ class Net_SSH2 { if ($matches[1] != '1.99' && $matches[1] != '2.0') { user_error("Cannot connect to SSH $matches[1] servers"); - return; + return false; } fputs($this->fsock, $this->identifier . "\r\n"); @@ -909,19 +1032,51 @@ class Net_SSH2 { $response = $this->_get_binary_packet(); if ($response === false) { user_error('Connection closed by server'); - return; + return false; } if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) { user_error('Expected SSH_MSG_KEXINIT'); - return; + return false; } if (!$this->_key_exchange($response)) { - return; + return false; } - $this->bitmap = NET_SSH2_MASK_CONSTRUCTOR; + $this->bitmap|= NET_SSH2_MASK_CONNECTED; + + return true; + } + + /** + * Generates the SSH identifier + * + * You should overwrite this method in your own class if you want to use another identifier + * + * @access protected + * @return String + */ + function _generate_identifier() + { + $identifier = 'SSH-2.0-phpseclib_0.3'; + + $ext = array(); + if (extension_loaded('mcrypt')) { + $ext[] = 'mcrypt'; + } + + if (extension_loaded('gmp')) { + $ext[] = 'gmp'; + } elseif (extension_loaded('bcmath')) { + $ext[] = 'bcmath'; + } + + if (!empty($ext)) { + $identifier .= ' (' . implode(', ', $ext) . ')'; + } + + return $identifier; } /** @@ -942,47 +1097,86 @@ class Net_SSH2 { 'ssh-dss' // REQUIRED sign Raw DSS Key ); - static $encryption_algorithms = array( - // from : - 'arcfour256', - 'arcfour128', + static $encryption_algorithms = false; + if ($encryption_algorithms === false) { + $encryption_algorithms = array( + // from : + 'arcfour256', + 'arcfour128', - 'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key + //'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key - // CTR modes from : - 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key - 'aes192-ctr', // RECOMMENDED AES with 192-bit key - 'aes256-ctr', // RECOMMENDED AES with 256-bit key + // CTR modes from : + 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key + 'aes192-ctr', // RECOMMENDED AES with 192-bit key + 'aes256-ctr', // RECOMMENDED AES with 256-bit key - 'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode + 'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key + 'twofish192-ctr', // OPTIONAL Twofish with 192-bit key + 'twofish256-ctr', // OPTIONAL Twofish with 256-bit key - 'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key - 'twofish192-ctr', // OPTIONAL Twofish with 192-bit key - 'twofish256-ctr', // OPTIONAL Twofish with 256-bit key + 'aes128-cbc', // RECOMMENDED AES with a 128-bit key + 'aes192-cbc', // OPTIONAL AES with a 192-bit key + 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key - 'aes128-cbc', // RECOMMENDED AES with a 128-bit key - 'aes192-cbc', // OPTIONAL AES with a 192-bit key - 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key + 'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key + 'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key + 'twofish256-cbc', + 'twofish-cbc', // OPTIONAL alias for "twofish256-cbc" + // (this is being retained for historical reasons) - 'blowfish-cbc', // OPTIONAL Blowfish in CBC mode + 'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode - 'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key - 'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key - 'twofish256-cbc', - 'twofish-cbc', // OPTIONAL alias for "twofish256-cbc" - // (this is being retained for historical reasons) - '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode + 'blowfish-cbc', // OPTIONAL Blowfish in CBC mode - '3des-cbc', // REQUIRED three-key 3DES in CBC mode - 'none' // OPTIONAL no encryption; NOT RECOMMENDED - ); + '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode + + '3des-cbc', // REQUIRED three-key 3DES in CBC mode + //'none' // OPTIONAL no encryption; NOT RECOMMENDED + ); + + if (phpseclib_resolve_include_path('Crypt/RC4.php') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('arcfour256', 'arcfour128', 'arcfour') + ); + } + if (phpseclib_resolve_include_path('Crypt/Rijndael.php') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('aes128-ctr', 'aes192-ctr', 'aes256-ctr', 'aes128-cbc', 'aes192-cbc', 'aes256-cbc') + ); + } + if (phpseclib_resolve_include_path('Crypt/Twofish.php') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('twofish128-ctr', 'twofish192-ctr', 'twofish256-ctr', 'twofish128-cbc', 'twofish192-cbc', 'twofish256-cbc', 'twofish-cbc') + ); + } + if (phpseclib_resolve_include_path('Crypt/Blowfish.php') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('blowfish-ctr', 'blowfish-cbc') + ); + } + if (phpseclib_resolve_include_path('Crypt/TripleDES.php') === false) { + $encryption_algorithms = array_diff( + $encryption_algorithms, + array('3des-ctr', '3des-cbc') + ); + } + $encryption_algorithms = array_values($encryption_algorithms); + } + + $mac_algorithms = array( + // from : + 'hmac-sha2-256',// RECOMMENDED HMAC-SHA256 (digest length = key length = 32) - static $mac_algorithms = array( 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20) 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) 'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16) - 'none' // OPTIONAL no MAC; NOT RECOMMENDED + //'none' // OPTIONAL no MAC; NOT RECOMMENDED ); static $compression_algorithms = array( @@ -1167,23 +1361,23 @@ class Net_SSH2 { } switch ($kex_algorithms[$i]) { - // see http://tools.ietf.org/html/rfc2409#section-6.2 and + // see http://tools.ietf.org/html/rfc2409#section-6.2 and // http://tools.ietf.org/html/rfc2412, appendex E case 'diffie-hellman-group1-sha1': - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF'; break; // see http://tools.ietf.org/html/rfc3526#section-3 case 'diffie-hellman-group14-sha1': - $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . - '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . - '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . - 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . - '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . - '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . - 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . + $prime = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' . + '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' . + '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' . + 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' . + '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' . + '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' . + 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' . '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF'; break; } @@ -1204,7 +1398,8 @@ class Net_SSH2 { -- http://tools.ietf.org/html/rfc4419#section-6.2 */ $one = new Math_BigInteger(1); $keyLength = min($keyLength, $kexHash->getLength()); - $max = $one->bitwise_leftShift(16 * $keyLength)->subtract($one); // 2 * 8 * $keyLength + $max = $one->bitwise_leftShift(16 * $keyLength); // 2 * 8 * $keyLength + $max = $max->subtract($one); $x = $one->random($one, $max); $e = $g->modPow($x, $prime); @@ -1297,14 +1492,14 @@ class Net_SSH2 { switch ($encrypt) { case '3des-cbc': if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $this->encrypt = new Crypt_TripleDES(); // $this->encrypt_block_size = 64 / 8 == the default break; case '3des-ctr': if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $this->encrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); // $this->encrypt_block_size = 64 / 8 == the default @@ -1312,31 +1507,31 @@ class Net_SSH2 { case 'aes256-cbc': case 'aes192-cbc': case 'aes128-cbc': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + if (!class_exists('Crypt_Rijndael')) { + include_once 'Crypt/Rijndael.php'; } - $this->encrypt = new Crypt_AES(); + $this->encrypt = new Crypt_Rijndael(); $this->encrypt_block_size = 16; // eg. 128 / 8 break; case 'aes256-ctr': case 'aes192-ctr': case 'aes128-ctr': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + if (!class_exists('Crypt_Rijndael')) { + include_once 'Crypt/Rijndael.php'; } - $this->encrypt = new Crypt_AES(CRYPT_AES_MODE_CTR); + $this->encrypt = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CTR); $this->encrypt_block_size = 16; // eg. 128 / 8 break; case 'blowfish-cbc': if (!class_exists('Crypt_Blowfish')) { - require_once('Crypt/Blowfish.php'); + include_once 'Crypt/Blowfish.php'; } $this->encrypt = new Crypt_Blowfish(); $this->encrypt_block_size = 8; break; case 'blowfish-ctr': if (!class_exists('Crypt_Blowfish')) { - require_once('Crypt/Blowfish.php'); + include_once 'Crypt/Blowfish.php'; } $this->encrypt = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); $this->encrypt_block_size = 8; @@ -1346,7 +1541,7 @@ class Net_SSH2 { case 'twofish256-cbc': case 'twofish-cbc': if (!class_exists('Crypt_Twofish')) { - require_once('Crypt/Twofish.php'); + include_once 'Crypt/Twofish.php'; } $this->encrypt = new Crypt_Twofish(); $this->encrypt_block_size = 16; @@ -1355,7 +1550,7 @@ class Net_SSH2 { case 'twofish192-ctr': case 'twofish256-ctr': if (!class_exists('Crypt_Twofish')) { - require_once('Crypt/Twofish.php'); + include_once 'Crypt/Twofish.php'; } $this->encrypt = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); $this->encrypt_block_size = 16; @@ -1364,7 +1559,7 @@ class Net_SSH2 { case 'arcfour128': case 'arcfour256': if (!class_exists('Crypt_RC4')) { - require_once('Crypt/RC4.php'); + include_once 'Crypt/RC4.php'; } $this->encrypt = new Crypt_RC4(); break; @@ -1375,44 +1570,44 @@ class Net_SSH2 { switch ($decrypt) { case '3des-cbc': if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $this->decrypt = new Crypt_TripleDES(); break; case '3des-ctr': if (!class_exists('Crypt_TripleDES')) { - require_once('Crypt/TripleDES.php'); + include_once 'Crypt/TripleDES.php'; } $this->decrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); break; case 'aes256-cbc': case 'aes192-cbc': case 'aes128-cbc': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + if (!class_exists('Crypt_Rijndael')) { + include_once 'Crypt/Rijndael.php'; } - $this->decrypt = new Crypt_AES(); + $this->decrypt = new Crypt_Rijndael(); $this->decrypt_block_size = 16; break; case 'aes256-ctr': case 'aes192-ctr': case 'aes128-ctr': - if (!class_exists('Crypt_AES')) { - require_once('Crypt/AES.php'); + if (!class_exists('Crypt_Rijndael')) { + include_once 'Crypt/Rijndael.php'; } - $this->decrypt = new Crypt_AES(CRYPT_AES_MODE_CTR); + $this->decrypt = new Crypt_Rijndael(CRYPT_RIJNDAEL_MODE_CTR); $this->decrypt_block_size = 16; break; case 'blowfish-cbc': if (!class_exists('Crypt_Blowfish')) { - require_once('Crypt/Blowfish.php'); + include_once 'Crypt/Blowfish.php'; } $this->decrypt = new Crypt_Blowfish(); $this->decrypt_block_size = 8; break; case 'blowfish-ctr': if (!class_exists('Crypt_Blowfish')) { - require_once('Crypt/Blowfish.php'); + include_once 'Crypt/Blowfish.php'; } $this->decrypt = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); $this->decrypt_block_size = 8; @@ -1422,7 +1617,7 @@ class Net_SSH2 { case 'twofish256-cbc': case 'twofish-cbc': if (!class_exists('Crypt_Twofish')) { - require_once('Crypt/Twofish.php'); + include_once 'Crypt/Twofish.php'; } $this->decrypt = new Crypt_Twofish(); $this->decrypt_block_size = 16; @@ -1431,7 +1626,7 @@ class Net_SSH2 { case 'twofish192-ctr': case 'twofish256-ctr': if (!class_exists('Crypt_Twofish')) { - require_once('Crypt/Twofish.php'); + include_once 'Crypt/Twofish.php'; } $this->decrypt = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); $this->decrypt_block_size = 16; @@ -1440,7 +1635,7 @@ class Net_SSH2 { case 'arcfour128': case 'arcfour256': if (!class_exists('Crypt_RC4')) { - require_once('Crypt/RC4.php'); + include_once 'Crypt/RC4.php'; } $this->decrypt = new Crypt_RC4(); break; @@ -1506,6 +1701,10 @@ class Net_SSH2 { $createKeyLength = 0; // ie. $mac_algorithms[$i] == 'none' switch ($mac_algorithms[$i]) { + case 'hmac-sha2-256': + $this->hmac_create = new Crypt_Hash('sha256'); + $createKeyLength = 32; + break; case 'hmac-sha1': $this->hmac_create = new Crypt_Hash('sha1'); $createKeyLength = 20; @@ -1532,6 +1731,11 @@ class Net_SSH2 { $checkKeyLength = 0; $this->hmac_size = 0; switch ($mac_algorithms[$i]) { + case 'hmac-sha2-256': + $this->hmac_check = new Crypt_Hash('sha256'); + $checkKeyLength = 32; + $this->hmac_size = 32; + break; case 'hmac-sha1': $this->hmac_check = new Crypt_Hash('sha1'); $checkKeyLength = 20; @@ -1591,11 +1795,33 @@ class Net_SSH2 { * @param Mixed $password * @param Mixed $... * @return Boolean - * @see _login_helper + * @see _login * @access public */ function login($username) { + $args = func_get_args(); + return call_user_func_array(array(&$this, '_login'), $args); + } + + /** + * Login Helper + * + * @param String $username + * @param Mixed $password + * @param Mixed $... + * @return Boolean + * @see _login_helper + * @access private + */ + function _login($username) + { + if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) { + if (!$this->_connect()) { + return false; + } + } + $args = array_slice(func_get_args(), 1); if (empty($args)) { return $this->_login_helper($username); @@ -1621,7 +1847,7 @@ class Net_SSH2 { */ function _login_helper($username, $password = null) { - if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) { + if (!($this->bitmap & NET_SSH2_MASK_CONNECTED)) { return false; } @@ -1654,8 +1880,13 @@ class Net_SSH2 { } // although PHP5's get_class() preserves the case, PHP4's does not - if (is_object($password) && strtolower(get_class($password)) == 'crypt_rsa') { - return $this->_privatekey_login($username, $password); + if (is_object($password)) { + switch (strtolower(get_class($password))) { + case 'crypt_rsa': + return $this->_privatekey_login($username, $password); + case 'system_ssh_agent': + return $this->_ssh_agent_login($username, $password); + } } if (is_array($password)) { @@ -1699,17 +1930,18 @@ class Net_SSH2 { strlen('password'), 'password', 0, strlen($password), $password ); - if (!$this->_send_binary_packet($packet)) { - return false; - } - - // remove the username and password from the last logged packet - if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { - $packet = pack('CNa*Na*Na*CNa*', + // remove the username and password from the logged packet + if (!defined('NET_SSH2_LOGGING')) { + $logged = null; + } else { + $logged = pack('CNa*Na*Na*CNa*', NET_SSH2_MSG_USERAUTH_REQUEST, strlen('username'), 'username', strlen('ssh-connection'), 'ssh-connection', strlen('password'), 'password', 0, strlen('password'), 'password' ); - $this->message_log[count($this->message_log) - 1] = $packet; + } + + if (!$this->_send_binary_packet($packet, $logged)) { + return false; } $response = $this->_get_binary_packet(); @@ -1764,7 +1996,7 @@ class Net_SSH2 { */ function _keyboard_interactive_login($username, $password) { - $packet = pack('CNa*Na*Na*Na*Na*', + $packet = pack('CNa*Na*Na*Na*Na*', NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection', strlen('keyboard-interactive'), 'keyboard-interactive', 0, '', 0, '' ); @@ -1847,7 +2079,6 @@ class Net_SSH2 { if (!count($responses) && $num_prompts) { $this->last_interactive_response = $orig; - $this->bitmap |= NET_SSH_MASK_LOGIN_INTERACTIVE; return false; } @@ -1862,17 +2093,16 @@ class Net_SSH2 { $logged.= pack('Na*', strlen('dummy-answer'), 'dummy-answer'); } - if (!$this->_send_binary_packet($packet)) { + if (!$this->_send_binary_packet($packet, $logged)) { return false; } - if (defined('NET_SSH2_LOGGING')) { + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { $this->message_number_log[count($this->message_number_log) - 1] = str_replace( 'UNKNOWN', 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE', $this->message_number_log[count($this->message_number_log) - 1] ); - $this->message_log[count($this->message_log) - 1] = $logged; } /* @@ -1892,6 +2122,26 @@ class Net_SSH2 { return false; } + /** + * Login with an ssh-agent provided key + * + * @param String $username + * @param System_SSH_Agent $agent + * @return Boolean + * @access private + */ + function _ssh_agent_login($username, $agent) + { + $keys = $agent->requestIdentities(); + foreach ($keys as $key) { + if ($this->_privatekey_login($username, $key)) { + return true; + } + } + + return false; + } + /** * Login with an RSA private key * @@ -1945,7 +2195,7 @@ class Net_SSH2 { case NET_SSH2_MSG_USERAUTH_PK_OK: // we'll just take it on faith that the public key blob and the public key algorithm name are as // they should be - if (defined('NET_SSH2_LOGGING')) { + if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) { $this->message_number_log[count($this->message_number_log) - 1] = str_replace( 'UNKNOWN', 'NET_SSH2_MSG_USERAUTH_PK_OK', @@ -2000,7 +2250,7 @@ class Net_SSH2 { /** * Get the output from stdError - * + * * @access public */ function getStdError() @@ -2015,11 +2265,11 @@ class Net_SSH2 { * In all likelihood, this is not a feature you want to be taking advantage of. * * @param String $command - * @param optional Boolean $block + * @param optional Callback $callback * @return String * @access public */ - function exec($command, $callback = NULL) + function exec($command, $callback = null) { $this->curTimeout = $this->timeout; $this->is_timeout = false; @@ -2030,10 +2280,10 @@ class Net_SSH2 { } // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to - // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, + // be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but, // honestly, if you're transfering more than 2GB, you probably shouldn't be using phpseclib, anyway. // see http://tools.ietf.org/html/rfc4254#section-5.2 for more info - $this->window_size_server_to_client[NET_SSH2_CHANNEL_EXEC] = 0x7FFFFFFF; + $this->window_size_server_to_client[NET_SSH2_CHANNEL_EXEC] = $this->window_size; // 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy // uses 0x4000, that's what will be used here, as well. $packet_size = 0x4000; @@ -2056,7 +2306,7 @@ class Net_SSH2 { $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); $packet = pack('CNNa*CNa*N5a*', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_EXEC], strlen('pty-req'), 'pty-req', 1, strlen('vt100'), 'vt100', - 80, 24, 0, 0, strlen($terminal_modes), $terminal_modes); + $this->windowColumns, $this->windowRows, 0, 0, strlen($terminal_modes), $terminal_modes); if (!$this->_send_binary_packet($packet)) { return false; @@ -2087,7 +2337,7 @@ class Net_SSH2 { // neither will your script. // although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by - // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the + // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the // "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates. $packet = pack('CNNa*CNa*', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_EXEC], strlen('exec'), 'exec', 1, strlen($command), $command); @@ -2118,7 +2368,10 @@ class Net_SSH2 { return false; default: if (is_callable($callback)) { - $callback($temp); + if (call_user_func($callback, $temp) === true) { + $this->_close_channel(NET_SSH2_CHANNEL_EXEC); + return true; + } } else { $output.= $temp; } @@ -2140,7 +2393,7 @@ class Net_SSH2 { return true; } - $this->window_size_server_to_client[NET_SSH2_CHANNEL_SHELL] = 0x7FFFFFFF; + $this->window_size_server_to_client[NET_SSH2_CHANNEL_SHELL] = $this->window_size; $packet_size = 0x4000; $packet = pack('CNa*N3', @@ -2160,7 +2413,7 @@ class Net_SSH2 { $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); $packet = pack('CNNa*CNa*N5a*', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SHELL], strlen('pty-req'), 'pty-req', 1, strlen('vt100'), 'vt100', - 80, 24, 0, 0, strlen($terminal_modes), $terminal_modes); + $this->windowColumns, $this->windowRows, 0, 0, strlen($terminal_modes), $terminal_modes); if (!$this->_send_binary_packet($packet)) { return false; @@ -2176,8 +2429,9 @@ class Net_SSH2 { switch ($type) { case NET_SSH2_MSG_CHANNEL_SUCCESS: - break; + // if a pty can't be opened maybe commands can still be executed case NET_SSH2_MSG_CHANNEL_FAILURE: + break; default: user_error('Unable to request pseudo-terminal'); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); @@ -2203,13 +2457,33 @@ class Net_SSH2 { return true; } + /** + * Return the channel to be used with read() / write() + * + * @see Net_SSH2::read() + * @see Net_SSH2::write() + * @return Integer + * @access public + */ + function _get_interactive_channel() + { + switch (true) { + case $this->in_subsystem: + return NET_SSH2_CHANNEL_SUBSYSTEM; + case $this->in_request_pty_exec: + return NET_SSH2_CHANNEL_EXEC; + default: + return NET_SSH2_CHANNEL_SHELL; + } + } + /** * Returns the output of an interactive shell * * Returns when there's a match for $expect, which can take the form of a string literal or, * if $mode == NET_SSH2_READ_REGEX, a regular expression. * - * @see Net_SSH2::read() + * @see Net_SSH2::write() * @param String $expect * @param Integer $mode * @return String @@ -2230,7 +2504,7 @@ class Net_SSH2 { return false; } - $channel = $this->in_request_pty_exec ? NET_SSH2_CHANNEL_EXEC : NET_SSH2_CHANNEL_SHELL; + $channel = $this->_get_interactive_channel(); $match = $expect; while (true) { @@ -2255,7 +2529,7 @@ class Net_SSH2 { /** * Inputs a command into an interactive shell. * - * @see Net_SSH1::interactiveWrite() + * @see Net_SSH2::read() * @param String $cmd * @return Boolean * @access public @@ -2272,8 +2546,75 @@ class Net_SSH2 { return false; } - $channel = $this->in_request_pty_exec ? NET_SSH2_CHANNEL_EXEC : NET_SSH2_CHANNEL_SHELL; - return $this->_send_channel_packet($channel, $cmd); + return $this->_send_channel_packet($this->_get_interactive_channel(), $cmd); + } + + /** + * Start a subsystem. + * + * Right now only one subsystem at a time is supported. To support multiple subsystem's stopSubsystem() could accept + * a string that contained the name of the subsystem, but at that point, only one subsystem of each type could be opened. + * To support multiple subsystem's of the same name maybe it'd be best if startSubsystem() generated a new channel id and + * returns that and then that that was passed into stopSubsystem() but that'll be saved for a future date and implemented + * if there's sufficient demand for such a feature. + * + * @see Net_SSH2::stopSubsystem() + * @param String $subsystem + * @return Boolean + * @access public + */ + function startSubsystem($subsystem) + { + $this->window_size_server_to_client[NET_SSH2_CHANNEL_SUBSYSTEM] = $this->window_size; + + $packet = pack('CNa*N3', + NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_SUBSYSTEM, $this->window_size, 0x4000); + + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[NET_SSH2_CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_OPEN; + + $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SUBSYSTEM); + if ($response === false) { + return false; + } + + $packet = pack('CNNa*CNa*', + NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SUBSYSTEM], strlen('subsystem'), 'subsystem', 1, strlen($subsystem), $subsystem); + if (!$this->_send_binary_packet($packet)) { + return false; + } + + $this->channel_status[NET_SSH2_CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; + + $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SUBSYSTEM); + + if ($response === false) { + return false; + } + + $this->channel_status[NET_SSH2_CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_DATA; + + $this->bitmap |= NET_SSH2_MASK_SHELL; + $this->in_subsystem = true; + + return true; + } + + /** + * Stops a subsystem. + * + * @see Net_SSH2::startSubsystem() + * @return Boolean + * @access public + */ + function stopSubsystem() + { + $this->in_subsystem = false; + $this->_close_channel(NET_SSH2_CHANNEL_SUBSYSTEM); + return true; } /** @@ -2285,8 +2626,7 @@ class Net_SSH2 { */ function reset() { - $channel = $this->in_request_pty_exec ? NET_SSH2_CHANNEL_EXEC : NET_SSH2_CHANNEL_SHELL; - $this->_close_channel($channel); + $this->_close_channel($this->_get_interactive_channel()); } /** @@ -2330,11 +2670,12 @@ class Net_SSH2 { /** * Is the connection still active? * + * @return boolean * @access public */ function isConnected() { - return $this->bitmap & NET_SSH2_MASK_LOGIN; + return (bool) ($this->bitmap & NET_SSH2_MASK_CONNECTED); } /** @@ -2350,7 +2691,7 @@ class Net_SSH2 { { if (!is_resource($this->fsock) || feof($this->fsock)) { user_error('Connection closed prematurely'); - $this->bitmask = 0; + $this->bitmap = 0; return false; } @@ -2384,6 +2725,11 @@ class Net_SSH2 { $buffer = ''; while ($remaining_length > 0) { $temp = fread($this->fsock, $remaining_length); + if ($temp === false || feof($this->fsock)) { + user_error('Error reading from socket'); + $this->bitmap = 0; + return false; + } $buffer.= $temp; $remaining_length-= strlen($temp); } @@ -2397,7 +2743,11 @@ class Net_SSH2 { if ($this->hmac_check !== false) { $hmac = fread($this->fsock, $this->hmac_size); - if ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) { + if ($hmac === false || strlen($hmac) != $this->hmac_size) { + user_error('Error reading socket'); + $this->bitmap = 0; + return false; + } elseif ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) { user_error('Invalid HMAC'); return false; } @@ -2437,7 +2787,7 @@ class Net_SSH2 { $this->_string_shift($payload, 1); extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8))); $this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length)); - $this->bitmask = 0; + $this->bitmap = 0; return false; case NET_SSH2_MSG_IGNORE: $payload = $this->_get_binary_packet(); @@ -2453,7 +2803,7 @@ class Net_SSH2 { case NET_SSH2_MSG_KEXINIT: if ($this->session_id !== false) { if (!$this->_key_exchange($payload)) { - $this->bitmask = 0; + $this->bitmap = 0; return false; } $payload = $this->_get_binary_packet(); @@ -2461,7 +2811,7 @@ class Net_SSH2 { } // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in - if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { + if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { $this->_string_shift($payload, 1); extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->banner_message = utf8_decode($this->_string_shift($payload, $length)); @@ -2469,7 +2819,7 @@ class Net_SSH2 { } // only called when we've already logged in - if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) { + if (($this->bitmap & NET_SSH2_MASK_CONNECTED) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) { switch (ord($payload[0])) { case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 $this->_string_shift($payload, 1); @@ -2484,7 +2834,7 @@ class Net_SSH2 { break; case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 $this->_string_shift($payload, 1); - extract(unpack('N', $this->_string_shift($payload, 4))); + extract(unpack('Nlength', $this->_string_shift($payload, 4))); $this->errors[] = 'SSH_MSG_CHANNEL_OPEN: ' . utf8_decode($this->_string_shift($payload, $length)); $this->_string_shift($payload, 4); // skip over client channel @@ -2500,7 +2850,12 @@ class Net_SSH2 { $payload = $this->_get_binary_packet(); break; case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: - $payload = $this->_get_binary_packet(); + $this->_string_shift($payload, 1); + extract(unpack('Nchannel', $this->_string_shift($payload, 4))); + extract(unpack('Nwindow_size', $this->_string_shift($payload, 4))); + $this->window_size_client_to_server[$channel]+= $window_size; + + $payload = ($this->bitmap & NET_SSH2_MASK_WINDOW_ADJUST) ? true : $this->_get_binary_packet(); } } @@ -2531,6 +2886,20 @@ class Net_SSH2 { $this->quiet_mode = false; } + /** + * Returns whether Quiet Mode is enabled or not + * + * @see Net_SSH2::enableQuietMode() + * @see Net_SSH2::disableQuietMode() + * + * @access public + * @return boolean + */ + function isQuietModeEnabled() + { + return $this->quiet_mode; + } + /** * Enable request-pty when using exec() * @@ -2551,6 +2920,20 @@ class Net_SSH2 { $this->request_pty = false; } + /** + * Returns whether request-pty is enabled or not + * + * @see Net_SSH2::enablePTY() + * @see Net_SSH2::disablePTY() + * + * @access public + * @return boolean + */ + function isPTYEnabled() + { + return $this->request_pty; + } + /** * Gets channel data * @@ -2574,7 +2957,7 @@ class Net_SSH2 { } $read = array($this->fsock); - $write = $except = NULL; + $write = $except = null; $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838 $sec = floor($this->curTimeout); @@ -2593,29 +2976,34 @@ class Net_SSH2 { user_error('Connection closed by server'); return false; } + if ($client_channel == -1 && $response === true) { + return true; + } if (!strlen($response)) { return ''; } + extract(unpack('Ctype/Nchannel', $this->_string_shift($response, 5))); + + $this->window_size_server_to_client[$channel]-= strlen($response); + // resize the window, if appropriate - $this->window_size_server_to_client[$client_channel]-= strlen($response); - if ($this->window_size_server_to_client[$client_channel] < 0) { - $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$client_channel], $this->window_size); + if ($this->window_size_server_to_client[$channel] < 0) { + $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$channel], $this->window_size); if (!$this->_send_binary_packet($packet)) { return false; } - $this->window_size_server_to_client[$client_channel]+= $this->window_size; + $this->window_size_server_to_client[$channel]+= $this->window_size; } - extract(unpack('Ctype/Nchannel', $this->_string_shift($response, 5))); - switch ($this->channel_status[$channel]) { case NET_SSH2_MSG_CHANNEL_OPEN: switch ($type) { case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: extract(unpack('Nserver_channel', $this->_string_shift($response, 4))); $this->server_channels[$channel] = $server_channel; - $this->_string_shift($response, 4); // skip over (server) window size + extract(unpack('Nwindow_size', $this->_string_shift($response, 4))); + $this->window_size_client_to_server[$channel] = $window_size; $temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4)); $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server']; return $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended); @@ -2639,15 +3027,17 @@ class Net_SSH2 { return $type == NET_SSH2_MSG_CHANNEL_CLOSE ? true : $this->_get_channel_packet($client_channel, $skip_extended); } + // ie. $this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_DATA + switch ($type) { case NET_SSH2_MSG_CHANNEL_DATA: /* - if ($client_channel == NET_SSH2_CHANNEL_EXEC) { + if ($channel == NET_SSH2_CHANNEL_EXEC) { // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server - // this actually seems to make things twice as fast. more to the point, the message right after + // this actually seems to make things twice as fast. more to the point, the message right after // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise. // in OpenSSH it slows things down but only by a couple thousandths of a second. - $this->_send_channel_packet($client_channel, chr(0)); + $this->_send_channel_packet($channel, chr(0)); } */ extract(unpack('Nlength', $this->_string_shift($response, 4))); @@ -2655,10 +3045,10 @@ class Net_SSH2 { if ($client_channel == $channel) { return $data; } - if (!isset($this->channel_buffers[$client_channel])) { - $this->channel_buffers[$client_channel] = array(); + if (!isset($this->channel_buffers[$channel])) { + $this->channel_buffers[$channel] = array(); } - $this->channel_buffers[$client_channel][] = $data; + $this->channel_buffers[$channel][] = $data; break; case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: /* @@ -2669,17 +3059,17 @@ class Net_SSH2 { // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8))); $data = $this->_string_shift($response, $length); - $this->stdErrorLog .= $data; + $this->stdErrorLog.= $data; if ($skip_extended || $this->quiet_mode) { break; } if ($client_channel == $channel) { return $data; } - if (!isset($this->channel_buffers[$client_channel])) { - $this->channel_buffers[$client_channel] = array(); + if (!isset($this->channel_buffers[$channel])) { + $this->channel_buffers[$channel] = array(); } - $this->channel_buffers[$client_channel][] = $data; + $this->channel_buffers[$channel][] = $data; break; case NET_SSH2_MSG_CHANNEL_REQUEST: extract(unpack('Nlength', $this->_string_shift($response, 4))); @@ -2694,15 +3084,21 @@ class Net_SSH2 { if ($length) { $this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length); } - case 'exit-status': - extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5))); - $this->exit_status = $exit_status; - // "The channel needs to be closed with SSH_MSG_CHANNEL_CLOSE after this message." - // -- http://tools.ietf.org/html/rfc4254#section-6.10 + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; + + break; + case 'exit-status': + extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5))); + $this->exit_status = $exit_status; + + // "The client MAY ignore these messages." + // -- http://tools.ietf.org/html/rfc4254#section-6.10 + + break; default: // "Some systems may not implement signals, in which case they SHOULD ignore this message." // -- http://tools.ietf.org/html/rfc4254#section-6.9 @@ -2736,15 +3132,16 @@ class Net_SSH2 { * See '6. Binary Packet Protocol' of rfc4253 for more info. * * @param String $data + * @param optional String $logged * @see Net_SSH2::_get_binary_packet() * @return Boolean * @access private */ - function _send_binary_packet($data) + function _send_binary_packet($data, $logged = null) { if (!is_resource($this->fsock) || feof($this->fsock)) { user_error('Connection closed prematurely'); - $this->bitmask = 0; + $this->bitmap = 0; return false; } @@ -2783,7 +3180,7 @@ class Net_SSH2 { $message_number = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN (' . ord($data[0]) . ')'; $message_number = '-> ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; - $this->_append_log($message_number, $data); + $this->_append_log($message_number, isset($logged) ? $logged : $data); $this->last_packet = $current; } @@ -2800,58 +3197,70 @@ class Net_SSH2 { */ function _append_log($message_number, $message) { - switch (NET_SSH2_LOGGING) { - // useful for benchmarks - case NET_SSH2_LOG_SIMPLE: - $this->message_number_log[] = $message_number; - break; - // the most useful log for SSH2 - case NET_SSH2_LOG_COMPLEX: - $this->message_number_log[] = $message_number; - $this->_string_shift($message); - $this->log_size+= strlen($message); - $this->message_log[] = $message; - while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) { - $this->log_size-= strlen(array_shift($this->message_log)); - array_shift($this->message_number_log); - } - break; - // dump the output out realtime; packets may be interspersed with non packets, - // passwords won't be filtered out and select other packets may not be correctly - // identified - case NET_SSH2_LOG_REALTIME: - echo "
\r\n" . $this->_format_log(array($message), array($message_number)) . "\r\n
\r\n"; - @flush(); - @ob_flush(); - break; - // basically the same thing as NET_SSH2_LOG_REALTIME with the caveat that NET_SSH2_LOG_REALTIME_FILE - // needs to be defined and that the resultant log file will be capped out at NET_SSH2_LOG_MAX_SIZE. - // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily - // at the beginning of the file - case NET_SSH2_LOG_REALTIME_FILE: - if (!isset($this->realtime_log_file)) { - // PHP doesn't seem to like using constants in fopen() - $filename = NET_SSH2_LOG_REALTIME_FILENAME; - $fp = fopen($filename, 'w'); - $this->realtime_log_file = $fp; - } - if (!is_resource($this->realtime_log_file)) { + // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) + if (strlen($message_number) > 2) { + $this->_string_shift($message); + } + + switch (NET_SSH2_LOGGING) { + // useful for benchmarks + case NET_SSH2_LOG_SIMPLE: + $this->message_number_log[] = $message_number; + break; + // the most useful log for SSH2 + case NET_SSH2_LOG_COMPLEX: + $this->message_number_log[] = $message_number; + $this->log_size+= strlen($message); + $this->message_log[] = $message; + while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) { + $this->log_size-= strlen(array_shift($this->message_log)); + array_shift($this->message_number_log); + } + break; + // dump the output out realtime; packets may be interspersed with non packets, + // passwords won't be filtered out and select other packets may not be correctly + // identified + case NET_SSH2_LOG_REALTIME: + switch (PHP_SAPI) { + case 'cli': + $start = $stop = "\r\n"; break; - } - $entry = $this->_format_log(array($message), array($message_number)); - if ($this->realtime_log_wrap) { - $temp = "<<< START >>>\r\n"; - $entry.= $temp; - fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); - } - $this->realtime_log_size+= strlen($entry); - if ($this->realtime_log_size > NET_SSH2_LOG_MAX_SIZE) { - fseek($this->realtime_log_file, 0); - $this->realtime_log_size = strlen($entry); - $this->realtime_log_wrap = true; - } - fputs($this->realtime_log_file, $entry); - } + default: + $start = '
';
+                        $stop = '
'; + } + echo $start . $this->_format_log(array($message), array($message_number)) . $stop; + @flush(); + @ob_flush(); + break; + // basically the same thing as NET_SSH2_LOG_REALTIME with the caveat that NET_SSH2_LOG_REALTIME_FILE + // needs to be defined and that the resultant log file will be capped out at NET_SSH2_LOG_MAX_SIZE. + // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily + // at the beginning of the file + case NET_SSH2_LOG_REALTIME_FILE: + if (!isset($this->realtime_log_file)) { + // PHP doesn't seem to like using constants in fopen() + $filename = NET_SSH2_LOG_REALTIME_FILENAME; + $fp = fopen($filename, 'w'); + $this->realtime_log_file = $fp; + } + if (!is_resource($this->realtime_log_file)) { + break; + } + $entry = $this->_format_log(array($message), array($message_number)); + if ($this->realtime_log_wrap) { + $temp = "<<< START >>>\r\n"; + $entry.= $temp; + fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp)); + } + $this->realtime_log_size+= strlen($entry); + if ($this->realtime_log_size > NET_SSH2_LOG_MAX_SIZE) { + fseek($this->realtime_log_file, 0); + $this->realtime_log_size = strlen($entry); + $this->realtime_log_wrap = true; + } + fputs($this->realtime_log_file, $entry); + } } /** @@ -2866,19 +3275,50 @@ class Net_SSH2 { */ function _send_channel_packet($client_channel, $data) { - while (strlen($data) > $this->packet_size_client_to_server[$client_channel]) { + /* The maximum amount of data allowed is determined by the maximum + packet size for the channel, and the current window size, whichever + is smaller. + + -- http://tools.ietf.org/html/rfc4254#section-5.2 */ + $max_size = min( + $this->packet_size_client_to_server[$client_channel], + $this->window_size_client_to_server[$client_channel] + ); + while (strlen($data) > $max_size) { + if (!$this->window_size_client_to_server[$client_channel]) { + $this->bitmap^= NET_SSH2_MASK_WINDOW_ADJUST; + // using an invalid channel will let the buffers be built up for the valid channels + $output = $this->_get_channel_packet(-1); + $this->bitmap^= NET_SSH2_MASK_WINDOW_ADJUST; + $max_size = min( + $this->packet_size_client_to_server[$client_channel], + $this->window_size_client_to_server[$client_channel] + ); + } + + $temp = $this->_string_shift($data, $max_size); $packet = pack('CN2a*', NET_SSH2_MSG_CHANNEL_DATA, $this->server_channels[$client_channel], - $this->packet_size_client_to_server[$client_channel], - $this->_string_shift($data, $this->packet_size_client_to_server[$client_channel]) + strlen($temp), + $temp ); + $this->window_size_client_to_server[$client_channel]-= strlen($temp); + if (!$this->_send_binary_packet($packet)) { return false; } } + if (strlen($data) >= $this->window_size_client_to_server[$client_channel]) { + $this->bitmap^= NET_SSH2_MASK_WINDOW_ADJUST; + $this->_get_channel_packet(-1); + $this->bitmap^= NET_SSH2_MASK_WINDOW_ADJUST; + } + + $this->window_size_client_to_server[$client_channel]-= strlen($data); + return $this->_send_binary_packet(pack('CN2a*', NET_SSH2_MSG_CHANNEL_DATA, $this->server_channels[$client_channel], @@ -2894,16 +3334,19 @@ class Net_SSH2 { * for SCP more than anything. * * @param Integer $client_channel + * @param Boolean $want_reply * @return Boolean * @access private */ - function _close_channel($client_channel) + function _close_channel($client_channel, $want_reply = false) { // see http://tools.ietf.org/html/rfc4254#section-5.3 $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); - $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + if (!$want_reply) { + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + } $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; @@ -2911,6 +3354,10 @@ class Net_SSH2 { while (!is_bool($this->_get_channel_packet($client_channel))); + if ($want_reply) { + $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + } + if ($this->bitmap & NET_SSH2_MASK_SHELL) { $this->bitmap&= ~NET_SSH2_MASK_SHELL; } @@ -3011,8 +3458,6 @@ class Net_SSH2 { */ function _format_log($message_log, $message_number_log) { - static $boundary = ':', $long_width = 65, $short_width = 16; - $output = ''; for ($i = 0; $i < count($message_log); $i++) { $output.= $message_number_log[$i] . "\r\n"; @@ -3022,19 +3467,13 @@ class Net_SSH2 { if (strlen($current_log)) { $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; } - $fragment = $this->_string_shift($current_log, $short_width); - $hex = substr( - preg_replace( - '#(.)#es', - '"' . $boundary . '" . str_pad(dechex(ord(substr("\\1", -1))), 2, "0", STR_PAD_LEFT)', - $fragment), - strlen($boundary) - ); + $fragment = $this->_string_shift($current_log, $this->log_short_width); + $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); // replace non ASCII printable characters with dots // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // also replace < with a . since < messes up the output on web browsers $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment); - $output.= str_pad($hex, $long_width - $short_width, ' ') . $raw . "\r\n"; + $output.= str_pad($hex, $this->log_long_width - $this->log_short_width, ' ') . $raw . "\r\n"; $j++; } while (strlen($current_log)); $output.= "\r\n"; @@ -3043,6 +3482,20 @@ class Net_SSH2 { return $output; } + /** + * Helper function for _format_log + * + * For use with preg_replace_callback() + * + * @param Array $matches + * @access private + * @return String + */ + function _format_log_helper($matches) + { + return $this->log_boundary . str_pad(dechex(ord($matches[0])), 2, '0', STR_PAD_LEFT); + } + /** * Returns all errors * @@ -3073,6 +3526,8 @@ class Net_SSH2 { */ function getServerIdentification() { + $this->_connect(); + return $this->server_identifier; } @@ -3084,6 +3539,8 @@ class Net_SSH2 { */ function getKexAlgorithms() { + $this->_connect(); + return $this->kex_algorithms; } @@ -3095,6 +3552,8 @@ class Net_SSH2 { */ function getServerHostKeyAlgorithms() { + $this->_connect(); + return $this->server_host_key_algorithms; } @@ -3106,6 +3565,8 @@ class Net_SSH2 { */ function getEncryptionAlgorithmsClient2Server() { + $this->_connect(); + return $this->encryption_algorithms_client_to_server; } @@ -3117,6 +3578,8 @@ class Net_SSH2 { */ function getEncryptionAlgorithmsServer2Client() { + $this->_connect(); + return $this->encryption_algorithms_server_to_client; } @@ -3128,6 +3591,8 @@ class Net_SSH2 { */ function getMACAlgorithmsClient2Server() { + $this->_connect(); + return $this->mac_algorithms_client_to_server; } @@ -3139,6 +3604,8 @@ class Net_SSH2 { */ function getMACAlgorithmsServer2Client() { + $this->_connect(); + return $this->mac_algorithms_server_to_client; } @@ -3150,6 +3617,8 @@ class Net_SSH2 { */ function getCompressionAlgorithmsClient2Server() { + $this->_connect(); + return $this->compression_algorithms_client_to_server; } @@ -3161,6 +3630,8 @@ class Net_SSH2 { */ function getCompressionAlgorithmsServer2Client() { + $this->_connect(); + return $this->compression_algorithms_server_to_client; } @@ -3172,6 +3643,8 @@ class Net_SSH2 { */ function getLanguagesServer2Client() { + $this->_connect(); + return $this->languages_server_to_client; } @@ -3183,6 +3656,8 @@ class Net_SSH2 { */ function getLanguagesClient2Server() { + $this->_connect(); + return $this->languages_client_to_server; } @@ -3211,6 +3686,12 @@ class Net_SSH2 { */ function getServerPublicHostKey() { + if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) { + if (!$this->_connect()) { + return false; + } + } + $signature = $this->signature; $server_public_host_key = $this->server_public_host_key; @@ -3227,6 +3708,8 @@ class Net_SSH2 { switch ($this->signature_format) { case 'ssh-dss': + $zero = new Math_BigInteger(); + $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $p = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); @@ -3251,9 +3734,13 @@ class Net_SSH2 { $r = new Math_BigInteger($this->_string_shift($signature, 20), 256); $s = new Math_BigInteger($this->_string_shift($signature, 20), 256); - if ($r->compare($q) >= 0 || $s->compare($q) >= 0) { - user_error('Invalid signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + switch (true) { + case $r->equals($zero): + case $r->compare($q) >= 0: + case $s->equals($zero): + case $s->compare($q) >= 0: + user_error('Invalid signature'); + return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); } $w = $s->modInverse($q); @@ -3290,7 +3777,7 @@ class Net_SSH2 { $signature = $this->_string_shift($signature, $temp['length']); if (!class_exists('Crypt_RSA')) { - require_once('Crypt/RSA.php'); + include_once 'Crypt/RSA.php'; } $rsa = new Crypt_RSA(); @@ -3348,4 +3835,61 @@ class Net_SSH2 { } return $this->exit_status; } + + /** + * Returns the number of columns for the terminal window size. + * + * @return Integer + * @access public + */ + function getWindowColumns() + { + return $this->windowColumns; + } + + /** + * Returns the number of rows for the terminal window size. + * + * @return Integer + * @access public + */ + function getWindowRows() + { + return $this->windowRows; + } + + /** + * Sets the number of columns for the terminal window size. + * + * @param Integer $value + * @access public + */ + function setWindowColumns($value) + { + $this->windowColumns = $value; + } + + /** + * Sets the number of rows for the terminal window size. + * + * @param Integer $value + * @access public + */ + function setWindowRows($value) + { + $this->windowRows = $value; + } + + /** + * Sets the number of columns and rows for the terminal window size. + * + * @param Integer $columns + * @param Integer $rows + * @access public + */ + function setWindowSize($columns = 80, $rows = 24) + { + $this->windowColumns = $columns; + $this->windowRows = $rows; + } } diff --git a/System/SSH/Agent.php b/System/SSH/Agent.php new file mode 100755 index 0000000..ead905f --- /dev/null +++ b/System/SSH/Agent.php @@ -0,0 +1,313 @@ + + * login('username', $agent)) { + * exit('Login Failed'); + * } + * + * echo $ssh->exec('pwd'); + * echo $ssh->exec('ls -la'); + * ?> + * + * + * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN + * THE SOFTWARE. + * + * @category System + * @package System_SSH_Agent + * @author Jim Wigginton + * @copyright MMXIV Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + * @internal See http://api.libssh.org/rfc/PROTOCOL.agent + */ + +/**#@+ + * Message numbers + * + * @access private + */ +// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) +define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11); +// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). +define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12); +define('SYSTEM_SSH_AGENT_FAILURE', 5); +// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) +define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13); +// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) +define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14); +/**#@-*/ + +/** + * Pure-PHP ssh-agent client identity object + * + * Instantiation should only be performed by System_SSH_Agent class. + * This could be thought of as implementing an interface that Crypt_RSA + * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. + * The methods in this interface would be getPublicKey, setSignatureMode + * and sign since those are the methods phpseclib looks for to perform + * public key authentication. + * + * @package System_SSH_Agent + * @author Jim Wigginton + * @access internal + */ +class System_SSH_Agent_Identity +{ + /** + * Key Object + * + * @var Crypt_RSA + * @access private + * @see System_SSH_Agent_Identity::getPublicKey() + */ + var $key; + + /** + * Key Blob + * + * @var String + * @access private + * @see System_SSH_Agent_Identity::sign() + */ + var $key_blob; + + /** + * Socket Resource + * + * @var Resource + * @access private + * @see System_SSH_Agent_Identity::sign() + */ + var $fsock; + + /** + * Default Constructor. + * + * @param Resource $fsock + * @return System_SSH_Agent_Identity + * @access private + */ + function System_SSH_Agent_Identity($fsock) + { + $this->fsock = $fsock; + } + + /** + * Set Public Key + * + * Called by System_SSH_Agent::requestIdentities() + * + * @param Crypt_RSA $key + * @access private + */ + function setPublicKey($key) + { + $this->key = $key; + $this->key->setPublicKey(); + } + + /** + * Set Public Key + * + * Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key + * but this saves a small amount of computation. + * + * @param String $key_blob + * @access private + */ + function setPublicKeyBlob($key_blob) + { + $this->key_blob = $key_blob; + } + + /** + * Get Public Key + * + * Wrapper for $this->key->getPublicKey() + * + * @param Integer $format optional + * @return Mixed + * @access public + */ + function getPublicKey($format = null) + { + return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format); + } + + /** + * Set Signature Mode + * + * Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie. + * ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1 + * + * @param Integer $mode + * @access public + */ + function setSignatureMode($mode) + { + } + + /** + * Create a signature + * + * See "2.6.2 Protocol 2 private key signature request" + * + * @param String $message + * @return String + * @access public + */ + function sign($message) + { + // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE + $packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); + $packet = pack('Na*', strlen($packet), $packet); + if (strlen($packet) != fputs($this->fsock, $packet)) { + user_error('Connection closed during signing'); + } + + $length = current(unpack('N', fread($this->fsock, 4))); + $type = ord(fread($this->fsock, 1)); + if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { + user_error('Unable to retreive signature'); + } + + $signature_blob = fread($this->fsock, $length - 1); + // the only other signature format defined - ssh-dss - is the same length as ssh-rsa + // the + 12 is for the other various SSH added length fields + return substr($signature_blob, strlen('ssh-rsa') + 12); + } +} + +/** + * Pure-PHP ssh-agent client identity factory + * + * requestIdentities() method pumps out System_SSH_Agent_Identity objects + * + * @package System_SSH_Agent + * @author Jim Wigginton + * @access internal + */ +class System_SSH_Agent +{ + /** + * Socket Resource + * + * @var Resource + * @access private + */ + var $fsock; + + /** + * Default Constructor + * + * @return System_SSH_Agent + * @access public + */ + function System_SSH_Agent() + { + switch (true) { + case isset($_SERVER['SSH_AUTH_SOCK']): + $address = $_SERVER['SSH_AUTH_SOCK']; + break; + case isset($_ENV['SSH_AUTH_SOCK']): + $address = $_ENV['SSH_AUTH_SOCK']; + break; + default: + user_error('SSH_AUTH_SOCK not found'); + return false; + } + + $this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); + if (!$this->fsock) { + user_error("Unable to connect to ssh-agent (Error $errno: $errstr)"); + } + } + + /** + * Request Identities + * + * See "2.5.2 Requesting a list of protocol 2 keys" + * Returns an array containing zero or more System_SSH_Agent_Identity objects + * + * @return Array + * @access public + */ + function requestIdentities() + { + if (!$this->fsock) { + return array(); + } + + $packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES); + if (strlen($packet) != fputs($this->fsock, $packet)) { + user_error('Connection closed while requesting identities'); + } + + $length = current(unpack('N', fread($this->fsock, 4))); + $type = ord(fread($this->fsock, 1)); + if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) { + user_error('Unable to request identities'); + } + + $identities = array(); + $keyCount = current(unpack('N', fread($this->fsock, 4))); + for ($i = 0; $i < $keyCount; $i++) { + $length = current(unpack('N', fread($this->fsock, 4))); + $key_blob = fread($this->fsock, $length); + $length = current(unpack('N', fread($this->fsock, 4))); + $key_comment = fread($this->fsock, $length); + $length = current(unpack('N', substr($key_blob, 0, 4))); + $key_type = substr($key_blob, 4, $length); + switch ($key_type) { + case 'ssh-rsa': + if (!class_exists('Crypt_RSA')) { + include_once 'Crypt/RSA.php'; + } + $key = new Crypt_RSA(); + $key->loadKey('ssh-rsa ' . base64_encode($key_blob) . ' ' . $key_comment); + break; + case 'ssh-dss': + // not currently supported + break; + } + // resources are passed by reference by default + if (isset($key)) { + $identity = new System_SSH_Agent_Identity($this->fsock); + $identity->setPublicKey($key); + $identity->setPublicKeyBlob($key_blob); + $identities[] = $identity; + unset($key); + } + } + + return $identities; + } +} diff --git a/System/SSH_Agent.php b/System/SSH_Agent.php new file mode 100755 index 0000000..0a00165 --- /dev/null +++ b/System/SSH_Agent.php @@ -0,0 +1,39 @@ + + * @copyright MMXIV Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + * @internal See http://api.libssh.org/rfc/PROTOCOL.agent + */ + +require_once 'SSH/Agent.php'; diff --git a/openssl.cnf b/openssl.cnf index c133710..58a1261 100755 --- a/openssl.cnf +++ b/openssl.cnf @@ -3,4 +3,4 @@ HOME = . RANDFILE = $ENV::HOME/.rnd -[ v3_ca ] \ No newline at end of file +[ v3_ca ]