+PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear.htm)
## Documentation
* [Documentation / Manual](http://phpseclib.sourceforge.net/)
-* [API Documentation](https://api.phpseclib.org/2.0/) (generated by Sami)
-
-## Branches
-
-### master
-
-* Development Branch
-* Unstable API
-* Do not use in production
-
-### 2.0
-
-* Long term support (LTS) release
-* Modernized version of 1.0
-* Minimum PHP version: 5.3.3
-* PSR-4 autoloading with namespace rooted at `\phpseclib`
-* Install via Composer: `composer require phpseclib/phpseclib ~2.0`
-
-### 1.0
-
-* Long term support (LTS) release
-* PHP4 compatible
-* Composer compatible (PSR-0 autoloading)
-* Install using Composer: `composer require phpseclib/phpseclib ~1.0`
-* Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm)
-* [Download 1.0.16 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.16.zip/download)
+* [API Documentation](http://phpseclib.bantux.org/api/master/) (generated by Sami)
## Support
@@ -47,29 +26,40 @@ Need Support?
* [Create a Support Ticket on GitHub](https://github.com/phpseclib/phpseclib/issues/new)
* [Browse the Support Forum](http://www.frostjedi.com/phpbb/viewforum.php?f=46) (no longer in use)
+## Installing Development Dependencies
+
+Dependencies are managed via Composer.
+
+1. Download the [`composer.phar`](https://getcomposer.org/composer.phar) executable as per the
+ [Composer Download Instructions](https://getcomposer.org/download/), e.g. by running
+
+ ``` sh
+ curl -sS https://getcomposer.org/installer | php
+ ```
+
+2. Install Dependencies
+
+ ``` sh
+ php composer.phar install
+ ```
+
## Contributing
1. Fork the Project
-2. Ensure you have Composer installed (see [Composer Download Instructions](https://getcomposer.org/download/))
+2. Install Development Dependencies
-3. Install Development Dependencies
+3. Create a Feature Branch
- ``` sh
- composer install
- ```
-
-4. Create a Feature Branch
-
-5. (Recommended) Run the Test Suite
+4. (Recommended) Run the Test Suite
``` sh
vendor/bin/phpunit
```
-6. (Recommended) Check whether your code conforms to our Coding Standards by running
+5. (Recommended) Check whether your code conforms to our Coding Standards by running
``` sh
vendor/bin/phing -f build/build.xml sniff
```
-7. Send us a Pull Request
+6. Send us a Pull Request
diff --git a/vendor/phpseclib/phpseclib/appveyor.yml b/vendor/phpseclib/phpseclib/appveyor.yml
deleted file mode 100644
index 210a903470..0000000000
--- a/vendor/phpseclib/phpseclib/appveyor.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-build: false
-shallow_clone: false
-platform:
- - x86
- - x64
-clone_folder: C:\projects\phpseclib
-
-install:
- - cinst -y OpenSSL.Light
- - SET PATH=C:\Program Files\OpenSSL;%PATH%
- - sc config wuauserv start= auto
- - net start wuauserv
- - cinst -y php --version 5.6.30
- - cd c:\tools\php56
- - copy php.ini-production php.ini
- - echo date.timezone="UTC" >> php.ini
- - echo extension_dir=ext >> php.ini
- - echo extension=php_openssl.dll >> php.ini
- - echo extension=php_gmp.dll >> php.ini
- - cd C:\projects\phpseclib
- - SET PATH=C:\tools\php56;%PATH%
- - php.exe -r "readfile('http://getcomposer.org/installer');" | php.exe
- - php.exe composer.phar install --prefer-source --no-interaction
-
-test_script:
- - cd C:\projects\phpseclib
- - vendor\bin\phpunit.bat tests/Windows32Test.php
\ No newline at end of file
diff --git a/vendor/phpseclib/phpseclib/composer.json b/vendor/phpseclib/phpseclib/composer.json
index b4e8a1c9c9..9f728103ac 100644
--- a/vendor/phpseclib/phpseclib/composer.json
+++ b/vendor/phpseclib/phpseclib/composer.json
@@ -51,11 +51,13 @@
}
],
"require": {
+ "paragonie/constant_time_encoding": "^1|^2",
+ "paragonie/random_compat": "^1.4|^2.0",
"php": ">=5.3.3"
},
"require-dev": {
"phing/phing": "~2.7",
- "phpunit/phpunit": "^4.8.35|^5.7|^6.0",
+ "phpunit/phpunit": "~4.0",
"sami/sami": "~2.0",
"squizlabs/php_codesniffer": "~2.0"
},
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php
index 7d8cb8b034..8521eb5e5c 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/AES.php
@@ -66,30 +66,32 @@ class AES extends Rijndael
* @see \phpseclib\Crypt\Rijndael::setBlockLength()
* @access public
* @param int $length
+ * @throws \BadMethodCallException anytime it's called
*/
function setBlockLength($length)
{
- return;
+ throw new \BadMethodCallException('The block length cannot be set for AES.');
}
/**
* Sets the key length
*
- * Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
- * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
+ * Valid key lengths are 128, 192, and 256. Set the link to bool(false) to disable a fixed key length
*
* @see \phpseclib\Crypt\Rijndael:setKeyLength()
* @access public
* @param int $length
+ * @throws \LengthException if the key length isn't supported
*/
function setKeyLength($length)
{
switch ($length) {
- case 160:
- $length = 192;
+ case 128:
+ case 192:
+ case 256:
break;
- case 224:
- $length = 256;
+ default:
+ throw new \LengthException('Key of size ' . $length . ' not supported by this algorithm. Only keys of sizes 128, 192 or 256 supported');
}
parent::setKeyLength($length);
}
@@ -103,24 +105,19 @@ class AES extends Rijndael
* @see setKeyLength()
* @access public
* @param string $key
+ * @throws \LengthException if the key length isn't supported
*/
function setKey($key)
{
- parent::setKey($key);
-
- if (!$this->explicit_key_length) {
- $length = strlen($key);
- switch (true) {
- case $length <= 16:
- $this->key_length = 16;
- break;
- case $length <= 24:
- $this->key_length = 24;
- break;
- default:
- $this->key_length = 32;
- }
- $this->_setEngine();
+ switch (strlen($key)) {
+ case 16:
+ case 24:
+ case 32:
+ break;
+ default:
+ throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported');
}
+
+ parent::setKey($key);
}
}
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
index 03b176e7bf..e3cc7b87bb 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php
@@ -76,10 +76,6 @@ abstract class Base
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
*/
const MODE_CFB = 3;
- /**
- * Encrypt / decrypt using the Cipher Feedback mode (8bit)
- */
- const MODE_CFB8 = 38;
/**
* Encrypt / decrypt using the Output Feedback mode.
*
@@ -143,7 +139,7 @@ abstract class Base
* @var string
* @access private
*/
- var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+ var $key = false;
/**
* The Initialization Vector
@@ -152,7 +148,7 @@ abstract class Base
* @var string
* @access private
*/
- var $iv;
+ var $iv = false;
/**
* A "sliding" Initialization Vector
@@ -433,15 +429,6 @@ abstract class Base
*/
var $openssl_options;
- /**
- * Has the key length explicitly been set or should it be derived from the key, itself?
- *
- * @see self::setKeyLength()
- * @var bool
- * @access private
- */
- var $explicit_key_length = false;
-
/**
* Don't truncate / null pad key
*
@@ -452,9 +439,16 @@ abstract class Base
var $skip_key_adjustment = false;
/**
- * Default Constructor.
+ * Has the key length explicitly been set or should it be derived from the key, itself?
*
- * Determines whether or not the mcrypt extension should be used.
+ * @see self::setKeyLength()
+ * @var bool
+ * @access private
+ */
+ var $explicit_key_length = false;
+
+ /**
+ * Default Constructor.
*
* $mode could be:
*
@@ -468,54 +462,59 @@ abstract class Base
*
* - self::MODE_OFB
*
- * If not explicitly set, self::MODE_CBC will be used.
- *
* @param int $mode
* @access public
+ * @throws \InvalidArgumentException if an invalid / unsupported mode is provided
*/
- function __construct($mode = self::MODE_CBC)
+ function __construct($mode)
{
// $mode dependent settings
switch ($mode) {
case self::MODE_ECB:
+ case self::MODE_CBC:
$this->paddable = true;
- $this->mode = self::MODE_ECB;
break;
case self::MODE_CTR:
case self::MODE_CFB:
- case self::MODE_CFB8:
case self::MODE_OFB:
case self::MODE_STREAM:
- $this->mode = $mode;
+ $this->paddable = false;
break;
- case self::MODE_CBC:
default:
- $this->paddable = true;
- $this->mode = self::MODE_CBC;
+ throw new \InvalidArgumentException('No valid mode has been specified');
}
- $this->_setEngine();
+ $this->mode = $mode;
// Determining whether inline crypting can be used by the cipher
- if ($this->use_inline_crypt !== false) {
- $this->use_inline_crypt = version_compare(PHP_VERSION, '5.3.0') >= 0 || function_exists('create_function');
+ if ($this->use_inline_crypt !== false && function_exists('create_function')) {
+ $this->use_inline_crypt = true;
}
}
/**
- * Sets the initialization vector. (optional)
+ * Sets the initialization vector.
*
- * SetIV is not required when self::MODE_ECB (or ie for AES: \phpseclib\Crypt\AES::MODE_ECB) is being used. If not explicitly set, it'll be assumed
- * to be all zero's.
+ * setIV() is not required when self::MODE_ECB (or ie for AES: \phpseclib\Crypt\AES::MODE_ECB) is being used.
*
* @access public
* @param string $iv
+ * @throws \LengthException if the IV length isn't equal to the block size
+ * @throws \InvalidArgumentException if an IV is provided when one shouldn't be
* @internal Can be overwritten by a sub class, but does not have to be
*/
function setIV($iv)
{
if ($this->mode == self::MODE_ECB) {
- return;
+ throw new \InvalidArgumentException('This mode does not require an IV.');
+ }
+
+ if ($this->mode == self::MODE_STREAM && $this->usesIV()) {
+ throw new \InvalidArgumentException('This algorithm does not use an IV.');
+ }
+
+ if (strlen($iv) != $this->block_size) {
+ throw new \LengthException('Received initialization vector of size ' . strlen($iv) . ', but size ' . $this->block_size . ' is required');
}
$this->iv = $iv;
@@ -523,18 +522,14 @@ abstract class Base
}
/**
- * Sets the key length.
- *
- * Keys with explicitly set lengths need to be treated accordingly
+ * Returns whether or not the algorithm uses an IV
*
* @access public
- * @param int $length
+ * @return bool
*/
- function setKeyLength($length)
+ function usesIV()
{
- $this->explicit_key_length = true;
- $this->changed = true;
- $this->_setEngine();
+ return true;
}
/**
@@ -559,6 +554,24 @@ abstract class Base
return $this->block_size << 3;
}
+ /**
+ * Sets the key length.
+ *
+ * Keys with explicitly set lengths need to be treated accordingly
+ *
+ * @access public
+ * @param int $length
+ */
+ function setKeyLength($length)
+ {
+ $this->explicit_key_length = $length >> 3;
+
+ if (is_string($this->key) && strlen($this->key) != $this->explicit_key_length) {
+ $this->key = false;
+ throw new \LengthException('Key has already been set and is not ' .$this->explicit_key_length . ' bytes long');
+ }
+ }
+
/**
* Sets the key.
*
@@ -575,12 +588,12 @@ abstract class Base
*/
function setKey($key)
{
- if (!$this->explicit_key_length) {
- $this->setKeyLength(strlen($key) << 3);
- $this->explicit_key_length = false;
+ if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) {
+ throw new \LengthException('Key length has already been set to ' . $this->explicit_key_length . ' bytes and this key is ' . strlen($key) . ' bytes');
}
$this->key = $key;
+ $this->key_length = strlen($key);
$this->changed = true;
$this->_setEngine();
}
@@ -597,6 +610,7 @@ abstract class Base
* @see Crypt/Hash.php
* @param string $password
* @param string $method
+ * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length
* @return bool
* @access public
* @internal Could, but not must, extend by the child Crypt_* class
@@ -623,7 +637,8 @@ abstract class Base
if (isset($func_args[5])) {
$dkLen = $func_args[5];
} else {
- $dkLen = $method == 'pbkdf1' ? 2 * $this->key_length : $this->key_length;
+ $key_length = $this->explicit_key_length !== false ? $this->explicit_key_length : $this->key_length;
+ $dkLen = $method == 'pbkdf1' ? 2 * $key_length : $key_length;
}
switch (true) {
@@ -631,8 +646,7 @@ abstract class Base
$hashObj = new Hash();
$hashObj->setHash($hash);
if ($dkLen > $hashObj->getLength()) {
- user_error('Derived key too long');
- return false;
+ throw new \LengthException('Derived key length cannot be longer than the hash length');
}
$t = $password . $salt;
for ($i = 0; $i < $count; ++$i) {
@@ -649,10 +663,10 @@ abstract class Base
case !function_exists('hash_algos'):
case !in_array($hash, hash_algos()):
$i = 1;
- $hmac = new Hash();
- $hmac->setHash($hash);
- $hmac->setKey($password);
while (strlen($key) < $dkLen) {
+ $hmac = new Hash();
+ $hmac->setHash($hash);
+ $hmac->setKey($password);
$f = $u = $hmac->hash($salt . pack('N', $i++));
for ($j = 2; $j <= $count; ++$j) {
$u = $hmac->hash($u);
@@ -707,7 +721,7 @@ abstract class Base
case self::MODE_STREAM:
return openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options);
case self::MODE_ECB:
- $result = @openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options);
+ $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options);
return !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result;
case self::MODE_CBC:
$result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->encryptIV);
@@ -767,16 +781,6 @@ abstract class Base
$iv = substr($ciphertext, -$this->block_size);
}
- return $ciphertext;
- case self::MODE_CFB8:
- $ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->encryptIV);
- if ($this->continuousBuffer) {
- if (($len = strlen($ciphertext)) >= $this->block_size) {
- $this->encryptIV = substr($ciphertext, -$this->block_size);
- } else {
- $this->encryptIV = substr($this->encryptIV, $len - $this->block_size) . substr($ciphertext, -$len);
- }
- }
return $ciphertext;
case self::MODE_OFB:
return $this->_openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer);
@@ -789,7 +793,7 @@ abstract class Base
$this->changed = false;
}
if ($this->enchanged) {
- @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->_getIV($this->encryptIV));
$this->enchanged = false;
}
@@ -822,15 +826,15 @@ abstract class Base
if ($len >= $block_size) {
if ($this->enbuffer['enmcrypt_init'] === false || $len > $this->cfb_init_len) {
if ($this->enbuffer['enmcrypt_init'] === true) {
- @mcrypt_generic_init($this->enmcrypt, $this->key, $iv);
+ mcrypt_generic_init($this->enmcrypt, $this->key, $iv);
$this->enbuffer['enmcrypt_init'] = false;
}
- $ciphertext.= @mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size));
+ $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % $block_size));
$iv = substr($ciphertext, -$block_size);
$len%= $block_size;
} else {
while ($len >= $block_size) {
- $iv = @mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size);
+ $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, $block_size);
$ciphertext.= $iv;
$len-= $block_size;
$i+= $block_size;
@@ -839,7 +843,7 @@ abstract class Base
}
if ($len) {
- $iv = @mcrypt_generic($this->ecb, $iv);
+ $iv = mcrypt_generic($this->ecb, $iv);
$block = $iv ^ substr($plaintext, -$len);
$iv = substr_replace($iv, $block, 0, $len);
$ciphertext.= $block;
@@ -849,10 +853,10 @@ abstract class Base
return $ciphertext;
}
- $ciphertext = @mcrypt_generic($this->enmcrypt, $plaintext);
+ $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
if (!$this->continuousBuffer) {
- @mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->_getIV($this->encryptIV));
}
return $ciphertext;
@@ -957,24 +961,6 @@ abstract class Base
$pos = $len;
}
break;
- case self::MODE_CFB8:
- $ciphertext = '';
- $len = strlen($plaintext);
- $iv = $this->encryptIV;
-
- for ($i = 0; $i < $len; ++$i) {
- $ciphertext .= ($c = $plaintext[$i] ^ $this->_encryptBlock($iv));
- $iv = substr($iv, 1) . $c;
- }
-
- if ($this->continuousBuffer) {
- if ($len >= $block_size) {
- $this->encryptIV = substr($ciphertext, -$block_size);
- } else {
- $this->encryptIV = substr($this->encryptIV, $len - $block_size) . substr($ciphertext, -$len);
- }
- }
- break;
case self::MODE_OFB:
$xor = $this->encryptIV;
if (strlen($buffer['xor'])) {
@@ -1019,14 +1005,13 @@ abstract class Base
* @access public
* @param string $ciphertext
* @return string $plaintext
+ * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size
* @internal Could, but not must, extend by the child Crypt_* class
*/
function decrypt($ciphertext)
{
- if ($this->paddable) {
- // we pad with chr(0) since that's what mcrypt_generic does. to quote from {@link http://www.php.net/function.mcrypt-generic}:
- // "The data is padded with "\0" to make sure the length of the data is n * blocksize."
- $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($this->block_size - strlen($ciphertext) % $this->block_size) % $this->block_size, chr(0));
+ if ($this->paddable && strlen($ciphertext) % $this->block_size) {
+ throw new \LengthException('The ciphertext length (' . strlen($ciphertext) . ') needs to be a multiple of the block size (' . $this->block_size . ')');
}
if ($this->engine === self::ENGINE_OPENSSL) {
@@ -1040,14 +1025,14 @@ abstract class Base
break;
case self::MODE_ECB:
if (!defined('OPENSSL_RAW_DATA')) {
- $ciphertext.= @openssl_encrypt('', $this->cipher_name_openssl_ecb, $this->key, true);
+ $ciphertext.= openssl_encrypt('', $this->cipher_name_openssl_ecb, $this->key, true);
}
$plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options);
break;
case self::MODE_CBC:
if (!defined('OPENSSL_RAW_DATA')) {
$padding = str_repeat(chr($this->block_size), $this->block_size) ^ substr($ciphertext, -$this->block_size);
- $ciphertext.= substr(@openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true), 0, $this->block_size);
+ $ciphertext.= substr(openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true), 0, $this->block_size);
$offset = 2 * $this->block_size;
} else {
$offset = $this->block_size;
@@ -1105,16 +1090,6 @@ abstract class Base
$iv = substr($ciphertext, -$this->block_size);
}
break;
- case self::MODE_CFB8:
- $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->decryptIV);
- if ($this->continuousBuffer) {
- if (($len = strlen($ciphertext)) >= $this->block_size) {
- $this->decryptIV = substr($ciphertext, -$this->block_size);
- } else {
- $this->decryptIV = substr($this->decryptIV, $len - $this->block_size) . substr($ciphertext, -$len);
- }
- }
- break;
case self::MODE_OFB:
$plaintext = $this->_openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer);
}
@@ -1129,7 +1104,7 @@ abstract class Base
$this->changed = false;
}
if ($this->dechanged) {
- @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->_getIV($this->decryptIV));
$this->dechanged = false;
}
@@ -1157,12 +1132,12 @@ abstract class Base
}
if ($len >= $block_size) {
$cb = substr($ciphertext, $i, $len - $len % $block_size);
- $plaintext.= @mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
+ $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
$iv = substr($cb, -$block_size);
$len%= $block_size;
}
if ($len) {
- $iv = @mcrypt_generic($this->ecb, $iv);
+ $iv = mcrypt_generic($this->ecb, $iv);
$plaintext.= $iv ^ substr($ciphertext, -$len);
$iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len);
$pos = $len;
@@ -1171,10 +1146,10 @@ abstract class Base
return $plaintext;
}
- $plaintext = @mdecrypt_generic($this->demcrypt, $ciphertext);
+ $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
if (!$this->continuousBuffer) {
- @mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->_getIV($this->decryptIV));
}
return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
@@ -1278,24 +1253,6 @@ abstract class Base
$pos = $len;
}
break;
- case self::MODE_CFB8:
- $plaintext = '';
- $len = strlen($ciphertext);
- $iv = $this->decryptIV;
-
- for ($i = 0; $i < $len; ++$i) {
- $plaintext .= $ciphertext[$i] ^ $this->_encryptBlock($iv);
- $iv = substr($iv, 1) . $ciphertext[$i];
- }
-
- if ($this->continuousBuffer) {
- if ($len >= $block_size) {
- $this->decryptIV = substr($ciphertext, -$block_size);
- } else {
- $this->decryptIV = substr($this->decryptIV, $len - $block_size) . substr($ciphertext, -$len);
- }
- }
- break;
case self::MODE_OFB:
$xor = $this->decryptIV;
if (strlen($buffer['xor'])) {
@@ -1329,13 +1286,29 @@ abstract class Base
return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
}
+ /**
+ * Get the IV
+ *
+ * mcrypt requires an IV even if ECB is used
+ *
+ * @see self::encrypt()
+ * @see self::decrypt()
+ * @param string $iv
+ * @return string
+ * @access private
+ */
+ function _getIV($iv)
+ {
+ return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv;
+ }
+
/**
* OpenSSL CTR Processor
*
* PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream
* for CTR is the same for both encrypting and decrypting this function is re-used by both Base::encrypt()
* and Base::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this
- * function will emulate CTR with ECB when necessary.
+ * function will emulate CTR with ECB when necesary.
*
* @see self::encrypt()
* @see self::decrypt()
@@ -1358,7 +1331,7 @@ abstract class Base
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
$block = substr($plaintext, $i, $block_size);
if (strlen($block) > strlen($buffer['ciphertext'])) {
- $result = @openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
+ $result = openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
$result = !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result;
$buffer['ciphertext'].= $result;
}
@@ -1369,7 +1342,7 @@ abstract class Base
} else {
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
$block = substr($plaintext, $i, $block_size);
- $otp = @openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
+ $otp = openssl_encrypt($xor, $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
$otp = !defined('OPENSSL_RAW_DATA') ? substr($otp, 0, -$this->block_size) : $otp;
$this->_increment_str($xor);
$ciphertext.= $block ^ $otp;
@@ -1413,7 +1386,7 @@ abstract class Base
}
if ($this->continuousBuffer) {
if (!defined('OPENSSL_RAW_DATA')) {
- $encryptIV.= @openssl_encrypt('', $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
+ $encryptIV.= openssl_encrypt('', $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
}
$encryptIV = openssl_decrypt($encryptIV, $this->cipher_name_openssl_ecb, $key, $this->openssl_options);
if ($overflow) {
@@ -1496,8 +1469,6 @@ abstract class Base
return 'ctr';
case self::MODE_CFB:
return 'cfb';
- case self::MODE_CFB8:
- return 'cfb8';
case self::MODE_OFB:
return 'ofb';
}
@@ -1656,7 +1627,7 @@ abstract class Base
case self::ENGINE_MCRYPT:
return $this->cipher_name_mcrypt &&
extension_loaded('mcrypt') &&
- in_array($this->cipher_name_mcrypt, @mcrypt_list_algorithms());
+ in_array($this->cipher_name_mcrypt, mcrypt_list_algorithms());
case self::ENGINE_INTERNAL:
return true;
}
@@ -1735,13 +1706,13 @@ abstract class Base
if ($this->engine != self::ENGINE_MCRYPT && $this->enmcrypt) {
// Closing the current mcrypt resource(s). _mcryptSetup() will, if needed,
// (re)open them with the module named in $this->cipher_name_mcrypt
- @mcrypt_module_close($this->enmcrypt);
- @mcrypt_module_close($this->demcrypt);
+ mcrypt_module_close($this->enmcrypt);
+ mcrypt_module_close($this->demcrypt);
$this->enmcrypt = null;
$this->demcrypt = null;
if ($this->ecb) {
- @mcrypt_module_close($this->ecb);
+ mcrypt_module_close($this->ecb);
$this->ecb = null;
}
}
@@ -1851,24 +1822,23 @@ abstract class Base
self::MODE_ECB => MCRYPT_MODE_ECB,
self::MODE_CBC => MCRYPT_MODE_CBC,
self::MODE_CFB => 'ncfb',
- self::MODE_CFB8 => MCRYPT_MODE_CFB,
self::MODE_OFB => MCRYPT_MODE_NOFB,
self::MODE_STREAM => MCRYPT_MODE_STREAM,
);
- $this->demcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
- $this->enmcrypt = @mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
+ $this->demcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
+ $this->enmcrypt = mcrypt_module_open($this->cipher_name_mcrypt, '', $mcrypt_modes[$this->mode], '');
// we need the $ecb mcrypt resource (only) in MODE_CFB with enableContinuousBuffer()
// to workaround mcrypt's broken ncfb implementation in buffered mode
// see: {@link http://phpseclib.sourceforge.net/cfb-demo.phps}
if ($this->mode == self::MODE_CFB) {
- $this->ecb = @mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, '');
+ $this->ecb = mcrypt_module_open($this->cipher_name_mcrypt, '', MCRYPT_MODE_ECB, '');
}
} // else should mcrypt_generic_deinit be called?
if ($this->mode == self::MODE_CFB) {
- @mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size));
+ mcrypt_generic_init($this->ecb, $this->key, str_repeat("\0", $this->block_size));
}
}
@@ -1884,6 +1854,7 @@ abstract class Base
*
* @see self::_unpad()
* @param string $text
+ * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size
* @access private
* @return string
*/
@@ -1895,8 +1866,7 @@ abstract class Base
if ($length % $this->block_size == 0) {
return $text;
} else {
- user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})");
- $this->padding = true;
+ throw new \LengthException("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size}). Try enabling padding.");
}
}
@@ -1913,6 +1883,7 @@ abstract class Base
*
* @see self::_pad()
* @param string $text
+ * @throws \LengthException if the ciphertext's length is not a multiple of the block size
* @access private
* @return string
*/
@@ -1925,7 +1896,7 @@ abstract class Base
$length = ord($text[strlen($text) - 1]);
if (!$length || $length > $this->block_size) {
- return false;
+ throw new \LengthException("The ciphertext has an invalid padding length ($length) compared to the block size ({$this->block_size})");
}
return substr($text, 0, -$length);
@@ -1938,20 +1909,19 @@ abstract class Base
* after disableContinuousBuffer() or on cipher $engine (re)init
* ie after setKey() or setIV()
*
- * @access public
+ * @access private
* @internal Could, but not must, extend by the child Crypt_* class
+ * @throws \UnexpectedValueException when an IV is required but not defined
*/
function _clearBuffers()
{
$this->enbuffer = $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true);
- // mcrypt's handling of invalid's $iv:
- // $this->encryptIV = $this->decryptIV = strlen($this->iv) == $this->block_size ? $this->iv : str_repeat("\0", $this->block_size);
- $this->encryptIV = $this->decryptIV = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, "\0");
-
- if (!$this->skip_key_adjustment) {
- $this->key = str_pad(substr($this->key, 0, $this->key_length), $this->key_length, "\0");
+ if ($this->iv === false && !in_array($this->mode, array(self::MODE_STREAM, self::MODE_ECB))) {
+ throw new \UnexpectedValueException('No IV has been defined');
}
+
+ $this->encryptIV = $this->decryptIV = $this->iv;
}
/**
@@ -2423,52 +2393,6 @@ abstract class Base
$_pos = $_len;
}
- return $_plaintext;
- ';
- break;
- case self::MODE_CFB8:
- $encrypt = $init_encrypt . '
- $_ciphertext = "";
- $_len = strlen($_text);
- $_iv = $self->encryptIV;
-
- for ($_i = 0; $_i < $_len; ++$_i) {
- $in = $_iv;
- '.$encrypt_block.'
- $_ciphertext .= ($_c = $_text[$_i] ^ $in);
- $_iv = substr($_iv, 1) . $_c;
- }
-
- if ($self->continuousBuffer) {
- if ($_len >= '.$block_size.') {
- $self->encryptIV = substr($_ciphertext, -'.$block_size.');
- } else {
- $self->encryptIV = substr($self->encryptIV, $_len - '.$block_size.') . substr($_ciphertext, -$_len);
- }
- }
-
- return $_ciphertext;
- ';
- $decrypt = $init_encrypt . '
- $_plaintext = "";
- $_len = strlen($_text);
- $_iv = $self->decryptIV;
-
- for ($_i = 0; $_i < $_len; ++$_i) {
- $in = $_iv;
- '.$encrypt_block.'
- $_plaintext .= $_text[$_i] ^ $in;
- $_iv = substr($_iv, 1) . $_text[$_i];
- }
-
- if ($self->continuousBuffer) {
- if ($_len >= '.$block_size.') {
- $self->decryptIV = substr($_text, -'.$block_size.');
- } else {
- $self->decryptIV = substr($self->decryptIV, $_len - '.$block_size.') . substr($_text, -$_len);
- }
- }
-
return $_plaintext;
';
break;
@@ -2602,11 +2526,6 @@ abstract class Base
}
// Create the $inline function and return its name as string. Ready to run!
- if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
- eval('$func = function ($_action, &$self, $_text) { ' . $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' } };');
- return $func;
- }
-
return create_function('$_action, &$self, $_text', $init_crypt . 'if ($_action == "encrypt") { ' . $encrypt . ' } else { ' . $decrypt . ' }');
}
@@ -2618,7 +2537,7 @@ abstract class Base
* is stored, classwide (!), here for reusing.
*
* The string-based index of $function is a classwide
- * unique value representing, at least, the $mode of
+ * uniqe value representing, at least, the $mode of
* operation (or more... depends of the optimizing level)
* for which $mode the lambda function was created.
*
@@ -2659,50 +2578,10 @@ abstract class Base
$len = strlen($bytes);
for ($i = 0; $i < $len; $i+=20) {
$t = substr($bytes, $i, 20);
- $hash = pack('H*', sha1($hash));
+ $hash = sha1($hash, true);
$result .= $t ^ $hash;
}
- return $result . pack('H*', sha1($hash));
- }
- }
-
- /**
- * Convert float to int
- *
- * On ARM CPUs converting floats to ints doesn't always work
- *
- * @access private
- * @param string $x
- * @return int
- */
- function safe_intval($x)
- {
- switch (true) {
- case is_int($x):
- // PHP 5.3, per http://php.net/releases/5_3_0.php, introduced "more consistent float rounding"
- case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM':
- return $x;
- }
- return (fmod($x, 0x80000000) & 0x7FFFFFFF) |
- ((fmod(floor($x / 0x80000000), 2) & 1) << 31);
- }
-
- /**
- * eval()'able string for in-line float to int
- *
- * @access private
- * @return string
- */
- function safe_intval_inline()
- {
- switch (true) {
- case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8:
- case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM':
- return '%s';
- break;
- default:
- $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | ';
- return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))';
+ return $result . sha1($hash, true);
}
}
}
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php
index 74cc49de8a..3500df595b 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php
@@ -283,6 +283,22 @@ class Blowfish extends Base
*/
var $key_length = 16;
+ /**
+ * Default Constructor.
+ *
+ * @param int $mode
+ * @access public
+ * @throws \InvalidArgumentException if an invalid / unsupported mode is provided
+ */
+ function __construct($mode)
+ {
+ if ($mode == self::MODE_STREAM) {
+ throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode');
+ }
+
+ parent::__construct($mode);
+ }
+
/**
* Sets the key length.
*
@@ -293,14 +309,12 @@ class Blowfish extends Base
*/
function setKeyLength($length)
{
- if ($length < 32) {
- $this->key_length = 4;
- } elseif ($length > 448) {
- $this->key_length = 56;
- } else {
- $this->key_length = $length >> 3;
+ if ($length < 32 || $length > 448) {
+ throw new \LengthException('Key size of ' . $length . ' bits is not supported by this algorithm. Only keys of sizes between 32 and 448 bits are supported');
}
+ $this->key_length = $length >> 3;
+
parent::setKeyLength($length);
}
@@ -317,10 +331,7 @@ class Blowfish extends Base
function isValidEngine($engine)
{
if ($engine == self::ENGINE_OPENSSL) {
- if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) {
- return false;
- }
- if ($this->key_length < 16) {
+ if ($this->key_length != 16) {
return false;
}
$this->cipher_name_openssl_ecb = 'bf-ecb';
@@ -408,14 +419,16 @@ class Blowfish extends Base
for ($i = 0; $i < 16; $i+= 2) {
$l^= $p[$i];
- $r^= $this->safe_intval(($this->safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^
+ $r^= ($sb_0[$l >> 24 & 0xff] +
+ $sb_1[$l >> 16 & 0xff] ^
$sb_2[$l >> 8 & 0xff]) +
- $sb_3[$l & 0xff]);
+ $sb_3[$l & 0xff];
$r^= $p[$i + 1];
- $l^= $this->safe_intval(($this->safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^
+ $l^= ($sb_0[$r >> 24 & 0xff] +
+ $sb_1[$r >> 16 & 0xff] ^
$sb_2[$r >> 8 & 0xff]) +
- $sb_3[$r & 0xff]);
+ $sb_3[$r & 0xff];
}
return pack("N*", $r ^ $p[17], $l ^ $p[16]);
}
@@ -441,14 +454,16 @@ class Blowfish extends Base
for ($i = 17; $i > 2; $i-= 2) {
$l^= $p[$i];
- $r^= $this->safe_intval(($this->safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^
+ $r^= ($sb_0[$l >> 24 & 0xff] +
+ $sb_1[$l >> 16 & 0xff] ^
$sb_2[$l >> 8 & 0xff]) +
- $sb_3[$l & 0xff]);
+ $sb_3[$l & 0xff];
$r^= $p[$i - 1];
- $l^= $this->safe_intval(($this->safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^
+ $l^= ($sb_0[$r >> 24 & 0xff] +
+ $sb_1[$r >> 16 & 0xff] ^
$sb_2[$r >> 8 & 0xff]) +
- $sb_3[$r & 0xff]);
+ $sb_3[$r & 0xff];
}
return pack("N*", $r ^ $p[0], $l ^ $p[1]);
}
@@ -474,8 +489,6 @@ class Blowfish extends Base
$code_hash = str_pad($code_hash, 32) . $this->_hashInlineCryptFunction($this->key);
}
- $safeint = $this->safe_intval_inline();
-
if (!isset($lambda_functions[$code_hash])) {
switch (true) {
case $gen_hi_opt_code:
@@ -511,14 +524,16 @@ class Blowfish extends Base
for ($i = 0; $i < 16; $i+= 2) {
$encrypt_block.= '
$l^= ' . $p[$i] . ';
- $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^
+ $r^= ($sb_0[$l >> 24 & 0xff] +
+ $sb_1[$l >> 16 & 0xff] ^
$sb_2[$l >> 8 & 0xff]) +
- $sb_3[$l & 0xff]') . ';
+ $sb_3[$l & 0xff];
$r^= ' . $p[$i + 1] . ';
- $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^
+ $l^= ($sb_0[$r >> 24 & 0xff] +
+ $sb_1[$r >> 16 & 0xff] ^
$sb_2[$r >> 8 & 0xff]) +
- $sb_3[$r & 0xff]') . ';
+ $sb_3[$r & 0xff];
';
}
$encrypt_block.= '
@@ -538,14 +553,16 @@ class Blowfish extends Base
for ($i = 17; $i > 2; $i-= 2) {
$decrypt_block.= '
$l^= ' . $p[$i] . ';
- $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^
+ $r^= ($sb_0[$l >> 24 & 0xff] +
+ $sb_1[$l >> 16 & 0xff] ^
$sb_2[$l >> 8 & 0xff]) +
- $sb_3[$l & 0xff]') . ';
+ $sb_3[$l & 0xff];
$r^= ' . $p[$i - 1] . ';
- $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^
+ $l^= ($sb_0[$r >> 24 & 0xff] +
+ $sb_1[$r >> 16 & 0xff] ^
$sb_2[$r >> 8 & 0xff]) +
- $sb_3[$r & 0xff]') . ';
+ $sb_3[$r & 0xff];
';
}
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php
index 9a8225fb5d..14273d2889 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/DES.php
@@ -578,6 +578,22 @@ class DES extends Base
0x00000820, 0x00020020, 0x08000000, 0x08020800
);
+ /**
+ * Default Constructor.
+ *
+ * @param int $mode
+ * @access public
+ * @throws \InvalidArgumentException if an invalid / unsupported mode is provided
+ */
+ function __construct($mode)
+ {
+ if ($mode == self::MODE_STREAM) {
+ throw new \InvalidArgumentException('Block ciphers cannot be ran in stream mode');
+ }
+
+ parent::__construct($mode);
+ }
+
/**
* Test for engine validity
*
@@ -603,24 +619,18 @@ class DES extends Base
/**
* Sets the key.
*
- * Keys can be of any length. DES, itself, uses 64-bit keys (eg. strlen($key) == 8), however, we
- * only use the first eight, if $key has more then eight characters in it, and pad $key with the
- * null byte if it is less then eight characters long.
+ * Keys must be 64-bits long or 8 bytes long.
*
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
*
- * If the key is not explicitly set, it'll be assumed to be all zero's.
- *
* @see \phpseclib\Crypt\Base::setKey()
* @access public
* @param string $key
*/
function setKey($key)
{
- // We check/cut here only up to max length of the key.
- // Key padding to the proper length will be done in _setupKey()
- if (strlen($key) > $this->key_length_max) {
- $key = substr($key, 0, $this->key_length_max);
+ if (!($this instanceof TripleDES) && strlen($key) != 8) {
+ throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of size 8 are supported');
}
// Sets the key
@@ -1302,7 +1312,7 @@ class DES extends Base
// After that, we'll still create very fast optimized code but not the hi-ultimative code, for each $mode one
$gen_hi_opt_code = (bool)( count($lambda_functions) < 10 );
- // Generation of a unique hash for our generated code
+ // Generation of a uniqe hash for our generated code
$code_hash = "Crypt_DES, $des_rounds, {$this->mode}";
if ($gen_hi_opt_code) {
// For hi-optimized code, we create for each combination of
@@ -1357,8 +1367,8 @@ class DES extends Base
$k[self::ENCRYPT][$i] = '$ke[' . $i . ']';
$k[self::DECRYPT][$i] = '$kd[' . $i . ']';
}
- $init_encrypt = '$ke = $self->keys[$self::ENCRYPT];';
- $init_decrypt = '$kd = $self->keys[$self::DECRYPT];';
+ $init_encrypt = '$ke = $self->keys[self::ENCRYPT];';
+ $init_decrypt = '$kd = $self->keys[self::DECRYPT];';
break;
}
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php
index a61668209a..080e8cd210 100644
--- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php
+++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Hash.php
@@ -1,26 +1,19 @@
* setKey('abcdefg');
*
@@ -31,7 +24,9 @@
* @category Crypt
* @package Hash
* @author Jim Wigginton
* createKey());
+ * extract(\phpseclib\Crypt\RSA::createKey());
*
- * $plaintext = 'terrafrost';
+ * $plaintext = 'terrafrost';
*
- * $rsa->loadKey($privatekey);
- * $ciphertext = $rsa->encrypt($plaintext);
+ * $ciphertext = $publickey->encrypt($plaintext);
*
- * $rsa->loadKey($publickey);
- * echo $rsa->decrypt($ciphertext);
+ * echo $privatekey->decrypt($ciphertext);
* ?>
*
*
* Here's an example of how to create signatures and verify signatures with this library:
*
* createKey());
+ * extract(\phpseclib\Crypt\RSA::createKey());
*
- * $plaintext = 'terrafrost';
+ * $plaintext = 'terrafrost';
*
- * $rsa->loadKey($privatekey);
- * $signature = $rsa->sign($plaintext);
+ * $signature = $privatekey->sign($plaintext);
*
- * $rsa->loadKey($publickey);
- * echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
+ * echo $publickey->verify($plaintext, $signature) ? 'verified' : 'unverified';
* ?>
*
*
@@ -51,6 +45,8 @@
namespace phpseclib\Crypt;
+use ParagonIE\ConstantTime\Base64;
+use phpseclib\File\ASN1;
use phpseclib\Math\BigInteger;
/**
@@ -71,26 +67,32 @@ class RSA
* Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding}
* (OAEP) for encryption / decryption.
*
- * Uses sha1 by default.
+ * Uses sha256 by default
*
* @see self::setHash()
* @see self::setMGFHash()
*/
- const ENCRYPTION_OAEP = 1;
+ const PADDING_OAEP = 1;
/**
* Use PKCS#1 padding.
*
- * Although self::ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards
+ * Although self::PADDING_OAEP / self::PADDING_PSS offers more security, including PKCS#1 padding is necessary for purposes of backwards
* compatibility with protocols (like SSH-1) written before OAEP's introduction.
*/
- const ENCRYPTION_PKCS1 = 2;
+ const PADDING_PKCS1 = 2;
/**
* Do not use any padding
*
* Although this method is not recommended it can none-the-less sometimes be useful if you're trying to decrypt some legacy
* stuff, if you're trying to diagnose why an encrypted message isn't decrypting, etc.
*/
- const ENCRYPTION_NONE = 3;
+ const PADDING_NONE = 3;
+ /**
+ * Use PKCS#1 padding with PKCS1 v1.5 compatability
+ *
+ * A PKCS1 v2.1 encrypted message may not successfully decrypt with a PKCS1 v1.5 implementation (such as OpenSSL).
+ */
+ const PADDING_PKCS15_COMPAT = 6;
/**#@-*/
/**#@+
@@ -98,29 +100,27 @@ class RSA
* @see self::sign()
* @see self::verify()
* @see self::setHash()
- */
+ */
/**
* Use the Probabilistic Signature Scheme for signing
*
- * Uses sha1 by default.
+ * Uses sha256 and 0 as the salt length
*
* @see self::setSaltLength()
* @see self::setMGFHash()
+ * @see self::setHash()
*/
- const SIGNATURE_PSS = 1;
+ const PADDING_PSS = 4;
/**
- * Use the PKCS#1 scheme by default.
- *
- * Although self::SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards
- * compatibility with protocols (like SSH-2) written before PSS's introduction.
+ * Use a relaxed version of PKCS#1 padding for signature verification
*/
- const SIGNATURE_PKCS1 = 2;
+ const PADDING_RELAXED_PKCS1 = 5;
/**#@-*/
/**#@+
* @access private
- * @see \phpseclib\Crypt\RSA::createKey()
- */
+ * @see self::createKey()
+ */
/**
* ASN1 Integer
*/
@@ -145,8 +145,8 @@ class RSA
/**#@+
* @access private
- * @see \phpseclib\Crypt\RSA::__construct()
- */
+ * @see self::__construct()
+ */
/**
* To use the pure-PHP implementation
*/
@@ -159,124 +159,37 @@ class RSA
const MODE_OPENSSL = 2;
/**#@-*/
- /**#@+
- * @access public
- * @see \phpseclib\Crypt\RSA::createKey()
- * @see \phpseclib\Crypt\RSA::setPrivateKeyFormat()
- */
- /**
- * PKCS#1 formatted private key
- *
- * Used by OpenSSH
- */
- const PRIVATE_FORMAT_PKCS1 = 0;
- /**
- * PuTTY formatted private key
- */
- const PRIVATE_FORMAT_PUTTY = 1;
- /**
- * XML formatted private key
- */
- const PRIVATE_FORMAT_XML = 2;
- /**
- * PKCS#8 formatted private key
- */
- const PRIVATE_FORMAT_PKCS8 = 8;
- /**
- * OpenSSH formatted private key
- */
- const PRIVATE_FORMAT_OPENSSH = 9;
- /**#@-*/
-
- /**#@+
- * @access public
- * @see \phpseclib\Crypt\RSA::createKey()
- * @see \phpseclib\Crypt\RSA::setPublicKeyFormat()
- */
- /**
- * Raw public key
- *
- * An array containing two \phpseclib\Math\BigInteger objects.
- *
- * The exponent can be indexed with any of the following:
- *
- * 0, e, exponent, publicExponent
- *
- * The modulus can be indexed with any of the following:
- *
- * 1, n, modulo, modulus
- */
- const PUBLIC_FORMAT_RAW = 3;
- /**
- * PKCS#1 formatted public key (raw)
- *
- * Used by File/X509.php
- *
- * Has the following header:
- *
- * -----BEGIN RSA PUBLIC KEY-----
- *
- * Analogous to ssh-keygen's pem format (as specified by -m)
- */
- const PUBLIC_FORMAT_PKCS1 = 4;
- const PUBLIC_FORMAT_PKCS1_RAW = 4;
- /**
- * XML formatted public key
- */
- const PUBLIC_FORMAT_XML = 5;
- /**
- * OpenSSH formatted public key
- *
- * Place in $HOME/.ssh/authorized_keys
- */
- const PUBLIC_FORMAT_OPENSSH = 6;
- /**
- * PKCS#1 formatted public key (encapsulated)
- *
- * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
- *
- * Has the following header:
- *
- * -----BEGIN PUBLIC KEY-----
- *
- * Analogous to ssh-keygen's pkcs8 format (as specified by -m). Although PKCS8
- * is specific to private keys it's basically creating a DER-encoded wrapper
- * for keys. This just extends that same concept to public keys (much like ssh-keygen)
- */
- const PUBLIC_FORMAT_PKCS8 = 7;
- /**#@-*/
-
/**
* Precomputed Zero
*
- * @var \phpseclib\Math\BigInteger
+ * @var array
* @access private
*/
- var $zero;
+ static $zero;
/**
* Precomputed One
*
- * @var \phpseclib\Math\BigInteger
+ * @var array
* @access private
*/
- var $one;
+ static $one;
/**
* Private Key Format
*
- * @var int
+ * @var string
* @access private
*/
- var $privateKeyFormat = self::PRIVATE_FORMAT_PKCS1;
+ var $privateKeyFormat = 'PKCS1';
/**
* Public Key Format
*
- * @var int
- * @access public
+ * @var string
+ * @access private
*/
- var $publicKeyFormat = self::PUBLIC_FORMAT_PKCS8;
+ var $publicKeyFormat = 'PKCS8';
/**
* Modulus (ie. n)
@@ -374,22 +287,6 @@ class RSA
*/
var $mgfHLen;
- /**
- * Encryption mode
- *
- * @var int
- * @access private
- */
- var $encryptionMode = self::ENCRYPTION_OAEP;
-
- /**
- * Signature mode
- *
- * @var int
- * @access private
- */
- var $signatureMode = self::SIGNATURE_PSS;
-
/**
* Public Exponent
*
@@ -407,46 +304,69 @@ class RSA
var $password = false;
/**
- * Components
+ * Loaded File Format
*
- * For use with parsing XML formatted keys. PHP's XML Parser functions use utilized - instead of PHP's DOM functions -
- * because PHP's XML Parser functions work on PHP4 whereas PHP's DOM functions - although surperior - don't.
- *
- * @see self::_start_element_handler()
- * @var array
+ * @var string
* @access private
*/
- var $components = array();
-
- /**
- * Current String
- *
- * For use with parsing XML formatted keys.
- *
- * @see self::_character_handler()
- * @see self::_stop_element_handler()
- * @var mixed
- * @access private
- */
- var $current;
+ var $format = false;
/**
* OpenSSL configuration file name.
*
* Set to null to use system configuration file.
+ *
* @see self::createKey()
* @var mixed
- * @Access public
+ * @access public
*/
- var $configFile;
+ static $configFile;
/**
- * Public key comment field.
+ * Supported file formats (lower case)
*
- * @var string
+ * @see self::_initialize_static_variables()
+ * @var array
* @access private
*/
- var $comment = 'phpseclib-generated-key';
+ static $fileFormats = false;
+
+ /**
+ * Supported file formats (original case)
+ *
+ * @see self::_initialize_static_variables()
+ * @var array
+ * @access private
+ */
+ static $origFileFormats = false;
+
+
+ /**
+ * Initialize static variables
+ *
+ * @access private
+ */
+ static function _initialize_static_variables()
+ {
+ if (!isset(self::$zero)) {
+ self::$zero= new BigInteger(0);
+ self::$one = new BigInteger(1);
+ self::$configFile = __DIR__ . '/../openssl.cnf';
+
+ if (self::$fileFormats === false) {
+ self::$fileFormats = array();
+ foreach (glob(__DIR__ . '/RSA/*.php') as $file) {
+ $name = pathinfo($file, PATHINFO_FILENAME);
+ $type = 'phpseclib\Crypt\RSA\\' . $name;
+ $meta = new \ReflectionClass($type);
+ if (!$meta->isAbstract()) {
+ self::$fileFormats[strtolower($name)] = $type;
+ self::$origFileFormats[] = $name;
+ }
+ }
+ }
+ }
+ }
/**
* The constructor
@@ -460,68 +380,12 @@ class RSA
*/
function __construct()
{
- $this->configFile = dirname(__FILE__) . '/../openssl.cnf';
+ self::_initialize_static_variables();
- if (!defined('CRYPT_RSA_MODE')) {
- switch (true) {
- // Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular,
- // Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger
- // can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either.
- case defined('MATH_BIGINTEGER_OPENSSL_DISABLE'):
- define('CRYPT_RSA_MODE', self::MODE_INTERNAL);
- break;
- case extension_loaded('openssl') && file_exists($this->configFile):
- // some versions of XAMPP have mismatched versions of OpenSSL which causes it not to work
- $versions = array();
-
- // avoid generating errors (even with suppression) when phpinfo() is disabled (common in production systems)
- if (strpos(ini_get('disable_functions'), 'phpinfo') === false) {
- ob_start();
- @phpinfo();
- $content = ob_get_contents();
- ob_end_clean();
-
- preg_match_all('#OpenSSL (Header|Library) Version(.*)#im', $content, $matches);
-
- if (!empty($matches[1])) {
- for ($i = 0; $i < count($matches[1]); $i++) {
- $fullVersion = trim(str_replace('=>', '', strip_tags($matches[2][$i])));
-
- // Remove letter part in OpenSSL version
- if (!preg_match('/(\d+\.\d+\.\d+)/i', $fullVersion, $m)) {
- $versions[$matches[1][$i]] = $fullVersion;
- } else {
- $versions[$matches[1][$i]] = $m[0];
- }
- }
- }
- }
-
- // it doesn't appear that OpenSSL versions were reported upon until PHP 5.3+
- switch (true) {
- case !isset($versions['Header']):
- case !isset($versions['Library']):
- case $versions['Header'] == $versions['Library']:
- case version_compare($versions['Header'], '1.0.0') >= 0 && version_compare($versions['Library'], '1.0.0') >= 0:
- define('CRYPT_RSA_MODE', self::MODE_OPENSSL);
- break;
- default:
- define('CRYPT_RSA_MODE', self::MODE_INTERNAL);
- define('MATH_BIGINTEGER_OPENSSL_DISABLE', true);
- }
- break;
- default:
- define('CRYPT_RSA_MODE', self::MODE_INTERNAL);
- }
- }
-
- $this->zero = new BigInteger();
- $this->one = new BigInteger(1);
-
- $this->hash = new Hash('sha1');
+ $this->hash = new Hash('sha256');
$this->hLen = $this->hash->getLength();
- $this->hashName = 'sha1';
- $this->mgfHash = new Hash('sha1');
+ $this->hashName = 'sha256';
+ $this->mgfHash = new Hash('sha256');
$this->mgfHLen = $this->mgfHash->getLength();
}
@@ -539,8 +403,26 @@ class RSA
* @param int $timeout
* @param array $p
*/
- function createKey($bits = 1024, $timeout = false, $partial = array())
+ static function createKey($bits = 2048, $timeout = false, $partial = array())
{
+ self::_initialize_static_variables();
+
+ if (!defined('CRYPT_RSA_MODE')) {
+ switch (true) {
+ // Math/BigInteger's openssl requirements are a little less stringent than Crypt/RSA's. in particular,
+ // Math/BigInteger doesn't require an openssl.cfg file whereas Crypt/RSA does. so if Math/BigInteger
+ // can't use OpenSSL it can be pretty trivially assumed, then, that Crypt/RSA can't either.
+ case defined('MATH_BIGINTEGER_OPENSSL_DISABLE'):
+ define('CRYPT_RSA_MODE', self::MODE_INTERNAL);
+ break;
+ case extension_loaded('openssl') && file_exists(self::$configFile):
+ define('CRYPT_RSA_MODE', self::MODE_OPENSSL);
+ break;
+ default:
+ define('CRYPT_RSA_MODE', self::MODE_INTERNAL);
+ }
+ }
+
if (!defined('CRYPT_RSA_EXPONENT')) {
// http://en.wikipedia.org/wiki/65537_%28number%29
define('CRYPT_RSA_EXPONENT', '65537');
@@ -558,16 +440,17 @@ class RSA
// OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum
if (CRYPT_RSA_MODE == self::MODE_OPENSSL && $bits >= 384 && CRYPT_RSA_EXPONENT == 65537) {
$config = array();
- if (isset($this->configFile)) {
- $config['config'] = $this->configFile;
+ if (isset(self::$configFile)) {
+ $config['config'] = self::$configFile;
}
$rsa = openssl_pkey_new(array('private_key_bits' => $bits) + $config);
- openssl_pkey_export($rsa, $privatekey, null, $config);
- $publickey = openssl_pkey_get_details($rsa);
- $publickey = $publickey['key'];
+ openssl_pkey_export($rsa, $privatekeystr, null, $config);
+ $privatekey = new RSA();
+ $privatekey->load($privatekeystr);
- $privatekey = call_user_func_array(array($this, '_convertPrivateKey'), array_values($this->_parseKey($privatekey, self::PRIVATE_FORMAT_PKCS1)));
- $publickey = call_user_func_array(array($this, '_convertPublicKey'), array_values($this->_parseKey($publickey, self::PUBLIC_FORMAT_PKCS1)));
+ $publickeyarr = openssl_pkey_get_details($rsa);
+ $publickey = new RSA();
+ $publickey->load($publickeyarr['key']);
// clear the buffer of error strings stemming from a minimalistic openssl.cnf
while (openssl_error_string() !== false) {
@@ -585,7 +468,7 @@ class RSA
$e = new BigInteger(CRYPT_RSA_EXPONENT);
}
- extract($this->_generateMinMax($bits));
+ extract(self::_generateMinMax($bits));
$absoluteMin = $min;
$temp = $bits >> 1; // divide by two to see how many bits P and Q would be
if ($temp > CRYPT_RSA_SMALLEST_PRIME) {
@@ -594,19 +477,17 @@ class RSA
} else {
$num_primes = 2;
}
- extract($this->_generateMinMax($temp + $bits % $temp));
+ extract(self::_generateMinMax($temp + $bits % $temp));
$finalMax = $max;
- extract($this->_generateMinMax($temp));
+ extract(self::_generateMinMax($temp));
- $generator = new BigInteger();
-
- $n = $this->one->copy();
+ $n = clone self::$one;
if (!empty($partial)) {
extract(unserialize($partial));
} else {
$exponents = $coefficients = $primes = array();
$lcm = array(
- 'top' => $this->one->copy(),
+ 'top' => clone self::$one,
'bottom' => false
);
}
@@ -635,12 +516,12 @@ class RSA
if ($i == $num_primes) {
list($min, $temp) = $absoluteMin->divide($n);
- if (!$temp->equals($this->zero)) {
- $min = $min->add($this->one); // ie. ceil()
+ if (!$temp->equals(self::$zero)) {
+ $min = $min->add(self::$one); // ie. ceil()
}
- $primes[$i] = $generator->randomPrime($min, $finalMax, $timeout);
+ $primes[$i] = BigInteger::randomPrime($min, $finalMax, $timeout);
} else {
- $primes[$i] = $generator->randomPrime($min, $max, $timeout);
+ $primes[$i] = BigInteger::randomPrime($min, $max, $timeout);
}
if ($primes[$i] === false) { // if we've reached the timeout
@@ -657,8 +538,8 @@ class RSA
}
return array(
- 'privatekey' => '',
- 'publickey' => '',
+ 'privatekey' => false,
+ 'publickey' => false,
'partialkey' => $partialkey
);
}
@@ -671,7 +552,7 @@ class RSA
$n = $n->multiply($primes[$i]);
- $temp = $primes[$i]->subtract($this->one);
+ $temp = $primes[$i]->subtract(self::$one);
// textbook RSA implementations use Euler's totient function instead of the least common multiple.
// see http://en.wikipedia.org/wiki/Euler%27s_totient_function
@@ -684,7 +565,7 @@ class RSA
list($temp) = $lcm['top']->divide($lcm['bottom']);
$gcd = $temp->gcd($e);
$i0 = 1;
- } while (!$gcd->equals($this->one));
+ } while (!$gcd->equals(self::$one));
$d = $e->modInverse($temp);
@@ -703,842 +584,221 @@ class RSA
// coefficient INTEGER, -- (inverse of q) mod p
// otherPrimeInfos OtherPrimeInfos OPTIONAL
// }
+ $privatekey = new RSA();
+ $privatekey->modulus = $n;
+ $privatekey->k = $bits >> 3;
+ $privatekey->publicExponent = $e;
+ $privatekey->exponent = $d;
+ $privatekey->privateExponent = $e;
+ $privatekey->primes = $primes;
+ $privatekey->exponents = $exponents;
+ $privatekey->coefficients = $coefficients;
+
+ $publickey = new RSA();
+ $publickey->modulus = $n;
+ $publickey->k = $bits >> 3;
+ $publickey->exponent = $e;
return array(
- 'privatekey' => $this->_convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients),
- 'publickey' => $this->_convertPublicKey($n, $e),
+ 'privatekey' => $privatekey,
+ 'publickey' => $publickey,
'partialkey' => false
);
}
/**
- * Convert a private key to the appropriate format.
+ * Add a fileformat plugin
*
- * @access private
- * @see self::setPrivateKeyFormat()
- * @param string $RSAPrivateKey
- * @return string
+ * The plugin needs to either already be loaded or be auto-loadable.
+ * Loading a plugin whose shortname overwrite an existing shortname will overwrite the old plugin.
+ *
+ * @see self::load()
+ * @param string $fullname
+ * @access public
+ * @return bool
*/
- function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
+ static function addFileFormat($fullname)
{
- $signed = $this->privateKeyFormat != self::PRIVATE_FORMAT_XML;
- $num_primes = count($primes);
- $raw = array(
- 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi
- 'modulus' => $n->toBytes($signed),
- 'publicExponent' => $e->toBytes($signed),
- 'privateExponent' => $d->toBytes($signed),
- 'prime1' => $primes[1]->toBytes($signed),
- 'prime2' => $primes[2]->toBytes($signed),
- 'exponent1' => $exponents[1]->toBytes($signed),
- 'exponent2' => $exponents[2]->toBytes($signed),
- 'coefficient' => $coefficients[2]->toBytes($signed)
- );
+ self::_initialize_static_variables();
- // if the format in question does not support multi-prime rsa and multi-prime rsa was used,
- // call _convertPublicKey() instead.
- switch ($this->privateKeyFormat) {
- case self::PRIVATE_FORMAT_XML:
- if ($num_primes != 2) {
- return false;
- }
- return "' . base64_encode($raw['prime1']) . "
\r\n" . - '' . base64_encode($raw['prime2']) . "\r\n" . - '
' . $log . ''; + return $this->_format_log($this->message_log, $this->message_number_log); + break; default: return false; } @@ -4516,6 +3969,8 @@ class SSH2 * is recommended. Returns false if the server signature is not signed correctly with the public host key. * * @return mixed + * @throws \RuntimeException on badly formatted keys + * @throws \phpseclib\Exception\NoSupportedAlgorithmsException when the key isn't in a supported format * @access public */ function getServerPublicHostKey() @@ -4529,15 +3984,12 @@ class SSH2 $signature = $this->signature; $server_public_host_key = $this->server_public_host_key; - if (strlen($server_public_host_key) < 4) { - return false; - } extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4))); $this->_string_shift($server_public_host_key, $length); if ($this->signature_validated) { return $this->bitmap ? - $this->signature_format . ' ' . base64_encode($this->server_public_host_key) : + $this->signature_format . ' ' . Base64::encode($this->server_public_host_key) : false; } @@ -4547,27 +3999,15 @@ class SSH2 case 'ssh-dss': $zero = new BigInteger(); - if (strlen($server_public_host_key) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $p = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); - if (strlen($server_public_host_key) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $q = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); - if (strlen($server_public_host_key) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $g = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); - if (strlen($server_public_host_key) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $y = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); @@ -4576,8 +4016,8 @@ class SSH2 padding, unsigned, and in network byte order). */ $temp = unpack('Nlength', $this->_string_shift($signature, 4)); if ($temp['length'] != 40) { - user_error('Invalid signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Invalid signature'); } $r = new BigInteger($this->_string_shift($signature, 20), 256); @@ -4588,8 +4028,8 @@ class SSH2 case $r->compare($q) >= 0: case $s->equals($zero): case $s->compare($q) >= 0: - user_error('Invalid signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Invalid signature'); } $w = $s->modInverse($q); @@ -4608,60 +4048,33 @@ class SSH2 list(, $v) = $v->divide($q); if (!$v->equals($r)) { - user_error('Bad server signature'); + //user_error('Bad server signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } break; case 'ssh-rsa': - case 'rsa-sha2-256': - case 'rsa-sha2-512': - if (strlen($server_public_host_key) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $e = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); - if (strlen($server_public_host_key) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $rawN = $this->_string_shift($server_public_host_key, $temp['length']); $n = new BigInteger($rawN, -256); $nLength = strlen(ltrim($rawN, "\0")); /* - if (strlen($signature) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($signature, 4)); $signature = $this->_string_shift($signature, $temp['length']); $rsa = new RSA(); - switch ($this->signature_format) { - case 'rsa-sha2-512': - $hash = 'sha512'; - break; - case 'rsa-sha2-256': - $hash = 'sha256'; - break; - //case 'ssh-rsa': - default: - $hash = 'sha1'; - } - $rsa->setHash($hash); - $rsa->setSignatureMode(RSA::SIGNATURE_PKCS1); - $rsa->loadKey(array('e' => $e, 'n' => $n), RSA::PUBLIC_FORMAT_RAW); - - if (!$rsa->verify($this->exchange_hash, $signature)) { - user_error('Bad server signature'); + $rsa->load(array('e' => $e, 'n' => $n), 'raw'); + $rsa->setHash('sha1'); + if (!$rsa->verify($this->exchange_hash, $signature, RSA::PADDING_PKCS1)) { + //user_error('Bad server signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } */ - if (strlen($signature) < 4) { - return false; - } $temp = unpack('Nlength', $this->_string_shift($signature, 4)); $s = new BigInteger($this->_string_shift($signature, $temp['length']), 256); @@ -4672,50 +4085,27 @@ class SSH2 // also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source. if ($s->compare(new BigInteger()) < 0 || $s->compare($n->subtract(new BigInteger(1))) > 0) { - user_error('Invalid signature'); - return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new \RuntimeException('Invalid signature'); } $s = $s->modPow($e, $n); $s = $s->toBytes(); - switch ($this->signature_format) { - case 'rsa-sha2-512': - $hash = 'sha512'; - break; - case 'rsa-sha2-256': - $hash = 'sha256'; - break; - //case 'ssh-rsa': - default: - $hash = 'sha1'; - } - $hashObj = new Hash($hash); - switch ($this->signature_format) { - case 'rsa-sha2-512': - $h = pack('N5a*', 0x00305130, 0x0D060960, 0x86480165, 0x03040203, 0x05000440, $hashObj->hash($this->exchange_hash)); - break; - case 'rsa-sha2-256': - $h = pack('N5a*', 0x00303130, 0x0D060960, 0x86480165, 0x03040201, 0x05000420, $hashObj->hash($this->exchange_hash)); - break; - //case 'ssh-rsa': - default: - $hash = 'sha1'; - $h = pack('N4a*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, $hashObj->hash($this->exchange_hash)); - } + $h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->exchange_hash)); $h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 2 - strlen($h)) . $h; if ($s != $h) { - user_error('Bad server signature'); + //user_error('Bad server signature'); return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); } break; default: - user_error('Unsupported signature format'); - return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE); + throw new NoSupportedAlgorithmsException('Unsupported signature format'); } - return $this->signature_format . ' ' . base64_encode($this->server_public_host_key); + return $this->signature_format . ' ' . Base64::encode($this->server_public_host_key); } /** @@ -4788,4 +4178,47 @@ class SSH2 $this->windowColumns = $columns; $this->windowRows = $rows; } + + /** + * @return string + */ + function __toString() + { + return $this->getResourceId(); + } + + /** + * We use {} because that symbols should not be in URL according to + * {@link http://tools.ietf.org/html/rfc3986#section-2 RFC}. + * It will safe us from any conflicts, because otherwise regexp will + * match all alphanumeric domains. + * + * @return string + */ + function getResourceId() + { + return '{' . spl_object_hash($this) . '}'; + } + + /** + * Return existing connection + * + * @param string $id + * + * @return bool|SSH2 will return false if no such connection + */ + static function getConnectionByResourceId($id) + { + return isset(self::$connections[$id]) ? self::$connections[$id] : false; + } + + /** + * Return all excising connections + * + * @return SSH2[] + */ + static function getConnections() + { + return self::$connections; + } } diff --git a/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php b/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php index 99dcecfe62..23bf027a42 100644 --- a/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php +++ b/vendor/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php @@ -33,7 +33,9 @@ namespace phpseclib\System\SSH; +use ParagonIE\ConstantTime\Base64; use phpseclib\Crypt\RSA; +use phpseclib\Exception\BadConfigurationException; use phpseclib\System\SSH\Agent\Identity; /** @@ -43,7 +45,7 @@ use phpseclib\System\SSH\Agent\Identity; * * @package SSH\Agent * @author Jim Wigginton