mirror of
https://github.com/danog/phpseclib.git
synced 2024-11-26 20:35:21 +01:00
- added SSH2.php and HMAC.php
- fixed issue with the IV's in TripleDES.php and DES.php - fixed decryption in TripleDES.php using CRYPT_DES_MODE_INTERNAL - renamed CRYPT_DES_MODE_SSH to CRYPT_DES_MODE_3CBC - added CRYPT_DES_MODE_CBC3 as an alias for CRYPT_DES_MODE_CBC - fixed issue with RC4.php using CRYPT_RC4_MODE_MCRYPT git-svn-id: http://phpseclib.svn.sourceforge.net/svnroot/phpseclib/trunk@4 21d32557-59b3-4da0-833f-c5933fad653e
This commit is contained in:
parent
367ddebf80
commit
df0fe2386a
@ -53,7 +53,7 @@
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright MMVII Jim Wigginton
|
||||
* @license http://www.gnu.org/licenses/lgpl.txt
|
||||
* @version $Id: DES.php,v 1.1 2007-07-02 04:19:47 terrafrost Exp $
|
||||
* @version $Id: DES.php,v 1.2 2007-07-23 05:21:39 terrafrost Exp $
|
||||
* @link http://pear.php.net/package/Crypt_DES
|
||||
*/
|
||||
|
||||
@ -264,7 +264,7 @@ class Crypt_DES {
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
$this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));;
|
||||
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -521,7 +521,7 @@ class Crypt_DES {
|
||||
return $text;
|
||||
}
|
||||
|
||||
$length = ord($text{strlen($text) - 1});
|
||||
$length = ord($text[strlen($text) - 1]);
|
||||
return substr($text, 0, -$length);
|
||||
}
|
||||
|
||||
|
200
phpseclib/Crypt/HMAC.php
Normal file
200
phpseclib/Crypt/HMAC.php
Normal file
@ -0,0 +1,200 @@
|
||||
<?php
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see Crypt_HMAC::Crypt_HMAC()
|
||||
*/
|
||||
/**
|
||||
* Toggles the internal implementation
|
||||
*/
|
||||
define('CRYPT_HMAC_MODE_INTERNAL', 1);
|
||||
/**
|
||||
* Toggles the mhash() implementation, which has been deprecated on PHP 5.3.0+.
|
||||
*/
|
||||
define('CRYPT_HMAC_MODE_MHASH', 2);
|
||||
/**
|
||||
* Toggles the hash() implementation, which works on PHP 5.1.2+.
|
||||
*/
|
||||
define('CRYPT_HMAC_MODE_HASH', 3);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of keyed-hash message authentication codes (HMACs).
|
||||
*
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @version 0.1.0
|
||||
* @access public
|
||||
* @package Crypt_HMAC
|
||||
*/
|
||||
class Crypt_HMAC {
|
||||
/**
|
||||
* Byte-length of compression blocks
|
||||
*
|
||||
* The following URL provides more information:
|
||||
*
|
||||
* {@link http://tools.ietf.org/html/rfc2104#section-2 http://tools.ietf.org/html/rfc2104#section-2}
|
||||
*
|
||||
* @see Crypt_HMAC::setHash()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $b;
|
||||
|
||||
/**
|
||||
* Byte-length of hash outputs
|
||||
*
|
||||
* @see Crypt_HMAC::setHash()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $l;
|
||||
|
||||
/**
|
||||
* Hash Algorithm
|
||||
*
|
||||
* @see Crypt_HMAC::setHash()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $hash;
|
||||
|
||||
/**
|
||||
* Key
|
||||
*
|
||||
* @see Crypt_HMAC::setKey()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $key = '';
|
||||
|
||||
/**
|
||||
* Outer XOR
|
||||
*
|
||||
* @see Crypt_HMAC::setKey()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $opad;
|
||||
|
||||
/**
|
||||
* Inner XOR
|
||||
*
|
||||
* @see Crypt_HMAC::setKey()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $ipad;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* @return Crypt_HMAC
|
||||
* @access public
|
||||
*/
|
||||
function Crypt_HMAC()
|
||||
{
|
||||
if ( !defined('CRYPT_HMAC_MODE') ) {
|
||||
switch (true) {
|
||||
case extension_loaded('hash'):
|
||||
define('CRYPT_HMAC_MODE', CRYPT_HMAC_MODE_HASH);
|
||||
break;
|
||||
case extension_loaded('mhash'):
|
||||
define('CRYPT_HMAC_MODE', CRYPT_HMAC_MODE_MHASH);
|
||||
break;
|
||||
default:
|
||||
define('CRYPT_HMAC_MODE', CRYPT_HMAC_MODE_INTERNAL);
|
||||
}
|
||||
}
|
||||
|
||||
$this->setHash('sha1');
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key.
|
||||
*
|
||||
* @access public
|
||||
* @param String $key
|
||||
*/
|
||||
function setKey($key)
|
||||
{
|
||||
$this->key = $key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the hash function.
|
||||
*
|
||||
* Currently, only 'sha1' and 'md5' are supported. If you do not supply a valid $hash, 'sha1' will be used.
|
||||
*
|
||||
* @access public
|
||||
* @param String $hash
|
||||
*/
|
||||
function setHash($hash)
|
||||
{
|
||||
switch (CRYPT_HMAC_MODE) {
|
||||
case CRYPT_HMAC_MODE_MHASH:
|
||||
switch ($hash) {
|
||||
case 'md5':
|
||||
$this->hash = MHASH_MD5;
|
||||
break;
|
||||
case 'sha1':
|
||||
default:
|
||||
$this->hash = MHASH_SHA1;
|
||||
}
|
||||
return;
|
||||
case CRYPT_HMAC_MODE_HASH:
|
||||
switch ($hash) {
|
||||
case 'md5':
|
||||
case 'sha1':
|
||||
$this->hash = $hash;
|
||||
return;
|
||||
default:
|
||||
$this->hash = 'sha1';
|
||||
}
|
||||
}
|
||||
|
||||
switch ($hash) {
|
||||
case 'md5':
|
||||
$this->b = 64;
|
||||
$this->l = 16;
|
||||
$this->hash = 'md5';
|
||||
break;
|
||||
case 'sha1':
|
||||
default:
|
||||
$this->b = 64;
|
||||
$this->l = 20;
|
||||
$this->hash = 'sha1';
|
||||
}
|
||||
|
||||
$this->ipad = str_repeat(chr(0x36), $this->b);
|
||||
$this->opad = str_repeat(chr(0x5C), $this->b);
|
||||
}
|
||||
|
||||
/**
|
||||
* Compute the HMAC.
|
||||
*
|
||||
* @access public
|
||||
* @param String $text
|
||||
*/
|
||||
function hmac($text)
|
||||
{
|
||||
switch (CRYPT_HMAC_MODE) {
|
||||
case CRYPT_HMAC_MODE_MHASH:
|
||||
return mhash($this->hash, $text, $this->key);
|
||||
case CRYPT_HMAC_MODE_HASH:
|
||||
return hash_hmac($this->hash, $text, $this->key, true);
|
||||
}
|
||||
|
||||
$hash = $this->hash;
|
||||
|
||||
$key = strlen($this->key) > $this->b ? $this->hash($this->key) : $this->key;
|
||||
$key = str_pad($key, $this->b, chr(0)); // step 1
|
||||
$temp = $this->ipad ^ $key; // step 2
|
||||
$temp.= $text; // step 3
|
||||
$temp = pack('H*', $hash($temp)); // step 4
|
||||
$hmac = $this->opad ^ $key; // step 5
|
||||
$hmac.= $temp; // step 6
|
||||
$hmac = pack('H*', $hash($hmac)); // step 7
|
||||
|
||||
return $hmac;
|
||||
}
|
||||
}
|
@ -55,7 +55,7 @@
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright MMVII Jim Wigginton
|
||||
* @license http://www.gnu.org/licenses/lgpl.txt
|
||||
* @version $Id: RC4.php,v 1.1 2007-07-02 04:19:47 terrafrost Exp $
|
||||
* @version $Id: RC4.php,v 1.2 2007-07-23 05:21:39 terrafrost Exp $
|
||||
* @link http://pear.php.net/package/Crypt_RC4
|
||||
*/
|
||||
|
||||
@ -139,6 +139,15 @@ class Crypt_RC4 {
|
||||
*/
|
||||
var $decryptIndex = 0;
|
||||
|
||||
/**
|
||||
* MCrypt parameters
|
||||
*
|
||||
* @see Crypt_RC4::setMCrypt()
|
||||
* @var Array
|
||||
* @access private
|
||||
*/
|
||||
var $mcrypt = array('', '');
|
||||
|
||||
/**
|
||||
* The Encryption Algorithm
|
||||
*
|
||||
@ -168,6 +177,14 @@ class Crypt_RC4 {
|
||||
// but since that can be changed after the object has been created, there doesn't seem to be
|
||||
// a lot of point...
|
||||
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_MCRYPT);
|
||||
break;
|
||||
default:
|
||||
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_INTERNAL);
|
||||
}
|
||||
}
|
||||
|
||||
switch ( CRYPT_RC4_MODE ) {
|
||||
case CRYPT_RC4_MODE_MCRYPT:
|
||||
switch (true) {
|
||||
case defined('MCRYPT_ARCFOUR'):
|
||||
$this->mode = MCRYPT_ARCFOUR;
|
||||
@ -175,12 +192,6 @@ class Crypt_RC4 {
|
||||
case defined('MCRYPT_RC4');
|
||||
$this->mode = MCRYPT_RC4;
|
||||
}
|
||||
$this->encryptStream = @mcrypt_module_open($this->mode, '', MCRYPT_MODE_STREAM, '');
|
||||
$this->decryptStream = @mcrypt_module_open($this->mode, '', MCRYPT_MODE_STREAM, '');
|
||||
break;
|
||||
default:
|
||||
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_INTERNAL);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -188,18 +199,7 @@ class Crypt_RC4 {
|
||||
* Sets the key.
|
||||
*
|
||||
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
|
||||
* be used. If no key is explicitly set, it'll be assumed to be a single null byte. Some protocols, such
|
||||
* as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1]. If you need
|
||||
* to use an initialization vector in this manner, feel free to preend it to the key, yourself, before
|
||||
* calling this function.
|
||||
*
|
||||
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
||||
* the IV's are relatively easy to predict, an attack described by
|
||||
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
||||
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
||||
*
|
||||
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
||||
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
||||
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
|
||||
*
|
||||
* @access public
|
||||
* @param String $key
|
||||
@ -229,6 +229,29 @@ class Crypt_RC4 {
|
||||
$this->encryptStream = $this->decryptStream = $keyStream;
|
||||
}
|
||||
|
||||
/**
|
||||
* Dummy function.
|
||||
*
|
||||
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
||||
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
||||
* calling setKey().
|
||||
*
|
||||
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
||||
* the IV's are relatively easy to predict, an attack described by
|
||||
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
||||
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
||||
*
|
||||
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
||||
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
||||
*
|
||||
* @param String $iv
|
||||
* @see Crypt_RC4::setKey()
|
||||
* @access public
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets MCrypt parameters. (optional)
|
||||
*
|
||||
@ -241,8 +264,10 @@ class Crypt_RC4 {
|
||||
*/
|
||||
function setMCrypt($algorithm_directory, $mode_directory)
|
||||
{
|
||||
$this->encryptStream = @mcrypt_module_open($this->mode, $algorithm_directory, MCRYPT_MODE_STREAM, $mode_directory);
|
||||
$this->decryptStream = @mcrypt_module_open($this->mode, $algorithm_directory, MCRYPT_MODE_STREAM, $mode_directory);
|
||||
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
||||
$this->mcrypt = array($algorithm_directory, $mode_directory);
|
||||
$this->_closeMCrypt();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -280,6 +305,23 @@ class Crypt_RC4 {
|
||||
* @param Integer $mode
|
||||
*/
|
||||
function _crypt($text, $mode) {
|
||||
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
||||
$keyStream = $mode == CRYPT_RC4_ENCRYPT ? 'encryptStream' : 'decryptStream';
|
||||
|
||||
if ($this->$keyStream === false) {echo "crypt-toe'ing $keyStream";
|
||||
$this->$keyStream = mcrypt_module_open($this->mode, $this->mcrypt[0], MCRYPT_MODE_STREAM, $this->mcrypt[1]);
|
||||
mcrypt_generic_init($this->$keyStream, $this->key, '');
|
||||
} else if (!$this->continuousBuffer) {
|
||||
mcrypt_generic_init($this->$keyStream, $this->key, '');
|
||||
}
|
||||
$newText = mcrypt_generic($this->$keyStream, $text);
|
||||
if (!$this->continuousBuffer) {
|
||||
mcrypt_generic_deinit($this->$keyStream);
|
||||
}
|
||||
|
||||
return $newText;
|
||||
}
|
||||
|
||||
switch ($mode) {
|
||||
case CRYPT_RC4_ENCRYPT:
|
||||
$keyStream = $this->encryptStream;
|
||||
@ -290,18 +332,6 @@ class Crypt_RC4 {
|
||||
list($i, $j) = $this->decryptIndex;
|
||||
}
|
||||
|
||||
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
||||
if (!$this->continuousBuffer) {
|
||||
mcrypt_generic_init($keyStream, $this->key, '');
|
||||
}
|
||||
$newText = mcrypt_generic($keyStream, $text);
|
||||
if (!$this->continuousBuffer) {
|
||||
mcrypt_generic_deinit($keyStream);
|
||||
}
|
||||
|
||||
return $newText;
|
||||
}
|
||||
|
||||
$newText = '';
|
||||
for ($k = 0; $k < strlen($text); $k++) {
|
||||
$i = ($i + 1) & 255;
|
||||
@ -367,14 +397,6 @@ class Crypt_RC4 {
|
||||
*/
|
||||
function enableContinuousBuffer()
|
||||
{
|
||||
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
||||
$this->encryptStream = mcrypt_module_open($this->mode, $this->mcrypt[0], MCRYPT_MODE_STREAM, $this->mcrypt[1]);
|
||||
$this->decryptStream = mcrypt_module_open($this->mode, $this->mcrypt[0], MCRYPT_MODE_STREAM, $this->mcrypt[1]);
|
||||
|
||||
mcrypt_generic_init($this->encryptStream, $this->key, '');
|
||||
mcrypt_generic_init($this->decryptStream, $this->key, '');
|
||||
}
|
||||
|
||||
$this->continuousBuffer = true;
|
||||
}
|
||||
|
||||
@ -396,6 +418,29 @@ class Crypt_RC4 {
|
||||
$this->continuousBuffer = false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Dummy function.
|
||||
*
|
||||
* Since RC4 is a stream cipher and not a block cipher, no padding is necessary. The only reason this function is
|
||||
* included is so that you can switch between a block cipher and a stream cipher transparently.
|
||||
*
|
||||
* @see Crypt_RC4::disablePadding()
|
||||
* @access public
|
||||
*/
|
||||
function enablePadding()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Dummy function.
|
||||
*
|
||||
* @see Crypt_RC4::enablePadding()
|
||||
* @access public
|
||||
*/
|
||||
function disablePadding()
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Class destructor.
|
||||
*
|
||||
@ -404,18 +449,38 @@ class Crypt_RC4 {
|
||||
*
|
||||
* @access public
|
||||
*/
|
||||
function __destruct() {
|
||||
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT && isset($this->encryptStream) ) {
|
||||
function __destruct()
|
||||
{
|
||||
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
||||
$this->_closeMCrypt();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Properly close the MCrypt objects.
|
||||
*
|
||||
* @access prviate
|
||||
*/
|
||||
function _closeMCrypt()
|
||||
{
|
||||
if ( $this->encryptStream !== false ) {
|
||||
if ( $this->continuousBuffer ) {
|
||||
mcrypt_generic_deinit($this->encryptStream);
|
||||
mcrypt_generic_deinit($this->decryptStream);
|
||||
}
|
||||
|
||||
mcrypt_module_close($this->encryptStream);
|
||||
|
||||
$this->encryptStream = false;
|
||||
}
|
||||
|
||||
if ( $this->decryptStream !== false ) {
|
||||
if ( $this->continuousBuffer ) {
|
||||
mcrypt_generic_deinit($this->decryptStream);
|
||||
}
|
||||
|
||||
mcrypt_module_close($this->decryptStream);
|
||||
|
||||
unset($this->encryptStream);
|
||||
unset($this->decryptStream);
|
||||
$this->decryptStream = false;
|
||||
}
|
||||
}
|
||||
}
|
@ -35,7 +35,7 @@
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright MMVII Jim Wigginton
|
||||
* @license http://www.gnu.org/licenses/lgpl.txt
|
||||
* @version $Id: Random.php,v 1.1 2007-07-02 04:19:47 terrafrost Exp $
|
||||
* @version $Id: Random.php,v 1.2 2007-07-23 05:21:39 terrafrost Exp $
|
||||
* @link http://pear.php.net/package/Crypt_Random
|
||||
*/
|
||||
|
||||
|
@ -4,7 +4,7 @@
|
||||
/**
|
||||
* Pure-PHP implementations of Triple DES.
|
||||
*
|
||||
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
||||
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
@ -47,7 +47,7 @@
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright MMVII Jim Wigginton
|
||||
* @license http://www.gnu.org/licenses/lgpl.txt
|
||||
* @version $Id: TripleDES.php,v 1.1 2007-07-02 04:19:47 terrafrost Exp $
|
||||
* @version $Id: TripleDES.php,v 1.2 2007-07-23 05:21:39 terrafrost Exp $
|
||||
* @link http://pear.php.net/package/Crypt_TripleDES
|
||||
*/
|
||||
|
||||
@ -57,11 +57,18 @@
|
||||
require_once 'DES.php';
|
||||
|
||||
/**
|
||||
* Encrypt / decrypt using a method required by SSHv1
|
||||
* Encrypt / decrypt using inner chaining
|
||||
*
|
||||
* mcrypt does a single XOR operation for each block in CBC mode. SSHv1 requires three XOR operations.
|
||||
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
||||
*/
|
||||
define('CRYPT_DES_MODE_SSH', 3);
|
||||
define('CRYPT_DES_MODE_3CBC', 3);
|
||||
|
||||
/**
|
||||
* Encrypt / decrypt using outer chaining
|
||||
*
|
||||
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
||||
*/
|
||||
define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC);
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of Triple DES.
|
||||
@ -69,7 +76,7 @@ define('CRYPT_DES_MODE_SSH', 3);
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @version 0.1.0
|
||||
* @access public
|
||||
* @package Crypt_DES
|
||||
* @package Crypt_TerraDES
|
||||
*/
|
||||
class Crypt_TripleDES {
|
||||
/**
|
||||
@ -177,13 +184,19 @@ class Crypt_TripleDES {
|
||||
}
|
||||
}
|
||||
|
||||
if ( $mode == CRYPT_DES_MODE_SSH ) {
|
||||
$this->mode = CRYPT_DES_MODE_SSH;
|
||||
if ( $mode == CRYPT_DES_MODE_3CBC ) {
|
||||
$this->mode = CRYPT_DES_MODE_3CBC;
|
||||
$this->des = array(
|
||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
||||
new Crypt_DES(CRYPT_DES_MODE_CBC)
|
||||
);
|
||||
|
||||
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
||||
$this->des[0]->disablePadding();
|
||||
$this->des[1]->disablePadding();
|
||||
$this->des[2]->disablePadding();
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
@ -205,6 +218,11 @@ class Crypt_TripleDES {
|
||||
new Crypt_DES(CRYPT_DES_MODE_ECB)
|
||||
);
|
||||
|
||||
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
||||
$this->des[0]->disablePadding();
|
||||
$this->des[1]->disablePadding();
|
||||
$this->des[2]->disablePadding();
|
||||
|
||||
switch ($mode) {
|
||||
case CRYPT_DES_MODE_ECB:
|
||||
case CRYPT_DES_MODE_CBC:
|
||||
@ -236,26 +254,15 @@ class Crypt_TripleDES {
|
||||
$key = str_pad($key, 24, chr(0));
|
||||
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
||||
// http://php.net/function.mcrypt-encrypt#47973
|
||||
$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : $key;
|
||||
$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
||||
}
|
||||
$this->key = $key;
|
||||
switch (true) {
|
||||
case CRYPT_DES_MODE == CRYPT_DES_MODE_INTERNAL:
|
||||
case $this->mode == CRYPT_DES_MODE_SSH:
|
||||
case $this->mode == CRYPT_DES_MODE_3CBC:
|
||||
$this->des[0]->setKey(substr($key, 0, 8));
|
||||
$this->des[1]->setKey(substr($key, 8, 8));
|
||||
$this->des[2]->setKey(substr($key, 16, 8));
|
||||
|
||||
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
||||
$this->des[0]->disablePadding();
|
||||
$this->des[1]->disablePadding();
|
||||
$this->des[2]->disablePadding();
|
||||
}
|
||||
|
||||
if ($this->mode == CRYPT_DES_MODE_SSH) {
|
||||
$this->des[0]->enableContinuousBuffer();
|
||||
$this->des[1]->enableContinuousBuffer();
|
||||
$this->des[2]->enableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
@ -270,7 +277,12 @@ class Crypt_TripleDES {
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
$this->iv = str_pad(substr($key, 0, 8), 8, chr(0));;
|
||||
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
|
||||
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
||||
$this->des[0]->setIV($iv);
|
||||
$this->des[1]->setIV($iv);
|
||||
$this->des[2]->setIV($iv);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -286,7 +298,7 @@ class Crypt_TripleDES {
|
||||
function setMCrypt($algorithm_directory, $mode_directory)
|
||||
{
|
||||
$this->mcrypt = array($algorithm_directory, $mode_directory);
|
||||
if ( $this->mode == CRYPT_DES_MODE_SSH ) {
|
||||
if ( $this->mode == CRYPT_DES_MODE_3CBC ) {
|
||||
$this->des[0]->setMCrypt($algorithm_directory, $mode_directory);
|
||||
$this->des[1]->setMCrypt($algorithm_directory, $mode_directory);
|
||||
$this->des[2]->setMCrypt($algorithm_directory, $mode_directory);
|
||||
@ -301,17 +313,17 @@ class Crypt_TripleDES {
|
||||
*/
|
||||
function encrypt($plaintext)
|
||||
{
|
||||
if ($this->padding) {
|
||||
$plaintext = $this->_pad($plaintext);
|
||||
}
|
||||
|
||||
// if the key is smaller then 8, do what we'd normally do
|
||||
if ($this->mode == CRYPT_DES_MODE_SSH && strlen($this->key) > 8) {
|
||||
if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
|
||||
$ciphertext = $this->des[2]->encrypt($this->des[1]->decrypt($this->des[0]->encrypt($plaintext)));
|
||||
|
||||
return $ciphertext;
|
||||
}
|
||||
|
||||
if ($this->padding) {
|
||||
$plaintext = $this->_pad($plaintext);
|
||||
}
|
||||
|
||||
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
||||
$td = mcrypt_module_open(MCRYPT_3DES, $this->mcrypt[0], $this->mode, $this->mcrypt[1]);
|
||||
mcrypt_generic_init($td, $this->key, $this->encryptIV);
|
||||
@ -375,10 +387,10 @@ class Crypt_TripleDES {
|
||||
*/
|
||||
function decrypt($ciphertext)
|
||||
{
|
||||
if ($this->mode == CRYPT_DES_MODE_SSH && strlen($this->key) > 8) {
|
||||
if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
|
||||
$plaintext = $this->des[0]->decrypt($this->des[1]->encrypt($this->des[2]->decrypt($ciphertext)));
|
||||
|
||||
return $plaintext;
|
||||
return $this->_unpad($plaintext);
|
||||
}
|
||||
|
||||
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
||||
@ -404,7 +416,7 @@ class Crypt_TripleDES {
|
||||
if (strlen($this->key) <= 8) {
|
||||
$this->des[0]->mode = $this->mode;
|
||||
|
||||
return $this->des[0]->decrypt($plaintext);
|
||||
return $this->_unpad($this->des[0]->decrypt($plaintext));
|
||||
}
|
||||
|
||||
$plaintext = '';
|
||||
@ -412,9 +424,9 @@ class Crypt_TripleDES {
|
||||
case CRYPT_DES_MODE_ECB:
|
||||
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
||||
$block = substr($ciphertext, $i, 8);
|
||||
$block = $this->des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
||||
$block = $this->des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
||||
$block = $this->des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
|
||||
$block = $this->des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
||||
$block = $this->des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
||||
$plaintext.= $block;
|
||||
}
|
||||
break;
|
||||
@ -422,9 +434,9 @@ class Crypt_TripleDES {
|
||||
$xor = $this->decryptIV;
|
||||
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
||||
$orig = $block = substr($ciphertext, $i, 8);
|
||||
$block = $this->des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
||||
$block = $this->des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
||||
$block = $this->des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
|
||||
$block = $this->des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
||||
$block = $this->des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
||||
$plaintext.= $block ^ $xor;
|
||||
$xor = $orig;
|
||||
}
|
||||
@ -476,6 +488,11 @@ class Crypt_TripleDES {
|
||||
function enableContinuousBuffer()
|
||||
{
|
||||
$this->continuousBuffer = true;
|
||||
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
||||
$this->des[0]->enableContinuousBuffer();
|
||||
$this->des[1]->enableContinuousBuffer();
|
||||
$this->des[2]->enableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -491,6 +508,12 @@ class Crypt_TripleDES {
|
||||
$this->continuousBuffer = false;
|
||||
$this->encryptIV = $this->iv;
|
||||
$this->decryptIV = $this->iv;
|
||||
|
||||
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
||||
$this->des[0]->disableContinuousBuffer();
|
||||
$this->des[1]->disableContinuousBuffer();
|
||||
$this->des[2]->disableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -554,7 +577,7 @@ class Crypt_TripleDES {
|
||||
return $text;
|
||||
}
|
||||
|
||||
$length = ord($text{strlen($text) - 1});
|
||||
$length = ord($text[strlen($text) - 1]);
|
||||
return substr($text, 0, -$length);
|
||||
}
|
||||
}
|
||||
|
@ -69,7 +69,7 @@
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright MMVI Jim Wigginton
|
||||
* @license http://www.gnu.org/licenses/lgpl.txt
|
||||
* @version $Id: BigInteger.php,v 1.1 2007-07-02 04:19:47 terrafrost Exp $
|
||||
* @version $Id: BigInteger.php,v 1.2 2007-07-23 05:21:39 terrafrost Exp $
|
||||
* @link http://pear.php.net/package/Math_BigInteger
|
||||
*/
|
||||
|
||||
@ -1076,7 +1076,7 @@ class Math_BigInteger {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $temp->modPow($e,$n);
|
||||
return $temp->modPow($e, $n);
|
||||
}
|
||||
|
||||
switch ( MATH_BIGINTEGER_MODE ) {
|
||||
@ -1158,9 +1158,6 @@ class Math_BigInteger {
|
||||
* however, this function performs a modular reduction after every multiplication and squaring operation.
|
||||
* As such, this function has the same preconditions that the reductions being used do.
|
||||
*
|
||||
* The window size is calculated in the same fashion that the window size in BigInteger.java's oddModPow
|
||||
* function is.
|
||||
*
|
||||
* @param Math_BigInteger $e
|
||||
* @param Math_BigInteger $n
|
||||
* @param Integer $mode
|
||||
@ -1169,7 +1166,8 @@ class Math_BigInteger {
|
||||
*/
|
||||
function _slidingWindow($e, $n, $mode)
|
||||
{
|
||||
static $window_ranges = array(7, 25, 81, 241, 673, 1793);
|
||||
static $window_ranges = array(7, 25, 81, 241, 673, 1793); // from BigInteger.java's oddModPow function
|
||||
//static $window_ranges = array(0, 7, 36, 140, 450, 1303, 3529); // from MPM 7.3.1
|
||||
|
||||
$e_length = count($e->value) - 1;
|
||||
$e_bits = decbin($e->value[$e_length]);
|
||||
@ -1227,13 +1225,13 @@ class Math_BigInteger {
|
||||
$result = $result->$undo($n);
|
||||
|
||||
for ($i = 0; $i < $e_length; ) {
|
||||
if ( !$e_bits{$i} ) {
|
||||
if ( !$e_bits[$i] ) {
|
||||
$result = $result->_square();
|
||||
$result = $result->$reduce($n);
|
||||
$i++;
|
||||
} else {
|
||||
for ($j = $window_size - 1; $j >= 0; $j--) {
|
||||
if ( $e_bits{$i + $j} ) {
|
||||
if ( $e_bits[$i + $j] ) {
|
||||
break;
|
||||
}
|
||||
}
|
||||
@ -2091,8 +2089,8 @@ class Math_BigInteger {
|
||||
|
||||
$carry = 0;
|
||||
for ($i = strlen($x) - 1; $i >= 0; $i--) {
|
||||
$temp = ord($x{$i}) << $shift | $carry;
|
||||
$x{$i} = chr($temp);
|
||||
$temp = ord($x[$i]) << $shift | $carry;
|
||||
$x[$i] = chr($temp);
|
||||
$carry = $temp >> 8;
|
||||
}
|
||||
$carry = ($carry != 0) ? chr($carry) : '';
|
||||
@ -2127,11 +2125,11 @@ class Math_BigInteger {
|
||||
}
|
||||
|
||||
$carry = 0;
|
||||
$carry_shift = 8-$shift;
|
||||
$carry_shift = 8 - $shift;
|
||||
for ($i = 0; $i < strlen($x); $i++) {
|
||||
$temp = (ord($x{$i}) >> $shift) | $carry;
|
||||
$carry = (ord($x{$i}) << $carry_shift) & 0xFF;
|
||||
$x{$i} = chr($temp);
|
||||
$temp = (ord($x[$i]) >> $shift) | $carry;
|
||||
$carry = (ord($x[$i]) << $carry_shift) & 0xFF;
|
||||
$x[$i] = chr($temp);
|
||||
}
|
||||
$x = ltrim($x, chr(0));
|
||||
|
||||
|
1323
phpseclib/Net/SSH2.php
Normal file
1323
phpseclib/Net/SSH2.php
Normal file
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue
Block a user