1
0
mirror of https://github.com/danog/tgseclib.git synced 2024-12-17 11:26:59 +01:00
tgseclib/phpseclib/Crypt/RC4.php

340 lines
8.4 KiB
PHP
Raw Normal View History

<?php
/**
* Pure-PHP implementation of RC4.
*
* Uses mcrypt, if available, and an internal implementation, otherwise.
*
2015-04-02 12:57:52 +02:00
* PHP version 5
*
* Useful resources are as follows:
*
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
*
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
2013-05-08 16:34:07 +02:00
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
*
* Here's a short example of how to use this library:
* <code>
* <?php
2014-12-17 01:16:54 +01:00
* include 'vendor/autoload.php';
*
2014-12-17 01:16:54 +01:00
* $rc4 = new \phpseclib\Crypt\RC4();
*
* $rc4->setKey('abcdefgh');
*
* $size = 10 * 1024;
* $plaintext = '';
* for ($i = 0; $i < $size; $i++) {
* $plaintext.= 'a';
* }
*
* echo $rc4->decrypt($rc4->encrypt($plaintext));
* ?>
* </code>
*
* @category Crypt
2014-12-17 01:16:54 +01:00
* @package RC4
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2007 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
2014-12-17 01:16:54 +01:00
namespace phpseclib\Crypt;
/**
* Pure-PHP implementation of RC4.
*
2014-12-17 01:16:54 +01:00
* @package RC4
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
2014-12-17 01:16:54 +01:00
class RC4 extends Base
{
/**#@+
* @access private
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\RC4::_crypt()
*/
const ENCRYPT = 0;
const DECRYPT = 1;
/**#@-*/
/**
2013-05-20 08:19:38 +02:00
* Block Length of the cipher
*
2014-01-18 18:29:25 +01:00
* RC4 is a stream cipher
2013-05-20 08:19:38 +02:00
* so we the block_size to 0
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::block_size
2015-09-02 01:42:15 +02:00
* @var int
* @access private
*/
2013-05-20 08:19:38 +02:00
var $block_size = 0;
/**
2015-10-05 04:06:17 +02:00
* Key Length (in bytes)
*
* @see \phpseclib\Crypt\RC4::setKeyLength()
2015-09-02 01:42:15 +02:00
* @var int
* @access private
*/
2015-10-05 04:06:17 +02:00
var $key_length = 128; // = 1024 bits
/**
2013-05-20 08:19:38 +02:00
* The mcrypt specific name of the cipher
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt
2015-09-02 01:42:15 +02:00
* @var string
* @access private
*/
2013-05-20 08:19:38 +02:00
var $cipher_name_mcrypt = 'arcfour';
/**
2013-05-20 08:19:38 +02:00
* Holds whether performance-optimized $inline_crypt() can/should be used.
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::inline_crypt
2013-05-20 08:19:38 +02:00
* @var mixed
* @access private
*/
2013-05-20 08:19:38 +02:00
var $use_inline_crypt = false; // currently not available
/**
2013-05-20 08:19:38 +02:00
* The Key
*
* @see self::setKey()
2015-09-02 01:42:15 +02:00
* @var string
* @access private
*/
2013-05-20 08:19:38 +02:00
var $key = "\0";
/**
2013-05-20 08:19:38 +02:00
* The Key Stream for decryption and encryption
*
* @see self::setKey()
2015-09-02 01:42:15 +02:00
* @var array
* @access private
*/
2013-05-20 08:19:38 +02:00
var $stream;
/**
* Default Constructor.
*
* Determines whether or not the mcrypt extension should be used.
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::__construct()
* @return \phpseclib\Crypt\RC4
* @access public
*/
function __construct()
{
2014-12-17 01:16:54 +01:00
parent::__construct(Base::MODE_STREAM);
}
/**
* Test for engine validity
*
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine()
*
* @see \phpseclib\Crypt\Base::__construct()
2015-09-02 01:42:15 +02:00
* @param int $engine
* @access public
2015-09-02 01:42:15 +02:00
* @return bool
*/
function isValidEngine($engine)
{
switch ($engine) {
case Base::ENGINE_OPENSSL:
switch (strlen($this->key)) {
case 5:
$this->cipher_name_openssl = 'rc4-40';
break;
case 8:
$this->cipher_name_openssl = 'rc4-64';
break;
case 16:
$this->cipher_name_openssl = 'rc4';
break;
default:
return false;
}
}
return parent::isValidEngine($engine);
}
/**
* Dummy function.
*
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
* calling setKey().
*
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
* the IV's are relatively easy to predict, an attack described by
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
* can be used to quickly guess at the rest of the key. The following links elaborate:
*
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
*
2015-09-02 01:42:15 +02:00
* @param string $iv
* @see self::setKey()
* @access public
*/
function setIV($iv)
{
}
2013-05-25 04:05:24 +02:00
/**
* Sets the key length
2013-05-25 04:05:24 +02:00
*
* Keys can be between 1 and 256 bytes long.
2013-05-25 04:05:24 +02:00
*
* @access public
* @param int $length
2013-05-25 04:05:24 +02:00
*/
function setKeyLength($length)
2013-05-25 04:05:24 +02:00
{
if ($length < 8) {
2015-10-05 04:06:17 +02:00
$this->key_length = 1;
} elseif ($length > 2048) {
2015-10-05 04:06:17 +02:00
$this->key_length = 248;
} else {
2015-10-05 04:06:17 +02:00
$this->key_length = $length >> 3;
}
parent::setKeyLength($length);
2013-05-25 04:05:24 +02:00
}
/**
* Encrypts a message.
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::decrypt()
* @see self::_crypt()
* @access public
2015-09-02 01:42:15 +02:00
* @param string $plaintext
* @return string $ciphertext
*/
function encrypt($plaintext)
{
if ($this->engine != Base::ENGINE_INTERNAL) {
2013-05-20 08:19:38 +02:00
return parent::encrypt($plaintext);
}
return $this->_crypt($plaintext, self::ENCRYPT);
}
/**
* Decrypts a message.
*
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
* At least if the continuous buffer is disabled.
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::encrypt()
* @see self::_crypt()
* @access public
2015-09-02 01:42:15 +02:00
* @param string $ciphertext
* @return string $plaintext
*/
function decrypt($ciphertext)
{
if ($this->engine != Base::ENGINE_INTERNAL) {
2013-05-20 08:19:38 +02:00
return parent::decrypt($ciphertext);
}
return $this->_crypt($ciphertext, self::DECRYPT);
}
2014-12-29 21:43:56 +01:00
/**
* Encrypts a block
*
* @access private
2015-09-02 01:42:15 +02:00
* @param string $in
2014-12-29 21:43:56 +01:00
*/
function _encryptBlock($in)
{
// RC4 does not utilize this method
}
/**
* Decrypts a block
*
* @access private
2015-09-02 01:42:15 +02:00
* @param string $in
2014-12-29 21:43:56 +01:00
*/
function _decryptBlock($in)
{
// RC4 does not utilize this method
}
2013-05-25 04:05:24 +02:00
/**
* Setup the key (expansion)
*
2014-12-17 01:16:54 +01:00
* @see \phpseclib\Crypt\Base::_setupKey()
2013-05-25 04:05:24 +02:00
* @access private
*/
function _setupKey()
{
$key = $this->key;
$keyLength = strlen($key);
2014-06-16 16:19:14 +02:00
$keyStream = range(0, 255);
2013-05-25 04:05:24 +02:00
$j = 0;
for ($i = 0; $i < 256; $i++) {
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
$temp = $keyStream[$i];
$keyStream[$i] = $keyStream[$j];
$keyStream[$j] = $temp;
}
$this->stream = array();
$this->stream[self::DECRYPT] = $this->stream[self::ENCRYPT] = array(
2013-05-25 04:05:24 +02:00
0, // index $i
0, // index $j
$keyStream
);
}
/**
* Encrypts or decrypts a message.
*
* @see self::encrypt()
* @see self::decrypt()
* @access private
2015-09-02 01:42:15 +02:00
* @param string $text
* @param int $mode
* @return string $text
*/
function _crypt($text, $mode)
{
2013-05-20 08:19:38 +02:00
if ($this->changed) {
$this->_setup();
$this->changed = false;
}
2013-05-20 08:19:38 +02:00
$stream = &$this->stream[$mode];
if ($this->continuousBuffer) {
2013-05-20 08:19:38 +02:00
$i = &$stream[0];
$j = &$stream[1];
$keyStream = &$stream[2];
} else {
$i = $stream[0];
$j = $stream[1];
$keyStream = $stream[2];
}
2013-05-20 08:19:38 +02:00
$len = strlen($text);
for ($k = 0; $k < $len; ++$k) {
$i = ($i + 1) & 255;
$ksi = $keyStream[$i];
$j = ($j + $ksi) & 255;
$ksj = $keyStream[$j];
2013-05-20 08:19:38 +02:00
$keyStream[$i] = $ksj;
$keyStream[$j] = $ksi;
2014-06-16 16:19:14 +02:00
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
}
2013-05-20 08:19:38 +02:00
return $text;
}
}