danog/tgseclib
1
0
Fork 0
mirror of https://github.com/danog/tgseclib.git synced 2025-01-22 05:51:20 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #508 from cnelissen/RandomAsClass

Browse Source 
Promote Crypt/Random.php to a fully qualified class

* cnelissen/RandomAsClass:
  Removed includes for Random.php and fixed up user_error message
  Renamed Random::crypt_random_string to Random::string
  Regenerated lock file
  Namespaced Crypt\Random
  Code sniff fix
  Initial commit

Conflicts:
	composer.lock
This commit is contained in:
Andreas Fischer 2014-12-02 21:56:21 +01:00
commit cd10ded72e
8 changed files with 37 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
composer.json
View File

@ -69,10 +69,7 @@
}, },
"psr-4": { "psr-4": {
"phpseclib\\": "phpseclib/" "phpseclib\\": "phpseclib/"
}, }
"files": [
"phpseclib/Crypt/Random.php"
]
}, },
"extra": { "extra": {
"branch-alias": { "branch-alias": {

2
composer.lock generated
View File

@ -4,7 +4,7 @@
"Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"hash": "d659616f5490402339feb6595340aeec", "hash": "4f12b7267ae2893c231aa139d04f1dfd",
"packages": [], "packages": [],
"packages-dev": [ "packages-dev": [
{ {

24
phpseclib/Crypt/RSA.php
View File

@ -67,19 +67,9 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
use \phpseclib\Crypt\Random;
use \phpseclib\Math\BigInteger; use \phpseclib\Math\BigInteger;
/**
* Include Crypt_Random
*/
// the class_exists() will only be called if the crypt_random_string function hasn't been defined and
// will trigger a call to __autoload() if you're wanting to auto-load classes
// call function_exists() a second time to stop the include_once from being called outside
// of the auto loader
if (!function_exists('crypt_random_string')) {
include_once 'Random.php';
}
/** /**
* Include Crypt_Hash * Include Crypt_Hash
*/ */
@ -798,7 +788,7 @@ class Crypt_RSA
$source.= pack('Na*', strlen($private), $private); $source.= pack('Na*', strlen($private), $private);
$hashkey = 'putty-private-key-file-mac-key'; $hashkey = 'putty-private-key-file-mac-key';
} else { } else {
$private.= crypt_random_string(16 - (strlen($private) & 15)); $private.= Random::string(16 - (strlen($private) & 15));
$source.= pack('Na*', strlen($private), $private); $source.= pack('Na*', strlen($private), $private);
if (!class_exists('Crypt_AES')) { if (!class_exists('Crypt_AES')) {
include_once 'Crypt/AES.php'; include_once 'Crypt/AES.php';
@ -864,7 +854,7 @@ class Crypt_RSA
); );
$RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
if (!empty($this->password) || is_string($this->password)) { if (!empty($this->password) || is_string($this->password)) {
$salt = crypt_random_string(8); $salt = Random::string(8);
$iterationCount = 2048; $iterationCount = 2048;
if (!class_exists('Crypt_DES')) { if (!class_exists('Crypt_DES')) {
@ -904,7 +894,7 @@ class Crypt_RSA
} }
if (!empty($this->password) || is_string($this->password)) { if (!empty($this->password) || is_string($this->password)) {
$iv = crypt_random_string(8); $iv = Random::string(8);
$symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key $symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8); $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
if (!class_exists('Crypt_TripleDES')) { if (!class_exists('Crypt_TripleDES')) {
@ -2306,7 +2296,7 @@ class Crypt_RSA
$lHash = $this->hash->hash($l); $lHash = $this->hash->hash($l);
$ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2);
$db = $lHash . $ps . chr(1) . $m; $db = $lHash . $ps . chr(1) . $m;
$seed = crypt_random_string($this->hLen); $seed = Random::string($this->hLen);
$dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
$maskedDB = $db ^ $dbMask; $maskedDB = $db ^ $dbMask;
$seedMask = $this->_mgf1($maskedDB, $this->hLen); $seedMask = $this->_mgf1($maskedDB, $this->hLen);
@ -2424,7 +2414,7 @@ class Crypt_RSA
$psLen = $this->k - $mLen - 3; $psLen = $this->k - $mLen - 3;
$ps = ''; $ps = '';
while (strlen($ps) != $psLen) { while (strlen($ps) != $psLen) {
$temp = crypt_random_string($psLen - strlen($ps)); $temp = Random::string($psLen - strlen($ps));
$temp = str_replace("\x00", '', $temp); $temp = str_replace("\x00", '', $temp);
$ps.= $temp; $ps.= $temp;
} }
@ -2530,7 +2520,7 @@ class Crypt_RSA
return false; return false;
} }
$salt = crypt_random_string($sLen); $salt = Random::string($sLen);
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
$h = $this->hash->hash($m2); $h = $this->hash->hash($m2);
$ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2);

33
phpseclib/Crypt/Random.php
View File

@ -3,9 +3,6 @@
/** /**
* Random Number Generator * Random Number Generator
* *
* The idea behind this function is that it can be easily replaced with your own crypt_random_string()
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever.
*
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
@ -13,7 +10,7 @@
* <?php * <?php
* include 'Crypt/Random.php'; * include 'Crypt/Random.php';
* *
* echo bin2hex(crypt_random_string(8)); * echo bin2hex(Random::string(8));
* ?> * ?>
* </code> * </code>
* *
@ -36,24 +33,24 @@
* THE SOFTWARE. * THE SOFTWARE.
* *
* @category Crypt * @category Crypt
* @package Crypt_Random * @package Random
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @copyright MMVII Jim Wigginton * @copyright MMVII Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently, namespace phpseclib\Crypt;
// have phpseclib as a requirement as well. if you're developing such a program you may encounter
// a "Cannot redeclare crypt_random_string()" error.
if (!function_exists('crypt_random_string')) {
/**
* "Is Windows" test
*
* @access private
*/
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
/**
* Pure-PHP Random Number Generator
*
* @package Random
* @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
class Random
{
/** /**
* Generate a random string. * Generate a random string.
* *
@ -65,9 +62,9 @@ if (!function_exists('crypt_random_string')) {
* @return String * @return String
* @access public * @access public
*/ */
function crypt_random_string($length) static function string($length)
{ {
if (CRYPT_RANDOM_IS_WINDOWS) { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call. // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
// ie. class_alias is a function that was introduced in PHP 5.3 // ie. class_alias is a function that was introduced in PHP 5.3
if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) { if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) {
@ -231,7 +228,7 @@ if (!function_exists('crypt_random_string')) {
$crypto = new Crypt_RC4(); $crypto = new Crypt_RC4();
break; break;
default: default:
user_error('crypt_random_string requires at least one symmetric cipher be loaded'); user_error(__CLASS__ . ' requires at least one symmetric cipher be loaded');
return false; return false;
} }

2
phpseclib/File/X509.php
View File

@ -3475,7 +3475,7 @@ class File_X509
// "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified."
// both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way
// we could alternatively do this instead if we ignored the specs: // we could alternatively do this instead if we ignored the specs:
// crypt_random_string(8) & str_repeat("\x7F", 8) // Random::string(8) & str_repeat("\x7F", 8)
'challenge' => !empty($this->challenge) ? $this->challenge : '' 'challenge' => !empty($this->challenge) ? $this->challenge : ''
), ),
'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),

8
phpseclib/Math/BigInteger.php
View File

@ -68,6 +68,8 @@
namespace phpseclib\Math; namespace phpseclib\Math;
use \phpseclib\Crypt\Random;
/**#@+ /**#@+
* Reduction constants * Reduction constants
* *
@ -3021,7 +3023,7 @@ class BigInteger
/** /**
* Generates a random BigInteger * Generates a random BigInteger
* *
* Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not. * Byte length is equal to $length. Uses Crypt\Random if it's loaded and mt_rand if it's not.
* *
* @param Integer $length * @param Integer $length
* @return \phpseclib\Math\BigInteger * @return \phpseclib\Math\BigInteger
@ -3029,8 +3031,8 @@ class BigInteger
*/ */
function _random_number_helper($size) function _random_number_helper($size)
{ {
if (function_exists('crypt_random_string')) { if (class_exists('phpseclib\Crypt\Random')) {
$random = crypt_random_string($size); $random = Random::string($size);
} else { } else {
$random = ''; $random = '';

16
phpseclib/Net/SSH1.php
View File

@ -64,6 +64,7 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
use \phpseclib\Crypt\Random;
use \phpseclib\Math\BigInteger; use \phpseclib\Math\BigInteger;
/**#@+ /**#@+
@ -519,15 +520,6 @@ class Net_SSH1
*/ */
function __construct($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES) function __construct($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES)
{ {
// Include Crypt_Random
// the class_exists() will only be called if the crypt_random_string function hasn't been defined and
// will trigger a call to __autoload() if you're wanting to auto-load classes
// call function_exists() a second time to stop the include_once from being called outside
// of the auto loader
if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
include_once 'Crypt/Random.php';
}
$this->protocol_flags = array( $this->protocol_flags = array(
1 => 'NET_SSH1_MSG_DISCONNECT', 1 => 'NET_SSH1_MSG_DISCONNECT',
2 => 'NET_SSH1_SMSG_PUBLIC_KEY', 2 => 'NET_SSH1_SMSG_PUBLIC_KEY',
@ -635,7 +627,7 @@ class Net_SSH1
$session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie)); $session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie));
$session_key = crypt_random_string(32); $session_key = Random::string(32);
$double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0)); $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0));
if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) { if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) {
@ -1183,7 +1175,7 @@ class Net_SSH1
$length = strlen($data) + 4; $length = strlen($data) + 4;
$padding = crypt_random_string(8 - ($length & 7)); $padding = Random::string(8 - ($length & 7));
$orig = $data; $orig = $data;
$data = $padding . $data; $data = $padding . $data;
@ -1369,7 +1361,7 @@ class Net_SSH1
$length = strlen($modulus) - strlen($m) - 3; $length = strlen($modulus) - strlen($m) - 3;
$random = ''; $random = '';
while (strlen($random) != $length) { while (strlen($random) != $length) {
$block = crypt_random_string($length - strlen($random)); $block = Random::string($length - strlen($random));
$block = str_replace("\x00", '', $block); $block = str_replace("\x00", '', $block);
$random.= $block; $random.= $block;
} }

9
phpseclib/Net/SSH2.php
View File

@ -66,6 +66,7 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
use \phpseclib\Crypt\Random;
// Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification.
use \phpseclib\Math\BigInteger; use \phpseclib\Math\BigInteger;
@ -855,10 +856,6 @@ class Net_SSH2
*/ */
function __construct($host, $port = 22, $timeout = 10) function __construct($host, $port = 22, $timeout = 10)
{ {
if (!function_exists('crypt_random_string')) {
include_once 'Crypt/Random.php';
}
if (!class_exists('Crypt_Hash')) { if (!class_exists('Crypt_Hash')) {
include_once 'Crypt/Hash.php'; include_once 'Crypt/Hash.php';
} }
@ -1202,7 +1199,7 @@ class Net_SSH2
$compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms); $compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms);
} }
$client_cookie = crypt_random_string(16); $client_cookie = Random::string(16);
$response = $kexinit_payload_server; $response = $kexinit_payload_server;
$this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
@ -3154,7 +3151,7 @@ class Net_SSH2
$packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size; $packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size;
// subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length
$padding_length = $packet_length - strlen($data) - 5; $padding_length = $packet_length - strlen($data) - 5;
$padding = crypt_random_string($padding_length); $padding = Random::string($padding_length);
// we subtract 4 from packet_length because the packet_length field isn't supposed to include itself // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself
$packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding); $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding);