aside from the addition of OpenSSL support a few other changes have been included:
- setEngine(), as added by petrich, is depricated (not that it was ever in trunk to begin with)
it has been replaced with isValidEngine() and setPreferredEngine().
- replace _generate_xor() with increment_str()
_increment_str() had extra functionality that wasn't being used. ie. it could concatenate
multiple successive string increments to one another automatically. but not only was that
functionality not used - it also made the function less versatile. _increment_str() can be
used more easily for iterative brute forcing (for example)
- rename Crypt_Base::_stringShift to Crypt_Base::_string_shift (for consistency)
- more expansive unit test coverage
- Crypt_* Some CS
- Crypt_Base: better comments for phpseclib developers
- Crypt_Base::_createInlineCryptFunction(): better namespace for
internal variables (all now prefixed with an underscore to avoid
conflicts)
These lines served some purpose on SVN, but are now useless on Git. They
actually do harm as they might make people think their files are older
than they actually are.
- Base/Rijndael/AES: Comments updated.
- Base: removed __desctructor(). Re:
https://github.com/phpseclib/phpseclib/issues/107
- Base: setPassword() will use >= php-5.5's new (faster) hash_pbkdf2()
function if availalbe/possible. 100% compatible to the internal
implementation. Strong testet with all
hashes/iterations/lengths/ciphers.
- Rijndael: Runtime engine-switch: Will now use mcrypt (in case of
128/192/256-bit block/keys), if possible. Otherwise MODE_INTERNAL.
AES: Soucecode reducing. After all, now, AES.php is virtually nothing
other than a wrapper to Rijndael.php::new
Crypt_Rijndael()->setBlockLength(128). No different in speed or
functionality, but fixed block_size.
Fixed/rewritten: Decrypt() in CFB mode to work clean with enableContinuousBuffer()
Fixed: PHP's strlen(array()) warning in OFB mode,
Fixed: disableContinuousBuffer() clear's now also the $enbuffer/$debuffer arrays so that multiple calls to enable/disableContinuousBuffer() will work without old buffers
$buffer['encrypted'] (which is always empty) should be $buffer['ciphertext'] or buffered stream will get corrupt...
Example:
define('CRYPT_AES_MODE',CRYPT_AES_MODE_INTERNAL);//in MODE_MCRYPT all is fine
$aes = new Crypt_AES(CRYPT_AES_MODE_CTR);
$aes->setKey(':-8');
$aes->enableContinuousBuffer();
$plaintext = ':-):-):-):-):-):-)';
for($i=0; $i<strlen($plaintext); $i++) {
echo $aes->Decrypt($aes->Encrypt($plaintext[$i]));
}
Output:
:-):-):-):-):-):-(
Expected:
:-):-):-):-):-):-)
After Bugfix, output is:
:-):-):-):-):-):-)
To use exceptions do define('PHPSECLIB_USE_EXCEPTIONS', true).
To have the exceptions thrown by phpseclib be of a certain class define PHPSECLIB_EXCEPTION_CLASS.
