octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-06-26 03:52:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use paragonie/constant_time_encoding

Browse Source
This commit is contained in:
Paragon Initiative Enterprises 2016-05-12 16:28:40 -04:00
parent a2130ff111
commit 0e8fa93676
19 changed files with 219 additions and 126 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
composer.json
View File

@ -51,6 +51,7 @@
} }
], ],
"require": { "require": {
"paragonie/constant_time_encoding": "^1|^2",
"paragonie/random_compat": "^1.4|^2.0", "paragonie/random_compat": "^1.4|^2.0",
"php": ">=5.3.3" "php": ">=5.3.3"
}, },

131
composer.lock generated
View File

@ -4,9 +4,71 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"hash": "deb73cf7e6004dbc2550a38c4082df2d", "hash": "b54600d5b96647f1c6f4db8b67f9dd49",
"content-hash": "39f9dd8d2c209ff69eebbb83e367257e", "content-hash": "bbcd086ca303cc52841266906eb6e174",
"packages": [ "packages": [
{
"name": "paragonie/constant_time_encoding",
"version": "v1.0.0",
"source": {
"type": "git",
"url": "https://github.com/paragonie/constant_time_encoding.git",
"reference": "fdb1e311153233315e0f7699711e3845d81ed00f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/paragonie/constant_time_encoding/zipball/fdb1e311153233315e0f7699711e3845d81ed00f",
"reference": "fdb1e311153233315e0f7699711e3845d81ed00f",
"shasum": ""
},
"require": {
"php": "^5.3|^7"
},
"require-dev": {
"paragonie/random_compat": "^1.4|^2.0",
"phpunit/phpunit": "4.*|5.*"
},
"type": "library",
"autoload": {
"psr-4": {
"ParagonIE\\ConstantTime\\": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
],
"authors": [
{
"name": "Paragon Initiative Enterprises",
"email": "security@paragonie.com",
"homepage": "https://paragonie.com",
"role": "Maintainer"
},
{
"name": "Steve 'Sc00bz' Thomas",
"email": "steve@tobtu.com",
"homepage": "https://www.tobtu.com",
"role": "Original Developer"
}
],
"description": "Constant-time Implementations of RFC 4648 Encoding (Base-64, Base-32, Base-16)",
"keywords": [
"base16",
"base32",
"base32_decode",
"base32_encode",
"base64",
"base64_decode",
"base64_encode",
"bin2hex",
"encoding",
"hex",
"hex2bin",
"rfc4648"
],
"time": "2016-04-08 16:58:39"
},
{ {
"name": "paragonie/random_compat", "name": "paragonie/random_compat",
"version": "v2.0.2", "version": "v2.0.2",
@ -561,21 +623,24 @@
}, },
{ {
"name": "phpunit/php-timer", "name": "phpunit/php-timer",
"version": "1.0.7", "version": "1.0.8",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/sebastianbergmann/php-timer.git", "url": "https://github.com/sebastianbergmann/php-timer.git",
"reference": "3e82f4e9fc92665fafd9157568e4dcb01d014e5b" "reference": "38e9124049cf1a164f1e4537caf19c99bf1eb260"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/3e82f4e9fc92665fafd9157568e4dcb01d014e5b", "url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/38e9124049cf1a164f1e4537caf19c99bf1eb260",
"reference": "3e82f4e9fc92665fafd9157568e4dcb01d014e5b", "reference": "38e9124049cf1a164f1e4537caf19c99bf1eb260",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": ">=5.3.3" "php": ">=5.3.3"
}, },
"require-dev": {
"phpunit/phpunit": "~4|~5"
},
"type": "library", "type": "library",
"autoload": { "autoload": {
"classmap": [ "classmap": [
@ -598,7 +663,7 @@
"keywords": [ "keywords": [
"timer" "timer"
], ],
"time": "2015-06-21 08:01:12" "time": "2016-05-12 18:03:57"
}, },
{ {
"name": "phpunit/php-token-stream", "name": "phpunit/php-token-stream",
@ -998,16 +1063,16 @@
}, },
{ {
"name": "sebastian/environment", "name": "sebastian/environment",
"version": "1.3.5", "version": "1.3.6",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/sebastianbergmann/environment.git", "url": "https://github.com/sebastianbergmann/environment.git",
"reference": "dc7a29032cf72b54f36dac15a1ca5b3a1b6029bf" "reference": "2292b116f43c272ff4328083096114f84ea46a56"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/dc7a29032cf72b54f36dac15a1ca5b3a1b6029bf", "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/2292b116f43c272ff4328083096114f84ea46a56",
"reference": "dc7a29032cf72b54f36dac15a1ca5b3a1b6029bf", "reference": "2292b116f43c272ff4328083096114f84ea46a56",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1044,7 +1109,7 @@
"environment", "environment",
"hhvm" "hhvm"
], ],
"time": "2016-02-26 18:40:46" "time": "2016-05-04 07:59:13"
}, },
{ {
"name": "sebastian/exporter", "name": "sebastian/exporter",
@ -1331,16 +1396,16 @@
}, },
{ {
"name": "symfony/console", "name": "symfony/console",
"version": "v2.8.4", "version": "v2.8.6",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/symfony/console.git", "url": "https://github.com/symfony/console.git",
"reference": "9a5aef5fc0d4eff86853d44202b02be8d5a20154" "reference": "48221d3de4dc22d2cd57c97e8b9361821da86609"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/symfony/console/zipball/9a5aef5fc0d4eff86853d44202b02be8d5a20154", "url": "https://api.github.com/repos/symfony/console/zipball/48221d3de4dc22d2cd57c97e8b9361821da86609",
"reference": "9a5aef5fc0d4eff86853d44202b02be8d5a20154", "reference": "48221d3de4dc22d2cd57c97e8b9361821da86609",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1387,20 +1452,20 @@
], ],
"description": "Symfony Console Component", "description": "Symfony Console Component",
"homepage": "https://symfony.com", "homepage": "https://symfony.com",
"time": "2016-03-17 09:19:04" "time": "2016-04-26 12:00:47"
}, },
{ {
"name": "symfony/filesystem", "name": "symfony/filesystem",
"version": "v2.8.4", "version": "v2.8.6",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/symfony/filesystem.git", "url": "https://github.com/symfony/filesystem.git",
"reference": "f08ffdf229252cd2745558cb2112df43903bcae4" "reference": "dee379131dceed90a429e951546b33edfe7dccbb"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/symfony/filesystem/zipball/f08ffdf229252cd2745558cb2112df43903bcae4", "url": "https://api.github.com/repos/symfony/filesystem/zipball/dee379131dceed90a429e951546b33edfe7dccbb",
"reference": "f08ffdf229252cd2745558cb2112df43903bcae4", "reference": "dee379131dceed90a429e951546b33edfe7dccbb",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1436,11 +1501,11 @@
], ],
"description": "Symfony Filesystem Component", "description": "Symfony Filesystem Component",
"homepage": "https://symfony.com", "homepage": "https://symfony.com",
"time": "2016-03-27 10:20:16" "time": "2016-04-12 18:01:21"
}, },
{ {
"name": "symfony/finder", "name": "symfony/finder",
"version": "v2.8.4", "version": "v2.8.6",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/symfony/finder.git", "url": "https://github.com/symfony/finder.git",
@ -1548,16 +1613,16 @@
}, },
{ {
"name": "symfony/process", "name": "symfony/process",
"version": "v2.8.4", "version": "v2.8.6",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/symfony/process.git", "url": "https://github.com/symfony/process.git",
"reference": "fb467471952ef5cf8497c029980e556b47545333" "reference": "1276bd9be89be039748cf753a2137f4ef149cd74"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/symfony/process/zipball/fb467471952ef5cf8497c029980e556b47545333", "url": "https://api.github.com/repos/symfony/process/zipball/1276bd9be89be039748cf753a2137f4ef149cd74",
"reference": "fb467471952ef5cf8497c029980e556b47545333", "reference": "1276bd9be89be039748cf753a2137f4ef149cd74",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1593,20 +1658,20 @@
], ],
"description": "Symfony Process Component", "description": "Symfony Process Component",
"homepage": "https://symfony.com", "homepage": "https://symfony.com",
"time": "2016-03-23 13:11:46" "time": "2016-04-14 15:22:22"
}, },
{ {
"name": "symfony/yaml", "name": "symfony/yaml",
"version": "v2.8.4", "version": "v2.8.6",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/symfony/yaml.git", "url": "https://github.com/symfony/yaml.git",
"reference": "584e52cb8f788a887553ba82db6caacb1d6260bb" "reference": "e4fbcc65f90909c999ac3b4dfa699ee6563a9940"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/symfony/yaml/zipball/584e52cb8f788a887553ba82db6caacb1d6260bb", "url": "https://api.github.com/repos/symfony/yaml/zipball/e4fbcc65f90909c999ac3b4dfa699ee6563a9940",
"reference": "584e52cb8f788a887553ba82db6caacb1d6260bb", "reference": "e4fbcc65f90909c999ac3b4dfa699ee6563a9940",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -1642,7 +1707,7 @@
], ],
"description": "Symfony Yaml Component", "description": "Symfony Yaml Component",
"homepage": "https://symfony.com", "homepage": "https://symfony.com",
"time": "2016-03-04 07:54:35" "time": "2016-03-29 19:00:15"
}, },
{ {
"name": "twig/twig", "name": "twig/twig",

5
phpseclib/Crypt/Base.php
View File

@ -35,6 +35,7 @@
*/ */
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use ParagonIE\ConstantTime\Hex;
/** /**
* Base Class for all \phpseclib\Crypt\* cipher classes * Base Class for all \phpseclib\Crypt\* cipher classes
@ -2578,10 +2579,10 @@ abstract class Base
$len = strlen($bytes); $len = strlen($bytes);
for ($i = 0; $i < $len; $i+=20) { for ($i = 0; $i < $len; $i+=20) {
$t = substr($bytes, $i, 20); $t = substr($bytes, $i, 20);
$hash = pack('H*', sha1($hash)); $hash = Hex::decode($hash);
$result .= $t ^ $hash; $result .= $t ^ $hash;
} }
return $result . pack('H*', sha1($hash)); return $result . Hex::decode(sha1($hash));
} }
} }
} }

24
phpseclib/Crypt/RSA.php
View File

@ -45,6 +45,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\File\ASN1; use phpseclib\File\ASN1;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
@ -1033,7 +1035,7 @@ class RSA
switch ($algorithm) { switch ($algorithm) {
case 'sha256': case 'sha256':
$hash = new Hash('sha256'); $hash = new Hash('sha256');
$base = base64_encode($hash->hash($RSAPublicKey)); $base = Base64::encode($hash->hash($RSAPublicKey));
return substr($base, 0, strlen($base) - 1); return substr($base, 0, strlen($base) - 1);
case 'md5': case 'md5':
return substr(chunk_split(md5($RSAPublicKey), 2, ':'), 0, -1); return substr(chunk_split(md5($RSAPublicKey), 2, ':'), 0, -1);
@ -1951,32 +1953,32 @@ class RSA
// see http://tools.ietf.org/html/rfc3447#page-43 // see http://tools.ietf.org/html/rfc3447#page-43
switch ($this->hashName) { switch ($this->hashName) {
case 'md2': case 'md2':
$t = pack('H*', '3020300c06082a864886f70d020205000410'); $t = Hex::decode('3020300c06082a864886f70d020205000410');
break; break;
case 'md5': case 'md5':
$t = pack('H*', '3020300c06082a864886f70d020505000410'); $t = Hex::decode('3020300c06082a864886f70d020505000410');
break; break;
case 'sha1': case 'sha1':
$t = pack('H*', '3021300906052b0e03021a05000414'); $t = Hex::decode('3021300906052b0e03021a05000414');
break; break;
case 'sha256': case 'sha256':
$t = pack('H*', '3031300d060960864801650304020105000420'); $t = Hex::decode('3031300d060960864801650304020105000420');
break; break;
case 'sha384': case 'sha384':
$t = pack('H*', '3041300d060960864801650304020205000430'); $t = Hex::decode('3041300d060960864801650304020205000430');
break; break;
case 'sha512': case 'sha512':
$t = pack('H*', '3051300d060960864801650304020305000440'); $t = Hex::decode('3051300d060960864801650304020305000440');
break; break;
// from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40 // from https://www.emc.com/collateral/white-papers/h11300-pkcs-1v2-2-rsa-cryptography-standard-wp.pdf#page=40
case 'sha224': case 'sha224':
$t = pack('H*', '302d300d06096086480165030402040500041c'); $t = Hex::decode('302d300d06096086480165030402040500041c');
break; break;
case 'sha512/224': case 'sha512/224':
$t = pack('H*', '302d300d06096086480165030402050500041c'); $t = Hex::decode('302d300d06096086480165030402050500041c');
break; break;
case 'sha512/256': case 'sha512/256':
$t = pack('H*', '3031300d060960864801650304020605000420'); $t = Hex::decode('3031300d060960864801650304020605000420');
} }
$t.= $h; $t.= $h;
$tLen = strlen($t); $tLen = strlen($t);
@ -2166,7 +2168,7 @@ class RSA
$hash = new Hash($decoded['digestAlgorithm']['algorithm']); $hash = new Hash($decoded['digestAlgorithm']['algorithm']);
$em = $hash->hash($m); $em = $hash->hash($m);
$em2 = base64_decode($decoded['digest']); $em2 = Base64::decode($decoded['digest']);
return $this->_equals($em, $em2); return $this->_equals($em, $em2);
} }

8
phpseclib/Crypt/RSA/MSBLOB.php
View File

@ -18,6 +18,8 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Binary;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
/** /**
@ -76,7 +78,7 @@ class MSBLOB
return false; return false;
} }
$key = base64_decode($key); $key = Base64::decode($key);
if (!is_string($key) || strlen($key) < 20) { if (!is_string($key) || strlen($key) < 20) {
return false; return false;
@ -182,7 +184,7 @@ class MSBLOB
$key.= strrev($coefficients[1]->toBytes()); $key.= strrev($coefficients[1]->toBytes());
$key.= strrev($d->toBytes()); $key.= strrev($d->toBytes());
return base64_encode($key); return Base64::encode($key);
} }
/** /**
@ -201,7 +203,7 @@ class MSBLOB
$key.= pack('VVa*', self::RSA1, 8 * strlen($n), $e); $key.= pack('VVa*', self::RSA1, 8 * strlen($n), $e);
$key.= $n; $key.= $n;
return base64_encode($key); return Base64::encode($key);
} }
/** /**

5
phpseclib/Crypt/RSA/OpenSSH.php
View File

@ -16,6 +16,7 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
/** /**
@ -62,7 +63,7 @@ class OpenSSH
$parts = explode(' ', $key, 3); $parts = explode(' ', $key, 3);
$key = isset($parts[1]) ? base64_decode($parts[1]) : base64_decode($parts[0]); $key = isset($parts[1]) ? Base64::decode($parts[1]) : Base64::decode($parts[0]);
if ($key === false) { if ($key === false) {
return false; return false;
} }
@ -116,7 +117,7 @@ class OpenSSH
// mpint e // mpint e
// mpint n // mpint n
$RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus); $RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
$RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . self::$comment; $RSAPublicKey = 'ssh-rsa ' . Base64::encode($RSAPublicKey) . ' ' . self::$comment;
return $RSAPublicKey; return $RSAPublicKey;
} }

8
phpseclib/Crypt/RSA/PKCS.php
View File

@ -14,6 +14,8 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\AES; use phpseclib\Crypt\AES;
use phpseclib\Crypt\Base; use phpseclib\Crypt\Base;
use phpseclib\Crypt\DES; use phpseclib\Crypt\DES;
@ -144,7 +146,7 @@ abstract class PKCS
$symkey = ''; $symkey = '';
$iv = substr($iv, 0, 8); $iv = substr($iv, 0, 8);
while (strlen($symkey) < $length) { while (strlen($symkey) < $length) {
$symkey.= pack('H*', md5($symkey . $password . $iv)); $symkey.= Hex::decode(md5($symkey . $password . $iv));
} }
return substr($symkey, 0, $length); return substr($symkey, 0, $length);
} }
@ -181,7 +183,7 @@ abstract class PKCS
* OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */ * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */
if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) { if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) {
$iv = pack('H*', trim($matches[2])); $iv = Hex::decode(trim($matches[2]));
// remove the Proc-Type / DEK-Info sections as they're no longer needed // remove the Proc-Type / DEK-Info sections as they're no longer needed
$key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key); $key = preg_replace('#^(?:Proc-Type|DEK-Info): .*#m', '', $key);
$ciphertext = self::_extractBER($key); $ciphertext = self::_extractBER($key);
@ -479,7 +481,7 @@ abstract class PKCS
$temp = preg_replace('#-+[^-]+-+#', '', $temp); $temp = preg_replace('#-+[^-]+-+#', '', $temp);
// remove new lines // remove new lines
$temp = str_replace(array("\r", "\n", ' '), '', $temp); $temp = str_replace(array("\r", "\n", ' '), '', $temp);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false; $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false;
return $temp != false ? $temp : $str; return $temp != false ? $temp : $str;
} }
} }

11
phpseclib/Crypt/RSA/PKCS1.php
View File

@ -22,7 +22,10 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\AES; use phpseclib\Crypt\AES;
use phpseclib\Crypt\Base;
use phpseclib\Crypt\DES; use phpseclib\Crypt\DES;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Crypt\TripleDES; use phpseclib\Crypt\TripleDES;
@ -116,16 +119,16 @@ class PKCS1 extends PKCS
$iv = Random::string($cipher->getBlockLength() >> 3); $iv = Random::string($cipher->getBlockLength() >> 3);
$cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3)); $cipher->setKey(self::generateSymmetricKey($password, $iv, $cipher->getKeyLength() >> 3));
$cipher->setIV($iv); $cipher->setIV($iv);
$iv = strtoupper(bin2hex($iv)); $iv = strtoupper(Hex::encode($iv));
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
"Proc-Type: 4,ENCRYPTED\r\n" . "Proc-Type: 4,ENCRYPTED\r\n" .
"DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" . "DEK-Info: " . self::$defaultEncryptionAlgorithm . ",$iv\r\n" .
"\r\n" . "\r\n" .
chunk_split(base64_encode($cipher->encrypt($RSAPrivateKey)), 64) . chunk_split(Base64::encode($cipher->encrypt($RSAPrivateKey)), 64) .
'-----END RSA PRIVATE KEY-----'; '-----END RSA PRIVATE KEY-----';
} else { } else {
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" . $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
chunk_split(base64_encode($RSAPrivateKey), 64) . chunk_split(Base64::encode($RSAPrivateKey), 64) .
'-----END RSA PRIVATE KEY-----'; '-----END RSA PRIVATE KEY-----';
} }
@ -164,7 +167,7 @@ class PKCS1 extends PKCS
); );
$RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" . $RSAPublicKey = "-----BEGIN RSA PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($RSAPublicKey), 64) . chunk_split(Base64::encode($RSAPublicKey), 64) .
'-----END RSA PUBLIC KEY-----'; '-----END RSA PUBLIC KEY-----';
return $RSAPublicKey; return $RSAPublicKey;

12
phpseclib/Crypt/RSA/PKCS8.php
View File

@ -24,6 +24,8 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\DES; use phpseclib\Crypt\DES;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
@ -92,7 +94,7 @@ class PKCS8 extends PKCS
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $rsaOID = Hex::decode('300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPrivateKey = pack( $RSAPrivateKey = pack(
'Ca*a*Ca*a*', 'Ca*a*Ca*a*',
self::ASN1_INTEGER, self::ASN1_INTEGER,
@ -145,11 +147,11 @@ class PKCS8 extends PKCS
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . $RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" .
chunk_split(base64_encode($RSAPrivateKey), 64) . chunk_split(Base64::encode($RSAPrivateKey), 64) .
'-----END ENCRYPTED PRIVATE KEY-----'; '-----END ENCRYPTED PRIVATE KEY-----';
} else { } else {
$RSAPrivateKey = "-----BEGIN PRIVATE KEY-----\r\n" . $RSAPrivateKey = "-----BEGIN PRIVATE KEY-----\r\n" .
chunk_split(base64_encode($RSAPrivateKey), 64) . chunk_split(Base64::encode($RSAPrivateKey), 64) .
'-----END PRIVATE KEY-----'; '-----END PRIVATE KEY-----';
} }
@ -188,7 +190,7 @@ class PKCS8 extends PKCS
); );
// sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption. // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
$rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $rsaOID = Hex::decode('300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPublicKey = chr(0) . $RSAPublicKey; $RSAPublicKey = chr(0) . $RSAPublicKey;
$RSAPublicKey = chr(3) . self::_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey; $RSAPublicKey = chr(3) . self::_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey;
@ -200,7 +202,7 @@ class PKCS8 extends PKCS
); );
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($RSAPublicKey), 64) . chunk_split(Base64::encode($RSAPublicKey), 64) .
'-----END PUBLIC KEY-----'; '-----END PUBLIC KEY-----';
return $RSAPublicKey; return $RSAPublicKey;

18
phpseclib/Crypt/RSA/PuTTY.php
View File

@ -14,6 +14,8 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\AES; use phpseclib\Crypt\AES;
use phpseclib\Crypt\Hash; use phpseclib\Crypt\Hash;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
@ -61,7 +63,7 @@ class PuTTY
$sequence = 0; $sequence = 0;
while (strlen($symkey) < $length) { while (strlen($symkey) < $length) {
$temp = pack('Na*', $sequence++, $password); $temp = pack('Na*', $sequence++, $password);
$symkey.= pack('H*', sha1($temp)); $symkey.= Hex::decode(sha1($temp));
} }
return substr($symkey, 0, $length); return substr($symkey, 0, $length);
} }
@ -113,7 +115,7 @@ class PuTTY
$components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2])); $components['comment'] = trim(preg_replace('#Comment: (.+)#', '$1', $key[2]));
$publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
$public = base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); $public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
$public = substr($public, 11); $public = substr($public, 11);
extract(unpack('Nlength', self::_string_shift($public, 4))); extract(unpack('Nlength', self::_string_shift($public, 4)));
$components['publicExponent'] = new BigInteger(self::_string_shift($public, $length), -256); $components['publicExponent'] = new BigInteger(self::_string_shift($public, $length), -256);
@ -121,7 +123,7 @@ class PuTTY
$components['modulus'] = new BigInteger(self::_string_shift($public, $length), -256); $components['modulus'] = new BigInteger(self::_string_shift($public, $length), -256);
$privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4])); $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4]));
$private = base64_decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength)))); $private = Base64::decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength))));
switch ($encryption) { switch ($encryption) {
case 'aes256-cbc': case 'aes256-cbc':
@ -240,7 +242,7 @@ class PuTTY
strlen($public), strlen($public),
$public $public
); );
$public = base64_encode($public); $public = Base64::encode($public);
$key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n"; $key.= "Public-Lines: " . ((strlen($public) + 63) >> 6) . "\r\n";
$key.= chunk_split($public, 64); $key.= chunk_split($public, 64);
$private = pack( $private = pack(
@ -269,12 +271,12 @@ class PuTTY
$hashkey = 'putty-private-key-file-mac-key' . $password; $hashkey = 'putty-private-key-file-mac-key' . $password;
} }
$private = base64_encode($private); $private = Base64::encode($private);
$key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n"; $key.= 'Private-Lines: ' . ((strlen($private) + 63) >> 6) . "\r\n";
$key.= chunk_split($private, 64); $key.= chunk_split($private, 64);
$hash = new Hash('sha1'); $hash = new Hash('sha1');
$hash->setKey(pack('H*', sha1($hashkey))); $hash->setKey(Hex::decode(sha1($hashkey)));
$key.= 'Private-MAC: ' . bin2hex($hash->hash($source)) . "\r\n"; $key.= 'Private-MAC: ' . Hex::encode($hash->hash($source)) . "\r\n";
return $key; return $key;
} }
@ -303,7 +305,7 @@ class PuTTY
); );
$key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" . $key = "---- BEGIN SSH2 PUBLIC KEY ----\r\n" .
'Comment: "' . str_replace(array('\\', '"'), array('\\\\', '\"'), self::$comment) . "\"\r\n"; 'Comment: "' . str_replace(array('\\', '"'), array('\\\\', '\"'), self::$comment) . "\"\r\n";
chunk_split(base64_encode($key), 64) . chunk_split(Base64::encode($key), 64) .
'---- END SSH2 PUBLIC KEY ----'; '---- END SSH2 PUBLIC KEY ----';
return $key; return $key;

23
phpseclib/Crypt/RSA/XML.php
View File

@ -19,6 +19,7 @@
namespace phpseclib\Crypt\RSA; namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
/** /**
@ -65,7 +66,7 @@ class XML
if (!$temp->length) { if (!$temp->length) {
continue; continue;
} }
$value = new BigInteger(base64_decode($temp->item(0)->nodeValue), 256); $value = new BigInteger(Base64::decode($temp->item(0)->nodeValue), 256);
switch ($key) { switch ($key) {
case 'modulus': case 'modulus':
$components['modulus'] = $value; $components['modulus'] = $value;
@ -117,14 +118,14 @@ class XML
return false; return false;
} }
return "<RSAKeyValue>\r\n" . return "<RSAKeyValue>\r\n" .
' <Modulus>' . base64_encode($n->toBytes()) . "</Modulus>\r\n" . ' <Modulus>' . Base64::encode($n->toBytes()) . "</Modulus>\r\n" .
' <Exponent>' . base64_encode($e->toBytes()) . "</Exponent>\r\n" . ' <Exponent>' . Base64::encode($e->toBytes()) . "</Exponent>\r\n" .
' <P>' . base64_encode($primes[1]->toBytes()) . "</P>\r\n" . ' <P>' . Base64::encode($primes[1]->toBytes()) . "</P>\r\n" .
' <Q>' . base64_encode($primes[2]->toBytes()) . "</Q>\r\n" . ' <Q>' . Base64::encode($primes[2]->toBytes()) . "</Q>\r\n" .
' <DP>' . base64_encode($exponents[1]->toBytes()) . "</DP>\r\n" . ' <DP>' . Base64::encode($exponents[1]->toBytes()) . "</DP>\r\n" .
' <DQ>' . base64_encode($exponents[2]->toBytes()) . "</DQ>\r\n" . ' <DQ>' . Base64::encode($exponents[2]->toBytes()) . "</DQ>\r\n" .
' <InverseQ>' . base64_encode($coefficients[2]->toBytes()) . "</InverseQ>\r\n" . ' <InverseQ>' . Base64::encode($coefficients[2]->toBytes()) . "</InverseQ>\r\n" .
' <D>' . base64_encode($d->toBytes()) . "</D>\r\n" . ' <D>' . Base64::encode($d->toBytes()) . "</D>\r\n" .
'</RSAKeyValue>'; '</RSAKeyValue>';
} }
@ -139,8 +140,8 @@ class XML
static function savePublicKey(BigInteger $n, BigInteger $e) static function savePublicKey(BigInteger $n, BigInteger $e)
{ {
return "<RSAKeyValue>\r\n" . return "<RSAKeyValue>\r\n" .
' <Modulus>' . base64_encode($n->toBytes()) . "</Modulus>\r\n" . ' <Modulus>' . Base64::encode($n->toBytes()) . "</Modulus>\r\n" .
' <Exponent>' . base64_encode($e->toBytes()) . "</Exponent>\r\n" . ' <Exponent>' . Base64::encode($e->toBytes()) . "</Exponent>\r\n" .
'</RSAKeyValue>'; '</RSAKeyValue>';
} }
} }

9
phpseclib/Crypt/Random.php
View File

@ -24,6 +24,9 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
/** /**
* Pure-PHP Random Number Generator * Pure-PHP Random Number Generator
* *
@ -93,7 +96,7 @@ class Random
session_cache_limiter(''); session_cache_limiter('');
session_start(); session_start();
$v = $seed = $_SESSION['seed'] = pack('H*', sha1( $v = $seed = $_SESSION['seed'] = Hex::decode(sha1(
(isset($_SERVER) ? self::safe_serialize($_SERVER) : '') . (isset($_SERVER) ? self::safe_serialize($_SERVER) : '') .
(isset($_POST) ? self::safe_serialize($_POST) : '') . (isset($_POST) ? self::safe_serialize($_POST) : '') .
(isset($_GET) ? self::safe_serialize($_GET) : '') . (isset($_GET) ? self::safe_serialize($_GET) : '') .
@ -132,8 +135,8 @@ class Random
// http://tools.ietf.org/html/rfc4253#section-7.2 // http://tools.ietf.org/html/rfc4253#section-7.2
// //
// see the is_string($crypto) part for an example of how to expand the keys // see the is_string($crypto) part for an example of how to expand the keys
$key = pack('H*', sha1($seed . 'A')); $key = Hex::decode(sha1($seed . 'A'));
$iv = pack('H*', sha1($seed . 'C')); $iv = Hex::decode(sha1($seed . 'C'));
// ciphers are used as per the nist.gov link below. also, see this link: // ciphers are used as per the nist.gov link below. also, see this link:
// //

5
phpseclib/File/ASN1.php
View File

@ -23,6 +23,7 @@
namespace phpseclib\File; namespace phpseclib\File;
use ParagonIE\ConstantTime\Base64;
use phpseclib\File\ASN1\Element; use phpseclib\File\ASN1\Element;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
@ -733,7 +734,7 @@ class ASN1
return $values; return $values;
} }
case self::TYPE_OCTET_STRING: case self::TYPE_OCTET_STRING:
return base64_encode($decoded['content']); return Base64::encode($decoded['content']);
case self::TYPE_NULL: case self::TYPE_NULL:
return ''; return '';
case self::TYPE_BOOLEAN: case self::TYPE_BOOLEAN:
@ -981,7 +982,7 @@ class ASN1
the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven. the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven.
-- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */ -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */
$value = base64_decode($source); $value = Base64::decode($source);
break; break;
case self::TYPE_OBJECT_IDENTIFIER: case self::TYPE_OBJECT_IDENTIFIER:
$oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids); $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids);

54
phpseclib/File/X509.php
View File

@ -26,6 +26,8 @@
namespace phpseclib\File; namespace phpseclib\File;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\Hash; use phpseclib\Crypt\Hash;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Crypt\RSA; use phpseclib\Crypt\RSA;
@ -1497,7 +1499,7 @@ class X509
switch ($algorithm) { switch ($algorithm) {
case 'rsaEncryption': case 'rsaEncryption':
$cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']
= base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']))); = Base64::encode("\0" . Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'])));
/* "[For RSA keys] the parameters field MUST have ASN.1 type NULL for this algorithm identifier." /* "[For RSA keys] the parameters field MUST have ASN.1 type NULL for this algorithm identifier."
-- https://tools.ietf.org/html/rfc3279#section-2.3.1 -- https://tools.ietf.org/html/rfc3279#section-2.3.1
@ -1545,7 +1547,7 @@ class X509
return $cert; return $cert;
// case self::FORMAT_PEM: // case self::FORMAT_PEM:
default: default:
return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert), 64) . '-----END CERTIFICATE-----'; return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(Base64::encode($cert), 64) . '-----END CERTIFICATE-----';
} }
} }
@ -1566,7 +1568,7 @@ class X509
for ($i = 0; $i < count($extensions); $i++) { for ($i = 0; $i < count($extensions); $i++) {
$id = $extensions[$i]['extnId']; $id = $extensions[$i]['extnId'];
$value = &$extensions[$i]['extnValue']; $value = &$extensions[$i]['extnValue'];
$value = base64_decode($value); $value = Base64::decode($value);
$decoded = $asn1->decodeBER($value); $decoded = $asn1->decodeBER($value);
/* [extnValue] contains the DER encoding of an ASN.1 value /* [extnValue] contains the DER encoding of an ASN.1 value
corresponding to the extension type identified by extnID */ corresponding to the extension type identified by extnID */
@ -1593,7 +1595,7 @@ class X509
} }
} }
} else { } else {
$value = base64_encode($value); $value = Base64::encode($value);
} }
} }
} }
@ -1659,7 +1661,7 @@ class X509
} }
} else { } else {
$temp = $asn1->encodeDER($value, $map, array('iPAddress' => array($this, '_encodeIP'))); $temp = $asn1->encodeDER($value, $map, array('iPAddress' => array($this, '_encodeIP')));
$value = base64_encode($temp); $value = Base64::encode($temp);
} }
} }
} }
@ -1698,7 +1700,7 @@ class X509
$this->_mapInExtensions($values, $j, $asn1); $this->_mapInExtensions($values, $j, $asn1);
} }
} elseif ($map) { } elseif ($map) {
$values[$j] = base64_encode($value); $values[$j] = Base64::encode($value);
} }
} }
} }
@ -2067,7 +2069,7 @@ class X509
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'],
$this->currentCert['signatureAlgorithm']['algorithm'], $this->currentCert['signatureAlgorithm']['algorithm'],
substr(base64_decode($this->currentCert['signature']), 1), substr(Base64::decode($this->currentCert['signature']), 1),
$this->signatureSubject $this->signatureSubject
); );
case isset($this->currentCert['certificationRequestInfo']): case isset($this->currentCert['certificationRequestInfo']):
@ -2075,7 +2077,7 @@ class X509
$this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'], $this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'],
$this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'],
$this->currentCert['signatureAlgorithm']['algorithm'], $this->currentCert['signatureAlgorithm']['algorithm'],
substr(base64_decode($this->currentCert['signature']), 1), substr(Base64::decode($this->currentCert['signature']), 1),
$this->signatureSubject $this->signatureSubject
); );
case isset($this->currentCert['publicKeyAndChallenge']): case isset($this->currentCert['publicKeyAndChallenge']):
@ -2083,7 +2085,7 @@ class X509
$this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'], $this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'],
$this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'], $this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'],
$this->currentCert['signatureAlgorithm']['algorithm'], $this->currentCert['signatureAlgorithm']['algorithm'],
substr(base64_decode($this->currentCert['signature']), 1), substr(Base64::decode($this->currentCert['signature']), 1),
$this->signatureSubject $this->signatureSubject
); );
case isset($this->currentCert['tbsCertList']): case isset($this->currentCert['tbsCertList']):
@ -2109,7 +2111,7 @@ class X509
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
$signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'],
$this->currentCert['signatureAlgorithm']['algorithm'], $this->currentCert['signatureAlgorithm']['algorithm'],
substr(base64_decode($this->currentCert['signature']), 1), substr(Base64::decode($this->currentCert['signature']), 1),
$this->signatureSubject $this->signatureSubject
); );
default: default:
@ -2182,7 +2184,7 @@ class X509
// subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits // subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits
// in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox // in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox
// uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do. // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) . chunk_split(Base64::encode(substr(Base64::decode($key), 1)), 64) .
'-----END RSA PUBLIC KEY-----'; '-----END RSA PUBLIC KEY-----';
default: default:
return $key; return $key;
@ -2200,7 +2202,7 @@ class X509
*/ */
function _decodeIP($ip) function _decodeIP($ip)
{ {
return inet_ntop(base64_decode($ip)); return inet_ntop(Base64::decode($ip));
} }
/** /**
@ -2214,7 +2216,7 @@ class X509
*/ */
function _encodeIP($ip) function _encodeIP($ip)
{ {
return base64_encode(inet_pton($ip)); return Base64::encode(inet_pton($ip));
} }
/** /**
@ -2536,7 +2538,7 @@ class X509
$hash = new Hash('sha1'); $hash = new Hash('sha1');
$hash = $hash->hash($dn); $hash = $hash->hash($dn);
extract(unpack('Vhash', $hash)); extract(unpack('Vhash', $hash));
return strtolower(bin2hex(pack('N', $hash))); return strtolower(Hex::encode(pack('N', $hash)));
} }
// Default is to return a string. // Default is to return a string.
@ -2923,7 +2925,7 @@ class X509
switch ($algorithm) { switch ($algorithm) {
case 'rsaEncryption': case 'rsaEncryption':
$csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']
= base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']))); = Base64::encode("\0" . Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'])));
} }
} }
@ -2945,7 +2947,7 @@ class X509
return $csr; return $csr;
// case self::FORMAT_PEM: // case self::FORMAT_PEM:
default: default:
return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----'; return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(Base64::encode($csr), 64) . '-----END CERTIFICATE REQUEST-----';
} }
} }
@ -2976,7 +2978,7 @@ class X509
// OpenSSL produces SPKAC's that are preceeded by the string SPKAC= // OpenSSL produces SPKAC's that are preceeded by the string SPKAC=
$temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac); $temp = preg_replace('#(?:SPKAC=)|[ \r\n\\\]#', '', $spkac);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false; $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false;
if ($temp != false) { if ($temp != false) {
$spkac = $temp; $spkac = $temp;
} }
@ -3047,7 +3049,7 @@ class X509
switch ($algorithm) { switch ($algorithm) {
case 'rsaEncryption': case 'rsaEncryption':
$spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'] $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']
= base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey']))); = Base64::encode("\0" . Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $spkac['publicKeyAndChallenge']['spki']['subjectPublicKey'])));
} }
} }
@ -3063,7 +3065,7 @@ class X509
default: default:
// OpenSSL's implementation of SPKAC requires the SPKAC be preceeded by SPKAC= and since there are pretty much // OpenSSL's implementation of SPKAC requires the SPKAC be preceeded by SPKAC= and since there are pretty much
// no other SPKAC decoders phpseclib will use that same format // no other SPKAC decoders phpseclib will use that same format
return 'SPKAC=' . base64_encode($spkac); return 'SPKAC=' . Base64::encode($spkac);
} }
} }
@ -3181,7 +3183,7 @@ class X509
return $crl; return $crl;
// case self::FORMAT_PEM: // case self::FORMAT_PEM:
default: default:
return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl), 64) . '-----END X509 CRL-----'; return "-----BEGIN X509 CRL-----\r\n" . chunk_split(Base64::encode($crl), 64) . '-----END X509 CRL-----';
} }
} }
@ -3373,7 +3375,7 @@ class X509
); );
if (!isset($subject->currentKeyIdentifier)) { if (!isset($subject->currentKeyIdentifier)) {
$this->setExtension('id-ce-subjectKeyIdentifier', base64_encode($this->computeKeyIdentifier($this->currentCert)), false, false); $this->setExtension('id-ce-subjectKeyIdentifier', Base64::encode($this->computeKeyIdentifier($this->currentCert)), false, false);
} }
} }
@ -3668,7 +3670,7 @@ class X509
case 'sha512WithRSAEncryption': case 'sha512WithRSAEncryption':
$key->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm)); $key->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm));
$this->currentCert['signature'] = base64_encode("\0" . $key->sign($this->signatureSubject, RSA::PADDING_PKCS1)); $this->currentCert['signature'] = Base64::encode("\0" . $key->sign($this->signatureSubject, RSA::PADDING_PKCS1));
return $this->currentCert; return $this->currentCert;
default: default:
throw new UnsupportedAlgorithmException('Signature algorithm unsupported'); throw new UnsupportedAlgorithmException('Signature algorithm unsupported');
@ -4181,7 +4183,7 @@ class X509
if (empty($value)) { if (empty($value)) {
unset($this->currentKeyIdentifier); unset($this->currentKeyIdentifier);
} else { } else {
$this->currentKeyIdentifier = base64_encode($value); $this->currentKeyIdentifier = Base64::encode($value);
} }
} }
@ -4229,7 +4231,7 @@ class X509
if (empty($raw)) { if (empty($raw)) {
return false; return false;
} }
$raw = base64_decode($raw); $raw = Base64::decode($raw);
// If the key is private, compute identifier from its corresponding public key. // If the key is private, compute identifier from its corresponding public key.
$key = new RSA(); $key = new RSA();
if (!$key->load($raw)) { if (!$key->load($raw)) {
@ -4282,7 +4284,7 @@ class X509
if ($this->publicKey instanceof RSA) { if ($this->publicKey instanceof RSA) {
// the following two return statements do the same thing. i dunno.. i just prefer the later for some reason. // the following two return statements do the same thing. i dunno.. i just prefer the later for some reason.
// the former is a good example of how to do fuzzing on the public key // the former is a good example of how to do fuzzing on the public key
//return new Element(base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->getPublicKey()))); //return new Element(Base64::decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->getPublicKey())));
return array( return array(
'algorithm' => array('algorithm' => 'rsaEncryption'), 'algorithm' => array('algorithm' => 'rsaEncryption'),
'subjectPublicKey' => $this->publicKey->getPublicKey('PKCS1') 'subjectPublicKey' => $this->publicKey->getPublicKey('PKCS1')
@ -4585,7 +4587,7 @@ class X509
$temp = preg_replace('#-+[^-]+-+#', '', $temp); $temp = preg_replace('#-+[^-]+-+#', '', $temp);
// remove new lines // remove new lines
$temp = str_replace(array("\r", "\n", ' '), '', $temp); $temp = str_replace(array("\r", "\n", ' '), '', $temp);
$temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false; $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? Base64::decode($temp) : false;
return $temp != false ? $temp : $str; return $temp != false ? $temp : $str;
} }

18
phpseclib/Math/BigInteger.php
View File

@ -50,6 +50,8 @@
namespace phpseclib\Math; namespace phpseclib\Math;
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
/** /**
@ -360,7 +362,7 @@ class BigInteger
switch (MATH_BIGINTEGER_MODE) { switch (MATH_BIGINTEGER_MODE) {
case self::MODE_GMP: case self::MODE_GMP:
$sign = $this->is_negative ? '-' : ''; $sign = $this->is_negative ? '-' : '';
$this->value = gmp_init($sign . '0x' . bin2hex($x)); $this->value = gmp_init($sign . '0x' . Hex::encode($x));
break; break;
case self::MODE_BCMATH: case self::MODE_BCMATH:
// round $len to the nearest 4 (thanks, DavidMJ!) // round $len to the nearest 4 (thanks, DavidMJ!)
@ -405,7 +407,7 @@ class BigInteger
$is_negative = false; $is_negative = false;
if ($base < 0 && hexdec($x[0]) >= 8) { if ($base < 0 && hexdec($x[0]) >= 8) {
$this->is_negative = $is_negative = true; $this->is_negative = $is_negative = true;
$x = bin2hex(~pack('H*', $x)); $x = Hex::encode(~Hex::decode($x));
} }
switch (MATH_BIGINTEGER_MODE) { switch (MATH_BIGINTEGER_MODE) {
@ -416,13 +418,13 @@ class BigInteger
break; break;
case self::MODE_BCMATH: case self::MODE_BCMATH:
$x = (strlen($x) & 1) ? '0' . $x : $x; $x = (strlen($x) & 1) ? '0' . $x : $x;
$temp = new static(pack('H*', $x), 256); $temp = new static(Hex::decode($x), 256);
$this->value = $this->is_negative ? '-' . $temp->value : $temp->value; $this->value = $this->is_negative ? '-' . $temp->value : $temp->value;
$this->is_negative = false; $this->is_negative = false;
break; break;
default: default:
$x = (strlen($x) & 1) ? '0' . $x : $x; $x = (strlen($x) & 1) ? '0' . $x : $x;
$temp = new static(pack('H*', $x), 256); $temp = new static(Hex::decode($x), 256);
$this->value = $temp->value; $this->value = $temp->value;
} }
@ -549,7 +551,7 @@ class BigInteger
$temp = gmp_strval(gmp_abs($this->value), 16); $temp = gmp_strval(gmp_abs($this->value), 16);
$temp = (strlen($temp) & 1) ? '0' . $temp : $temp; $temp = (strlen($temp) & 1) ? '0' . $temp : $temp;
$temp = pack('H*', $temp); $temp = Hex::decode($temp);
return $this->precision > 0 ? return $this->precision > 0 ?
substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) : substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
@ -614,7 +616,7 @@ class BigInteger
*/ */
function toHex($twos_compliment = false) function toHex($twos_compliment = false)
{ {
return bin2hex($this->toBytes($twos_compliment)); return Hex::encode($this->toBytes($twos_compliment));
} }
/** /**
@ -1643,7 +1645,7 @@ class BigInteger
$components['publicExponent'] $components['publicExponent']
); );
$rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA $rsaOID = Hex::decode('300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPublicKey = chr(0) . $RSAPublicKey; $RSAPublicKey = chr(0) . $RSAPublicKey;
$RSAPublicKey = chr(3) . self::_encodeASN1Length(strlen($RSAPublicKey)) . $RSAPublicKey; $RSAPublicKey = chr(3) . self::_encodeASN1Length(strlen($RSAPublicKey)) . $RSAPublicKey;
@ -1655,7 +1657,7 @@ class BigInteger
); );
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" . $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
chunk_split(base64_encode($encapsulated)) . chunk_split(Base64::encode($encapsulated)) .
'-----END PUBLIC KEY-----'; '-----END PUBLIC KEY-----';
$plaintext = str_pad($this->toBytes(), strlen($n->toBytes(true)) - 1, "\0", STR_PAD_LEFT); $plaintext = str_pad($this->toBytes(), strlen($n->toBytes(true)) - 1, "\0", STR_PAD_LEFT);

2
phpseclib/Net/SFTP.php
View File

@ -2643,7 +2643,7 @@ class SFTP extends SSH2
// IEEE 754 binary64 "double precision" on such platforms and // IEEE 754 binary64 "double precision" on such platforms and
// as such can represent integers of at least 2^50 without loss // as such can represent integers of at least 2^50 without loss
// of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB. // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB.
$attr['size'] = hexdec(bin2hex($this->_string_shift($response, 8))); $attr['size'] = hexdec(Hex::encode($this->_string_shift($response, 8)));
break; break;
case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
$attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8)); $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));

3
phpseclib/Net/SSH1.php
View File

@ -48,6 +48,7 @@
namespace phpseclib\Net; namespace phpseclib\Net;
use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\DES; use phpseclib\Crypt\DES;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Crypt\TripleDES; use phpseclib\Crypt\TripleDES;
@ -609,7 +610,7 @@ class SSH1
} }
} }
$session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie)); $session_id = Hex::decode(md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie));
$session_key = Random::string(32); $session_key = Random::string(32);
$double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0)); $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0));

5
phpseclib/Net/SSH2.php
View File

@ -49,6 +49,7 @@
namespace phpseclib\Net; namespace phpseclib\Net;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Crypt\Base; use phpseclib\Crypt\Base;
use phpseclib\Crypt\Blowfish; use phpseclib\Crypt\Blowfish;
use phpseclib\Crypt\Hash; use phpseclib\Crypt\Hash;
@ -3980,7 +3981,7 @@ class SSH2
if ($this->signature_validated) { if ($this->signature_validated) {
return $this->bitmap ? return $this->bitmap ?
$this->signature_format . ' ' . base64_encode($this->server_public_host_key) : $this->signature_format . ' ' . Base64::encode($this->server_public_host_key) :
false; false;
} }
@ -4096,7 +4097,7 @@ class SSH2
throw new NoSupportedAlgorithmsException('Unsupported signature format'); throw new NoSupportedAlgorithmsException('Unsupported signature format');
} }
return $this->signature_format . ' ' . base64_encode($this->server_public_host_key); return $this->signature_format . ' ' . Base64::encode($this->server_public_host_key);
} }
/** /**

3
phpseclib/System/SSH/Agent.php
View File

@ -33,6 +33,7 @@
namespace phpseclib\System\SSH; namespace phpseclib\System\SSH;
use ParagonIE\ConstantTime\Base64;
use phpseclib\Crypt\RSA; use phpseclib\Crypt\RSA;
use phpseclib\Exception\BadConfigurationException; use phpseclib\Exception\BadConfigurationException;
use phpseclib\System\SSH\Agent\Identity; use phpseclib\System\SSH\Agent\Identity;
@ -171,7 +172,7 @@ class Agent
for ($i = 0; $i < $keyCount; $i++) { for ($i = 0; $i < $keyCount; $i++) {
$length = current(unpack('N', fread($this->fsock, 4))); $length = current(unpack('N', fread($this->fsock, 4)));
$key_blob = fread($this->fsock, $length); $key_blob = fread($this->fsock, $length);
$key_str = 'ssh-rsa ' . base64_encode($key_blob); $key_str = 'ssh-rsa ' . Base64::encode($key_blob);
$length = current(unpack('N', fread($this->fsock, 4))); $length = current(unpack('N', fread($this->fsock, 4)));
if ($length) { if ($length) {
$key_str.= ' ' . fread($this->fsock, $length); $key_str.= ' ' . fread($this->fsock, $length);