From b85ce73d1774ed26a78a366456a3cb0b598984b6 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 21 Sep 2023 15:07:09 -0500 Subject: [PATCH 1/2] AES: rm redundant setKey() method and fix setKeyLength() --- phpseclib/Crypt/AES.php | 42 +++++-------------------------- tests/Unit/Crypt/AES/TestCase.php | 29 +++++++++++++++++++++ 2 files changed, 35 insertions(+), 36 deletions(-) diff --git a/phpseclib/Crypt/AES.php b/phpseclib/Crypt/AES.php index 594011e5..8f449c94 100644 --- a/phpseclib/Crypt/AES.php +++ b/phpseclib/Crypt/AES.php @@ -155,43 +155,13 @@ class Crypt_AES extends Crypt_Rijndael */ function setKeyLength($length) { - switch ($length) { - case 160: - $length = 192; - break; - case 224: - $length = 256; - } parent::setKeyLength($length); - } - - /** - * Sets the key. - * - * Rijndael supports five different key lengths, AES only supports three. - * - * @see Crypt_Rijndael:setKey() - * @see setKeyLength() - * @access public - * @param string $key - */ - function setKey($key) - { - parent::setKey($key); - - if (!$this->explicit_key_length) { - $length = strlen($key); - switch (true) { - case $length <= 16: - $this->key_length = 16; - break; - case $length <= 24: - $this->key_length = 24; - break; - default: - $this->key_length = 32; - } - $this->_setEngine(); + switch ($this->key_length) { + case 20: + $this->key_length = 24; + break; + case 28: + $this->key_length = 32; } } } diff --git a/tests/Unit/Crypt/AES/TestCase.php b/tests/Unit/Crypt/AES/TestCase.php index c7011c19..fe18322a 100644 --- a/tests/Unit/Crypt/AES/TestCase.php +++ b/tests/Unit/Crypt/AES/TestCase.php @@ -370,6 +370,35 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase $this->assertSame($aes->getKeyLength(), 256); } + public function testInvalidLengthKeyWithAES() + { + $plaintext = str_repeat('x', 16); + + $aes = new Crypt_Rijndael(); + $aes->setKey(str_repeat('a', 19)); + $this->assertSame($aes->getKeyLength(), 160); + + $ref = new Crypt_Rijndael(); + $ref->setKey(str_repeat('a', 19) . "\0"); + $this->assertSame( + bin2hex($aes->encrypt($plaintext)), + bin2hex($ref->encrypt($plaintext)), + 'actual and expected value do not match for 168 bit Rijndael' + ); + + $aes = new Crypt_AES(); + $aes->setKey(str_repeat('a', 19)); + $this->assertSame($aes->getKeyLength(), 192); + + $ref = new Crypt_AES(); + $ref->setKey(str_repeat('a', 19) . "\0\0\0\0\0"); + $this->assertSame( + bin2hex($aes->encrypt($plaintext)), + bin2hex($ref->encrypt($plaintext)), + 'actual and expected value do not match for 168 bit AES' + ); + } + /** * @group github938 */ From b1bd715445f2ebefa97f5a14bab932993a539843 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Thu, 21 Sep 2023 15:07:38 -0500 Subject: [PATCH 2/2] Rijndael: fix for PHP 8.3+ compatability --- phpseclib/Crypt/Rijndael.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/phpseclib/Crypt/Rijndael.php b/phpseclib/Crypt/Rijndael.php index 7e146015..f73098e9 100644 --- a/phpseclib/Crypt/Rijndael.php +++ b/phpseclib/Crypt/Rijndael.php @@ -887,7 +887,6 @@ class Crypt_Rijndael extends Crypt_Base // Generating encrypt code: $init_encrypt.= ' - static $tables; if (empty($tables)) { $tables = &$self->_getTables(); } @@ -944,7 +943,6 @@ class Crypt_Rijndael extends Crypt_Base // Generating decrypt code: $init_decrypt.= ' - static $invtables; if (empty($invtables)) { $invtables = &$self->_getInvTables(); } @@ -1001,7 +999,7 @@ class Crypt_Rijndael extends Crypt_Base $lambda_functions[$code_hash] = $this->_createInlineCryptFunction( array( - 'init_crypt' => '', + 'init_crypt' => 'static $tables; static $invtables;', 'init_encrypt' => $init_encrypt, 'init_decrypt' => $init_decrypt, 'encrypt_block' => $encrypt_block,