From 1dfd315725a6eb1e3e1c3c1e27453fbc12f37ab6 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 9 Dec 2016 16:46:34 -0600 Subject: [PATCH] RSA: use public / private / protected --- phpseclib/Crypt/Common/PKCS1.php | 12 +- phpseclib/Crypt/Common/PKCS8.php | 24 +-- phpseclib/Crypt/RSA.php | 299 +++++++++++++++---------------- phpseclib/Crypt/RSA/MSBLOB.php | 8 +- phpseclib/Crypt/RSA/OpenSSH.php | 10 +- phpseclib/Crypt/RSA/PKCS1.php | 8 +- phpseclib/Crypt/RSA/PKCS8.php | 8 +- phpseclib/Crypt/RSA/PuTTY.php | 14 +- phpseclib/Crypt/RSA/Raw.php | 6 +- phpseclib/Crypt/RSA/XML.php | 8 +- 10 files changed, 197 insertions(+), 200 deletions(-) diff --git a/phpseclib/Crypt/Common/PKCS1.php b/phpseclib/Crypt/Common/PKCS1.php index dc9d3a55..e331481f 100644 --- a/phpseclib/Crypt/Common/PKCS1.php +++ b/phpseclib/Crypt/Common/PKCS1.php @@ -61,7 +61,7 @@ abstract class PKCS1 extends PKCS * @return int * @throws \UnexpectedValueException if the block cipher mode is unsupported */ - public static function getEncryptionMode($mode) + private static function getEncryptionMode($mode) { switch ($mode) { case 'CBC': @@ -86,7 +86,7 @@ abstract class PKCS1 extends PKCS * @return string * @throws \UnexpectedValueException if the encryption algorithm is unsupported */ - public static function getEncryptionObject($algo) + private static function getEncryptionObject($algo) { $modes = '(CBC|ECB|CFB|OFB|CTR)'; switch (true) { @@ -112,7 +112,7 @@ abstract class PKCS1 extends PKCS * @param int $length * @return string */ - public static function generateSymmetricKey($password, $iv, $length) + private static function generateSymmetricKey($password, $iv, $length) { $symkey = ''; $iv = substr($iv, 0, 8); @@ -130,7 +130,7 @@ abstract class PKCS1 extends PKCS * @param string $password optional * @return array */ - public static function load($key, $password) + protected static function load($key, $password) { if (!is_string($key)) { return false; @@ -186,7 +186,7 @@ abstract class PKCS1 extends PKCS * @param string $password * @return string */ - public static function wrapPrivateKey($key, $type, $password) + protected static function wrapPrivateKey($key, $type, $password) { if (empty($password) || !is_string($password)) { return "-----BEGIN $type PRIVATE KEY-----\r\n" . @@ -215,7 +215,7 @@ abstract class PKCS1 extends PKCS * @param string $type * @return string */ - public static function wrapPublicKey($key, $type) + protected static function wrapPublicKey($key, $type) { return "-----BEGIN $type PUBLIC KEY-----\r\n" . chunk_split(Base64::encode($key), 64) . diff --git a/phpseclib/Crypt/Common/PKCS8.php b/phpseclib/Crypt/Common/PKCS8.php index f217686a..81a2b95f 100644 --- a/phpseclib/Crypt/Common/PKCS8.php +++ b/phpseclib/Crypt/Common/PKCS8.php @@ -47,7 +47,7 @@ use phpseclib\Exception\UnsupportedAlgorithmException; * @author Jim Wigginton * @access public */ -class PKCS8 extends PKCS +abstract class PKCS8 extends PKCS { /** * Default encryption algorithm @@ -143,7 +143,7 @@ class PKCS8 extends PKCS * @access public * @param string $algo */ - public static function getPBES1EncryptionObject($algo) + private static function getPBES1EncryptionObject($algo) { $algo = preg_match('#^pbeWith(?:MD2|MD5|SHA1|SHA)And(.*?)-CBC$#', $algo, $matches) ? $matches[1] : @@ -192,7 +192,7 @@ class PKCS8 extends PKCS * @access public * @param string $algo */ - public static function getPBES1Hash($algo) + private static function getPBES1Hash($algo) { if (preg_match('#^pbeWith(MD2|MD5|SHA1|SHA)And.*?-CBC$#', $algo, $matches)) { return $matches[1] == 'SHA' ? 'sha1' : $matches[1]; @@ -207,7 +207,7 @@ class PKCS8 extends PKCS * @access public * @param string $algo */ - public static function getPBES1KDF($algo) + private static function getPBES1KDF($algo) { switch ($algo) { case 'pbeWithMD2AndDES-CBC': @@ -228,7 +228,7 @@ class PKCS8 extends PKCS * @access public * @param string $algo */ - public static function getPBES2EncryptionObject($algo) + private static function getPBES2EncryptionObject($algo) { switch ($algo) { case 'desCBC': @@ -262,7 +262,7 @@ class PKCS8 extends PKCS * * @access private */ - public static function _initialize_static_variables() + private static function initialize_static_variables() { if (!self::$oidsLoaded) { // from https://tools.ietf.org/html/rfc2898 @@ -318,9 +318,9 @@ class PKCS8 extends PKCS * @param string $password optional * @return array */ - public static function load($key, $password = '') + protected static function load($key, $password = '') { - self::_initialize_static_variables(); + self::initialize_static_variables(); if (!is_string($key)) { return false; @@ -482,9 +482,9 @@ class PKCS8 extends PKCS * @param string $password * @return string */ - public static function wrapPrivateKey($key, $algorithm, $attr, $password) + protected static function wrapPrivateKey($key, $algorithm, $attr, $password) { - self::_initialize_static_variables(); + self::initialize_static_variables(); $key = [ 'version' => 'v1', @@ -577,9 +577,9 @@ class PKCS8 extends PKCS * @param string $key * @return string */ - public static function wrapPublicKey($key, $algorithm) + protected static function wrapPublicKey($key, $algorithm) { - self::_initialize_static_variables(); + self::initialize_static_variables(); $key = [ 'publicKeyAlgorithm' => [ diff --git a/phpseclib/Crypt/RSA.php b/phpseclib/Crypt/RSA.php index e637078f..51bf5531 100644 --- a/phpseclib/Crypt/RSA.php +++ b/phpseclib/Crypt/RSA.php @@ -141,7 +141,7 @@ class RSA * @var \phpseclib\Math\BigInteger * @access private */ - static $zero; + private static $zero; /** * Precomputed One @@ -149,7 +149,7 @@ class RSA * @var \phpseclib\Math\BigInteger * @access private */ - static $one; + private static $one; /** * Private Key Format @@ -157,7 +157,7 @@ class RSA * @var string * @access private */ - var $privateKeyFormat = 'PKCS8'; + private $privateKeyFormat = 'PKCS8'; /** * Public Key Format @@ -165,7 +165,7 @@ class RSA * @var string * @access private */ - var $publicKeyFormat = 'PKCS8'; + private $publicKeyFormat = 'PKCS8'; /** * Modulus (ie. n) @@ -173,7 +173,7 @@ class RSA * @var \phpseclib\Math\BigInteger * @access private */ - var $modulus; + private $modulus; /** * Modulus length @@ -181,7 +181,7 @@ class RSA * @var \phpseclib\Math\BigInteger * @access private */ - var $k; + private $k; /** * Exponent (ie. e or d) @@ -189,7 +189,7 @@ class RSA * @var \phpseclib\Math\BigInteger * @access private */ - var $exponent; + private $exponent; /** * Primes for Chinese Remainder Theorem (ie. p and q) @@ -197,7 +197,7 @@ class RSA * @var array * @access private */ - var $primes; + private $primes; /** * Exponents for Chinese Remainder Theorem (ie. dP and dQ) @@ -205,7 +205,7 @@ class RSA * @var array * @access private */ - var $exponents; + private $exponents; /** * Coefficients for Chinese Remainder Theorem (ie. qInv) @@ -213,7 +213,7 @@ class RSA * @var array * @access private */ - var $coefficients; + private $coefficients; /** * Hash name @@ -221,7 +221,7 @@ class RSA * @var string * @access private */ - var $hashName; + private $hashName; /** * Hash function @@ -229,7 +229,7 @@ class RSA * @var \phpseclib\Crypt\Hash * @access private */ - var $hash; + private $hash; /** * Length of hash function output @@ -237,7 +237,7 @@ class RSA * @var int * @access private */ - var $hLen; + private $hLen; /** * Length of salt @@ -245,7 +245,7 @@ class RSA * @var int * @access private */ - var $sLen; + private $sLen; /** * Hash function for the Mask Generation Function @@ -253,7 +253,7 @@ class RSA * @var \phpseclib\Crypt\Hash * @access private */ - var $mgfHash; + private $mgfHash; /** * Length of MGF hash function output @@ -261,7 +261,7 @@ class RSA * @var int * @access private */ - var $mgfHLen; + private $mgfHLen; /** * Public Exponent @@ -269,7 +269,7 @@ class RSA * @var mixed * @access private */ - var $publicExponent = false; + private $publicExponent = false; /** * Password @@ -277,7 +277,7 @@ class RSA * @var string * @access private */ - var $password = false; + private $password = false; /** * Loaded File Format @@ -285,7 +285,7 @@ class RSA * @var string * @access private */ - var $format = false; + private $format = false; /** * OpenSSL configuration file name. @@ -296,25 +296,25 @@ class RSA * @var mixed * @access public */ - static $configFile; + private static $configFile; /** * Supported file formats (lower case) * - * @see self::_initialize_static_variables() + * @see self::initialize_static_variables() * @var array * @access private */ - static $fileFormats = false; + private static $fileFormats = false; /** * Supported file formats (original case) * - * @see self::_initialize_static_variables() + * @see self::initialize_static_variables() * @var array * @access private */ - static $origFileFormats = false; + private static $origFileFormats = false; /** * Public exponent @@ -323,7 +323,7 @@ class RSA * @link http://en.wikipedia.org/wiki/65537_%28number%29 * @access private */ - static $defaultExponent = 65537; + private static $defaultExponent = 65537; /** * Smallest Prime @@ -338,7 +338,7 @@ class RSA * @var int * @access private */ - static $smallestPrime = 4096; + private static $smallestPrime = 4096; /** * Engine @@ -348,14 +348,14 @@ class RSA * @var int * @access private */ - static $engine = NULL; + private static $engine = NULL; /** * Initialize static variables * * @access private */ - static function _initialize_static_variables() + private static function initialize_static_variables() { if (!isset(self::$zero)) { self::$zero= new BigInteger(0); @@ -367,11 +367,8 @@ class RSA foreach (glob(__DIR__ . '/RSA/*.php') as $file) { $name = pathinfo($file, PATHINFO_FILENAME); $type = 'phpseclib\Crypt\RSA\\' . $name; - $meta = new \ReflectionClass($type); - if (!$meta->isAbstract()) { - self::$fileFormats[strtolower($name)] = $type; - self::$origFileFormats[] = $name; - } + self::$fileFormats[strtolower($name)] = $type; + self::$origFileFormats[] = $name; } } } @@ -387,9 +384,9 @@ class RSA * @return \phpseclib\Crypt\RSA * @access public */ - function __construct() + public function __construct() { - self::_initialize_static_variables(); + self::initialize_static_variables(); $this->hash = new Hash('sha256'); $this->hLen = $this->hash->getLengthInBytes(); @@ -406,7 +403,7 @@ class RSA * @access public * @param int $val */ - static function setExponent($val) + public static function setExponent($val) { self::$defaultExponent = $val; } @@ -419,7 +416,7 @@ class RSA * @access public * @param int $val */ - static function setSmallestPrime($val) + public static function setSmallestPrime($val) { self::$smallestPrime = $val; } @@ -432,7 +429,7 @@ class RSA * @access public * @param int $val */ - static function setEngine($val) + public static function setEngine($val) { self::$engine = $val; } @@ -451,9 +448,9 @@ class RSA * @param int $timeout * @param array $p */ - static function createKey($bits = 2048) + public static function createKey($bits = 2048) { - self::_initialize_static_variables(); + self::initialize_static_variables(); if (!isset(self::$engine)) { switch (true) { @@ -605,9 +602,9 @@ class RSA * @access public * @return bool */ - static function addFileFormat($fullname) + public static function addFileFormat($fullname) { - self::_initialize_static_variables(); + self::initialize_static_variables(); if (class_exists($fullname)) { $meta = new \ReflectionClass($path); @@ -623,9 +620,9 @@ class RSA * @access public * @return array */ - static function getSupportedFormats() + public static function getSupportedFormats() { - self::_initialize_static_variables(); + self::initialize_static_variables(); return self::$origFileFormats; } @@ -639,7 +636,7 @@ class RSA * @param string $key * @param int $type optional */ - function load($key, $type = false) + public function load($key, $type = false) { if ($key instanceof RSA) { $this->privateKeyFormat = $key->privateKeyFormat; @@ -743,7 +740,7 @@ class RSA * @access public * @return mixed */ - function getLoadedFormat() + public function getLoadedFormat() { if ($this->format === false) { return false; @@ -763,7 +760,7 @@ class RSA * @param string $type optional * @return mixed */ - function getPrivateKey($type = 'PKCS1') + public function getPrivateKey($type = 'PKCS1') { $type = strtolower($type); if (!isset(self::$fileFormats[$type])) { @@ -817,7 +814,7 @@ class RSA * @access public * @return int */ - function getLength() + public function getLength() { return !isset($this->modulus) ? 0 : $this->modulus->getLength(); } @@ -833,7 +830,7 @@ class RSA * @access public * @param string $password */ - function setPassword($password = false) + public function setPassword($password = false) { $this->password = $password; } @@ -859,7 +856,7 @@ class RSA * @param int $type optional * @return bool */ - function setPublicKey($key = false, $type = false) + public function setPublicKey($key = false, $type = false) { // if a public key has already been loaded return false if (!empty($this->publicExponent)) { @@ -932,7 +929,7 @@ class RSA * @param int $type optional * @return bool */ - function setPrivateKey($key = false, $type = false) + public function setPrivateKey($key = false, $type = false) { if ($key === false && !empty($this->publicExponent)) { $this->publicExponent = false; @@ -962,7 +959,7 @@ class RSA * @param string $type optional * @return mixed */ - function getPublicKey($type = 'PKCS8') + public function getPublicKey($type = 'PKCS8') { $type = strtolower($type); if (!isset(self::$fileFormats[$type])) { @@ -992,7 +989,7 @@ class RSA * for invalid values. * @return mixed */ - function getPublicKeyFingerprint($algorithm = 'md5') + public function getPublicKeyFingerprint($algorithm = 'md5') { if (empty($this->modulus) || empty($this->publicExponent)) { return false; @@ -1026,7 +1023,7 @@ class RSA * @param string $type optional * @return mixed */ - function _getPrivatePublicKey($type = 'PKCS8') + private function getPrivatePublicKey($type = 'PKCS8') { $type = strtolower($type); if (!isset(self::$fileFormats[$type])) { @@ -1055,14 +1052,14 @@ class RSA * @access public * @return string */ - function __toString() + public function __toString() { try { $key = $this->getPrivateKey($this->privateKeyFormat); if (is_string($key)) { return $key; } - $key = $this->_getPrivatePublicKey($this->publicKeyFormat); + $key = $this->getPrivatePublicKey($this->publicKeyFormat); return is_string($key) ? $key : ''; } catch (\Exception $e) { return ''; @@ -1075,7 +1072,7 @@ class RSA * @access public * @return \phpseclib\Crypt\RSA */ - function __clone() + public function __clone() { $key = new RSA(); $key->load($this); @@ -1089,7 +1086,7 @@ class RSA * @access public * @param string $format */ - function setPrivateKeyFormat($format) + public function setPrivateKeyFormat($format) { $this->privateKeyFormat = $format; } @@ -1101,7 +1098,7 @@ class RSA * @access public * @param string $format */ - function setPublicKeyFormat($format) + public function setPublicKeyFormat($format) { $this->publicKeyFormat = $format; } @@ -1115,7 +1112,7 @@ class RSA * @access public * @param string $hash */ - function setHash($hash) + public function setHash($hash) { // \phpseclib\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch ($hash) { @@ -1147,7 +1144,7 @@ class RSA * @access public * @param string $hash */ - function setMGFHash($hash) + public function setMGFHash($hash) { // \phpseclib\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch ($hash) { @@ -1179,7 +1176,7 @@ class RSA * @access public * @param int $format */ - function setSaltLength($sLen) + public function setSaltLength($sLen) { $this->sLen = $sLen; } @@ -1194,7 +1191,7 @@ class RSA * @param int $xLen * @return bool|string */ - function _i2osp($x, $xLen) + private function i2osp($x, $xLen) { if ($x === false) { return false; @@ -1215,7 +1212,7 @@ class RSA * @param string $x * @return \phpseclib\Math\BigInteger */ - function _os2ip($x) + private function os2ip($x) { return new BigInteger($x, 256); } @@ -1229,7 +1226,7 @@ class RSA * @param \phpseclib\Math\BigInteger $x * @return \phpseclib\Math\BigInteger */ - function _exponentiate($x) + private function exponentiate($x) { switch (true) { case empty($this->primes): @@ -1276,8 +1273,8 @@ class RSA $r = BigInteger::randomRange(self::$one, $smallest->subtract(self::$one)); $m_i = [ - 1 => $this->_blind($x, $r, 1), - 2 => $this->_blind($x, $r, 2) + 1 => $this->blind($x, $r, 1), + 2 => $this->blind($x, $r, 2) ]; $h = $m_i[1]->subtract($m_i[2]); $h = $h->multiply($this->coefficients[2]); @@ -1286,7 +1283,7 @@ class RSA $r = $this->primes[1]; for ($i = 3; $i <= $num_primes; $i++) { - $m_i = $this->_blind($x, $r, $i); + $m_i = $this->blind($x, $r, $i); $r = $r->multiply($this->primes[$i - 1]); @@ -1313,7 +1310,7 @@ class RSA * @param int $i * @return \phpseclib\Math\BigInteger */ - function _blind($x, $r, $i) + private function blind($x, $r, $i) { $x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i])); $x = $x->modPow($this->exponents[$i], $this->primes[$i]); @@ -1339,7 +1336,7 @@ class RSA * @param string $y * @return bool */ - static function _equals($x, $y) + private static function equals($x, $y) { if (strlen($x) != strlen($y)) { return false; @@ -1362,12 +1359,12 @@ class RSA * @param \phpseclib\Math\BigInteger $m * @return bool|\phpseclib\Math\BigInteger */ - function _rsaep($m) + private function rsaep($m) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { return false; } - return $this->_exponentiate($m); + return $this->exponentiate($m); } /** @@ -1379,12 +1376,12 @@ class RSA * @param \phpseclib\Math\BigInteger $c * @return bool|\phpseclib\Math\BigInteger */ - function _rsadp($c) + private function rsadp($c) { if ($c->compare(self::$zero) < 0 || $c->compare($this->modulus) > 0) { return false; } - return $this->_exponentiate($c); + return $this->exponentiate($c); } /** @@ -1396,12 +1393,12 @@ class RSA * @param \phpseclib\Math\BigInteger $m * @return bool|\phpseclib\Math\BigInteger */ - function _rsasp1($m) + private function rsasp1($m) { if ($m->compare(self::$zero) < 0 || $m->compare($this->modulus) > 0) { return false; } - return $this->_exponentiate($m); + return $this->exponentiate($m); } /** @@ -1413,12 +1410,12 @@ class RSA * @param \phpseclib\Math\BigInteger $s * @return bool|\phpseclib\Math\BigInteger */ - function _rsavp1($s) + private function rsavp1($s) { if ($s->compare(self::$zero) < 0 || $s->compare($this->modulus) > 0) { return false; } - return $this->_exponentiate($s); + return $this->exponentiate($s); } /** @@ -1431,7 +1428,7 @@ class RSA * @param int $mgfLen * @return string */ - function _mgf1($mgfSeed, $maskLen) + private function mgf1($mgfSeed, $maskLen) { // if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output. @@ -1457,7 +1454,7 @@ class RSA * @throws \OutOfBoundsException if strlen($m) > $this->k - 2 * $this->hLen - 2 * @return string */ - function _rsaes_oaep_encrypt($m, $l = '') + private function rsaes_oaep_encrypt($m, $l = '') { $mLen = strlen($m); @@ -1476,17 +1473,17 @@ class RSA $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); $db = $lHash . $ps . chr(1) . $m; $seed = Random::string($this->hLen); - $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); + $dbMask = $this->mgf1($seed, $this->k - $this->hLen - 1); $maskedDB = $db ^ $dbMask; - $seedMask = $this->_mgf1($maskedDB, $this->hLen); + $seedMask = $this->mgf1($maskedDB, $this->hLen); $maskedSeed = $seed ^ $seedMask; $em = chr(0) . $maskedSeed . $maskedDB; // RSA encryption - $m = $this->_os2ip($em); - $c = $this->_rsaep($m); - $c = $this->_i2osp($c, $this->k); + $m = $this->os2ip($em); + $c = $this->rsaep($m); + $c = $this->i2osp($c, $this->k); // Output the ciphertext C @@ -1519,7 +1516,7 @@ class RSA * @param string $l * @return bool|string */ - function _rsaes_oaep_decrypt($c, $l = '') + private function rsaes_oaep_decrypt($c, $l = '') { // Length checking @@ -1532,9 +1529,9 @@ class RSA // RSA decryption - $c = $this->_os2ip($c); - $m = $this->_rsadp($c); - $em = $this->_i2osp($m, $this->k); + $c = $this->os2ip($c); + $m = $this->rsadp($c); + $em = $this->i2osp($m, $this->k); if ($em === false) { return false; } @@ -1545,13 +1542,13 @@ class RSA $y = ord($em[0]); $maskedSeed = substr($em, 1, $this->hLen); $maskedDB = substr($em, $this->hLen + 1); - $seedMask = $this->_mgf1($maskedDB, $this->hLen); + $seedMask = $this->mgf1($maskedDB, $this->hLen); $seed = $maskedSeed ^ $seedMask; - $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); + $dbMask = $this->mgf1($seed, $this->k - $this->hLen - 1); $db = $maskedDB ^ $dbMask; $lHash2 = substr($db, 0, $this->hLen); $m = substr($db, $this->hLen); - if (!self::_equals($lHash, $lHash2)) { + if (!self::equals($lHash, $lHash2)) { return false; } $m = ltrim($m, chr(0)); @@ -1574,15 +1571,15 @@ class RSA * @return bool|string * @throws \OutOfBoundsException if strlen($m) > $this->k */ - function _raw_encrypt($m) + private function raw_encrypt($m) { if (strlen($m) > $this->k) { throw new \OutOfBoundsException('Message too long'); } - $temp = $this->_os2ip($m); - $temp = $this->_rsaep($temp); - return $this->_i2osp($temp, $this->k); + $temp = $this->os2ip($m); + $temp = $this->rsaep($temp); + return $this->i2osp($temp, $this->k); } /** @@ -1596,7 +1593,7 @@ class RSA * @throws \OutOfBoundsException if strlen($m) > $this->k - 11 * @return bool|string */ - function _rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false) + private function rsaes_pkcs1_v1_5_encrypt($m, $pkcs15_compat = false) { $mLen = strlen($m); @@ -1625,9 +1622,9 @@ class RSA $em = chr(0) . chr($type) . $ps . chr(0) . $m; // RSA encryption - $m = $this->_os2ip($em); - $c = $this->_rsaep($m); - $c = $this->_i2osp($c, $this->k); + $m = $this->os2ip($em); + $c = $this->rsaep($m); + $c = $this->i2osp($c, $this->k); // Output the ciphertext C @@ -1654,7 +1651,7 @@ class RSA * @param string $c * @return bool|string */ - function _rsaes_pkcs1_v1_5_decrypt($c) + private function rsaes_pkcs1_v1_5_decrypt($c) { // Length checking @@ -1664,9 +1661,9 @@ class RSA // RSA decryption - $c = $this->_os2ip($c); - $m = $this->_rsadp($c); - $em = $this->_i2osp($m, $this->k); + $c = $this->os2ip($c); + $m = $this->rsadp($c); + $em = $this->i2osp($m, $this->k); if ($em === false) { return false; } @@ -1699,7 +1696,7 @@ class RSA * @throws \RuntimeException on encoding error * @param int $emBits */ - function _emsa_pss_encode($m, $emBits) + private function emsa_pss_encode($m, $emBits) { // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. @@ -1717,7 +1714,7 @@ class RSA $h = $this->hash->hash($m2); $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); $db = $ps . chr(1) . $salt; - $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1); + $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); $maskedDB = $db ^ $dbMask; $maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0]; $em = $maskedDB . $h . chr(0xBC); @@ -1736,7 +1733,7 @@ class RSA * @param int $emBits * @return string */ - function _emsa_pss_verify($m, $em, $emBits) + private function emsa_pss_verify($m, $em, $emBits) { // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error // be output. @@ -1759,7 +1756,7 @@ class RSA if ((~$maskedDB[0] & $temp) != $temp) { return false; } - $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1); + $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); $db = $maskedDB ^ $dbMask; $db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0]; $temp = $emLen - $this->hLen - $sLen - 2; @@ -1769,7 +1766,7 @@ class RSA $salt = substr($db, $temp + 1); // should be $sLen long $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $h2 = $this->hash->hash($m2); - return self::_equals($h, $h2); + return self::equals($h, $h2); } /** @@ -1781,17 +1778,17 @@ class RSA * @param string $m * @return bool|string */ - function _rsassa_pss_sign($m) + private function rsassa_pss_sign($m) { // EMSA-PSS encoding - $em = $this->_emsa_pss_encode($m, 8 * $this->k - 1); + $em = $this->emsa_pss_encode($m, 8 * $this->k - 1); // RSA signature - $m = $this->_os2ip($em); - $s = $this->_rsasp1($m); - $s = $this->_i2osp($s, $this->k); + $m = $this->os2ip($em); + $s = $this->rsasp1($m); + $s = $this->i2osp($s, $this->k); // Output the signature S @@ -1808,7 +1805,7 @@ class RSA * @param string $s * @return bool|string */ - function _rsassa_pss_verify($m, $s) + private function rsassa_pss_verify($m, $s) { // Length checking @@ -1820,16 +1817,16 @@ class RSA $modBits = 8 * $this->k; - $s2 = $this->_os2ip($s); - $m2 = $this->_rsavp1($s2); - $em = $this->_i2osp($m2, $modBits >> 3); + $s2 = $this->os2ip($s); + $m2 = $this->rsavp1($s2); + $em = $this->i2osp($m2, $modBits >> 3); if ($em === false) { return false; } // EMSA-PSS verification - return $this->_emsa_pss_verify($m, $em, $modBits - 1); + return $this->emsa_pss_verify($m, $em, $modBits - 1); } /** @@ -1843,7 +1840,7 @@ class RSA * @throws \LengthException if the intended encoded message length is too short * @return string */ - function _emsa_pkcs1_v1_5_encode($m, $emLen) + private function emsa_pkcs1_v1_5_encode($m, $emLen) { $h = $this->hash->hash($m); @@ -1901,23 +1898,23 @@ class RSA * @throws \LengthException if the RSA modulus is too short * @return bool|string */ - function _rsassa_pkcs1_v1_5_sign($m) + private function rsassa_pkcs1_v1_5_sign($m) { // EMSA-PKCS1-v1_5 encoding // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus // too short" and stop. try { - $em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); + $em = $this->emsa_pkcs1_v1_5_encode($m, $this->k); } catch (\LengthException $e) { throw new \LengthException('RSA modulus too short'); } // RSA signature - $m = $this->_os2ip($em); - $s = $this->_rsasp1($m); - $s = $this->_i2osp($s, $this->k); + $m = $this->os2ip($em); + $s = $this->rsasp1($m); + $s = $this->i2osp($s, $this->k); // Output the signature S @@ -1935,7 +1932,7 @@ class RSA * @throws \LengthException if the RSA modulus is too short * @return bool */ - function _rsassa_pkcs1_v1_5_verify($m, $s) + private function rsassa_pkcs1_v1_5_verify($m, $s) { // Length checking @@ -1945,9 +1942,9 @@ class RSA // RSA verification - $s = $this->_os2ip($s); - $m2 = $this->_rsavp1($s); - $em = $this->_i2osp($m2, $this->k); + $s = $this->os2ip($s); + $m2 = $this->rsavp1($s); + $em = $this->i2osp($m2, $this->k); if ($em === false) { return false; } @@ -1957,13 +1954,13 @@ class RSA // If the encoding operation outputs "intended encoded message length too short," output "RSA modulus // too short" and stop. try { - $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k); + $em2 = $this->emsa_pkcs1_v1_5_encode($m, $this->k); } catch (\LengthException $e) { throw new \LengthException('RSA modulus too short'); } // Compare - return self::_equals($em, $em2); + return self::equals($em, $em2); } /** @@ -1984,7 +1981,7 @@ class RSA * @param string $s * @return bool */ - function _rsassa_pkcs1_v1_5_relaxed_verify($m, $s) + private function rsassa_pkcs1_v1_5_relaxed_verify($m, $s) { // Length checking @@ -1994,12 +1991,12 @@ class RSA // RSA verification - $s = $this->_os2ip($s); - $m2 = $this->_rsavp1($s); + $s = $this->os2ip($s); + $m2 = $this->rsavp1($s); if ($m2 === false) { return false; } - $em = $this->_i2osp($m2, $this->k); + $em = $this->i2osp($m2, $this->k); if ($em === false) { return false; } @@ -2053,7 +2050,7 @@ class RSA $em = $hash->hash($m); $em2 = $decoded['digest']; - return self::_equals($em, $em2); + return self::equals($em, $em2); } /** @@ -2070,17 +2067,17 @@ class RSA * @return bool|string * @throws \LengthException if the RSA modulus is too short */ - function encrypt($plaintext, $padding = self::PADDING_OAEP) + public function encrypt($plaintext, $padding = self::PADDING_OAEP) { switch ($padding) { case self::PADDING_NONE: - return $this->_raw_encrypt($plaintext); + return $this->raw_encrypt($plaintext); case self::PADDING_PKCS15_COMPAT: case self::PADDING_PKCS1: - return $this->_rsaes_pkcs1_v1_5_encrypt($plaintext, $padding == self::PADDING_PKCS15_COMPAT); + return $this->rsaes_pkcs1_v1_5_encrypt($plaintext, $padding == self::PADDING_PKCS15_COMPAT); //case self::PADDING_OAEP: default: - return $this->_rsaes_oaep_encrypt($plaintext); + return $this->rsaes_oaep_encrypt($plaintext); } } @@ -2093,16 +2090,16 @@ class RSA * @param int $padding optional * @return bool|string */ - function decrypt($ciphertext, $padding = self::PADDING_OAEP) + public function decrypt($ciphertext, $padding = self::PADDING_OAEP) { switch ($padding) { case self::PADDING_NONE: - return $this->_raw_encrypt($ciphertext); + return $this->raw_encrypt($ciphertext); case self::PADDING_PKCS1: - return $this->_rsaes_pkcs1_v1_5_decrypt($ciphertext); + return $this->rsaes_pkcs1_v1_5_decrypt($ciphertext); //case self::PADDING_OAEP: default: - return $this->_rsaes_oaep_decrypt($ciphertext); + return $this->rsaes_oaep_decrypt($ciphertext); } } @@ -2115,7 +2112,7 @@ class RSA * @param int $padding optional * @return string */ - function sign($message, $padding = self::PADDING_PSS) + public function sign($message, $padding = self::PADDING_PSS) { if (empty($this->modulus) || empty($this->exponent)) { return false; @@ -2124,10 +2121,10 @@ class RSA switch ($padding) { case self::PADDING_PKCS1: case self::PADDING_RELAXED_PKCS1: - return $this->_rsassa_pkcs1_v1_5_sign($message); + return $this->rsassa_pkcs1_v1_5_sign($message); //case self::PADDING_PSS: default: - return $this->_rsassa_pss_sign($message); + return $this->rsassa_pss_sign($message); } } @@ -2141,7 +2138,7 @@ class RSA * @param int $padding optional * @return bool */ - function verify($message, $signature, $padding = self::PADDING_PSS) + public function verify($message, $signature, $padding = self::PADDING_PSS) { if (empty($this->modulus) || empty($this->exponent)) { return false; @@ -2149,12 +2146,12 @@ class RSA switch ($padding) { case self::PADDING_RELAXED_PKCS1: - return $this->_rsassa_pkcs1_v1_5_relaxed_verify($message, $signature); + return $this->rsassa_pkcs1_v1_5_relaxed_verify($message, $signature); case self::PADDING_PKCS1: - return $this->_rsassa_pkcs1_v1_5_verify($message, $signature); + return $this->rsassa_pkcs1_v1_5_verify($message, $signature); //case self::PADDING_PSS: default: - return $this->_rsassa_pss_verify($message, $signature); + return $this->rsassa_pss_verify($message, $signature); } } } diff --git a/phpseclib/Crypt/RSA/MSBLOB.php b/phpseclib/Crypt/RSA/MSBLOB.php index 28ce4aab..79b4c098 100644 --- a/phpseclib/Crypt/RSA/MSBLOB.php +++ b/phpseclib/Crypt/RSA/MSBLOB.php @@ -30,7 +30,7 @@ use phpseclib\Common\Functions\Strings; * @author Jim Wigginton * @access public */ -class MSBLOB +abstract class MSBLOB { /**#@+ * @access private @@ -73,7 +73,7 @@ class MSBLOB * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { if (!is_string($key)) { return false; @@ -171,7 +171,7 @@ class MSBLOB * @param string $password optional * @return string */ - static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') { $n = strrev($n->toBytes()); $e = str_pad(strrev($e->toBytes()), 4, "\0"); @@ -196,7 +196,7 @@ class MSBLOB * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { $n = strrev($n->toBytes()); $e = str_pad(strrev($e->toBytes()), 4, "\0"); diff --git a/phpseclib/Crypt/RSA/OpenSSH.php b/phpseclib/Crypt/RSA/OpenSSH.php index 65135ed4..3570190c 100644 --- a/phpseclib/Crypt/RSA/OpenSSH.php +++ b/phpseclib/Crypt/RSA/OpenSSH.php @@ -28,7 +28,7 @@ use phpseclib\Common\Functions\Strings; * @author Jim Wigginton * @access public */ -class OpenSSH +abstract class OpenSSH { /** * Default comment @@ -36,7 +36,7 @@ class OpenSSH * @var string * @access private */ - static $comment = 'phpseclib-generated-key'; + private static $comment = 'phpseclib-generated-key'; /** * Sets the default comment @@ -44,7 +44,7 @@ class OpenSSH * @access public * @param string $comment */ - static function setComment($comment) + public static function setComment($comment) { self::$comment = str_replace(["\r", "\n"], '', $comment); } @@ -57,7 +57,7 @@ class OpenSSH * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { if (!is_string($key)) { return false; @@ -109,7 +109,7 @@ class OpenSSH * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { $publicExponent = $e->toBytes(true); $modulus = $n->toBytes(true); diff --git a/phpseclib/Crypt/RSA/PKCS1.php b/phpseclib/Crypt/RSA/PKCS1.php index 5e01030b..808e0ac7 100644 --- a/phpseclib/Crypt/RSA/PKCS1.php +++ b/phpseclib/Crypt/RSA/PKCS1.php @@ -36,7 +36,7 @@ use phpseclib\File\ASN1\Maps; * @author Jim Wigginton * @access public */ -class PKCS1 extends Progenitor +abstract class PKCS1 extends Progenitor { /** * Break a public or private key down into its constituent components @@ -46,7 +46,7 @@ class PKCS1 extends Progenitor * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { if (!is_string($key)) { return false; @@ -102,7 +102,7 @@ class PKCS1 extends Progenitor * @param string $password optional * @return string */ - static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') { $num_primes = count($primes); $key = [ @@ -137,7 +137,7 @@ class PKCS1 extends Progenitor * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { $key = [ 'modulus' => $n, diff --git a/phpseclib/Crypt/RSA/PKCS8.php b/phpseclib/Crypt/RSA/PKCS8.php index ab904fa8..eafa1a66 100644 --- a/phpseclib/Crypt/RSA/PKCS8.php +++ b/phpseclib/Crypt/RSA/PKCS8.php @@ -38,7 +38,7 @@ use phpseclib\File\ASN1; * @author Jim Wigginton * @access public */ -class PKCS8 extends Progenitor +abstract class PKCS8 extends Progenitor { /** * Break a public or private key down into its constituent components @@ -48,7 +48,7 @@ class PKCS8 extends Progenitor * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { $components = ['isPublicKey' => strpos($key, 'PUBLIC') !== false]; @@ -85,7 +85,7 @@ class PKCS8 extends Progenitor * @param string $password optional * @return string */ - static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') { $key = PKCS1::savePrivateKey($n, $e, $d, $primes, $exponents, $coefficients); $key = ASN1::extractBER($key); @@ -100,7 +100,7 @@ class PKCS8 extends Progenitor * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { $key = PKCS1::savePublicKey($n, $e); $key = ASN1::extractBER($key); diff --git a/phpseclib/Crypt/RSA/PuTTY.php b/phpseclib/Crypt/RSA/PuTTY.php index e7014c5c..16f3ce4a 100644 --- a/phpseclib/Crypt/RSA/PuTTY.php +++ b/phpseclib/Crypt/RSA/PuTTY.php @@ -29,7 +29,7 @@ use phpseclib\Common\Functions\Strings; * @author Jim Wigginton * @access public */ -class PuTTY +abstract class PuTTY { /** * Default comment @@ -37,7 +37,7 @@ class PuTTY * @var string * @access private */ - static $comment = 'phpseclib-generated-key'; + private static $comment = 'phpseclib-generated-key'; /** * Sets the default comment @@ -45,7 +45,7 @@ class PuTTY * @access public * @param string $comment */ - static function setComment($comment) + public static function setComment($comment) { self::$comment = str_replace(["\r", "\n"], '', $comment); } @@ -59,7 +59,7 @@ class PuTTY * @param int $length * @return string */ - static function generateSymmetricKey($password, $length) + public static function generateSymmetricKey($password, $length) { $symkey = ''; $sequence = 0; @@ -78,7 +78,7 @@ class PuTTY * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { if (!is_string($key)) { return false; @@ -183,7 +183,7 @@ class PuTTY * @param string $password optional * @return string */ - static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') { if (count($primes) != 2) { return false; @@ -271,7 +271,7 @@ class PuTTY * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { $n = $n->toBytes(true); $e = $e->toBytes(true); diff --git a/phpseclib/Crypt/RSA/Raw.php b/phpseclib/Crypt/RSA/Raw.php index 74f50688..cba2dc88 100644 --- a/phpseclib/Crypt/RSA/Raw.php +++ b/phpseclib/Crypt/RSA/Raw.php @@ -34,7 +34,7 @@ use phpseclib\Math\BigInteger; * @author Jim Wigginton * @access public */ -class Raw +abstract class Raw { /** * Break a public or private key down into its constituent components @@ -44,7 +44,7 @@ class Raw * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { if (!is_array($key)) { return false; @@ -97,7 +97,7 @@ class Raw * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { return ['e' => clone $e, 'n' => clone $n]; } diff --git a/phpseclib/Crypt/RSA/XML.php b/phpseclib/Crypt/RSA/XML.php index d606b361..498196ab 100644 --- a/phpseclib/Crypt/RSA/XML.php +++ b/phpseclib/Crypt/RSA/XML.php @@ -30,7 +30,7 @@ use phpseclib\Math\BigInteger; * @author Jim Wigginton * @access public */ -class XML +abstract class XML { /** * Break a public or private key down into its constituent components @@ -40,7 +40,7 @@ class XML * @param string $password optional * @return array */ - static function load($key, $password = '') + public static function load($key, $password = '') { if (!is_string($key)) { return false; @@ -113,7 +113,7 @@ class XML * @param string $password optional * @return string */ - static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') + public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') { if (count($primes) != 2) { return false; @@ -138,7 +138,7 @@ class XML * @param \phpseclib\Math\BigInteger $e * @return string */ - static function savePublicKey(BigInteger $n, BigInteger $e) + public static function savePublicKey(BigInteger $n, BigInteger $e) { return "\r\n" . ' ' . Base64::encode($n->toBytes()) . "\r\n" .