From 31af2b3ed31005aaeee58a3072836f74a8cb778a Mon Sep 17 00:00:00 2001 From: terrafrost Date: Sun, 14 Dec 2014 10:40:40 -0600 Subject: [PATCH] Crypt/Base: fix decryption for ECB / CBC on PHP < 5.4.0 --- phpseclib/Crypt/Base.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/phpseclib/Crypt/Base.php b/phpseclib/Crypt/Base.php index 192ecee4..9e38f5b2 100644 --- a/phpseclib/Crypt/Base.php +++ b/phpseclib/Crypt/Base.php @@ -990,10 +990,20 @@ class Crypt_Base } switch ($this->mode) { case CRYPT_MODE_STREAM: + $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options); + break; case CRYPT_MODE_ECB: + if (!defined('OPENSSL_RAW_DATA')) { + $padding = str_repeat(chr($this->block_size), $this->block_size); + $ciphetext.= openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true); + } $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options); break; case CRYPT_MODE_CBC: + if (!defined('OPENSSL_RAW_DATA')) { + $padding = str_repeat(chr($this->block_size), $this->block_size) ^ substr($ciphertext, -$block_size); + $plaintext.= openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true); + } $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->decryptIV); if ($this->continuousBuffer) { $this->decryptIV = substr($ciphertext, -$this->block_size); @@ -1528,7 +1538,8 @@ class Crypt_Base $this->openssl_emulate_ctr = false; $result = $this->cipher_name_openssl && extension_loaded('openssl') && - version_compare(PHP_VERSION, '5.3.0'); + // PHP 5.3.0 - 5.3.2 did not let you set IV's + version_compare(PHP_VERSION, '5.3.3', '>='); if (!$result) { return false; }