From 4171262b9ee6f905eb2bfc4a942c5f44483efdf8 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Tue, 27 Jun 2017 22:34:36 -0500 Subject: [PATCH] SymmetricKey: use strings for constructor and setPreferredEngine --- phpseclib/Crypt/Common/Keys/PKCS1.php | 8 +-- phpseclib/Crypt/Common/Keys/PKCS8.php | 21 ++++--- phpseclib/Crypt/Common/Keys/PuTTY.php | 4 +- phpseclib/Crypt/Common/SymmetricKey.php | 73 ++++++++++++++++++------- phpseclib/Crypt/RC4.php | 2 +- phpseclib/Crypt/Random.php | 12 ++-- phpseclib/Crypt/TripleDES.php | 29 ++++++---- phpseclib/Net/SSH1.php | 4 +- phpseclib/Net/SSH2.php | 23 ++++---- tests/Unit/Crypt/AES/EvalTest.php | 2 +- tests/Unit/Crypt/AES/InternalTest.php | 2 +- tests/Unit/Crypt/AES/McryptTest.php | 2 +- tests/Unit/Crypt/AES/OpenSSLTest.php | 2 +- tests/Unit/Crypt/AES/TestCase.php | 42 ++++++-------- tests/Unit/Crypt/BlowfishTest.php | 37 ++++++------- tests/Unit/Crypt/RC2Test.php | 35 ++++++------ tests/Unit/Crypt/RC4Test.php | 18 +++--- tests/Unit/Crypt/TripleDESTest.php | 52 +++++++++--------- tests/Unit/Crypt/TwofishTest.php | 31 +++++------ 19 files changed, 209 insertions(+), 190 deletions(-) diff --git a/phpseclib/Crypt/Common/Keys/PKCS1.php b/phpseclib/Crypt/Common/Keys/PKCS1.php index 1f672975..afa9ad15 100644 --- a/phpseclib/Crypt/Common/Keys/PKCS1.php +++ b/phpseclib/Crypt/Common/Keys/PKCS1.php @@ -17,10 +17,8 @@ namespace phpseclib\Crypt\Common\Keys; use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Hex; -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\Random; use phpseclib\Crypt\AES; -use phpseclib\Crypt\Base; use phpseclib\Crypt\DES; use phpseclib\Crypt\TripleDES; use phpseclib\File\ASN1; @@ -65,15 +63,11 @@ abstract class PKCS1 extends PKCS { switch ($mode) { case 'CBC': - return BlockCipher::MODE_CBC; case 'ECB': - return BlockCipher::MODE_ECB; case 'CFB': - return BlockCipher::MODE_CFB; case 'OFB': - return BlockCipher::MODE_OFB; case 'CTR': - return BlockCipher::MODE_CTR; + return $mode; } throw new \UnexpectedValueException('Unsupported block cipher mode of operation'); } diff --git a/phpseclib/Crypt/Common/Keys/PKCS8.php b/phpseclib/Crypt/Common/Keys/PKCS8.php index ee1859cd..74222ab5 100644 --- a/phpseclib/Crypt/Common/Keys/PKCS8.php +++ b/phpseclib/Crypt/Common/Keys/PKCS8.php @@ -33,7 +33,6 @@ use phpseclib\Crypt\RC2; use phpseclib\Crypt\RC4; use phpseclib\Crypt\AES; use phpseclib\Crypt\TripleDES; -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\Random; use phpseclib\Math\BigInteger; use phpseclib\File\ASN1; @@ -151,24 +150,24 @@ abstract class PKCS8 extends PKCS switch ($algo) { case 'DES': - $cipher = new DES(BlockCipher::MODE_CBC); + $cipher = new DES('cbc'); break; case 'RC2': - $cipher = new RC2(BlockCipher::MODE_CBC); + $cipher = new RC2('cbc'); break; case '3-KeyTripleDES': - $cipher = new TripleDES(BlockCipher::MODE_CBC); + $cipher = new TripleDES('cbc'); break; case '2-KeyTripleDES': - $cipher = new TripleDES(BlockCipher::MODE_CBC); + $cipher = new TripleDES('cbc'); $cipher->setKeyLength(128); break; case '128BitRC2': - $cipher = new RC2(BlockCipher::MODE_CBC); + $cipher = new RC2('cbc'); $cipher->setKeyLength(128); break; case '40BitRC2': - $cipher = new RC2(BlockCipher::MODE_CBC); + $cipher = new RC2('cbc'); $cipher->setKeyLength(40); break; case '128BitRC4': @@ -232,13 +231,13 @@ abstract class PKCS8 extends PKCS { switch ($algo) { case 'desCBC': - $cipher = new TripleDES(BlockCipher::MODE_CBC); + $cipher = new TripleDES('cbc'); break; case 'des-EDE3-CBC': - $cipher = new TripleDES(BlockCipher::MODE_CBC); + $cipher = new TripleDES('cbc'); break; case 'rc2CBC': - $cipher = new RC2(BlockCipher::MODE_CBC); + $cipher = new RC2('cbc'); // in theory this can be changed $cipher->setKeyLength(128); break; @@ -247,7 +246,7 @@ abstract class PKCS8 extends PKCS case 'aes128-CBC-PAD': case 'aes192-CBC-PAD': case 'aes256-CBC-PAD': - $cipher = new AES(BlockCipher::MODE_CBC); + $cipher = new AES('cbc'); $cipher->setKeyLength(substr($algo, 3, 3)); break; default: diff --git a/phpseclib/Crypt/Common/Keys/PuTTY.php b/phpseclib/Crypt/Common/Keys/PuTTY.php index 5c3fad1d..12e4377a 100644 --- a/phpseclib/Crypt/Common/Keys/PuTTY.php +++ b/phpseclib/Crypt/Common/Keys/PuTTY.php @@ -131,7 +131,7 @@ abstract class PuTTY switch ($encryption) { case 'aes256-cbc': $symkey = self::generateSymmetricKey($password, 32); - $crypto = new AES(AES::MODE_CBC); + $crypto = new AES('cbc'); } $hashkey = 'putty-private-key-file-mac-key'; @@ -190,7 +190,7 @@ abstract class PuTTY } else { $private.= Random::string(16 - (strlen($private) & 15)); $source.= Strings::packSSH2('s', $private); - $crypto = new AES(AES::MODE_CBC); + $crypto = new AES('cbc'); $crypto->setKey(self::generateSymmetricKey($password, 32)); $crypto->setIV(str_repeat("\0", $crypto->getBlockLength() >> 3)); diff --git a/phpseclib/Crypt/Common/SymmetricKey.php b/phpseclib/Crypt/Common/SymmetricKey.php index 6069e979..bd216ad4 100644 --- a/phpseclib/Crypt/Common/SymmetricKey.php +++ b/phpseclib/Crypt/Common/SymmetricKey.php @@ -92,6 +92,21 @@ abstract class SymmetricKey const MODE_STREAM = 5; /**#@-*/ + /** + * Mode Map + * + * @access private + * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() + */ + const MODE_MAP = [ + 'ctr' => self::MODE_CTR, + 'ecb' => self::MODE_ECB, + 'cbc' => self::MODE_CBC, + 'cfb' => self::MODE_CFB, + 'ofb' => self::MODE_OFB, + 'stream' => self::MODE_STREAM + ]; + /**#@+ * @access private * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() @@ -114,6 +129,19 @@ abstract class SymmetricKey const ENGINE_OPENSSL = 4; /**#@-*/ + /** + * Engine Reverse Map + * + * @access private + * @see \phpseclib\Crypt\Common\SymmetricKey::getEngine() + */ + const ENGINE_MAP = [ + self::ENGINE_INTERNAL => 'PHP', + self::ENGINE_EVAL => 'Eval', + self::ENGINE_MCRYPT => 'mcrypt', + self::ENGINE_OPENSSL => 'OpenSSL' + ]; + /** * The Encryption Mode * @@ -319,6 +347,7 @@ abstract class SymmetricKey * Currently available $engines are: * - self::ENGINE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required) * - self::ENGINE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required) + * - self::ENGINE_EVAL (medium, pure php-engine, no php-extension required) * - self::ENGINE_INTERNAL (slower, pure php-engine, no php-extension required) * * @see self::setEngine() @@ -442,15 +471,15 @@ abstract class SymmetricKey * * $mode could be: * - * - self::MODE_ECB + * - ecb * - * - self::MODE_CBC + * - cbc * - * - self::MODE_CTR + * - ctr * - * - self::MODE_CFB + * - cfb * - * - self::MODE_OFB + * - ofb * * @param int $mode * @access public @@ -458,6 +487,15 @@ abstract class SymmetricKey */ public function __construct($mode) { + $mode = strtolower($mode); + // necessary because of 5.6 compatability; we can't do isset(self::MODE_MAP[$mode]) in 5.6 + $map = self::MODE_MAP; + if (!isset($map[$mode])) { + throw new \InvalidArgumentException('No valid mode has been specified'); + } + + $mode = self::MODE_MAP[$mode]; + // $mode dependent settings switch ($mode) { case self::MODE_ECB: @@ -1723,13 +1761,13 @@ abstract class SymmetricKey * * Currently, $engine could be: * - * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_OPENSSL [very fast] + * - OpenSSL [very fast] * - * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_MCRYPT [fast] + * - mcrypt [fast] * - * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_EVAL [slow] + * - Eval [slow] * - * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_INTERNAL [slowest] + * - PHP [slowest] * * If the preferred crypt engine is not available the fastest available one will be used * @@ -1739,16 +1777,13 @@ abstract class SymmetricKey */ public function setPreferredEngine($engine) { - switch ($engine) { - //case self::ENGINE_OPENSSL; - case self::ENGINE_MCRYPT: - case self::ENGINE_INTERNAL: - case self::ENGINE_EVAL: - $this->preferredEngine = $engine; - break; - default: - $this->preferredEngine = self::ENGINE_OPENSSL; + static $reverseMap; + if (!isset($reverseMap)) { + $reverseMap = array_map('strtolower', self::ENGINE_MAP); + $reverseMap = array_flip($reverseMap); } + $engine = strtolower($engine); + $this->preferredEngine = isset($reverseMap[$engine]) ? $reverseMap[$engine] : self::ENGINE_OPENSSL; $this->setEngine(); } @@ -1761,7 +1796,7 @@ abstract class SymmetricKey */ public function getEngine() { - return $this->engine; + return self::ENGINE_MAP[$this->engine]; } /** diff --git a/phpseclib/Crypt/RC4.php b/phpseclib/Crypt/RC4.php index 067efb02..865776ff 100644 --- a/phpseclib/Crypt/RC4.php +++ b/phpseclib/Crypt/RC4.php @@ -129,7 +129,7 @@ class RC4 extends StreamCipher */ public function __construct() { - parent::__construct(self::MODE_STREAM); + parent::__construct('stream'); } /** diff --git a/phpseclib/Crypt/Random.php b/phpseclib/Crypt/Random.php index 071f5ed8..cc1f568d 100644 --- a/phpseclib/Crypt/Random.php +++ b/phpseclib/Crypt/Random.php @@ -24,8 +24,6 @@ namespace phpseclib\Crypt; -use phpseclib\Crypt\Common\BlockCipher; - /** * Pure-PHP Random Number Generator * @@ -141,19 +139,19 @@ abstract class Random // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives switch (true) { case class_exists('\phpseclib\Crypt\AES'): - $crypto = new AES(BlockCipher::MODE_CTR); + $crypto = new AES('ctr'); break; case class_exists('\phpseclib\Crypt\Twofish'): - $crypto = new Twofish(BlockCipher::MODE_CTR); + $crypto = new Twofish('ctr'); break; case class_exists('\phpseclib\Crypt\Blowfish'): - $crypto = new Blowfish(BlockCipher::MODE_CTR); + $crypto = new Blowfish('ctr'); break; case class_exists('\phpseclib\Crypt\TripleDES'): - $crypto = new TripleDES(BlockCipher::MODE_CTR); + $crypto = new TripleDES('ctr'); break; case class_exists('\phpseclib\Crypt\DES'): - $crypto = new DES(BlockCipher::MODE_CTR); + $crypto = new DES('ctr'); break; case class_exists('\phpseclib\Crypt\RC4'): $crypto = new RC4(); diff --git a/phpseclib/Crypt/TripleDES.php b/phpseclib/Crypt/TripleDES.php index b597d29d..103d38b6 100644 --- a/phpseclib/Crypt/TripleDES.php +++ b/phpseclib/Crypt/TripleDES.php @@ -122,17 +122,19 @@ class TripleDES extends DES * * $mode could be: * - * - \phpseclib\Crypt\Common\BlockCipher::MODE_ECB + * - ecb * - * - \phpseclib\Crypt\Common\BlockCipher::MODE_CBC + * - cbc * - * - \phpseclib\Crypt\Common\BlockCipher::MODE_CTR + * - ctr * - * - \phpseclib\Crypt\Common\BlockCipher::MODE_CFB + * - cfb * - * - \phpseclib\Crypt\Common\BlockCipher::MODE_OFB + * - ofb * - * - \phpseclib\Crypt\TripleDES::MODE_3CB + * - 3cbc + * + * - cbc3 (same as cbc) * * @see \phpseclib\Crypt\DES::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct() @@ -141,18 +143,19 @@ class TripleDES extends DES */ public function __construct($mode) { - switch ($mode) { + switch (strtolower($mode)) { // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC // and additional flag us internally as 3CBC - case self::MODE_3CBC: - parent::__construct(self::MODE_CBC); + case '3cbc': + $mode = self::MODE_3CBC; + parent::__construct('cbc'); $this->mode_3cbc = true; // This three $des'es will do the 3CBC work (if $key > 64bits) $this->des = [ - new DES(self::MODE_CBC), - new DES(self::MODE_CBC), - new DES(self::MODE_CBC), + new DES('cbc'), + new DES('cbc'), + new DES('cbc'), ]; // we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects @@ -160,6 +163,8 @@ class TripleDES extends DES $this->des[1]->disablePadding(); $this->des[2]->disablePadding(); break; + case 'cbc3': + $mode = 'cbc'; // If not 3CBC, we init as usual default: parent::__construct($mode); diff --git a/phpseclib/Net/SSH1.php b/phpseclib/Net/SSH1.php index edb4b5f3..d5dfe699 100644 --- a/phpseclib/Net/SSH1.php +++ b/phpseclib/Net/SSH1.php @@ -681,7 +681,7 @@ class SSH1 // $this->crypto = new \phpseclib\Crypt\Null(); // break; case self::CIPHER_DES: - $this->crypto = new DES(DES::MODE_CBC); + $this->crypto = new DES('cbc'); $this->crypto->disablePadding(); $this->crypto->enableContinuousBuffer(); $this->crypto->setKey(substr($session_key, 0, 8)); @@ -689,7 +689,7 @@ class SSH1 $this->crypto->setIV(str_repeat("\0", 8)); break; case self::CIPHER_3DES: - $this->crypto = new TripleDES(TripleDES::MODE_3CBC); + $this->crypto = new TripleDES('3cbc'); $this->crypto->disablePadding(); $this->crypto->enableContinuousBuffer(); $this->crypto->setKey(substr($session_key, 0, 24)); diff --git a/phpseclib/Net/SSH2.php b/phpseclib/Net/SSH2.php index 7e9b5d6c..49653416 100644 --- a/phpseclib/Net/SSH2.php +++ b/phpseclib/Net/SSH2.php @@ -50,7 +50,6 @@ namespace phpseclib\Net; use ParagonIE\ConstantTime\Base64; -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\Blowfish; use phpseclib\Crypt\Hash; use phpseclib\Crypt\Random; @@ -993,7 +992,7 @@ class SSH2 * Set Crypto Engine Mode * * Possible $engine values: - * CRYPT_MODE_INTERNAL, CRYPT_MODE_MCRYPT + * OpenSSL, mcrypt, Eval, PHP * * @param int $engine * @access private @@ -1698,7 +1697,7 @@ class SSH2 $this->encrypt = $this->encryption_algorithm_to_crypt_instance($encrypt); if ($this->encrypt) { if ($this->crypto_engine) { - $this->encrypt->setEngine($this->crypto_engine); + $this->encrypt->setPreferredEngine($this->crypto_engine); } if ($this->encrypt->getBlockLengthInBytes()) { $this->encrypt_block_size = $this->encrypt->getBlockLengthInBytes(); @@ -1724,7 +1723,7 @@ class SSH2 $this->decrypt = $this->encryption_algorithm_to_crypt_instance($decrypt); if ($this->decrypt) { if ($this->crypto_engine) { - $this->decrypt->setEngine($this->crypto_engine); + $this->decrypt->setPreferredEngine($this->crypto_engine); } if ($this->decrypt->getBlockLengthInBytes()) { $this->decrypt_block_size = $this->decrypt->getBlockLengthInBytes(); @@ -1905,30 +1904,30 @@ class SSH2 { switch ($algorithm) { case '3des-cbc': - return new TripleDES(BlockCipher::MODE_CBC); + return new TripleDES('cbc'); case '3des-ctr': - return new TripleDES(BlockCipher::MODE_CTR); + return new TripleDES('ctr'); case 'aes256-cbc': case 'aes192-cbc': case 'aes128-cbc': - return new Rijndael(BlockCipher::MODE_CBC); + return new Rijndael('cbc'); case 'aes256-ctr': case 'aes192-ctr': case 'aes128-ctr': - return new Rijndael(BlockCipher::MODE_CTR); + return new Rijndael('ctr'); case 'blowfish-cbc': - return new Blowfish(BlockCipher::MODE_CBC); + return new Blowfish('cbc'); case 'blowfish-ctr': - return new Blowfish(BlockCipher::MODE_CTR); + return new Blowfish('ctr'); case 'twofish128-cbc': case 'twofish192-cbc': case 'twofish256-cbc': case 'twofish-cbc': - return new Twofish(BlockCipher::MODE_CBC); + return new Twofish('cbc'); case 'twofish128-ctr': case 'twofish192-ctr': case 'twofish256-ctr': - return new Twofish(BlockCipher::MODE_CTR); + return new Twofish('ctr'); case 'arcfour': case 'arcfour128': case 'arcfour256': diff --git a/tests/Unit/Crypt/AES/EvalTest.php b/tests/Unit/Crypt/AES/EvalTest.php index 0d8f8b13..28e2b751 100644 --- a/tests/Unit/Crypt/AES/EvalTest.php +++ b/tests/Unit/Crypt/AES/EvalTest.php @@ -11,6 +11,6 @@ class Unit_Crypt_AES_EvalTest extends Unit_Crypt_AES_TestCase { protected function setUp() { - $this->engine = BlockCipher::ENGINE_EVAL; + $this->engine = 'Eval'; } } diff --git a/tests/Unit/Crypt/AES/InternalTest.php b/tests/Unit/Crypt/AES/InternalTest.php index 97c3e9d0..9c2e4840 100644 --- a/tests/Unit/Crypt/AES/InternalTest.php +++ b/tests/Unit/Crypt/AES/InternalTest.php @@ -11,6 +11,6 @@ class Unit_Crypt_AES_InternalTest extends Unit_Crypt_AES_TestCase { protected function setUp() { - $this->engine = BlockCipher::ENGINE_INTERNAL; + $this->engine = 'PHP'; } } diff --git a/tests/Unit/Crypt/AES/McryptTest.php b/tests/Unit/Crypt/AES/McryptTest.php index e4e6ac4d..751ffe00 100644 --- a/tests/Unit/Crypt/AES/McryptTest.php +++ b/tests/Unit/Crypt/AES/McryptTest.php @@ -11,6 +11,6 @@ class Unit_Crypt_AES_McryptTest extends Unit_Crypt_AES_TestCase { protected function setUp() { - $this->engine = BlockCipher::ENGINE_MCRYPT; + $this->engine = 'mcrypt'; } } diff --git a/tests/Unit/Crypt/AES/OpenSSLTest.php b/tests/Unit/Crypt/AES/OpenSSLTest.php index cb8b3a4a..cff81604 100644 --- a/tests/Unit/Crypt/AES/OpenSSLTest.php +++ b/tests/Unit/Crypt/AES/OpenSSLTest.php @@ -11,6 +11,6 @@ class Unit_Crypt_AES_OpenSSLTest extends Unit_Crypt_AES_TestCase { protected function setUp() { - $this->engine = BlockCipher::ENGINE_OPENSSL; + $this->engine = 'OpenSSL'; } } diff --git a/tests/Unit/Crypt/AES/TestCase.php b/tests/Unit/Crypt/AES/TestCase.php index 35ce7c65..ceef6a41 100644 --- a/tests/Unit/Crypt/AES/TestCase.php +++ b/tests/Unit/Crypt/AES/TestCase.php @@ -16,15 +16,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase private function _checkEngine($aes) { if ($aes->getEngine() != $this->engine) { - $engine = 'internal'; - switch ($this->engine) { - case BlockCipher::ENGINE_OPENSSL: - $engine = 'OpenSSL'; - break; - case BlockCipher::ENGINE_MCRYPT: - $engine = 'mcrypt'; - } - self::markTestSkipped('Unable to initialize ' . $engine . ' engine'); + self::markTestSkipped('Unable to initialize ' . $this->engine . ' engine'); } } @@ -36,9 +28,9 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase public function continuousBufferCombos() { $modes = array( - BlockCipher::MODE_CTR, - BlockCipher::MODE_OFB, - BlockCipher::MODE_CFB, + 'ctr', + 'ofb', + 'cfb', ); $plaintexts = array( '', @@ -100,7 +92,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase // this test case is from the following URL: // https://web.archive.org/web/20070209120224/http://fp.gladman.plus.com/cryptography_technology/rijndael/aesdvec.zip - $aes = new Rijndael(BlockCipher::MODE_CBC); + $aes = new Rijndael('cbc'); $aes->setPreferredEngine($this->engine); $aes->disablePadding(); $aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. Valid in Rijndael. @@ -118,7 +110,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase { // same as the above - just with a different ciphertext - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setPreferredEngine($this->engine); $aes->disablePadding(); $aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. supported by Rijndael - not AES @@ -136,9 +128,9 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase public function continuousBufferBatteryCombos() { $modes = array( - BlockCipher::MODE_CTR, - BlockCipher::MODE_OFB, - BlockCipher::MODE_CFB, + 'ctr', + 'ofb', + 'cfb', ); $combos = array( @@ -267,7 +259,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase // from http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf#page=16 public function testGFSBox128() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setKey(pack('H*', '00000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000')); @@ -294,7 +286,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase public function testGFSBox192() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setKey(pack('H*', '000000000000000000000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000')); @@ -319,7 +311,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase public function testGFSBox256() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setKey(pack('H*', '00000000000000000000000000000000' . '00000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000')); @@ -342,13 +334,13 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase public function testGetKeyLengthDefault() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $this->assertSame($aes->getKeyLength(), 128); } public function testGetKeyLengthWith192BitKey() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setKey(str_repeat('a', 24)); $this->assertSame($aes->getKeyLength(), 192); } @@ -358,7 +350,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase */ public function testSetKeyLengthWithLargerKey() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setKeyLength(128); $aes->setKey(str_repeat('a', 24)); $aes->setIV(str_repeat("\0", 16)); @@ -373,7 +365,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase */ public function testSetKeyLengthWithSmallerKey() { - $aes = new AES(BlockCipher::MODE_CBC); + $aes = new AES('cbc'); $aes->setKeyLength(256); $aes->setKey(str_repeat('a', 16)); $aes->setIV(str_repeat("\0", 16)); @@ -388,7 +380,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase */ public function testContinuousBuffer() { - $aes = new AES(AES::MODE_CBC); + $aes = new AES('cbc'); $aes->disablePadding(); $aes->enableContinuousBuffer(); $aes->setIV(pack('H*', '0457bdb4a6712986688349a29eb82535')); diff --git a/tests/Unit/Crypt/BlowfishTest.php b/tests/Unit/Crypt/BlowfishTest.php index e4c8a9df..95a182be 100644 --- a/tests/Unit/Crypt/BlowfishTest.php +++ b/tests/Unit/Crypt/BlowfishTest.php @@ -5,7 +5,6 @@ * @license http://www.opensource.org/licenses/mit-license.html MIT License */ -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\Blowfish; use phpseclib\Crypt\Random; @@ -14,10 +13,10 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase public function engineVectors() { $engines = array( - BlockCipher::ENGINE_INTERNAL => 'internal', - BlockCipher::ENGINE_EVAL => 'eval', - BlockCipher::ENGINE_MCRYPT => 'mcrypt', - BlockCipher::ENGINE_OPENSSL => 'OpenSSL', + 'PHP', + 'Eval', + 'mcrypt', + 'OpenSSL', ); // tests from https://www.schneier.com/code/vectors.txt @@ -61,9 +60,9 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase $result = array(); - foreach ($engines as $engine => $engineName) { + foreach ($engines as $engine) { foreach ($tests as $test) { - $result[] = array($engine, $engineName, $test[0], $test[1], $test[2]); + $result[] = array($engine, $test[0], $test[1], $test[2]); } } @@ -73,39 +72,39 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase /** * @dataProvider engineVectors */ - public function testVectors($engine, $engineName, $key, $plaintext, $expected) + public function testVectors($engine, $key, $plaintext, $expected) { - $bf = new Blowfish(Blowfish::MODE_CBC); + $bf = new Blowfish('cbc'); $bf->setKey($key); $bf->setIV(str_repeat("\0", $bf->getBlockLength() >> 3)); if (!$bf->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $engineName . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $bf->setPreferredEngine($engine); $bf->disablePadding(); $result = $bf->encrypt($plaintext); $plaintext = bin2hex($plaintext); - $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engineName engine"); + $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); } public function testKeySizes() { $objects = $engines = array(); - $temp = new Blowfish(Blowfish::MODE_CTR); - $temp->setPreferredEngine(Blowfish::ENGINE_INTERNAL); + $temp = new Blowfish('ctr'); + $temp->setPreferredEngine('PHP'); $objects[] = $temp; $engines[] = 'internal'; - if ($temp->isValidEngine(Blowfish::ENGINE_MCRYPT)) { - $temp = new Blowfish(Blowfish::MODE_CTR); - $temp->setPreferredEngine(Blowfish::ENGINE_MCRYPT); + if ($temp->isValidEngine('mcrypt')) { + $temp = new Blowfish('ctr'); + $temp->setPreferredEngine('mcrypt'); $objects[] = $temp; $engines[] = 'mcrypt'; } - if ($temp->isValidEngine(Blowfish::ENGINE_OPENSSL)) { - $temp = new Blowfish(Blowfish::MODE_CTR); - $temp->setPreferredEngine(Blowfish::ENGINE_OPENSSL); + if ($temp->isValidEngine('OpenSSL')) { + $temp = new Blowfish('ctr'); + $temp->setPreferredEngine('OpenSSL'); $objects[] = $temp; $engines[] = 'OpenSSL'; } diff --git a/tests/Unit/Crypt/RC2Test.php b/tests/Unit/Crypt/RC2Test.php index ab5db85e..143aa969 100644 --- a/tests/Unit/Crypt/RC2Test.php +++ b/tests/Unit/Crypt/RC2Test.php @@ -5,16 +5,15 @@ * @license http://www.opensource.org/licenses/mit-license.html MIT License */ -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\RC2; class Unit_Crypt_RC2Test extends PhpseclibTestCase { var $engines = array( - BlockCipher::ENGINE_INTERNAL => 'internal', - BlockCipher::ENGINE_EVAL => 'eval', - BlockCipher::ENGINE_MCRYPT => 'mcrypt', - BlockCipher::ENGINE_OPENSSL => 'OpenSSL', + 'PHP', + 'Eval', + 'mcrypt', + 'OpenSSL', ); public function engineVectors() @@ -34,9 +33,9 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase $result = array(); - foreach ($this->engines as $engine => $engineName) { + foreach ($this->engines as $engine) { foreach ($tests as $test) { - $result[] = array($engine, $engineName, $test[0], $test[1], $test[2], $test[3]); + $result[] = array($engine, $test[0], $test[1], $test[2], $test[3]); } } @@ -46,7 +45,7 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase // this test is just confirming RC2's key expansion public function testEncryptPadding() { - $rc2 = new RC2(BlockCipher::MODE_ECB); + $rc2 = new RC2('ecb'); // unlike Crypt_AES / Crypt_Rijndael, when you tell Crypt_RC2 that the key length is 128-bits the key isn't null padded to that length. // instead, RC2 key expansion is used to extend it out to that length. this isn't done for AES / Rijndael since that doesn't define any @@ -83,22 +82,22 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase $rc2->setKey(str_repeat('d', 16), 128); - $rc2->setPreferredEngine(BlockCipher::ENGINE_INTERNAL); + $rc2->setPreferredEngine('PHP'); $internal = $rc2->encrypt('d'); $result = pack('H*', 'e3b36057f4821346'); $this->assertEquals($result, $internal, 'Failed asserting that the internal engine produced the correct result'); - $rc2->setPreferredEngine(BlockCipher::ENGINE_MCRYPT); - if ($rc2->getEngine() == BlockCipher::ENGINE_MCRYPT) { + $rc2->setPreferredEngine('mcrypt'); + if ($rc2->getEngine() == 'mcrypt') { $mcrypt = $rc2->encrypt('d'); $this->assertEquals($result, $mcrypt, 'Failed asserting that the mcrypt engine produced the correct result'); } else { self::markTestSkipped('Unable to initialize mcrypt engine'); } - $rc2->setPreferredEngine(BlockCipher::ENGINE_OPENSSL); - if ($rc2->getEngine() == BlockCipher::ENGINE_OPENSSL) { + $rc2->setPreferredEngine('OpenSSL'); + if ($rc2->getEngine() == 'OpenSSL') { $openssl = $rc2->encrypt('d'); $this->assertEquals($result, $openssl, 'Failed asserting that the OpenSSL engine produced the correct result'); } else { @@ -109,22 +108,22 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase /** * @dataProvider engineVectors */ - public function testVectors($engine, $engineName, $key, $keyLen, $plaintext, $ciphertext) + public function testVectors($engine, $key, $keyLen, $plaintext, $ciphertext) { - $rc2 = new RC2(RC2::MODE_CBC); + $rc2 = new RC2('cbc'); $rc2->disablePadding(); $rc2->setKeyLength($keyLen); $rc2->setKey(pack('H*', $key)); // could also do $rc2->setKey(pack('H*', $key), $keyLen) $rc2->setIV(str_repeat("\0", $rc2->getBlockLength() >> 3)); if (!$rc2->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $engineName . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $rc2->setPreferredEngine($engine); $result = bin2hex($rc2->encrypt(pack('H*', $plaintext))); - $this->assertEquals($result, $ciphertext, "Failed asserting that $plaintext yielded expected output in $engineName engine"); + $this->assertEquals($result, $ciphertext, "Failed asserting that $plaintext yielded expected output in $engine engine"); $result = bin2hex($rc2->decrypt(pack('H*', $ciphertext))); - $this->assertEquals($result, $plaintext, "Failed asserting that decrypted result yielded $plaintext as a result in $engineName engine"); + $this->assertEquals($result, $plaintext, "Failed asserting that decrypted result yielded $plaintext as a result in $engine engine"); } } diff --git a/tests/Unit/Crypt/RC4Test.php b/tests/Unit/Crypt/RC4Test.php index a8405354..e7aa6e3b 100644 --- a/tests/Unit/Crypt/RC4Test.php +++ b/tests/Unit/Crypt/RC4Test.php @@ -5,7 +5,6 @@ * @license http://www.opensource.org/licenses/mit-license.html MIT License */ -use phpseclib\Crypt\Common\StreamCipher; use phpseclib\Crypt\RC4; use phpseclib\Crypt\Random; @@ -14,9 +13,10 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase public function engineVectors() { $engines = array( - StreamCipher::ENGINE_INTERNAL => 'internal', - StreamCipher::ENGINE_MCRYPT => 'mcrypt', - StreamCipher::ENGINE_OPENSSL => 'OpenSSL', + 'PHP', + 'Eval', + 'mcrypt', + 'OpenSSL', ); // tests from https://tools.ietf.org/html/rfc6229 $tests = array( @@ -185,10 +185,10 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase $result = array(); - foreach ($engines as $engine => $engineName) { + foreach ($engines as $engine) { foreach ($tests as $test) { foreach ($test['output'] as $output) { - $result[] = array($engine, $engineName, $test['key'], $output['offset'], $output['result']); + $result[] = array($engine, $test['key'], $output['offset'], $output['result']); } } } @@ -199,16 +199,16 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase /** * @dataProvider engineVectors */ - public function testVectors($engine, $engineName, $key, $offset, $expected) + public function testVectors($engine, $key, $offset, $expected) { $rc4 = new RC4(); $rc4->setPreferredEngine($engine); $rc4->setKey($key); if ($rc4->getEngine() != $engine) { - self::markTestSkipped('Unable to initialize ' . $engineName . ' engine for ' . (strlen($key) * 8) . '-bit key'); + self::markTestSkipped('Unable to initialize ' . $engine . ' engine for ' . (strlen($key) * 8) . '-bit key'); } $result = $rc4->encrypt(str_repeat("\0", $offset + 16)); - $this->assertEquals(bin2hex(substr($result, -16)), $expected, "Failed asserting that key $key yielded expected output at offset $offset in $engineName engine"); + $this->assertEquals(bin2hex(substr($result, -16)), $expected, "Failed asserting that key $key yielded expected output at offset $offset in $engine engine"); } public function testKeySizes() diff --git a/tests/Unit/Crypt/TripleDESTest.php b/tests/Unit/Crypt/TripleDESTest.php index 43328288..58a490fe 100644 --- a/tests/Unit/Crypt/TripleDESTest.php +++ b/tests/Unit/Crypt/TripleDESTest.php @@ -5,16 +5,15 @@ * @license http://www.opensource.org/licenses/mit-license.html MIT License */ -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\TripleDES; class Unit_Crypt_TripleDESTest extends PhpseclibTestCase { var $engines = array( - BlockCipher::ENGINE_INTERNAL => 'internal', - BlockCipher::ENGINE_EVAL => 'eval', - BlockCipher::ENGINE_MCRYPT => 'mcrypt', - BlockCipher::ENGINE_OPENSSL => 'OpenSSL', + 'PHP', + 'Eval', + 'mcrypt', + 'OpenSSL', ); public function engineVectors() @@ -91,9 +90,9 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase $result = array(); - foreach ($this->engines as $engine => $engineName) { + foreach ($this->engines as $engine) { foreach ($tests as $test) { - $result[] = array($engine, $engineName, $test[0], $test[1], $test[2]); + $result[] = array($engine, $test[0], $test[1], $test[2]); } } @@ -103,11 +102,11 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase /** * @dataProvider engineVectors */ - public function testVectors($engine, $engineName, $key, $plaintext, $expected) + public function testVectors($engine, $key, $plaintext, $expected) { - $des = new TripleDES(TripleDES::MODE_CBC); + $des = new TripleDES('cbc'); if (!$des->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $engineName . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $des->setPreferredEngine($engine); $des->setKey($key); @@ -115,15 +114,16 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase $des->disablePadding(); $result = $des->encrypt($plaintext); $plaintext = bin2hex($plaintext); - $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engineName engine"); + $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); } public function engineIVVectors() { $engines = array( - BlockCipher::ENGINE_INTERNAL => 'internal', - BlockCipher::ENGINE_MCRYPT => 'mcrypt', - BlockCipher::ENGINE_OPENSSL => 'OpenSSL', + 'PHP', + 'Eval', + 'mcrypt', + 'OpenSSL', ); // tests from http://csrc.nist.gov/groups/STM/cavp/documents/des/DESMMT.pdf @@ -143,9 +143,9 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase $result = array(); - foreach ($engines as $engine => $engineName) { + foreach ($engines as $engine) { foreach ($tests as $test) { - $result[] = array($engine, $engineName, $test[0], $test[1], $test[2], $test[3]); + $result[] = array($engine, $test[0], $test[1], $test[2], $test[3]); } } @@ -155,11 +155,11 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase /** * @dataProvider engineIVVectors */ - public function testVectorsWithIV($engine, $engineName, $key, $iv, $plaintext, $expected) + public function testVectorsWithIV($engine, $key, $iv, $plaintext, $expected) { - $des = new TripleDES(TripleDES::MODE_CBC); + $des = new TripleDES('cbc'); if (!$des->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $engineName . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $des->setPreferredEngine($engine); $des->setKey($key); @@ -167,7 +167,7 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase $des->disablePadding(); $result = $des->encrypt($plaintext); $plaintext = bin2hex($plaintext); - $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engineName engine"); + $this->assertEquals($result, $expected, "Failed asserting that $plaintext yielded expected output in $engin engine"); } public function testInnerChaining() @@ -176,25 +176,25 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase // e089b6d84708c6bc80be6c2da82bd19a79ffe11f02933ac1 $expected = 'e089b6d84708c6bc6f04c8971121603d7be2861efae0f3f5'; - $des = new TripleDES(TripleDES::MODE_3CBC); + $des = new TripleDES('3cbc'); $des->setKey('abcdefghijklmnopqrstuvwx'); $des->setIV(str_repeat("\0", $des->getBlockLength() >> 3)); - foreach ($this->engines as $engine => $engineName) { + foreach ($this->engines as $engine) { $des->setPreferredEngine($engine); if (!$des->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $engineName . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $result = bin2hex($des->encrypt(str_repeat('a', 16))); - $this->assertEquals($result, $expected, "Failed asserting inner chainin worked correctly in $engineName engine"); + $this->assertEquals($result, $expected, "Failed asserting inner chainin worked correctly in $engine engine"); } } // test special case lambda function error public function testCorrectSelfUseInLambda() { - $td = new TripleDES( TripleDES::MODE_ECB ); - $td->setPreferredEngine( TripleDES::ENGINE_INTERNAL ); + $td = new TripleDES('ecb'); + $td->setPreferredEngine('Eval'); for ( $i = 0; $i < 20; $i++ ) { $td->setKey( str_repeat( 'a', 20 ) . pack( 'V', mt_rand() ) ); $td->encrypt( str_repeat( 'a', 32 ) ); diff --git a/tests/Unit/Crypt/TwofishTest.php b/tests/Unit/Crypt/TwofishTest.php index 08945378..5fa451ac 100644 --- a/tests/Unit/Crypt/TwofishTest.php +++ b/tests/Unit/Crypt/TwofishTest.php @@ -5,7 +5,6 @@ * @license http://www.opensource.org/licenses/mit-license.html MIT License */ -use phpseclib\Crypt\Common\BlockCipher; use phpseclib\Crypt\Twofish; class Unit_Crypt_TwofishTest extends PhpseclibTestCase @@ -13,14 +12,14 @@ class Unit_Crypt_TwofishTest extends PhpseclibTestCase public function testVectors() { $engines = array( - BlockCipher::ENGINE_INTERNAL => 'internal', - BlockCipher::ENGINE_EVAL => 'eval', - BlockCipher::ENGINE_MCRYPT => 'mcrypt', - BlockCipher::ENGINE_OPENSSL => 'OpenSSL', + 'PHP', + 'Eval', + 'mcrypt', + 'OpenSSL', ); - foreach ($engines as $engine => $name) { - $tf = new Twofish(Twofish::MODE_CBC); + foreach ($engines as $engine) { + $tf = new Twofish('cbc'); $tf->setIV(str_repeat("\0", $tf->getBlockLength() >> 3)); $tf->disablePadding(); @@ -30,47 +29,47 @@ class Unit_Crypt_TwofishTest extends PhpseclibTestCase $key = pack('H*', '00000000000000000000000000000000'); $tf->setKey($key); if (!$tf->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $name . ' engine'); + self::markTestSkipped('Unable to initialize $engine engine'); } $plaintext = pack('H*', '00000000000000000000000000000000'); $ciphertext = $tf->encrypt($plaintext); $expected = strtolower('9F589F5CF6122C32B6BFEC2F2AE8C35A'); - $this->assertEquals(bin2hex($ciphertext), $expected, "Failed asserting that $plaintext yielded expected output in $name engine"); + $this->assertEquals(bin2hex($ciphertext), $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); $expected = bin2hex($plaintext); $plaintext = bin2hex($tf->decrypt($ciphertext)); - $this->assertEquals($plaintext, $expected, "Failed asserting that $plaintext yielded expected output in $name engine"); + $this->assertEquals($plaintext, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); // key size = 192 $key = pack('H*', '0123456789ABCDEFFEDCBA98765432100011223344556677'); $tf->setKey($key); if (!$tf->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $name . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $plaintext = pack('H*', '00000000000000000000000000000000'); $ciphertext = $tf->encrypt($plaintext); $expected = strtolower('CFD1D2E5A9BE9CDF501F13B892BD2248'); - $this->assertEquals(bin2hex($ciphertext), $expected, "Failed asserting that $plaintext yielded expected output in $name engine"); + $this->assertEquals(bin2hex($ciphertext), $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); $expected = bin2hex($plaintext); $plaintext = bin2hex($tf->decrypt($ciphertext)); - $this->assertEquals($plaintext, $expected, "Failed asserting that $plaintext yielded expected output in $name engine"); + $this->assertEquals($plaintext, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); // key size = 256 $key = pack('H*', '0123456789ABCDEFFEDCBA987654321000112233445566778899AABBCCDDEEFF'); $tf->setKey($key); if (!$tf->isValidEngine($engine)) { - self::markTestSkipped('Unable to initialize ' . $name . ' engine'); + self::markTestSkipped("Unable to initialize $engine engine"); } $plaintext = pack('H*', '00000000000000000000000000000000'); $ciphertext = $tf->encrypt($plaintext); $expected = strtolower('37527BE0052334B89F0CFCCAE87CFA20'); - $this->assertEquals(bin2hex($ciphertext), $expected, "Failed asserting that $plaintext yielded expected output in $name engine"); + $this->assertEquals(bin2hex($ciphertext), $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); $expected = bin2hex($plaintext); $plaintext = bin2hex($tf->decrypt($ciphertext)); - $this->assertEquals($plaintext, $expected, "Failed asserting that $plaintext yielded expected output in $name engine"); + $this->assertEquals($plaintext, $expected, "Failed asserting that $plaintext yielded expected output in $engine engine"); } } }