mirror of
https://github.com/phpseclib/phpseclib.git
synced 2024-12-27 03:42:40 +00:00
Merge branch 'getkeylength' into 1.0
This commit is contained in:
commit
666092c889
@ -183,13 +183,13 @@ class Crypt_AES extends Crypt_Rijndael
|
|||||||
$length = strlen($key);
|
$length = strlen($key);
|
||||||
switch (true) {
|
switch (true) {
|
||||||
case $length <= 16:
|
case $length <= 16:
|
||||||
$this->key_size = 16;
|
$this->key_length = 16;
|
||||||
break;
|
break;
|
||||||
case $length <= 24:
|
case $length <= 24:
|
||||||
$this->key_size = 24;
|
$this->key_length = 24;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
$this->key_size = 32;
|
$this->key_length = 32;
|
||||||
}
|
}
|
||||||
$this->_setEngine();
|
$this->_setEngine();
|
||||||
}
|
}
|
||||||
|
@ -385,15 +385,6 @@ class Crypt_Base
|
|||||||
*/
|
*/
|
||||||
var $cipher_name_openssl_ecb;
|
var $cipher_name_openssl_ecb;
|
||||||
|
|
||||||
/**
|
|
||||||
* The default password key_size used by setPassword()
|
|
||||||
*
|
|
||||||
* @see Crypt_Base::setPassword()
|
|
||||||
* @var int
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
var $password_key_size = 32;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The default salt used by setPassword()
|
* The default salt used by setPassword()
|
||||||
*
|
*
|
||||||
@ -470,6 +461,24 @@ class Crypt_Base
|
|||||||
*/
|
*/
|
||||||
var $openssl_options;
|
var $openssl_options;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Has the key length explicitly been set or should it be derived from the key, itself?
|
||||||
|
*
|
||||||
|
* @see self::setKeyLength()
|
||||||
|
* @var bool
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
var $explicit_key_length = false;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Don't truncate / null pad key
|
||||||
|
*
|
||||||
|
* @see self::_clearBuffers()
|
||||||
|
* @var bool
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
var $skip_key_adjustment = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default Constructor.
|
* Default Constructor.
|
||||||
*
|
*
|
||||||
@ -542,6 +551,43 @@ class Crypt_Base
|
|||||||
$this->changed = true;
|
$this->changed = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the key length.
|
||||||
|
*
|
||||||
|
* Keys with explicitly set lengths need to be treated accordingly
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param int $length
|
||||||
|
*/
|
||||||
|
function setKeyLength($length)
|
||||||
|
{
|
||||||
|
$this->explicit_key_length = true;
|
||||||
|
$this->changed = true;
|
||||||
|
$this->_setEngine();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the current key length in bits
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
function getKeyLength()
|
||||||
|
{
|
||||||
|
return $this->key_length << 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the current block length in bits
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
function getBlockLength()
|
||||||
|
{
|
||||||
|
return $this->block_size << 3;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* Sets the key.
|
||||||
*
|
*
|
||||||
@ -558,6 +604,11 @@ class Crypt_Base
|
|||||||
*/
|
*/
|
||||||
function setKey($key)
|
function setKey($key)
|
||||||
{
|
{
|
||||||
|
if (!$this->explicit_key_length) {
|
||||||
|
$this->setKeyLength(strlen($key) << 3);
|
||||||
|
$this->explicit_key_length = false;
|
||||||
|
}
|
||||||
|
|
||||||
$this->key = $key;
|
$this->key = $key;
|
||||||
$this->changed = true;
|
$this->changed = true;
|
||||||
$this->_setEngine();
|
$this->_setEngine();
|
||||||
@ -601,7 +652,7 @@ class Crypt_Base
|
|||||||
if (isset($func_args[5])) {
|
if (isset($func_args[5])) {
|
||||||
$dkLen = $func_args[5];
|
$dkLen = $func_args[5];
|
||||||
} else {
|
} else {
|
||||||
$dkLen = $method == 'pbkdf1' ? 2 * $this->password_key_size : $this->password_key_size;
|
$dkLen = $method == 'pbkdf1' ? 2 * $this->key_length : $this->key_length;
|
||||||
}
|
}
|
||||||
|
|
||||||
switch (true) {
|
switch (true) {
|
||||||
@ -1873,6 +1924,10 @@ class Crypt_Base
|
|||||||
// mcrypt's handling of invalid's $iv:
|
// mcrypt's handling of invalid's $iv:
|
||||||
// $this->encryptIV = $this->decryptIV = strlen($this->iv) == $this->block_size ? $this->iv : str_repeat("\0", $this->block_size);
|
// $this->encryptIV = $this->decryptIV = strlen($this->iv) == $this->block_size ? $this->iv : str_repeat("\0", $this->block_size);
|
||||||
$this->encryptIV = $this->decryptIV = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, "\0");
|
$this->encryptIV = $this->decryptIV = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, "\0");
|
||||||
|
|
||||||
|
if (!$this->skip_key_adjustment) {
|
||||||
|
$this->key = str_pad(substr($this->key, 0, $this->key_length), $this->key_length, "\0");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -120,16 +120,6 @@ class Crypt_Blowfish extends Crypt_Base
|
|||||||
*/
|
*/
|
||||||
var $block_size = 8;
|
var $block_size = 8;
|
||||||
|
|
||||||
/**
|
|
||||||
* The default password key_size used by setPassword()
|
|
||||||
*
|
|
||||||
* @see Crypt_Base::password_key_size
|
|
||||||
* @see Crypt_Base::setPassword()
|
|
||||||
* @var int
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
var $password_key_size = 56;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The namespace used by the cipher for its constants.
|
* The namespace used by the cipher for its constants.
|
||||||
*
|
*
|
||||||
@ -354,31 +344,37 @@ class Crypt_Blowfish extends Crypt_Base
|
|||||||
var $kl;
|
var $kl;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* The Key Length (in bytes)
|
||||||
*
|
*
|
||||||
* Keys can be of any length. Blowfish, itself, requires the use of a key between 32 and max. 448-bits long.
|
* @see Crypt_Base::setKeyLength()
|
||||||
* If the key is less than 32-bits we NOT fill the key to 32bit but let the key as it is to be compatible
|
* @var int
|
||||||
* with mcrypt because mcrypt act this way with blowfish key's < 32 bits.
|
* @access private
|
||||||
|
* @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk
|
||||||
|
* because the encryption / decryption / key schedule creation requires this number and not $key_length. We could
|
||||||
|
* derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
||||||
|
* of that, we'll just precompute it once.
|
||||||
|
*/
|
||||||
|
var $key_length = 16;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the key length.
|
||||||
*
|
*
|
||||||
* If the key is more than 448-bits, we trim the excess bits.
|
* Key lengths can be between 32 and 448 bits.
|
||||||
*
|
|
||||||
* If the key is not explicitly set, or empty, it'll be assumed a 128 bits key to be all null bytes.
|
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @see Crypt_Base::setKey()
|
* @param int $length
|
||||||
* @param string $key
|
|
||||||
*/
|
*/
|
||||||
function setKey($key)
|
function setKeyLength($length)
|
||||||
{
|
{
|
||||||
$keylength = strlen($key);
|
if ($length < 32) {
|
||||||
|
$this->key_length = 7;
|
||||||
if (!$keylength) {
|
} elseif ($length > 448) {
|
||||||
$key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
$this->key_length = 56;
|
||||||
} elseif ($keylength > 56) {
|
} else {
|
||||||
$key = substr($key, 0, 56);
|
$this->key_length = $length >> 3;
|
||||||
}
|
}
|
||||||
|
|
||||||
parent::setKey($key);
|
parent::setKeyLength($length);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -394,7 +390,7 @@ class Crypt_Blowfish extends Crypt_Base
|
|||||||
function isValidEngine($engine)
|
function isValidEngine($engine)
|
||||||
{
|
{
|
||||||
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
||||||
if (strlen($this->key) != 16) {
|
if ($this->key_length != 16) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$this->cipher_name_openssl_ecb = 'bf-ecb';
|
$this->cipher_name_openssl_ecb = 'bf-ecb';
|
||||||
|
@ -140,24 +140,13 @@ class Crypt_DES extends Crypt_Base
|
|||||||
var $block_size = 8;
|
var $block_size = 8;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Key
|
* Key Length (in bytes)
|
||||||
*
|
*
|
||||||
* @see Crypt_Base::key
|
* @see Crypt_Base::setKeyLength()
|
||||||
* @see setKey()
|
|
||||||
* @var string
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
var $key = "\0\0\0\0\0\0\0\0";
|
|
||||||
|
|
||||||
/**
|
|
||||||
* The default password key_size used by setPassword()
|
|
||||||
*
|
|
||||||
* @see Crypt_Base::password_key_size
|
|
||||||
* @see Crypt_Base::setPassword()
|
|
||||||
* @var int
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $password_key_size = 8;
|
var $key_length = 8;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The namespace used by the cipher for its constants.
|
* The namespace used by the cipher for its constants.
|
||||||
@ -220,7 +209,7 @@ class Crypt_DES extends Crypt_Base
|
|||||||
* @var string
|
* @var string
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $key_size_max = 8;
|
var $key_length_max = 8;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Key Schedule
|
* The Key Schedule
|
||||||
@ -674,7 +663,7 @@ class Crypt_DES extends Crypt_Base
|
|||||||
*/
|
*/
|
||||||
function isValidEngine($engine)
|
function isValidEngine($engine)
|
||||||
{
|
{
|
||||||
if ($this->key_size_max == 8) {
|
if ($this->key_length_max == 8) {
|
||||||
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
||||||
$this->cipher_name_openssl_ecb = 'des-ecb';
|
$this->cipher_name_openssl_ecb = 'des-ecb';
|
||||||
$this->cipher_name_openssl = 'des-' . $this->_openssl_translate_mode();
|
$this->cipher_name_openssl = 'des-' . $this->_openssl_translate_mode();
|
||||||
@ -703,8 +692,8 @@ class Crypt_DES extends Crypt_Base
|
|||||||
{
|
{
|
||||||
// We check/cut here only up to max length of the key.
|
// We check/cut here only up to max length of the key.
|
||||||
// Key padding to the proper length will be done in _setupKey()
|
// Key padding to the proper length will be done in _setupKey()
|
||||||
if (strlen($key) > $this->key_size_max) {
|
if (strlen($key) > $this->key_length_max) {
|
||||||
$key = substr($key, 0, $this->key_size_max);
|
$key = substr($key, 0, $this->key_length_max);
|
||||||
}
|
}
|
||||||
|
|
||||||
// Sets the key
|
// Sets the key
|
||||||
|
@ -139,14 +139,22 @@ class Crypt_RC2 extends Crypt_Base
|
|||||||
var $orig_key;
|
var $orig_key;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The default password key_size used by setPassword()
|
* Don't truncate / null pad key
|
||||||
*
|
*
|
||||||
* @see Crypt_Base::password_key_size
|
* @see Crypt_Base::_clearBuffers()
|
||||||
* @see Crypt_Base::setPassword()
|
* @var bool
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
var $skip_key_adjustment = true;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Key Length (in bytes)
|
||||||
|
*
|
||||||
|
* @see Crypt_RC2::setKeyLength()
|
||||||
* @var int
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $password_key_size = 16; // = 128 bits
|
var $key_length = 16; // = 128 bits
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The namespace used by the cipher for its constants.
|
* The namespace used by the cipher for its constants.
|
||||||
@ -366,7 +374,7 @@ class Crypt_RC2 extends Crypt_Base
|
|||||||
{
|
{
|
||||||
switch ($engine) {
|
switch ($engine) {
|
||||||
case CRYPT_ENGINE_OPENSSL:
|
case CRYPT_ENGINE_OPENSSL:
|
||||||
if ($this->current_key_length != 128 || strlen($this->orig_key) != 16) {
|
if ($this->current_key_length != 128 || strlen($this->orig_key) < 16) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$this->cipher_name_openssl_ecb = 'rc2-ecb';
|
$this->cipher_name_openssl_ecb = 'rc2-ecb';
|
||||||
@ -377,7 +385,7 @@ class Crypt_RC2 extends Crypt_Base
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key length
|
* Sets the key length.
|
||||||
*
|
*
|
||||||
* Valid key lengths are 1 to 1024.
|
* Valid key lengths are 1 to 1024.
|
||||||
* Calling this function after setting the key has no effect until the next
|
* Calling this function after setting the key has no effect until the next
|
||||||
@ -393,6 +401,17 @@ class Crypt_RC2 extends Crypt_Base
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the current key length
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
function getKeyLength()
|
||||||
|
{
|
||||||
|
return $this->current_key_length;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* Sets the key.
|
||||||
*
|
*
|
||||||
@ -448,6 +467,7 @@ class Crypt_RC2 extends Crypt_Base
|
|||||||
// Prepare the key for mcrypt.
|
// Prepare the key for mcrypt.
|
||||||
$l[0] = $this->invpitable[$l[0]];
|
$l[0] = $this->invpitable[$l[0]];
|
||||||
array_unshift($l, 'C*');
|
array_unshift($l, 'C*');
|
||||||
|
|
||||||
parent::setKey(call_user_func_array('pack', $l));
|
parent::setKey(call_user_func_array('pack', $l));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -99,14 +99,13 @@ class Crypt_RC4 extends Crypt_Base
|
|||||||
var $block_size = 0;
|
var $block_size = 0;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The default password key_size used by setPassword()
|
* Key Length (in bytes)
|
||||||
*
|
*
|
||||||
* @see Crypt_Base::password_key_size
|
* @see Crypt_RC4::setKeyLength()
|
||||||
* @see Crypt_Base::setPassword()
|
|
||||||
* @var int
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $password_key_size = 128; // = 1024 bits
|
var $key_length = 128; // = 1024 bits
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The namespace used by the cipher for its constants.
|
* The namespace used by the cipher for its constants.
|
||||||
@ -223,18 +222,24 @@ class Crypt_RC4 extends Crypt_Base
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* Sets the key length
|
||||||
*
|
*
|
||||||
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
|
* Keys can be between 1 and 256 bytes long.
|
||||||
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
|
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @see Crypt_Base::setKey()
|
* @param int $length
|
||||||
* @param string $key
|
|
||||||
*/
|
*/
|
||||||
function setKey($key)
|
function setKeyLength($length)
|
||||||
{
|
{
|
||||||
parent::setKey(substr($key, 0, 256));
|
if ($length < 8) {
|
||||||
|
$this->key_length = 1;
|
||||||
|
} elseif ($length > 2048) {
|
||||||
|
$this->key_length = 248;
|
||||||
|
} else {
|
||||||
|
$this->key_length = $length >> 3;
|
||||||
|
}
|
||||||
|
|
||||||
|
parent::setKeyLength($length);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -127,16 +127,6 @@ define('CRYPT_RIJNDAEL_MODE_OFB', CRYPT_MODE_OFB);
|
|||||||
*/
|
*/
|
||||||
class Crypt_Rijndael extends Crypt_Base
|
class Crypt_Rijndael extends Crypt_Base
|
||||||
{
|
{
|
||||||
/**
|
|
||||||
* The default password key_size used by setPassword()
|
|
||||||
*
|
|
||||||
* @see Crypt_Base::password_key_size
|
|
||||||
* @see Crypt_Base::setPassword()
|
|
||||||
* @var int
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
var $password_key_size = 16;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The namespace used by the cipher for its constants.
|
* The namespace used by the cipher for its constants.
|
||||||
*
|
*
|
||||||
@ -149,9 +139,9 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
/**
|
/**
|
||||||
* The mcrypt specific name of the cipher
|
* The mcrypt specific name of the cipher
|
||||||
*
|
*
|
||||||
* Mcrypt is useable for 128/192/256-bit $block_size/$key_size. For 160/224 not.
|
* Mcrypt is useable for 128/192/256-bit $block_size/$key_length. For 160/224 not.
|
||||||
* Crypt_Rijndael determines automatically whether mcrypt is useable
|
* Crypt_Rijndael determines automatically whether mcrypt is useable
|
||||||
* or not for the current $block_size/$key_size.
|
* or not for the current $block_size/$key_length.
|
||||||
* In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly.
|
* In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly.
|
||||||
*
|
*
|
||||||
* @see Crypt_Base::cipher_name_mcrypt
|
* @see Crypt_Base::cipher_name_mcrypt
|
||||||
@ -172,15 +162,6 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
*/
|
*/
|
||||||
var $password_default_salt = 'phpseclib';
|
var $password_default_salt = 'phpseclib';
|
||||||
|
|
||||||
/**
|
|
||||||
* Has the key length explicitly been set or should it be derived from the key, itself?
|
|
||||||
*
|
|
||||||
* @see setKeyLength()
|
|
||||||
* @var bool
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
var $explicit_key_length = false;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Key Schedule
|
* The Key Schedule
|
||||||
*
|
*
|
||||||
@ -213,17 +194,17 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
var $Nb = 4;
|
var $Nb = 4;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Key Length
|
* The Key Length (in bytes)
|
||||||
*
|
*
|
||||||
* @see setKeyLength()
|
* @see setKeyLength()
|
||||||
* @var int
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
* @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk
|
* @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk
|
||||||
* because the encryption / decryption / key schedule creation requires this number and not $key_size. We could
|
* because the encryption / decryption / key schedule creation requires this number and not $key_length. We could
|
||||||
* derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
* derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
||||||
* of that, we'll just precompute it once.
|
* of that, we'll just precompute it once.
|
||||||
*/
|
*/
|
||||||
var $key_size = 16;
|
var $key_length = 16;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The Key Length divided by 32
|
* The Key Length divided by 32
|
||||||
@ -289,48 +270,7 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* Sets the key length.
|
||||||
*
|
|
||||||
* Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and
|
|
||||||
* whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length
|
|
||||||
* up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the
|
|
||||||
* excess bits.
|
|
||||||
*
|
|
||||||
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
|
||||||
*
|
|
||||||
* Note: 160/224-bit keys must explicitly set by setKeyLength(), otherwise they will be round/pad up to 192/256 bits.
|
|
||||||
*
|
|
||||||
* @see Crypt_Base:setKey()
|
|
||||||
* @see setKeyLength()
|
|
||||||
* @access public
|
|
||||||
* @param string $key
|
|
||||||
*/
|
|
||||||
function setKey($key)
|
|
||||||
{
|
|
||||||
if (!$this->explicit_key_length) {
|
|
||||||
$length = strlen($key);
|
|
||||||
switch (true) {
|
|
||||||
case $length <= 16:
|
|
||||||
$this->key_size = 16;
|
|
||||||
break;
|
|
||||||
case $length <= 20:
|
|
||||||
$this->key_size = 20;
|
|
||||||
break;
|
|
||||||
case $length <= 24:
|
|
||||||
$this->key_size = 24;
|
|
||||||
break;
|
|
||||||
case $length <= 28:
|
|
||||||
$this->key_size = 28;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
$this->key_size = 32;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
parent::setKey($key);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Sets the key length
|
|
||||||
*
|
*
|
||||||
* Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
|
* Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
|
||||||
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
|
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
|
||||||
@ -352,25 +292,23 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
function setKeyLength($length)
|
function setKeyLength($length)
|
||||||
{
|
{
|
||||||
switch (true) {
|
switch (true) {
|
||||||
case $length == 160:
|
|
||||||
$this->key_size = 20;
|
|
||||||
break;
|
|
||||||
case $length == 224:
|
|
||||||
$this->key_size = 28;
|
|
||||||
break;
|
|
||||||
case $length <= 128:
|
case $length <= 128:
|
||||||
$this->key_size = 16;
|
$this->key_length = 16;
|
||||||
|
break;
|
||||||
|
case $length <= 160:
|
||||||
|
$this->key_length = 20;
|
||||||
break;
|
break;
|
||||||
case $length <= 192:
|
case $length <= 192:
|
||||||
$this->key_size = 24;
|
$this->key_length = 24;
|
||||||
|
break;
|
||||||
|
case $length <= 224:
|
||||||
|
$this->key_length = 28;
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
$this->key_size = 32;
|
$this->key_length = 32;
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->explicit_key_length = true;
|
parent::setKeyLength($length);
|
||||||
$this->changed = true;
|
|
||||||
$this->_setEngine();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -413,12 +351,12 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
if ($this->block_size != 16) {
|
if ($this->block_size != 16) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$this->cipher_name_openssl_ecb = 'aes-' . ($this->key_size << 3) . '-ecb';
|
$this->cipher_name_openssl_ecb = 'aes-' . ($this->key_length << 3) . '-ecb';
|
||||||
$this->cipher_name_openssl = 'aes-' . ($this->key_size << 3) . '-' . $this->_openssl_translate_mode();
|
$this->cipher_name_openssl = 'aes-' . ($this->key_length << 3) . '-' . $this->_openssl_translate_mode();
|
||||||
break;
|
break;
|
||||||
case CRYPT_ENGINE_MCRYPT:
|
case CRYPT_ENGINE_MCRYPT:
|
||||||
$this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3);
|
$this->cipher_name_mcrypt = 'rijndael-' . ($this->block_size << 3);
|
||||||
if ($this->key_size % 8) { // is it a 160/224-bit key?
|
if ($this->key_length % 8) { // is it a 160/224-bit key?
|
||||||
// mcrypt is not usable for them, only for 128/192/256-bit keys
|
// mcrypt is not usable for them, only for 128/192/256-bit keys
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@ -427,18 +365,6 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
return parent::isValidEngine($engine);
|
return parent::isValidEngine($engine);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Setup the CRYPT_ENGINE_MCRYPT $engine
|
|
||||||
*
|
|
||||||
* @see Crypt_Base::_setupMcrypt()
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
function _setupMcrypt()
|
|
||||||
{
|
|
||||||
$this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, "\0");
|
|
||||||
parent::_setupMcrypt();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Encrypts a block
|
* Encrypts a block
|
||||||
*
|
*
|
||||||
@ -649,15 +575,13 @@ class Crypt_Rijndael extends Crypt_Base
|
|||||||
0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000
|
0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, "\0");
|
if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) {
|
||||||
|
|
||||||
if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_size === $this->kl['key_size'] && $this->block_size === $this->kl['block_size']) {
|
|
||||||
// already expanded
|
// already expanded
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$this->kl = array('key' => $this->key, 'key_size' => $this->key_size, 'block_size' => $this->block_size);
|
$this->kl = array('key' => $this->key, 'key_length' => $this->key_length, 'block_size' => $this->block_size);
|
||||||
|
|
||||||
$this->Nk = $this->key_size >> 2;
|
$this->Nk = $this->key_length >> 2;
|
||||||
// see Rijndael-ammended.pdf#page=44
|
// see Rijndael-ammended.pdf#page=44
|
||||||
$this->Nr = max($this->Nk, $this->Nb) + 6;
|
$this->Nr = max($this->Nk, $this->Nb) + 6;
|
||||||
|
|
||||||
|
@ -95,15 +95,13 @@ define('CRYPT_DES_MODE_CBC3', CRYPT_MODE_CBC3);
|
|||||||
class Crypt_TripleDES extends Crypt_DES
|
class Crypt_TripleDES extends Crypt_DES
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* The default password key_size used by setPassword()
|
* Key Length (in bytes)
|
||||||
*
|
*
|
||||||
* @see Crypt_DES::password_key_size
|
* @see Crypt_TripleDES::setKeyLength()
|
||||||
* @see Crypt_Base::password_key_size
|
|
||||||
* @see Crypt_Base::setPassword()
|
|
||||||
* @var int
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $password_key_size = 24;
|
var $key_length = 24;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The default salt used by setPassword()
|
* The default salt used by setPassword()
|
||||||
@ -152,7 +150,7 @@ class Crypt_TripleDES extends Crypt_DES
|
|||||||
* @var string
|
* @var string
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $key_size_max = 24;
|
var $key_length_max = 24;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Internal flag whether using CRYPT_DES_MODE_3CBC or not
|
* Internal flag whether using CRYPT_DES_MODE_3CBC or not
|
||||||
@ -266,6 +264,32 @@ class Crypt_TripleDES extends Crypt_DES
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the key length.
|
||||||
|
*
|
||||||
|
* Valid key lengths are 64, 128 and 192
|
||||||
|
*
|
||||||
|
* @see Crypt_Base:setKeyLength()
|
||||||
|
* @access public
|
||||||
|
* @param int $length
|
||||||
|
*/
|
||||||
|
function setKeyLength($length)
|
||||||
|
{
|
||||||
|
$length >>= 3;
|
||||||
|
switch (true) {
|
||||||
|
case $length <= 8:
|
||||||
|
$this->key_length = 8;
|
||||||
|
break;
|
||||||
|
case $length <= 16:
|
||||||
|
$this->key_length = 16;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
$this->key_length = 24;
|
||||||
|
}
|
||||||
|
|
||||||
|
parent::setKeyLength($length);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* Sets the key.
|
||||||
*
|
*
|
||||||
@ -283,7 +307,7 @@ class Crypt_TripleDES extends Crypt_DES
|
|||||||
*/
|
*/
|
||||||
function setKey($key)
|
function setKey($key)
|
||||||
{
|
{
|
||||||
$length = strlen($key);
|
$length = $this->explicit_key_length ? $this->key_length : strlen($key);
|
||||||
if ($length > 8) {
|
if ($length > 8) {
|
||||||
$key = str_pad(substr($key, 0, 24), 24, chr(0));
|
$key = str_pad(substr($key, 0, 24), 24, chr(0));
|
||||||
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
||||||
|
@ -433,35 +433,36 @@ class Crypt_Twofish extends Crypt_Base
|
|||||||
var $kl;
|
var $kl;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets the key.
|
* The Key Length (in bytes)
|
||||||
*
|
*
|
||||||
* Keys can be of any length. Twofish, itself, requires the use of a key that's 128, 192 or 256-bits long.
|
* @see Crypt_Twofish::setKeyLength()
|
||||||
* If the key is less than 256-bits we round the length up to the closest valid key length,
|
* @var int
|
||||||
* padding $key with null bytes. If the key is more than 256-bits, we trim the excess bits.
|
* @access private
|
||||||
|
*/
|
||||||
|
var $key_length = 16;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the key length.
|
||||||
*
|
*
|
||||||
* If the key is not explicitly set, it'll be assumed a 128 bits key to be all null bytes.
|
* Valid key lengths are 128, 192 or 256 bits
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @see Crypt_Base::setKey()
|
* @param int $length
|
||||||
* @param string $key
|
|
||||||
*/
|
*/
|
||||||
function setKey($key)
|
function setKeyLength($length)
|
||||||
{
|
{
|
||||||
$keylength = strlen($key);
|
|
||||||
switch (true) {
|
switch (true) {
|
||||||
case $keylength <= 16:
|
case $length <= 128:
|
||||||
$key = str_pad($key, 16, "\0");
|
$this->key_length = 16;
|
||||||
break;
|
break;
|
||||||
case $keylength <= 24:
|
case $length <= 192:
|
||||||
$key = str_pad($key, 24, "\0");
|
$this->key_length = 24;
|
||||||
break;
|
break;
|
||||||
case $keylength < 32:
|
default:
|
||||||
$key = str_pad($key, 32, "\0");
|
$this->key_length = 32;
|
||||||
break;
|
|
||||||
case $keylength > 32:
|
|
||||||
$key = substr($key, 0, 32);
|
|
||||||
}
|
}
|
||||||
parent::setKey($key);
|
|
||||||
|
parent::setKeyLength($length);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -334,4 +334,39 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
|
|||||||
$result = bin2hex($aes->encrypt(pack('H*', '91fbef2d15a97816060bee1feaa49afe')));
|
$result = bin2hex($aes->encrypt(pack('H*', '91fbef2d15a97816060bee1feaa49afe')));
|
||||||
$this->assertSame($result, '1bc704f1bce135ceb810341b216d7abe');
|
$this->assertSame($result, '1bc704f1bce135ceb810341b216d7abe');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testGetKeyLengthDefault()
|
||||||
|
{
|
||||||
|
$aes = new Crypt_AES();
|
||||||
|
$this->assertSame($aes->getKeyLength(), 128);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testGetKeyLengthWith192BitKey()
|
||||||
|
{
|
||||||
|
$aes = new Crypt_AES();
|
||||||
|
$aes->setKey(str_repeat('a', 24));
|
||||||
|
$this->assertSame($aes->getKeyLength(), 192);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testSetKeyLengthWithLargerKey()
|
||||||
|
{
|
||||||
|
$aes = new Crypt_AES();
|
||||||
|
$aes->setKeyLength(128);
|
||||||
|
$aes->setKey(str_repeat('a', 24));
|
||||||
|
$this->assertSame($aes->getKeyLength(), 128);
|
||||||
|
$ciphertext = bin2hex($aes->encrypt('a'));
|
||||||
|
$this->assertSame($ciphertext, '82b7b068dfc60ed2a46893b69fecd6c2');
|
||||||
|
$this->assertSame($aes->getKeyLength(), 128);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testSetKeyLengthWithSmallerKey()
|
||||||
|
{
|
||||||
|
$aes = new Crypt_AES();
|
||||||
|
$aes->setKeyLength(256);
|
||||||
|
$aes->setKey(str_repeat('a', 16));
|
||||||
|
$this->assertSame($aes->getKeyLength(), 256);
|
||||||
|
$ciphertext = bin2hex($aes->encrypt('a'));
|
||||||
|
$this->assertSame($ciphertext, 'fd4250c0d234aa7e1aa592820aa8406b');
|
||||||
|
$this->assertSame($aes->getKeyLength(), 256);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user