From b972a4b36de9c059eb0a42e8639fe2a1cade52dd Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 5 Feb 2016 23:29:20 -0600 Subject: [PATCH 1/2] Tests/AES: add unit test for continuous mode --- tests/Unit/Crypt/AES/TestCase.php | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/tests/Unit/Crypt/AES/TestCase.php b/tests/Unit/Crypt/AES/TestCase.php index c55e0bd5..c7011c19 100644 --- a/tests/Unit/Crypt/AES/TestCase.php +++ b/tests/Unit/Crypt/AES/TestCase.php @@ -369,4 +369,20 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase $this->assertSame($ciphertext, 'fd4250c0d234aa7e1aa592820aa8406b'); $this->assertSame($aes->getKeyLength(), 256); } + + /** + * @group github938 + */ + public function testContinuousBuffer() + { + $aes = new Crypt_AES(); + $aes->disablePadding(); + $aes->enableContinuousBuffer(); + $aes->setIV(pack('H*', '0457bdb4a6712986688349a29eb82535')); + $aes->setKey(pack('H*', '00d596e2c8189b2592fac358e7396ad2')); + $aes->decrypt(pack('H*', '9aa234ea7c750a8109a0f32d768b964e')); + $plaintext = $aes->decrypt(pack('H*', '0457bdb4a6712986688349a29eb82535')); + $expected = pack('H*', '6572617574689e1be8d2d8d43c594cf3'); + $this->assertSame($plaintext, $expected); + } } From bfd467532bf75c03960a5454cb734bba61c96406 Mon Sep 17 00:00:00 2001 From: terrafrost Date: Fri, 5 Feb 2016 23:50:30 -0600 Subject: [PATCH 2/2] Crypt/Base: fix continuous mode in CBC / decryption / OpenSSL --- phpseclib/Crypt/Base.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/phpseclib/Crypt/Base.php b/phpseclib/Crypt/Base.php index 37265764..a6616816 100644 --- a/phpseclib/Crypt/Base.php +++ b/phpseclib/Crypt/Base.php @@ -746,10 +746,13 @@ class Crypt_Base return !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result; case CRYPT_MODE_CBC: $result = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->encryptIV); + if (!defined('OPENSSL_RAW_DATA')) { + $result = substr($result, 0, -$this->block_size); + } if ($this->continuousBuffer) { $this->encryptIV = substr($result, -$this->block_size); } - return !defined('OPENSSL_RAW_DATA') ? substr($result, 0, -$this->block_size) : $result; + return $result; case CRYPT_MODE_CTR: return $this->_openssl_ctr_process($plaintext, $this->encryptIV, $this->enbuffer); case CRYPT_MODE_CFB: @@ -1052,10 +1055,13 @@ class Crypt_Base if (!defined('OPENSSL_RAW_DATA')) { $padding = str_repeat(chr($this->block_size), $this->block_size) ^ substr($ciphertext, -$this->block_size); $ciphertext.= substr(openssl_encrypt($padding, $this->cipher_name_openssl_ecb, $this->key, true), 0, $this->block_size); + $offset = 2 * $this->block_size; + } else { + $offset = $this->block_size; } $plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, $this->openssl_options, $this->decryptIV); if ($this->continuousBuffer) { - $this->decryptIV = substr($ciphertext, -$this->block_size); + $this->decryptIV = substr($ciphertext, -$offset, $this->block_size); } break; case CRYPT_MODE_CTR: