Merge branch '1.0' into 2.0

2024-11-17 18:55:13 +00:00 · 2023-09-21 15:08:28 -05:00 · 2023-09-21 15:08:28 -05:00 · 76e94055f4
commit 76e94055f4
parent 28d8f438a0 b1bd715445
3 changed files with 36 additions and 39 deletions
--- a/phpseclib/Crypt/AES.php
+++ b/phpseclib/Crypt/AES.php
@ -84,43 +84,13 @@ class AES extends Rijndael
     */
    function setKeyLength($length)
    {
-        switch ($length) {
-            case 160:
-                $length = 192;
-                break;
-            case 224:
-                $length = 256;
-        }
        parent::setKeyLength($length);
-    }
-
-    /**
-     * Sets the key.
-     *
-     * Rijndael supports five different key lengths, AES only supports three.
-     *
-     * @see \phpseclib\Crypt\Rijndael:setKey()
-     * @see setKeyLength()
-     * @access public
-     * @param string $key
-     */
-    function setKey($key)
-    {
-        parent::setKey($key);
-
-        if (!$this->explicit_key_length) {
-            $length = strlen($key);
-            switch (true) {
-                case $length <= 16:
-                    $this->key_length = 16;
-                    break;
-                case $length <= 24:
-                    $this->key_length = 24;
-                    break;
-                default:
-                    $this->key_length = 32;
-            }
-            $this->_setEngine();
+        switch ($this->key_length) {
+            case 20:
+                $this->key_length = 24;
+                break;
+            case 28:
+                $this->key_length = 32;
        }
    }
 }
--- a/phpseclib/Crypt/Rijndael.php
+++ b/phpseclib/Crypt/Rijndael.php
@ -814,7 +814,6 @@ class Rijndael extends Base

            // Generating encrypt code:
            $init_encrypt.= '
-                static $tables;
                if (empty($tables)) {
                    $tables = &$self->_getTables();
                }
@ -871,7 +870,6 @@ class Rijndael extends Base

            // Generating decrypt code:
            $init_decrypt.= '
-                static $invtables;
                if (empty($invtables)) {
                    $invtables = &$self->_getInvTables();
                }
@ -928,7 +926,7 @@ class Rijndael extends Base

            $lambda_functions[$code_hash] = $this->_createInlineCryptFunction(
                array(
-                   'init_crypt'    => '',
+                   'init_crypt'    => 'static $tables; static $invtables;',
                   'init_encrypt'  => $init_encrypt,
                   'init_decrypt'  => $init_decrypt,
                   'encrypt_block' => $encrypt_block,
--- a/tests/Unit/Crypt/AES/TestCase.php
+++ b/tests/Unit/Crypt/AES/TestCase.php
@ -376,6 +376,35 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
        $this->assertSame($aes->getKeyLength(), 256);
    }

+    public function testInvalidLengthKeyWithAES()
+    {
+        $plaintext = str_repeat('x', 16);
+
+        $aes = new Crypt_Rijndael();
+        $aes->setKey(str_repeat('a', 19));
+        $this->assertSame($aes->getKeyLength(), 160);
+
+        $ref = new Crypt_Rijndael();
+        $ref->setKey(str_repeat('a', 19) . "\0");
+        $this->assertSame(
+            bin2hex($aes->encrypt($plaintext)),
+            bin2hex($ref->encrypt($plaintext)),
+            'actual and expected value do not match for 168 bit Rijndael'
+        );
+
+        $aes = new Crypt_AES();
+        $aes->setKey(str_repeat('a', 19));
+        $this->assertSame($aes->getKeyLength(), 192);
+
+        $ref = new Crypt_AES();
+        $ref->setKey(str_repeat('a', 19) . "\0\0\0\0\0");
+        $this->assertSame(
+            bin2hex($aes->encrypt($plaintext)),
+            bin2hex($ref->encrypt($plaintext)),
+            'actual and expected value do not match for 168 bit AES'
+        );
+    }
+
    /**
     * @group github938
     */