octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2025-02-03 04:18:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Clint Nelissen 2014-12-01 18:54:44 -08:00
parent 43d2e9ef68
commit 9c0c3faeb7
7 changed files with 25 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
composer.json
View File

@ -69,10 +69,7 @@
}, },
"psr-4": { "psr-4": {
"phpseclib\\": "phpseclib/" "phpseclib\\": "phpseclib/"
}, }
"files": [
"phpseclib/Crypt/Random.php"
]
}, },
"extra": { "extra": {
"branch-alias": { "branch-alias": {

18
phpseclib/Crypt/RSA.php
View File

@ -72,11 +72,7 @@ use \phpseclib\Math\BigInteger;
/** /**
* Include Crypt_Random * Include Crypt_Random
*/ */
// the class_exists() will only be called if the crypt_random_string function hasn't been defined and if (!class_exists('Crypt_Random')) {
// will trigger a call to __autoload() if you're wanting to auto-load classes
// call function_exists() a second time to stop the include_once from being called outside
// of the auto loader
if (!function_exists('crypt_random_string')) {
include_once 'Random.php'; include_once 'Random.php';
} }
@ -798,7 +794,7 @@ class Crypt_RSA
$source.= pack('Na*', strlen($private), $private); $source.= pack('Na*', strlen($private), $private);
$hashkey = 'putty-private-key-file-mac-key'; $hashkey = 'putty-private-key-file-mac-key';
} else { } else {
$private.= crypt_random_string(16 - (strlen($private) & 15)); $private.= Crypt_Random::crypt_random_string(16 - (strlen($private) & 15));
$source.= pack('Na*', strlen($private), $private); $source.= pack('Na*', strlen($private), $private);
if (!class_exists('Crypt_AES')) { if (!class_exists('Crypt_AES')) {
include_once 'Crypt/AES.php'; include_once 'Crypt/AES.php';
@ -864,7 +860,7 @@ class Crypt_RSA
); );
$RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
if (!empty($this->password) || is_string($this->password)) { if (!empty($this->password) || is_string($this->password)) {
$salt = crypt_random_string(8); $salt = Crypt_Random::crypt_random_string(8);
$iterationCount = 2048; $iterationCount = 2048;
if (!class_exists('Crypt_DES')) { if (!class_exists('Crypt_DES')) {
@ -904,7 +900,7 @@ class Crypt_RSA
} }
if (!empty($this->password) || is_string($this->password)) { if (!empty($this->password) || is_string($this->password)) {
$iv = crypt_random_string(8); $iv = Crypt_Random::crypt_random_string(8);
$symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key $symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8); $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
if (!class_exists('Crypt_TripleDES')) { if (!class_exists('Crypt_TripleDES')) {
@ -2306,7 +2302,7 @@ class Crypt_RSA
$lHash = $this->hash->hash($l); $lHash = $this->hash->hash($l);
$ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2); $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2);
$db = $lHash . $ps . chr(1) . $m; $db = $lHash . $ps . chr(1) . $m;
$seed = crypt_random_string($this->hLen); $seed = Crypt_Random::crypt_random_string($this->hLen);
$dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1); $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
$maskedDB = $db ^ $dbMask; $maskedDB = $db ^ $dbMask;
$seedMask = $this->_mgf1($maskedDB, $this->hLen); $seedMask = $this->_mgf1($maskedDB, $this->hLen);
@ -2424,7 +2420,7 @@ class Crypt_RSA
$psLen = $this->k - $mLen - 3; $psLen = $this->k - $mLen - 3;
$ps = ''; $ps = '';
while (strlen($ps) != $psLen) { while (strlen($ps) != $psLen) {
$temp = crypt_random_string($psLen - strlen($ps)); $temp = Crypt_Random::crypt_random_string($psLen - strlen($ps));
$temp = str_replace("\x00", '', $temp); $temp = str_replace("\x00", '', $temp);
$ps.= $temp; $ps.= $temp;
} }
@ -2530,7 +2526,7 @@ class Crypt_RSA
return false; return false;
} }
$salt = crypt_random_string($sLen); $salt = Crypt_Random::crypt_random_string($sLen);
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt; $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
$h = $this->hash->hash($m2); $h = $this->hash->hash($m2);
$ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2); $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2);

17
phpseclib/Crypt/Random.php
View File

@ -43,17 +43,8 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently, class Crypt_Random
// have phpseclib as a requirement as well. if you're developing such a program you may encounter {
// a "Cannot redeclare crypt_random_string()" error.
if (!function_exists('crypt_random_string')) {
/**
* "Is Windows" test
*
* @access private
*/
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
/** /**
* Generate a random string. * Generate a random string.
* *
@ -65,9 +56,9 @@ if (!function_exists('crypt_random_string')) {
* @return String * @return String
* @access public * @access public
*/ */
function crypt_random_string($length) static function crypt_random_string($length)
{ {
if (CRYPT_RANDOM_IS_WINDOWS) { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call. // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
// ie. class_alias is a function that was introduced in PHP 5.3 // ie. class_alias is a function that was introduced in PHP 5.3
if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) { if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) {

2
phpseclib/File/X509.php
View File

@ -3475,7 +3475,7 @@ class File_X509
// "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified." // "A challenge string that is submitted along with the public key. Defaults to an empty string if not specified."
// both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way // both Firefox and OpenSSL ("openssl spkac -key private.key") behave this way
// we could alternatively do this instead if we ignored the specs: // we could alternatively do this instead if we ignored the specs:
// crypt_random_string(8) & str_repeat("\x7F", 8) // Crypt_Random::crypt_random_string(8) & str_repeat("\x7F", 8)
'challenge' => !empty($this->challenge) ? $this->challenge : '' 'challenge' => !empty($this->challenge) ? $this->challenge : ''
), ),
'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm), 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),

8
phpseclib/Math/BigInteger.php
View File

@ -68,6 +68,8 @@
namespace phpseclib\Math; namespace phpseclib\Math;
use Crypt_Random;
/**#@+ /**#@+
* Reduction constants * Reduction constants
* *
@ -3021,7 +3023,7 @@ class BigInteger
/** /**
* Generates a random BigInteger * Generates a random BigInteger
* *
* Byte length is equal to $length. Uses crypt_random if it's loaded and mt_rand if it's not. * Byte length is equal to $length. Uses Crypt_Random if it's loaded and mt_rand if it's not.
* *
* @param Integer $length * @param Integer $length
* @return \phpseclib\Math\BigInteger * @return \phpseclib\Math\BigInteger
@ -3029,8 +3031,8 @@ class BigInteger
*/ */
function _random_number_helper($size) function _random_number_helper($size)
{ {
if (function_exists('crypt_random_string')) { if (class_exists('Crypt_Random')) {
$random = crypt_random_string($size); $random = Crypt_Random::crypt_random_string($size);
} else { } else {
$random = ''; $random = '';

12
phpseclib/Net/SSH1.php
View File

@ -520,11 +520,7 @@ class Net_SSH1
function __construct($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES) function __construct($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES)
{ {
// Include Crypt_Random // Include Crypt_Random
// the class_exists() will only be called if the crypt_random_string function hasn't been defined and if (!class_exists('Crypt_Random')) {
// will trigger a call to __autoload() if you're wanting to auto-load classes
// call function_exists() a second time to stop the include_once from being called outside
// of the auto loader
if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
include_once 'Crypt/Random.php'; include_once 'Crypt/Random.php';
} }
@ -635,7 +631,7 @@ class Net_SSH1
$session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie)); $session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie));
$session_key = crypt_random_string(32); $session_key = Crypt_Random::crypt_random_string(32);
$double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0)); $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0));
if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) { if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) {
@ -1183,7 +1179,7 @@ class Net_SSH1
$length = strlen($data) + 4; $length = strlen($data) + 4;
$padding = crypt_random_string(8 - ($length & 7)); $padding = Crypt_Random::crypt_random_string(8 - ($length & 7));
$orig = $data; $orig = $data;
$data = $padding . $data; $data = $padding . $data;
@ -1369,7 +1365,7 @@ class Net_SSH1
$length = strlen($modulus) - strlen($m) - 3; $length = strlen($modulus) - strlen($m) - 3;
$random = ''; $random = '';
while (strlen($random) != $length) { while (strlen($random) != $length) {
$block = crypt_random_string($length - strlen($random)); $block = Crypt_Random::crypt_random_string($length - strlen($random));
$block = str_replace("\x00", '', $block); $block = str_replace("\x00", '', $block);
$random.= $block; $random.= $block;
} }

6
phpseclib/Net/SSH2.php
View File

@ -855,7 +855,7 @@ class Net_SSH2
*/ */
function __construct($host, $port = 22, $timeout = 10) function __construct($host, $port = 22, $timeout = 10)
{ {
if (!function_exists('crypt_random_string')) { if (!class_exists('Crypt_Random')) {
include_once 'Crypt/Random.php'; include_once 'Crypt/Random.php';
} }
@ -1202,7 +1202,7 @@ class Net_SSH2
$compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms); $compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms);
} }
$client_cookie = crypt_random_string(16); $client_cookie = Crypt_Random::crypt_random_string(16);
$response = $kexinit_payload_server; $response = $kexinit_payload_server;
$this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
@ -3154,7 +3154,7 @@ class Net_SSH2
$packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size; $packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size;
// subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length
$padding_length = $packet_length - strlen($data) - 5; $padding_length = $packet_length - strlen($data) - 5;
$padding = crypt_random_string($padding_length); $padding = Crypt_Random::crypt_random_string($padding_length);
// we subtract 4 from packet_length because the packet_length field isn't supposed to include itself // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself
$packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding); $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding);