octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-18 03:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/phpseclib/phpseclib

Browse Source
This commit is contained in:
terrafrost 2017-10-24 07:48:24 -05:00
commit a5038e2fd9
4 changed files with 175 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
CHANGELOG.md
View File

@ -1,5 +1,24 @@
# Changelog # Changelog
## 2.0.7 - 2017-10-22
- SSH2:
- add new READ_NEXT mode (#1140)
- add sendIdentificationStringFirst()
- add sendKEXINITFirst()
- add sendIdentificationStringLast()
- add sendKEXINITLast() (#1162)
- assume any SSH server >= 1.99 supports SSH2 (#1170)
- workaround for bad arcfour256 implementations (#1171)
- don't choke when getting response from diff channel in exec() (#1167)
- SFTP:
- add enablePathCanonicalization()
- add disablePathCanonicalization() (#1137)
- fix put() with remote file stream resource (#1177)
- ANSI: misc fixes (#1150, #1161)
- X509: use DateTime instead of unix time (#1166)
- Ciphers: use eval() instead of create_function() for >= 5.3
## 2.0.6 - 2017-06-05 ## 2.0.6 - 2017-06-05
- Crypt: fix OpenSSL engine on <= PHP 5.3.6 (#1122) - Crypt: fix OpenSSL engine on <= PHP 5.3.6 (#1122)
@ -67,6 +86,25 @@
- Classes were renamed and namespaced ([#243](https://github.com/phpseclib/phpseclib/issues/243)) - Classes were renamed and namespaced ([#243](https://github.com/phpseclib/phpseclib/issues/243))
- The use of an autoloader is now required (e.g. Composer) - The use of an autoloader is now required (e.g. Composer)
## 1.0.8 - 2017-10-22
- SSH2:
- add new READ_NEXT mode (#1140)
- add sendIdentificationStringFirst()
- add sendKEXINITFirst()
- add sendIdentificationStringLast()
- add sendKEXINITLast() (#1162)
- assume any SSH server >= 1.99 supports SSH2 (#1170)
- workaround for bad arcfour256 implementations (#1171)
- don't choke when getting response from diff channel in exec() (#1167)
- SFTP:
- add enablePathCanonicalization()
- add disablePathCanonicalization() (#1137)
- fix put() with remote file stream resource (#1177)
- ANSI: misc fixes (#1150, #1161)
- X509: use DateTime instead of unix time (#1166)
- Ciphers: use eval() instead of create_function() for >= 5.3
## 1.0.7 - 2017-06-05 ## 1.0.7 - 2017-06-05
- Crypt: fix OpenSSL engine on <= PHP 5.3.6 (#1122) - Crypt: fix OpenSSL engine on <= PHP 5.3.6 (#1122)
@ -192,7 +230,7 @@
- chgrp - chgrp
- truncate - truncate
- improved file type detection - improved file type detection
- put() can write to te middle of a file - put() can write to the middle of a file
- mkdir accepts the same parameters that PHP's mkdir does - mkdir accepts the same parameters that PHP's mkdir does
- the ability to upload/download 2GB files - the ability to upload/download 2GB files
- across-the-board speedups for the various encryption algorithms - across-the-board speedups for the various encryption algorithms
@ -232,7 +270,7 @@
- Net_SSH2 now has limited keyboard_interactive authentication support - Net_SSH2 now has limited keyboard_interactive authentication support
- support was added for PuTTY formatted RSA private keys and XML formatted RSA private keys - support was added for PuTTY formatted RSA private keys and XML formatted RSA private keys
- Crypt_RSA::loadKey() will now try all key types automatically - Crypt_RSA::loadKey() will now try all key types automatically
= add support for AES-128-CBC and DES-EDE3-CFB encrypted RSA private keys - add support for AES-128-CBC and DES-EDE3-CFB encrypted RSA private keys
- add Net_SFTP::stat(), Net_SFTP::lstat() and Net_SFTP::rawlist() - add Net_SFTP::stat(), Net_SFTP::lstat() and Net_SFTP::rawlist()
- logging was added to Net_SSH1 - logging was added to Net_SSH1
- the license was changed to the less restrictive MIT license - the license was changed to the less restrictive MIT license

2
README.md
View File

@ -37,7 +37,7 @@ AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509
* Composer compatible (PSR-0 autoloading) * Composer compatible (PSR-0 autoloading)
* Install using Composer: `composer require phpseclib/phpseclib ~1.0` * Install using Composer: `composer require phpseclib/phpseclib ~1.0`
* Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm) * Install using PEAR: See [phpseclib PEAR Channel Documentation](http://phpseclib.sourceforge.net/pear.htm)
* [Download 1.0.7 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.7.zip/download) * [Download 1.0.8 as ZIP](http://sourceforge.net/projects/phpseclib/files/phpseclib1.0.8.zip/download)
## Support ## Support

115
phpseclib/Crypt/Common/SymmetricKey.php
View File

@ -80,6 +80,10 @@ abstract class SymmetricKey
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
*/ */
const MODE_CFB = 3; const MODE_CFB = 3;
/**
* Encrypt / decrypt using the Cipher Feedback mode (8bit)
*/
const MODE_CFB8 = 38;
/** /**
* Encrypt / decrypt using the Output Feedback mode. * Encrypt / decrypt using the Output Feedback mode.
* *
@ -103,6 +107,7 @@ abstract class SymmetricKey
'ecb' => self::MODE_ECB, 'ecb' => self::MODE_ECB,
'cbc' => self::MODE_CBC, 'cbc' => self::MODE_CBC,
'cfb' => self::MODE_CFB, 'cfb' => self::MODE_CFB,
'cfb8' => self::MODE_CFB8,
'ofb' => self::MODE_OFB, 'ofb' => self::MODE_OFB,
'stream' => self::MODE_STREAM 'stream' => self::MODE_STREAM
]; ];
@ -481,7 +486,7 @@ abstract class SymmetricKey
* *
* - ofb * - ofb
* *
* @param int $mode * @param string $mode
* @access public * @access public
* @throws \InvalidArgumentException if an invalid / unsupported mode is provided * @throws \InvalidArgumentException if an invalid / unsupported mode is provided
*/ */
@ -504,6 +509,7 @@ abstract class SymmetricKey
break; break;
case self::MODE_CTR: case self::MODE_CTR:
case self::MODE_CFB: case self::MODE_CFB:
case self::MODE_CFB8:
case self::MODE_OFB: case self::MODE_OFB:
case self::MODE_STREAM: case self::MODE_STREAM:
$this->paddable = false; $this->paddable = false;
@ -925,6 +931,16 @@ abstract class SymmetricKey
$iv = substr($ciphertext, -$this->block_size); $iv = substr($ciphertext, -$this->block_size);
} }
return $ciphertext;
case self::MODE_CFB8:
$ciphertext = openssl_encrypt($plaintext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->encryptIV);
if ($this->continuousBuffer) {
if (($len = strlen($ciphertext)) >= $this->block_size) {
$this->encryptIV = substr($ciphertext, -$this->block_size);
} else {
$this->encryptIV = substr($this->encryptIV, $len - $this->block_size) . substr($ciphertext, -$len);
}
}
return $ciphertext; return $ciphertext;
case self::MODE_OFB: case self::MODE_OFB:
return $this->openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer); return $this->openssl_ofb_process($plaintext, $this->encryptIV, $this->enbuffer);
@ -1105,6 +1121,24 @@ abstract class SymmetricKey
$pos = $len; $pos = $len;
} }
break; break;
case self::MODE_CFB8:
$ciphertext = '';
$len = strlen($plaintext);
$iv = $this->encryptIV;
for ($i = 0; $i < $len; ++$i) {
$ciphertext .= ($c = $plaintext[$i] ^ $this->encryptBlock($iv));
$iv = substr($iv, 1) . $c;
}
if ($this->continuousBuffer) {
if ($len >= $block_size) {
$this->encryptIV = substr($ciphertext, -$block_size);
} else {
$this->encryptIV = substr($this->encryptIV, $len - $block_size) . substr($ciphertext, -$len);
}
}
break;
case self::MODE_OFB: case self::MODE_OFB:
$xor = $this->encryptIV; $xor = $this->encryptIV;
if (strlen($buffer['xor'])) { if (strlen($buffer['xor'])) {
@ -1225,6 +1259,16 @@ abstract class SymmetricKey
$iv = substr($ciphertext, -$this->block_size); $iv = substr($ciphertext, -$this->block_size);
} }
break; break;
case self::MODE_CFB8:
$plaintext = openssl_decrypt($ciphertext, $this->cipher_name_openssl, $this->key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $this->decryptIV);
if ($this->continuousBuffer) {
if (($len = strlen($ciphertext)) >= $this->block_size) {
$this->decryptIV = substr($ciphertext, -$this->block_size);
} else {
$this->decryptIV = substr($this->decryptIV, $len - $this->block_size) . substr($ciphertext, -$len);
}
}
break;
case self::MODE_OFB: case self::MODE_OFB:
$plaintext = $this->openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer); $plaintext = $this->openssl_ofb_process($ciphertext, $this->decryptIV, $this->debuffer);
} }
@ -1388,6 +1432,24 @@ abstract class SymmetricKey
$pos = $len; $pos = $len;
} }
break; break;
case self::MODE_CFB8:
$plaintext = '';
$len = strlen($ciphertext);
$iv = $this->decryptIV;
for ($i = 0; $i < $len; ++$i) {
$plaintext .= $ciphertext[$i] ^ $this->encryptBlock($iv);
$iv = substr($iv, 1) . $ciphertext[$i];
}
if ($this->continuousBuffer) {
if ($len >= $block_size) {
$this->decryptIV = substr($ciphertext, -$block_size);
} else {
$this->decryptIV = substr($this->decryptIV, $len - $block_size) . substr($ciphertext, -$len);
}
}
break;
case self::MODE_OFB: case self::MODE_OFB:
$xor = $this->decryptIV; $xor = $this->decryptIV;
if (strlen($buffer['xor'])) { if (strlen($buffer['xor'])) {
@ -1598,6 +1660,8 @@ abstract class SymmetricKey
return 'ctr'; return 'ctr';
case self::MODE_CFB: case self::MODE_CFB:
return 'cfb'; return 'cfb';
case self::MODE_CFB8:
return 'cfb8';
case self::MODE_OFB: case self::MODE_OFB:
return 'ofb'; return 'ofb';
} }
@ -1795,7 +1859,7 @@ abstract class SymmetricKey
* If the preferred crypt engine is not available the fastest available one will be used * If the preferred crypt engine is not available the fastest available one will be used
* *
* @see self::__construct() * @see self::__construct()
* @param int $engine * @param string $engine
* @access public * @access public
*/ */
public function setPreferredEngine($engine) public function setPreferredEngine($engine)
@ -1967,6 +2031,7 @@ abstract class SymmetricKey
self::MODE_ECB => MCRYPT_MODE_ECB, self::MODE_ECB => MCRYPT_MODE_ECB,
self::MODE_CBC => MCRYPT_MODE_CBC, self::MODE_CBC => MCRYPT_MODE_CBC,
self::MODE_CFB => 'ncfb', self::MODE_CFB => 'ncfb',
self::MODE_CFB8 => MCRYPT_MODE_CFB,
self::MODE_OFB => MCRYPT_MODE_NOFB, self::MODE_OFB => MCRYPT_MODE_NOFB,
self::MODE_STREAM => MCRYPT_MODE_STREAM, self::MODE_STREAM => MCRYPT_MODE_STREAM,
]; ];
@ -2493,6 +2558,52 @@ abstract class SymmetricKey
$_pos = $_len; $_pos = $_len;
} }
return $_plaintext;
';
break;
case self::MODE_CFB8:
$encrypt = $init_encrypt . '
$_ciphertext = "";
$_len = strlen($_text);
$_iv = $this->encryptIV;
for ($_i = 0; $_i < $_len; ++$_i) {
$in = $_iv;
'.$encrypt_block.'
$_ciphertext .= ($_c = $_text[$_i] ^ $in);
$_iv = substr($_iv, 1) . $_c;
}
if ($this->continuousBuffer) {
if ($_len >= '.$block_size.') {
$this->encryptIV = substr($_ciphertext, -'.$block_size.');
} else {
$this->encryptIV = substr($this->encryptIV, $_len - '.$block_size.') . substr($_ciphertext, -$_len);
}
}
return $_ciphertext;
';
$decrypt = $init_encrypt . '
$_plaintext = "";
$_len = strlen($_text);
$_iv = $this->decryptIV;
for ($_i = 0; $_i < $_len; ++$_i) {
$in = $_iv;
'.$encrypt_block.'
$_plaintext .= $_text[$_i] ^ $in;
$_iv = substr($_iv, 1) . $_text[$_i];
}
if ($this->continuousBuffer) {
if ($_len >= '.$block_size.') {
$this->decryptIV = substr($_text, -'.$block_size.');
} else {
$this->decryptIV = substr($this->decryptIV, $_len - '.$block_size.') . substr($_text, -$_len);
}
}
return $_plaintext; return $_plaintext;
'; ';
break; break;

2
tests/Unit/Crypt/AES/TestCase.php
View File

@ -31,6 +31,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
'ctr', 'ctr',
'ofb', 'ofb',
'cfb', 'cfb',
'cfb8'
); );
$plaintexts = array( $plaintexts = array(
'', '',
@ -131,6 +132,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
'ctr', 'ctr',
'ofb', 'ofb',
'cfb', 'cfb',
'cfb8',
); );
$combos = array( $combos = array(