Merge branch '1.0' into 2.0

This commit is contained in:
terrafrost 2022-12-16 22:30:32 -06:00
commit be361b6722
5 changed files with 33 additions and 9 deletions

View File

@ -442,6 +442,12 @@ class Blowfish extends Base
function isValidEngine($engine) function isValidEngine($engine)
{ {
if ($engine == self::ENGINE_OPENSSL) { if ($engine == self::ENGINE_OPENSSL) {
// quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1
// "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider"
// in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not
if (version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) {
return false;
}
if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) { if (version_compare(PHP_VERSION, '5.3.7') < 0 && $this->key_length != 16) {
return false; return false;
} }

View File

@ -592,6 +592,12 @@ class DES extends Base
{ {
if ($this->key_length_max == 8) { if ($this->key_length_max == 8) {
if ($engine == self::ENGINE_OPENSSL) { if ($engine == self::ENGINE_OPENSSL) {
// quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1
// "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider"
// in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not
if (version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) {
return false;
}
$this->cipher_name_openssl_ecb = 'des-ecb'; $this->cipher_name_openssl_ecb = 'des-ecb';
$this->cipher_name_openssl = 'des-' . $this->_openssl_translate_mode(); $this->cipher_name_openssl = 'des-' . $this->_openssl_translate_mode();
} }

View File

@ -273,6 +273,12 @@ class RC2 extends Base
{ {
switch ($engine) { switch ($engine) {
case self::ENGINE_OPENSSL: case self::ENGINE_OPENSSL:
// quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1
// "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider"
// in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not
if (version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) {
return false;
}
if ($this->current_key_length != 128 || strlen($this->orig_key) < 16) { if ($this->current_key_length != 128 || strlen($this->orig_key) < 16) {
return false; return false;
} }

View File

@ -144,7 +144,13 @@ class RC4 extends Base
*/ */
function isValidEngine($engine) function isValidEngine($engine)
{ {
if ($engine == Base::ENGINE_OPENSSL) { if ($engine == self::ENGINE_OPENSSL) {
// quoting https://www.openssl.org/news/openssl-3.0-notes.html, OpenSSL 3.0.1
// "Moved all variations of the EVP ciphers CAST5, BF, IDEA, SEED, RC2, RC4, RC5, and DES to the legacy provider"
// in theory openssl_get_cipher_methods() should catch this but, on GitHub Actions, at least, it does not
if (version_compare(preg_replace('#OpenSSL (\d+\.\d+\.\d+) .*#', '$1', OPENSSL_VERSION_TEXT), '3.0.1', '>=')) {
return false;
}
if (version_compare(PHP_VERSION, '5.3.7') >= 0) { if (version_compare(PHP_VERSION, '5.3.7') >= 0) {
$this->cipher_name_openssl = 'rc4-40'; $this->cipher_name_openssl = 'rc4-40';
} else { } else {
@ -222,7 +228,7 @@ class RC4 extends Base
*/ */
function encrypt($plaintext) function encrypt($plaintext)
{ {
if ($this->engine != Base::ENGINE_INTERNAL) { if ($this->engine != self::ENGINE_INTERNAL) {
return parent::encrypt($plaintext); return parent::encrypt($plaintext);
} }
return $this->_crypt($plaintext, self::ENCRYPT); return $this->_crypt($plaintext, self::ENCRYPT);
@ -242,7 +248,7 @@ class RC4 extends Base
*/ */
function decrypt($ciphertext) function decrypt($ciphertext)
{ {
if ($this->engine != Base::ENGINE_INTERNAL) { if ($this->engine != self::ENGINE_INTERNAL) {
return parent::decrypt($ciphertext); return parent::decrypt($ciphertext);
} }
return $this->_crypt($ciphertext, self::DECRYPT); return $this->_crypt($ciphertext, self::DECRYPT);

View File

@ -57,7 +57,7 @@ class TripleDES extends DES
* *
* Outer chaining is used by SSH-2 and when the mode is set to \phpseclib\Crypt\Base::MODE_CBC. * Outer chaining is used by SSH-2 and when the mode is set to \phpseclib\Crypt\Base::MODE_CBC.
*/ */
const MODE_CBC3 = Base::MODE_CBC; const MODE_CBC3 = self::MODE_CBC;
/** /**
* Key Length (in bytes) * Key Length (in bytes)
@ -151,20 +151,20 @@ class TripleDES extends DES
* @param int $mode * @param int $mode
* @access public * @access public
*/ */
function __construct($mode = Base::MODE_CBC) function __construct($mode = self::MODE_CBC)
{ {
switch ($mode) { switch ($mode) {
// In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC
// and additional flag us internally as 3CBC // and additional flag us internally as 3CBC
case self::MODE_3CBC: case self::MODE_3CBC:
parent::__construct(Base::MODE_CBC); parent::__construct(self::MODE_CBC);
$this->mode_3cbc = true; $this->mode_3cbc = true;
// This three $des'es will do the 3CBC work (if $key > 64bits) // This three $des'es will do the 3CBC work (if $key > 64bits)
$this->des = array( $this->des = array(
new DES(Base::MODE_CBC), new DES(self::MODE_CBC),
new DES(Base::MODE_CBC), new DES(self::MODE_CBC),
new DES(Base::MODE_CBC), new DES(self::MODE_CBC),
); );
// we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects // we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects