octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-12-28 12:10:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #13 from phpseclib/master

Browse Source 
sync
This commit is contained in:
Hans-Jürgen Petrich 2013-05-12 22:16:48 -07:00
commit c16de4f2d5
10 changed files with 142 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
phpseclib/Crypt/Blowfish.php
View File

@ -17,13 +17,13 @@
* <?php
* include('Crypt/Blowfish.php');
*
* $Blowfish = new Crypt_Blowfish();
* $blowfish = new Crypt_Blowfish();
*
* $Blowfish->setKey('12345678901234567890123456789012');
* $blowfish->setKey('12345678901234567890123456789012');
*
* $plaintext = str_repeat('a', 1024);
*
* echo $Blowfish->decrypt($Blowfish->encrypt($plaintext));
* echo $blowfish->decrypt($blowfish->encrypt($plaintext));
* ?>
* </code>
*
@ -271,13 +271,13 @@ class Crypt_Blowfish {
var $inline_crypt;
/**
* The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each
*
* S-Box 1
*
* @access private
* @var array
*/
* The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each
*
* S-Box 1
*
* @access private
* @var array
*/
var $sbox0 = array (
0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99,
0x24a19947, 0xb3916cf7, 0x0801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e,
@ -314,11 +314,11 @@ class Crypt_Blowfish {
);
/**
* S-Box 1
*
* @access private
* @var array
*/
* S-Box 1
*
* @access private
* @var array
*/
var $sbox1 = array(
0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266,
0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e,
@ -355,11 +355,11 @@ class Crypt_Blowfish {
);
/**
* S-Box 2
*
* @access private
* @var array
*/
* S-Box 2
*
* @access private
* @var array
*/
var $sbox2 = array(
0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068,
0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840,
@ -396,11 +396,11 @@ class Crypt_Blowfish {
);
/**
* S-Box 3
*
* @access private
* @var array
*/
* S-Box 3
*
* @access private
* @var array
*/
var $sbox3 = array(
0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe,
0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4,
@ -436,22 +436,26 @@ class Crypt_Blowfish {
0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6
);
/** P-Array consists of 18 32-bit subkeys
*
* @var array $parray
* @access private
*/
/**
* P-Array consists of 18 32-bit subkeys
*
* @var array $parray
* @access private
*/
var $parray = array(
0x243f6a88, 0x85a308d3, 0x13198a2e, 0x03707344, 0xa4093822, 0x299f31d0,
0x082efa98, 0xec4e6c89, 0x452821e6, 0x38d01377, 0xbe5466cf, 0x34e90c6c,
0xc0ac29b7, 0xc97c50dd, 0x3f84d5b5, 0xb5470917, 0x9216d5d9, 0x8979fb1b
);
/** The BCTX-working Array, holds the expanded key [p] and the key-depended s-boxes [sb]
*
* @var array $bctx
* @access private
*/
/**
* The BCTX-working Array
*
* Holds the expanded key [p] and the key-depended s-boxes [sb]
*
* @var array $bctx
* @access private
*/
var $bctx = array();
/**
@ -598,13 +602,14 @@ class Crypt_Blowfish {
}
}
/** This functions encrypt the block.
*
* @access private
* @param int $Xl left uInt32 part of the block
* @param int $Xr right uInt32 part of the block
* @return void
*/
/**
* Encrypt the block.
*
* @access private
* @param int $Xl left uInt32 part of the block
* @param int $Xr right uInt32 part of the block
* @return void
*/
function _encryptBlock(&$Xl, &$Xr)
{
$p = $this->bctx['p'];

2
phpseclib/Crypt/RC4.php
View File

@ -14,7 +14,7 @@
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
*
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
* ARCFOUR or ARC4 because RC4 is how it is refered to in the SSH1 specification.
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
*
* Here's a short example of how to use this library:
* <code>

56
phpseclib/Crypt/RSA.php
View File

@ -449,6 +449,14 @@ class Crypt_RSA {
*/
var $configFile;
/**
* Public key comment field.
*
* @var String
* @access private
*/
var $comment = 'phpseclib-generated-key';
/**
* The constructor
*
@ -473,10 +481,6 @@ class Crypt_RSA {
}
}
if (!defined('CRYPT_RSA_COMMENT')) {
define('CRYPT_RSA_COMMENT', 'phpseclib-generated-key');
}
$this->zero = new Math_BigInteger();
$this->one = new Math_BigInteger(1);
@ -720,13 +724,13 @@ class Crypt_RSA {
$key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: ";
$encryption = (!empty($this->password) || is_string($this->password)) ? 'aes256-cbc' : 'none';
$key.= $encryption;
$key.= "\r\nComment: " . CRYPT_RSA_COMMENT . "\r\n";
$key.= "\r\nComment: " . $this->comment . "\r\n";
$public = pack('Na*Na*Na*',
strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']
);
$source = pack('Na*Na*Na*Na*',
strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption,
strlen(CRYPT_RSA_COMMENT), CRYPT_RSA_COMMENT, strlen($public), $public
strlen($this->comment), $this->comment, strlen($public), $public
);
$public = base64_encode($public);
$key.= "Public-Lines: " . ((strlen($public) + 32) >> 6) . "\r\n";
@ -853,7 +857,7 @@ class Crypt_RSA {
// mpint e
// mpint n
$RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
$RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . CRYPT_RSA_COMMENT;
$RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . $this->comment;
return $RSAPublicKey;
default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW or CRYPT_RSA_PUBLIC_FORMAT_PKCS1
@ -1128,11 +1132,15 @@ class Crypt_RSA {
return $components;
case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
$key = base64_decode(preg_replace('#^ssh-rsa | .+$#', '', $key));
$parts = explode(' ', $key, 3);
$key = isset($parts[1]) ? base64_decode($parts[1]) : false;
if ($key === false) {
return false;
}
$comment = isset($parts[2]) ? $parts[2] : false;
$cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa";
if (strlen($key) <= 4) {
@ -1154,12 +1162,14 @@ class Crypt_RSA {
$realModulus = new Math_BigInteger($this->_string_shift($key, $length), -256);
return strlen($key) ? false : array(
'modulus' => $realModulus,
'publicExponent' => $modulus
'publicExponent' => $modulus,
'comment' => $comment
);
} else {
return strlen($key) ? false : array(
'modulus' => $modulus,
'publicExponent' => $publicExponent
'publicExponent' => $publicExponent,
'comment' => $comment
);
}
// http://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue
@ -1187,6 +1197,7 @@ class Crypt_RSA {
return false;
}
$encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1]));
$comment = trim(preg_replace('#Comment: (.+)#', '$1', $key[2]));
$publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
$public = base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
@ -1380,6 +1391,9 @@ class Crypt_RSA {
return false;
}
if (isset($components['comment']) && $components['comment'] !== false) {
$this->comment = $components['comment'];
}
$this->modulus = $components['modulus'];
$this->k = strlen($this->modulus->toBytes());
$this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent'];
@ -2530,6 +2544,28 @@ class Crypt_RSA {
$this->signatureMode = $mode;
}
/**
* Set public key comment.
*
* @access public
* @param String $comment
*/
function setComment($comment)
{
$this->comment = $comment;
}
/**
* Get public key comment.
*
* @access public
* @return String
*/
function getComment()
{
return $this->comment;
}
/**
* Encryption
*

4
phpseclib/Crypt/Rijndael.php
View File

@ -642,7 +642,7 @@ class Crypt_Rijndael {
* Sets the key length
*
* Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
* 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
*
* @access public
* @param Integer $length
@ -720,7 +720,7 @@ class Crypt_Rijndael {
* Sets the block length
*
* Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
* 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
*
* @access public
* @param Integer $length

2
phpseclib/File/X509.php
View File

@ -4330,7 +4330,7 @@ class File_X509 {
{
/*
X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie.
some may have the following preceeding the -----BEGIN CERTIFICATE----- line:
some may have the following preceding the -----BEGIN CERTIFICATE----- line:
Bag Attributes
localKeyID: 01 00 00 00

4
phpseclib/Math/BigInteger.php
View File

@ -222,7 +222,7 @@ class Math_BigInteger {
var $bitmask = false;
/**
* Mode independant value used for serialization.
* Mode independent value used for serialization.
*
* If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for
* a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value,
@ -414,7 +414,7 @@ class Math_BigInteger {
case 10:
case -10:
// (?<!^)(?:-).*: find any -'s that aren't at the beginning and then any characters that follow that
// (?<=^|-)0*: find any 0's that are preceeded by the start of the string or by a - (ie. octals)
// (?<=^|-)0*: find any 0's that are preceded by the start of the string or by a - (ie. octals)
// [^-0-9].*: find any non-numeric characters and then any characters that follow that
$x = preg_replace('#(?<!^)(?:-).*|(?<=^|-)0*|[^-0-9].*#', '', $x);

4
phpseclib/Net/SCP.php
View File

@ -201,7 +201,7 @@ class Net_SCP {
return false;
}
$size = filesize($data);
for ($i = 0; $i < $length; $i++) {
for ($i = 0; $i < $size; $i += $this->packet_size) {
$this->_send(fgets($fp, $this->packet_size));
}
fclose($fp);
@ -338,4 +338,4 @@ class Net_SCP {
$this->ssh->disconnect();
}
}
}
}

7
phpseclib/Net/SFTP.php
View File

@ -1059,9 +1059,9 @@ class Net_SFTP extends Net_SSH2 {
$atime = $time;
}
$flags = NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL;
$flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_EXCL;
$attr = pack('N3', NET_SFTP_ATTR_ACCESSTIME, $time, $atime);
$packet = pack('Na*N2', strlen($filename), $filename, $flags, $attr);
$packet = pack('Na*Na*', strlen($filename), $filename, $flags, $attr);
if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
return false;
}
@ -1649,7 +1649,6 @@ class Net_SFTP extends Net_SSH2 {
}
$size = (1 << 20) < $length || $length < 0 ? 1 << 20 : $length;
$start = $offset;
while (true) {
$packet = pack('Na*N3', strlen($handle), $handle, 0, $offset, $size);
if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) {
@ -2205,4 +2204,4 @@ class Net_SFTP extends Net_SSH2 {
$this->pwd = false;
parent::_disconnect($reason);
}
}
}

6
phpseclib/Net/SFTP/Stream.php
View File

@ -262,7 +262,7 @@ class Net_SFTP_Stream {
}
}
$this->pos = $this->mode[0] != 'a' ? 0 : $size;
$this->pos = $this->mode[0] != 'a' ? 0 : $this->size;
return true;
}
@ -297,7 +297,7 @@ class Net_SFTP_Stream {
return 0;
}
// seems that PHP calls stream_read in 8k chunks
call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $size);
call_user_func($this->notification, STREAM_NOTIFY_PROGRESS, STREAM_NOTIFY_SEVERITY_INFO, '', 0, strlen($result), $this->size);
}
if (empty($result)) { // ie. false or empty string
@ -756,4 +756,4 @@ class Net_SFTP_Stream {
}
}
stream_wrapper_register('sftp', 'Net_SFTP_Stream');
stream_wrapper_register('sftp', 'Net_SFTP_Stream');

39
phpseclib/Net/SSH2.php
View File

@ -119,6 +119,13 @@ if (!class_exists('Crypt_Twofish')) {
require_once('Crypt/Twofish.php');
}
/**
* Include Crypt_Blowfish
*/
if (!class_exists('Crypt_Blowfish')) {
require_once('Crypt/Blowfish.php');
}
/**#@+
* Execution Bitmap Masks
*
@ -584,7 +591,7 @@ class Net_SSH2 {
/**
* The Window Size
*
* Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 4GB)
* Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 2GB)
*
* @var Integer
* @see Net_SSH2::_send_channel_packet()
@ -984,6 +991,8 @@ class Net_SSH2 {
'aes192-ctr', // RECOMMENDED AES with 192-bit key
'aes256-ctr', // RECOMMENDED AES with 256-bit key
'blowfish-ctr', // OPTIONAL Blowfish in SDCTR mode
'twofish128-ctr', // OPTIONAL Twofish in SDCTR mode, with 128-bit key
'twofish192-ctr', // OPTIONAL Twofish with 192-bit key
'twofish256-ctr', // OPTIONAL Twofish with 256-bit key
@ -992,6 +1001,8 @@ class Net_SSH2 {
'aes192-cbc', // OPTIONAL AES with a 192-bit key
'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key
'blowfish-cbc', // OPTIONAL Blowfish in CBC mode
'twofish128-cbc', // OPTIONAL Twofish with a 128-bit key
'twofish192-cbc', // OPTIONAL Twofish with a 192-bit key
'twofish256-cbc',
@ -1124,6 +1135,8 @@ class Net_SSH2 {
case 'aes128-ctr':
case 'twofish128-cbc':
case 'twofish128-ctr':
case 'blowfish-cbc':
case 'blowfish-ctr':
$decryptKeyLength = 16; // eg. 128 / 8
break;
case 'arcfour':
@ -1166,6 +1179,8 @@ class Net_SSH2 {
case 'aes128-ctr':
case 'twofish128-cbc':
case 'twofish128-ctr':
case 'blowfish-cbc':
case 'blowfish-ctr':
$encryptKeyLength = 16;
break;
case 'arcfour':
@ -1338,6 +1353,14 @@ class Net_SSH2 {
$this->encrypt = new Crypt_AES(CRYPT_AES_MODE_CTR);
$this->encrypt_block_size = 16; // eg. 128 / 8
break;
case 'blowfish-cbc':
$this->encrypt = new Crypt_Blowfish();
$this->encrypt_block_size = 8;
break;
case 'blowfish-ctr':
$this->encrypt = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
$this->encrypt_block_size = 8;
break;
case 'twofish128-cbc':
case 'twofish192-cbc':
case 'twofish256-cbc':
@ -1379,6 +1402,14 @@ class Net_SSH2 {
$this->decrypt = new Crypt_AES(CRYPT_AES_MODE_CTR);
$this->decrypt_block_size = 16;
break;
case 'blowfish-cbc':
$this->decrypt = new Crypt_Blowfish();
$this->decrypt_block_size = 8;
break;
case 'blowfish-ctr':
$this->decrypt = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
$this->decrypt_block_size = 8;
break;
case 'twofish128-cbc':
case 'twofish192-cbc':
case 'twofish256-cbc':
@ -1982,8 +2013,8 @@ class Net_SSH2 {
}
// RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to
// be adjusted". 0x7FFFFFFF is, at 4GB, the max size. technically, it should probably be decremented, but,
// honestly, if you're transfering more than 4GB, you probably shouldn't be using phpseclib, anyway.
// be adjusted". 0x7FFFFFFF is, at 2GB, the max size. technically, it should probably be decremented, but,
// honestly, if you're transfering more than 2GB, you probably shouldn't be using phpseclib, anyway.
// see http://tools.ietf.org/html/rfc4254#section-5.2 for more info
$this->window_size_client_to_server[NET_SSH2_CHANNEL_EXEC] = 0x7FFFFFFF;
// 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy
@ -2743,7 +2774,7 @@ class Net_SSH2 {
case NET_SSH2_LOG_REALTIME_FILE:
if (!isset($this->realtime_log_file)) {
// PHP doesn't seem to like using constants in fopen()
$filename = NET_SSH2_LOG_REALTIME_FILE;
$filename = NET_SSH2_LOG_REALTIME_FILENAME;
$fp = fopen($filename, 'w');
$this->realtime_log_file = $fp;
}