octoleo/phpseclib
1
0
Fork 0
mirror of https://github.com/phpseclib/phpseclib.git synced 2024-11-16 02:07:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master-reorg'

Browse Source
This commit is contained in:
terrafrost 2016-09-17 09:15:11 -07:00
commit c17a2604a0
39 changed files with 730 additions and 798 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
phpseclib/Common/Functions/ASN1.php Normal file
View File

@ -0,0 +1,66 @@
<?php
/**
* Common ASN1 Functions
*
* PHP version 5
*
* @category Common
* @package Functions\ASN1
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Common\Functions;
/**
* Common ASN1 Functions
*
* @package Functions\ASN1
* @author Jim Wigginton <terrafrost@php.net>
*/
class ASN1
{
/**
* DER-decode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access public
* @param string $string
* @return int
*/
static function decodeLength(&$string)
{
$length = ord(Strings::shift($string));
if ($length & 0x80) { // definite length, long form
$length&= 0x7F;
$temp = Strings::shift($string, $length);
list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4));
}
return $length;
}
/**
* DER-encode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access public
* @param int $length
* @return string
*/
static function encodeLength($length)
{
if ($length <= 0x7F) {
return chr($length);
}
$temp = ltrim(pack('N', $length), chr(0));
return pack('Ca*', 0x80 | strlen($temp), $temp);
}
}

42
phpseclib/Common/Functions/Strings.php Normal file
View File

@ -0,0 +1,42 @@
<?php
/**
* Common String Functions
*
* PHP version 5
*
* @category Common
* @package Functions\Strings
* @author Jim Wigginton <terrafrost@php.net>
* @copyright 2016 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Common\Functions;
/**
* Common String Functions
*
* @package Functions\Strings
* @author Jim Wigginton <terrafrost@php.net>
*/
class Strings
{
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @access public
* @return string
*/
static function shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
}

20
phpseclib/Crypt/Blowfish.php
View File

@ -37,6 +37,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\BlockCipher;
/** /**
* Pure-PHP implementation of Blowfish. * Pure-PHP implementation of Blowfish.
* *
@ -45,12 +47,12 @@ namespace phpseclib\Crypt;
* @author Hans-Juergen Petrich <petrich@tronic-media.com> * @author Hans-Juergen Petrich <petrich@tronic-media.com>
* @access public * @access public
*/ */
class Blowfish extends Base class Blowfish extends BlockCipher
{ {
/** /**
* Block Length of the cipher * Block Length of the cipher
* *
* @see \phpseclib\Crypt\Base::block_size * @see \phpseclib\Crypt\Common\SymmetricKey::block_size
* @var int * @var int
* @access private * @access private
*/ */
@ -59,7 +61,7 @@ class Blowfish extends Base
/** /**
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
* *
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @var string * @var string
* @access private * @access private
*/ */
@ -68,7 +70,7 @@ class Blowfish extends Base
/** /**
* Optimizing value while CFB-encrypting * Optimizing value while CFB-encrypting
* *
* @see \phpseclib\Crypt\Base::cfb_init_len * @see \phpseclib\Crypt\Common\SymmetricKey::cfb_init_len
* @var int * @var int
* @access private * @access private
*/ */
@ -273,7 +275,7 @@ class Blowfish extends Base
/** /**
* The Key Length (in bytes) * The Key Length (in bytes)
* *
* @see \phpseclib\Crypt\Base::setKeyLength() * @see \phpseclib\Crypt\Common\SymmetricKey::setKeyLength()
* @var int * @var int
* @access private * @access private
* @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $Nk
@ -321,9 +323,9 @@ class Blowfish extends Base
/** /**
* Test for engine validity * Test for engine validity
* *
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* *
* @see \phpseclib\Crypt\Base::isValidEngine() * @see \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* @param int $engine * @param int $engine
* @access public * @access public
* @return bool * @return bool
@ -344,7 +346,7 @@ class Blowfish extends Base
/** /**
* Setup the key (expansion) * Setup the key (expansion)
* *
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()
@ -471,7 +473,7 @@ class Blowfish extends Base
/** /**
* Setup the performance-optimized function for de/encrypt() * Setup the performance-optimized function for de/encrypt()
* *
* @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupInlineCrypt()
* @access private * @access private
*/ */
function _setupInlineCrypt() function _setupInlineCrypt()

27
phpseclib/Crypt/Common/BlockCipher.php Normal file
View File

@ -0,0 +1,27 @@
<?php
/**
* Base Class for all block ciphers
*
* PHP version 5
*
* @category Crypt
* @package BlockCipher
* @author Jim Wigginton <terrafrost@php.net>
* @author Hans-Juergen Petrich <petrich@tronic-media.com>
* @copyright 2007 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common;
/**
* Base Class for all block cipher classes
*
* @package BlockCipher
* @author Jim Wigginton <terrafrost@php.net>
*/
abstract class BlockCipher extends SymmetricKey
{
}

27
phpseclib/Crypt/Common/StreamCipher.php Normal file
View File

@ -0,0 +1,27 @@
<?php
/**
* Base Class for all stream ciphers
*
* PHP version 5
*
* @category Crypt
* @package StreamCipher
* @author Jim Wigginton <terrafrost@php.net>
* @author Hans-Juergen Petrich <petrich@tronic-media.com>
* @copyright 2007 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net
*/
namespace phpseclib\Crypt\Common;
/**
* Base Class for all stream cipher classes
*
* @package StreamCipher
* @author Jim Wigginton <terrafrost@php.net>
*/
abstract class StreamCipher extends SymmetricKey
{
}

76
phpseclib/Crypt/Base.php → phpseclib/Crypt/Common/SymmetricKey.php
View File

@ -8,7 +8,7 @@
* Internally for phpseclib developers: * Internally for phpseclib developers:
* If you plan to add a new cipher class, please note following rules: * If you plan to add a new cipher class, please note following rules:
* *
* - The new \phpseclib\Crypt\* cipher class should extend \phpseclib\Crypt\Base * - The new \phpseclib\Crypt\* cipher class should extend \phpseclib\Crypt\Common\SymmetricKey
* *
* - Following methods are then required to be overridden/overloaded: * - Following methods are then required to be overridden/overloaded:
* *
@ -20,7 +20,7 @@
* *
* - All other methods are optional to be overridden/overloaded * - All other methods are optional to be overridden/overloaded
* *
* - Look at the source code of the current ciphers how they extend \phpseclib\Crypt\Base * - Look at the source code of the current ciphers how they extend \phpseclib\Crypt\Common\SymmetricKey
* and take one of them as a start up for the new cipher class. * and take one of them as a start up for the new cipher class.
* *
* - Please read all the other comments/notes/hints here also for each class var/method * - Please read all the other comments/notes/hints here also for each class var/method
@ -34,7 +34,10 @@
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
namespace phpseclib\Crypt; namespace phpseclib\Crypt\Common;
use phpseclib\Crypt\Hash;
use phpseclib\Common\Functions\Strings;
/** /**
* Base Class for all \phpseclib\Crypt\* cipher classes * Base Class for all \phpseclib\Crypt\* cipher classes
@ -43,12 +46,12 @@ namespace phpseclib\Crypt;
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @author Hans-Juergen Petrich <petrich@tronic-media.com> * @author Hans-Juergen Petrich <petrich@tronic-media.com>
*/ */
abstract class Base abstract class SymmetricKey
{ {
/**#@+ /**#@+
* @access public * @access public
* @see \phpseclib\Crypt\Base::encrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::encrypt()
* @see \phpseclib\Crypt\Base::decrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::decrypt()
*/ */
/** /**
* Encrypt / decrypt using the Counter mode. * Encrypt / decrypt using the Counter mode.
@ -91,7 +94,7 @@ abstract class Base
/** /**
* Whirlpool available flag * Whirlpool available flag
* *
* @see \phpseclib\Crypt\Base::_hashInlineCryptFunction() * @see \phpseclib\Crypt\Common\SymmetricKey::_hashInlineCryptFunction()
* @var bool * @var bool
* @access private * @access private
*/ */
@ -99,7 +102,7 @@ abstract class Base
/**#@+ /**#@+
* @access private * @access private
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
*/ */
/** /**
* Base value for the internal implementation $engine switch * Base value for the internal implementation $engine switch
@ -901,7 +904,7 @@ abstract class Base
$buffer['ciphertext'].= $this->_encryptBlock($xor); $buffer['ciphertext'].= $this->_encryptBlock($xor);
} }
$this->_increment_str($xor); $this->_increment_str($xor);
$key = $this->_string_shift($buffer['ciphertext'], $block_size); $key = Strings::shift($buffer['ciphertext'], $block_size);
$ciphertext.= $block ^ $key; $ciphertext.= $block ^ $key;
} }
} else { } else {
@ -970,7 +973,7 @@ abstract class Base
$xor = $this->_encryptBlock($xor); $xor = $this->_encryptBlock($xor);
$buffer['xor'].= $xor; $buffer['xor'].= $xor;
} }
$key = $this->_string_shift($buffer['xor'], $block_size); $key = Strings::shift($buffer['xor'], $block_size);
$ciphertext.= $block ^ $key; $ciphertext.= $block ^ $key;
} }
} else { } else {
@ -1194,7 +1197,7 @@ abstract class Base
$buffer['ciphertext'].= $this->_encryptBlock($xor); $buffer['ciphertext'].= $this->_encryptBlock($xor);
$this->_increment_str($xor); $this->_increment_str($xor);
} }
$key = $this->_string_shift($buffer['ciphertext'], $block_size); $key = Strings::shift($buffer['ciphertext'], $block_size);
$plaintext.= $block ^ $key; $plaintext.= $block ^ $key;
} }
} else { } else {
@ -1262,7 +1265,7 @@ abstract class Base
$xor = $this->_encryptBlock($xor); $xor = $this->_encryptBlock($xor);
$buffer['xor'].= $xor; $buffer['xor'].= $xor;
} }
$key = $this->_string_shift($buffer['xor'], $block_size); $key = Strings::shift($buffer['xor'], $block_size);
$plaintext.= $block ^ $key; $plaintext.= $block ^ $key;
} }
} else { } else {
@ -1306,9 +1309,9 @@ abstract class Base
* OpenSSL CTR Processor * OpenSSL CTR Processor
* *
* PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream
* for CTR is the same for both encrypting and decrypting this function is re-used by both Base::encrypt() * for CTR is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt()
* and Base::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this * and SymmetricKey::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this
* function will emulate CTR with ECB when necessary. * function will emulate CTR with ECB when necesary.
* *
* @see self::encrypt() * @see self::encrypt()
* @see self::decrypt() * @see self::decrypt()
@ -1336,7 +1339,7 @@ abstract class Base
$buffer['ciphertext'].= $result; $buffer['ciphertext'].= $result;
} }
$this->_increment_str($xor); $this->_increment_str($xor);
$otp = $this->_string_shift($buffer['ciphertext'], $block_size); $otp = Strings::shift($buffer['ciphertext'], $block_size);
$ciphertext.= $block ^ $otp; $ciphertext.= $block ^ $otp;
} }
} else { } else {
@ -1359,7 +1362,7 @@ abstract class Base
} }
if (strlen($buffer['ciphertext'])) { if (strlen($buffer['ciphertext'])) {
$ciphertext = $plaintext ^ $this->_string_shift($buffer['ciphertext'], strlen($plaintext)); $ciphertext = $plaintext ^ Strings::shift($buffer['ciphertext'], strlen($plaintext));
$plaintext = substr($plaintext, strlen($ciphertext)); $plaintext = substr($plaintext, strlen($ciphertext));
if (!strlen($plaintext)) { if (!strlen($plaintext)) {
@ -1401,8 +1404,8 @@ abstract class Base
* OpenSSL OFB Processor * OpenSSL OFB Processor
* *
* PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream * PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream
* for OFB is the same for both encrypting and decrypting this function is re-used by both Base::encrypt() * for OFB is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt()
* and Base::decrypt(). * and SymmetricKey::decrypt().
* *
* @see self::encrypt() * @see self::encrypt()
* @see self::decrypt() * @see self::decrypt()
@ -1435,7 +1438,7 @@ abstract class Base
if ($this->continuousBuffer) { if ($this->continuousBuffer) {
$encryptIV = $xor; $encryptIV = $xor;
} }
$ciphertext.= $this->_string_shift($xor, $overflow) ^ substr($plaintext, -$overflow); $ciphertext.= Strings::shift($xor, $overflow) ^ substr($plaintext, -$overflow);
if ($this->continuousBuffer) { if ($this->continuousBuffer) {
$buffer['xor'] = $xor; $buffer['xor'] = $xor;
} }
@ -1640,11 +1643,11 @@ abstract class Base
* *
* Currently, $engine could be: * Currently, $engine could be:
* *
* - \phpseclib\Crypt\Base::ENGINE_OPENSSL [very fast] * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_OPENSSL [very fast]
* *
* - \phpseclib\Crypt\Base::ENGINE_MCRYPT [fast] * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_MCRYPT [fast]
* *
* - \phpseclib\Crypt\Base::ENGINE_INTERNAL [slow] * - \phpseclib\Crypt\Common\SymmetricKey::ENGINE_INTERNAL [slow]
* *
* If the preferred crypt engine is not available the fastest available one will be used * If the preferred crypt engine is not available the fastest available one will be used
* *
@ -1924,23 +1927,6 @@ abstract class Base
$this->encryptIV = $this->decryptIV = $this->iv; $this->encryptIV = $this->decryptIV = $this->iv;
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @access private
* @return string
*/
function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* String Pop * String Pop
* *
@ -2057,7 +2043,7 @@ abstract class Base
*/ */
function _setupInlineCrypt() function _setupInlineCrypt()
{ {
// If, for any reason, an extending \phpseclib\Crypt\Base() \phpseclib\Crypt\* class // If, for any reason, an extending \phpseclib\Crypt\Common\SymmetricKey() \phpseclib\Crypt\* class
// not using inline crypting then it must be ensured that: $this->use_inline_crypt = false // not using inline crypting then it must be ensured that: $this->use_inline_crypt = false
// ie in the class var declaration of $use_inline_crypt in general for the \phpseclib\Crypt\* class, // ie in the class var declaration of $use_inline_crypt in general for the \phpseclib\Crypt\* class,
// in the constructor at object instance-time // in the constructor at object instance-time
@ -2236,7 +2222,7 @@ abstract class Base
$self->_increment_str($_xor); $self->_increment_str($_xor);
$_buffer["ciphertext"].= $in; $_buffer["ciphertext"].= $in;
} }
$_key = $self->_string_shift($_buffer["ciphertext"], '.$block_size.'); $_key = \phpseclib\Common\Functions\Strings::shift($_buffer["ciphertext"], '.$block_size.');
$_ciphertext.= $_block ^ $_key; $_ciphertext.= $_block ^ $_key;
} }
} else { } else {
@ -2274,7 +2260,7 @@ abstract class Base
$self->_increment_str($_xor); $self->_increment_str($_xor);
$_buffer["ciphertext"].= $in; $_buffer["ciphertext"].= $in;
} }
$_key = $self->_string_shift($_buffer["ciphertext"], '.$block_size.'); $_key = \phpseclib\Common\Functions\Strings::shift($_buffer["ciphertext"], '.$block_size.');
$_plaintext.= $_block ^ $_key; $_plaintext.= $_block ^ $_key;
} }
} else { } else {
@ -2412,7 +2398,7 @@ abstract class Base
$_xor = $in; $_xor = $in;
$_buffer["xor"].= $_xor; $_buffer["xor"].= $_xor;
} }
$_key = $self->_string_shift($_buffer["xor"], '.$block_size.'); $_key = \phpseclib\Common\Functions\Strings::shift($_buffer["xor"], '.$block_size.');
$_ciphertext.= $_block ^ $_key; $_ciphertext.= $_block ^ $_key;
} }
} else { } else {
@ -2448,7 +2434,7 @@ abstract class Base
$_xor = $in; $_xor = $in;
$_buffer["xor"].= $_xor; $_buffer["xor"].= $_xor;
} }
$_key = $self->_string_shift($_buffer["xor"], '.$block_size.'); $_key = \phpseclib\Common\Functions\Strings::shift($_buffer["xor"], '.$block_size.');
$_plaintext.= $_block ^ $_key; $_plaintext.= $_block ^ $_key;
} }
} else { } else {

32
phpseclib/Crypt/DES.php
View File

@ -42,6 +42,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\BlockCipher;
/** /**
* Pure-PHP implementation of DES. * Pure-PHP implementation of DES.
* *
@ -49,7 +51,7 @@ namespace phpseclib\Crypt;
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @access public * @access public
*/ */
class DES extends Base class DES extends BlockCipher
{ {
/**#@+ /**#@+
* @access private * @access private
@ -69,7 +71,7 @@ class DES extends Base
/** /**
* Block Length of the cipher * Block Length of the cipher
* *
* @see \phpseclib\Crypt\Base::block_size * @see \phpseclib\Crypt\Common\SymmetricKey::block_size
* @var int * @var int
* @access private * @access private
*/ */
@ -78,7 +80,7 @@ class DES extends Base
/** /**
* Key Length (in bytes) * Key Length (in bytes)
* *
* @see \phpseclib\Crypt\Base::setKeyLength() * @see \phpseclib\Crypt\Common\SymmetricKey::setKeyLength()
* @var int * @var int
* @access private * @access private
*/ */
@ -87,7 +89,7 @@ class DES extends Base
/** /**
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
* *
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @var string * @var string
* @access private * @access private
*/ */
@ -96,7 +98,7 @@ class DES extends Base
/** /**
* The OpenSSL names of the cipher / modes * The OpenSSL names of the cipher / modes
* *
* @see \phpseclib\Crypt\Base::openssl_mode_names * @see \phpseclib\Crypt\Common\SymmetricKey::openssl_mode_names
* @var array * @var array
* @access private * @access private
*/ */
@ -111,7 +113,7 @@ class DES extends Base
/** /**
* Optimizing value while CFB-encrypting * Optimizing value while CFB-encrypting
* *
* @see \phpseclib\Crypt\Base::cfb_init_len * @see \phpseclib\Crypt\Common\SymmetricKey::cfb_init_len
* @var int * @var int
* @access private * @access private
*/ */
@ -597,9 +599,9 @@ class DES extends Base
/** /**
* Test for engine validity * Test for engine validity
* *
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* *
* @see \phpseclib\Crypt\Base::isValidEngine() * @see \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* @param int $engine * @param int $engine
* @access public * @access public
* @return bool * @return bool
@ -623,7 +625,7 @@ class DES extends Base
* *
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
* *
* @see \phpseclib\Crypt\Base::setKey() * @see \phpseclib\Crypt\Common\SymmetricKey::setKey()
* @access public * @access public
* @param string $key * @param string $key
*/ */
@ -640,8 +642,8 @@ class DES extends Base
/** /**
* Encrypts a block * Encrypts a block
* *
* @see \phpseclib\Crypt\Base::_encryptBlock() * @see \phpseclib\Crypt\Common\SymmetricKey::_encryptBlock()
* @see \phpseclib\Crypt\Base::encrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::encrypt()
* @see self::encrypt() * @see self::encrypt()
* @access private * @access private
* @param string $in * @param string $in
@ -655,8 +657,8 @@ class DES extends Base
/** /**
* Decrypts a block * Decrypts a block
* *
* @see \phpseclib\Crypt\Base::_decryptBlock() * @see \phpseclib\Crypt\Common\SymmetricKey::_decryptBlock()
* @see \phpseclib\Crypt\Base::decrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::decrypt()
* @see self::decrypt() * @see self::decrypt()
* @access private * @access private
* @param string $in * @param string $in
@ -759,7 +761,7 @@ class DES extends Base
/** /**
* Creates the key schedule * Creates the key schedule
* *
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()
@ -1294,7 +1296,7 @@ class DES extends Base
/** /**
* Setup the performance-optimized function for de/encrypt() * Setup the performance-optimized function for de/encrypt()
* *
* @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupInlineCrypt()
* @access private * @access private
*/ */
function _setupInlineCrypt() function _setupInlineCrypt()

20
phpseclib/Crypt/Hash.php
View File

@ -35,6 +35,7 @@ namespace phpseclib\Crypt;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Exception\UnsupportedAlgorithmException; use phpseclib\Exception\UnsupportedAlgorithmException;
use phpseclib\Common\Functions\Strings;
/** /**
* @package Hash * @package Hash
@ -327,7 +328,7 @@ class Hash
foreach ($chunks as $chunk) { foreach ($chunks as $chunk) {
$w = array(); $w = array();
for ($i = 0; $i < 16; $i++) { for ($i = 0; $i < 16; $i++) {
$temp = new BigInteger(self::_string_shift($chunk, 8), 256); $temp = new BigInteger(Strings::shift($chunk, 8), 256);
$temp->setPrecision(64); $temp->setPrecision(64);
$w[] = $temp; $w[] = $temp;
} }
@ -429,21 +430,4 @@ class Hash
return $temp; return $temp;
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
static function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
} }

42
phpseclib/Crypt/RC2.php
View File

@ -35,18 +35,20 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\BlockCipher;
/** /**
* Pure-PHP implementation of RC2. * Pure-PHP implementation of RC2.
* *
* @package RC2 * @package RC2
* @access public * @access public
*/ */
class RC2 extends Base class RC2 extends BlockCipher
{ {
/** /**
* Block Length of the cipher * Block Length of the cipher
* *
* @see \phpseclib\Crypt\Base::block_size * @see \phpseclib\Crypt\Common\SymmetricKey::block_size
* @var int * @var int
* @access private * @access private
*/ */
@ -55,7 +57,7 @@ class RC2 extends Base
/** /**
* The Key * The Key
* *
* @see \phpseclib\Crypt\Base::key * @see \phpseclib\Crypt\Common\SymmetricKey::key
* @see self::setKey() * @see self::setKey()
* @var string * @var string
* @access private * @access private
@ -65,7 +67,7 @@ class RC2 extends Base
/** /**
* The Original (unpadded) Key * The Original (unpadded) Key
* *
* @see \phpseclib\Crypt\Base::key * @see \phpseclib\Crypt\Common\SymmetricKey::key
* @see self::setKey() * @see self::setKey()
* @see self::encrypt() * @see self::encrypt()
* @see self::decrypt() * @see self::decrypt()
@ -77,7 +79,7 @@ class RC2 extends Base
/** /**
* Don't truncate / null pad key * Don't truncate / null pad key
* *
* @see \phpseclib\Crypt\Base::_clearBuffers() * @see \phpseclib\Crypt\Common\SymmetricKey::_clearBuffers()
* @var bool * @var bool
* @access private * @access private
*/ */
@ -95,7 +97,7 @@ class RC2 extends Base
/** /**
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
* *
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @var string * @var string
* @access private * @access private
*/ */
@ -104,7 +106,7 @@ class RC2 extends Base
/** /**
* Optimizing value while CFB-encrypting * Optimizing value while CFB-encrypting
* *
* @see \phpseclib\Crypt\Base::cfb_init_len * @see \phpseclib\Crypt\Common\SymmetricKey::cfb_init_len
* @var int * @var int
* @access private * @access private
*/ */
@ -278,9 +280,9 @@ class RC2 extends Base
/** /**
* Test for engine validity * Test for engine validity
* *
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* *
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @param int $engine * @param int $engine
* @access public * @access public
* @return bool * @return bool
@ -341,7 +343,7 @@ class RC2 extends Base
* If the key is not explicitly set, it'll be assumed to be a single * If the key is not explicitly set, it'll be assumed to be a single
* null byte. * null byte.
* *
* @see \phpseclib\Crypt\Base::setKey() * @see \phpseclib\Crypt\Common\SymmetricKey::setKey()
* @access public * @access public
* @param string $key * @param string $key
* @param int $t1 optional Effective key length in bits. * @param int $t1 optional Effective key length in bits.
@ -396,7 +398,7 @@ class RC2 extends Base
/** /**
* Encrypts a message. * Encrypts a message.
* *
* Mostly a wrapper for \phpseclib\Crypt\Base::encrypt, with some additional OpenSSL handling code * Mostly a wrapper for \phpseclib\Crypt\Common\SymmetricKey::encrypt, with some additional OpenSSL handling code
* *
* @see self::decrypt() * @see self::decrypt()
* @access public * @access public
@ -419,7 +421,7 @@ class RC2 extends Base
/** /**
* Decrypts a message. * Decrypts a message.
* *
* Mostly a wrapper for \phpseclib\Crypt\Base::decrypt, with some additional OpenSSL handling code * Mostly a wrapper for \phpseclib\Crypt\Common\SymmetricKey::decrypt, with some additional OpenSSL handling code
* *
* @see self::encrypt() * @see self::encrypt()
* @access public * @access public
@ -442,8 +444,8 @@ class RC2 extends Base
/** /**
* Encrypts a block * Encrypts a block
* *
* @see \phpseclib\Crypt\Base::_encryptBlock() * @see \phpseclib\Crypt\Common\SymmetricKey::_encryptBlock()
* @see \phpseclib\Crypt\Base::encrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::encrypt()
* @access private * @access private
* @param string $in * @param string $in
* @return string * @return string
@ -487,8 +489,8 @@ class RC2 extends Base
/** /**
* Decrypts a block * Decrypts a block
* *
* @see \phpseclib\Crypt\Base::_decryptBlock() * @see \phpseclib\Crypt\Common\SymmetricKey::_decryptBlock()
* @see \phpseclib\Crypt\Base::decrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::decrypt()
* @access private * @access private
* @param string $in * @param string $in
* @return string * @return string
@ -530,9 +532,9 @@ class RC2 extends Base
} }
/** /**
* Setup the \phpseclib\Crypt\Base::ENGINE_MCRYPT $engine * Setup the \phpseclib\Crypt\Common\SymmetricKey::ENGINE_MCRYPT $engine
* *
* @see \phpseclib\Crypt\Base::_setupMcrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupMcrypt()
* @access private * @access private
*/ */
function _setupMcrypt() function _setupMcrypt()
@ -547,7 +549,7 @@ class RC2 extends Base
/** /**
* Creates the key schedule * Creates the key schedule
* *
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()
@ -568,7 +570,7 @@ class RC2 extends Base
/** /**
* Setup the performance-optimized function for de/encrypt() * Setup the performance-optimized function for de/encrypt()
* *
* @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupInlineCrypt()
* @access private * @access private
*/ */
function _setupInlineCrypt() function _setupInlineCrypt()

30
phpseclib/Crypt/RC4.php
View File

@ -44,6 +44,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\StreamCipher;
/** /**
* Pure-PHP implementation of RC4. * Pure-PHP implementation of RC4.
* *
@ -51,7 +53,7 @@ namespace phpseclib\Crypt;
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @access public * @access public
*/ */
class RC4 extends Base class RC4 extends StreamCipher
{ {
/**#@+ /**#@+
* @access private * @access private
@ -67,7 +69,7 @@ class RC4 extends Base
* RC4 is a stream cipher * RC4 is a stream cipher
* so we the block_size to 0 * so we the block_size to 0
* *
* @see \phpseclib\Crypt\Base::block_size * @see \phpseclib\Crypt\Common\SymmetricKey::block_size
* @var int * @var int
* @access private * @access private
*/ */
@ -85,7 +87,7 @@ class RC4 extends Base
/** /**
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
* *
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @var string * @var string
* @access private * @access private
*/ */
@ -94,7 +96,7 @@ class RC4 extends Base
/** /**
* Holds whether performance-optimized $inline_crypt() can/should be used. * Holds whether performance-optimized $inline_crypt() can/should be used.
* *
* @see \phpseclib\Crypt\Base::inline_crypt * @see \phpseclib\Crypt\Common\SymmetricKey::inline_crypt
* @var mixed * @var mixed
* @access private * @access private
*/ */
@ -121,21 +123,21 @@ class RC4 extends Base
/** /**
* Default Constructor. * Default Constructor.
* *
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @return \phpseclib\Crypt\RC4 * @return \phpseclib\Crypt\RC4
* @access public * @access public
*/ */
function __construct() function __construct()
{ {
parent::__construct(Base::MODE_STREAM); parent::__construct(self::MODE_STREAM);
} }
/** /**
* Test for engine validity * Test for engine validity
* *
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* *
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @param int $engine * @param int $engine
* @access public * @access public
* @return bool * @return bool
@ -143,7 +145,7 @@ class RC4 extends Base
function isValidEngine($engine) function isValidEngine($engine)
{ {
switch ($engine) { switch ($engine) {
case Base::ENGINE_OPENSSL: case self::ENGINE_OPENSSL:
switch (strlen($this->key)) { switch (strlen($this->key)) {
case 5: case 5:
$this->cipher_name_openssl = 'rc4-40'; $this->cipher_name_openssl = 'rc4-40';
@ -215,7 +217,7 @@ class RC4 extends Base
/** /**
* Encrypts a message. * Encrypts a message.
* *
* @see \phpseclib\Crypt\Base::decrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::decrypt()
* @see self::_crypt() * @see self::_crypt()
* @access public * @access public
* @param string $plaintext * @param string $plaintext
@ -223,7 +225,7 @@ class RC4 extends Base
*/ */
function encrypt($plaintext) function encrypt($plaintext)
{ {
if ($this->engine != Base::ENGINE_INTERNAL) { if ($this->engine != self::ENGINE_INTERNAL) {
return parent::encrypt($plaintext); return parent::encrypt($plaintext);
} }
return $this->_crypt($plaintext, self::ENCRYPT); return $this->_crypt($plaintext, self::ENCRYPT);
@ -235,7 +237,7 @@ class RC4 extends Base
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
* At least if the continuous buffer is disabled. * At least if the continuous buffer is disabled.
* *
* @see \phpseclib\Crypt\Base::encrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::encrypt()
* @see self::_crypt() * @see self::_crypt()
* @access public * @access public
* @param string $ciphertext * @param string $ciphertext
@ -243,7 +245,7 @@ class RC4 extends Base
*/ */
function decrypt($ciphertext) function decrypt($ciphertext)
{ {
if ($this->engine != Base::ENGINE_INTERNAL) { if ($this->engine != self::ENGINE_INTERNAL) {
return parent::decrypt($ciphertext); return parent::decrypt($ciphertext);
} }
return $this->_crypt($ciphertext, self::DECRYPT); return $this->_crypt($ciphertext, self::DECRYPT);
@ -274,7 +276,7 @@ class RC4 extends Base
/** /**
* Setup the key (expansion) * Setup the key (expansion)
* *
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()

63
phpseclib/Crypt/RSA.php
View File

@ -48,6 +48,7 @@ namespace phpseclib\Crypt;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\File\ASN1; use phpseclib\File\ASN1;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/** /**
* Pure-PHP PKCS#1 compliant implementation of RSA. * Pure-PHP PKCS#1 compliant implementation of RSA.
@ -1092,64 +1093,6 @@ class RSA
); );
} }
/**
* DER-decode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access private
* @param string $string
* @return int
*/
function _decodeLength(&$string)
{
$length = ord($this->_string_shift($string));
if ($length & 0x80) { // definite length, long form
$length&= 0x7F;
$temp = $this->_string_shift($string, $length);
list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4));
}
return $length;
}
/**
* DER-encode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access private
* @param int $length
* @return string
*/
function _encodeLength($length)
{
if ($length <= 0x7F) {
return chr($length);
}
$temp = ltrim(pack('N', $length), chr(0));
return pack('Ca*', 0x80 | strlen($temp), $temp);
}
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* Determines the private key format * Determines the private key format
* *
@ -2072,12 +2015,12 @@ class RSA
return false; return false;
} }
if ($this->_string_shift($em, 2) != "\0\1") { if (Strings::shift($em, 2) != "\0\1") {
return false; return false;
} }
$em = ltrim($em, "\xFF"); $em = ltrim($em, "\xFF");
if ($this->_string_shift($em) != "\0") { if (Strings::shift($em) != "\0") {
return false; return false;
} }

37
phpseclib/Crypt/RSA/MSBLOB.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Miccrosoft BLOB Formatted RSA Key Handler * Miccrosoft BLOB Formatted RSA Key Handler
* *
@ -20,6 +21,7 @@ namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/** /**
* Microsoft BLOB Formatted RSA Key Handler * Microsoft BLOB Formatted RSA Key Handler
@ -85,7 +87,7 @@ class MSBLOB
// PUBLICKEYSTRUC publickeystruc // PUBLICKEYSTRUC publickeystruc
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx
extract(unpack('atype/aversion/vreserved/Valgo', self::_string_shift($key, 8))); extract(unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8)));
switch (ord($type)) { switch (ord($type)) {
case self::PUBLICKEYBLOB: case self::PUBLICKEYBLOB:
case self::PUBLICKEYBLOBEX: case self::PUBLICKEYBLOBEX:
@ -112,7 +114,7 @@ class MSBLOB
// RSAPUBKEY rsapubkey // RSAPUBKEY rsapubkey
// https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx
// could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit // could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit
extract(unpack('Vmagic/Vbitlen/a4pubexp', self::_string_shift($key, 12))); extract(unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12)));
switch ($magic) { switch ($magic) {
case self::RSA2: case self::RSA2:
$components['isPublicKey'] = false; $components['isPublicKey'] = false;
@ -129,7 +131,7 @@ class MSBLOB
$components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(strrev($pubexp), 256); $components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(strrev($pubexp), 256);
// BYTE modulus[rsapubkey.bitlen/8] // BYTE modulus[rsapubkey.bitlen/8]
$components['modulus'] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 8)), 256); $components['modulus'] = new BigInteger(strrev(Strings::shift($key, $bitlen / 8)), 256);
if ($publickey) { if ($publickey) {
return $components; return $components;
@ -138,20 +140,20 @@ class MSBLOB
$components['isPublicKey'] = false; $components['isPublicKey'] = false;
// BYTE prime1[rsapubkey.bitlen/16] // BYTE prime1[rsapubkey.bitlen/16]
$components['primes'] = array(1 => new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256)); $components['primes'] = array(1 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256));
// BYTE prime2[rsapubkey.bitlen/16] // BYTE prime2[rsapubkey.bitlen/16]
$components['primes'][] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256); $components['primes'][] = new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256);
// BYTE exponent1[rsapubkey.bitlen/16] // BYTE exponent1[rsapubkey.bitlen/16]
$components['exponents'] = array(1 => new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256)); $components['exponents'] = array(1 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256));
// BYTE exponent2[rsapubkey.bitlen/16] // BYTE exponent2[rsapubkey.bitlen/16]
$components['exponents'][] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256); $components['exponents'][] = new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256);
// BYTE coefficient[rsapubkey.bitlen/16] // BYTE coefficient[rsapubkey.bitlen/16]
$components['coefficients'] = array(2 => new BigInteger(strrev(self::_string_shift($key, $bitlen / 16)), 256)); $components['coefficients'] = array(2 => new BigInteger(strrev(Strings::shift($key, $bitlen / 16)), 256));
if (isset($components['privateExponent'])) { if (isset($components['privateExponent'])) {
$components['publicExponent'] = $components['privateExponent']; $components['publicExponent'] = $components['privateExponent'];
} }
// BYTE privateExponent[rsapubkey.bitlen/8] // BYTE privateExponent[rsapubkey.bitlen/8]
$components['privateExponent'] = new BigInteger(strrev(self::_string_shift($key, $bitlen / 8)), 256); $components['privateExponent'] = new BigInteger(strrev(Strings::shift($key, $bitlen / 8)), 256);
return $components; return $components;
} }
@ -204,21 +206,4 @@ class MSBLOB
return Base64::encode($key); return Base64::encode($key);
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
static function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
} }

29
phpseclib/Crypt/RSA/OpenSSH.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* OpenSSH Formatted RSA Key Handler * OpenSSH Formatted RSA Key Handler
* *
@ -18,6 +19,7 @@ namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/** /**
* OpenSSH Formatted RSA Key Handler * OpenSSH Formatted RSA Key Handler
@ -73,23 +75,23 @@ class OpenSSH
if (substr($key, 0, 11) != "\0\0\0\7ssh-rsa") { if (substr($key, 0, 11) != "\0\0\0\7ssh-rsa") {
return false; return false;
} }
self::_string_shift($key, 11); Strings::shift($key, 11);
if (strlen($key) <= 4) { if (strlen($key) <= 4) {
return false; return false;
} }
extract(unpack('Nlength', self::_string_shift($key, 4))); extract(unpack('Nlength', Strings::shift($key, 4)));
if (strlen($key) <= $length) { if (strlen($key) <= $length) {
return false; return false;
} }
$publicExponent = new BigInteger(self::_string_shift($key, $length), -256); $publicExponent = new BigInteger(Strings::shift($key, $length), -256);
if (strlen($key) <= 4) { if (strlen($key) <= 4) {
return false; return false;
} }
extract(unpack('Nlength', self::_string_shift($key, 4))); extract(unpack('Nlength', Strings::shift($key, 4)));
if (strlen($key) != $length) { if (strlen($key) != $length) {
return false; return false;
} }
$modulus = new BigInteger(self::_string_shift($key, $length), -256); $modulus = new BigInteger(Strings::shift($key, $length), -256);
return array( return array(
'isPublicKey' => true, 'isPublicKey' => true,
@ -121,21 +123,4 @@ class OpenSSH
return $RSAPublicKey; return $RSAPublicKey;
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
static function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
} }

198
phpseclib/Crypt/RSA/PKCS.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PKCS Formatted RSA Key Handler * PKCS Formatted RSA Key Handler
* *
@ -16,11 +17,14 @@ namespace phpseclib\Crypt\RSA;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Hex; use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\AES; use phpseclib\Crypt\AES;
use phpseclib\Crypt\Base; use phpseclib\Crypt\Base;
use phpseclib\Crypt\DES; use phpseclib\Crypt\DES;
use phpseclib\Crypt\TripleDES; use phpseclib\Crypt\TripleDES;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
use phpseclib\Common\Functions\ASN1;
/** /**
* PKCS Formatted RSA Key Handler * PKCS Formatted RSA Key Handler
@ -94,15 +98,15 @@ abstract class PKCS
{ {
switch ($mode) { switch ($mode) {
case 'CBC': case 'CBC':
return Base::MODE_CBC; return BlockCipher::MODE_CBC;
case 'ECB': case 'ECB':
return Base::MODE_ECB; return BlockCipher::MODE_ECB;
case 'CFB': case 'CFB':
return Base::MODE_CFB; return BlockCipher::MODE_CFB;
case 'OFB': case 'OFB':
return Base::MODE_OFB; return BlockCipher::MODE_OFB;
case 'CTR': case 'CTR':
return Base::MODE_CTR; return BlockCipher::MODE_CTR;
} }
throw new \UnexpectedValueException('Unsupported block cipher mode of operation'); throw new \UnexpectedValueException('Unsupported block cipher mode of operation');
} }
@ -208,14 +212,14 @@ abstract class PKCS
} }
} }
if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { if (ord(Strings::shift($key)) != self::ASN1_SEQUENCE) {
return false; return false;
} }
if (self::_decodeLength($key) != strlen($key)) { if (ASN1::decodeLength($key) != strlen($key)) {
return false; return false;
} }
$tag = ord(self::_string_shift($key)); $tag = ord(Strings::shift($key));
/* intended for keys for which OpenSSL's asn1parse returns the following: /* intended for keys for which OpenSSL's asn1parse returns the following:
0:d=0 hl=4 l= 631 cons: SEQUENCE 0:d=0 hl=4 l= 631 cons: SEQUENCE
@ -228,17 +232,17 @@ abstract class PKCS
ie. PKCS8 keys */ ie. PKCS8 keys */
if ($tag == self::ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") { if ($tag == self::ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") {
self::_string_shift($key, 3); Strings::shift($key, 3);
$tag = self::ASN1_SEQUENCE; $tag = self::ASN1_SEQUENCE;
} }
if ($tag == self::ASN1_SEQUENCE) { if ($tag == self::ASN1_SEQUENCE) {
$temp = self::_string_shift($key, self::_decodeLength($key)); $temp = Strings::shift($key, ASN1::decodeLength($key));
if (ord(self::_string_shift($temp)) != self::ASN1_OBJECT) { if (ord(Strings::shift($temp)) != self::ASN1_OBJECT) {
return false; return false;
} }
$length = self::_decodeLength($temp); $length = ASN1::decodeLength($temp);
switch (self::_string_shift($temp, $length)) { switch (Strings::shift($temp, $length)) {
case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption case "\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01": // rsaEncryption
break; break;
case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC case "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03": // pbeWithMD5AndDES-CBC
@ -247,21 +251,21 @@ abstract class PKCS
salt OCTET STRING (SIZE(8)), salt OCTET STRING (SIZE(8)),
iterationCount INTEGER } iterationCount INTEGER }
*/ */
if (ord(self::_string_shift($temp)) != self::ASN1_SEQUENCE) { if (ord(Strings::shift($temp)) != self::ASN1_SEQUENCE) {
return false; return false;
} }
if (self::_decodeLength($temp) != strlen($temp)) { if (ASN1::decodeLength($temp) != strlen($temp)) {
return false; return false;
} }
self::_string_shift($temp); // assume it's an octet string Strings::shift($temp); // assume it's an octet string
$salt = self::_string_shift($temp, self::_decodeLength($temp)); $salt = Strings::shift($temp, ASN1::decodeLength($temp));
if (ord(self::_string_shift($temp)) != self::ASN1_INTEGER) { if (ord(Strings::shift($temp)) != self::ASN1_INTEGER) {
return false; return false;
} }
self::_decodeLength($temp); ASN1::decodeLength($temp);
list(, $iterationCount) = unpack('N', str_pad($temp, 4, chr(0), STR_PAD_LEFT)); list(, $iterationCount) = unpack('N', str_pad($temp, 4, chr(0), STR_PAD_LEFT));
self::_string_shift($key); // assume it's an octet string Strings::shift($key); // assume it's an octet string
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
if (strlen($key) != $length) { if (strlen($key) != $length) {
return false; return false;
} }
@ -283,82 +287,82 @@ abstract class PKCS
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
17:d=2 hl=2 l= 0 prim: NULL 17:d=2 hl=2 l= 0 prim: NULL
19:d=1 hl=4 l= 271 prim: BIT STRING */ 19:d=1 hl=4 l= 271 prim: BIT STRING */
$tag = ord(self::_string_shift($key)); // skip over the BIT STRING / OCTET STRING tag $tag = ord(Strings::shift($key)); // skip over the BIT STRING / OCTET STRING tag
self::_decodeLength($key); // skip over the BIT STRING / OCTET STRING length ASN1::decodeLength($key); // skip over the BIT STRING / OCTET STRING length
// "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of // "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of
// unused bits in the final subsequent octet. The number shall be in the range zero to seven." // unused bits in the final subsequent octet. The number shall be in the range zero to seven."
// -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2) // -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2)
if ($tag == self::ASN1_BITSTRING) { if ($tag == self::ASN1_BITSTRING) {
self::_string_shift($key); Strings::shift($key);
} }
if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { if (ord(Strings::shift($key)) != self::ASN1_SEQUENCE) {
return false; return false;
} }
if (self::_decodeLength($key) != strlen($key)) { if (ASN1::decodeLength($key) != strlen($key)) {
return false; return false;
} }
$tag = ord(self::_string_shift($key)); $tag = ord(Strings::shift($key));
} }
if ($tag != self::ASN1_INTEGER) { if ($tag != self::ASN1_INTEGER) {
return false; return false;
} }
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$temp = self::_string_shift($key, $length); $temp = Strings::shift($key, $length);
if (strlen($temp) != 1 || ord($temp) > 2) { if (strlen($temp) != 1 || ord($temp) > 2) {
$components['modulus'] = new BigInteger($temp, 256); $components['modulus'] = new BigInteger($temp, 256);
self::_string_shift($key); // skip over self::ASN1_INTEGER Strings::shift($key); // skip over self::ASN1_INTEGER
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(self::_string_shift($key, $length), 256); $components[$components['isPublicKey'] ? 'publicExponent' : 'privateExponent'] = new BigInteger(Strings::shift($key, $length), 256);
return $components; return $components;
} }
if (ord(self::_string_shift($key)) != self::ASN1_INTEGER) { if (ord(Strings::shift($key)) != self::ASN1_INTEGER) {
return false; return false;
} }
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['modulus'] = new BigInteger(self::_string_shift($key, $length), 256); $components['modulus'] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['publicExponent'] = new BigInteger(self::_string_shift($key, $length), 256); $components['publicExponent'] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['privateExponent'] = new BigInteger(self::_string_shift($key, $length), 256); $components['privateExponent'] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['primes'] = array(1 => new BigInteger(self::_string_shift($key, $length), 256)); $components['primes'] = array(1 => new BigInteger(Strings::shift($key, $length), 256));
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['primes'][] = new BigInteger(self::_string_shift($key, $length), 256); $components['primes'][] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['exponents'] = array(1 => new BigInteger(self::_string_shift($key, $length), 256)); $components['exponents'] = array(1 => new BigInteger(Strings::shift($key, $length), 256));
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['exponents'][] = new BigInteger(self::_string_shift($key, $length), 256); $components['exponents'][] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['coefficients'] = array(2 => new BigInteger(self::_string_shift($key, $length), 256)); $components['coefficients'] = array(2 => new BigInteger(Strings::shift($key, $length), 256));
if (!empty($key)) { if (!empty($key)) {
if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { if (ord(Strings::shift($key)) != self::ASN1_SEQUENCE) {
return false; return false;
} }
self::_decodeLength($key); ASN1::decodeLength($key);
while (!empty($key)) { while (!empty($key)) {
if (ord(self::_string_shift($key)) != self::ASN1_SEQUENCE) { if (ord(Strings::shift($key)) != self::ASN1_SEQUENCE) {
return false; return false;
} }
self::_decodeLength($key); ASN1::decodeLength($key);
$key = substr($key, 1); $key = substr($key, 1);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['primes'][] = new BigInteger(self::_string_shift($key, $length), 256); $components['primes'][] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['exponents'][] = new BigInteger(self::_string_shift($key, $length), 256); $components['exponents'][] = new BigInteger(Strings::shift($key, $length), 256);
self::_string_shift($key); Strings::shift($key);
$length = self::_decodeLength($key); $length = ASN1::decodeLength($key);
$components['coefficients'][] = new BigInteger(self::_string_shift($key, $length), 256); $components['coefficients'][] = new BigInteger(Strings::shift($key, $length), 256);
} }
} }
@ -400,64 +404,6 @@ abstract class PKCS
self::$format = self::MODE_ANY; self::$format = self::MODE_ANY;
} }
/**
* DER-decode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access private
* @param string $string
* @return int
*/
static function _decodeLength(&$string)
{
$length = ord(self::_string_shift($string));
if ($length & 0x80) { // definite length, long form
$length&= 0x7F;
$temp = self::_string_shift($string, $length);
list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4));
}
return $length;
}
/**
* DER-encode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access private
* @param int $length
* @return string
*/
static function _encodeLength($length)
{
if ($length <= 0x7F) {
return chr($length);
}
$temp = ltrim(pack('N', $length), chr(0));
return pack('Ca*', 0x80 | strlen($temp), $temp);
}
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
static function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* Extract raw BER from Base64 encoding * Extract raw BER from Base64 encoding
* *

22
phpseclib/Crypt/RSA/PKCS1.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PKCS#1 Formatted RSA Key Handler * PKCS#1 Formatted RSA Key Handler
* *
@ -30,6 +31,7 @@ use phpseclib\Crypt\DES;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Crypt\TripleDES; use phpseclib\Crypt\TripleDES;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\ASN1;
/** /**
* PKCS#1 Formatted RSA Key Handler * PKCS#1 Formatted RSA Key Handler
@ -89,7 +91,7 @@ class PKCS1 extends PKCS
$components = array(); $components = array();
foreach ($raw as $name => $value) { foreach ($raw as $name => $value) {
$components[$name] = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($value)), $value); $components[$name] = pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($value)), $value);
} }
$RSAPrivateKey = implode('', $components); $RSAPrivateKey = implode('', $components);
@ -104,15 +106,15 @@ class PKCS1 extends PKCS
// exponent INTEGER, -- di // exponent INTEGER, -- di
// coefficient INTEGER -- ti // coefficient INTEGER -- ti
// } // }
$OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true)); $OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
$OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true)); $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
$OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true)); $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
$OtherPrimeInfos.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo); $OtherPrimeInfos.= pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
} }
$RSAPrivateKey.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos); $RSAPrivateKey.= pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
} }
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
if (!empty($password) || is_string($password)) { if (!empty($password) || is_string($password)) {
$cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm); $cipher = self::getEncryptionObject(self::$defaultEncryptionAlgorithm);
@ -154,14 +156,14 @@ class PKCS1 extends PKCS
// publicExponent INTEGER -- e // publicExponent INTEGER -- e
// } // }
$components = array( $components = array(
'modulus' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($modulus)), $modulus), 'modulus' => pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($modulus)), $modulus),
'publicExponent' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($publicExponent)), $publicExponent) 'publicExponent' => pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($publicExponent)), $publicExponent)
); );
$RSAPublicKey = pack( $RSAPublicKey = pack(
'Ca*a*a*', 'Ca*a*a*',
self::ASN1_SEQUENCE, self::ASN1_SEQUENCE,
self::_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])), ASN1::encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])),
$components['modulus'], $components['modulus'],
$components['publicExponent'] $components['publicExponent']
); );

44
phpseclib/Crypt/RSA/PKCS8.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PKCS#8 Formatted RSA Key Handler * PKCS#8 Formatted RSA Key Handler
* *
@ -30,6 +31,7 @@ use ParagonIE\ConstantTime\Base64;
use phpseclib\Crypt\DES; use phpseclib\Crypt\DES;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\ASN1;
/** /**
* PKCS#8 Formatted RSA Key Handler * PKCS#8 Formatted RSA Key Handler
@ -70,7 +72,7 @@ class PKCS8 extends PKCS
$components = array(); $components = array();
foreach ($raw as $name => $value) { foreach ($raw as $name => $value) {
$components[$name] = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($value)), $value); $components[$name] = pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($value)), $value);
} }
$RSAPrivateKey = implode('', $components); $RSAPrivateKey = implode('', $components);
@ -85,15 +87,15 @@ class PKCS8 extends PKCS
// exponent INTEGER, -- di // exponent INTEGER, -- di
// coefficient INTEGER -- ti // coefficient INTEGER -- ti
// } // }
$OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true)); $OtherPrimeInfo = pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
$OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true)); $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
$OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true)); $OtherPrimeInfo.= pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
$OtherPrimeInfos.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo); $OtherPrimeInfos.= pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
} }
$RSAPrivateKey.= pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos); $RSAPrivateKey.= pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
} }
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA $rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPrivateKey = pack( $RSAPrivateKey = pack(
@ -102,10 +104,10 @@ class PKCS8 extends PKCS
"\01\00", "\01\00",
$rsaOID, $rsaOID,
4, 4,
self::_encodeLength(strlen($RSAPrivateKey)), ASN1::encodeLength(strlen($RSAPrivateKey)),
$RSAPrivateKey $RSAPrivateKey
); );
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
if (!empty($password) || is_string($password)) { if (!empty($password) || is_string($password)) {
$salt = Random::string(8); $salt = Random::string(8);
$iterationCount = 2048; $iterationCount = 2048;
@ -117,10 +119,10 @@ class PKCS8 extends PKCS
$parameters = pack( $parameters = pack(
'Ca*a*Ca*N', 'Ca*a*Ca*N',
self::ASN1_OCTETSTRING, self::ASN1_OCTETSTRING,
self::_encodeLength(strlen($salt)), ASN1::encodeLength(strlen($salt)),
$salt, $salt,
self::ASN1_INTEGER, self::ASN1_INTEGER,
self::_encodeLength(4), ASN1::encodeLength(4),
$iterationCount $iterationCount
); );
$pbeWithMD5AndDES_CBC = "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03"; $pbeWithMD5AndDES_CBC = "\x2a\x86\x48\x86\xf7\x0d\x01\x05\x03";
@ -128,24 +130,24 @@ class PKCS8 extends PKCS
$encryptionAlgorithm = pack( $encryptionAlgorithm = pack(
'Ca*a*Ca*a*', 'Ca*a*Ca*a*',
self::ASN1_OBJECT, self::ASN1_OBJECT,
self::_encodeLength(strlen($pbeWithMD5AndDES_CBC)), ASN1::encodeLength(strlen($pbeWithMD5AndDES_CBC)),
$pbeWithMD5AndDES_CBC, $pbeWithMD5AndDES_CBC,
self::ASN1_SEQUENCE, self::ASN1_SEQUENCE,
self::_encodeLength(strlen($parameters)), ASN1::encodeLength(strlen($parameters)),
$parameters $parameters
); );
$RSAPrivateKey = pack( $RSAPrivateKey = pack(
'Ca*a*Ca*a*', 'Ca*a*Ca*a*',
self::ASN1_SEQUENCE, self::ASN1_SEQUENCE,
self::_encodeLength(strlen($encryptionAlgorithm)), ASN1::encodeLength(strlen($encryptionAlgorithm)),
$encryptionAlgorithm, $encryptionAlgorithm,
self::ASN1_OCTETSTRING, self::ASN1_OCTETSTRING,
self::_encodeLength(strlen($RSAPrivateKey)), ASN1::encodeLength(strlen($RSAPrivateKey)),
$RSAPrivateKey $RSAPrivateKey
); );
$RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, self::_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey); $RSAPrivateKey = pack('Ca*a*', self::ASN1_SEQUENCE, ASN1::encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
$RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . $RSAPrivateKey = "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" .
chunk_split(Base64::encode($RSAPrivateKey), 64) . chunk_split(Base64::encode($RSAPrivateKey), 64) .
@ -178,14 +180,14 @@ class PKCS8 extends PKCS
// publicExponent INTEGER -- e // publicExponent INTEGER -- e
// } // }
$components = array( $components = array(
'modulus' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($modulus)), $modulus), 'modulus' => pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($modulus)), $modulus),
'publicExponent' => pack('Ca*a*', self::ASN1_INTEGER, self::_encodeLength(strlen($publicExponent)), $publicExponent) 'publicExponent' => pack('Ca*a*', self::ASN1_INTEGER, ASN1::encodeLength(strlen($publicExponent)), $publicExponent)
); );
$RSAPublicKey = pack( $RSAPublicKey = pack(
'Ca*a*a*', 'Ca*a*a*',
self::ASN1_SEQUENCE, self::ASN1_SEQUENCE,
self::_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])), ASN1::encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])),
$components['modulus'], $components['modulus'],
$components['publicExponent'] $components['publicExponent']
); );
@ -193,12 +195,12 @@ class PKCS8 extends PKCS
// sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption. // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
$rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA $rsaOID = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00"; // hex version of MA0GCSqGSIb3DQEBAQUA
$RSAPublicKey = chr(0) . $RSAPublicKey; $RSAPublicKey = chr(0) . $RSAPublicKey;
$RSAPublicKey = chr(3) . self::_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey; $RSAPublicKey = chr(3) . ASN1::encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey;
$RSAPublicKey = pack( $RSAPublicKey = pack(
'Ca*a*', 'Ca*a*',
self::ASN1_SEQUENCE, self::ASN1_SEQUENCE,
self::_encodeLength(strlen($rsaOID . $RSAPublicKey)), ASN1::encodeLength(strlen($rsaOID . $RSAPublicKey)),
$rsaOID . $RSAPublicKey $rsaOID . $RSAPublicKey
); );

43
phpseclib/Crypt/RSA/PuTTY.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* PuTTY Formatted RSA Key Handler * PuTTY Formatted RSA Key Handler
* *
@ -19,6 +20,7 @@ use ParagonIE\ConstantTime\Hex;
use phpseclib\Crypt\AES; use phpseclib\Crypt\AES;
use phpseclib\Crypt\Hash; use phpseclib\Crypt\Hash;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/** /**
* PuTTY Formatted RSA Key Handler * PuTTY Formatted RSA Key Handler
@ -117,10 +119,10 @@ class PuTTY
$publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3])); $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
$public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); $public = Base64::decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
$public = substr($public, 11); $public = substr($public, 11);
extract(unpack('Nlength', self::_string_shift($public, 4))); extract(unpack('Nlength', Strings::shift($public, 4)));
$components['publicExponent'] = new BigInteger(self::_string_shift($public, $length), -256); $components['publicExponent'] = new BigInteger(Strings::shift($public, $length), -256);
extract(unpack('Nlength', self::_string_shift($public, 4))); extract(unpack('Nlength', Strings::shift($public, 4)));
$components['modulus'] = new BigInteger(self::_string_shift($public, $length), -256); $components['modulus'] = new BigInteger(Strings::shift($public, $length), -256);
$privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4])); $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4]));
$private = Base64::decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength)))); $private = Base64::decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength))));
@ -141,53 +143,36 @@ class PuTTY
} }
} }
extract(unpack('Nlength', self::_string_shift($private, 4))); extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) { if (strlen($private) < $length) {
return false; return false;
} }
$components['privateExponent'] = new BigInteger(self::_string_shift($private, $length), -256); $components['privateExponent'] = new BigInteger(Strings::shift($private, $length), -256);
extract(unpack('Nlength', self::_string_shift($private, 4))); extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) { if (strlen($private) < $length) {
return false; return false;
} }
$components['primes'] = array(1 => new BigInteger(self::_string_shift($private, $length), -256)); $components['primes'] = array(1 => new BigInteger(Strings::shift($private, $length), -256));
extract(unpack('Nlength', self::_string_shift($private, 4))); extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) { if (strlen($private) < $length) {
return false; return false;
} }
$components['primes'][] = new BigInteger(self::_string_shift($private, $length), -256); $components['primes'][] = new BigInteger(Strings::shift($private, $length), -256);
$temp = $components['primes'][1]->subtract($one); $temp = $components['primes'][1]->subtract($one);
$components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp)); $components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp));
$temp = $components['primes'][2]->subtract($one); $temp = $components['primes'][2]->subtract($one);
$components['exponents'][] = $components['publicExponent']->modInverse($temp); $components['exponents'][] = $components['publicExponent']->modInverse($temp);
extract(unpack('Nlength', self::_string_shift($private, 4))); extract(unpack('Nlength', Strings::shift($private, 4)));
if (strlen($private) < $length) { if (strlen($private) < $length) {
return false; return false;
} }
$components['coefficients'] = array(2 => new BigInteger(self::_string_shift($private, $length), -256)); $components['coefficients'] = array(2 => new BigInteger(Strings::shift($private, $length), -256));
return $components; return $components;
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
static function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* Convert a private key to the appropriate format. * Convert a private key to the appropriate format.
* *

1
phpseclib/Crypt/RSA/Raw.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Raw RSA Key Handler * Raw RSA Key Handler
* *

1
phpseclib/Crypt/RSA/XML.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* XML Formatted RSA Key Handler * XML Formatted RSA Key Handler
* *

12
phpseclib/Crypt/Random.php
View File

@ -24,6 +24,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\BlockCipher;
/** /**
* Pure-PHP Random Number Generator * Pure-PHP Random Number Generator
* *
@ -139,19 +141,19 @@ class Random
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
switch (true) { switch (true) {
case class_exists('\phpseclib\Crypt\AES'): case class_exists('\phpseclib\Crypt\AES'):
$crypto = new AES(Base::MODE_CTR); $crypto = new AES(BlockCipher::MODE_CTR);
break; break;
case class_exists('\phpseclib\Crypt\Twofish'): case class_exists('\phpseclib\Crypt\Twofish'):
$crypto = new Twofish(Base::MODE_CTR); $crypto = new Twofish(BlockCipher::MODE_CTR);
break; break;
case class_exists('\phpseclib\Crypt\Blowfish'): case class_exists('\phpseclib\Crypt\Blowfish'):
$crypto = new Blowfish(Base::MODE_CTR); $crypto = new Blowfish(BlockCipher::MODE_CTR);
break; break;
case class_exists('\phpseclib\Crypt\TripleDES'): case class_exists('\phpseclib\Crypt\TripleDES'):
$crypto = new TripleDES(Base::MODE_CTR); $crypto = new TripleDES(BlockCipher::MODE_CTR);
break; break;
case class_exists('\phpseclib\Crypt\DES'): case class_exists('\phpseclib\Crypt\DES'):
$crypto = new DES(Base::MODE_CTR); $crypto = new DES(BlockCipher::MODE_CTR);
break; break;
case class_exists('\phpseclib\Crypt\RC4'): case class_exists('\phpseclib\Crypt\RC4'):
$crypto = new RC4(); $crypto = new RC4();

20
phpseclib/Crypt/Rijndael.php
View File

@ -54,6 +54,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\BlockCipher;
/** /**
* Pure-PHP implementation of Rijndael. * Pure-PHP implementation of Rijndael.
* *
@ -61,7 +63,7 @@ namespace phpseclib\Crypt;
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @access public * @access public
*/ */
class Rijndael extends Base class Rijndael extends BlockCipher
{ {
/** /**
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
@ -71,8 +73,8 @@ class Rijndael extends Base
* or not for the current $block_size/$key_length. * or not for the current $block_size/$key_length.
* In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly.
* *
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @see \phpseclib\Crypt\Base::engine * @see \phpseclib\Crypt\Common\SymmetricKey::engine
* @see self::isValidEngine() * @see self::isValidEngine()
* @var string * @var string
* @access private * @access private
@ -82,8 +84,8 @@ class Rijndael extends Base
/** /**
* The default salt used by setPassword() * The default salt used by setPassword()
* *
* @see \phpseclib\Crypt\Base::password_default_salt * @see \phpseclib\Crypt\Common\SymmetricKey::password_default_salt
* @see \phpseclib\Crypt\Base::setPassword() * @see \phpseclib\Crypt\Common\SymmetricKey::setPassword()
* @var string * @var string
* @access private * @access private
*/ */
@ -277,9 +279,9 @@ class Rijndael extends Base
/** /**
* Test for engine validity * Test for engine validity
* *
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* *
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @param int $engine * @param int $engine
* @access public * @access public
* @return bool * @return bool
@ -499,7 +501,7 @@ class Rijndael extends Base
/** /**
* Setup the key (expansion) * Setup the key (expansion)
* *
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()
@ -804,7 +806,7 @@ class Rijndael extends Base
/** /**
* Setup the performance-optimized function for de/encrypt() * Setup the performance-optimized function for de/encrypt()
* *
* @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupInlineCrypt()
* @access private * @access private
*/ */
function _setupInlineCrypt() function _setupInlineCrypt()

60
phpseclib/Crypt/TripleDES.php
View File

@ -55,9 +55,9 @@ class TripleDES extends DES
/** /**
* Encrypt / decrypt using outer chaining * Encrypt / decrypt using outer chaining
* *
* Outer chaining is used by SSH-2 and when the mode is set to \phpseclib\Crypt\Base::MODE_CBC. * Outer chaining is used by SSH-2 and when the mode is set to \phpseclib\Crypt\Common\BlockCipher::MODE_CBC.
*/ */
const MODE_CBC3 = Base::MODE_CBC; const MODE_CBC3 = self::MODE_CBC;
/** /**
* Key Length (in bytes) * Key Length (in bytes)
@ -71,8 +71,8 @@ class TripleDES extends DES
/** /**
* The default salt used by setPassword() * The default salt used by setPassword()
* *
* @see \phpseclib\Crypt\Base::password_default_salt * @see \phpseclib\Crypt\Common\SymmetricKey::password_default_salt
* @see \phpseclib\Crypt\Base::setPassword() * @see \phpseclib\Crypt\Common\SymmetricKey::setPassword()
* @var string * @var string
* @access private * @access private
*/ */
@ -82,7 +82,7 @@ class TripleDES extends DES
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
* *
* @see \phpseclib\Crypt\DES::cipher_name_mcrypt * @see \phpseclib\Crypt\DES::cipher_name_mcrypt
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @var string * @var string
* @access private * @access private
*/ */
@ -91,7 +91,7 @@ class TripleDES extends DES
/** /**
* Optimizing value while CFB-encrypting * Optimizing value while CFB-encrypting
* *
* @see \phpseclib\Crypt\Base::cfb_init_len * @see \phpseclib\Crypt\Common\SymmetricKey::cfb_init_len
* @var int * @var int
* @access private * @access private
*/ */
@ -132,20 +132,20 @@ class TripleDES extends DES
* *
* $mode could be: * $mode could be:
* *
* - \phpseclib\Crypt\Base::MODE_ECB * - \phpseclib\Crypt\Common\BlockCipher::MODE_ECB
* *
* - \phpseclib\Crypt\Base::MODE_CBC * - \phpseclib\Crypt\Common\BlockCipher::MODE_CBC
* *
* - \phpseclib\Crypt\Base::MODE_CTR * - \phpseclib\Crypt\Common\BlockCipher::MODE_CTR
* *
* - \phpseclib\Crypt\Base::MODE_CFB * - \phpseclib\Crypt\Common\BlockCipher::MODE_CFB
* *
* - \phpseclib\Crypt\Base::MODE_OFB * - \phpseclib\Crypt\Common\BlockCipher::MODE_OFB
* *
* - \phpseclib\Crypt\TripleDES::MODE_3CB * - \phpseclib\Crypt\TripleDES::MODE_3CB
* *
* @see \phpseclib\Crypt\DES::__construct() * @see \phpseclib\Crypt\DES::__construct()
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @param int $mode * @param int $mode
* @access public * @access public
*/ */
@ -155,14 +155,14 @@ class TripleDES extends DES
// In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC // In case of self::MODE_3CBC, we init as CRYPT_DES_MODE_CBC
// and additional flag us internally as 3CBC // and additional flag us internally as 3CBC
case self::MODE_3CBC: case self::MODE_3CBC:
parent::__construct(Base::MODE_CBC); parent::__construct(self::MODE_CBC);
$this->mode_3cbc = true; $this->mode_3cbc = true;
// This three $des'es will do the 3CBC work (if $key > 64bits) // This three $des'es will do the 3CBC work (if $key > 64bits)
$this->des = array( $this->des = array(
new DES(Base::MODE_CBC), new DES(self::MODE_CBC),
new DES(Base::MODE_CBC), new DES(self::MODE_CBC),
new DES(Base::MODE_CBC), new DES(self::MODE_CBC),
); );
// we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects // we're going to be doing the padding, ourselves, so disable it in the \phpseclib\Crypt\DES objects
@ -179,9 +179,9 @@ class TripleDES extends DES
/** /**
* Test for engine validity * Test for engine validity
* *
* This is mainly just a wrapper to set things up for \phpseclib\Crypt\Base::isValidEngine() * This is mainly just a wrapper to set things up for \phpseclib\Crypt\Common\SymmetricKey::isValidEngine()
* *
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @param int $engine * @param int $engine
* @access public * @access public
* @return bool * @return bool
@ -200,9 +200,9 @@ class TripleDES extends DES
/** /**
* Sets the initialization vector. * Sets the initialization vector.
* *
* SetIV is not required when \phpseclib\Crypt\Base::MODE_ECB is being used. * SetIV is not required when \phpseclib\Crypt\Common\SymmetricKey::MODE_ECB is being used.
* *
* @see \phpseclib\Crypt\Base::setIV() * @see \phpseclib\Crypt\Common\SymmetricKey::setIV()
* @access public * @access public
* @param string $iv * @param string $iv
*/ */
@ -223,7 +223,7 @@ class TripleDES extends DES
* *
* If you want to use a 64-bit key use DES.php * If you want to use a 64-bit key use DES.php
* *
* @see \phpseclib\Crypt\Base:setKeyLength() * @see \phpseclib\Crypt\Common\SymmetricKey:setKeyLength()
* @access public * @access public
* @throws \LengthException if the key length is invalid * @throws \LengthException if the key length is invalid
* @param int $length * @param int $length
@ -250,7 +250,7 @@ class TripleDES extends DES
* *
* @access public * @access public
* @see \phpseclib\Crypt\DES::setKey() * @see \phpseclib\Crypt\DES::setKey()
* @see \phpseclib\Crypt\Base::setKey() * @see \phpseclib\Crypt\Common\SymmetricKey::setKey()
* @throws \LengthException if the key length is invalid * @throws \LengthException if the key length is invalid
* @param string $key * @param string $key
*/ */
@ -269,7 +269,7 @@ class TripleDES extends DES
throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 24 are supported'); throw new \LengthException('Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16 or 24 are supported');
} }
// copied from Base::setKey() // copied from self::setKey()
$this->key = $key; $this->key = $key;
$this->key_length = strlen($key); $this->key_length = strlen($key);
$this->changed = true; $this->changed = true;
@ -285,7 +285,7 @@ class TripleDES extends DES
/** /**
* Encrypts a message. * Encrypts a message.
* *
* @see \phpseclib\Crypt\Base::encrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::encrypt()
* @access public * @access public
* @param string $plaintext * @param string $plaintext
* @return string $cipertext * @return string $cipertext
@ -312,7 +312,7 @@ class TripleDES extends DES
/** /**
* Decrypts a message. * Decrypts a message.
* *
* @see \phpseclib\Crypt\Base::decrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::decrypt()
* @access public * @access public
* @param string $ciphertext * @param string $ciphertext
* @return string $plaintext * @return string $plaintext
@ -368,7 +368,7 @@ class TripleDES extends DES
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
* however, they are also less intuitive and more likely to cause you problems. * however, they are also less intuitive and more likely to cause you problems.
* *
* @see \phpseclib\Crypt\Base::enableContinuousBuffer() * @see \phpseclib\Crypt\Common\SymmetricKey::enableContinuousBuffer()
* @see self::disableContinuousBuffer() * @see self::disableContinuousBuffer()
* @access public * @access public
*/ */
@ -387,7 +387,7 @@ class TripleDES extends DES
* *
* The default behavior. * The default behavior.
* *
* @see \phpseclib\Crypt\Base::disableContinuousBuffer() * @see \phpseclib\Crypt\Common\SymmetricKey::disableContinuousBuffer()
* @see self::enableContinuousBuffer() * @see self::enableContinuousBuffer()
* @access public * @access public
*/ */
@ -405,7 +405,7 @@ class TripleDES extends DES
* Creates the key schedule * Creates the key schedule
* *
* @see \phpseclib\Crypt\DES::_setupKey() * @see \phpseclib\Crypt\DES::_setupKey()
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()
@ -439,8 +439,8 @@ class TripleDES extends DES
/** /**
* Sets the internal crypt engine * Sets the internal crypt engine
* *
* @see \phpseclib\Crypt\Base::__construct() * @see \phpseclib\Crypt\Common\SymmetricKey::__construct()
* @see \phpseclib\Crypt\Base::setPreferredEngine() * @see \phpseclib\Crypt\Common\SymmetricKey::setPreferredEngine()
* @param int $engine * @param int $engine
* @access public * @access public
* @return int * @return int

12
phpseclib/Crypt/Twofish.php
View File

@ -37,6 +37,8 @@
namespace phpseclib\Crypt; namespace phpseclib\Crypt;
use phpseclib\Crypt\Common\BlockCipher;
/** /**
* Pure-PHP implementation of Twofish. * Pure-PHP implementation of Twofish.
* *
@ -45,12 +47,12 @@ namespace phpseclib\Crypt;
* @author Hans-Juergen Petrich <petrich@tronic-media.com> * @author Hans-Juergen Petrich <petrich@tronic-media.com>
* @access public * @access public
*/ */
class Twofish extends Base class Twofish extends BlockCipher
{ {
/** /**
* The mcrypt specific name of the cipher * The mcrypt specific name of the cipher
* *
* @see \phpseclib\Crypt\Base::cipher_name_mcrypt * @see \phpseclib\Crypt\Common\SymmetricKey::cipher_name_mcrypt
* @var string * @var string
* @access private * @access private
*/ */
@ -59,7 +61,7 @@ class Twofish extends Base
/** /**
* Optimizing value while CFB-encrypting * Optimizing value while CFB-encrypting
* *
* @see \phpseclib\Crypt\Base::cfb_init_len * @see \phpseclib\Crypt\Common\SymmetricKey::cfb_init_len
* @var int * @var int
* @access private * @access private
*/ */
@ -433,7 +435,7 @@ class Twofish extends Base
/** /**
* Setup the key (expansion) * Setup the key (expansion)
* *
* @see \phpseclib\Crypt\Base::_setupKey() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupKey()
* @access private * @access private
*/ */
function _setupKey() function _setupKey()
@ -700,7 +702,7 @@ class Twofish extends Base
/** /**
* Setup the performance-optimized function for de/encrypt() * Setup the performance-optimized function for de/encrypt()
* *
* @see \phpseclib\Crypt\Base::_setupInlineCrypt() * @see \phpseclib\Crypt\Common\SymmetricKey::_setupInlineCrypt()
* @access private * @access private
*/ */
function _setupInlineCrypt() function _setupInlineCrypt()

46
phpseclib/File/ASN1.php
View File

@ -26,6 +26,7 @@ namespace phpseclib\File;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\File\ASN1\Element; use phpseclib\File\ASN1\Element;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\ASN1 as Functions;
/** /**
* Pure-PHP ASN.1 Parser * Pure-PHP ASN.1 Parser
@ -884,7 +885,7 @@ class ASN1
*/ */
if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) {
$subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']);
$temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; $temp = $subtag . Functions::encodeLength(strlen($temp)) . $temp;
} else { } else {
$subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']);
$temp = $subtag . substr($temp, 1); $temp = $subtag . substr($temp, 1);
@ -918,7 +919,7 @@ class ASN1
if (isset($child['constant'])) { if (isset($child['constant'])) {
if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) {
$subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']); $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']);
$temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp; $temp = $subtag . Functions::encodeLength(strlen($temp)) . $temp;
} else { } else {
$subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']); $subtag = chr((self::CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']);
$temp = $subtag . substr($temp, 1); $temp = $subtag . substr($temp, 1);
@ -1089,34 +1090,14 @@ class ASN1
if (isset($mapping['cast'])) { if (isset($mapping['cast'])) {
if (isset($mapping['explicit']) || $mapping['type'] == self::TYPE_CHOICE) { if (isset($mapping['explicit']) || $mapping['type'] == self::TYPE_CHOICE) {
$value = chr($tag) . $this->_encodeLength(strlen($value)) . $value; $value = chr($tag) . Functions::encodeLength(strlen($value)) . $value;
$tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast']; $tag = ($mapping['class'] << 6) | 0x20 | $mapping['cast'];
} else { } else {
$tag = ($mapping['class'] << 6) | (ord($temp[0]) & 0x20) | $mapping['cast']; $tag = ($mapping['class'] << 6) | (ord($temp[0]) & 0x20) | $mapping['cast'];
} }
} }
return chr($tag) . $this->_encodeLength(strlen($value)) . $value; return chr($tag) . Functions::encodeLength(strlen($value)) . $value;
}
/**
* DER-encode the length
*
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 paragraph 8.1.3} for more information.
*
* @access private
* @param int $length
* @return string
*/
function _encodeLength($length)
{
if ($length <= 0x7F) {
return chr($length);
}
$temp = ltrim(pack('N', $length), chr(0));
return pack('Ca*', 0x80 | strlen($temp), $temp);
} }
/** /**
@ -1207,23 +1188,6 @@ class ASN1
$this->filters = $filters; $this->filters = $filters;
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* String type conversion * String type conversion
* *

3
phpseclib/Net/SCP.php
View File

@ -33,6 +33,7 @@
namespace phpseclib\Net; namespace phpseclib\Net;
use phpseclib\Exception\FileNotFoundException; use phpseclib\Exception\FileNotFoundException;
use phpseclib\Common\Functions\Strings;
/** /**
* Pure-PHP implementations of SCP. * Pure-PHP implementations of SCP.
@ -303,7 +304,7 @@ class SCP
switch ($response[SSH1::RESPONSE_TYPE]) { switch ($response[SSH1::RESPONSE_TYPE]) {
case NET_SSH1_SMSG_STDOUT_DATA: case NET_SSH1_SMSG_STDOUT_DATA:
extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA])); extract(unpack('Nlength', $response[SSH1::RESPONSE_DATA]));
return $this->ssh->_string_shift($response[SSH1::RESPONSE_DATA], $length); return Strings::shift($response[SSH1::RESPONSE_DATA], $length);
case NET_SSH1_SMSG_STDERR_DATA: case NET_SSH1_SMSG_STDERR_DATA:
break; break;
case NET_SSH1_SMSG_EXITSTATUS: case NET_SSH1_SMSG_EXITSTATUS:

85
phpseclib/Net/SFTP.php
View File

@ -39,6 +39,7 @@ namespace phpseclib\Net;
use ParagonIE\ConstantTime\Hex; use ParagonIE\ConstantTime\Hex;
use phpseclib\Exception\FileNotFoundException; use phpseclib\Exception\FileNotFoundException;
use phpseclib\Common\Functions\Strings;
/** /**
* Pure-PHP implementations of SFTP. * Pure-PHP implementations of SFTP.
@ -475,13 +476,13 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_VERSION'); throw new \UnexpectedValueException('Expected SSH_FXP_VERSION');
} }
extract(unpack('Nversion', $this->_string_shift($response, 4))); extract(unpack('Nversion', Strings::shift($response, 4)));
$this->version = $version; $this->version = $version;
while (!empty($response)) { while (!empty($response)) {
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$key = $this->_string_shift($response, $length); $key = Strings::shift($response, $length);
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$value = $this->_string_shift($response, $length); $value = Strings::shift($response, $length);
$this->extensions[$key] = $value; $this->extensions[$key] = $value;
} }
@ -590,14 +591,14 @@ class SFTP extends SSH2
function _logError($response, $status = -1) function _logError($response, $status = -1)
{ {
if ($status == -1) { if ($status == -1) {
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
} }
$error = $this->status_codes[$status]; $error = $this->status_codes[$status];
if ($this->version > 2) { if ($this->version > 2) {
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length); $this->sftp_errors[] = $error . ': ' . Strings::shift($response, $length);
} else { } else {
$this->sftp_errors[] = $error; $this->sftp_errors[] = $error;
} }
@ -644,9 +645,9 @@ class SFTP extends SSH2
// although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following
// should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks
// at is the first part and that part is defined the same in SFTP versions 3 through 6. // at is the first part and that part is defined the same in SFTP versions 3 through 6.
$this->_string_shift($response, 4); // skip over the count - it should be 1, anyway Strings::shift($response, 4); // skip over the count - it should be 1, anyway
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
return $this->_string_shift($response, $length); return Strings::shift($response, $length);
case NET_SFTP_STATUS: case NET_SFTP_STATUS:
$this->_logError($response); $this->_logError($response);
return false; return false;
@ -878,12 +879,12 @@ class SFTP extends SSH2
$response = $this->_get_sftp_packet(); $response = $this->_get_sftp_packet();
switch ($this->packet_type) { switch ($this->packet_type) {
case NET_SFTP_NAME: case NET_SFTP_NAME:
extract(unpack('Ncount', $this->_string_shift($response, 4))); extract(unpack('Ncount', Strings::shift($response, 4)));
for ($i = 0; $i < $count; $i++) { for ($i = 0; $i < $count; $i++) {
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$shortname = $this->_string_shift($response, $length); $shortname = Strings::shift($response, $length);
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$longname = $this->_string_shift($response, $length); $longname = Strings::shift($response, $length);
$attributes = $this->_parseAttributes($response); $attributes = $this->_parseAttributes($response);
if (!isset($attributes['type'])) { if (!isset($attributes['type'])) {
$fileType = $this->_parseLongname($longname); $fileType = $this->_parseLongname($longname);
@ -908,7 +909,7 @@ class SFTP extends SSH2
} }
break; break;
case NET_SFTP_STATUS: case NET_SFTP_STATUS:
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_EOF) { if ($status != NET_SFTP_STATUS_EOF) {
$this->_logError($response, $status); $this->_logError($response, $status);
return false; return false;
@ -1501,7 +1502,7 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_STATUS');
} }
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
return false; return false;
@ -1613,14 +1614,14 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
} }
extract(unpack('Ncount', $this->_string_shift($response, 4))); extract(unpack('Ncount', Strings::shift($response, 4)));
// the file isn't a symlink // the file isn't a symlink
if (!$count) { if (!$count) {
return false; return false;
} }
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
return $this->_string_shift($response, $length); return Strings::shift($response, $length);
} }
/** /**
@ -1653,7 +1654,7 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_STATUS');
} }
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
return false; return false;
@ -1716,7 +1717,7 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_STATUS');
} }
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
return false; return false;
@ -1753,7 +1754,7 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_STATUS');
} }
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED? // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED?
$this->_logError($response, $status); $this->_logError($response, $status);
@ -1979,7 +1980,7 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_STATUS');
} }
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
break; break;
@ -2010,7 +2011,7 @@ class SFTP extends SSH2
throw new \UnexpectedValueException('Expected SSH_FXP_STATUS'); throw new \UnexpectedValueException('Expected SSH_FXP_STATUS');
} }
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
return false; return false;
@ -2200,7 +2201,7 @@ class SFTP extends SSH2
} }
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
if (!$recursive) { if (!$recursive) {
@ -2625,7 +2626,7 @@ class SFTP extends SSH2
} }
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
extract(unpack('Nstatus', $this->_string_shift($response, 4))); extract(unpack('Nstatus', Strings::shift($response, 4)));
if ($status != NET_SFTP_STATUS_OK) { if ($status != NET_SFTP_STATUS_OK) {
$this->_logError($response, $status); $this->_logError($response, $status);
return false; return false;
@ -2652,7 +2653,7 @@ class SFTP extends SSH2
function _parseAttributes(&$response) function _parseAttributes(&$response)
{ {
$attr = array(); $attr = array();
extract(unpack('Nflags', $this->_string_shift($response, 4))); extract(unpack('Nflags', Strings::shift($response, 4)));
// SFTPv4+ have a type field (a byte) that follows the above flag field // SFTPv4+ have a type field (a byte) that follows the above flag field
foreach ($this->attributes as $key => $value) { foreach ($this->attributes as $key => $value) {
switch ($flags & $key) { switch ($flags & $key) {
@ -2663,13 +2664,13 @@ class SFTP extends SSH2
// IEEE 754 binary64 "double precision" on such platforms and // IEEE 754 binary64 "double precision" on such platforms and
// as such can represent integers of at least 2^50 without loss // as such can represent integers of at least 2^50 without loss
// of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB. // of precision. Interpreted in filesize, 2^50 bytes = 1024 TiB.
$attr['size'] = hexdec(Hex::encode($this->_string_shift($response, 8))); $attr['size'] = hexdec(Hex::encode(Strings::shift($response, 8)));
break; break;
case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only) case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
$attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8)); $attr+= unpack('Nuid/Ngid', Strings::shift($response, 8));
break; break;
case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004 case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
$attr+= unpack('Npermissions', $this->_string_shift($response, 4)); $attr+= unpack('Npermissions', Strings::shift($response, 4));
// mode == permissions; permissions was the original array key and is retained for bc purposes. // mode == permissions; permissions was the original array key and is retained for bc purposes.
// mode was added because that's the more industry standard terminology // mode was added because that's the more industry standard terminology
$attr+= array('mode' => $attr['permissions']); $attr+= array('mode' => $attr['permissions']);
@ -2679,15 +2680,15 @@ class SFTP extends SSH2
} }
break; break;
case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008 case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
$attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8)); $attr+= unpack('Natime/Nmtime', Strings::shift($response, 8));
break; break;
case NET_SFTP_ATTR_EXTENDED: // 0x80000000 case NET_SFTP_ATTR_EXTENDED: // 0x80000000
extract(unpack('Ncount', $this->_string_shift($response, 4))); extract(unpack('Ncount', Strings::shift($response, 4)));
for ($i = 0; $i < $count; $i++) { for ($i = 0; $i < $count; $i++) {
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$key = $this->_string_shift($response, $length); $key = Strings::shift($response, $length);
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$attr[$key] = $this->_string_shift($response, $length); $attr[$key] = Strings::shift($response, $length);
} }
} }
} }
@ -2839,7 +2840,7 @@ class SFTP extends SSH2
} }
$this->packet_buffer.= $temp; $this->packet_buffer.= $temp;
} }
extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4))); extract(unpack('Nlength', Strings::shift($this->packet_buffer, 4)));
$tempLength = $length; $tempLength = $length;
$tempLength-= strlen($this->packet_buffer); $tempLength-= strlen($this->packet_buffer);
@ -2857,16 +2858,16 @@ class SFTP extends SSH2
$stop = strtok(microtime(), ' ') + strtok(''); $stop = strtok(microtime(), ' ') + strtok('');
$this->packet_type = ord($this->_string_shift($this->packet_buffer)); $this->packet_type = ord(Strings::shift($this->packet_buffer));
if ($this->request_id !== false) { if ($this->request_id !== false) {
$this->_string_shift($this->packet_buffer, 4); // remove the request id Strings::shift($this->packet_buffer, 4); // remove the request id
$length-= 5; // account for the request id and the packet type $length-= 5; // account for the request id and the packet type
} else { } else {
$length-= 1; // account for the packet type $length-= 1; // account for the packet type
} }
$packet = $this->_string_shift($this->packet_buffer, $length); $packet = Strings::shift($this->packet_buffer, $length);
if (defined('NET_SFTP_LOGGING')) { if (defined('NET_SFTP_LOGGING')) {
$packet_type = '<- ' . $this->packet_types[$this->packet_type] . $packet_type = '<- ' . $this->packet_types[$this->packet_type] .

54
phpseclib/Net/SSH1.php
View File

@ -53,6 +53,7 @@ use phpseclib\Crypt\DES;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
use phpseclib\Crypt\TripleDES; use phpseclib\Crypt\TripleDES;
use phpseclib\Math\BigInteger; use phpseclib\Math\BigInteger;
use phpseclib\Common\Functions\Strings;
/** /**
* Pure-PHP implementation of SSHv1. * Pure-PHP implementation of SSHv1.
@ -570,32 +571,32 @@ class SSH1
throw new \UnexpectedValueException('Expected SSH_SMSG_PUBLIC_KEY'); throw new \UnexpectedValueException('Expected SSH_SMSG_PUBLIC_KEY');
} }
$anti_spoofing_cookie = $this->_string_shift($response[self::RESPONSE_DATA], 8); $anti_spoofing_cookie = Strings::shift($response[self::RESPONSE_DATA], 8);
$this->_string_shift($response[self::RESPONSE_DATA], 4); Strings::shift($response[self::RESPONSE_DATA], 4);
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); $temp = unpack('nlen', Strings::shift($response[self::RESPONSE_DATA], 2));
$server_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $server_key_public_exponent = new BigInteger(Strings::shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
$this->server_key_public_exponent = $server_key_public_exponent; $this->server_key_public_exponent = $server_key_public_exponent;
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); $temp = unpack('nlen', Strings::shift($response[self::RESPONSE_DATA], 2));
$server_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $server_key_public_modulus = new BigInteger(Strings::shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
$this->server_key_public_modulus = $server_key_public_modulus; $this->server_key_public_modulus = $server_key_public_modulus;
$this->_string_shift($response[self::RESPONSE_DATA], 4); Strings::shift($response[self::RESPONSE_DATA], 4);
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); $temp = unpack('nlen', Strings::shift($response[self::RESPONSE_DATA], 2));
$host_key_public_exponent = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $host_key_public_exponent = new BigInteger(Strings::shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
$this->host_key_public_exponent = $host_key_public_exponent; $this->host_key_public_exponent = $host_key_public_exponent;
$temp = unpack('nlen', $this->_string_shift($response[self::RESPONSE_DATA], 2)); $temp = unpack('nlen', Strings::shift($response[self::RESPONSE_DATA], 2));
$host_key_public_modulus = new BigInteger($this->_string_shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256); $host_key_public_modulus = new BigInteger(Strings::shift($response[self::RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
$this->host_key_public_modulus = $host_key_public_modulus; $this->host_key_public_modulus = $host_key_public_modulus;
$this->_string_shift($response[self::RESPONSE_DATA], 4); Strings::shift($response[self::RESPONSE_DATA], 4);
// get a list of the supported ciphers // get a list of the supported ciphers
extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4))); extract(unpack('Nsupported_ciphers_mask', Strings::shift($response[self::RESPONSE_DATA], 4)));
foreach ($this->supported_ciphers as $mask => $name) { foreach ($this->supported_ciphers as $mask => $name) {
if (($supported_ciphers_mask & (1 << $mask)) == 0) { if (($supported_ciphers_mask & (1 << $mask)) == 0) {
unset($this->supported_ciphers[$mask]); unset($this->supported_ciphers[$mask]);
@ -603,7 +604,7 @@ class SSH1
} }
// get a list of the supported authentications // get a list of the supported authentications
extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[self::RESPONSE_DATA], 4))); extract(unpack('Nsupported_authentications_mask', Strings::shift($response[self::RESPONSE_DATA], 4)));
foreach ($this->supported_authentications as $mask => $name) { foreach ($this->supported_authentications as $mask => $name) {
if (($supported_authentications_mask & (1 << $mask)) == 0) { if (($supported_authentications_mask & (1 << $mask)) == 0) {
unset($this->supported_authentications[$mask]); unset($this->supported_authentications[$mask]);
@ -920,12 +921,12 @@ class SSH1
} }
$pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false;
if ($pos !== false) { if ($pos !== false) {
return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match)); return Strings::shift($this->interactiveBuffer, $pos + strlen($match));
} }
$response = $this->_get_binary_packet(); $response = $this->_get_binary_packet();
if ($response === true) { if ($response === true) {
return $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)); return Strings::shift($this->interactiveBuffer, strlen($this->interactiveBuffer));
} }
$this->interactiveBuffer.= substr($response[self::RESPONSE_DATA], 4); $this->interactiveBuffer.= substr($response[self::RESPONSE_DATA], 4);
} }
@ -1272,23 +1273,6 @@ class SSH1
return $crc; return $crc;
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* RSA Encrypt * RSA Encrypt
* *
@ -1409,7 +1393,7 @@ class SSH1
if (strlen($current_log)) { if (strlen($current_log)) {
$output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 ';
} }
$fragment = $this->_string_shift($current_log, $this->log_short_width); $fragment = Strings::shift($current_log, $this->log_short_width);
$hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary));
// replace non ASCII printable characters with dots // replace non ASCII printable characters with dots
// http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters
@ -1559,7 +1543,7 @@ class SSH1
// the most useful log for SSH1 // the most useful log for SSH1
case self::LOG_COMPLEX: case self::LOG_COMPLEX:
$this->protocol_flags_log[] = $protocol_flags; $this->protocol_flags_log[] = $protocol_flags;
$this->_string_shift($message); Strings::shift($message);
$this->log_size+= strlen($message); $this->log_size+= strlen($message);
$this->message_log[] = $message; $this->message_log[] = $message;
while ($this->log_size > self::LOG_MAX_SIZE) { while ($this->log_size > self::LOG_MAX_SIZE) {

302
phpseclib/Net/SSH2.php
View File

@ -50,7 +50,7 @@
namespace phpseclib\Net; namespace phpseclib\Net;
use ParagonIE\ConstantTime\Base64; use ParagonIE\ConstantTime\Base64;
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\Blowfish; use phpseclib\Crypt\Blowfish;
use phpseclib\Crypt\Hash; use phpseclib\Crypt\Hash;
use phpseclib\Crypt\Random; use phpseclib\Crypt\Random;
@ -62,6 +62,7 @@ use phpseclib\Crypt\Twofish;
use phpseclib\Math\BigInteger; // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification. use phpseclib\Math\BigInteger; // Used to do Diffie-Hellman key exchange and DSA/RSA signature verification.
use phpseclib\System\SSH\Agent; use phpseclib\System\SSH\Agent;
use phpseclib\Exception\NoSupportedAlgorithmsException; use phpseclib\Exception\NoSupportedAlgorithmsException;
use phpseclib\Common\Functions\Strings;
/** /**
* Pure-PHP implementation of SSHv2. * Pure-PHP implementation of SSHv2.
@ -1313,40 +1314,40 @@ class SSH2
$client_cookie = Random::string(16); $client_cookie = Random::string(16);
$response = $kexinit_payload_server; $response = $kexinit_payload_server;
$this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT) Strings::shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
$server_cookie = $this->_string_shift($response, 16); $server_cookie = Strings::shift($response, 16);
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); $this->kex_algorithms = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length'])); $this->server_host_key_algorithms = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); $this->encryption_algorithms_client_to_server = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); $this->encryption_algorithms_server_to_client = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); $this->mac_algorithms_client_to_server = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); $this->mac_algorithms_server_to_client = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); $this->compression_algorithms_client_to_server = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); $this->compression_algorithms_server_to_client = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length'])); $this->languages_client_to_server = explode(',', Strings::shift($response, $temp['length']));
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length'])); $this->languages_server_to_client = explode(',', Strings::shift($response, $temp['length']));
extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1))); extract(unpack('Cfirst_kex_packet_follows', Strings::shift($response, 1)));
$first_kex_packet_follows = $first_kex_packet_follows != 0; $first_kex_packet_follows = $first_kex_packet_follows != 0;
// the sending of SSH2_MSG_KEXINIT could go in one of two places. this is the second place. // the sending of SSH2_MSG_KEXINIT could go in one of two places. this is the second place.
@ -1439,18 +1440,18 @@ class SSH2
user_error('Connection closed by server'); user_error('Connection closed by server');
return false; return false;
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) {
user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP'); user_error('Expected SSH_MSG_KEX_DH_GEX_GROUP');
return false; return false;
} }
extract(unpack('NprimeLength', $this->_string_shift($response, 4))); extract(unpack('NprimeLength', Strings::shift($response, 4)));
$primeBytes = $this->_string_shift($response, $primeLength); $primeBytes = Strings::shift($response, $primeLength);
$prime = new BigInteger($primeBytes, -256); $prime = new BigInteger($primeBytes, -256);
extract(unpack('NgLength', $this->_string_shift($response, 4))); extract(unpack('NgLength', Strings::shift($response, 4)));
$gBytes = $this->_string_shift($response, $gLength); $gBytes = Strings::shift($response, $gLength);
$g = new BigInteger($gBytes, -256); $g = new BigInteger($gBytes, -256);
$exchange_hash_rfc4419 = pack( $exchange_hash_rfc4419 = pack(
@ -1529,26 +1530,26 @@ class SSH2
if ($response === false) { if ($response === false) {
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
if ($type != $serverKexReplyMessage) { if ($type != $serverKexReplyMessage) {
throw new \UnexpectedValueException('Expected SSH_MSG_KEXDH_REPLY'); throw new \UnexpectedValueException('Expected SSH_MSG_KEXDH_REPLY');
} }
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']); $this->server_public_host_key = $server_public_host_key = Strings::shift($response, $temp['length']);
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$public_key_format = $this->_string_shift($server_public_host_key, $temp['length']); $public_key_format = Strings::shift($server_public_host_key, $temp['length']);
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$fBytes = $this->_string_shift($response, $temp['length']); $fBytes = Strings::shift($response, $temp['length']);
$temp = unpack('Nlength', $this->_string_shift($response, 4)); $temp = unpack('Nlength', Strings::shift($response, 4));
$this->signature = $this->_string_shift($response, $temp['length']); $this->signature = Strings::shift($response, $temp['length']);
$temp = unpack('Nlength', $this->_string_shift($this->signature, 4)); $temp = unpack('Nlength', Strings::shift($this->signature, 4));
$this->signature_format = $this->_string_shift($this->signature, $temp['length']); $this->signature_format = Strings::shift($this->signature, $temp['length']);
if ($kex_algorithm === 'curve25519-sha256@libssh.org') { if ($kex_algorithm === 'curve25519-sha256@libssh.org') {
if (strlen($fBytes) !== 32) { if (strlen($fBytes) !== 32) {
@ -1616,7 +1617,7 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
if ($type != NET_SSH2_MSG_NEWKEYS) { if ($type != NET_SSH2_MSG_NEWKEYS) {
throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS');
@ -1834,30 +1835,30 @@ class SSH2
{ {
switch ($algorithm) { switch ($algorithm) {
case '3des-cbc': case '3des-cbc':
return new TripleDES(Base::MODE_CBC); return new TripleDES(BlockCipher::MODE_CBC);
case '3des-ctr': case '3des-ctr':
return new TripleDES(Base::MODE_CTR); return new TripleDES(BlockCipher::MODE_CTR);
case 'aes256-cbc': case 'aes256-cbc':
case 'aes192-cbc': case 'aes192-cbc':
case 'aes128-cbc': case 'aes128-cbc':
return new Rijndael(Base::MODE_CBC); return new Rijndael(BlockCipher::MODE_CBC);
case 'aes256-ctr': case 'aes256-ctr':
case 'aes192-ctr': case 'aes192-ctr':
case 'aes128-ctr': case 'aes128-ctr':
return new Rijndael(Base::MODE_CTR); return new Rijndael(BlockCipher::MODE_CTR);
case 'blowfish-cbc': case 'blowfish-cbc':
return new Blowfish(Base::MODE_CBC); return new Blowfish(BlockCipher::MODE_CBC);
case 'blowfish-ctr': case 'blowfish-ctr':
return new Blowfish(Base::MODE_CTR); return new Blowfish(BlockCipher::MODE_CTR);
case 'twofish128-cbc': case 'twofish128-cbc':
case 'twofish192-cbc': case 'twofish192-cbc':
case 'twofish256-cbc': case 'twofish256-cbc':
case 'twofish-cbc': case 'twofish-cbc':
return new Twofish(Base::MODE_CBC); return new Twofish(BlockCipher::MODE_CBC);
case 'twofish128-ctr': case 'twofish128-ctr':
case 'twofish192-ctr': case 'twofish192-ctr':
case 'twofish256-ctr': case 'twofish256-ctr':
return new Twofish(Base::MODE_CTR); return new Twofish(BlockCipher::MODE_CTR);
case 'arcfour': case 'arcfour':
case 'arcfour128': case 'arcfour128':
case 'arcfour256': case 'arcfour256':
@ -1950,7 +1951,7 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) { if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT'); throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT');
@ -1997,7 +1998,7 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_USERAUTH_SUCCESS: case NET_SSH2_MSG_USERAUTH_SUCCESS:
@ -2051,22 +2052,22 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed
if (defined('NET_SSH2_LOGGING')) { if (defined('NET_SSH2_LOGGING')) {
$this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'; $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ';
} }
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length)); $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode(Strings::shift($response, $length));
return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER); return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
case NET_SSH2_MSG_USERAUTH_FAILURE: case NET_SSH2_MSG_USERAUTH_FAILURE:
// can we use keyboard-interactive authentication? if not then either the login is bad or the server employees // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees
// multi-factor authentication // multi-factor authentication
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$auth_methods = explode(',', $this->_string_shift($response, $length)); $auth_methods = explode(',', Strings::shift($response, $length));
extract(unpack('Cpartial_success', $this->_string_shift($response, 1))); extract(unpack('Cpartial_success', Strings::shift($response, 1)));
$partial_success = $partial_success != 0; $partial_success = $partial_success != 0;
if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) { if (!$partial_success && in_array('keyboard-interactive', $auth_methods)) {
@ -2140,17 +2141,17 @@ class SSH2
} }
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_USERAUTH_INFO_REQUEST: case NET_SSH2_MSG_USERAUTH_INFO_REQUEST:
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->_string_shift($response, $length); // name; may be empty Strings::shift($response, $length); // name; may be empty
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->_string_shift($response, $length); // instruction; may be empty Strings::shift($response, $length); // instruction; may be empty
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->_string_shift($response, $length); // language tag; may be empty Strings::shift($response, $length); // language tag; may be empty
extract(unpack('Nnum_prompts', $this->_string_shift($response, 4))); extract(unpack('Nnum_prompts', Strings::shift($response, 4)));
for ($i = 0; $i < count($responses); $i++) { for ($i = 0; $i < count($responses); $i++) {
if (is_array($responses[$i])) { if (is_array($responses[$i])) {
@ -2164,10 +2165,10 @@ class SSH2
if (isset($this->keyboard_requests_responses)) { if (isset($this->keyboard_requests_responses)) {
for ($i = 0; $i < $num_prompts; $i++) { for ($i = 0; $i < $num_prompts; $i++) {
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
// prompt - ie. "Password: "; must not be empty // prompt - ie. "Password: "; must not be empty
$prompt = $this->_string_shift($response, $length); $prompt = Strings::shift($response, $length);
//$echo = $this->_string_shift($response) != chr(0); //$echo = Strings::shift($response) != chr(0);
foreach ($this->keyboard_requests_responses as $key => $value) { foreach ($this->keyboard_requests_responses as $key => $value) {
if (substr($prompt, 0, strlen($key)) == $key) { if (substr($prompt, 0, strlen($key)) == $key) {
$responses[] = $value; $responses[] = $value;
@ -2309,12 +2310,12 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_USERAUTH_FAILURE: case NET_SSH2_MSG_USERAUTH_FAILURE:
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length); $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . Strings::shift($response, $length);
return false; return false;
case NET_SSH2_MSG_USERAUTH_PK_OK: case NET_SSH2_MSG_USERAUTH_PK_OK:
// we'll just take it on faith that the public key blob and the public key algorithm name are as // we'll just take it on faith that the public key blob and the public key algorithm name are as
@ -2343,7 +2344,7 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_USERAUTH_FAILURE: case NET_SSH2_MSG_USERAUTH_FAILURE:
@ -2461,7 +2462,7 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
list(, $type) = unpack('C', $this->_string_shift($response, 1)); list(, $type) = unpack('C', Strings::shift($response, 1));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_CHANNEL_SUCCESS: case NET_SSH2_MSG_CHANNEL_SUCCESS:
@ -2598,7 +2599,7 @@ class SSH2
throw new \RuntimeException('Connection closed by server'); throw new \RuntimeException('Connection closed by server');
} }
list(, $type) = unpack('C', $this->_string_shift($response, 1)); list(, $type) = unpack('C', Strings::shift($response, 1));
switch ($type) { switch ($type) {
case NET_SSH2_MSG_CHANNEL_SUCCESS: case NET_SSH2_MSG_CHANNEL_SUCCESS:
@ -2710,12 +2711,12 @@ class SSH2
} }
$pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false; $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false;
if ($pos !== false) { if ($pos !== false) {
return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match)); return Strings::shift($this->interactiveBuffer, $pos + strlen($match));
} }
$response = $this->_get_channel_packet($channel); $response = $this->_get_channel_packet($channel);
if (is_bool($response)) { if (is_bool($response)) {
$this->in_request_pty_exec = false; $this->in_request_pty_exec = false;
return $response ? $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)) : false; return $response ? Strings::shift($this->interactiveBuffer, strlen($this->interactiveBuffer)) : false;
} }
$this->interactiveBuffer.= $response; $this->interactiveBuffer.= $response;
@ -2931,7 +2932,7 @@ class SSH2
throw new \RuntimeException('Unable to decrypt content'); throw new \RuntimeException('Unable to decrypt content');
} }
extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5))); extract(unpack('Npacket_length/Cpadding_length', Strings::shift($raw, 5)));
$remaining_length = $packet_length + 4 - $this->decrypt_block_size; $remaining_length = $packet_length + 4 - $this->decrypt_block_size;
@ -2957,8 +2958,8 @@ class SSH2
$raw.= $this->decrypt !== false ? $this->decrypt->decrypt($buffer) : $buffer; $raw.= $this->decrypt !== false ? $this->decrypt->decrypt($buffer) : $buffer;
} }
$payload = $this->_string_shift($raw, $packet_length - $padding_length - 1); $payload = Strings::shift($raw, $packet_length - $padding_length - 1);
$padding = $this->_string_shift($raw, $padding_length); // should leave $raw empty $padding = Strings::shift($raw, $padding_length); // should leave $raw empty
if ($this->hmac_check !== false) { if ($this->hmac_check !== false) {
$hmac = stream_get_contents($this->fsock, $this->hmac_size); $hmac = stream_get_contents($this->fsock, $this->hmac_size);
@ -3001,18 +3002,18 @@ class SSH2
{ {
switch (ord($payload[0])) { switch (ord($payload[0])) {
case NET_SSH2_MSG_DISCONNECT: case NET_SSH2_MSG_DISCONNECT:
$this->_string_shift($payload, 1); Strings::shift($payload, 1);
extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8))); extract(unpack('Nreason_code/Nlength', Strings::shift($payload, 8)));
$this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length)); $this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode(Strings::shift($payload, $length));
$this->bitmap = 0; $this->bitmap = 0;
return false; return false;
case NET_SSH2_MSG_IGNORE: case NET_SSH2_MSG_IGNORE:
$payload = $this->_get_binary_packet(); $payload = $this->_get_binary_packet();
break; break;
case NET_SSH2_MSG_DEBUG: case NET_SSH2_MSG_DEBUG:
$this->_string_shift($payload, 2); Strings::shift($payload, 2);
extract(unpack('Nlength', $this->_string_shift($payload, 4))); extract(unpack('Nlength', Strings::shift($payload, 4)));
$this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length)); $this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode(Strings::shift($payload, $length));
$payload = $this->_get_binary_packet(); $payload = $this->_get_binary_packet();
break; break;
case NET_SSH2_MSG_UNIMPLEMENTED: case NET_SSH2_MSG_UNIMPLEMENTED:
@ -3029,9 +3030,9 @@ class SSH2
// see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in
if (($this->bitmap & self::MASK_CONNECTED) && !($this->bitmap & self::MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { if (($this->bitmap & self::MASK_CONNECTED) && !($this->bitmap & self::MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
$this->_string_shift($payload, 1); Strings::shift($payload, 1);
extract(unpack('Nlength', $this->_string_shift($payload, 4))); extract(unpack('Nlength', Strings::shift($payload, 4)));
$this->banner_message = utf8_decode($this->_string_shift($payload, $length)); $this->banner_message = utf8_decode(Strings::shift($payload, $length));
$payload = $this->_get_binary_packet(); $payload = $this->_get_binary_packet();
} }
@ -3039,8 +3040,8 @@ class SSH2
if (($this->bitmap & self::MASK_CONNECTED) && ($this->bitmap & self::MASK_LOGIN)) { if (($this->bitmap & self::MASK_CONNECTED) && ($this->bitmap & self::MASK_LOGIN)) {
switch (ord($payload[0])) { switch (ord($payload[0])) {
case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4
extract(unpack('Nlength', $this->_string_shift($payload, 4))); extract(unpack('Nlength', Strings::shift($payload, 4)));
$this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . $this->_string_shift($payload, $length); $this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . Strings::shift($payload, $length);
if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) { if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) {
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION); return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
@ -3049,18 +3050,18 @@ class SSH2
$payload = $this->_get_binary_packet(); $payload = $this->_get_binary_packet();
break; break;
case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1
$this->_string_shift($payload, 1); Strings::shift($payload, 1);
extract(unpack('Nlength', $this->_string_shift($payload, 4))); extract(unpack('Nlength', Strings::shift($payload, 4)));
$data = $this->_string_shift($payload, $length); $data = Strings::shift($payload, $length);
extract(unpack('Nserver_channel', $this->_string_shift($payload, 4))); extract(unpack('Nserver_channel', Strings::shift($payload, 4)));
switch ($data) { switch ($data) {
case 'auth-agent': case 'auth-agent':
case 'auth-agent@openssh.com': case 'auth-agent@openssh.com':
if (isset($this->agent)) { if (isset($this->agent)) {
$new_channel = self::CHANNEL_AGENT_FORWARD; $new_channel = self::CHANNEL_AGENT_FORWARD;
extract(unpack('Nremote_window_size', $this->_string_shift($payload, 4))); extract(unpack('Nremote_window_size', Strings::shift($payload, 4)));
extract(unpack('Nremote_maximum_packet_size', $this->_string_shift($payload, 4))); extract(unpack('Nremote_maximum_packet_size', Strings::shift($payload, 4)));
$this->packet_size_client_to_server[$new_channel] = $remote_window_size; $this->packet_size_client_to_server[$new_channel] = $remote_window_size;
$this->window_size_server_to_client[$new_channel] = $remote_maximum_packet_size; $this->window_size_server_to_client[$new_channel] = $remote_maximum_packet_size;
@ -3103,9 +3104,9 @@ class SSH2
$payload = $this->_get_binary_packet(); $payload = $this->_get_binary_packet();
break; break;
case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST:
$this->_string_shift($payload, 1); Strings::shift($payload, 1);
extract(unpack('Nchannel', $this->_string_shift($payload, 4))); extract(unpack('Nchannel', Strings::shift($payload, 4)));
extract(unpack('Nwindow_size', $this->_string_shift($payload, 4))); extract(unpack('Nwindow_size', Strings::shift($payload, 4)));
$this->window_size_client_to_server[$channel]+= $window_size; $this->window_size_client_to_server[$channel]+= $window_size;
$payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->_get_binary_packet(); $payload = ($this->bitmap & self::MASK_WINDOW_ADJUST) ? true : $this->_get_binary_packet();
@ -3234,12 +3235,12 @@ class SSH2
return ''; return '';
} }
extract(unpack('Ctype', $this->_string_shift($response, 1))); extract(unpack('Ctype', Strings::shift($response, 1)));
if ($type == NET_SSH2_MSG_CHANNEL_OPEN) { if ($type == NET_SSH2_MSG_CHANNEL_OPEN) {
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
} else { } else {
extract(unpack('Nchannel', $this->_string_shift($response, 4))); extract(unpack('Nchannel', Strings::shift($response, 4)));
} }
// will not be setup yet on incoming channel open request // will not be setup yet on incoming channel open request
@ -3259,15 +3260,15 @@ class SSH2
case NET_SSH2_MSG_CHANNEL_OPEN: case NET_SSH2_MSG_CHANNEL_OPEN:
switch ($type) { switch ($type) {
case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION: case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION:
extract(unpack('Nserver_channel', $this->_string_shift($response, 4))); extract(unpack('Nserver_channel', Strings::shift($response, 4)));
$this->server_channels[$channel] = $server_channel; $this->server_channels[$channel] = $server_channel;
extract(unpack('Nwindow_size', $this->_string_shift($response, 4))); extract(unpack('Nwindow_size', Strings::shift($response, 4)));
if ($window_size < 0) { if ($window_size < 0) {
$window_size&= 0x7FFFFFFF; $window_size&= 0x7FFFFFFF;
$window_size+= 0x80000000; $window_size+= 0x80000000;
} }
$this->window_size_client_to_server[$channel] = $window_size; $this->window_size_client_to_server[$channel] = $window_size;
$temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4)); $temp = unpack('Npacket_size_client_to_server', Strings::shift($response, 4));
$this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server']; $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server'];
$result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended); $result = $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended);
$this->_on_channel_open(); $this->_on_channel_open();
@ -3306,8 +3307,8 @@ class SSH2
$this->_send_channel_packet($channel, chr(0)); $this->_send_channel_packet($channel, chr(0));
} }
*/ */
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$data = $this->_string_shift($response, $length); $data = Strings::shift($response, $length);
if ($channel == self::CHANNEL_AGENT_FORWARD) { if ($channel == self::CHANNEL_AGENT_FORWARD) {
$agent_response = $this->agent->_forward_data($data); $agent_response = $this->agent->_forward_data($data);
@ -3332,8 +3333,8 @@ class SSH2
} }
*/ */
// currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8))); extract(unpack('Ndata_type_code/Nlength', Strings::shift($response, 8)));
$data = $this->_string_shift($response, $length); $data = Strings::shift($response, $length);
$this->stdErrorLog.= $data; $this->stdErrorLog.= $data;
if ($skip_extended || $this->quiet_mode) { if ($skip_extended || $this->quiet_mode) {
break; break;
@ -3347,17 +3348,17 @@ class SSH2
$this->channel_buffers[$channel][] = $data; $this->channel_buffers[$channel][] = $data;
break; break;
case NET_SSH2_MSG_CHANNEL_REQUEST: case NET_SSH2_MSG_CHANNEL_REQUEST:
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$value = $this->_string_shift($response, $length); $value = Strings::shift($response, $length);
switch ($value) { switch ($value) {
case 'exit-signal': case 'exit-signal':
$this->_string_shift($response, 1); Strings::shift($response, 1);
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
$this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length); $this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . Strings::shift($response, $length);
$this->_string_shift($response, 1); Strings::shift($response, 1);
extract(unpack('Nlength', $this->_string_shift($response, 4))); extract(unpack('Nlength', Strings::shift($response, 4)));
if ($length) { if ($length) {
$this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length); $this->errors[count($this->errors)].= "\r\n" . Strings::shift($response, $length);
} }
$this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel]));
@ -3367,7 +3368,7 @@ class SSH2
break; break;
case 'exit-status': case 'exit-status':
extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5))); extract(unpack('Cfalse/Nexit_status', Strings::shift($response, 5)));
$this->exit_status = $exit_status; $this->exit_status = $exit_status;
// "The client MAY ignore these messages." // "The client MAY ignore these messages."
@ -3475,7 +3476,7 @@ class SSH2
{ {
// remove the byte identifying the message type from all but the first two messages (ie. the identification strings) // remove the byte identifying the message type from all but the first two messages (ie. the identification strings)
if (strlen($message_number) > 2) { if (strlen($message_number) > 2) {
$this->_string_shift($message); Strings::shift($message);
} }
switch (NET_SSH2_LOGGING) { switch (NET_SSH2_LOGGING) {
@ -3568,7 +3569,7 @@ class SSH2
$this->window_size_client_to_server[$client_channel] $this->window_size_client_to_server[$client_channel]
); );
$temp = $this->_string_shift($data, $max_size); $temp = Strings::shift($data, $max_size);
$packet = pack( $packet = pack(
'CN2a*', 'CN2a*',
NET_SSH2_MSG_CHANNEL_DATA, NET_SSH2_MSG_CHANNEL_DATA,
@ -3641,23 +3642,6 @@ class SSH2
} }
} }
/**
* String Shift
*
* Inspired by array_shift
*
* @param string $string
* @param int $index
* @return string
* @access private
*/
function _string_shift(&$string, $index = 1)
{
$substr = substr($string, 0, $index);
$string = substr($string, $index);
return $substr;
}
/** /**
* Define Array * Define Array
* *
@ -3727,7 +3711,7 @@ class SSH2
if (strlen($current_log)) { if (strlen($current_log)) {
$output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 '; $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 ';
} }
$fragment = $this->_string_shift($current_log, $this->log_short_width); $fragment = Strings::shift($current_log, $this->log_short_width);
$hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary)); $hex = substr(preg_replace_callback('#.#s', array($this, '_format_log_helper'), $fragment), strlen($this->log_boundary));
// replace non ASCII printable characters with dots // replace non ASCII printable characters with dots
// http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters
@ -3996,8 +3980,8 @@ class SSH2
$signature = $this->signature; $signature = $this->signature;
$server_public_host_key = $this->server_public_host_key; $server_public_host_key = $this->server_public_host_key;
extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4))); extract(unpack('Nlength', Strings::shift($server_public_host_key, 4)));
$this->_string_shift($server_public_host_key, $length); Strings::shift($server_public_host_key, $length);
if ($this->signature_validated) { if ($this->signature_validated) {
return $this->bitmap ? return $this->bitmap ?
@ -4011,29 +3995,29 @@ class SSH2
case 'ssh-dss': case 'ssh-dss':
$zero = new BigInteger(); $zero = new BigInteger();
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$p = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); $p = new BigInteger(Strings::shift($server_public_host_key, $temp['length']), -256);
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$q = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); $q = new BigInteger(Strings::shift($server_public_host_key, $temp['length']), -256);
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$g = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); $g = new BigInteger(Strings::shift($server_public_host_key, $temp['length']), -256);
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$y = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); $y = new BigInteger(Strings::shift($server_public_host_key, $temp['length']), -256);
/* The value for 'dss_signature_blob' is encoded as a string containing /* The value for 'dss_signature_blob' is encoded as a string containing
r, followed by s (which are 160-bit integers, without lengths or r, followed by s (which are 160-bit integers, without lengths or
padding, unsigned, and in network byte order). */ padding, unsigned, and in network byte order). */
$temp = unpack('Nlength', $this->_string_shift($signature, 4)); $temp = unpack('Nlength', Strings::shift($signature, 4));
if ($temp['length'] != 40) { if ($temp['length'] != 40) {
$this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
throw new \RuntimeException('Invalid signature'); throw new \RuntimeException('Invalid signature');
} }
$r = new BigInteger($this->_string_shift($signature, 20), 256); $r = new BigInteger(Strings::shift($signature, 20), 256);
$s = new BigInteger($this->_string_shift($signature, 20), 256); $s = new BigInteger(Strings::shift($signature, 20), 256);
switch (true) { switch (true) {
case $r->equals($zero): case $r->equals($zero):
@ -4066,17 +4050,17 @@ class SSH2
break; break;
case 'ssh-rsa': case 'ssh-rsa':
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$e = new BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256); $e = new BigInteger(Strings::shift($server_public_host_key, $temp['length']), -256);
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4)); $temp = unpack('Nlength', Strings::shift($server_public_host_key, 4));
$rawN = $this->_string_shift($server_public_host_key, $temp['length']); $rawN = Strings::shift($server_public_host_key, $temp['length']);
$n = new BigInteger($rawN, -256); $n = new BigInteger($rawN, -256);
$nLength = strlen(ltrim($rawN, "\0")); $nLength = strlen(ltrim($rawN, "\0"));
/* /*
$temp = unpack('Nlength', $this->_string_shift($signature, 4)); $temp = unpack('Nlength', Strings::shift($signature, 4));
$signature = $this->_string_shift($signature, $temp['length']); $signature = Strings::shift($signature, $temp['length']);
$rsa = new RSA(); $rsa = new RSA();
$rsa->load(array('e' => $e, 'n' => $n), 'raw'); $rsa->load(array('e' => $e, 'n' => $n), 'raw');
@ -4087,8 +4071,8 @@ class SSH2
} }
*/ */
$temp = unpack('Nlength', $this->_string_shift($signature, 4)); $temp = unpack('Nlength', Strings::shift($signature, 4));
$s = new BigInteger($this->_string_shift($signature, $temp['length']), 256); $s = new BigInteger(Strings::shift($signature, $temp['length']), 256);
// validate an RSA signature per "8.2 RSASSA-PKCS1-v1_5", "5.2.2 RSAVP1", and "9.1 EMSA-PSS" in the // validate an RSA signature per "8.2 RSASSA-PKCS1-v1_5", "5.2.2 RSAVP1", and "9.1 EMSA-PSS" in the
// following URL: // following URL:

1
phpseclib/System/SSH/Agent/Identity.php
View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Pure-PHP ssh-agent client. * Pure-PHP ssh-agent client.
* *

4
tests/Unit/Crypt/AES/InternalTest.php
View File

@ -5,12 +5,12 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
class Unit_Crypt_AES_InternalTest extends Unit_Crypt_AES_TestCase class Unit_Crypt_AES_InternalTest extends Unit_Crypt_AES_TestCase
{ {
protected function setUp() protected function setUp()
{ {
$this->engine = Base::ENGINE_INTERNAL; $this->engine = BlockCipher::ENGINE_INTERNAL;
} }
} }

4
tests/Unit/Crypt/AES/McryptTest.php
View File

@ -5,12 +5,12 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
class Unit_Crypt_AES_McryptTest extends Unit_Crypt_AES_TestCase class Unit_Crypt_AES_McryptTest extends Unit_Crypt_AES_TestCase
{ {
protected function setUp() protected function setUp()
{ {
$this->engine = Base::ENGINE_MCRYPT; $this->engine = BlockCipher::ENGINE_MCRYPT;
} }
} }

4
tests/Unit/Crypt/AES/OpenSSLTest.php
View File

@ -5,12 +5,12 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
class Unit_Crypt_AES_OpenSSLTest extends Unit_Crypt_AES_TestCase class Unit_Crypt_AES_OpenSSLTest extends Unit_Crypt_AES_TestCase
{ {
protected function setUp() protected function setUp()
{ {
$this->engine = Base::ENGINE_OPENSSL; $this->engine = BlockCipher::ENGINE_OPENSSL;
} }
} }

36
tests/Unit/Crypt/AES/TestCase.php
View File

@ -6,7 +6,7 @@
*/ */
use phpseclib\Crypt\AES; use phpseclib\Crypt\AES;
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\Rijndael; use phpseclib\Crypt\Rijndael;
abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
@ -18,10 +18,10 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
if ($aes->getEngine() != $this->engine) { if ($aes->getEngine() != $this->engine) {
$engine = 'internal'; $engine = 'internal';
switch ($this->engine) { switch ($this->engine) {
case Base::ENGINE_OPENSSL: case BlockCipher::ENGINE_OPENSSL:
$engine = 'OpenSSL'; $engine = 'OpenSSL';
break; break;
case Base::ENGINE_MCRYPT: case BlockCipher::ENGINE_MCRYPT:
$engine = 'mcrypt'; $engine = 'mcrypt';
} }
self::markTestSkipped('Unable to initialize ' . $engine . ' engine'); self::markTestSkipped('Unable to initialize ' . $engine . ' engine');
@ -36,9 +36,9 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
public function continuousBufferCombos() public function continuousBufferCombos()
{ {
$modes = array( $modes = array(
Base::MODE_CTR, BlockCipher::MODE_CTR,
Base::MODE_OFB, BlockCipher::MODE_OFB,
Base::MODE_CFB, BlockCipher::MODE_CFB,
); );
$plaintexts = array( $plaintexts = array(
'', '',
@ -100,7 +100,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
// this test case is from the following URL: // this test case is from the following URL:
// https://web.archive.org/web/20070209120224/http://fp.gladman.plus.com/cryptography_technology/rijndael/aesdvec.zip // https://web.archive.org/web/20070209120224/http://fp.gladman.plus.com/cryptography_technology/rijndael/aesdvec.zip
$aes = new Rijndael(Base::MODE_CBC); $aes = new Rijndael(BlockCipher::MODE_CBC);
$aes->setPreferredEngine($this->engine); $aes->setPreferredEngine($this->engine);
$aes->disablePadding(); $aes->disablePadding();
$aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. Valid in Rijndael. $aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. Valid in Rijndael.
@ -118,7 +118,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
{ {
// same as the above - just with a different ciphertext // same as the above - just with a different ciphertext
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setPreferredEngine($this->engine); $aes->setPreferredEngine($this->engine);
$aes->disablePadding(); $aes->disablePadding();
$aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. supported by Rijndael - not AES $aes->setKey(pack('H*', '2b7e151628aed2a6abf7158809cf4f3c762e7160')); // 160-bit key. supported by Rijndael - not AES
@ -136,9 +136,9 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
public function continuousBufferBatteryCombos() public function continuousBufferBatteryCombos()
{ {
$modes = array( $modes = array(
Base::MODE_CTR, BlockCipher::MODE_CTR,
Base::MODE_OFB, BlockCipher::MODE_OFB,
Base::MODE_CFB, BlockCipher::MODE_CFB,
); );
$combos = array( $combos = array(
@ -267,7 +267,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
// from http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf#page=16 // from http://csrc.nist.gov/groups/STM/cavp/documents/aes/AESAVS.pdf#page=16
public function testGFSBox128() public function testGFSBox128()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setKey(pack('H*', '00000000000000000000000000000000')); $aes->setKey(pack('H*', '00000000000000000000000000000000'));
$aes->setIV(pack('H*', '00000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000'));
@ -294,7 +294,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
public function testGFSBox192() public function testGFSBox192()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setKey(pack('H*', '000000000000000000000000000000000000000000000000')); $aes->setKey(pack('H*', '000000000000000000000000000000000000000000000000'));
$aes->setIV(pack('H*', '00000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000'));
@ -319,7 +319,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
public function testGFSBox256() public function testGFSBox256()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setKey(pack('H*', '00000000000000000000000000000000' . '00000000000000000000000000000000')); $aes->setKey(pack('H*', '00000000000000000000000000000000' . '00000000000000000000000000000000'));
$aes->setIV(pack('H*', '00000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000'));
@ -342,13 +342,13 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
public function testGetKeyLengthDefault() public function testGetKeyLengthDefault()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$this->assertSame($aes->getKeyLength(), 128); $this->assertSame($aes->getKeyLength(), 128);
} }
public function testGetKeyLengthWith192BitKey() public function testGetKeyLengthWith192BitKey()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setKey(str_repeat('a', 24)); $aes->setKey(str_repeat('a', 24));
$this->assertSame($aes->getKeyLength(), 192); $this->assertSame($aes->getKeyLength(), 192);
} }
@ -358,7 +358,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
*/ */
public function testSetKeyLengthWithLargerKey() public function testSetKeyLengthWithLargerKey()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setKeyLength(128); $aes->setKeyLength(128);
$aes->setKey(str_repeat('a', 24)); $aes->setKey(str_repeat('a', 24));
$aes->setIV(str_repeat("\0", 16)); $aes->setIV(str_repeat("\0", 16));
@ -373,7 +373,7 @@ abstract class Unit_Crypt_AES_TestCase extends PhpseclibTestCase
*/ */
public function testSetKeyLengthWithSmallerKey() public function testSetKeyLengthWithSmallerKey()
{ {
$aes = new AES(Base::MODE_CBC); $aes = new AES(BlockCipher::MODE_CBC);
$aes->setKeyLength(256); $aes->setKeyLength(256);
$aes->setKey(str_repeat('a', 16)); $aes->setKey(str_repeat('a', 16));
$aes->setIV(str_repeat("\0", 16)); $aes->setIV(str_repeat("\0", 16));

8
tests/Unit/Crypt/BlowfishTest.php
View File

@ -5,7 +5,7 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\Blowfish; use phpseclib\Crypt\Blowfish;
class Unit_Crypt_BlowfishTest extends PhpseclibTestCase class Unit_Crypt_BlowfishTest extends PhpseclibTestCase
@ -13,9 +13,9 @@ class Unit_Crypt_BlowfishTest extends PhpseclibTestCase
public function engineVectors() public function engineVectors()
{ {
$engines = array( $engines = array(
Base::ENGINE_INTERNAL => 'internal', BlockCipher::ENGINE_INTERNAL => 'internal',
Base::ENGINE_MCRYPT => 'mcrypt', BlockCipher::ENGINE_MCRYPT => 'mcrypt',
Base::ENGINE_OPENSSL => 'OpenSSL', BlockCipher::ENGINE_OPENSSL => 'OpenSSL',
); );
// tests from https://www.schneier.com/code/vectors.txt // tests from https://www.schneier.com/code/vectors.txt

20
tests/Unit/Crypt/RC2Test.php
View File

@ -5,15 +5,15 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\RC2; use phpseclib\Crypt\RC2;
class Unit_Crypt_RC2Test extends PhpseclibTestCase class Unit_Crypt_RC2Test extends PhpseclibTestCase
{ {
var $engines = array( var $engines = array(
Base::ENGINE_INTERNAL => 'internal', BlockCipher::ENGINE_INTERNAL => 'internal',
Base::ENGINE_MCRYPT => 'mcrypt', BlockCipher::ENGINE_MCRYPT => 'mcrypt',
Base::ENGINE_OPENSSL => 'OpenSSL', BlockCipher::ENGINE_OPENSSL => 'OpenSSL',
); );
public function engineVectors() public function engineVectors()
@ -45,7 +45,7 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase
// this test is just confirming RC2's key expansion // this test is just confirming RC2's key expansion
public function testEncryptPadding() public function testEncryptPadding()
{ {
$rc2 = new RC2(Base::MODE_ECB); $rc2 = new RC2(BlockCipher::MODE_ECB);
// unlike Crypt_AES / Crypt_Rijndael, when you tell Crypt_RC2 that the key length is 128-bits the key isn't null padded to that length. // unlike Crypt_AES / Crypt_Rijndael, when you tell Crypt_RC2 that the key length is 128-bits the key isn't null padded to that length.
// instead, RC2 key expansion is used to extend it out to that length. this isn't done for AES / Rijndael since that doesn't define any // instead, RC2 key expansion is used to extend it out to that length. this isn't done for AES / Rijndael since that doesn't define any
@ -82,22 +82,22 @@ class Unit_Crypt_RC2Test extends PhpseclibTestCase
$rc2->setKey(str_repeat('d', 16), 128); $rc2->setKey(str_repeat('d', 16), 128);
$rc2->setPreferredEngine(Base::ENGINE_INTERNAL); $rc2->setPreferredEngine(BlockCipher::ENGINE_INTERNAL);
$internal = $rc2->encrypt('d'); $internal = $rc2->encrypt('d');
$result = pack('H*', 'e3b36057f4821346'); $result = pack('H*', 'e3b36057f4821346');
$this->assertEquals($result, $internal, 'Failed asserting that the internal engine produced the correct result'); $this->assertEquals($result, $internal, 'Failed asserting that the internal engine produced the correct result');
$rc2->setPreferredEngine(Base::ENGINE_MCRYPT); $rc2->setPreferredEngine(BlockCipher::ENGINE_MCRYPT);
if ($rc2->getEngine() == Base::ENGINE_MCRYPT) { if ($rc2->getEngine() == BlockCipher::ENGINE_MCRYPT) {
$mcrypt = $rc2->encrypt('d'); $mcrypt = $rc2->encrypt('d');
$this->assertEquals($result, $mcrypt, 'Failed asserting that the mcrypt engine produced the correct result'); $this->assertEquals($result, $mcrypt, 'Failed asserting that the mcrypt engine produced the correct result');
} else { } else {
self::markTestSkipped('Unable to initialize mcrypt engine'); self::markTestSkipped('Unable to initialize mcrypt engine');
} }
$rc2->setPreferredEngine(Base::ENGINE_OPENSSL); $rc2->setPreferredEngine(BlockCipher::ENGINE_OPENSSL);
if ($rc2->getEngine() == Base::ENGINE_OPENSSL) { if ($rc2->getEngine() == BlockCipher::ENGINE_OPENSSL) {
$openssl = $rc2->encrypt('d'); $openssl = $rc2->encrypt('d');
$this->assertEquals($result, $openssl, 'Failed asserting that the OpenSSL engine produced the correct result'); $this->assertEquals($result, $openssl, 'Failed asserting that the OpenSSL engine produced the correct result');
} else { } else {

8
tests/Unit/Crypt/RC4Test.php
View File

@ -5,7 +5,7 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\StreamCipher;
use phpseclib\Crypt\RC4; use phpseclib\Crypt\RC4;
class Unit_Crypt_RC4Test extends PhpseclibTestCase class Unit_Crypt_RC4Test extends PhpseclibTestCase
@ -13,9 +13,9 @@ class Unit_Crypt_RC4Test extends PhpseclibTestCase
public function engineVectors() public function engineVectors()
{ {
$engines = array( $engines = array(
Base::ENGINE_INTERNAL => 'internal', StreamCipher::ENGINE_INTERNAL => 'internal',
Base::ENGINE_MCRYPT => 'mcrypt', StreamCipher::ENGINE_MCRYPT => 'mcrypt',
Base::ENGINE_OPENSSL => 'OpenSSL', StreamCipher::ENGINE_OPENSSL => 'OpenSSL',
); );
// tests from https://tools.ietf.org/html/rfc6229 // tests from https://tools.ietf.org/html/rfc6229
$tests = array( $tests = array(

14
tests/Unit/Crypt/TripleDESTest.php
View File

@ -5,15 +5,15 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\TripleDES; use phpseclib\Crypt\TripleDES;
class Unit_Crypt_TripleDESTest extends PhpseclibTestCase class Unit_Crypt_TripleDESTest extends PhpseclibTestCase
{ {
var $engines = array( var $engines = array(
Base::ENGINE_INTERNAL => 'internal', BlockCipher::ENGINE_INTERNAL => 'internal',
Base::ENGINE_MCRYPT => 'mcrypt', BlockCipher::ENGINE_MCRYPT => 'mcrypt',
Base::ENGINE_OPENSSL => 'OpenSSL', BlockCipher::ENGINE_OPENSSL => 'OpenSSL',
); );
public function engineVectors() public function engineVectors()
@ -120,9 +120,9 @@ class Unit_Crypt_TripleDESTest extends PhpseclibTestCase
public function engineIVVectors() public function engineIVVectors()
{ {
$engines = array( $engines = array(
Base::ENGINE_INTERNAL => 'internal', BlockCipher::ENGINE_INTERNAL => 'internal',
Base::ENGINE_MCRYPT => 'mcrypt', BlockCipher::ENGINE_MCRYPT => 'mcrypt',
Base::ENGINE_OPENSSL => 'OpenSSL', BlockCipher::ENGINE_OPENSSL => 'OpenSSL',
); );
// tests from http://csrc.nist.gov/groups/STM/cavp/documents/des/DESMMT.pdf // tests from http://csrc.nist.gov/groups/STM/cavp/documents/des/DESMMT.pdf

8
tests/Unit/Crypt/TwofishTest.php
View File

@ -5,7 +5,7 @@
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
*/ */
use phpseclib\Crypt\Base; use phpseclib\Crypt\Common\BlockCipher;
use phpseclib\Crypt\Twofish; use phpseclib\Crypt\Twofish;
class Unit_Crypt_TwofishTest extends PhpseclibTestCase class Unit_Crypt_TwofishTest extends PhpseclibTestCase
@ -13,9 +13,9 @@ class Unit_Crypt_TwofishTest extends PhpseclibTestCase
public function testVectors() public function testVectors()
{ {
$engines = array( $engines = array(
Base::ENGINE_INTERNAL => 'internal', BlockCipher::ENGINE_INTERNAL => 'internal',
Base::ENGINE_MCRYPT => 'mcrypt', BlockCipher::ENGINE_MCRYPT => 'mcrypt',
Base::ENGINE_OPENSSL => 'OpenSSL', BlockCipher::ENGINE_OPENSSL => 'OpenSSL',
); );
foreach ($engines as $engine => $name) { foreach ($engines as $engine => $name) {

7
tests/Unit/File/X509/X509Test.php
View File

@ -9,6 +9,7 @@ use phpseclib\File\ASN1;
use phpseclib\File\ASN1\Element; use phpseclib\File\ASN1\Element;
use phpseclib\File\X509; use phpseclib\File\X509;
use phpseclib\Crypt\RSA; use phpseclib\Crypt\RSA;
use phpseclib\Common\Functions\ASN1 as Functions;
class Unit_File_X509_X509Test extends PhpseclibTestCase class Unit_File_X509_X509Test extends PhpseclibTestCase
{ {
@ -136,10 +137,10 @@ IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q==
$asn1 = new ASN1(); $asn1 = new ASN1();
$value = $this->_encodeOID('1.2.3.4'); $value = $this->_encodeOID('1.2.3.4');
$ext = chr(ASN1::TYPE_OBJECT_IDENTIFIER) . $asn1->_encodeLength(strlen($value)) . $value; $ext = chr(ASN1::TYPE_OBJECT_IDENTIFIER) . Functions::encodeLength(strlen($value)) . $value;
$value = 'zzzzzzzzz'; $value = 'zzzzzzzzz';
$ext.= chr(ASN1::TYPE_OCTET_STRING) . $asn1->_encodeLength(strlen($value)) . $value; $ext.= chr(ASN1::TYPE_OCTET_STRING) . Functions::encodeLength(strlen($value)) . $value;
$ext = chr(ASN1::TYPE_SEQUENCE | 0x20) . $asn1->_encodeLength(strlen($ext)) . $ext; $ext = chr(ASN1::TYPE_SEQUENCE | 0x20) . Functions::encodeLength(strlen($ext)) . $ext;
$cert['tbsCertificate']['extensions'][4] = new Element($ext); $cert['tbsCertificate']['extensions'][4] = new Element($ext);