mirror of
https://github.com/phpseclib/phpseclib.git
synced 2025-01-26 16:48:31 +00:00
TripleDES, Rijndael: Fix overflow in OFB mode
This commit is contained in:
parent
7ce05ed591
commit
c4b3288851
phpseclib/Crypt
@ -900,8 +900,10 @@ class Crypt_Rijndael {
|
|||||||
$xor = $this->encryptIV;
|
$xor = $this->encryptIV;
|
||||||
if (strlen($buffer['xor'])) {
|
if (strlen($buffer['xor'])) {
|
||||||
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
||||||
$xor = $this->_encryptBlock($xor);
|
if (strlen($block) > strlen($buffer['xor'])) {
|
||||||
$buffer['xor'].= $xor;
|
$xor = $this->_encryptBlock($xor);
|
||||||
|
$buffer['xor'].= $xor;
|
||||||
|
}
|
||||||
$key = $this->_string_shift($buffer['xor'], $block_size);
|
$key = $this->_string_shift($buffer['xor'], $block_size);
|
||||||
$ciphertext.= substr($plaintext, $i, $block_size) ^ $key;
|
$ciphertext.= substr($plaintext, $i, $block_size) ^ $key;
|
||||||
}
|
}
|
||||||
@ -1038,8 +1040,10 @@ class Crypt_Rijndael {
|
|||||||
$xor = $this->decryptIV;
|
$xor = $this->decryptIV;
|
||||||
if (strlen($buffer['xor'])) {
|
if (strlen($buffer['xor'])) {
|
||||||
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
||||||
$xor = $this->_encryptBlock($xor);
|
if (strlen($block) > strlen($buffer['xor'])) {
|
||||||
$buffer['xor'].= $xor;
|
$xor = $this->_encryptBlock($xor);
|
||||||
|
$buffer['xor'].= $xor;
|
||||||
|
}
|
||||||
$key = $this->_string_shift($buffer['xor'], $block_size);
|
$key = $this->_string_shift($buffer['xor'], $block_size);
|
||||||
$plaintext.= substr($ciphertext, $i, $block_size) ^ $key;
|
$plaintext.= substr($ciphertext, $i, $block_size) ^ $key;
|
||||||
}
|
}
|
||||||
@ -1139,7 +1143,7 @@ class Crypt_Rijndael {
|
|||||||
$l = ($l + 1) % $Nb;
|
$l = ($l + 1) % $Nb;
|
||||||
}
|
}
|
||||||
|
|
||||||
// 100% ugly switch/case code... but ~5% faster (meaning: ~half second faster de/encrypting 1MB text, tested with php5.4.9 on linux/32bit with an AMD Athlon II P360 CPU) then the commented smart code below. Don't know it's worth or not
|
// 100% ugly switch/case code... but ~5% faster ("smart code" below commented out)
|
||||||
switch ($Nb) {
|
switch ($Nb) {
|
||||||
case 8:
|
case 8:
|
||||||
return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]);
|
return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]);
|
||||||
@ -1969,10 +1973,12 @@ class Crypt_Rijndael {
|
|||||||
|
|
||||||
if (strlen($buffer["xor"])) {
|
if (strlen($buffer["xor"])) {
|
||||||
for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') {
|
for ($i = 0; $i < $plaintext_len; $i+= '.$block_size.') {
|
||||||
$in = $xor;
|
if (strlen($block) > strlen($buffer["xor"])) {
|
||||||
'.$_encryptBlock.'
|
$in = $xor;
|
||||||
$xor = $in;
|
'.$_encryptBlock.'
|
||||||
$buffer["xor"].= $xor;
|
$xor = $in;
|
||||||
|
$buffer["xor"].= $xor;
|
||||||
|
}
|
||||||
$key = $self->_string_shift($buffer["xor"], '.$block_size.');
|
$key = $self->_string_shift($buffer["xor"], '.$block_size.');
|
||||||
$ciphertext.= substr($text, $i, '.$block_size.') ^ $key;
|
$ciphertext.= substr($text, $i, '.$block_size.') ^ $key;
|
||||||
}
|
}
|
||||||
@ -2002,10 +2008,12 @@ class Crypt_Rijndael {
|
|||||||
|
|
||||||
if (strlen($buffer["xor"])) {
|
if (strlen($buffer["xor"])) {
|
||||||
for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') {
|
for ($i = 0; $i < $ciphertext_len; $i+= '.$block_size.') {
|
||||||
$in = $xor;
|
if (strlen($block) > strlen($buffer["xor"])) {
|
||||||
'.$_encryptBlock.'
|
$in = $xor;
|
||||||
$xor = $in;
|
'.$_encryptBlock.'
|
||||||
$buffer["xor"].= $xor;
|
$xor = $in;
|
||||||
|
$buffer["xor"].= $xor;
|
||||||
|
}
|
||||||
$key = $self->_string_shift($buffer["xor"], '.$block_size.');
|
$key = $self->_string_shift($buffer["xor"], '.$block_size.');
|
||||||
$plaintext.= substr($text, $i, '.$block_size.') ^ $key;
|
$plaintext.= substr($text, $i, '.$block_size.') ^ $key;
|
||||||
}
|
}
|
||||||
|
@ -669,10 +669,12 @@ class Crypt_TripleDES {
|
|||||||
$xor = $this->encryptIV;
|
$xor = $this->encryptIV;
|
||||||
if (strlen($buffer['xor'])) {
|
if (strlen($buffer['xor'])) {
|
||||||
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
||||||
$xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
if (strlen($block) > strlen($buffer['xor'])) {
|
||||||
$xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
|
$xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
||||||
$xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
$xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
|
||||||
$buffer['xor'].= $xor;
|
$xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
||||||
|
$buffer['xor'].= $xor;
|
||||||
|
}
|
||||||
$key = $this->_string_shift($buffer['xor'], 8);
|
$key = $this->_string_shift($buffer['xor'], 8);
|
||||||
$ciphertext.= substr($plaintext, $i, 8) ^ $key;
|
$ciphertext.= substr($plaintext, $i, 8) ^ $key;
|
||||||
}
|
}
|
||||||
@ -880,10 +882,12 @@ class Crypt_TripleDES {
|
|||||||
$xor = $this->decryptIV;
|
$xor = $this->decryptIV;
|
||||||
if (strlen($buffer['xor'])) {
|
if (strlen($buffer['xor'])) {
|
||||||
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
||||||
$xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
if (strlen($block) > strlen($buffer['xor'])) {
|
||||||
$xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
|
$xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
||||||
$xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
$xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
|
||||||
$buffer['xor'].= $xor;
|
$xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
|
||||||
|
$buffer['xor'].= $xor;
|
||||||
|
}
|
||||||
$key = $this->_string_shift($buffer['xor'], 8);
|
$key = $this->_string_shift($buffer['xor'], 8);
|
||||||
$plaintext.= substr($ciphertext, $i, 8) ^ $key;
|
$plaintext.= substr($ciphertext, $i, 8) ^ $key;
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user