mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-09-20 07:35:55 +08:00
Update phpseclib
This commit is contained in:
parent
909cd45769
commit
71ac99f517
|
@ -61,7 +61,10 @@ class Utils
|
|||
if (!\class_exists('Crypt_RSA', false))
|
||||
{
|
||||
include_once 'Crypt/RSA.php';
|
||||
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||
if (!\defined('CRYPT_RSA_MODE') && \defined('CRYPT_RSA_MODE_INTERNAL'))
|
||||
{
|
||||
\define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||
}
|
||||
}
|
||||
|
||||
if (\class_exists('Crypt_RSA'))
|
||||
|
|
404
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/AES.php
Normal file → Executable file
404
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/AES.php
Normal file → Executable file
|
@ -1,207 +1,197 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of AES.
|
||||
*
|
||||
* Uses mcrypt, if available/possible, and an internal implementation, otherwise.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* If {@link Crypt_AES::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
||||
* {@link Crypt_AES::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
|
||||
* it'll be null-padded to 192-bits and 192 bits will be the key length until {@link Crypt_AES::setKey() setKey()}
|
||||
* is called, again, at which point, it'll be recalculated.
|
||||
*
|
||||
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
|
||||
* make a whole lot of sense. {@link Crypt_AES::setBlockLength() setBlockLength()}, for instance. Calling that function,
|
||||
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/AES.php';
|
||||
*
|
||||
* $aes = new Crypt_AES();
|
||||
*
|
||||
* $aes->setKey('abcdefghijklmnop');
|
||||
*
|
||||
* $size = 10 * 1024;
|
||||
* $plaintext = '';
|
||||
* for ($i = 0; $i < $size; $i++) {
|
||||
* $plaintext.= 'a';
|
||||
* }
|
||||
*
|
||||
* echo $aes->decrypt($aes->encrypt($plaintext));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_AES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2008 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Crypt_Rijndael
|
||||
*/
|
||||
if (!class_exists('Crypt_Rijndael')) {
|
||||
include_once 'Rijndael.php';
|
||||
}
|
||||
|
||||
/**#@+
|
||||
* @access public
|
||||
* @see Crypt_AES::encrypt()
|
||||
* @see Crypt_AES::decrypt()
|
||||
*/
|
||||
/**
|
||||
* Encrypt / decrypt using the Counter mode.
|
||||
*
|
||||
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR);
|
||||
/**
|
||||
* Encrypt / decrypt using the Electronic Code Book mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB);
|
||||
/**
|
||||
* Encrypt / decrypt using the Code Book Chaining mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC);
|
||||
/**
|
||||
* Encrypt / decrypt using the Cipher Feedback mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB);
|
||||
/**
|
||||
* Encrypt / decrypt using the Cipher Feedback mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
*/
|
||||
/**
|
||||
* Toggles the internal implementation
|
||||
*/
|
||||
define('CRYPT_AES_MODE_INTERNAL', CRYPT_MODE_INTERNAL);
|
||||
/**
|
||||
* Toggles the mcrypt implementation
|
||||
*/
|
||||
define('CRYPT_AES_MODE_MCRYPT', CRYPT_MODE_MCRYPT);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of AES.
|
||||
*
|
||||
* @package Crypt_AES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Crypt_AES extends Crypt_Rijndael
|
||||
{
|
||||
/**
|
||||
* The namespace used by the cipher for its constants.
|
||||
*
|
||||
* @see Crypt_Base::const_namespace
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $const_namespace = 'AES';
|
||||
|
||||
/**
|
||||
* Dummy function
|
||||
*
|
||||
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
|
||||
*
|
||||
* @see Crypt_Rijndael::setBlockLength()
|
||||
* @access public
|
||||
* @param Integer $length
|
||||
*/
|
||||
function setBlockLength($length)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key length
|
||||
*
|
||||
* Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
|
||||
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
|
||||
*
|
||||
* @see Crypt_Rijndael:setKeyLength()
|
||||
* @access public
|
||||
* @param Integer $length
|
||||
*/
|
||||
function setKeyLength($length)
|
||||
{
|
||||
switch ($length) {
|
||||
case 160:
|
||||
$length = 192;
|
||||
break;
|
||||
case 224:
|
||||
$length = 256;
|
||||
}
|
||||
parent::setKeyLength($length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key.
|
||||
*
|
||||
* Rijndael supports five different key lengths, AES only supports three.
|
||||
*
|
||||
* @see Crypt_Rijndael:setKey()
|
||||
* @see setKeyLength()
|
||||
* @access public
|
||||
* @param String $key
|
||||
*/
|
||||
function setKey($key)
|
||||
{
|
||||
parent::setKey($key);
|
||||
|
||||
if (!$this->explicit_key_length) {
|
||||
$length = strlen($key);
|
||||
switch (true) {
|
||||
case $length <= 16:
|
||||
$this->key_size = 16;
|
||||
break;
|
||||
case $length <= 24:
|
||||
$this->key_size = 24;
|
||||
break;
|
||||
default:
|
||||
$this->key_size = 32;
|
||||
}
|
||||
$this->_setupEngine();
|
||||
}
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of AES.
|
||||
*
|
||||
* Uses mcrypt, if available/possible, and an internal implementation, otherwise.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* NOTE: Since AES.php is (for compatibility and phpseclib-historical reasons) virtually
|
||||
* just a wrapper to Rijndael.php you may consider using Rijndael.php instead of
|
||||
* to save one include_once().
|
||||
*
|
||||
* If {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
||||
* {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
|
||||
* it'll be null-padded to 192-bits and 192 bits will be the key length until {@link self::setKey() setKey()}
|
||||
* is called, again, at which point, it'll be recalculated.
|
||||
*
|
||||
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
|
||||
* make a whole lot of sense. {@link self::setBlockLength() setBlockLength()}, for instance. Calling that function,
|
||||
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/AES.php';
|
||||
*
|
||||
* $aes = new Crypt_AES();
|
||||
*
|
||||
* $aes->setKey('abcdefghijklmnop');
|
||||
*
|
||||
* $size = 10 * 1024;
|
||||
* $plaintext = '';
|
||||
* for ($i = 0; $i < $size; $i++) {
|
||||
* $plaintext.= 'a';
|
||||
* }
|
||||
*
|
||||
* echo $aes->decrypt($aes->encrypt($plaintext));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_AES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2008 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Crypt_Rijndael
|
||||
*/
|
||||
if (!class_exists('Crypt_Rijndael')) {
|
||||
include_once 'Rijndael.php';
|
||||
}
|
||||
|
||||
/**#@+
|
||||
* @access public
|
||||
* @see self::encrypt()
|
||||
* @see self::decrypt()
|
||||
*/
|
||||
/**
|
||||
* Encrypt / decrypt using the Counter mode.
|
||||
*
|
||||
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR);
|
||||
/**
|
||||
* Encrypt / decrypt using the Electronic Code Book mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB);
|
||||
/**
|
||||
* Encrypt / decrypt using the Code Book Chaining mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC);
|
||||
/**
|
||||
* Encrypt / decrypt using the Cipher Feedback mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB);
|
||||
/**
|
||||
* Encrypt / decrypt using the Cipher Feedback mode.
|
||||
*
|
||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
|
||||
*/
|
||||
define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of AES.
|
||||
*
|
||||
* @package Crypt_AES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Crypt_AES extends Crypt_Rijndael
|
||||
{
|
||||
/**
|
||||
* The namespace used by the cipher for its constants.
|
||||
*
|
||||
* @see Crypt_Base::const_namespace
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $const_namespace = 'AES';
|
||||
|
||||
/**
|
||||
* Dummy function
|
||||
*
|
||||
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
|
||||
*
|
||||
* @see Crypt_Rijndael::setBlockLength()
|
||||
* @access public
|
||||
* @param int $length
|
||||
*/
|
||||
function setBlockLength($length)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key length
|
||||
*
|
||||
* Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
|
||||
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
|
||||
*
|
||||
* @see Crypt_Rijndael:setKeyLength()
|
||||
* @access public
|
||||
* @param int $length
|
||||
*/
|
||||
function setKeyLength($length)
|
||||
{
|
||||
switch ($length) {
|
||||
case 160:
|
||||
$length = 192;
|
||||
break;
|
||||
case 224:
|
||||
$length = 256;
|
||||
}
|
||||
parent::setKeyLength($length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key.
|
||||
*
|
||||
* Rijndael supports five different key lengths, AES only supports three.
|
||||
*
|
||||
* @see Crypt_Rijndael:setKey()
|
||||
* @see setKeyLength()
|
||||
* @access public
|
||||
* @param string $key
|
||||
*/
|
||||
function setKey($key)
|
||||
{
|
||||
parent::setKey($key);
|
||||
|
||||
if (!$this->explicit_key_length) {
|
||||
$length = strlen($key);
|
||||
switch (true) {
|
||||
case $length <= 16:
|
||||
$this->key_length = 16;
|
||||
break;
|
||||
case $length <= 24:
|
||||
$this->key_length = 24;
|
||||
break;
|
||||
default:
|
||||
$this->key_length = 32;
|
||||
}
|
||||
$this->_setEngine();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
4671
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Base.php
Normal file → Executable file
4671
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Base.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1288
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Blowfish.php
Normal file → Executable file
1288
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Blowfish.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
3022
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/DES.php
Normal file → Executable file
3022
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/DES.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1770
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Hash.php
Normal file → Executable file
1770
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Hash.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1413
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC2.php
Normal file → Executable file
1413
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC2.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
695
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC4.php
Normal file → Executable file
695
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC4.php
Normal file → Executable file
|
@ -1,329 +1,366 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of RC4.
|
||||
*
|
||||
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Useful resources are as follows:
|
||||
*
|
||||
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
|
||||
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
|
||||
*
|
||||
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
|
||||
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/RC4.php';
|
||||
*
|
||||
* $rc4 = new Crypt_RC4();
|
||||
*
|
||||
* $rc4->setKey('abcdefgh');
|
||||
*
|
||||
* $size = 10 * 1024;
|
||||
* $plaintext = '';
|
||||
* for ($i = 0; $i < $size; $i++) {
|
||||
* $plaintext.= 'a';
|
||||
* }
|
||||
*
|
||||
* echo $rc4->decrypt($rc4->encrypt($plaintext));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_RC4
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2007 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Crypt_Base
|
||||
*
|
||||
* Base cipher class
|
||||
*/
|
||||
if (!class_exists('Crypt_Base')) {
|
||||
include_once 'Base.php';
|
||||
}
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see Crypt_RC4::Crypt_RC4()
|
||||
*/
|
||||
/**
|
||||
* Toggles the internal implementation
|
||||
*/
|
||||
define('CRYPT_RC4_MODE_INTERNAL', CRYPT_MODE_INTERNAL);
|
||||
/**
|
||||
* Toggles the mcrypt implementation
|
||||
*/
|
||||
define('CRYPT_RC4_MODE_MCRYPT', CRYPT_MODE_MCRYPT);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see Crypt_RC4::_crypt()
|
||||
*/
|
||||
define('CRYPT_RC4_ENCRYPT', 0);
|
||||
define('CRYPT_RC4_DECRYPT', 1);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of RC4.
|
||||
*
|
||||
* @package Crypt_RC4
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Crypt_RC4 extends Crypt_Base
|
||||
{
|
||||
/**
|
||||
* Block Length of the cipher
|
||||
*
|
||||
* RC4 is a stream cipher
|
||||
* so we the block_size to 0
|
||||
*
|
||||
* @see Crypt_Base::block_size
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $block_size = 0;
|
||||
|
||||
/**
|
||||
* The default password key_size used by setPassword()
|
||||
*
|
||||
* @see Crypt_Base::password_key_size
|
||||
* @see Crypt_Base::setPassword()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $password_key_size = 128; // = 1024 bits
|
||||
|
||||
/**
|
||||
* The namespace used by the cipher for its constants.
|
||||
*
|
||||
* @see Crypt_Base::const_namespace
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $const_namespace = 'RC4';
|
||||
|
||||
/**
|
||||
* The mcrypt specific name of the cipher
|
||||
*
|
||||
* @see Crypt_Base::cipher_name_mcrypt
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $cipher_name_mcrypt = 'arcfour';
|
||||
|
||||
/**
|
||||
* Holds whether performance-optimized $inline_crypt() can/should be used.
|
||||
*
|
||||
* @see Crypt_Base::inline_crypt
|
||||
* @var mixed
|
||||
* @access private
|
||||
*/
|
||||
var $use_inline_crypt = false; // currently not available
|
||||
|
||||
/**
|
||||
* The Key
|
||||
*
|
||||
* @see Crypt_RC4::setKey()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $key = "\0";
|
||||
|
||||
/**
|
||||
* The Key Stream for decryption and encryption
|
||||
*
|
||||
* @see Crypt_RC4::setKey()
|
||||
* @var Array
|
||||
* @access private
|
||||
*/
|
||||
var $stream;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* Determines whether or not the mcrypt extension should be used.
|
||||
*
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @return Crypt_RC4
|
||||
* @access public
|
||||
*/
|
||||
function Crypt_RC4()
|
||||
{
|
||||
parent::Crypt_Base(CRYPT_MODE_STREAM);
|
||||
}
|
||||
|
||||
/**
|
||||
* Dummy function.
|
||||
*
|
||||
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
||||
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
||||
* calling setKey().
|
||||
*
|
||||
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
||||
* the IV's are relatively easy to predict, an attack described by
|
||||
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
||||
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
||||
*
|
||||
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
||||
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
||||
*
|
||||
* @param String $iv
|
||||
* @see Crypt_RC4::setKey()
|
||||
* @access public
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key.
|
||||
*
|
||||
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
|
||||
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
|
||||
*
|
||||
* @access public
|
||||
* @see Crypt_Base::setKey()
|
||||
* @param String $key
|
||||
*/
|
||||
function setKey($key)
|
||||
{
|
||||
parent::setKey(substr($key, 0, 256));
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts a message.
|
||||
*
|
||||
* @see Crypt_Base::decrypt()
|
||||
* @see Crypt_RC4::_crypt()
|
||||
* @access public
|
||||
* @param String $plaintext
|
||||
* @return String $ciphertext
|
||||
*/
|
||||
function encrypt($plaintext)
|
||||
{
|
||||
if ($this->engine == CRYPT_MODE_MCRYPT) {
|
||||
return parent::encrypt($plaintext);
|
||||
}
|
||||
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypts a message.
|
||||
*
|
||||
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
|
||||
* At least if the continuous buffer is disabled.
|
||||
*
|
||||
* @see Crypt_Base::encrypt()
|
||||
* @see Crypt_RC4::_crypt()
|
||||
* @access public
|
||||
* @param String $ciphertext
|
||||
* @return String $plaintext
|
||||
*/
|
||||
function decrypt($ciphertext)
|
||||
{
|
||||
if ($this->engine == CRYPT_MODE_MCRYPT) {
|
||||
return parent::decrypt($ciphertext);
|
||||
}
|
||||
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Setup the key (expansion)
|
||||
*
|
||||
* @see Crypt_Base::_setupKey()
|
||||
* @access private
|
||||
*/
|
||||
function _setupKey()
|
||||
{
|
||||
$key = $this->key;
|
||||
$keyLength = strlen($key);
|
||||
$keyStream = range(0, 255);
|
||||
$j = 0;
|
||||
for ($i = 0; $i < 256; $i++) {
|
||||
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
|
||||
$temp = $keyStream[$i];
|
||||
$keyStream[$i] = $keyStream[$j];
|
||||
$keyStream[$j] = $temp;
|
||||
}
|
||||
|
||||
$this->stream = array();
|
||||
$this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array(
|
||||
0, // index $i
|
||||
0, // index $j
|
||||
$keyStream
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts or decrypts a message.
|
||||
*
|
||||
* @see Crypt_RC4::encrypt()
|
||||
* @see Crypt_RC4::decrypt()
|
||||
* @access private
|
||||
* @param String $text
|
||||
* @param Integer $mode
|
||||
* @return String $text
|
||||
*/
|
||||
function _crypt($text, $mode)
|
||||
{
|
||||
if ($this->changed) {
|
||||
$this->_setup();
|
||||
$this->changed = false;
|
||||
}
|
||||
|
||||
$stream = &$this->stream[$mode];
|
||||
if ($this->continuousBuffer) {
|
||||
$i = &$stream[0];
|
||||
$j = &$stream[1];
|
||||
$keyStream = &$stream[2];
|
||||
} else {
|
||||
$i = $stream[0];
|
||||
$j = $stream[1];
|
||||
$keyStream = $stream[2];
|
||||
}
|
||||
|
||||
$len = strlen($text);
|
||||
for ($k = 0; $k < $len; ++$k) {
|
||||
$i = ($i + 1) & 255;
|
||||
$ksi = $keyStream[$i];
|
||||
$j = ($j + $ksi) & 255;
|
||||
$ksj = $keyStream[$j];
|
||||
|
||||
$keyStream[$i] = $ksj;
|
||||
$keyStream[$j] = $ksi;
|
||||
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
|
||||
}
|
||||
|
||||
return $text;
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of RC4.
|
||||
*
|
||||
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Useful resources are as follows:
|
||||
*
|
||||
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
|
||||
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
|
||||
*
|
||||
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
|
||||
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/RC4.php';
|
||||
*
|
||||
* $rc4 = new Crypt_RC4();
|
||||
*
|
||||
* $rc4->setKey('abcdefgh');
|
||||
*
|
||||
* $size = 10 * 1024;
|
||||
* $plaintext = '';
|
||||
* for ($i = 0; $i < $size; $i++) {
|
||||
* $plaintext.= 'a';
|
||||
* }
|
||||
*
|
||||
* echo $rc4->decrypt($rc4->encrypt($plaintext));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_RC4
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2007 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Crypt_Base
|
||||
*
|
||||
* Base cipher class
|
||||
*/
|
||||
if (!class_exists('Crypt_Base')) {
|
||||
include_once 'Base.php';
|
||||
}
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see self::_crypt()
|
||||
*/
|
||||
define('CRYPT_RC4_ENCRYPT', 0);
|
||||
define('CRYPT_RC4_DECRYPT', 1);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of RC4.
|
||||
*
|
||||
* @package Crypt_RC4
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Crypt_RC4 extends Crypt_Base
|
||||
{
|
||||
/**
|
||||
* Block Length of the cipher
|
||||
*
|
||||
* RC4 is a stream cipher
|
||||
* so we the block_size to 0
|
||||
*
|
||||
* @see Crypt_Base::block_size
|
||||
* @var int
|
||||
* @access private
|
||||
*/
|
||||
var $block_size = 0;
|
||||
|
||||
/**
|
||||
* Key Length (in bytes)
|
||||
*
|
||||
* @see Crypt_RC4::setKeyLength()
|
||||
* @var int
|
||||
* @access private
|
||||
*/
|
||||
var $key_length = 128; // = 1024 bits
|
||||
|
||||
/**
|
||||
* The namespace used by the cipher for its constants.
|
||||
*
|
||||
* @see Crypt_Base::const_namespace
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $const_namespace = 'RC4';
|
||||
|
||||
/**
|
||||
* The mcrypt specific name of the cipher
|
||||
*
|
||||
* @see Crypt_Base::cipher_name_mcrypt
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $cipher_name_mcrypt = 'arcfour';
|
||||
|
||||
/**
|
||||
* Holds whether performance-optimized $inline_crypt() can/should be used.
|
||||
*
|
||||
* @see Crypt_Base::inline_crypt
|
||||
* @var mixed
|
||||
* @access private
|
||||
*/
|
||||
var $use_inline_crypt = false; // currently not available
|
||||
|
||||
/**
|
||||
* The Key
|
||||
*
|
||||
* @see self::setKey()
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $key;
|
||||
|
||||
/**
|
||||
* The Key Stream for decryption and encryption
|
||||
*
|
||||
* @see self::setKey()
|
||||
* @var array
|
||||
* @access private
|
||||
*/
|
||||
var $stream;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* Determines whether or not the mcrypt extension should be used.
|
||||
*
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @return Crypt_RC4
|
||||
* @access public
|
||||
*/
|
||||
function __construct()
|
||||
{
|
||||
parent::__construct(CRYPT_MODE_STREAM);
|
||||
}
|
||||
|
||||
/**
|
||||
* PHP4 compatible Default Constructor.
|
||||
*
|
||||
* @see self::__construct()
|
||||
* @access public
|
||||
*/
|
||||
function Crypt_RC4()
|
||||
{
|
||||
$this->__construct();
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for engine validity
|
||||
*
|
||||
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine()
|
||||
*
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @param int $engine
|
||||
* @access public
|
||||
* @return bool
|
||||
*/
|
||||
function isValidEngine($engine)
|
||||
{
|
||||
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
||||
if (version_compare(PHP_VERSION, '5.3.7') >= 0) {
|
||||
$this->cipher_name_openssl = 'rc4-40';
|
||||
} else {
|
||||
switch (strlen($this->key)) {
|
||||
case 5:
|
||||
$this->cipher_name_openssl = 'rc4-40';
|
||||
break;
|
||||
case 8:
|
||||
$this->cipher_name_openssl = 'rc4-64';
|
||||
break;
|
||||
case 16:
|
||||
$this->cipher_name_openssl = 'rc4';
|
||||
break;
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return parent::isValidEngine($engine);
|
||||
}
|
||||
|
||||
/**
|
||||
* Dummy function.
|
||||
*
|
||||
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
||||
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
||||
* calling setKey().
|
||||
*
|
||||
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
||||
* the IV's are relatively easy to predict, an attack described by
|
||||
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
||||
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
||||
*
|
||||
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
||||
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
||||
*
|
||||
* @param string $iv
|
||||
* @see self::setKey()
|
||||
* @access public
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key length
|
||||
*
|
||||
* Keys can be between 1 and 256 bytes long.
|
||||
*
|
||||
* @access public
|
||||
* @param int $length
|
||||
*/
|
||||
function setKeyLength($length)
|
||||
{
|
||||
if ($length < 8) {
|
||||
$this->key_length = 1;
|
||||
} elseif ($length > 2048) {
|
||||
$this->key_length = 256;
|
||||
} else {
|
||||
$this->key_length = $length >> 3;
|
||||
}
|
||||
|
||||
parent::setKeyLength($length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts a message.
|
||||
*
|
||||
* @see Crypt_Base::decrypt()
|
||||
* @see self::_crypt()
|
||||
* @access public
|
||||
* @param string $plaintext
|
||||
* @return string $ciphertext
|
||||
*/
|
||||
function encrypt($plaintext)
|
||||
{
|
||||
if ($this->engine != CRYPT_ENGINE_INTERNAL) {
|
||||
return parent::encrypt($plaintext);
|
||||
}
|
||||
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypts a message.
|
||||
*
|
||||
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
|
||||
* At least if the continuous buffer is disabled.
|
||||
*
|
||||
* @see Crypt_Base::encrypt()
|
||||
* @see self::_crypt()
|
||||
* @access public
|
||||
* @param string $ciphertext
|
||||
* @return string $plaintext
|
||||
*/
|
||||
function decrypt($ciphertext)
|
||||
{
|
||||
if ($this->engine != CRYPT_ENGINE_INTERNAL) {
|
||||
return parent::decrypt($ciphertext);
|
||||
}
|
||||
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Setup the key (expansion)
|
||||
*
|
||||
* @see Crypt_Base::_setupKey()
|
||||
* @access private
|
||||
*/
|
||||
function _setupKey()
|
||||
{
|
||||
$key = $this->key;
|
||||
$keyLength = strlen($key);
|
||||
$keyStream = range(0, 255);
|
||||
$j = 0;
|
||||
for ($i = 0; $i < 256; $i++) {
|
||||
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
|
||||
$temp = $keyStream[$i];
|
||||
$keyStream[$i] = $keyStream[$j];
|
||||
$keyStream[$j] = $temp;
|
||||
}
|
||||
|
||||
$this->stream = array();
|
||||
$this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array(
|
||||
0, // index $i
|
||||
0, // index $j
|
||||
$keyStream
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts or decrypts a message.
|
||||
*
|
||||
* @see self::encrypt()
|
||||
* @see self::decrypt()
|
||||
* @access private
|
||||
* @param string $text
|
||||
* @param int $mode
|
||||
* @return string $text
|
||||
*/
|
||||
function _crypt($text, $mode)
|
||||
{
|
||||
if ($this->changed) {
|
||||
$this->_setup();
|
||||
$this->changed = false;
|
||||
}
|
||||
|
||||
$stream = &$this->stream[$mode];
|
||||
if ($this->continuousBuffer) {
|
||||
$i = &$stream[0];
|
||||
$j = &$stream[1];
|
||||
$keyStream = &$stream[2];
|
||||
} else {
|
||||
$i = $stream[0];
|
||||
$j = $stream[1];
|
||||
$keyStream = $stream[2];
|
||||
}
|
||||
|
||||
$len = strlen($text);
|
||||
for ($k = 0; $k < $len; ++$k) {
|
||||
$i = ($i + 1) & 255;
|
||||
$ksi = $keyStream[$i];
|
||||
$j = ($j + $ksi) & 255;
|
||||
$ksj = $keyStream[$j];
|
||||
|
||||
$keyStream[$i] = $ksj;
|
||||
$keyStream[$j] = $ksi;
|
||||
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
|
||||
}
|
||||
|
||||
return $text;
|
||||
}
|
||||
}
|
||||
|
|
6152
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RSA.php
Normal file → Executable file
6152
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RSA.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
638
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Random.php
Normal file → Executable file
638
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Random.php
Normal file → Executable file
|
@ -1,300 +1,338 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Random Number Generator
|
||||
*
|
||||
* The idea behind this function is that it can be easily replaced with your own crypt_random_string()
|
||||
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/Random.php';
|
||||
*
|
||||
* echo bin2hex(crypt_random_string(8));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_Random
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2007 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently,
|
||||
// have phpseclib as a requirement as well. if you're developing such a program you may encounter
|
||||
// a "Cannot redeclare crypt_random_string()" error.
|
||||
if (!function_exists('crypt_random_string')) {
|
||||
/**
|
||||
* "Is Windows" test
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
|
||||
|
||||
/**
|
||||
* Generate a random string.
|
||||
*
|
||||
* Although microoptimizations are generally discouraged as they impair readability this function is ripe with
|
||||
* microoptimizations because this function has the potential of being called a huge number of times.
|
||||
* eg. for RSA key generation.
|
||||
*
|
||||
* @param Integer $length
|
||||
* @return String
|
||||
* @access public
|
||||
*/
|
||||
function crypt_random_string($length)
|
||||
{
|
||||
if (CRYPT_RANDOM_IS_WINDOWS) {
|
||||
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
|
||||
// ie. class_alias is a function that was introduced in PHP 5.3
|
||||
if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) {
|
||||
return mcrypt_create_iv($length);
|
||||
}
|
||||
// method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
|
||||
// to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
|
||||
// openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
|
||||
// call php_win32_get_random_bytes():
|
||||
//
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
|
||||
//
|
||||
// php_win32_get_random_bytes() is defined thusly:
|
||||
//
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
|
||||
//
|
||||
// we're calling it, all the same, in the off chance that the mcrypt extension is not available
|
||||
if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
|
||||
return openssl_random_pseudo_bytes($length);
|
||||
}
|
||||
} else {
|
||||
// method 1. the fastest
|
||||
if (function_exists('openssl_random_pseudo_bytes')) {
|
||||
return openssl_random_pseudo_bytes($length);
|
||||
}
|
||||
// method 2
|
||||
static $fp = true;
|
||||
if ($fp === true) {
|
||||
// warning's will be output unles the error suppression operator is used. errors such as
|
||||
// "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
|
||||
$fp = @fopen('/dev/urandom', 'rb');
|
||||
}
|
||||
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
|
||||
return fread($fp, $length);
|
||||
}
|
||||
// method 3. pretty much does the same thing as method 2 per the following url:
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
|
||||
// surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
|
||||
// not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
|
||||
// restrictions or some such
|
||||
if (function_exists('mcrypt_create_iv')) {
|
||||
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
|
||||
}
|
||||
}
|
||||
// at this point we have no choice but to use a pure-PHP CSPRNG
|
||||
|
||||
// cascade entropy across multiple PHP instances by fixing the session and collecting all
|
||||
// environmental variables, including the previous session data and the current session
|
||||
// data.
|
||||
//
|
||||
// mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
|
||||
// easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
|
||||
// PHP isn't low level to be able to use those as sources and on a web server there's not likely
|
||||
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
|
||||
// however, a ton of people visiting the website. obviously you don't want to base your seeding
|
||||
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
|
||||
// by the user and (2) this isn't just looking at the data sent by the current user - it's based
|
||||
// on the data sent by all users. one user requests the page and a hash of their info is saved.
|
||||
// another user visits the page and the serialization of their data is utilized along with the
|
||||
// server envirnment stuff and a hash of the previous http request data (which itself utilizes
|
||||
// a hash of the session data before that). certainly an attacker should be assumed to have
|
||||
// full control over his own http requests. he, however, is not going to have control over
|
||||
// everyone's http requests.
|
||||
static $crypto = false, $v;
|
||||
if ($crypto === false) {
|
||||
// save old session data
|
||||
$old_session_id = session_id();
|
||||
$old_use_cookies = ini_get('session.use_cookies');
|
||||
$old_session_cache_limiter = session_cache_limiter();
|
||||
$_OLD_SESSION = isset($_SESSION) ? $_SESSION : false;
|
||||
if ($old_session_id != '') {
|
||||
session_write_close();
|
||||
}
|
||||
|
||||
session_id(1);
|
||||
ini_set('session.use_cookies', 0);
|
||||
session_cache_limiter('');
|
||||
session_start();
|
||||
|
||||
$v = $seed = $_SESSION['seed'] = pack('H*', sha1(
|
||||
serialize($_SERVER) .
|
||||
serialize($_POST) .
|
||||
serialize($_GET) .
|
||||
serialize($_COOKIE) .
|
||||
serialize($GLOBALS) .
|
||||
serialize($_SESSION) .
|
||||
serialize($_OLD_SESSION)
|
||||
));
|
||||
if (!isset($_SESSION['count'])) {
|
||||
$_SESSION['count'] = 0;
|
||||
}
|
||||
$_SESSION['count']++;
|
||||
|
||||
session_write_close();
|
||||
|
||||
// restore old session data
|
||||
if ($old_session_id != '') {
|
||||
session_id($old_session_id);
|
||||
session_start();
|
||||
ini_set('session.use_cookies', $old_use_cookies);
|
||||
session_cache_limiter($old_session_cache_limiter);
|
||||
} else {
|
||||
if ($_OLD_SESSION !== false) {
|
||||
$_SESSION = $_OLD_SESSION;
|
||||
unset($_OLD_SESSION);
|
||||
} else {
|
||||
unset($_SESSION);
|
||||
}
|
||||
}
|
||||
|
||||
// in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
|
||||
// the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
|
||||
// if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
|
||||
// original hash and the current hash. we'll be emulating that. for more info see the following URL:
|
||||
//
|
||||
// http://tools.ietf.org/html/rfc4253#section-7.2
|
||||
//
|
||||
// see the is_string($crypto) part for an example of how to expand the keys
|
||||
$key = pack('H*', sha1($seed . 'A'));
|
||||
$iv = pack('H*', sha1($seed . 'C'));
|
||||
|
||||
// ciphers are used as per the nist.gov link below. also, see this link:
|
||||
//
|
||||
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
|
||||
switch (true) {
|
||||
case phpseclib_resolve_include_path('Crypt/AES.php'):
|
||||
if (!class_exists('Crypt_AES')) {
|
||||
include_once 'AES.php';
|
||||
}
|
||||
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/Twofish.php'):
|
||||
if (!class_exists('Crypt_Twofish')) {
|
||||
include_once 'Twofish.php';
|
||||
}
|
||||
$crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/Blowfish.php'):
|
||||
if (!class_exists('Crypt_Blowfish')) {
|
||||
include_once 'Blowfish.php';
|
||||
}
|
||||
$crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/TripleDES.php'):
|
||||
if (!class_exists('Crypt_TripleDES')) {
|
||||
include_once 'TripleDES.php';
|
||||
}
|
||||
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/DES.php'):
|
||||
if (!class_exists('Crypt_DES')) {
|
||||
include_once 'DES.php';
|
||||
}
|
||||
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/RC4.php'):
|
||||
if (!class_exists('Crypt_RC4')) {
|
||||
include_once 'RC4.php';
|
||||
}
|
||||
$crypto = new Crypt_RC4();
|
||||
break;
|
||||
default:
|
||||
user_error('crypt_random_string requires at least one symmetric cipher be loaded');
|
||||
return false;
|
||||
}
|
||||
|
||||
$crypto->setKey($key);
|
||||
$crypto->setIV($iv);
|
||||
$crypto->enableContinuousBuffer();
|
||||
}
|
||||
|
||||
//return $crypto->encrypt(str_repeat("\0", $length));
|
||||
|
||||
// the following is based off of ANSI X9.31:
|
||||
//
|
||||
// http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
|
||||
//
|
||||
// OpenSSL uses that same standard for it's random numbers:
|
||||
//
|
||||
// http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
|
||||
// (do a search for "ANS X9.31 A.2.4")
|
||||
$result = '';
|
||||
while (strlen($result) < $length) {
|
||||
$i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21
|
||||
$r = $crypto->encrypt($i ^ $v); // strlen($v) == 20
|
||||
$v = $crypto->encrypt($r ^ $i); // strlen($r) == 20
|
||||
$result.= $r;
|
||||
}
|
||||
return substr($result, 0, $length);
|
||||
}
|
||||
}
|
||||
|
||||
if (!function_exists('phpseclib_resolve_include_path')) {
|
||||
/**
|
||||
* Resolve filename against the include path.
|
||||
*
|
||||
* Wrapper around stream_resolve_include_path() (which was introduced in
|
||||
* PHP 5.3.2) with fallback implementation for earlier PHP versions.
|
||||
*
|
||||
* @param string $filename
|
||||
* @return mixed Filename (string) on success, false otherwise.
|
||||
* @access public
|
||||
*/
|
||||
function phpseclib_resolve_include_path($filename)
|
||||
{
|
||||
if (function_exists('stream_resolve_include_path')) {
|
||||
return stream_resolve_include_path($filename);
|
||||
}
|
||||
|
||||
// handle non-relative paths
|
||||
if (file_exists($filename)) {
|
||||
return realpath($filename);
|
||||
}
|
||||
|
||||
$paths = PATH_SEPARATOR == ':' ?
|
||||
preg_split('#(?<!phar):#', get_include_path()) :
|
||||
explode(PATH_SEPARATOR, get_include_path());
|
||||
foreach ($paths as $prefix) {
|
||||
// path's specified in include_path don't always end in /
|
||||
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR;
|
||||
$file = $prefix . $ds . $filename;
|
||||
if (file_exists($file)) {
|
||||
return realpath($file);
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Random Number Generator
|
||||
*
|
||||
* The idea behind this function is that it can be easily replaced with your own crypt_random_string()
|
||||
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/Random.php';
|
||||
*
|
||||
* echo bin2hex(crypt_random_string(8));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_Random
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2007 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently,
|
||||
// have phpseclib as a requirement as well. if you're developing such a program you may encounter
|
||||
// a "Cannot redeclare crypt_random_string()" error.
|
||||
if (!function_exists('crypt_random_string')) {
|
||||
/**
|
||||
* "Is Windows" test
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
|
||||
|
||||
/**
|
||||
* Generate a random string.
|
||||
*
|
||||
* Although microoptimizations are generally discouraged as they impair readability this function is ripe with
|
||||
* microoptimizations because this function has the potential of being called a huge number of times.
|
||||
* eg. for RSA key generation.
|
||||
*
|
||||
* @param int $length
|
||||
* @return string
|
||||
* @access public
|
||||
*/
|
||||
function crypt_random_string($length)
|
||||
{
|
||||
if (!$length) {
|
||||
return '';
|
||||
}
|
||||
|
||||
if (CRYPT_RANDOM_IS_WINDOWS) {
|
||||
// method 1. prior to PHP 5.3, mcrypt_create_iv() would call rand() on windows
|
||||
if (extension_loaded('mcrypt') && version_compare(PHP_VERSION, '5.3.0', '>=')) {
|
||||
return @mcrypt_create_iv($length);
|
||||
}
|
||||
// method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
|
||||
// to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
|
||||
// openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
|
||||
// call php_win32_get_random_bytes():
|
||||
//
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
|
||||
//
|
||||
// php_win32_get_random_bytes() is defined thusly:
|
||||
//
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
|
||||
//
|
||||
// we're calling it, all the same, in the off chance that the mcrypt extension is not available
|
||||
if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
|
||||
return openssl_random_pseudo_bytes($length);
|
||||
}
|
||||
} else {
|
||||
// method 1. the fastest
|
||||
if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.0', '>=')) {
|
||||
return openssl_random_pseudo_bytes($length);
|
||||
}
|
||||
// method 2
|
||||
static $fp = true;
|
||||
if ($fp === true) {
|
||||
// warning's will be output unles the error suppression operator is used. errors such as
|
||||
// "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
|
||||
$fp = @fopen('/dev/urandom', 'rb');
|
||||
}
|
||||
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
|
||||
return fread($fp, $length);
|
||||
}
|
||||
// method 3. pretty much does the same thing as method 2 per the following url:
|
||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
|
||||
// surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
|
||||
// not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
|
||||
// restrictions or some such
|
||||
if (extension_loaded('mcrypt')) {
|
||||
return @mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
|
||||
}
|
||||
}
|
||||
// at this point we have no choice but to use a pure-PHP CSPRNG
|
||||
|
||||
// cascade entropy across multiple PHP instances by fixing the session and collecting all
|
||||
// environmental variables, including the previous session data and the current session
|
||||
// data.
|
||||
//
|
||||
// mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
|
||||
// easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
|
||||
// PHP isn't low level to be able to use those as sources and on a web server there's not likely
|
||||
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
|
||||
// however, a ton of people visiting the website. obviously you don't want to base your seeding
|
||||
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
|
||||
// by the user and (2) this isn't just looking at the data sent by the current user - it's based
|
||||
// on the data sent by all users. one user requests the page and a hash of their info is saved.
|
||||
// another user visits the page and the serialization of their data is utilized along with the
|
||||
// server envirnment stuff and a hash of the previous http request data (which itself utilizes
|
||||
// a hash of the session data before that). certainly an attacker should be assumed to have
|
||||
// full control over his own http requests. he, however, is not going to have control over
|
||||
// everyone's http requests.
|
||||
static $crypto = false, $v;
|
||||
if ($crypto === false) {
|
||||
// save old session data
|
||||
$old_session_id = session_id();
|
||||
$old_use_cookies = ini_get('session.use_cookies');
|
||||
$old_session_cache_limiter = session_cache_limiter();
|
||||
$_OLD_SESSION = isset($_SESSION) ? $_SESSION : false;
|
||||
if ($old_session_id != '') {
|
||||
session_write_close();
|
||||
}
|
||||
|
||||
session_id(1);
|
||||
ini_set('session.use_cookies', 0);
|
||||
session_cache_limiter('');
|
||||
session_start();
|
||||
|
||||
$v = $seed = $_SESSION['seed'] = pack('H*', sha1(
|
||||
(isset($_SERVER) ? phpseclib_safe_serialize($_SERVER) : '') .
|
||||
(isset($_POST) ? phpseclib_safe_serialize($_POST) : '') .
|
||||
(isset($_GET) ? phpseclib_safe_serialize($_GET) : '') .
|
||||
(isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') .
|
||||
phpseclib_safe_serialize($GLOBALS) .
|
||||
phpseclib_safe_serialize($_SESSION) .
|
||||
phpseclib_safe_serialize($_OLD_SESSION)
|
||||
));
|
||||
if (!isset($_SESSION['count'])) {
|
||||
$_SESSION['count'] = 0;
|
||||
}
|
||||
$_SESSION['count']++;
|
||||
|
||||
session_write_close();
|
||||
|
||||
// restore old session data
|
||||
if ($old_session_id != '') {
|
||||
session_id($old_session_id);
|
||||
session_start();
|
||||
ini_set('session.use_cookies', $old_use_cookies);
|
||||
session_cache_limiter($old_session_cache_limiter);
|
||||
} else {
|
||||
if ($_OLD_SESSION !== false) {
|
||||
$_SESSION = $_OLD_SESSION;
|
||||
unset($_OLD_SESSION);
|
||||
} else {
|
||||
unset($_SESSION);
|
||||
}
|
||||
}
|
||||
|
||||
// in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
|
||||
// the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
|
||||
// if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
|
||||
// original hash and the current hash. we'll be emulating that. for more info see the following URL:
|
||||
//
|
||||
// http://tools.ietf.org/html/rfc4253#section-7.2
|
||||
//
|
||||
// see the is_string($crypto) part for an example of how to expand the keys
|
||||
$key = pack('H*', sha1($seed . 'A'));
|
||||
$iv = pack('H*', sha1($seed . 'C'));
|
||||
|
||||
// ciphers are used as per the nist.gov link below. also, see this link:
|
||||
//
|
||||
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
|
||||
switch (true) {
|
||||
case phpseclib_resolve_include_path('Crypt/AES.php'):
|
||||
if (!class_exists('Crypt_AES')) {
|
||||
include_once 'AES.php';
|
||||
}
|
||||
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/Twofish.php'):
|
||||
if (!class_exists('Crypt_Twofish')) {
|
||||
include_once 'Twofish.php';
|
||||
}
|
||||
$crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/Blowfish.php'):
|
||||
if (!class_exists('Crypt_Blowfish')) {
|
||||
include_once 'Blowfish.php';
|
||||
}
|
||||
$crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/TripleDES.php'):
|
||||
if (!class_exists('Crypt_TripleDES')) {
|
||||
include_once 'TripleDES.php';
|
||||
}
|
||||
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/DES.php'):
|
||||
if (!class_exists('Crypt_DES')) {
|
||||
include_once 'DES.php';
|
||||
}
|
||||
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
|
||||
break;
|
||||
case phpseclib_resolve_include_path('Crypt/RC4.php'):
|
||||
if (!class_exists('Crypt_RC4')) {
|
||||
include_once 'RC4.php';
|
||||
}
|
||||
$crypto = new Crypt_RC4();
|
||||
break;
|
||||
default:
|
||||
user_error('crypt_random_string requires at least one symmetric cipher be loaded');
|
||||
return false;
|
||||
}
|
||||
|
||||
$crypto->setKey($key);
|
||||
$crypto->setIV($iv);
|
||||
$crypto->enableContinuousBuffer();
|
||||
}
|
||||
|
||||
//return $crypto->encrypt(str_repeat("\0", $length));
|
||||
|
||||
// the following is based off of ANSI X9.31:
|
||||
//
|
||||
// http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
|
||||
//
|
||||
// OpenSSL uses that same standard for it's random numbers:
|
||||
//
|
||||
// http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
|
||||
// (do a search for "ANS X9.31 A.2.4")
|
||||
$result = '';
|
||||
while (strlen($result) < $length) {
|
||||
$i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21
|
||||
$r = $crypto->encrypt($i ^ $v); // strlen($v) == 20
|
||||
$v = $crypto->encrypt($r ^ $i); // strlen($r) == 20
|
||||
$result.= $r;
|
||||
}
|
||||
return substr($result, 0, $length);
|
||||
}
|
||||
}
|
||||
|
||||
if (!function_exists('phpseclib_safe_serialize')) {
|
||||
/**
|
||||
* Safely serialize variables
|
||||
*
|
||||
* If a class has a private __sleep() method it'll give a fatal error on PHP 5.2 and earlier.
|
||||
* PHP 5.3 will emit a warning.
|
||||
*
|
||||
* @param mixed $arr
|
||||
* @access public
|
||||
*/
|
||||
function phpseclib_safe_serialize(&$arr)
|
||||
{
|
||||
if (is_object($arr)) {
|
||||
return '';
|
||||
}
|
||||
if (!is_array($arr)) {
|
||||
return serialize($arr);
|
||||
}
|
||||
// prevent circular array recursion
|
||||
if (isset($arr['__phpseclib_marker'])) {
|
||||
return '';
|
||||
}
|
||||
$safearr = array();
|
||||
$arr['__phpseclib_marker'] = true;
|
||||
foreach (array_keys($arr) as $key) {
|
||||
// do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage
|
||||
if ($key !== '__phpseclib_marker') {
|
||||
$safearr[$key] = phpseclib_safe_serialize($arr[$key]);
|
||||
}
|
||||
}
|
||||
unset($arr['__phpseclib_marker']);
|
||||
return serialize($safearr);
|
||||
}
|
||||
}
|
||||
|
||||
if (!function_exists('phpseclib_resolve_include_path')) {
|
||||
/**
|
||||
* Resolve filename against the include path.
|
||||
*
|
||||
* Wrapper around stream_resolve_include_path() (which was introduced in
|
||||
* PHP 5.3.2) with fallback implementation for earlier PHP versions.
|
||||
*
|
||||
* @param string $filename
|
||||
* @return string|false
|
||||
* @access public
|
||||
*/
|
||||
function phpseclib_resolve_include_path($filename)
|
||||
{
|
||||
if (function_exists('stream_resolve_include_path')) {
|
||||
return stream_resolve_include_path($filename);
|
||||
}
|
||||
|
||||
// handle non-relative paths
|
||||
if (file_exists($filename)) {
|
||||
return realpath($filename);
|
||||
}
|
||||
|
||||
$paths = PATH_SEPARATOR == ':' ?
|
||||
preg_split('#(?<!phar):#', get_include_path()) :
|
||||
explode(PATH_SEPARATOR, get_include_path());
|
||||
foreach ($paths as $prefix) {
|
||||
// path's specified in include_path don't always end in /
|
||||
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR;
|
||||
$file = $prefix . $ds . $filename;
|
||||
if (file_exists($file)) {
|
||||
return realpath($file);
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
2398
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Rijndael.php
Normal file → Executable file
2398
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Rijndael.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
945
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/TripleDES.php
Normal file → Executable file
945
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/TripleDES.php
Normal file → Executable file
|
@ -1,428 +1,517 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of Triple DES.
|
||||
*
|
||||
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/TripleDES.php';
|
||||
*
|
||||
* $des = new Crypt_TripleDES();
|
||||
*
|
||||
* $des->setKey('abcdefghijklmnopqrstuvwx');
|
||||
*
|
||||
* $size = 10 * 1024;
|
||||
* $plaintext = '';
|
||||
* for ($i = 0; $i < $size; $i++) {
|
||||
* $plaintext.= 'a';
|
||||
* }
|
||||
*
|
||||
* echo $des->decrypt($des->encrypt($plaintext));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_TripleDES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2007 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Crypt_DES
|
||||
*/
|
||||
if (!class_exists('Crypt_DES')) {
|
||||
include_once 'DES.php';
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt / decrypt using inner chaining
|
||||
*
|
||||
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
||||
*/
|
||||
define('CRYPT_DES_MODE_3CBC', -2);
|
||||
|
||||
/**
|
||||
* Encrypt / decrypt using outer chaining
|
||||
*
|
||||
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
||||
*/
|
||||
define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC);
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of Triple DES.
|
||||
*
|
||||
* @package Crypt_TripleDES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Crypt_TripleDES extends Crypt_DES
|
||||
{
|
||||
/**
|
||||
* The default password key_size used by setPassword()
|
||||
*
|
||||
* @see Crypt_DES::password_key_size
|
||||
* @see Crypt_Base::password_key_size
|
||||
* @see Crypt_Base::setPassword()
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $password_key_size = 24;
|
||||
|
||||
/**
|
||||
* The default salt used by setPassword()
|
||||
*
|
||||
* @see Crypt_Base::password_default_salt
|
||||
* @see Crypt_Base::setPassword()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $password_default_salt = 'phpseclib';
|
||||
|
||||
/**
|
||||
* The namespace used by the cipher for its constants.
|
||||
*
|
||||
* @see Crypt_DES::const_namespace
|
||||
* @see Crypt_Base::const_namespace
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $const_namespace = 'DES';
|
||||
|
||||
/**
|
||||
* The mcrypt specific name of the cipher
|
||||
*
|
||||
* @see Crypt_DES::cipher_name_mcrypt
|
||||
* @see Crypt_Base::cipher_name_mcrypt
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $cipher_name_mcrypt = 'tripledes';
|
||||
|
||||
/**
|
||||
* Optimizing value while CFB-encrypting
|
||||
*
|
||||
* @see Crypt_Base::cfb_init_len
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $cfb_init_len = 750;
|
||||
|
||||
/**
|
||||
* max possible size of $key
|
||||
*
|
||||
* @see Crypt_TripleDES::setKey()
|
||||
* @see Crypt_DES::setKey()
|
||||
* @var String
|
||||
* @access private
|
||||
*/
|
||||
var $key_size_max = 24;
|
||||
|
||||
/**
|
||||
* Internal flag whether using CRYPT_DES_MODE_3CBC or not
|
||||
*
|
||||
* @var Boolean
|
||||
* @access private
|
||||
*/
|
||||
var $mode_3cbc;
|
||||
|
||||
/**
|
||||
* The Crypt_DES objects
|
||||
*
|
||||
* Used only if $mode_3cbc === true
|
||||
*
|
||||
* @var Array
|
||||
* @access private
|
||||
*/
|
||||
var $des;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* Determines whether or not the mcrypt extension should be used.
|
||||
*
|
||||
* $mode could be:
|
||||
*
|
||||
* - CRYPT_DES_MODE_ECB
|
||||
*
|
||||
* - CRYPT_DES_MODE_CBC
|
||||
*
|
||||
* - CRYPT_DES_MODE_CTR
|
||||
*
|
||||
* - CRYPT_DES_MODE_CFB
|
||||
*
|
||||
* - CRYPT_DES_MODE_OFB
|
||||
*
|
||||
* - CRYPT_DES_MODE_3CBC
|
||||
*
|
||||
* If not explicitly set, CRYPT_DES_MODE_CBC will be used.
|
||||
*
|
||||
* @see Crypt_DES::Crypt_DES()
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @param optional Integer $mode
|
||||
* @access public
|
||||
*/
|
||||
function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC)
|
||||
{
|
||||
switch ($mode) {
|
||||
// In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC
|
||||
// and additional flag us internally as 3CBC
|
||||
case CRYPT_DES_MODE_3CBC:
|
||||
parent::Crypt_Base(CRYPT_DES_MODE_CBC);
|
||||
$this->mode_3cbc = true;
|
||||
|
||||
// This three $des'es will do the 3CBC work (if $key > 64bits)
|
||||
$this->des = array(
|
||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
||||
);
|
||||
|
||||
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
||||
$this->des[0]->disablePadding();
|
||||
$this->des[1]->disablePadding();
|
||||
$this->des[2]->disablePadding();
|
||||
break;
|
||||
// If not 3CBC, we init as usual
|
||||
default:
|
||||
parent::Crypt_Base($mode);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the initialization vector. (optional)
|
||||
*
|
||||
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed
|
||||
* to be all zero's.
|
||||
*
|
||||
* @see Crypt_Base::setIV()
|
||||
* @access public
|
||||
* @param String $iv
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
parent::setIV($iv);
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->setIV($iv);
|
||||
$this->des[1]->setIV($iv);
|
||||
$this->des[2]->setIV($iv);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key.
|
||||
*
|
||||
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
|
||||
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
|
||||
*
|
||||
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
||||
*
|
||||
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
||||
*
|
||||
* @access public
|
||||
* @see Crypt_DES::setKey()
|
||||
* @see Crypt_Base::setKey()
|
||||
* @param String $key
|
||||
*/
|
||||
function setKey($key)
|
||||
{
|
||||
$length = strlen($key);
|
||||
if ($length > 8) {
|
||||
$key = str_pad(substr($key, 0, 24), 24, chr(0));
|
||||
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
||||
// http://php.net/function.mcrypt-encrypt#47973
|
||||
//$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
||||
} else {
|
||||
$key = str_pad($key, 8, chr(0));
|
||||
}
|
||||
parent::setKey($key);
|
||||
|
||||
// And in case of CRYPT_DES_MODE_3CBC:
|
||||
// if key <= 64bits we not need the 3 $des to work,
|
||||
// because we will then act as regular DES-CBC with just a <= 64bit key.
|
||||
// So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des.
|
||||
if ($this->mode_3cbc && $length > 8) {
|
||||
$this->des[0]->setKey(substr($key, 0, 8));
|
||||
$this->des[1]->setKey(substr($key, 8, 8));
|
||||
$this->des[2]->setKey(substr($key, 16, 8));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts a message.
|
||||
*
|
||||
* @see Crypt_Base::encrypt()
|
||||
* @access public
|
||||
* @param String $plaintext
|
||||
* @return String $cipertext
|
||||
*/
|
||||
function encrypt($plaintext)
|
||||
{
|
||||
// parent::en/decrypt() is able to do all the work for all modes and keylengths,
|
||||
// except for: CRYPT_DES_MODE_3CBC (inner chaining CBC) with a key > 64bits
|
||||
|
||||
// if the key is smaller then 8, do what we'd normally do
|
||||
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
||||
return $this->des[2]->encrypt(
|
||||
$this->des[1]->decrypt(
|
||||
$this->des[0]->encrypt(
|
||||
$this->_pad($plaintext)
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return parent::encrypt($plaintext);
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypts a message.
|
||||
*
|
||||
* @see Crypt_Base::decrypt()
|
||||
* @access public
|
||||
* @param String $ciphertext
|
||||
* @return String $plaintext
|
||||
*/
|
||||
function decrypt($ciphertext)
|
||||
{
|
||||
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
||||
return $this->_unpad(
|
||||
$this->des[0]->decrypt(
|
||||
$this->des[1]->encrypt(
|
||||
$this->des[2]->decrypt(
|
||||
str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0")
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return parent::decrypt($ciphertext);
|
||||
}
|
||||
|
||||
/**
|
||||
* Treat consecutive "packets" as if they are a continuous buffer.
|
||||
*
|
||||
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
||||
* will yield different outputs:
|
||||
*
|
||||
* <code>
|
||||
* echo $des->encrypt(substr($plaintext, 0, 8));
|
||||
* echo $des->encrypt(substr($plaintext, 8, 8));
|
||||
* </code>
|
||||
* <code>
|
||||
* echo $des->encrypt($plaintext);
|
||||
* </code>
|
||||
*
|
||||
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
||||
* another, as demonstrated with the following:
|
||||
*
|
||||
* <code>
|
||||
* $des->encrypt(substr($plaintext, 0, 8));
|
||||
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
||||
* </code>
|
||||
* <code>
|
||||
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
||||
* </code>
|
||||
*
|
||||
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
||||
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
||||
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
||||
*
|
||||
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
||||
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
||||
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
||||
* however, they are also less intuitive and more likely to cause you problems.
|
||||
*
|
||||
* @see Crypt_Base::enableContinuousBuffer()
|
||||
* @see Crypt_TripleDES::disableContinuousBuffer()
|
||||
* @access public
|
||||
*/
|
||||
function enableContinuousBuffer()
|
||||
{
|
||||
parent::enableContinuousBuffer();
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->enableContinuousBuffer();
|
||||
$this->des[1]->enableContinuousBuffer();
|
||||
$this->des[2]->enableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Treat consecutive packets as if they are a discontinuous buffer.
|
||||
*
|
||||
* The default behavior.
|
||||
*
|
||||
* @see Crypt_Base::disableContinuousBuffer()
|
||||
* @see Crypt_TripleDES::enableContinuousBuffer()
|
||||
* @access public
|
||||
*/
|
||||
function disableContinuousBuffer()
|
||||
{
|
||||
parent::disableContinuousBuffer();
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->disableContinuousBuffer();
|
||||
$this->des[1]->disableContinuousBuffer();
|
||||
$this->des[2]->disableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates the key schedule
|
||||
*
|
||||
* @see Crypt_DES::_setupKey()
|
||||
* @see Crypt_Base::_setupKey()
|
||||
* @access private
|
||||
*/
|
||||
function _setupKey()
|
||||
{
|
||||
switch (true) {
|
||||
// if $key <= 64bits we configure our internal pure-php cipher engine
|
||||
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
|
||||
case strlen($this->key) <= 8:
|
||||
$this->des_rounds = 1;
|
||||
break;
|
||||
|
||||
// otherwise, if $key > 64bits, we configure our engine to work as 3DES.
|
||||
default:
|
||||
$this->des_rounds = 3;
|
||||
|
||||
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->_setupKey();
|
||||
$this->des[1]->_setupKey();
|
||||
$this->des[2]->_setupKey();
|
||||
|
||||
// because $des[0-2] will, now, do all the work we can return here
|
||||
// not need unnecessary stress parent::_setupKey() with our, now unused, $key.
|
||||
return;
|
||||
}
|
||||
}
|
||||
// setup our key
|
||||
parent::_setupKey();
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of Triple DES.
|
||||
*
|
||||
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Crypt/TripleDES.php';
|
||||
*
|
||||
* $des = new Crypt_TripleDES();
|
||||
*
|
||||
* $des->setKey('abcdefghijklmnopqrstuvwx');
|
||||
*
|
||||
* $size = 10 * 1024;
|
||||
* $plaintext = '';
|
||||
* for ($i = 0; $i < $size; $i++) {
|
||||
* $plaintext.= 'a';
|
||||
* }
|
||||
*
|
||||
* echo $des->decrypt($des->encrypt($plaintext));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Crypt
|
||||
* @package Crypt_TripleDES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2007 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**
|
||||
* Include Crypt_DES
|
||||
*/
|
||||
if (!class_exists('Crypt_DES')) {
|
||||
include_once 'DES.php';
|
||||
}
|
||||
|
||||
/**#@+
|
||||
* @access public
|
||||
* @see self::Crypt_TripleDES()
|
||||
*/
|
||||
/**
|
||||
* Encrypt / decrypt using inner chaining
|
||||
*
|
||||
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
||||
*/
|
||||
define('CRYPT_MODE_3CBC', -2);
|
||||
/**
|
||||
* BC version of the above.
|
||||
*/
|
||||
define('CRYPT_DES_MODE_3CBC', -2);
|
||||
/**
|
||||
* Encrypt / decrypt using outer chaining
|
||||
*
|
||||
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
||||
*/
|
||||
define('CRYPT_MODE_CBC3', CRYPT_MODE_CBC);
|
||||
/**
|
||||
* BC version of the above.
|
||||
*/
|
||||
define('CRYPT_DES_MODE_CBC3', CRYPT_MODE_CBC3);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of Triple DES.
|
||||
*
|
||||
* @package Crypt_TripleDES
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Crypt_TripleDES extends Crypt_DES
|
||||
{
|
||||
/**
|
||||
* Key Length (in bytes)
|
||||
*
|
||||
* @see Crypt_TripleDES::setKeyLength()
|
||||
* @var int
|
||||
* @access private
|
||||
*/
|
||||
var $key_length = 24;
|
||||
|
||||
/**
|
||||
* The default salt used by setPassword()
|
||||
*
|
||||
* @see Crypt_Base::password_default_salt
|
||||
* @see Crypt_Base::setPassword()
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $password_default_salt = 'phpseclib';
|
||||
|
||||
/**
|
||||
* The namespace used by the cipher for its constants.
|
||||
*
|
||||
* @see Crypt_DES::const_namespace
|
||||
* @see Crypt_Base::const_namespace
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $const_namespace = 'DES';
|
||||
|
||||
/**
|
||||
* The mcrypt specific name of the cipher
|
||||
*
|
||||
* @see Crypt_DES::cipher_name_mcrypt
|
||||
* @see Crypt_Base::cipher_name_mcrypt
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $cipher_name_mcrypt = 'tripledes';
|
||||
|
||||
/**
|
||||
* Optimizing value while CFB-encrypting
|
||||
*
|
||||
* @see Crypt_Base::cfb_init_len
|
||||
* @var int
|
||||
* @access private
|
||||
*/
|
||||
var $cfb_init_len = 750;
|
||||
|
||||
/**
|
||||
* max possible size of $key
|
||||
*
|
||||
* @see self::setKey()
|
||||
* @see Crypt_DES::setKey()
|
||||
* @var string
|
||||
* @access private
|
||||
*/
|
||||
var $key_length_max = 24;
|
||||
|
||||
/**
|
||||
* Internal flag whether using CRYPT_DES_MODE_3CBC or not
|
||||
*
|
||||
* @var bool
|
||||
* @access private
|
||||
*/
|
||||
var $mode_3cbc;
|
||||
|
||||
/**
|
||||
* The Crypt_DES objects
|
||||
*
|
||||
* Used only if $mode_3cbc === true
|
||||
*
|
||||
* @var array
|
||||
* @access private
|
||||
*/
|
||||
var $des;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* Determines whether or not the mcrypt extension should be used.
|
||||
*
|
||||
* $mode could be:
|
||||
*
|
||||
* - CRYPT_DES_MODE_ECB
|
||||
*
|
||||
* - CRYPT_DES_MODE_CBC
|
||||
*
|
||||
* - CRYPT_DES_MODE_CTR
|
||||
*
|
||||
* - CRYPT_DES_MODE_CFB
|
||||
*
|
||||
* - CRYPT_DES_MODE_OFB
|
||||
*
|
||||
* - CRYPT_DES_MODE_3CBC
|
||||
*
|
||||
* If not explicitly set, CRYPT_DES_MODE_CBC will be used.
|
||||
*
|
||||
* @see Crypt_DES::Crypt_DES()
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @param int $mode
|
||||
* @access public
|
||||
*/
|
||||
function __construct($mode = CRYPT_MODE_CBC)
|
||||
{
|
||||
switch ($mode) {
|
||||
// In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC
|
||||
// and additional flag us internally as 3CBC
|
||||
case CRYPT_DES_MODE_3CBC:
|
||||
parent::Crypt_Base(CRYPT_MODE_CBC);
|
||||
$this->mode_3cbc = true;
|
||||
|
||||
// This three $des'es will do the 3CBC work (if $key > 64bits)
|
||||
$this->des = array(
|
||||
new Crypt_DES(CRYPT_MODE_CBC),
|
||||
new Crypt_DES(CRYPT_MODE_CBC),
|
||||
new Crypt_DES(CRYPT_MODE_CBC),
|
||||
);
|
||||
|
||||
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
||||
$this->des[0]->disablePadding();
|
||||
$this->des[1]->disablePadding();
|
||||
$this->des[2]->disablePadding();
|
||||
break;
|
||||
// If not 3CBC, we init as usual
|
||||
default:
|
||||
parent::__construct($mode);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* PHP4 compatible Default Constructor.
|
||||
*
|
||||
* @see self::__construct()
|
||||
* @param int $mode
|
||||
* @access public
|
||||
*/
|
||||
function Crypt_TripleDES($mode = CRYPT_MODE_CBC)
|
||||
{
|
||||
$this->__construct($mode);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test for engine validity
|
||||
*
|
||||
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine()
|
||||
*
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @param int $engine
|
||||
* @access public
|
||||
* @return bool
|
||||
*/
|
||||
function isValidEngine($engine)
|
||||
{
|
||||
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
||||
$this->cipher_name_openssl_ecb = 'des-ede3';
|
||||
$mode = $this->_openssl_translate_mode();
|
||||
$this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode;
|
||||
}
|
||||
|
||||
return parent::isValidEngine($engine);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the initialization vector. (optional)
|
||||
*
|
||||
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed
|
||||
* to be all zero's.
|
||||
*
|
||||
* @see Crypt_Base::setIV()
|
||||
* @access public
|
||||
* @param string $iv
|
||||
*/
|
||||
function setIV($iv)
|
||||
{
|
||||
parent::setIV($iv);
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->setIV($iv);
|
||||
$this->des[1]->setIV($iv);
|
||||
$this->des[2]->setIV($iv);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key length.
|
||||
*
|
||||
* Valid key lengths are 64, 128 and 192
|
||||
*
|
||||
* @see Crypt_Base:setKeyLength()
|
||||
* @access public
|
||||
* @param int $length
|
||||
*/
|
||||
function setKeyLength($length)
|
||||
{
|
||||
$length >>= 3;
|
||||
switch (true) {
|
||||
case $length <= 8:
|
||||
$this->key_length = 8;
|
||||
break;
|
||||
case $length <= 16:
|
||||
$this->key_length = 16;
|
||||
break;
|
||||
default:
|
||||
$this->key_length = 24;
|
||||
}
|
||||
|
||||
parent::setKeyLength($length);
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the key.
|
||||
*
|
||||
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
|
||||
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
|
||||
*
|
||||
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
||||
*
|
||||
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
||||
*
|
||||
* @access public
|
||||
* @see Crypt_DES::setKey()
|
||||
* @see Crypt_Base::setKey()
|
||||
* @param string $key
|
||||
*/
|
||||
function setKey($key)
|
||||
{
|
||||
$length = $this->explicit_key_length ? $this->key_length : strlen($key);
|
||||
if ($length > 8) {
|
||||
$key = str_pad(substr($key, 0, 24), 24, chr(0));
|
||||
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
||||
// http://php.net/function.mcrypt-encrypt#47973
|
||||
$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
||||
} else {
|
||||
$key = str_pad($key, 8, chr(0));
|
||||
}
|
||||
parent::setKey($key);
|
||||
|
||||
// And in case of CRYPT_DES_MODE_3CBC:
|
||||
// if key <= 64bits we not need the 3 $des to work,
|
||||
// because we will then act as regular DES-CBC with just a <= 64bit key.
|
||||
// So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des.
|
||||
if ($this->mode_3cbc && $length > 8) {
|
||||
$this->des[0]->setKey(substr($key, 0, 8));
|
||||
$this->des[1]->setKey(substr($key, 8, 8));
|
||||
$this->des[2]->setKey(substr($key, 16, 8));
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypts a message.
|
||||
*
|
||||
* @see Crypt_Base::encrypt()
|
||||
* @access public
|
||||
* @param string $plaintext
|
||||
* @return string $cipertext
|
||||
*/
|
||||
function encrypt($plaintext)
|
||||
{
|
||||
// parent::en/decrypt() is able to do all the work for all modes and keylengths,
|
||||
// except for: CRYPT_MODE_3CBC (inner chaining CBC) with a key > 64bits
|
||||
|
||||
// if the key is smaller then 8, do what we'd normally do
|
||||
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
||||
return $this->des[2]->encrypt(
|
||||
$this->des[1]->decrypt(
|
||||
$this->des[0]->encrypt(
|
||||
$this->_pad($plaintext)
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return parent::encrypt($plaintext);
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypts a message.
|
||||
*
|
||||
* @see Crypt_Base::decrypt()
|
||||
* @access public
|
||||
* @param string $ciphertext
|
||||
* @return string $plaintext
|
||||
*/
|
||||
function decrypt($ciphertext)
|
||||
{
|
||||
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
||||
return $this->_unpad(
|
||||
$this->des[0]->decrypt(
|
||||
$this->des[1]->encrypt(
|
||||
$this->des[2]->decrypt(
|
||||
str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0")
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
return parent::decrypt($ciphertext);
|
||||
}
|
||||
|
||||
/**
|
||||
* Treat consecutive "packets" as if they are a continuous buffer.
|
||||
*
|
||||
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
||||
* will yield different outputs:
|
||||
*
|
||||
* <code>
|
||||
* echo $des->encrypt(substr($plaintext, 0, 8));
|
||||
* echo $des->encrypt(substr($plaintext, 8, 8));
|
||||
* </code>
|
||||
* <code>
|
||||
* echo $des->encrypt($plaintext);
|
||||
* </code>
|
||||
*
|
||||
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
||||
* another, as demonstrated with the following:
|
||||
*
|
||||
* <code>
|
||||
* $des->encrypt(substr($plaintext, 0, 8));
|
||||
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
||||
* </code>
|
||||
* <code>
|
||||
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
||||
* </code>
|
||||
*
|
||||
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
||||
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
||||
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
||||
*
|
||||
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
||||
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
||||
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
||||
* however, they are also less intuitive and more likely to cause you problems.
|
||||
*
|
||||
* @see Crypt_Base::enableContinuousBuffer()
|
||||
* @see self::disableContinuousBuffer()
|
||||
* @access public
|
||||
*/
|
||||
function enableContinuousBuffer()
|
||||
{
|
||||
parent::enableContinuousBuffer();
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->enableContinuousBuffer();
|
||||
$this->des[1]->enableContinuousBuffer();
|
||||
$this->des[2]->enableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Treat consecutive packets as if they are a discontinuous buffer.
|
||||
*
|
||||
* The default behavior.
|
||||
*
|
||||
* @see Crypt_Base::disableContinuousBuffer()
|
||||
* @see self::enableContinuousBuffer()
|
||||
* @access public
|
||||
*/
|
||||
function disableContinuousBuffer()
|
||||
{
|
||||
parent::disableContinuousBuffer();
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->disableContinuousBuffer();
|
||||
$this->des[1]->disableContinuousBuffer();
|
||||
$this->des[2]->disableContinuousBuffer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates the key schedule
|
||||
*
|
||||
* @see Crypt_DES::_setupKey()
|
||||
* @see Crypt_Base::_setupKey()
|
||||
* @access private
|
||||
*/
|
||||
function _setupKey()
|
||||
{
|
||||
switch (true) {
|
||||
// if $key <= 64bits we configure our internal pure-php cipher engine
|
||||
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
|
||||
case strlen($this->key) <= 8:
|
||||
$this->des_rounds = 1;
|
||||
break;
|
||||
|
||||
// otherwise, if $key > 64bits, we configure our engine to work as 3DES.
|
||||
default:
|
||||
$this->des_rounds = 3;
|
||||
|
||||
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->_setupKey();
|
||||
$this->des[1]->_setupKey();
|
||||
$this->des[2]->_setupKey();
|
||||
|
||||
// because $des[0-2] will, now, do all the work we can return here
|
||||
// not need unnecessary stress parent::_setupKey() with our, now unused, $key.
|
||||
return;
|
||||
}
|
||||
}
|
||||
// setup our key
|
||||
parent::_setupKey();
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the internal crypt engine
|
||||
*
|
||||
* @see Crypt_Base::Crypt_Base()
|
||||
* @see Crypt_Base::setPreferredEngine()
|
||||
* @param int $engine
|
||||
* @access public
|
||||
* @return int
|
||||
*/
|
||||
function setPreferredEngine($engine)
|
||||
{
|
||||
if ($this->mode_3cbc) {
|
||||
$this->des[0]->setPreferredEngine($engine);
|
||||
$this->des[1]->setPreferredEngine($engine);
|
||||
$this->des[2]->setPreferredEngine($engine);
|
||||
}
|
||||
|
||||
return parent::setPreferredEngine($engine);
|
||||
}
|
||||
}
|
||||
|
|
1784
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Twofish.php
Normal file → Executable file
1784
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Twofish.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1163
rainloop/v/0.0.0/app/libraries/phpseclib/File/ANSI.php
Normal file → Executable file
1163
rainloop/v/0.0.0/app/libraries/phpseclib/File/ANSI.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
2843
rainloop/v/0.0.0/app/libraries/phpseclib/File/ASN1.php
Normal file → Executable file
2843
rainloop/v/0.0.0/app/libraries/phpseclib/File/ASN1.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
9731
rainloop/v/0.0.0/app/libraries/phpseclib/File/X509.php
Normal file → Executable file
9731
rainloop/v/0.0.0/app/libraries/phpseclib/File/X509.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
7570
rainloop/v/0.0.0/app/libraries/phpseclib/Math/BigInteger.php
Normal file → Executable file
7570
rainloop/v/0.0.0/app/libraries/phpseclib/Math/BigInteger.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
738
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SCP.php
Normal file → Executable file
738
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SCP.php
Normal file → Executable file
|
@ -1,360 +1,378 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of SCP.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Net/SCP.php';
|
||||
* include 'Net/SSH2.php';
|
||||
*
|
||||
* $ssh = new Net_SSH2('www.domain.tld');
|
||||
* if (!$ssh->login('username', 'password')) {
|
||||
* exit('bad login');
|
||||
* }
|
||||
|
||||
* $scp = new Net_SCP($ssh);
|
||||
* $scp->put('abcd', str_repeat('x', 1024*1024));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Net
|
||||
* @package Net_SCP
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2010 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**#@+
|
||||
* @access public
|
||||
* @see Net_SCP::put()
|
||||
*/
|
||||
/**
|
||||
* Reads data from a local file.
|
||||
*/
|
||||
define('NET_SCP_LOCAL_FILE', 1);
|
||||
/**
|
||||
* Reads data from a string.
|
||||
*/
|
||||
define('NET_SCP_STRING', 2);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see Net_SCP::_send()
|
||||
* @see Net_SCP::_receive()
|
||||
*/
|
||||
/**
|
||||
* SSH1 is being used.
|
||||
*/
|
||||
define('NET_SCP_SSH1', 1);
|
||||
/**
|
||||
* SSH2 is being used.
|
||||
*/
|
||||
define('NET_SCP_SSH2', 2);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementations of SCP.
|
||||
*
|
||||
* @package Net_SCP
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Net_SCP
|
||||
{
|
||||
/**
|
||||
* SSH Object
|
||||
*
|
||||
* @var Object
|
||||
* @access private
|
||||
*/
|
||||
var $ssh;
|
||||
|
||||
/**
|
||||
* Packet Size
|
||||
*
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $packet_size;
|
||||
|
||||
/**
|
||||
* Mode
|
||||
*
|
||||
* @var Integer
|
||||
* @access private
|
||||
*/
|
||||
var $mode;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* Connects to an SSH server
|
||||
*
|
||||
* @param String $host
|
||||
* @param optional Integer $port
|
||||
* @param optional Integer $timeout
|
||||
* @return Net_SCP
|
||||
* @access public
|
||||
*/
|
||||
function Net_SCP($ssh)
|
||||
{
|
||||
if (!is_object($ssh)) {
|
||||
return;
|
||||
}
|
||||
|
||||
switch (strtolower(get_class($ssh))) {
|
||||
case 'net_ssh2':
|
||||
$this->mode = NET_SCP_SSH2;
|
||||
break;
|
||||
case 'net_ssh1':
|
||||
$this->packet_size = 50000;
|
||||
$this->mode = NET_SCP_SSH1;
|
||||
break;
|
||||
default:
|
||||
return;
|
||||
}
|
||||
|
||||
$this->ssh = $ssh;
|
||||
}
|
||||
|
||||
/**
|
||||
* Uploads a file to the SCP server.
|
||||
*
|
||||
* By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
|
||||
* So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes
|
||||
* long, containing 'filename.ext' as its contents.
|
||||
*
|
||||
* Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will
|
||||
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
|
||||
* large $remote_file will be, as well.
|
||||
*
|
||||
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
|
||||
* care of that, yourself.
|
||||
*
|
||||
* @param String $remote_file
|
||||
* @param String $data
|
||||
* @param optional Integer $mode
|
||||
* @param optional Callable $callback
|
||||
* @return Boolean
|
||||
* @access public
|
||||
*/
|
||||
function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null)
|
||||
{
|
||||
if (!isset($this->ssh)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to
|
||||
return false;
|
||||
}
|
||||
|
||||
$temp = $this->_receive();
|
||||
if ($temp !== chr(0)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($this->mode == NET_SCP_SSH2) {
|
||||
$this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4;
|
||||
}
|
||||
|
||||
$remote_file = basename($remote_file);
|
||||
|
||||
if ($mode == NET_SCP_STRING) {
|
||||
$size = strlen($data);
|
||||
} else {
|
||||
if (!is_file($data)) {
|
||||
user_error("$data is not a valid file", E_USER_NOTICE);
|
||||
return false;
|
||||
}
|
||||
|
||||
$fp = @fopen($data, 'rb');
|
||||
if (!$fp) {
|
||||
return false;
|
||||
}
|
||||
$size = filesize($data);
|
||||
}
|
||||
|
||||
$this->_send('C0644 ' . $size . ' ' . $remote_file . "\n");
|
||||
|
||||
$temp = $this->_receive();
|
||||
if ($temp !== chr(0)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$sent = 0;
|
||||
while ($sent < $size) {
|
||||
$temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size);
|
||||
$this->_send($temp);
|
||||
$sent+= strlen($temp);
|
||||
|
||||
if (is_callable($callback)) {
|
||||
call_user_func($callback, $sent);
|
||||
}
|
||||
}
|
||||
$this->_close();
|
||||
|
||||
if ($mode != NET_SCP_STRING) {
|
||||
fclose($fp);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Downloads a file from the SCP server.
|
||||
*
|
||||
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
|
||||
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
|
||||
* operation
|
||||
*
|
||||
* @param String $remote_file
|
||||
* @param optional String $local_file
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function get($remote_file, $local_file = false)
|
||||
{
|
||||
if (!isset($this->ssh)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->_send("\0");
|
||||
|
||||
if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->_send("\0");
|
||||
|
||||
$size = 0;
|
||||
|
||||
if ($local_file !== false) {
|
||||
$fp = @fopen($local_file, 'wb');
|
||||
if (!$fp) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$content = '';
|
||||
while ($size < $info['size']) {
|
||||
$data = $this->_receive();
|
||||
// SCP usually seems to split stuff out into 16k chunks
|
||||
$size+= strlen($data);
|
||||
|
||||
if ($local_file === false) {
|
||||
$content.= $data;
|
||||
} else {
|
||||
fputs($fp, $data);
|
||||
}
|
||||
}
|
||||
|
||||
$this->_close();
|
||||
|
||||
if ($local_file !== false) {
|
||||
fclose($fp);
|
||||
return true;
|
||||
}
|
||||
|
||||
return $content;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sends a packet to an SSH server
|
||||
*
|
||||
* @param String $data
|
||||
* @access private
|
||||
*/
|
||||
function _send($data)
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case NET_SCP_SSH2:
|
||||
$this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data);
|
||||
break;
|
||||
case NET_SCP_SSH1:
|
||||
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data);
|
||||
$this->ssh->_send_binary_packet($data);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Receives a packet from an SSH server
|
||||
*
|
||||
* @return String
|
||||
* @access private
|
||||
*/
|
||||
function _receive()
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case NET_SCP_SSH2:
|
||||
return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true);
|
||||
case NET_SCP_SSH1:
|
||||
if (!$this->ssh->bitmap) {
|
||||
return false;
|
||||
}
|
||||
while (true) {
|
||||
$response = $this->ssh->_get_binary_packet();
|
||||
switch ($response[NET_SSH1_RESPONSE_TYPE]) {
|
||||
case NET_SSH1_SMSG_STDOUT_DATA:
|
||||
extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA]));
|
||||
return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length);
|
||||
case NET_SSH1_SMSG_STDERR_DATA:
|
||||
break;
|
||||
case NET_SSH1_SMSG_EXITSTATUS:
|
||||
$this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION));
|
||||
fclose($this->ssh->fsock);
|
||||
$this->ssh->bitmap = 0;
|
||||
return false;
|
||||
default:
|
||||
user_error('Unknown packet received', E_USER_NOTICE);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Closes the connection to an SSH server
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
function _close()
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case NET_SCP_SSH2:
|
||||
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true);
|
||||
break;
|
||||
case NET_SCP_SSH1:
|
||||
$this->ssh->disconnect();
|
||||
}
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP implementation of SCP.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
|
||||
*
|
||||
* Here's a short example of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'Net/SCP.php';
|
||||
* include 'Net/SSH2.php';
|
||||
*
|
||||
* $ssh = new Net_SSH2('www.domain.tld');
|
||||
* if (!$ssh->login('username', 'password')) {
|
||||
* exit('bad login');
|
||||
* }
|
||||
*
|
||||
* $scp = new Net_SCP($ssh);
|
||||
* $scp->put('abcd', str_repeat('x', 1024*1024));
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category Net
|
||||
* @package Net_SCP
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2010 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
*/
|
||||
|
||||
/**#@+
|
||||
* @access public
|
||||
* @see self::put()
|
||||
*/
|
||||
/**
|
||||
* Reads data from a local file.
|
||||
*/
|
||||
define('NET_SCP_LOCAL_FILE', 1);
|
||||
/**
|
||||
* Reads data from a string.
|
||||
*/
|
||||
define('NET_SCP_STRING', 2);
|
||||
/**#@-*/
|
||||
|
||||
/**#@+
|
||||
* @access private
|
||||
* @see self::_send()
|
||||
* @see self::_receive()
|
||||
*/
|
||||
/**
|
||||
* SSH1 is being used.
|
||||
*/
|
||||
define('NET_SCP_SSH1', 1);
|
||||
/**
|
||||
* SSH2 is being used.
|
||||
*/
|
||||
define('NET_SCP_SSH2', 2);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP implementations of SCP.
|
||||
*
|
||||
* @package Net_SCP
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class Net_SCP
|
||||
{
|
||||
/**
|
||||
* SSH Object
|
||||
*
|
||||
* @var object
|
||||
* @access private
|
||||
*/
|
||||
var $ssh;
|
||||
|
||||
/**
|
||||
* Packet Size
|
||||
*
|
||||
* @var int
|
||||
* @access private
|
||||
*/
|
||||
var $packet_size;
|
||||
|
||||
/**
|
||||
* Mode
|
||||
*
|
||||
* @var int
|
||||
* @access private
|
||||
*/
|
||||
var $mode;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* Connects to an SSH server
|
||||
*
|
||||
* @param Net_SSH1|Net_SSH2 $ssh
|
||||
* @return Net_SCP
|
||||
* @access public
|
||||
*/
|
||||
function __construct($ssh)
|
||||
{
|
||||
if (!is_object($ssh)) {
|
||||
return;
|
||||
}
|
||||
|
||||
switch (strtolower(get_class($ssh))) {
|
||||
case 'net_ssh2':
|
||||
$this->mode = NET_SCP_SSH2;
|
||||
break;
|
||||
case 'net_ssh1':
|
||||
$this->packet_size = 50000;
|
||||
$this->mode = NET_SCP_SSH1;
|
||||
break;
|
||||
default:
|
||||
return;
|
||||
}
|
||||
|
||||
$this->ssh = $ssh;
|
||||
}
|
||||
|
||||
/**
|
||||
* PHP4 compatible Default Constructor.
|
||||
*
|
||||
* @see self::__construct()
|
||||
* @param Net_SSH1|Net_SSH2 $ssh
|
||||
* @access public
|
||||
*/
|
||||
function Net_SCP($ssh)
|
||||
{
|
||||
$this->__construct($ssh);
|
||||
}
|
||||
|
||||
/**
|
||||
* Uploads a file to the SCP server.
|
||||
*
|
||||
* By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
|
||||
* So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes
|
||||
* long, containing 'filename.ext' as its contents.
|
||||
*
|
||||
* Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will
|
||||
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
|
||||
* large $remote_file will be, as well.
|
||||
*
|
||||
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
|
||||
* care of that, yourself.
|
||||
*
|
||||
* @param string $remote_file
|
||||
* @param string $data
|
||||
* @param int $mode
|
||||
* @param callable $callback
|
||||
* @return bool
|
||||
* @access public
|
||||
*/
|
||||
function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null)
|
||||
{
|
||||
if (!isset($this->ssh)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (empty($remote_file)) {
|
||||
user_error('remote_file cannot be blank', E_USER_NOTICE);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to
|
||||
return false;
|
||||
}
|
||||
|
||||
$temp = $this->_receive();
|
||||
if ($temp !== chr(0)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if ($this->mode == NET_SCP_SSH2) {
|
||||
$this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4;
|
||||
}
|
||||
|
||||
$remote_file = basename($remote_file);
|
||||
|
||||
if ($mode == NET_SCP_STRING) {
|
||||
$size = strlen($data);
|
||||
} else {
|
||||
if (!is_file($data)) {
|
||||
user_error("$data is not a valid file", E_USER_NOTICE);
|
||||
return false;
|
||||
}
|
||||
|
||||
$fp = @fopen($data, 'rb');
|
||||
if (!$fp) {
|
||||
return false;
|
||||
}
|
||||
$size = filesize($data);
|
||||
}
|
||||
|
||||
$this->_send('C0644 ' . $size . ' ' . $remote_file . "\n");
|
||||
|
||||
$temp = $this->_receive();
|
||||
if ($temp !== chr(0)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$sent = 0;
|
||||
while ($sent < $size) {
|
||||
$temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size);
|
||||
$this->_send($temp);
|
||||
$sent+= strlen($temp);
|
||||
|
||||
if (is_callable($callback)) {
|
||||
call_user_func($callback, $sent);
|
||||
}
|
||||
}
|
||||
$this->_close();
|
||||
|
||||
if ($mode != NET_SCP_STRING) {
|
||||
fclose($fp);
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Downloads a file from the SCP server.
|
||||
*
|
||||
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
|
||||
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
|
||||
* operation
|
||||
*
|
||||
* @param string $remote_file
|
||||
* @param string $local_file
|
||||
* @return mixed
|
||||
* @access public
|
||||
*/
|
||||
function get($remote_file, $local_file = false)
|
||||
{
|
||||
if (!isset($this->ssh)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->_send("\0");
|
||||
|
||||
if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->_send("\0");
|
||||
|
||||
$size = 0;
|
||||
|
||||
if ($local_file !== false) {
|
||||
$fp = @fopen($local_file, 'wb');
|
||||
if (!$fp) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$content = '';
|
||||
while ($size < $info['size']) {
|
||||
$data = $this->_receive();
|
||||
// SCP usually seems to split stuff out into 16k chunks
|
||||
$size+= strlen($data);
|
||||
|
||||
if ($local_file === false) {
|
||||
$content.= $data;
|
||||
} else {
|
||||
fputs($fp, $data);
|
||||
}
|
||||
}
|
||||
|
||||
$this->_close();
|
||||
|
||||
if ($local_file !== false) {
|
||||
fclose($fp);
|
||||
return true;
|
||||
}
|
||||
|
||||
return $content;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sends a packet to an SSH server
|
||||
*
|
||||
* @param string $data
|
||||
* @access private
|
||||
*/
|
||||
function _send($data)
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case NET_SCP_SSH2:
|
||||
$this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data);
|
||||
break;
|
||||
case NET_SCP_SSH1:
|
||||
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data);
|
||||
$this->ssh->_send_binary_packet($data);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Receives a packet from an SSH server
|
||||
*
|
||||
* @return string
|
||||
* @access private
|
||||
*/
|
||||
function _receive()
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case NET_SCP_SSH2:
|
||||
return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true);
|
||||
case NET_SCP_SSH1:
|
||||
if (!$this->ssh->bitmap) {
|
||||
return false;
|
||||
}
|
||||
while (true) {
|
||||
$response = $this->ssh->_get_binary_packet();
|
||||
switch ($response[NET_SSH1_RESPONSE_TYPE]) {
|
||||
case NET_SSH1_SMSG_STDOUT_DATA:
|
||||
if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) {
|
||||
return false;
|
||||
}
|
||||
extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA]));
|
||||
return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length);
|
||||
case NET_SSH1_SMSG_STDERR_DATA:
|
||||
break;
|
||||
case NET_SSH1_SMSG_EXITSTATUS:
|
||||
$this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION));
|
||||
fclose($this->ssh->fsock);
|
||||
$this->ssh->bitmap = 0;
|
||||
return false;
|
||||
default:
|
||||
user_error('Unknown packet received', E_USER_NOTICE);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Closes the connection to an SSH server
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
function _close()
|
||||
{
|
||||
switch ($this->mode) {
|
||||
case NET_SCP_SSH2:
|
||||
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true);
|
||||
break;
|
||||
case NET_SCP_SSH1:
|
||||
$this->ssh->disconnect();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
5975
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP.php
Normal file → Executable file
5975
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1616
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP/Stream.php
Normal file → Executable file
1616
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP/Stream.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
3342
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH1.php
Normal file → Executable file
3342
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH1.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
8771
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH2.php
Normal file → Executable file
8771
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH2.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
874
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH/Agent.php
Normal file → Executable file
874
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH/Agent.php
Normal file → Executable file
|
@ -1,313 +1,561 @@
|
|||
<?php
|
||||
/**
|
||||
* Pure-PHP ssh-agent client.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Here are some examples of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'System/SSH/Agent.php';
|
||||
* include 'Net/SSH2.php';
|
||||
*
|
||||
* $agent = new System_SSH_Agent();
|
||||
*
|
||||
* $ssh = new Net_SSH2('www.domain.tld');
|
||||
* if (!$ssh->login('username', $agent)) {
|
||||
* exit('Login Failed');
|
||||
* }
|
||||
*
|
||||
* echo $ssh->exec('pwd');
|
||||
* echo $ssh->exec('ls -la');
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category System
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2014 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
||||
*/
|
||||
|
||||
/**#@+
|
||||
* Message numbers
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1)
|
||||
define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11);
|
||||
// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2).
|
||||
define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12);
|
||||
define('SYSTEM_SSH_AGENT_FAILURE', 5);
|
||||
// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3)
|
||||
define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13);
|
||||
// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4)
|
||||
define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP ssh-agent client identity object
|
||||
*
|
||||
* Instantiation should only be performed by System_SSH_Agent class.
|
||||
* This could be thought of as implementing an interface that Crypt_RSA
|
||||
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
|
||||
* The methods in this interface would be getPublicKey, setSignatureMode
|
||||
* and sign since those are the methods phpseclib looks for to perform
|
||||
* public key authentication.
|
||||
*
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access internal
|
||||
*/
|
||||
class System_SSH_Agent_Identity
|
||||
{
|
||||
/**
|
||||
* Key Object
|
||||
*
|
||||
* @var Crypt_RSA
|
||||
* @access private
|
||||
* @see System_SSH_Agent_Identity::getPublicKey()
|
||||
*/
|
||||
var $key;
|
||||
|
||||
/**
|
||||
* Key Blob
|
||||
*
|
||||
* @var String
|
||||
* @access private
|
||||
* @see System_SSH_Agent_Identity::sign()
|
||||
*/
|
||||
var $key_blob;
|
||||
|
||||
/**
|
||||
* Socket Resource
|
||||
*
|
||||
* @var Resource
|
||||
* @access private
|
||||
* @see System_SSH_Agent_Identity::sign()
|
||||
*/
|
||||
var $fsock;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* @param Resource $fsock
|
||||
* @return System_SSH_Agent_Identity
|
||||
* @access private
|
||||
*/
|
||||
function System_SSH_Agent_Identity($fsock)
|
||||
{
|
||||
$this->fsock = $fsock;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Public Key
|
||||
*
|
||||
* Called by System_SSH_Agent::requestIdentities()
|
||||
*
|
||||
* @param Crypt_RSA $key
|
||||
* @access private
|
||||
*/
|
||||
function setPublicKey($key)
|
||||
{
|
||||
$this->key = $key;
|
||||
$this->key->setPublicKey();
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Public Key
|
||||
*
|
||||
* Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key
|
||||
* but this saves a small amount of computation.
|
||||
*
|
||||
* @param String $key_blob
|
||||
* @access private
|
||||
*/
|
||||
function setPublicKeyBlob($key_blob)
|
||||
{
|
||||
$this->key_blob = $key_blob;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get Public Key
|
||||
*
|
||||
* Wrapper for $this->key->getPublicKey()
|
||||
*
|
||||
* @param Integer $format optional
|
||||
* @return Mixed
|
||||
* @access public
|
||||
*/
|
||||
function getPublicKey($format = null)
|
||||
{
|
||||
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Signature Mode
|
||||
*
|
||||
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
|
||||
* ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1
|
||||
*
|
||||
* @param Integer $mode
|
||||
* @access public
|
||||
*/
|
||||
function setSignatureMode($mode)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a signature
|
||||
*
|
||||
* See "2.6.2 Protocol 2 private key signature request"
|
||||
*
|
||||
* @param String $message
|
||||
* @return String
|
||||
* @access public
|
||||
*/
|
||||
function sign($message)
|
||||
{
|
||||
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
|
||||
$packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0);
|
||||
$packet = pack('Na*', strlen($packet), $packet);
|
||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||
user_error('Connection closed during signing');
|
||||
}
|
||||
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$type = ord(fread($this->fsock, 1));
|
||||
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) {
|
||||
user_error('Unable to retreive signature');
|
||||
}
|
||||
|
||||
$signature_blob = fread($this->fsock, $length - 1);
|
||||
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa
|
||||
// the + 12 is for the other various SSH added length fields
|
||||
return substr($signature_blob, strlen('ssh-rsa') + 12);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Pure-PHP ssh-agent client identity factory
|
||||
*
|
||||
* requestIdentities() method pumps out System_SSH_Agent_Identity objects
|
||||
*
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access internal
|
||||
*/
|
||||
class System_SSH_Agent
|
||||
{
|
||||
/**
|
||||
* Socket Resource
|
||||
*
|
||||
* @var Resource
|
||||
* @access private
|
||||
*/
|
||||
var $fsock;
|
||||
|
||||
/**
|
||||
* Default Constructor
|
||||
*
|
||||
* @return System_SSH_Agent
|
||||
* @access public
|
||||
*/
|
||||
function System_SSH_Agent()
|
||||
{
|
||||
switch (true) {
|
||||
case isset($_SERVER['SSH_AUTH_SOCK']):
|
||||
$address = $_SERVER['SSH_AUTH_SOCK'];
|
||||
break;
|
||||
case isset($_ENV['SSH_AUTH_SOCK']):
|
||||
$address = $_ENV['SSH_AUTH_SOCK'];
|
||||
break;
|
||||
default:
|
||||
user_error('SSH_AUTH_SOCK not found');
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr);
|
||||
if (!$this->fsock) {
|
||||
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Request Identities
|
||||
*
|
||||
* See "2.5.2 Requesting a list of protocol 2 keys"
|
||||
* Returns an array containing zero or more System_SSH_Agent_Identity objects
|
||||
*
|
||||
* @return Array
|
||||
* @access public
|
||||
*/
|
||||
function requestIdentities()
|
||||
{
|
||||
if (!$this->fsock) {
|
||||
return array();
|
||||
}
|
||||
|
||||
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES);
|
||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||
user_error('Connection closed while requesting identities');
|
||||
}
|
||||
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$type = ord(fread($this->fsock, 1));
|
||||
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
|
||||
user_error('Unable to request identities');
|
||||
}
|
||||
|
||||
$identities = array();
|
||||
$keyCount = current(unpack('N', fread($this->fsock, 4)));
|
||||
for ($i = 0; $i < $keyCount; $i++) {
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$key_blob = fread($this->fsock, $length);
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$key_comment = fread($this->fsock, $length);
|
||||
$length = current(unpack('N', substr($key_blob, 0, 4)));
|
||||
$key_type = substr($key_blob, 4, $length);
|
||||
switch ($key_type) {
|
||||
case 'ssh-rsa':
|
||||
if (!class_exists('Crypt_RSA')) {
|
||||
include_once 'Crypt/RSA.php';
|
||||
}
|
||||
$key = new Crypt_RSA();
|
||||
$key->loadKey('ssh-rsa ' . base64_encode($key_blob) . ' ' . $key_comment);
|
||||
break;
|
||||
case 'ssh-dss':
|
||||
// not currently supported
|
||||
break;
|
||||
}
|
||||
// resources are passed by reference by default
|
||||
if (isset($key)) {
|
||||
$identity = new System_SSH_Agent_Identity($this->fsock);
|
||||
$identity->setPublicKey($key);
|
||||
$identity->setPublicKeyBlob($key_blob);
|
||||
$identities[] = $identity;
|
||||
unset($key);
|
||||
}
|
||||
}
|
||||
|
||||
return $identities;
|
||||
}
|
||||
}
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Pure-PHP ssh-agent client.
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Here are some examples of how to use this library:
|
||||
* <code>
|
||||
* <?php
|
||||
* include 'System/SSH/Agent.php';
|
||||
* include 'Net/SSH2.php';
|
||||
*
|
||||
* $agent = new System_SSH_Agent();
|
||||
*
|
||||
* $ssh = new Net_SSH2('www.domain.tld');
|
||||
* if (!$ssh->login('username', $agent)) {
|
||||
* exit('Login Failed');
|
||||
* }
|
||||
*
|
||||
* echo $ssh->exec('pwd');
|
||||
* echo $ssh->exec('ls -la');
|
||||
* ?>
|
||||
* </code>
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category System
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2014 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
||||
*/
|
||||
|
||||
/**#@+
|
||||
* Message numbers
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1)
|
||||
define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11);
|
||||
// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2).
|
||||
define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12);
|
||||
define('SYSTEM_SSH_AGENT_FAILURE', 5);
|
||||
// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3)
|
||||
define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13);
|
||||
// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4)
|
||||
define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14);
|
||||
/**#@-*/
|
||||
|
||||
/**@+
|
||||
* Agent forwarding status
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
// no forwarding requested and not active
|
||||
define('SYSTEM_SSH_AGENT_FORWARD_NONE', 0);
|
||||
// request agent forwarding when opportune
|
||||
define('SYSTEM_SSH_AGENT_FORWARD_REQUEST', 1);
|
||||
// forwarding has been request and is active
|
||||
define('SYSTEM_SSH_AGENT_FORWARD_ACTIVE', 2);
|
||||
/**#@-*/
|
||||
|
||||
/**@+
|
||||
* Signature Flags
|
||||
*
|
||||
* See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
define('SYSTEM_SSH_AGENT_RSA2_256', 2);
|
||||
define('SYSTEM_SSH_AGENT_RSA2_512', 4);
|
||||
/**#@-*/
|
||||
|
||||
/**
|
||||
* Pure-PHP ssh-agent client identity object
|
||||
*
|
||||
* Instantiation should only be performed by System_SSH_Agent class.
|
||||
* This could be thought of as implementing an interface that Crypt_RSA
|
||||
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
|
||||
* The methods in this interface would be getPublicKey, setSignatureMode
|
||||
* and sign since those are the methods phpseclib looks for to perform
|
||||
* public key authentication.
|
||||
*
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access internal
|
||||
*/
|
||||
class System_SSH_Agent_Identity
|
||||
{
|
||||
/**
|
||||
* Key Object
|
||||
*
|
||||
* @var Crypt_RSA
|
||||
* @access private
|
||||
* @see self::getPublicKey()
|
||||
*/
|
||||
var $key;
|
||||
|
||||
/**
|
||||
* Key Blob
|
||||
*
|
||||
* @var string
|
||||
* @access private
|
||||
* @see self::sign()
|
||||
*/
|
||||
var $key_blob;
|
||||
|
||||
/**
|
||||
* Socket Resource
|
||||
*
|
||||
* @var resource
|
||||
* @access private
|
||||
* @see self::sign()
|
||||
*/
|
||||
var $fsock;
|
||||
|
||||
/**
|
||||
* Signature flags
|
||||
*
|
||||
* @var int
|
||||
* @access private
|
||||
* @see self::sign()
|
||||
* @see self::setHash()
|
||||
*/
|
||||
var $flags = 0;
|
||||
|
||||
/**
|
||||
* Default Constructor.
|
||||
*
|
||||
* @param resource $fsock
|
||||
* @return System_SSH_Agent_Identity
|
||||
* @access private
|
||||
*/
|
||||
function __construct($fsock)
|
||||
{
|
||||
$this->fsock = $fsock;
|
||||
}
|
||||
|
||||
/**
|
||||
* PHP4 compatible Default Constructor.
|
||||
*
|
||||
* @see self::__construct()
|
||||
* @param resource $fsock
|
||||
* @access public
|
||||
*/
|
||||
function System_SSH_Agent_Identity($fsock)
|
||||
{
|
||||
$this->__construct($fsock);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Public Key
|
||||
*
|
||||
* Called by System_SSH_Agent::requestIdentities()
|
||||
*
|
||||
* @param Crypt_RSA $key
|
||||
* @access private
|
||||
*/
|
||||
function setPublicKey($key)
|
||||
{
|
||||
$this->key = $key;
|
||||
$this->key->setPublicKey();
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Public Key
|
||||
*
|
||||
* Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key
|
||||
* but this saves a small amount of computation.
|
||||
*
|
||||
* @param string $key_blob
|
||||
* @access private
|
||||
*/
|
||||
function setPublicKeyBlob($key_blob)
|
||||
{
|
||||
$this->key_blob = $key_blob;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get Public Key
|
||||
*
|
||||
* Wrapper for $this->key->getPublicKey()
|
||||
*
|
||||
* @param int $format optional
|
||||
* @return mixed
|
||||
* @access public
|
||||
*/
|
||||
function getPublicKey($format = null)
|
||||
{
|
||||
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Signature Mode
|
||||
*
|
||||
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
|
||||
* ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1
|
||||
*
|
||||
* @param int $mode
|
||||
* @access public
|
||||
*/
|
||||
function setSignatureMode($mode)
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* Set Hash
|
||||
*
|
||||
* ssh-agent doesn't support using hashes for RSA other than SHA1
|
||||
*
|
||||
* @param string $hash
|
||||
* @access public
|
||||
*/
|
||||
function setHash($hash)
|
||||
{
|
||||
$this->flags = 0;
|
||||
switch ($hash) {
|
||||
case 'sha1':
|
||||
break;
|
||||
case 'sha256':
|
||||
$this->flags = SYSTEM_SSH_AGENT_RSA2_256;
|
||||
break;
|
||||
case 'sha512':
|
||||
$this->flags = SYSTEM_SSH_AGENT_RSA2_512;
|
||||
break;
|
||||
default:
|
||||
user_error('The only supported hashes for RSA are sha1, sha256 and sha512');
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a signature
|
||||
*
|
||||
* See "2.6.2 Protocol 2 private key signature request"
|
||||
*
|
||||
* @param string $message
|
||||
* @return string
|
||||
* @access public
|
||||
*/
|
||||
function sign($message)
|
||||
{
|
||||
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
|
||||
$packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, $this->flags);
|
||||
$packet = pack('Na*', strlen($packet), $packet);
|
||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||
user_error('Connection closed during signing');
|
||||
}
|
||||
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$type = ord(fread($this->fsock, 1));
|
||||
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) {
|
||||
user_error('Unable to retreive signature');
|
||||
}
|
||||
|
||||
$signature_blob = fread($this->fsock, $length - 1);
|
||||
$length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
|
||||
if ($length != strlen($signature_blob)) {
|
||||
user_error('Malformed signature blob');
|
||||
}
|
||||
$length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
|
||||
if ($length > strlen($signature_blob) + 4) {
|
||||
user_error('Malformed signature blob');
|
||||
}
|
||||
$type = $this->_string_shift($signature_blob, $length);
|
||||
$this->_string_shift($signature_blob, 4);
|
||||
|
||||
return $signature_blob;
|
||||
}
|
||||
|
||||
/**
|
||||
* String Shift
|
||||
*
|
||||
* Inspired by array_shift
|
||||
*
|
||||
* @param string $string
|
||||
* @param int $index
|
||||
* @return string
|
||||
* @access private
|
||||
*/
|
||||
function _string_shift(&$string, $index = 1)
|
||||
{
|
||||
$substr = substr($string, 0, $index);
|
||||
$string = substr($string, $index);
|
||||
return $substr;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Pure-PHP ssh-agent client identity factory
|
||||
*
|
||||
* requestIdentities() method pumps out System_SSH_Agent_Identity objects
|
||||
*
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @access public
|
||||
*/
|
||||
class System_SSH_Agent
|
||||
{
|
||||
/**
|
||||
* Socket Resource
|
||||
*
|
||||
* @var resource
|
||||
* @access private
|
||||
*/
|
||||
var $fsock;
|
||||
|
||||
/**
|
||||
* Agent forwarding status
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
var $forward_status = SYSTEM_SSH_AGENT_FORWARD_NONE;
|
||||
|
||||
/**
|
||||
* Buffer for accumulating forwarded authentication
|
||||
* agent data arriving on SSH data channel destined
|
||||
* for agent unix socket
|
||||
*
|
||||
* @access private
|
||||
*/
|
||||
var $socket_buffer = '';
|
||||
|
||||
/**
|
||||
* Tracking the number of bytes we are expecting
|
||||
* to arrive for the agent socket on the SSH data
|
||||
* channel
|
||||
*/
|
||||
var $expected_bytes = 0;
|
||||
|
||||
/**
|
||||
* Default Constructor
|
||||
*
|
||||
* @return System_SSH_Agent
|
||||
* @access public
|
||||
*/
|
||||
function __construct($address = null)
|
||||
{
|
||||
if (!$address) {
|
||||
switch (true) {
|
||||
case isset($_SERVER['SSH_AUTH_SOCK']):
|
||||
$address = $_SERVER['SSH_AUTH_SOCK'];
|
||||
break;
|
||||
case isset($_ENV['SSH_AUTH_SOCK']):
|
||||
$address = $_ENV['SSH_AUTH_SOCK'];
|
||||
break;
|
||||
default:
|
||||
user_error('SSH_AUTH_SOCK not found');
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr);
|
||||
if (!$this->fsock) {
|
||||
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* PHP4 compatible Default Constructor.
|
||||
*
|
||||
* @see self::__construct()
|
||||
* @access public
|
||||
*/
|
||||
function System_SSH_Agent($address = null)
|
||||
{
|
||||
$this->__construct($address);
|
||||
}
|
||||
|
||||
/**
|
||||
* Request Identities
|
||||
*
|
||||
* See "2.5.2 Requesting a list of protocol 2 keys"
|
||||
* Returns an array containing zero or more System_SSH_Agent_Identity objects
|
||||
*
|
||||
* @return array
|
||||
* @access public
|
||||
*/
|
||||
function requestIdentities()
|
||||
{
|
||||
if (!$this->fsock) {
|
||||
return array();
|
||||
}
|
||||
|
||||
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES);
|
||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||
user_error('Connection closed while requesting identities');
|
||||
return array();
|
||||
}
|
||||
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$type = ord(fread($this->fsock, 1));
|
||||
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
|
||||
user_error('Unable to request identities');
|
||||
return array();
|
||||
}
|
||||
|
||||
$identities = array();
|
||||
$keyCount = current(unpack('N', fread($this->fsock, 4)));
|
||||
for ($i = 0; $i < $keyCount; $i++) {
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
$key_blob = fread($this->fsock, $length);
|
||||
$key_str = 'ssh-rsa ' . base64_encode($key_blob);
|
||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||
if ($length) {
|
||||
$key_str.= ' ' . fread($this->fsock, $length);
|
||||
}
|
||||
$length = current(unpack('N', substr($key_blob, 0, 4)));
|
||||
$key_type = substr($key_blob, 4, $length);
|
||||
switch ($key_type) {
|
||||
case 'ssh-rsa':
|
||||
if (!class_exists('Crypt_RSA')) {
|
||||
include_once 'Crypt/RSA.php';
|
||||
}
|
||||
$key = new Crypt_RSA();
|
||||
$key->loadKey($key_str);
|
||||
break;
|
||||
case 'ssh-dss':
|
||||
// not currently supported
|
||||
break;
|
||||
}
|
||||
// resources are passed by reference by default
|
||||
if (isset($key)) {
|
||||
$identity = new System_SSH_Agent_Identity($this->fsock);
|
||||
$identity->setPublicKey($key);
|
||||
$identity->setPublicKeyBlob($key_blob);
|
||||
$identities[] = $identity;
|
||||
unset($key);
|
||||
}
|
||||
}
|
||||
|
||||
return $identities;
|
||||
}
|
||||
|
||||
/**
|
||||
* Signal that agent forwarding should
|
||||
* be requested when a channel is opened
|
||||
*
|
||||
* @param Net_SSH2 $ssh
|
||||
* @return bool
|
||||
* @access public
|
||||
*/
|
||||
function startSSHForwarding($ssh)
|
||||
{
|
||||
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_NONE) {
|
||||
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_REQUEST;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Request agent forwarding of remote server
|
||||
*
|
||||
* @param Net_SSH2 $ssh
|
||||
* @return bool
|
||||
* @access private
|
||||
*/
|
||||
function _request_forwarding($ssh)
|
||||
{
|
||||
$request_channel = $ssh->_get_open_channel();
|
||||
if ($request_channel === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$packet = pack(
|
||||
'CNNa*C',
|
||||
NET_SSH2_MSG_CHANNEL_REQUEST,
|
||||
$ssh->server_channels[$request_channel],
|
||||
strlen('auth-agent-req@openssh.com'),
|
||||
'auth-agent-req@openssh.com',
|
||||
1
|
||||
);
|
||||
|
||||
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST;
|
||||
|
||||
if (!$ssh->_send_binary_packet($packet)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$response = $ssh->_get_channel_packet($request_channel);
|
||||
if ($response === false) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN;
|
||||
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_ACTIVE;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* On successful channel open
|
||||
*
|
||||
* This method is called upon successful channel
|
||||
* open to give the SSH Agent an opportunity
|
||||
* to take further action. i.e. request agent forwarding
|
||||
*
|
||||
* @param Net_SSH2 $ssh
|
||||
* @access private
|
||||
*/
|
||||
function _on_channel_open($ssh)
|
||||
{
|
||||
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_REQUEST) {
|
||||
$this->_request_forwarding($ssh);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Forward data to SSH Agent and return data reply
|
||||
*
|
||||
* @param string $data
|
||||
* @return data from SSH Agent
|
||||
* @access private
|
||||
*/
|
||||
function _forward_data($data)
|
||||
{
|
||||
if ($this->expected_bytes > 0) {
|
||||
$this->socket_buffer.= $data;
|
||||
$this->expected_bytes -= strlen($data);
|
||||
} else {
|
||||
$agent_data_bytes = current(unpack('N', $data));
|
||||
$current_data_bytes = strlen($data);
|
||||
$this->socket_buffer = $data;
|
||||
if ($current_data_bytes != $agent_data_bytes + 4) {
|
||||
$this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) {
|
||||
user_error('Connection closed attempting to forward data to SSH agent');
|
||||
}
|
||||
|
||||
$this->socket_buffer = '';
|
||||
$this->expected_bytes = 0;
|
||||
|
||||
$agent_reply_bytes = current(unpack('N', fread($this->fsock, 4)));
|
||||
|
||||
$agent_reply_data = fread($this->fsock, $agent_reply_bytes);
|
||||
$agent_reply_data = current(unpack('a*', $agent_reply_data));
|
||||
|
||||
return pack('Na*', $agent_reply_bytes, $agent_reply_data);
|
||||
}
|
||||
}
|
||||
|
|
78
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH_Agent.php
Normal file → Executable file
78
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH_Agent.php
Normal file → Executable file
|
@ -1,39 +1,39 @@
|
|||
<?php
|
||||
/**
|
||||
* Pure-PHP ssh-agent client wrapper
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of
|
||||
* System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders
|
||||
* don't support that kind of directory layout hence the package being moved and
|
||||
* this "alias" being created to maintain backwards compatibility.
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category System
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2014 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
||||
*/
|
||||
|
||||
require_once 'SSH/Agent.php';
|
||||
<?php
|
||||
/**
|
||||
* Pure-PHP ssh-agent client wrapper
|
||||
*
|
||||
* PHP versions 4 and 5
|
||||
*
|
||||
* Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of
|
||||
* System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders
|
||||
* don't support that kind of directory layout hence the package being moved and
|
||||
* this "alias" being created to maintain backwards compatibility.
|
||||
*
|
||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
*
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
*
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* @category System
|
||||
* @package System_SSH_Agent
|
||||
* @author Jim Wigginton <terrafrost@php.net>
|
||||
* @copyright 2014 Jim Wigginton
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
* @link http://phpseclib.sourceforge.net
|
||||
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
||||
*/
|
||||
|
||||
require_once 'SSH/Agent.php';
|
||||
|
|
16
rainloop/v/0.0.0/app/libraries/phpseclib/bootstrap.php
Executable file
16
rainloop/v/0.0.0/app/libraries/phpseclib/bootstrap.php
Executable file
|
@ -0,0 +1,16 @@
|
|||
<?php
|
||||
/**
|
||||
* Bootstrapping File for phpseclib
|
||||
*
|
||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||
*/
|
||||
|
||||
if (extension_loaded('mbstring')) {
|
||||
// 2 - MB_OVERLOAD_STRING
|
||||
if (ini_get('mbstring.func_overload') & 2) {
|
||||
throw new \UnexpectedValueException(
|
||||
'Overloading of string functions using mbstring.func_overload ' .
|
||||
'is not supported by phpseclib.'
|
||||
);
|
||||
}
|
||||
}
|
12
rainloop/v/0.0.0/app/libraries/phpseclib/openssl.cnf
Normal file → Executable file
12
rainloop/v/0.0.0/app/libraries/phpseclib/openssl.cnf
Normal file → Executable file
|
@ -1,6 +1,6 @@
|
|||
# minimalist openssl.cnf file for use with phpseclib
|
||||
|
||||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
|
||||
[ v3_ca ]
|
||||
# minimalist openssl.cnf file for use with phpseclib
|
||||
|
||||
HOME = .
|
||||
RANDFILE = $ENV::HOME/.rnd
|
||||
|
||||
[ v3_ca ]
|
||||
|
|
Loading…
Reference in a new issue