Version Notes
wisepricer
Download this release
Release Info
Developer | Moshe |
Extension | Wisepricer_Syncer |
Version | 1.1.2.6 |
Comparing to | |
See all releases |
Code changes from version 1.1.2.5 to 1.1.2.6
- app/code/local/Wisepricer/Syncer/Model/Mysql4/Mapping.php +3 -2
- app/code/local/Wisepricer/Syncer/controllers/ProductsController.php +5 -2
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/AES.php +479 -479
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/DES.php +945 -945
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/Hash.php +816 -816
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/RC4.php +493 -493
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/RSA.php +2119 -2119
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/Random.php +129 -129
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/Rijndael.php +1242 -1242
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/TripleDES.php +690 -690
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Math/BigInteger.php +3545 -3545
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Net/SFTP.php +1461 -1461
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Net/SSH1.php +1159 -1159
- app/code/local/Wisepricer/Syncer/lib/phpseclib/Net/SSH2.php +657 -2302
app/code/local/Wisepricer/Syncer/Model/Mysql4/Mapping.php
CHANGED
@@ -12,11 +12,12 @@ class Wisepricer_Syncer_Model_Mysql4_Mapping extends Mage_Core_Model_Mysql4_Abst
|
|
12 |
}
|
13 |
|
14 |
public function loadIdByWsfield(Wisepricer_Syncer_Model_Mapping $mapping, $wsfield, $testOnly = false)
|
15 |
-
{
|
16 |
$adapter = $this->_getReadAdapter();
|
|
|
17 |
$bind = array('wsp_field' => $wsfield);
|
18 |
$select = $adapter->select()
|
19 |
-
->from(
|
20 |
->where('wsp_field = :wsp_field');
|
21 |
|
22 |
|
12 |
}
|
13 |
|
14 |
public function loadIdByWsfield(Wisepricer_Syncer_Model_Mapping $mapping, $wsfield, $testOnly = false)
|
15 |
+
{
|
16 |
$adapter = $this->_getReadAdapter();
|
17 |
+
$tableName = Mage::getSingleton('core/resource')->getTableName('wisepricer_syncer_mapping');
|
18 |
$bind = array('wsp_field' => $wsfield);
|
19 |
$select = $adapter->select()
|
20 |
+
->from($tableName)
|
21 |
->where('wsp_field = :wsp_field');
|
22 |
|
23 |
|
app/code/local/Wisepricer/Syncer/controllers/ProductsController.php
CHANGED
@@ -103,9 +103,10 @@ class Wisepricer_Syncer_ProductsController extends Mage_Core_Controller_Front_Ac
|
|
103 |
|
104 |
}elseif($field['wsp_field']=='shipping'){
|
105 |
|
106 |
-
if(is_numeric($productOrigData['shipping'])){
|
107 |
$productData['shipping']=$field['magento_field'];
|
108 |
}else{
|
|
|
109 |
$productData['shipping']=$this->productOrigData[$field['magento_field']];
|
110 |
}
|
111 |
|
@@ -115,6 +116,7 @@ class Wisepricer_Syncer_ProductsController extends Mage_Core_Controller_Front_Ac
|
|
115 |
$productData[$field['wsp_field']]=$this->_calculateMinPrice($field);
|
116 |
|
117 |
}else{
|
|
|
118 |
$productData[$field['wsp_field']]=$this->productOrigData[$field['magento_field']];
|
119 |
}
|
120 |
}else{
|
@@ -128,7 +130,8 @@ class Wisepricer_Syncer_ProductsController extends Mage_Core_Controller_Front_Ac
|
|
128 |
$productData[$field['wsp_field']]=$attrLabel;
|
129 |
// echo '<pre>'.print_r($attr,true).'</pre>';//die;
|
130 |
}else{
|
131 |
-
|
|
|
132 |
}
|
133 |
|
134 |
|
103 |
|
104 |
}elseif($field['wsp_field']=='shipping'){
|
105 |
|
106 |
+
if(is_numeric($this->productOrigData['shipping'])){
|
107 |
$productData['shipping']=$field['magento_field'];
|
108 |
}else{
|
109 |
+
if(!isset($this->productOrigData[$field['magento_field']])){continue;}
|
110 |
$productData['shipping']=$this->productOrigData[$field['magento_field']];
|
111 |
}
|
112 |
|
116 |
$productData[$field['wsp_field']]=$this->_calculateMinPrice($field);
|
117 |
|
118 |
}else{
|
119 |
+
if(!isset($this->productOrigData[$field['magento_field']])){continue;}
|
120 |
$productData[$field['wsp_field']]=$this->productOrigData[$field['magento_field']];
|
121 |
}
|
122 |
}else{
|
130 |
$productData[$field['wsp_field']]=$attrLabel;
|
131 |
// echo '<pre>'.print_r($attr,true).'</pre>';//die;
|
132 |
}else{
|
133 |
+
if(!isset($this->productOrigData[$field['magento_field']])){continue;}
|
134 |
+
$productData[$field['wsp_field']]=$this->productOrigData[$field['magento_field']];
|
135 |
}
|
136 |
|
137 |
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/AES.php
CHANGED
@@ -1,479 +1,479 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of AES.
|
6 |
-
*
|
7 |
-
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
8 |
-
*
|
9 |
-
* PHP versions 4 and 5
|
10 |
-
*
|
11 |
-
* If {@link Crypt_AES::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
12 |
-
* {@link Crypt_AES::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
|
13 |
-
* it'll be null-padded to 160-bits and 160 bits will be the key length until {@link Crypt_Rijndael::setKey() setKey()}
|
14 |
-
* is called, again, at which point, it'll be recalculated.
|
15 |
-
*
|
16 |
-
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
|
17 |
-
* make a whole lot of sense. {@link Crypt_AES::setBlockLength() setBlockLength()}, for instance. Calling that function,
|
18 |
-
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
|
19 |
-
*
|
20 |
-
* Here's a short example of how to use this library:
|
21 |
-
* <code>
|
22 |
-
* <?php
|
23 |
-
* include('Crypt/AES.php');
|
24 |
-
*
|
25 |
-
* $aes = new Crypt_AES();
|
26 |
-
*
|
27 |
-
* $aes->setKey('abcdefghijklmnop');
|
28 |
-
*
|
29 |
-
* $size = 10 * 1024;
|
30 |
-
* $plaintext = '';
|
31 |
-
* for ($i = 0; $i < $size; $i++) {
|
32 |
-
* $plaintext.= 'a';
|
33 |
-
* }
|
34 |
-
*
|
35 |
-
* echo $aes->decrypt($aes->encrypt($plaintext));
|
36 |
-
* ?>
|
37 |
-
* </code>
|
38 |
-
*
|
39 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
40 |
-
* modify it under the terms of the GNU Lesser General Public
|
41 |
-
* License as published by the Free Software Foundation; either
|
42 |
-
* version 2.1 of the License, or (at your option) any later version.
|
43 |
-
*
|
44 |
-
* This library is distributed in the hope that it will be useful,
|
45 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
46 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
47 |
-
* Lesser General Public License for more details.
|
48 |
-
*
|
49 |
-
* You should have received a copy of the GNU Lesser General Public
|
50 |
-
* License along with this library; if not, write to the Free Software
|
51 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
52 |
-
* MA 02111-1307 USA
|
53 |
-
*
|
54 |
-
* @category Crypt
|
55 |
-
* @package Crypt_AES
|
56 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
57 |
-
* @copyright MMVIII Jim Wigginton
|
58 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
59 |
-
* @version $Id: AES.php,v 1.7 2010/02/09 06:10:25 terrafrost Exp $
|
60 |
-
* @link http://phpseclib.sourceforge.net
|
61 |
-
*/
|
62 |
-
|
63 |
-
/**
|
64 |
-
* Include Crypt_Rijndael
|
65 |
-
*/
|
66 |
-
require_once 'Rijndael.php';
|
67 |
-
|
68 |
-
/**#@+
|
69 |
-
* @access public
|
70 |
-
* @see Crypt_AES::encrypt()
|
71 |
-
* @see Crypt_AES::decrypt()
|
72 |
-
*/
|
73 |
-
/**
|
74 |
-
* Encrypt / decrypt using the Counter mode.
|
75 |
-
*
|
76 |
-
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
77 |
-
*
|
78 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
79 |
-
*/
|
80 |
-
define('CRYPT_AES_MODE_CTR', -1);
|
81 |
-
/**
|
82 |
-
* Encrypt / decrypt using the Electronic Code Book mode.
|
83 |
-
*
|
84 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
85 |
-
*/
|
86 |
-
define('CRYPT_AES_MODE_ECB', 1);
|
87 |
-
/**
|
88 |
-
* Encrypt / decrypt using the Code Book Chaining mode.
|
89 |
-
*
|
90 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
91 |
-
*/
|
92 |
-
define('CRYPT_AES_MODE_CBC', 2);
|
93 |
-
/**#@-*/
|
94 |
-
|
95 |
-
/**#@+
|
96 |
-
* @access private
|
97 |
-
* @see Crypt_AES::Crypt_AES()
|
98 |
-
*/
|
99 |
-
/**
|
100 |
-
* Toggles the internal implementation
|
101 |
-
*/
|
102 |
-
define('CRYPT_AES_MODE_INTERNAL', 1);
|
103 |
-
/**
|
104 |
-
* Toggles the mcrypt implementation
|
105 |
-
*/
|
106 |
-
define('CRYPT_AES_MODE_MCRYPT', 2);
|
107 |
-
/**#@-*/
|
108 |
-
|
109 |
-
/**
|
110 |
-
* Pure-PHP implementation of AES.
|
111 |
-
*
|
112 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
113 |
-
* @version 0.1.0
|
114 |
-
* @access public
|
115 |
-
* @package Crypt_AES
|
116 |
-
*/
|
117 |
-
class Crypt_AES extends Crypt_Rijndael {
|
118 |
-
/**
|
119 |
-
* mcrypt resource for encryption
|
120 |
-
*
|
121 |
-
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
122 |
-
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
123 |
-
*
|
124 |
-
* @see Crypt_AES::encrypt()
|
125 |
-
* @var String
|
126 |
-
* @access private
|
127 |
-
*/
|
128 |
-
var $enmcrypt;
|
129 |
-
|
130 |
-
/**
|
131 |
-
* mcrypt resource for decryption
|
132 |
-
*
|
133 |
-
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
134 |
-
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
135 |
-
*
|
136 |
-
* @see Crypt_AES::decrypt()
|
137 |
-
* @var String
|
138 |
-
* @access private
|
139 |
-
*/
|
140 |
-
var $demcrypt;
|
141 |
-
|
142 |
-
/**
|
143 |
-
* Default Constructor.
|
144 |
-
*
|
145 |
-
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
146 |
-
* CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC. If not explictly set, CRYPT_AES_MODE_CBC will be used.
|
147 |
-
*
|
148 |
-
* @param optional Integer $mode
|
149 |
-
* @return Crypt_AES
|
150 |
-
* @access public
|
151 |
-
*/
|
152 |
-
function Crypt_AES($mode = CRYPT_AES_MODE_CBC)
|
153 |
-
{
|
154 |
-
if ( !defined('CRYPT_AES_MODE') ) {
|
155 |
-
switch (true) {
|
156 |
-
case extension_loaded('mcrypt'):
|
157 |
-
// i'd check to see if aes was supported, by doing in_array('des', mcrypt_list_algorithms('')),
|
158 |
-
// but since that can be changed after the object has been created, there doesn't seem to be
|
159 |
-
// a lot of point...
|
160 |
-
define('CRYPT_AES_MODE', CRYPT_AES_MODE_MCRYPT);
|
161 |
-
break;
|
162 |
-
default:
|
163 |
-
define('CRYPT_AES_MODE', CRYPT_AES_MODE_INTERNAL);
|
164 |
-
}
|
165 |
-
}
|
166 |
-
|
167 |
-
switch ( CRYPT_AES_MODE ) {
|
168 |
-
case CRYPT_AES_MODE_MCRYPT:
|
169 |
-
switch ($mode) {
|
170 |
-
case CRYPT_AES_MODE_ECB:
|
171 |
-
$this->mode = MCRYPT_MODE_ECB;
|
172 |
-
break;
|
173 |
-
case CRYPT_AES_MODE_CTR:
|
174 |
-
// ctr doesn't have a constant associated with it even though it appears to be fairly widely
|
175 |
-
// supported. in lieu of knowing just how widely supported it is, i've, for now, opted not to
|
176 |
-
// include a compatibility layer. the layer has been implemented but, for now, is commented out.
|
177 |
-
$this->mode = 'ctr';
|
178 |
-
//$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_AES_MODE_CTR;
|
179 |
-
break;
|
180 |
-
case CRYPT_AES_MODE_CBC:
|
181 |
-
default:
|
182 |
-
$this->mode = MCRYPT_MODE_CBC;
|
183 |
-
}
|
184 |
-
|
185 |
-
break;
|
186 |
-
default:
|
187 |
-
switch ($mode) {
|
188 |
-
case CRYPT_AES_MODE_ECB:
|
189 |
-
$this->mode = CRYPT_RIJNDAEL_MODE_ECB;
|
190 |
-
break;
|
191 |
-
case CRYPT_AES_MODE_CTR:
|
192 |
-
$this->mode = CRYPT_RIJNDAEL_MODE_CTR;
|
193 |
-
break;
|
194 |
-
case CRYPT_AES_MODE_CBC:
|
195 |
-
default:
|
196 |
-
$this->mode = CRYPT_RIJNDAEL_MODE_CBC;
|
197 |
-
}
|
198 |
-
}
|
199 |
-
|
200 |
-
if (CRYPT_AES_MODE == CRYPT_AES_MODE_INTERNAL) {
|
201 |
-
parent::Crypt_Rijndael($this->mode);
|
202 |
-
}
|
203 |
-
}
|
204 |
-
|
205 |
-
/**
|
206 |
-
* Dummy function
|
207 |
-
*
|
208 |
-
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
|
209 |
-
*
|
210 |
-
* @access public
|
211 |
-
* @param Integer $length
|
212 |
-
*/
|
213 |
-
function setBlockLength($length)
|
214 |
-
{
|
215 |
-
return;
|
216 |
-
}
|
217 |
-
|
218 |
-
/**
|
219 |
-
* Encrypts a message.
|
220 |
-
*
|
221 |
-
* $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the
|
222 |
-
* same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following
|
223 |
-
* URL:
|
224 |
-
*
|
225 |
-
* {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
|
226 |
-
*
|
227 |
-
* An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
|
228 |
-
* strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that
|
229 |
-
* length.
|
230 |
-
*
|
231 |
-
* @see Crypt_AES::decrypt()
|
232 |
-
* @access public
|
233 |
-
* @param String $plaintext
|
234 |
-
*/
|
235 |
-
function encrypt($plaintext)
|
236 |
-
{
|
237 |
-
if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
|
238 |
-
$this->_mcryptSetup();
|
239 |
-
/*
|
240 |
-
if ($this->mode == CRYPT_AES_MODE_CTR) {
|
241 |
-
$iv = $this->encryptIV;
|
242 |
-
$xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($plaintext), $iv));
|
243 |
-
$ciphertext = $plaintext ^ $xor;
|
244 |
-
if ($this->continuousBuffer) {
|
245 |
-
$this->encryptIV = $iv;
|
246 |
-
}
|
247 |
-
return $ciphertext;
|
248 |
-
}
|
249 |
-
*/
|
250 |
-
|
251 |
-
if ($this->mode != 'ctr') {
|
252 |
-
$plaintext = $this->_pad($plaintext);
|
253 |
-
}
|
254 |
-
|
255 |
-
$ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
|
256 |
-
|
257 |
-
if (!$this->continuousBuffer) {
|
258 |
-
mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
|
259 |
-
}
|
260 |
-
|
261 |
-
return $ciphertext;
|
262 |
-
}
|
263 |
-
|
264 |
-
return parent::encrypt($plaintext);
|
265 |
-
}
|
266 |
-
|
267 |
-
/**
|
268 |
-
* Decrypts a message.
|
269 |
-
*
|
270 |
-
* If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.
|
271 |
-
*
|
272 |
-
* @see Crypt_AES::encrypt()
|
273 |
-
* @access public
|
274 |
-
* @param String $ciphertext
|
275 |
-
*/
|
276 |
-
function decrypt($ciphertext)
|
277 |
-
{
|
278 |
-
if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
|
279 |
-
$this->_mcryptSetup();
|
280 |
-
/*
|
281 |
-
if ($this->mode == CRYPT_AES_MODE_CTR) {
|
282 |
-
$iv = $this->decryptIV;
|
283 |
-
$xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($ciphertext), $iv));
|
284 |
-
$plaintext = $ciphertext ^ $xor;
|
285 |
-
if ($this->continuousBuffer) {
|
286 |
-
$this->decryptIV = $iv;
|
287 |
-
}
|
288 |
-
return $plaintext;
|
289 |
-
}
|
290 |
-
*/
|
291 |
-
|
292 |
-
if ($this->mode != 'ctr') {
|
293 |
-
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
294 |
-
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
295 |
-
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 15) & 0xFFFFFFF0, chr(0));
|
296 |
-
}
|
297 |
-
|
298 |
-
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
|
299 |
-
|
300 |
-
if (!$this->continuousBuffer) {
|
301 |
-
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
|
302 |
-
}
|
303 |
-
|
304 |
-
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
|
305 |
-
}
|
306 |
-
|
307 |
-
return parent::decrypt($ciphertext);
|
308 |
-
}
|
309 |
-
|
310 |
-
/**
|
311 |
-
* Setup mcrypt
|
312 |
-
*
|
313 |
-
* Validates all the variables.
|
314 |
-
*
|
315 |
-
* @access private
|
316 |
-
*/
|
317 |
-
function _mcryptSetup()
|
318 |
-
{
|
319 |
-
if (!$this->changed) {
|
320 |
-
return;
|
321 |
-
}
|
322 |
-
|
323 |
-
if (!$this->explicit_key_length) {
|
324 |
-
// this just copied from Crypt_Rijndael::_setup()
|
325 |
-
$length = strlen($this->key) >> 2;
|
326 |
-
if ($length > 8) {
|
327 |
-
$length = 8;
|
328 |
-
} else if ($length < 4) {
|
329 |
-
$length = 4;
|
330 |
-
}
|
331 |
-
$this->Nk = $length;
|
332 |
-
$this->key_size = $length << 2;
|
333 |
-
}
|
334 |
-
|
335 |
-
switch ($this->Nk) {
|
336 |
-
case 4: // 128
|
337 |
-
$this->key_size = 16;
|
338 |
-
break;
|
339 |
-
case 5: // 160
|
340 |
-
case 6: // 192
|
341 |
-
$this->key_size = 24;
|
342 |
-
break;
|
343 |
-
case 7: // 224
|
344 |
-
case 8: // 256
|
345 |
-
$this->key_size = 32;
|
346 |
-
}
|
347 |
-
|
348 |
-
$this->key = substr($this->key, 0, $this->key_size);
|
349 |
-
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, 16), 16, chr(0));
|
350 |
-
|
351 |
-
if (!isset($this->enmcrypt)) {
|
352 |
-
$mode = $this->mode;
|
353 |
-
//$mode = $this->mode == CRYPT_AES_MODE_CTR ? MCRYPT_MODE_ECB : $this->mode;
|
354 |
-
|
355 |
-
$this->demcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
|
356 |
-
$this->enmcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
|
357 |
-
} // else should mcrypt_generic_deinit be called?
|
358 |
-
|
359 |
-
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
|
360 |
-
mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
|
361 |
-
|
362 |
-
$this->changed = false;
|
363 |
-
}
|
364 |
-
|
365 |
-
/**
|
366 |
-
* Encrypts a block
|
367 |
-
*
|
368 |
-
* Optimized over Crypt_Rijndael's implementation by means of loop unrolling.
|
369 |
-
*
|
370 |
-
* @see Crypt_Rijndael::_encryptBlock()
|
371 |
-
* @access private
|
372 |
-
* @param String $in
|
373 |
-
* @return String
|
374 |
-
*/
|
375 |
-
function _encryptBlock($in)
|
376 |
-
{
|
377 |
-
$state = unpack('N*word', $in);
|
378 |
-
|
379 |
-
$Nr = $this->Nr;
|
380 |
-
$w = $this->w;
|
381 |
-
$t0 = $this->t0;
|
382 |
-
$t1 = $this->t1;
|
383 |
-
$t2 = $this->t2;
|
384 |
-
$t3 = $this->t3;
|
385 |
-
|
386 |
-
// addRoundKey and reindex $state
|
387 |
-
$state = array(
|
388 |
-
$state['word1'] ^ $w[0][0],
|
389 |
-
$state['word2'] ^ $w[0][1],
|
390 |
-
$state['word3'] ^ $w[0][2],
|
391 |
-
$state['word4'] ^ $w[0][3]
|
392 |
-
);
|
393 |
-
|
394 |
-
// shiftRows + subWord + mixColumns + addRoundKey
|
395 |
-
// we could loop unroll this and use if statements to do more rounds as necessary, but, in my tests, that yields
|
396 |
-
// only a marginal improvement. since that also, imho, hinders the readability of the code, i've opted not to do it.
|
397 |
-
for ($round = 1; $round < $this->Nr; $round++) {
|
398 |
-
$state = array(
|
399 |
-
$t0[$state[0] & 0xFF000000] ^ $t1[$state[1] & 0x00FF0000] ^ $t2[$state[2] & 0x0000FF00] ^ $t3[$state[3] & 0x000000FF] ^ $w[$round][0],
|
400 |
-
$t0[$state[1] & 0xFF000000] ^ $t1[$state[2] & 0x00FF0000] ^ $t2[$state[3] & 0x0000FF00] ^ $t3[$state[0] & 0x000000FF] ^ $w[$round][1],
|
401 |
-
$t0[$state[2] & 0xFF000000] ^ $t1[$state[3] & 0x00FF0000] ^ $t2[$state[0] & 0x0000FF00] ^ $t3[$state[1] & 0x000000FF] ^ $w[$round][2],
|
402 |
-
$t0[$state[3] & 0xFF000000] ^ $t1[$state[0] & 0x00FF0000] ^ $t2[$state[1] & 0x0000FF00] ^ $t3[$state[2] & 0x000000FF] ^ $w[$round][3]
|
403 |
-
);
|
404 |
-
|
405 |
-
}
|
406 |
-
|
407 |
-
// subWord
|
408 |
-
$state = array(
|
409 |
-
$this->_subWord($state[0]),
|
410 |
-
$this->_subWord($state[1]),
|
411 |
-
$this->_subWord($state[2]),
|
412 |
-
$this->_subWord($state[3])
|
413 |
-
);
|
414 |
-
|
415 |
-
// shiftRows + addRoundKey
|
416 |
-
$state = array(
|
417 |
-
($state[0] & 0xFF000000) ^ ($state[1] & 0x00FF0000) ^ ($state[2] & 0x0000FF00) ^ ($state[3] & 0x000000FF) ^ $this->w[$this->Nr][0],
|
418 |
-
($state[1] & 0xFF000000) ^ ($state[2] & 0x00FF0000) ^ ($state[3] & 0x0000FF00) ^ ($state[0] & 0x000000FF) ^ $this->w[$this->Nr][1],
|
419 |
-
($state[2] & 0xFF000000) ^ ($state[3] & 0x00FF0000) ^ ($state[0] & 0x0000FF00) ^ ($state[1] & 0x000000FF) ^ $this->w[$this->Nr][2],
|
420 |
-
($state[3] & 0xFF000000) ^ ($state[0] & 0x00FF0000) ^ ($state[1] & 0x0000FF00) ^ ($state[2] & 0x000000FF) ^ $this->w[$this->Nr][3]
|
421 |
-
);
|
422 |
-
|
423 |
-
return pack('N*', $state[0], $state[1], $state[2], $state[3]);
|
424 |
-
}
|
425 |
-
|
426 |
-
/**
|
427 |
-
* Decrypts a block
|
428 |
-
*
|
429 |
-
* Optimized over Crypt_Rijndael's implementation by means of loop unrolling.
|
430 |
-
*
|
431 |
-
* @see Crypt_Rijndael::_decryptBlock()
|
432 |
-
* @access private
|
433 |
-
* @param String $in
|
434 |
-
* @return String
|
435 |
-
*/
|
436 |
-
function _decryptBlock($in)
|
437 |
-
{
|
438 |
-
$state = unpack('N*word', $in);
|
439 |
-
|
440 |
-
$Nr = $this->Nr;
|
441 |
-
$dw = $this->dw;
|
442 |
-
$dt0 = $this->dt0;
|
443 |
-
$dt1 = $this->dt1;
|
444 |
-
$dt2 = $this->dt2;
|
445 |
-
$dt3 = $this->dt3;
|
446 |
-
|
447 |
-
// addRoundKey and reindex $state
|
448 |
-
$state = array(
|
449 |
-
$state['word1'] ^ $dw[$this->Nr][0],
|
450 |
-
$state['word2'] ^ $dw[$this->Nr][1],
|
451 |
-
$state['word3'] ^ $dw[$this->Nr][2],
|
452 |
-
$state['word4'] ^ $dw[$this->Nr][3]
|
453 |
-
);
|
454 |
-
|
455 |
-
|
456 |
-
// invShiftRows + invSubBytes + invMixColumns + addRoundKey
|
457 |
-
for ($round = $this->Nr - 1; $round > 0; $round--) {
|
458 |
-
$state = array(
|
459 |
-
$dt0[$state[0] & 0xFF000000] ^ $dt1[$state[3] & 0x00FF0000] ^ $dt2[$state[2] & 0x0000FF00] ^ $dt3[$state[1] & 0x000000FF] ^ $dw[$round][0],
|
460 |
-
$dt0[$state[1] & 0xFF000000] ^ $dt1[$state[0] & 0x00FF0000] ^ $dt2[$state[3] & 0x0000FF00] ^ $dt3[$state[2] & 0x000000FF] ^ $dw[$round][1],
|
461 |
-
$dt0[$state[2] & 0xFF000000] ^ $dt1[$state[1] & 0x00FF0000] ^ $dt2[$state[0] & 0x0000FF00] ^ $dt3[$state[3] & 0x000000FF] ^ $dw[$round][2],
|
462 |
-
$dt0[$state[3] & 0xFF000000] ^ $dt1[$state[2] & 0x00FF0000] ^ $dt2[$state[1] & 0x0000FF00] ^ $dt3[$state[0] & 0x000000FF] ^ $dw[$round][3]
|
463 |
-
);
|
464 |
-
}
|
465 |
-
|
466 |
-
// invShiftRows + invSubWord + addRoundKey
|
467 |
-
$state = array(
|
468 |
-
$this->_invSubWord(($state[0] & 0xFF000000) ^ ($state[3] & 0x00FF0000) ^ ($state[2] & 0x0000FF00) ^ ($state[1] & 0x000000FF)) ^ $dw[0][0],
|
469 |
-
$this->_invSubWord(($state[1] & 0xFF000000) ^ ($state[0] & 0x00FF0000) ^ ($state[3] & 0x0000FF00) ^ ($state[2] & 0x000000FF)) ^ $dw[0][1],
|
470 |
-
$this->_invSubWord(($state[2] & 0xFF000000) ^ ($state[1] & 0x00FF0000) ^ ($state[0] & 0x0000FF00) ^ ($state[3] & 0x000000FF)) ^ $dw[0][2],
|
471 |
-
$this->_invSubWord(($state[3] & 0xFF000000) ^ ($state[2] & 0x00FF0000) ^ ($state[1] & 0x0000FF00) ^ ($state[0] & 0x000000FF)) ^ $dw[0][3]
|
472 |
-
);
|
473 |
-
|
474 |
-
return pack('N*', $state[0], $state[1], $state[2], $state[3]);
|
475 |
-
}
|
476 |
-
}
|
477 |
-
|
478 |
-
// vim: ts=4:sw=4:et:
|
479 |
-
// vim6: fdl=1:
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of AES.
|
6 |
+
*
|
7 |
+
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
8 |
+
*
|
9 |
+
* PHP versions 4 and 5
|
10 |
+
*
|
11 |
+
* If {@link Crypt_AES::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
12 |
+
* {@link Crypt_AES::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
|
13 |
+
* it'll be null-padded to 160-bits and 160 bits will be the key length until {@link Crypt_Rijndael::setKey() setKey()}
|
14 |
+
* is called, again, at which point, it'll be recalculated.
|
15 |
+
*
|
16 |
+
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
|
17 |
+
* make a whole lot of sense. {@link Crypt_AES::setBlockLength() setBlockLength()}, for instance. Calling that function,
|
18 |
+
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
|
19 |
+
*
|
20 |
+
* Here's a short example of how to use this library:
|
21 |
+
* <code>
|
22 |
+
* <?php
|
23 |
+
* include('Crypt/AES.php');
|
24 |
+
*
|
25 |
+
* $aes = new Crypt_AES();
|
26 |
+
*
|
27 |
+
* $aes->setKey('abcdefghijklmnop');
|
28 |
+
*
|
29 |
+
* $size = 10 * 1024;
|
30 |
+
* $plaintext = '';
|
31 |
+
* for ($i = 0; $i < $size; $i++) {
|
32 |
+
* $plaintext.= 'a';
|
33 |
+
* }
|
34 |
+
*
|
35 |
+
* echo $aes->decrypt($aes->encrypt($plaintext));
|
36 |
+
* ?>
|
37 |
+
* </code>
|
38 |
+
*
|
39 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
40 |
+
* modify it under the terms of the GNU Lesser General Public
|
41 |
+
* License as published by the Free Software Foundation; either
|
42 |
+
* version 2.1 of the License, or (at your option) any later version.
|
43 |
+
*
|
44 |
+
* This library is distributed in the hope that it will be useful,
|
45 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
46 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
47 |
+
* Lesser General Public License for more details.
|
48 |
+
*
|
49 |
+
* You should have received a copy of the GNU Lesser General Public
|
50 |
+
* License along with this library; if not, write to the Free Software
|
51 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
52 |
+
* MA 02111-1307 USA
|
53 |
+
*
|
54 |
+
* @category Crypt
|
55 |
+
* @package Crypt_AES
|
56 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
57 |
+
* @copyright MMVIII Jim Wigginton
|
58 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
59 |
+
* @version $Id: AES.php,v 1.7 2010/02/09 06:10:25 terrafrost Exp $
|
60 |
+
* @link http://phpseclib.sourceforge.net
|
61 |
+
*/
|
62 |
+
|
63 |
+
/**
|
64 |
+
* Include Crypt_Rijndael
|
65 |
+
*/
|
66 |
+
require_once 'Rijndael.php';
|
67 |
+
|
68 |
+
/**#@+
|
69 |
+
* @access public
|
70 |
+
* @see Crypt_AES::encrypt()
|
71 |
+
* @see Crypt_AES::decrypt()
|
72 |
+
*/
|
73 |
+
/**
|
74 |
+
* Encrypt / decrypt using the Counter mode.
|
75 |
+
*
|
76 |
+
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
77 |
+
*
|
78 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
79 |
+
*/
|
80 |
+
define('CRYPT_AES_MODE_CTR', -1);
|
81 |
+
/**
|
82 |
+
* Encrypt / decrypt using the Electronic Code Book mode.
|
83 |
+
*
|
84 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
85 |
+
*/
|
86 |
+
define('CRYPT_AES_MODE_ECB', 1);
|
87 |
+
/**
|
88 |
+
* Encrypt / decrypt using the Code Book Chaining mode.
|
89 |
+
*
|
90 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
91 |
+
*/
|
92 |
+
define('CRYPT_AES_MODE_CBC', 2);
|
93 |
+
/**#@-*/
|
94 |
+
|
95 |
+
/**#@+
|
96 |
+
* @access private
|
97 |
+
* @see Crypt_AES::Crypt_AES()
|
98 |
+
*/
|
99 |
+
/**
|
100 |
+
* Toggles the internal implementation
|
101 |
+
*/
|
102 |
+
define('CRYPT_AES_MODE_INTERNAL', 1);
|
103 |
+
/**
|
104 |
+
* Toggles the mcrypt implementation
|
105 |
+
*/
|
106 |
+
define('CRYPT_AES_MODE_MCRYPT', 2);
|
107 |
+
/**#@-*/
|
108 |
+
|
109 |
+
/**
|
110 |
+
* Pure-PHP implementation of AES.
|
111 |
+
*
|
112 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
113 |
+
* @version 0.1.0
|
114 |
+
* @access public
|
115 |
+
* @package Crypt_AES
|
116 |
+
*/
|
117 |
+
class Crypt_AES extends Crypt_Rijndael {
|
118 |
+
/**
|
119 |
+
* mcrypt resource for encryption
|
120 |
+
*
|
121 |
+
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
122 |
+
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
123 |
+
*
|
124 |
+
* @see Crypt_AES::encrypt()
|
125 |
+
* @var String
|
126 |
+
* @access private
|
127 |
+
*/
|
128 |
+
var $enmcrypt;
|
129 |
+
|
130 |
+
/**
|
131 |
+
* mcrypt resource for decryption
|
132 |
+
*
|
133 |
+
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
134 |
+
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
135 |
+
*
|
136 |
+
* @see Crypt_AES::decrypt()
|
137 |
+
* @var String
|
138 |
+
* @access private
|
139 |
+
*/
|
140 |
+
var $demcrypt;
|
141 |
+
|
142 |
+
/**
|
143 |
+
* Default Constructor.
|
144 |
+
*
|
145 |
+
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
146 |
+
* CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC. If not explictly set, CRYPT_AES_MODE_CBC will be used.
|
147 |
+
*
|
148 |
+
* @param optional Integer $mode
|
149 |
+
* @return Crypt_AES
|
150 |
+
* @access public
|
151 |
+
*/
|
152 |
+
function Crypt_AES($mode = CRYPT_AES_MODE_CBC)
|
153 |
+
{
|
154 |
+
if ( !defined('CRYPT_AES_MODE') ) {
|
155 |
+
switch (true) {
|
156 |
+
case extension_loaded('mcrypt'):
|
157 |
+
// i'd check to see if aes was supported, by doing in_array('des', mcrypt_list_algorithms('')),
|
158 |
+
// but since that can be changed after the object has been created, there doesn't seem to be
|
159 |
+
// a lot of point...
|
160 |
+
define('CRYPT_AES_MODE', CRYPT_AES_MODE_MCRYPT);
|
161 |
+
break;
|
162 |
+
default:
|
163 |
+
define('CRYPT_AES_MODE', CRYPT_AES_MODE_INTERNAL);
|
164 |
+
}
|
165 |
+
}
|
166 |
+
|
167 |
+
switch ( CRYPT_AES_MODE ) {
|
168 |
+
case CRYPT_AES_MODE_MCRYPT:
|
169 |
+
switch ($mode) {
|
170 |
+
case CRYPT_AES_MODE_ECB:
|
171 |
+
$this->mode = MCRYPT_MODE_ECB;
|
172 |
+
break;
|
173 |
+
case CRYPT_AES_MODE_CTR:
|
174 |
+
// ctr doesn't have a constant associated with it even though it appears to be fairly widely
|
175 |
+
// supported. in lieu of knowing just how widely supported it is, i've, for now, opted not to
|
176 |
+
// include a compatibility layer. the layer has been implemented but, for now, is commented out.
|
177 |
+
$this->mode = 'ctr';
|
178 |
+
//$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_AES_MODE_CTR;
|
179 |
+
break;
|
180 |
+
case CRYPT_AES_MODE_CBC:
|
181 |
+
default:
|
182 |
+
$this->mode = MCRYPT_MODE_CBC;
|
183 |
+
}
|
184 |
+
|
185 |
+
break;
|
186 |
+
default:
|
187 |
+
switch ($mode) {
|
188 |
+
case CRYPT_AES_MODE_ECB:
|
189 |
+
$this->mode = CRYPT_RIJNDAEL_MODE_ECB;
|
190 |
+
break;
|
191 |
+
case CRYPT_AES_MODE_CTR:
|
192 |
+
$this->mode = CRYPT_RIJNDAEL_MODE_CTR;
|
193 |
+
break;
|
194 |
+
case CRYPT_AES_MODE_CBC:
|
195 |
+
default:
|
196 |
+
$this->mode = CRYPT_RIJNDAEL_MODE_CBC;
|
197 |
+
}
|
198 |
+
}
|
199 |
+
|
200 |
+
if (CRYPT_AES_MODE == CRYPT_AES_MODE_INTERNAL) {
|
201 |
+
parent::Crypt_Rijndael($this->mode);
|
202 |
+
}
|
203 |
+
}
|
204 |
+
|
205 |
+
/**
|
206 |
+
* Dummy function
|
207 |
+
*
|
208 |
+
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
|
209 |
+
*
|
210 |
+
* @access public
|
211 |
+
* @param Integer $length
|
212 |
+
*/
|
213 |
+
function setBlockLength($length)
|
214 |
+
{
|
215 |
+
return;
|
216 |
+
}
|
217 |
+
|
218 |
+
/**
|
219 |
+
* Encrypts a message.
|
220 |
+
*
|
221 |
+
* $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the
|
222 |
+
* same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following
|
223 |
+
* URL:
|
224 |
+
*
|
225 |
+
* {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
|
226 |
+
*
|
227 |
+
* An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
|
228 |
+
* strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that
|
229 |
+
* length.
|
230 |
+
*
|
231 |
+
* @see Crypt_AES::decrypt()
|
232 |
+
* @access public
|
233 |
+
* @param String $plaintext
|
234 |
+
*/
|
235 |
+
function encrypt($plaintext)
|
236 |
+
{
|
237 |
+
if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
|
238 |
+
$this->_mcryptSetup();
|
239 |
+
/*
|
240 |
+
if ($this->mode == CRYPT_AES_MODE_CTR) {
|
241 |
+
$iv = $this->encryptIV;
|
242 |
+
$xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($plaintext), $iv));
|
243 |
+
$ciphertext = $plaintext ^ $xor;
|
244 |
+
if ($this->continuousBuffer) {
|
245 |
+
$this->encryptIV = $iv;
|
246 |
+
}
|
247 |
+
return $ciphertext;
|
248 |
+
}
|
249 |
+
*/
|
250 |
+
|
251 |
+
if ($this->mode != 'ctr') {
|
252 |
+
$plaintext = $this->_pad($plaintext);
|
253 |
+
}
|
254 |
+
|
255 |
+
$ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
|
256 |
+
|
257 |
+
if (!$this->continuousBuffer) {
|
258 |
+
mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
|
259 |
+
}
|
260 |
+
|
261 |
+
return $ciphertext;
|
262 |
+
}
|
263 |
+
|
264 |
+
return parent::encrypt($plaintext);
|
265 |
+
}
|
266 |
+
|
267 |
+
/**
|
268 |
+
* Decrypts a message.
|
269 |
+
*
|
270 |
+
* If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.
|
271 |
+
*
|
272 |
+
* @see Crypt_AES::encrypt()
|
273 |
+
* @access public
|
274 |
+
* @param String $ciphertext
|
275 |
+
*/
|
276 |
+
function decrypt($ciphertext)
|
277 |
+
{
|
278 |
+
if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
|
279 |
+
$this->_mcryptSetup();
|
280 |
+
/*
|
281 |
+
if ($this->mode == CRYPT_AES_MODE_CTR) {
|
282 |
+
$iv = $this->decryptIV;
|
283 |
+
$xor = mcrypt_generic($this->enmcrypt, $this->_generate_xor(strlen($ciphertext), $iv));
|
284 |
+
$plaintext = $ciphertext ^ $xor;
|
285 |
+
if ($this->continuousBuffer) {
|
286 |
+
$this->decryptIV = $iv;
|
287 |
+
}
|
288 |
+
return $plaintext;
|
289 |
+
}
|
290 |
+
*/
|
291 |
+
|
292 |
+
if ($this->mode != 'ctr') {
|
293 |
+
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
294 |
+
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
295 |
+
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 15) & 0xFFFFFFF0, chr(0));
|
296 |
+
}
|
297 |
+
|
298 |
+
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
|
299 |
+
|
300 |
+
if (!$this->continuousBuffer) {
|
301 |
+
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
|
302 |
+
}
|
303 |
+
|
304 |
+
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
|
305 |
+
}
|
306 |
+
|
307 |
+
return parent::decrypt($ciphertext);
|
308 |
+
}
|
309 |
+
|
310 |
+
/**
|
311 |
+
* Setup mcrypt
|
312 |
+
*
|
313 |
+
* Validates all the variables.
|
314 |
+
*
|
315 |
+
* @access private
|
316 |
+
*/
|
317 |
+
function _mcryptSetup()
|
318 |
+
{
|
319 |
+
if (!$this->changed) {
|
320 |
+
return;
|
321 |
+
}
|
322 |
+
|
323 |
+
if (!$this->explicit_key_length) {
|
324 |
+
// this just copied from Crypt_Rijndael::_setup()
|
325 |
+
$length = strlen($this->key) >> 2;
|
326 |
+
if ($length > 8) {
|
327 |
+
$length = 8;
|
328 |
+
} else if ($length < 4) {
|
329 |
+
$length = 4;
|
330 |
+
}
|
331 |
+
$this->Nk = $length;
|
332 |
+
$this->key_size = $length << 2;
|
333 |
+
}
|
334 |
+
|
335 |
+
switch ($this->Nk) {
|
336 |
+
case 4: // 128
|
337 |
+
$this->key_size = 16;
|
338 |
+
break;
|
339 |
+
case 5: // 160
|
340 |
+
case 6: // 192
|
341 |
+
$this->key_size = 24;
|
342 |
+
break;
|
343 |
+
case 7: // 224
|
344 |
+
case 8: // 256
|
345 |
+
$this->key_size = 32;
|
346 |
+
}
|
347 |
+
|
348 |
+
$this->key = substr($this->key, 0, $this->key_size);
|
349 |
+
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, 16), 16, chr(0));
|
350 |
+
|
351 |
+
if (!isset($this->enmcrypt)) {
|
352 |
+
$mode = $this->mode;
|
353 |
+
//$mode = $this->mode == CRYPT_AES_MODE_CTR ? MCRYPT_MODE_ECB : $this->mode;
|
354 |
+
|
355 |
+
$this->demcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
|
356 |
+
$this->enmcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
|
357 |
+
} // else should mcrypt_generic_deinit be called?
|
358 |
+
|
359 |
+
mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
|
360 |
+
mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
|
361 |
+
|
362 |
+
$this->changed = false;
|
363 |
+
}
|
364 |
+
|
365 |
+
/**
|
366 |
+
* Encrypts a block
|
367 |
+
*
|
368 |
+
* Optimized over Crypt_Rijndael's implementation by means of loop unrolling.
|
369 |
+
*
|
370 |
+
* @see Crypt_Rijndael::_encryptBlock()
|
371 |
+
* @access private
|
372 |
+
* @param String $in
|
373 |
+
* @return String
|
374 |
+
*/
|
375 |
+
function _encryptBlock($in)
|
376 |
+
{
|
377 |
+
$state = unpack('N*word', $in);
|
378 |
+
|
379 |
+
$Nr = $this->Nr;
|
380 |
+
$w = $this->w;
|
381 |
+
$t0 = $this->t0;
|
382 |
+
$t1 = $this->t1;
|
383 |
+
$t2 = $this->t2;
|
384 |
+
$t3 = $this->t3;
|
385 |
+
|
386 |
+
// addRoundKey and reindex $state
|
387 |
+
$state = array(
|
388 |
+
$state['word1'] ^ $w[0][0],
|
389 |
+
$state['word2'] ^ $w[0][1],
|
390 |
+
$state['word3'] ^ $w[0][2],
|
391 |
+
$state['word4'] ^ $w[0][3]
|
392 |
+
);
|
393 |
+
|
394 |
+
// shiftRows + subWord + mixColumns + addRoundKey
|
395 |
+
// we could loop unroll this and use if statements to do more rounds as necessary, but, in my tests, that yields
|
396 |
+
// only a marginal improvement. since that also, imho, hinders the readability of the code, i've opted not to do it.
|
397 |
+
for ($round = 1; $round < $this->Nr; $round++) {
|
398 |
+
$state = array(
|
399 |
+
$t0[$state[0] & 0xFF000000] ^ $t1[$state[1] & 0x00FF0000] ^ $t2[$state[2] & 0x0000FF00] ^ $t3[$state[3] & 0x000000FF] ^ $w[$round][0],
|
400 |
+
$t0[$state[1] & 0xFF000000] ^ $t1[$state[2] & 0x00FF0000] ^ $t2[$state[3] & 0x0000FF00] ^ $t3[$state[0] & 0x000000FF] ^ $w[$round][1],
|
401 |
+
$t0[$state[2] & 0xFF000000] ^ $t1[$state[3] & 0x00FF0000] ^ $t2[$state[0] & 0x0000FF00] ^ $t3[$state[1] & 0x000000FF] ^ $w[$round][2],
|
402 |
+
$t0[$state[3] & 0xFF000000] ^ $t1[$state[0] & 0x00FF0000] ^ $t2[$state[1] & 0x0000FF00] ^ $t3[$state[2] & 0x000000FF] ^ $w[$round][3]
|
403 |
+
);
|
404 |
+
|
405 |
+
}
|
406 |
+
|
407 |
+
// subWord
|
408 |
+
$state = array(
|
409 |
+
$this->_subWord($state[0]),
|
410 |
+
$this->_subWord($state[1]),
|
411 |
+
$this->_subWord($state[2]),
|
412 |
+
$this->_subWord($state[3])
|
413 |
+
);
|
414 |
+
|
415 |
+
// shiftRows + addRoundKey
|
416 |
+
$state = array(
|
417 |
+
($state[0] & 0xFF000000) ^ ($state[1] & 0x00FF0000) ^ ($state[2] & 0x0000FF00) ^ ($state[3] & 0x000000FF) ^ $this->w[$this->Nr][0],
|
418 |
+
($state[1] & 0xFF000000) ^ ($state[2] & 0x00FF0000) ^ ($state[3] & 0x0000FF00) ^ ($state[0] & 0x000000FF) ^ $this->w[$this->Nr][1],
|
419 |
+
($state[2] & 0xFF000000) ^ ($state[3] & 0x00FF0000) ^ ($state[0] & 0x0000FF00) ^ ($state[1] & 0x000000FF) ^ $this->w[$this->Nr][2],
|
420 |
+
($state[3] & 0xFF000000) ^ ($state[0] & 0x00FF0000) ^ ($state[1] & 0x0000FF00) ^ ($state[2] & 0x000000FF) ^ $this->w[$this->Nr][3]
|
421 |
+
);
|
422 |
+
|
423 |
+
return pack('N*', $state[0], $state[1], $state[2], $state[3]);
|
424 |
+
}
|
425 |
+
|
426 |
+
/**
|
427 |
+
* Decrypts a block
|
428 |
+
*
|
429 |
+
* Optimized over Crypt_Rijndael's implementation by means of loop unrolling.
|
430 |
+
*
|
431 |
+
* @see Crypt_Rijndael::_decryptBlock()
|
432 |
+
* @access private
|
433 |
+
* @param String $in
|
434 |
+
* @return String
|
435 |
+
*/
|
436 |
+
function _decryptBlock($in)
|
437 |
+
{
|
438 |
+
$state = unpack('N*word', $in);
|
439 |
+
|
440 |
+
$Nr = $this->Nr;
|
441 |
+
$dw = $this->dw;
|
442 |
+
$dt0 = $this->dt0;
|
443 |
+
$dt1 = $this->dt1;
|
444 |
+
$dt2 = $this->dt2;
|
445 |
+
$dt3 = $this->dt3;
|
446 |
+
|
447 |
+
// addRoundKey and reindex $state
|
448 |
+
$state = array(
|
449 |
+
$state['word1'] ^ $dw[$this->Nr][0],
|
450 |
+
$state['word2'] ^ $dw[$this->Nr][1],
|
451 |
+
$state['word3'] ^ $dw[$this->Nr][2],
|
452 |
+
$state['word4'] ^ $dw[$this->Nr][3]
|
453 |
+
);
|
454 |
+
|
455 |
+
|
456 |
+
// invShiftRows + invSubBytes + invMixColumns + addRoundKey
|
457 |
+
for ($round = $this->Nr - 1; $round > 0; $round--) {
|
458 |
+
$state = array(
|
459 |
+
$dt0[$state[0] & 0xFF000000] ^ $dt1[$state[3] & 0x00FF0000] ^ $dt2[$state[2] & 0x0000FF00] ^ $dt3[$state[1] & 0x000000FF] ^ $dw[$round][0],
|
460 |
+
$dt0[$state[1] & 0xFF000000] ^ $dt1[$state[0] & 0x00FF0000] ^ $dt2[$state[3] & 0x0000FF00] ^ $dt3[$state[2] & 0x000000FF] ^ $dw[$round][1],
|
461 |
+
$dt0[$state[2] & 0xFF000000] ^ $dt1[$state[1] & 0x00FF0000] ^ $dt2[$state[0] & 0x0000FF00] ^ $dt3[$state[3] & 0x000000FF] ^ $dw[$round][2],
|
462 |
+
$dt0[$state[3] & 0xFF000000] ^ $dt1[$state[2] & 0x00FF0000] ^ $dt2[$state[1] & 0x0000FF00] ^ $dt3[$state[0] & 0x000000FF] ^ $dw[$round][3]
|
463 |
+
);
|
464 |
+
}
|
465 |
+
|
466 |
+
// invShiftRows + invSubWord + addRoundKey
|
467 |
+
$state = array(
|
468 |
+
$this->_invSubWord(($state[0] & 0xFF000000) ^ ($state[3] & 0x00FF0000) ^ ($state[2] & 0x0000FF00) ^ ($state[1] & 0x000000FF)) ^ $dw[0][0],
|
469 |
+
$this->_invSubWord(($state[1] & 0xFF000000) ^ ($state[0] & 0x00FF0000) ^ ($state[3] & 0x0000FF00) ^ ($state[2] & 0x000000FF)) ^ $dw[0][1],
|
470 |
+
$this->_invSubWord(($state[2] & 0xFF000000) ^ ($state[1] & 0x00FF0000) ^ ($state[0] & 0x0000FF00) ^ ($state[3] & 0x000000FF)) ^ $dw[0][2],
|
471 |
+
$this->_invSubWord(($state[3] & 0xFF000000) ^ ($state[2] & 0x00FF0000) ^ ($state[1] & 0x0000FF00) ^ ($state[0] & 0x000000FF)) ^ $dw[0][3]
|
472 |
+
);
|
473 |
+
|
474 |
+
return pack('N*', $state[0], $state[1], $state[2], $state[3]);
|
475 |
+
}
|
476 |
+
}
|
477 |
+
|
478 |
+
// vim: ts=4:sw=4:et:
|
479 |
+
// vim6: fdl=1:
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/DES.php
CHANGED
@@ -1,945 +1,945 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of DES.
|
6 |
-
*
|
7 |
-
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
8 |
-
*
|
9 |
-
* PHP versions 4 and 5
|
10 |
-
*
|
11 |
-
* Useful resources are as follows:
|
12 |
-
*
|
13 |
-
* - {@link http://en.wikipedia.org/wiki/DES_supplementary_material Wikipedia: DES supplementary material}
|
14 |
-
* - {@link http://www.itl.nist.gov/fipspubs/fip46-2.htm FIPS 46-2 - (DES), Data Encryption Standard}
|
15 |
-
* - {@link http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-DES.html JavaScript DES Example}
|
16 |
-
*
|
17 |
-
* Here's a short example of how to use this library:
|
18 |
-
* <code>
|
19 |
-
* <?php
|
20 |
-
* include('Crypt/DES.php');
|
21 |
-
*
|
22 |
-
* $des = new Crypt_DES();
|
23 |
-
*
|
24 |
-
* $des->setKey('abcdefgh');
|
25 |
-
*
|
26 |
-
* $size = 10 * 1024;
|
27 |
-
* $plaintext = '';
|
28 |
-
* for ($i = 0; $i < $size; $i++) {
|
29 |
-
* $plaintext.= 'a';
|
30 |
-
* }
|
31 |
-
*
|
32 |
-
* echo $des->decrypt($des->encrypt($plaintext));
|
33 |
-
* ?>
|
34 |
-
* </code>
|
35 |
-
*
|
36 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
37 |
-
* modify it under the terms of the GNU Lesser General Public
|
38 |
-
* License as published by the Free Software Foundation; either
|
39 |
-
* version 2.1 of the License, or (at your option) any later version.
|
40 |
-
*
|
41 |
-
* This library is distributed in the hope that it will be useful,
|
42 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
43 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
44 |
-
* Lesser General Public License for more details.
|
45 |
-
*
|
46 |
-
* You should have received a copy of the GNU Lesser General Public
|
47 |
-
* License along with this library; if not, write to the Free Software
|
48 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
49 |
-
* MA 02111-1307 USA
|
50 |
-
*
|
51 |
-
* @category Crypt
|
52 |
-
* @package Crypt_DES
|
53 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
54 |
-
* @copyright MMVII Jim Wigginton
|
55 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
56 |
-
* @version $Id: DES.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
|
57 |
-
* @link http://phpseclib.sourceforge.net
|
58 |
-
*/
|
59 |
-
|
60 |
-
/**#@+
|
61 |
-
* @access private
|
62 |
-
* @see Crypt_DES::_prepareKey()
|
63 |
-
* @see Crypt_DES::_processBlock()
|
64 |
-
*/
|
65 |
-
/**
|
66 |
-
* Contains array_reverse($keys[CRYPT_DES_DECRYPT])
|
67 |
-
*/
|
68 |
-
define('CRYPT_DES_ENCRYPT', 0);
|
69 |
-
/**
|
70 |
-
* Contains array_reverse($keys[CRYPT_DES_ENCRYPT])
|
71 |
-
*/
|
72 |
-
define('CRYPT_DES_DECRYPT', 1);
|
73 |
-
/**#@-*/
|
74 |
-
|
75 |
-
/**#@+
|
76 |
-
* @access public
|
77 |
-
* @see Crypt_DES::encrypt()
|
78 |
-
* @see Crypt_DES::decrypt()
|
79 |
-
*/
|
80 |
-
/**
|
81 |
-
* Encrypt / decrypt using the Counter mode.
|
82 |
-
*
|
83 |
-
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
84 |
-
*
|
85 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
86 |
-
*/
|
87 |
-
define('CRYPT_DES_MODE_CTR', -1);
|
88 |
-
/**
|
89 |
-
* Encrypt / decrypt using the Electronic Code Book mode.
|
90 |
-
*
|
91 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
92 |
-
*/
|
93 |
-
define('CRYPT_DES_MODE_ECB', 1);
|
94 |
-
/**
|
95 |
-
* Encrypt / decrypt using the Code Book Chaining mode.
|
96 |
-
*
|
97 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
98 |
-
*/
|
99 |
-
define('CRYPT_DES_MODE_CBC', 2);
|
100 |
-
/**#@-*/
|
101 |
-
|
102 |
-
/**#@+
|
103 |
-
* @access private
|
104 |
-
* @see Crypt_DES::Crypt_DES()
|
105 |
-
*/
|
106 |
-
/**
|
107 |
-
* Toggles the internal implementation
|
108 |
-
*/
|
109 |
-
define('CRYPT_DES_MODE_INTERNAL', 1);
|
110 |
-
/**
|
111 |
-
* Toggles the mcrypt implementation
|
112 |
-
*/
|
113 |
-
define('CRYPT_DES_MODE_MCRYPT', 2);
|
114 |
-
/**#@-*/
|
115 |
-
|
116 |
-
/**
|
117 |
-
* Pure-PHP implementation of DES.
|
118 |
-
*
|
119 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
120 |
-
* @version 0.1.0
|
121 |
-
* @access public
|
122 |
-
* @package Crypt_DES
|
123 |
-
*/
|
124 |
-
class Crypt_DES {
|
125 |
-
/**
|
126 |
-
* The Key Schedule
|
127 |
-
*
|
128 |
-
* @see Crypt_DES::setKey()
|
129 |
-
* @var Array
|
130 |
-
* @access private
|
131 |
-
*/
|
132 |
-
var $keys = "\0\0\0\0\0\0\0\0";
|
133 |
-
|
134 |
-
/**
|
135 |
-
* The Encryption Mode
|
136 |
-
*
|
137 |
-
* @see Crypt_DES::Crypt_DES()
|
138 |
-
* @var Integer
|
139 |
-
* @access private
|
140 |
-
*/
|
141 |
-
var $mode;
|
142 |
-
|
143 |
-
/**
|
144 |
-
* Continuous Buffer status
|
145 |
-
*
|
146 |
-
* @see Crypt_DES::enableContinuousBuffer()
|
147 |
-
* @var Boolean
|
148 |
-
* @access private
|
149 |
-
*/
|
150 |
-
var $continuousBuffer = false;
|
151 |
-
|
152 |
-
/**
|
153 |
-
* Padding status
|
154 |
-
*
|
155 |
-
* @see Crypt_DES::enablePadding()
|
156 |
-
* @var Boolean
|
157 |
-
* @access private
|
158 |
-
*/
|
159 |
-
var $padding = true;
|
160 |
-
|
161 |
-
/**
|
162 |
-
* The Initialization Vector
|
163 |
-
*
|
164 |
-
* @see Crypt_DES::setIV()
|
165 |
-
* @var String
|
166 |
-
* @access private
|
167 |
-
*/
|
168 |
-
var $iv = "\0\0\0\0\0\0\0\0";
|
169 |
-
|
170 |
-
/**
|
171 |
-
* A "sliding" Initialization Vector
|
172 |
-
*
|
173 |
-
* @see Crypt_DES::enableContinuousBuffer()
|
174 |
-
* @var String
|
175 |
-
* @access private
|
176 |
-
*/
|
177 |
-
var $encryptIV = "\0\0\0\0\0\0\0\0";
|
178 |
-
|
179 |
-
/**
|
180 |
-
* A "sliding" Initialization Vector
|
181 |
-
*
|
182 |
-
* @see Crypt_DES::enableContinuousBuffer()
|
183 |
-
* @var String
|
184 |
-
* @access private
|
185 |
-
*/
|
186 |
-
var $decryptIV = "\0\0\0\0\0\0\0\0";
|
187 |
-
|
188 |
-
/**
|
189 |
-
* mcrypt resource for encryption
|
190 |
-
*
|
191 |
-
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
192 |
-
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
193 |
-
*
|
194 |
-
* @see Crypt_AES::encrypt()
|
195 |
-
* @var String
|
196 |
-
* @access private
|
197 |
-
*/
|
198 |
-
var $enmcrypt;
|
199 |
-
|
200 |
-
/**
|
201 |
-
* mcrypt resource for decryption
|
202 |
-
*
|
203 |
-
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
204 |
-
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
205 |
-
*
|
206 |
-
* @see Crypt_AES::decrypt()
|
207 |
-
* @var String
|
208 |
-
* @access private
|
209 |
-
*/
|
210 |
-
var $demcrypt;
|
211 |
-
|
212 |
-
/**
|
213 |
-
* Does the (en|de)mcrypt resource need to be (re)initialized?
|
214 |
-
*
|
215 |
-
* @see setKey()
|
216 |
-
* @see setIV()
|
217 |
-
* @var Boolean
|
218 |
-
* @access private
|
219 |
-
*/
|
220 |
-
var $changed = true;
|
221 |
-
|
222 |
-
/**
|
223 |
-
* Default Constructor.
|
224 |
-
*
|
225 |
-
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
226 |
-
* CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used.
|
227 |
-
*
|
228 |
-
* @param optional Integer $mode
|
229 |
-
* @return Crypt_DES
|
230 |
-
* @access public
|
231 |
-
*/
|
232 |
-
function Crypt_DES($mode = CRYPT_MODE_DES_CBC)
|
233 |
-
{
|
234 |
-
if ( !defined('CRYPT_DES_MODE') ) {
|
235 |
-
switch (true) {
|
236 |
-
case extension_loaded('mcrypt'):
|
237 |
-
// i'd check to see if des was supported, by doing in_array('des', mcrypt_list_algorithms('')),
|
238 |
-
// but since that can be changed after the object has been created, there doesn't seem to be
|
239 |
-
// a lot of point...
|
240 |
-
define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT);
|
241 |
-
break;
|
242 |
-
default:
|
243 |
-
define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL);
|
244 |
-
}
|
245 |
-
}
|
246 |
-
|
247 |
-
switch ( CRYPT_DES_MODE ) {
|
248 |
-
case CRYPT_DES_MODE_MCRYPT:
|
249 |
-
switch ($mode) {
|
250 |
-
case CRYPT_DES_MODE_ECB:
|
251 |
-
$this->mode = MCRYPT_MODE_ECB;
|
252 |
-
break;
|
253 |
-
case CRYPT_DES_MODE_CTR:
|
254 |
-
$this->mode = 'ctr';
|
255 |
-
//$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_DES_MODE_CTR;
|
256 |
-
break;
|
257 |
-
case CRYPT_DES_MODE_CBC:
|
258 |
-
default:
|
259 |
-
$this->mode = MCRYPT_MODE_CBC;
|
260 |
-
}
|
261 |
-
|
262 |
-
break;
|
263 |
-
default:
|
264 |
-
switch ($mode) {
|
265 |
-
case CRYPT_DES_MODE_ECB:
|
266 |
-
case CRYPT_DES_MODE_CTR:
|
267 |
-
case CRYPT_DES_MODE_CBC:
|
268 |
-
$this->mode = $mode;
|
269 |
-
break;
|
270 |
-
default:
|
271 |
-
$this->mode = CRYPT_DES_MODE_CBC;
|
272 |
-
}
|
273 |
-
}
|
274 |
-
}
|
275 |
-
|
276 |
-
/**
|
277 |
-
* Sets the key.
|
278 |
-
*
|
279 |
-
* Keys can be of any length. DES, itself, uses 64-bit keys (eg. strlen($key) == 8), however, we
|
280 |
-
* only use the first eight, if $key has more then eight characters in it, and pad $key with the
|
281 |
-
* null byte if it is less then eight characters long.
|
282 |
-
*
|
283 |
-
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
284 |
-
*
|
285 |
-
* If the key is not explicitly set, it'll be assumed to be all zero's.
|
286 |
-
*
|
287 |
-
* @access public
|
288 |
-
* @param String $key
|
289 |
-
*/
|
290 |
-
function setKey($key)
|
291 |
-
{
|
292 |
-
$this->keys = ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) ? substr($key, 0, 8) : $this->_prepareKey($key);
|
293 |
-
$this->changed = true;
|
294 |
-
}
|
295 |
-
|
296 |
-
/**
|
297 |
-
* Sets the initialization vector. (optional)
|
298 |
-
*
|
299 |
-
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed
|
300 |
-
* to be all zero's.
|
301 |
-
*
|
302 |
-
* @access public
|
303 |
-
* @param String $iv
|
304 |
-
*/
|
305 |
-
function setIV($iv)
|
306 |
-
{
|
307 |
-
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
|
308 |
-
$this->changed = true;
|
309 |
-
}
|
310 |
-
|
311 |
-
/**
|
312 |
-
* Generate CTR XOR encryption key
|
313 |
-
*
|
314 |
-
* Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
|
315 |
-
* plaintext / ciphertext in CTR mode.
|
316 |
-
*
|
317 |
-
* @see Crypt_DES::decrypt()
|
318 |
-
* @see Crypt_DES::encrypt()
|
319 |
-
* @access public
|
320 |
-
* @param Integer $length
|
321 |
-
* @param String $iv
|
322 |
-
*/
|
323 |
-
function _generate_xor($length, &$iv)
|
324 |
-
{
|
325 |
-
$xor = '';
|
326 |
-
$num_blocks = ($length + 7) >> 3;
|
327 |
-
for ($i = 0; $i < $num_blocks; $i++) {
|
328 |
-
$xor.= $iv;
|
329 |
-
for ($j = 4; $j <= 8; $j+=4) {
|
330 |
-
$temp = substr($iv, -$j, 4);
|
331 |
-
switch ($temp) {
|
332 |
-
case "\xFF\xFF\xFF\xFF":
|
333 |
-
$iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
|
334 |
-
break;
|
335 |
-
case "\x7F\xFF\xFF\xFF":
|
336 |
-
$iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
|
337 |
-
break 2;
|
338 |
-
default:
|
339 |
-
extract(unpack('Ncount', $temp));
|
340 |
-
$iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
|
341 |
-
break 2;
|
342 |
-
}
|
343 |
-
}
|
344 |
-
}
|
345 |
-
|
346 |
-
return $xor;
|
347 |
-
}
|
348 |
-
|
349 |
-
/**
|
350 |
-
* Encrypts a message.
|
351 |
-
*
|
352 |
-
* $plaintext will be padded with up to 8 additional bytes. Other DES implementations may or may not pad in the
|
353 |
-
* same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following
|
354 |
-
* URL:
|
355 |
-
*
|
356 |
-
* {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
|
357 |
-
*
|
358 |
-
* An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
|
359 |
-
* strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
|
360 |
-
* length.
|
361 |
-
*
|
362 |
-
* @see Crypt_DES::decrypt()
|
363 |
-
* @access public
|
364 |
-
* @param String $plaintext
|
365 |
-
*/
|
366 |
-
function encrypt($plaintext)
|
367 |
-
{
|
368 |
-
if ($this->mode != CRYPT_DES_MODE_CTR && $this->mode != 'ctr') {
|
369 |
-
$plaintext = $this->_pad($plaintext);
|
370 |
-
}
|
371 |
-
|
372 |
-
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
373 |
-
if ($this->changed) {
|
374 |
-
if (!isset($this->enmcrypt)) {
|
375 |
-
$this->enmcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, '');
|
376 |
-
}
|
377 |
-
mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV);
|
378 |
-
$this->changed = false;
|
379 |
-
}
|
380 |
-
|
381 |
-
$ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
|
382 |
-
|
383 |
-
if (!$this->continuousBuffer) {
|
384 |
-
mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV);
|
385 |
-
}
|
386 |
-
|
387 |
-
return $ciphertext;
|
388 |
-
}
|
389 |
-
|
390 |
-
if (!is_array($this->keys)) {
|
391 |
-
$this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0");
|
392 |
-
}
|
393 |
-
|
394 |
-
$ciphertext = '';
|
395 |
-
switch ($this->mode) {
|
396 |
-
case CRYPT_DES_MODE_ECB:
|
397 |
-
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
398 |
-
$ciphertext.= $this->_processBlock(substr($plaintext, $i, 8), CRYPT_DES_ENCRYPT);
|
399 |
-
}
|
400 |
-
break;
|
401 |
-
case CRYPT_DES_MODE_CBC:
|
402 |
-
$xor = $this->encryptIV;
|
403 |
-
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
404 |
-
$block = substr($plaintext, $i, 8);
|
405 |
-
$block = $this->_processBlock($block ^ $xor, CRYPT_DES_ENCRYPT);
|
406 |
-
$xor = $block;
|
407 |
-
$ciphertext.= $block;
|
408 |
-
}
|
409 |
-
if ($this->continuousBuffer) {
|
410 |
-
$this->encryptIV = $xor;
|
411 |
-
}
|
412 |
-
break;
|
413 |
-
case CRYPT_DES_MODE_CTR:
|
414 |
-
$xor = $this->encryptIV;
|
415 |
-
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
416 |
-
$block = substr($plaintext, $i, 8);
|
417 |
-
$key = $this->_processBlock($this->_generate_xor(8, $xor), CRYPT_DES_ENCRYPT);
|
418 |
-
$ciphertext.= $block ^ $key;
|
419 |
-
}
|
420 |
-
if ($this->continuousBuffer) {
|
421 |
-
$this->encryptIV = $xor;
|
422 |
-
}
|
423 |
-
}
|
424 |
-
|
425 |
-
return $ciphertext;
|
426 |
-
}
|
427 |
-
|
428 |
-
/**
|
429 |
-
* Decrypts a message.
|
430 |
-
*
|
431 |
-
* If strlen($ciphertext) is not a multiple of 8, null bytes will be added to the end of the string until it is.
|
432 |
-
*
|
433 |
-
* @see Crypt_DES::encrypt()
|
434 |
-
* @access public
|
435 |
-
* @param String $ciphertext
|
436 |
-
*/
|
437 |
-
function decrypt($ciphertext)
|
438 |
-
{
|
439 |
-
if ($this->mode != CRYPT_DES_MODE_CTR && $this->mode != 'ctr') {
|
440 |
-
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
441 |
-
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
442 |
-
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0));
|
443 |
-
}
|
444 |
-
|
445 |
-
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
446 |
-
if ($this->changed) {
|
447 |
-
if (!isset($this->demcrypt)) {
|
448 |
-
$this->demcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, '');
|
449 |
-
}
|
450 |
-
mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV);
|
451 |
-
$this->changed = false;
|
452 |
-
}
|
453 |
-
|
454 |
-
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
|
455 |
-
|
456 |
-
if (!$this->continuousBuffer) {
|
457 |
-
mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV);
|
458 |
-
}
|
459 |
-
|
460 |
-
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
|
461 |
-
}
|
462 |
-
|
463 |
-
if (!is_array($this->keys)) {
|
464 |
-
$this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0");
|
465 |
-
}
|
466 |
-
|
467 |
-
$plaintext = '';
|
468 |
-
switch ($this->mode) {
|
469 |
-
case CRYPT_DES_MODE_ECB:
|
470 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
471 |
-
$plaintext.= $this->_processBlock(substr($ciphertext, $i, 8), CRYPT_DES_DECRYPT);
|
472 |
-
}
|
473 |
-
break;
|
474 |
-
case CRYPT_DES_MODE_CBC:
|
475 |
-
$xor = $this->decryptIV;
|
476 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
477 |
-
$block = substr($ciphertext, $i, 8);
|
478 |
-
$plaintext.= $this->_processBlock($block, CRYPT_DES_DECRYPT) ^ $xor;
|
479 |
-
$xor = $block;
|
480 |
-
}
|
481 |
-
if ($this->continuousBuffer) {
|
482 |
-
$this->decryptIV = $xor;
|
483 |
-
}
|
484 |
-
break;
|
485 |
-
case CRYPT_DES_MODE_CTR:
|
486 |
-
$xor = $this->decryptIV;
|
487 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
488 |
-
$block = substr($ciphertext, $i, 8);
|
489 |
-
$key = $this->_processBlock($this->_generate_xor(8, $xor), CRYPT_DES_ENCRYPT);
|
490 |
-
$plaintext.= $block ^ $key;
|
491 |
-
}
|
492 |
-
if ($this->continuousBuffer) {
|
493 |
-
$this->decryptIV = $xor;
|
494 |
-
}
|
495 |
-
}
|
496 |
-
|
497 |
-
return $this->mode != CRYPT_DES_MODE_CTR ? $this->_unpad($plaintext) : $plaintext;
|
498 |
-
}
|
499 |
-
|
500 |
-
/**
|
501 |
-
* Treat consecutive "packets" as if they are a continuous buffer.
|
502 |
-
*
|
503 |
-
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
504 |
-
* will yield different outputs:
|
505 |
-
*
|
506 |
-
* <code>
|
507 |
-
* echo $des->encrypt(substr($plaintext, 0, 8));
|
508 |
-
* echo $des->encrypt(substr($plaintext, 8, 8));
|
509 |
-
* </code>
|
510 |
-
* <code>
|
511 |
-
* echo $des->encrypt($plaintext);
|
512 |
-
* </code>
|
513 |
-
*
|
514 |
-
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
515 |
-
* another, as demonstrated with the following:
|
516 |
-
*
|
517 |
-
* <code>
|
518 |
-
* $des->encrypt(substr($plaintext, 0, 8));
|
519 |
-
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
520 |
-
* </code>
|
521 |
-
* <code>
|
522 |
-
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
523 |
-
* </code>
|
524 |
-
*
|
525 |
-
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
526 |
-
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
527 |
-
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
528 |
-
*
|
529 |
-
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
530 |
-
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
531 |
-
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
532 |
-
* however, they are also less intuitive and more likely to cause you problems.
|
533 |
-
*
|
534 |
-
* @see Crypt_DES::disableContinuousBuffer()
|
535 |
-
* @access public
|
536 |
-
*/
|
537 |
-
function enableContinuousBuffer()
|
538 |
-
{
|
539 |
-
$this->continuousBuffer = true;
|
540 |
-
}
|
541 |
-
|
542 |
-
/**
|
543 |
-
* Treat consecutive packets as if they are a discontinuous buffer.
|
544 |
-
*
|
545 |
-
* The default behavior.
|
546 |
-
*
|
547 |
-
* @see Crypt_DES::enableContinuousBuffer()
|
548 |
-
* @access public
|
549 |
-
*/
|
550 |
-
function disableContinuousBuffer()
|
551 |
-
{
|
552 |
-
$this->continuousBuffer = false;
|
553 |
-
$this->encryptIV = $this->iv;
|
554 |
-
$this->decryptIV = $this->iv;
|
555 |
-
}
|
556 |
-
|
557 |
-
/**
|
558 |
-
* Pad "packets".
|
559 |
-
*
|
560 |
-
* DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not
|
561 |
-
* a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight.
|
562 |
-
*
|
563 |
-
* Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1,
|
564 |
-
* where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
|
565 |
-
* away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
|
566 |
-
* transmitted separately)
|
567 |
-
*
|
568 |
-
* @see Crypt_DES::disablePadding()
|
569 |
-
* @access public
|
570 |
-
*/
|
571 |
-
function enablePadding()
|
572 |
-
{
|
573 |
-
$this->padding = true;
|
574 |
-
}
|
575 |
-
|
576 |
-
/**
|
577 |
-
* Do not pad packets.
|
578 |
-
*
|
579 |
-
* @see Crypt_DES::enablePadding()
|
580 |
-
* @access public
|
581 |
-
*/
|
582 |
-
function disablePadding()
|
583 |
-
{
|
584 |
-
$this->padding = false;
|
585 |
-
}
|
586 |
-
|
587 |
-
/**
|
588 |
-
* Pads a string
|
589 |
-
*
|
590 |
-
* Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8).
|
591 |
-
* 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7)
|
592 |
-
*
|
593 |
-
* If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
|
594 |
-
* and padding will, hence forth, be enabled.
|
595 |
-
*
|
596 |
-
* @see Crypt_DES::_unpad()
|
597 |
-
* @access private
|
598 |
-
*/
|
599 |
-
function _pad($text)
|
600 |
-
{
|
601 |
-
$length = strlen($text);
|
602 |
-
|
603 |
-
if (!$this->padding) {
|
604 |
-
if (($length & 7) == 0) {
|
605 |
-
return $text;
|
606 |
-
} else {
|
607 |
-
user_error("The plaintext's length ($length) is not a multiple of the block size (8)", E_USER_NOTICE);
|
608 |
-
$this->padding = true;
|
609 |
-
}
|
610 |
-
}
|
611 |
-
|
612 |
-
$pad = 8 - ($length & 7);
|
613 |
-
return str_pad($text, $length + $pad, chr($pad));
|
614 |
-
}
|
615 |
-
|
616 |
-
/**
|
617 |
-
* Unpads a string
|
618 |
-
*
|
619 |
-
* If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
|
620 |
-
* and false will be returned.
|
621 |
-
*
|
622 |
-
* @see Crypt_DES::_pad()
|
623 |
-
* @access private
|
624 |
-
*/
|
625 |
-
function _unpad($text)
|
626 |
-
{
|
627 |
-
if (!$this->padding) {
|
628 |
-
return $text;
|
629 |
-
}
|
630 |
-
|
631 |
-
$length = ord($text[strlen($text) - 1]);
|
632 |
-
|
633 |
-
if (!$length || $length > 8) {
|
634 |
-
return false;
|
635 |
-
}
|
636 |
-
|
637 |
-
return substr($text, 0, -$length);
|
638 |
-
}
|
639 |
-
|
640 |
-
/**
|
641 |
-
* Encrypts or decrypts a 64-bit block
|
642 |
-
*
|
643 |
-
* $mode should be either CRYPT_DES_ENCRYPT or CRYPT_DES_DECRYPT. See
|
644 |
-
* {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general
|
645 |
-
* idea of what this function does.
|
646 |
-
*
|
647 |
-
* @access private
|
648 |
-
* @param String $block
|
649 |
-
* @param Integer $mode
|
650 |
-
* @return String
|
651 |
-
*/
|
652 |
-
function _processBlock($block, $mode)
|
653 |
-
{
|
654 |
-
// s-boxes. in the official DES docs, they're described as being matrices that
|
655 |
-
// one accesses by using the first and last bits to determine the row and the
|
656 |
-
// middle four bits to determine the column. in this implementation, they've
|
657 |
-
// been converted to vectors
|
658 |
-
static $sbox = array(
|
659 |
-
array(
|
660 |
-
14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
|
661 |
-
3, 10 ,10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
|
662 |
-
4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
|
663 |
-
15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13
|
664 |
-
),
|
665 |
-
array(
|
666 |
-
15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
|
667 |
-
9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
|
668 |
-
0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
|
669 |
-
5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9
|
670 |
-
),
|
671 |
-
array(
|
672 |
-
10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
|
673 |
-
1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
|
674 |
-
13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
|
675 |
-
11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12
|
676 |
-
),
|
677 |
-
array(
|
678 |
-
7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
|
679 |
-
1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
|
680 |
-
10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
|
681 |
-
15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14
|
682 |
-
),
|
683 |
-
array(
|
684 |
-
2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
|
685 |
-
8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
|
686 |
-
4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
|
687 |
-
15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3
|
688 |
-
),
|
689 |
-
array(
|
690 |
-
12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
|
691 |
-
0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
|
692 |
-
9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
|
693 |
-
7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13
|
694 |
-
),
|
695 |
-
array(
|
696 |
-
4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
|
697 |
-
3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
|
698 |
-
1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
|
699 |
-
10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12
|
700 |
-
),
|
701 |
-
array(
|
702 |
-
13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
|
703 |
-
10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
|
704 |
-
7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
|
705 |
-
0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
|
706 |
-
)
|
707 |
-
);
|
708 |
-
|
709 |
-
$keys = $this->keys;
|
710 |
-
|
711 |
-
$temp = unpack('Na/Nb', $block);
|
712 |
-
$block = array($temp['a'], $temp['b']);
|
713 |
-
|
714 |
-
// because php does arithmetic right shifts, if the most significant bits are set, right
|
715 |
-
// shifting those into the correct position will add 1's - not 0's. this will intefere
|
716 |
-
// with the | operation unless a second & is done. so we isolate these bits and left shift
|
717 |
-
// them into place. we then & each block with 0x7FFFFFFF to prevennt 1's from being added
|
718 |
-
// for any other shifts.
|
719 |
-
$msb = array(
|
720 |
-
($block[0] >> 31) & 1,
|
721 |
-
($block[1] >> 31) & 1
|
722 |
-
);
|
723 |
-
$block[0] &= 0x7FFFFFFF;
|
724 |
-
$block[1] &= 0x7FFFFFFF;
|
725 |
-
|
726 |
-
// we isolate the appropriate bit in the appropriate integer and shift as appropriate. in
|
727 |
-
// some cases, there are going to be multiple bits in the same integer that need to be shifted
|
728 |
-
// in the same way. we combine those into one shift operation.
|
729 |
-
$block = array(
|
730 |
-
(($block[1] & 0x00000040) << 25) | (($block[1] & 0x00004000) << 16) |
|
731 |
-
(($block[1] & 0x00400001) << 7) | (($block[1] & 0x40000100) >> 2) |
|
732 |
-
(($block[0] & 0x00000040) << 21) | (($block[0] & 0x00004000) << 12) |
|
733 |
-
(($block[0] & 0x00400001) << 3) | (($block[0] & 0x40000100) >> 6) |
|
734 |
-
(($block[1] & 0x00000010) << 19) | (($block[1] & 0x00001000) << 10) |
|
735 |
-
(($block[1] & 0x00100000) << 1) | (($block[1] & 0x10000000) >> 8) |
|
736 |
-
(($block[0] & 0x00000010) << 15) | (($block[0] & 0x00001000) << 6) |
|
737 |
-
(($block[0] & 0x00100000) >> 3) | (($block[0] & 0x10000000) >> 12) |
|
738 |
-
(($block[1] & 0x00000004) << 13) | (($block[1] & 0x00000400) << 4) |
|
739 |
-
(($block[1] & 0x00040000) >> 5) | (($block[1] & 0x04000000) >> 14) |
|
740 |
-
(($block[0] & 0x00000004) << 9) | ( $block[0] & 0x00000400 ) |
|
741 |
-
(($block[0] & 0x00040000) >> 9) | (($block[0] & 0x04000000) >> 18) |
|
742 |
-
(($block[1] & 0x00010000) >> 11) | (($block[1] & 0x01000000) >> 20) |
|
743 |
-
(($block[0] & 0x00010000) >> 15) | (($block[0] & 0x01000000) >> 24)
|
744 |
-
,
|
745 |
-
(($block[1] & 0x00000080) << 24) | (($block[1] & 0x00008000) << 15) |
|
746 |
-
(($block[1] & 0x00800002) << 6) | (($block[0] & 0x00000080) << 20) |
|
747 |
-
(($block[0] & 0x00008000) << 11) | (($block[0] & 0x00800002) << 2) |
|
748 |
-
(($block[1] & 0x00000020) << 18) | (($block[1] & 0x00002000) << 9) |
|
749 |
-
( $block[1] & 0x00200000 ) | (($block[1] & 0x20000000) >> 9) |
|
750 |
-
(($block[0] & 0x00000020) << 14) | (($block[0] & 0x00002000) << 5) |
|
751 |
-
(($block[0] & 0x00200000) >> 4) | (($block[0] & 0x20000000) >> 13) |
|
752 |
-
(($block[1] & 0x00000008) << 12) | (($block[1] & 0x00000800) << 3) |
|
753 |
-
(($block[1] & 0x00080000) >> 6) | (($block[1] & 0x08000000) >> 15) |
|
754 |
-
(($block[0] & 0x00000008) << 8) | (($block[0] & 0x00000800) >> 1) |
|
755 |
-
(($block[0] & 0x00080000) >> 10) | (($block[0] & 0x08000000) >> 19) |
|
756 |
-
(($block[1] & 0x00000200) >> 3) | (($block[0] & 0x00000200) >> 7) |
|
757 |
-
(($block[1] & 0x00020000) >> 12) | (($block[1] & 0x02000000) >> 21) |
|
758 |
-
(($block[0] & 0x00020000) >> 16) | (($block[0] & 0x02000000) >> 25) |
|
759 |
-
($msb[1] << 28) | ($msb[0] << 24)
|
760 |
-
);
|
761 |
-
|
762 |
-
for ($i = 0; $i < 16; $i++) {
|
763 |
-
// start of "the Feistel (F) function" - see the following URL:
|
764 |
-
// http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png
|
765 |
-
$temp = (($sbox[0][((($block[1] >> 27) & 0x1F) | (($block[1] & 1) << 5)) ^ $keys[$mode][$i][0]]) << 28)
|
766 |
-
| (($sbox[1][(($block[1] & 0x1F800000) >> 23) ^ $keys[$mode][$i][1]]) << 24)
|
767 |
-
| (($sbox[2][(($block[1] & 0x01F80000) >> 19) ^ $keys[$mode][$i][2]]) << 20)
|
768 |
-
| (($sbox[3][(($block[1] & 0x001F8000) >> 15) ^ $keys[$mode][$i][3]]) << 16)
|
769 |
-
| (($sbox[4][(($block[1] & 0x0001F800) >> 11) ^ $keys[$mode][$i][4]]) << 12)
|
770 |
-
| (($sbox[5][(($block[1] & 0x00001F80) >> 7) ^ $keys[$mode][$i][5]]) << 8)
|
771 |
-
| (($sbox[6][(($block[1] & 0x000001F8) >> 3) ^ $keys[$mode][$i][6]]) << 4)
|
772 |
-
| ( $sbox[7][((($block[1] & 0x1F) << 1) | (($block[1] >> 31) & 1)) ^ $keys[$mode][$i][7]]);
|
773 |
-
|
774 |
-
$msb = ($temp >> 31) & 1;
|
775 |
-
$temp &= 0x7FFFFFFF;
|
776 |
-
$newBlock = (($temp & 0x00010000) << 15) | (($temp & 0x02020120) << 5)
|
777 |
-
| (($temp & 0x00001800) << 17) | (($temp & 0x01000000) >> 10)
|
778 |
-
| (($temp & 0x00000008) << 24) | (($temp & 0x00100000) << 6)
|
779 |
-
| (($temp & 0x00000010) << 21) | (($temp & 0x00008000) << 9)
|
780 |
-
| (($temp & 0x00000200) << 12) | (($temp & 0x10000000) >> 27)
|
781 |
-
| (($temp & 0x00000040) << 14) | (($temp & 0x08000000) >> 8)
|
782 |
-
| (($temp & 0x00004000) << 4) | (($temp & 0x00000002) << 16)
|
783 |
-
| (($temp & 0x00442000) >> 6) | (($temp & 0x40800000) >> 15)
|
784 |
-
| (($temp & 0x00000001) << 11) | (($temp & 0x20000000) >> 20)
|
785 |
-
| (($temp & 0x00080000) >> 13) | (($temp & 0x00000004) << 3)
|
786 |
-
| (($temp & 0x04000000) >> 22) | (($temp & 0x00000480) >> 7)
|
787 |
-
| (($temp & 0x00200000) >> 19) | ($msb << 23);
|
788 |
-
// end of "the Feistel (F) function" - $newBlock is F's output
|
789 |
-
|
790 |
-
$temp = $block[1];
|
791 |
-
$block[1] = $block[0] ^ $newBlock;
|
792 |
-
$block[0] = $temp;
|
793 |
-
}
|
794 |
-
|
795 |
-
$msb = array(
|
796 |
-
($block[0] >> 31) & 1,
|
797 |
-
($block[1] >> 31) & 1
|
798 |
-
);
|
799 |
-
$block[0] &= 0x7FFFFFFF;
|
800 |
-
$block[1] &= 0x7FFFFFFF;
|
801 |
-
|
802 |
-
$block = array(
|
803 |
-
(($block[0] & 0x01000004) << 7) | (($block[1] & 0x01000004) << 6) |
|
804 |
-
(($block[0] & 0x00010000) << 13) | (($block[1] & 0x00010000) << 12) |
|
805 |
-
(($block[0] & 0x00000100) << 19) | (($block[1] & 0x00000100) << 18) |
|
806 |
-
(($block[0] & 0x00000001) << 25) | (($block[1] & 0x00000001) << 24) |
|
807 |
-
(($block[0] & 0x02000008) >> 2) | (($block[1] & 0x02000008) >> 3) |
|
808 |
-
(($block[0] & 0x00020000) << 4) | (($block[1] & 0x00020000) << 3) |
|
809 |
-
(($block[0] & 0x00000200) << 10) | (($block[1] & 0x00000200) << 9) |
|
810 |
-
(($block[0] & 0x00000002) << 16) | (($block[1] & 0x00000002) << 15) |
|
811 |
-
(($block[0] & 0x04000000) >> 11) | (($block[1] & 0x04000000) >> 12) |
|
812 |
-
(($block[0] & 0x00040000) >> 5) | (($block[1] & 0x00040000) >> 6) |
|
813 |
-
(($block[0] & 0x00000400) << 1) | ( $block[1] & 0x00000400 ) |
|
814 |
-
(($block[0] & 0x08000000) >> 20) | (($block[1] & 0x08000000) >> 21) |
|
815 |
-
(($block[0] & 0x00080000) >> 14) | (($block[1] & 0x00080000) >> 15) |
|
816 |
-
(($block[0] & 0x00000800) >> 8) | (($block[1] & 0x00000800) >> 9)
|
817 |
-
,
|
818 |
-
(($block[0] & 0x10000040) << 3) | (($block[1] & 0x10000040) << 2) |
|
819 |
-
(($block[0] & 0x00100000) << 9) | (($block[1] & 0x00100000) << 8) |
|
820 |
-
(($block[0] & 0x00001000) << 15) | (($block[1] & 0x00001000) << 14) |
|
821 |
-
(($block[0] & 0x00000010) << 21) | (($block[1] & 0x00000010) << 20) |
|
822 |
-
(($block[0] & 0x20000080) >> 6) | (($block[1] & 0x20000080) >> 7) |
|
823 |
-
( $block[0] & 0x00200000 ) | (($block[1] & 0x00200000) >> 1) |
|
824 |
-
(($block[0] & 0x00002000) << 6) | (($block[1] & 0x00002000) << 5) |
|
825 |
-
(($block[0] & 0x00000020) << 12) | (($block[1] & 0x00000020) << 11) |
|
826 |
-
(($block[0] & 0x40000000) >> 15) | (($block[1] & 0x40000000) >> 16) |
|
827 |
-
(($block[0] & 0x00400000) >> 9) | (($block[1] & 0x00400000) >> 10) |
|
828 |
-
(($block[0] & 0x00004000) >> 3) | (($block[1] & 0x00004000) >> 4) |
|
829 |
-
(($block[0] & 0x00800000) >> 18) | (($block[1] & 0x00800000) >> 19) |
|
830 |
-
(($block[0] & 0x00008000) >> 12) | (($block[1] & 0x00008000) >> 13) |
|
831 |
-
($msb[0] << 7) | ($msb[1] << 6)
|
832 |
-
);
|
833 |
-
|
834 |
-
return pack('NN', $block[0], $block[1]);
|
835 |
-
}
|
836 |
-
|
837 |
-
/**
|
838 |
-
* Creates the key schedule.
|
839 |
-
*
|
840 |
-
* @access private
|
841 |
-
* @param String $key
|
842 |
-
* @return Array
|
843 |
-
*/
|
844 |
-
function _prepareKey($key)
|
845 |
-
{
|
846 |
-
static $shifts = array( // number of key bits shifted per round
|
847 |
-
1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
|
848 |
-
);
|
849 |
-
|
850 |
-
// pad the key and remove extra characters as appropriate.
|
851 |
-
$key = str_pad(substr($key, 0, 8), 8, chr(0));
|
852 |
-
|
853 |
-
$temp = unpack('Na/Nb', $key);
|
854 |
-
$key = array($temp['a'], $temp['b']);
|
855 |
-
$msb = array(
|
856 |
-
($key[0] >> 31) & 1,
|
857 |
-
($key[1] >> 31) & 1
|
858 |
-
);
|
859 |
-
$key[0] &= 0x7FFFFFFF;
|
860 |
-
$key[1] &= 0x7FFFFFFF;
|
861 |
-
|
862 |
-
$key = array(
|
863 |
-
(($key[1] & 0x00000002) << 26) | (($key[1] & 0x00000204) << 17) |
|
864 |
-
(($key[1] & 0x00020408) << 8) | (($key[1] & 0x02040800) >> 1) |
|
865 |
-
(($key[0] & 0x00000002) << 22) | (($key[0] & 0x00000204) << 13) |
|
866 |
-
(($key[0] & 0x00020408) << 4) | (($key[0] & 0x02040800) >> 5) |
|
867 |
-
(($key[1] & 0x04080000) >> 10) | (($key[0] & 0x04080000) >> 14) |
|
868 |
-
(($key[1] & 0x08000000) >> 19) | (($key[0] & 0x08000000) >> 23) |
|
869 |
-
(($key[0] & 0x00000010) >> 1) | (($key[0] & 0x00001000) >> 10) |
|
870 |
-
(($key[0] & 0x00100000) >> 19) | (($key[0] & 0x10000000) >> 28)
|
871 |
-
,
|
872 |
-
(($key[1] & 0x00000080) << 20) | (($key[1] & 0x00008000) << 11) |
|
873 |
-
(($key[1] & 0x00800000) << 2) | (($key[0] & 0x00000080) << 16) |
|
874 |
-
(($key[0] & 0x00008000) << 7) | (($key[0] & 0x00800000) >> 2) |
|
875 |
-
(($key[1] & 0x00000040) << 13) | (($key[1] & 0x00004000) << 4) |
|
876 |
-
(($key[1] & 0x00400000) >> 5) | (($key[1] & 0x40000000) >> 14) |
|
877 |
-
(($key[0] & 0x00000040) << 9) | ( $key[0] & 0x00004000 ) |
|
878 |
-
(($key[0] & 0x00400000) >> 9) | (($key[0] & 0x40000000) >> 18) |
|
879 |
-
(($key[1] & 0x00000020) << 6) | (($key[1] & 0x00002000) >> 3) |
|
880 |
-
(($key[1] & 0x00200000) >> 12) | (($key[1] & 0x20000000) >> 21) |
|
881 |
-
(($key[0] & 0x00000020) << 2) | (($key[0] & 0x00002000) >> 7) |
|
882 |
-
(($key[0] & 0x00200000) >> 16) | (($key[0] & 0x20000000) >> 25) |
|
883 |
-
(($key[1] & 0x00000010) >> 1) | (($key[1] & 0x00001000) >> 10) |
|
884 |
-
(($key[1] & 0x00100000) >> 19) | (($key[1] & 0x10000000) >> 28) |
|
885 |
-
($msb[1] << 24) | ($msb[0] << 20)
|
886 |
-
);
|
887 |
-
|
888 |
-
$keys = array();
|
889 |
-
for ($i = 0; $i < 16; $i++) {
|
890 |
-
$key[0] <<= $shifts[$i];
|
891 |
-
$temp = ($key[0] & 0xF0000000) >> 28;
|
892 |
-
$key[0] = ($key[0] | $temp) & 0x0FFFFFFF;
|
893 |
-
|
894 |
-
$key[1] <<= $shifts[$i];
|
895 |
-
$temp = ($key[1] & 0xF0000000) >> 28;
|
896 |
-
$key[1] = ($key[1] | $temp) & 0x0FFFFFFF;
|
897 |
-
|
898 |
-
$temp = array(
|
899 |
-
(($key[1] & 0x00004000) >> 9) | (($key[1] & 0x00000800) >> 7) |
|
900 |
-
(($key[1] & 0x00020000) >> 14) | (($key[1] & 0x00000010) >> 2) |
|
901 |
-
(($key[1] & 0x08000000) >> 26) | (($key[1] & 0x00800000) >> 23)
|
902 |
-
,
|
903 |
-
(($key[1] & 0x02400000) >> 20) | (($key[1] & 0x00000001) << 4) |
|
904 |
-
(($key[1] & 0x00002000) >> 10) | (($key[1] & 0x00040000) >> 18) |
|
905 |
-
(($key[1] & 0x00000080) >> 6)
|
906 |
-
,
|
907 |
-
( $key[1] & 0x00000020 ) | (($key[1] & 0x00000200) >> 5) |
|
908 |
-
(($key[1] & 0x00010000) >> 13) | (($key[1] & 0x01000000) >> 22) |
|
909 |
-
(($key[1] & 0x00000004) >> 1) | (($key[1] & 0x00100000) >> 20)
|
910 |
-
,
|
911 |
-
(($key[1] & 0x00001000) >> 7) | (($key[1] & 0x00200000) >> 17) |
|
912 |
-
(($key[1] & 0x00000002) << 2) | (($key[1] & 0x00000100) >> 6) |
|
913 |
-
(($key[1] & 0x00008000) >> 14) | (($key[1] & 0x04000000) >> 26)
|
914 |
-
,
|
915 |
-
(($key[0] & 0x00008000) >> 10) | ( $key[0] & 0x00000010 ) |
|
916 |
-
(($key[0] & 0x02000000) >> 22) | (($key[0] & 0x00080000) >> 17) |
|
917 |
-
(($key[0] & 0x00000200) >> 8) | (($key[0] & 0x00000002) >> 1)
|
918 |
-
,
|
919 |
-
(($key[0] & 0x04000000) >> 21) | (($key[0] & 0x00010000) >> 12) |
|
920 |
-
(($key[0] & 0x00000020) >> 2) | (($key[0] & 0x00000800) >> 9) |
|
921 |
-
(($key[0] & 0x00800000) >> 22) | (($key[0] & 0x00000100) >> 8)
|
922 |
-
,
|
923 |
-
(($key[0] & 0x00001000) >> 7) | (($key[0] & 0x00000088) >> 3) |
|
924 |
-
(($key[0] & 0x00020000) >> 14) | (($key[0] & 0x00000001) << 2) |
|
925 |
-
(($key[0] & 0x00400000) >> 21)
|
926 |
-
,
|
927 |
-
(($key[0] & 0x00000400) >> 5) | (($key[0] & 0x00004000) >> 10) |
|
928 |
-
(($key[0] & 0x00000040) >> 3) | (($key[0] & 0x00100000) >> 18) |
|
929 |
-
(($key[0] & 0x08000000) >> 26) | (($key[0] & 0x01000000) >> 24)
|
930 |
-
);
|
931 |
-
|
932 |
-
$keys[] = $temp;
|
933 |
-
}
|
934 |
-
|
935 |
-
$temp = array(
|
936 |
-
CRYPT_DES_ENCRYPT => $keys,
|
937 |
-
CRYPT_DES_DECRYPT => array_reverse($keys)
|
938 |
-
);
|
939 |
-
|
940 |
-
return $temp;
|
941 |
-
}
|
942 |
-
}
|
943 |
-
|
944 |
-
// vim: ts=4:sw=4:et:
|
945 |
-
// vim6: fdl=1:
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of DES.
|
6 |
+
*
|
7 |
+
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
8 |
+
*
|
9 |
+
* PHP versions 4 and 5
|
10 |
+
*
|
11 |
+
* Useful resources are as follows:
|
12 |
+
*
|
13 |
+
* - {@link http://en.wikipedia.org/wiki/DES_supplementary_material Wikipedia: DES supplementary material}
|
14 |
+
* - {@link http://www.itl.nist.gov/fipspubs/fip46-2.htm FIPS 46-2 - (DES), Data Encryption Standard}
|
15 |
+
* - {@link http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-DES.html JavaScript DES Example}
|
16 |
+
*
|
17 |
+
* Here's a short example of how to use this library:
|
18 |
+
* <code>
|
19 |
+
* <?php
|
20 |
+
* include('Crypt/DES.php');
|
21 |
+
*
|
22 |
+
* $des = new Crypt_DES();
|
23 |
+
*
|
24 |
+
* $des->setKey('abcdefgh');
|
25 |
+
*
|
26 |
+
* $size = 10 * 1024;
|
27 |
+
* $plaintext = '';
|
28 |
+
* for ($i = 0; $i < $size; $i++) {
|
29 |
+
* $plaintext.= 'a';
|
30 |
+
* }
|
31 |
+
*
|
32 |
+
* echo $des->decrypt($des->encrypt($plaintext));
|
33 |
+
* ?>
|
34 |
+
* </code>
|
35 |
+
*
|
36 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
37 |
+
* modify it under the terms of the GNU Lesser General Public
|
38 |
+
* License as published by the Free Software Foundation; either
|
39 |
+
* version 2.1 of the License, or (at your option) any later version.
|
40 |
+
*
|
41 |
+
* This library is distributed in the hope that it will be useful,
|
42 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
43 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
44 |
+
* Lesser General Public License for more details.
|
45 |
+
*
|
46 |
+
* You should have received a copy of the GNU Lesser General Public
|
47 |
+
* License along with this library; if not, write to the Free Software
|
48 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
49 |
+
* MA 02111-1307 USA
|
50 |
+
*
|
51 |
+
* @category Crypt
|
52 |
+
* @package Crypt_DES
|
53 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
54 |
+
* @copyright MMVII Jim Wigginton
|
55 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
56 |
+
* @version $Id: DES.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
|
57 |
+
* @link http://phpseclib.sourceforge.net
|
58 |
+
*/
|
59 |
+
|
60 |
+
/**#@+
|
61 |
+
* @access private
|
62 |
+
* @see Crypt_DES::_prepareKey()
|
63 |
+
* @see Crypt_DES::_processBlock()
|
64 |
+
*/
|
65 |
+
/**
|
66 |
+
* Contains array_reverse($keys[CRYPT_DES_DECRYPT])
|
67 |
+
*/
|
68 |
+
define('CRYPT_DES_ENCRYPT', 0);
|
69 |
+
/**
|
70 |
+
* Contains array_reverse($keys[CRYPT_DES_ENCRYPT])
|
71 |
+
*/
|
72 |
+
define('CRYPT_DES_DECRYPT', 1);
|
73 |
+
/**#@-*/
|
74 |
+
|
75 |
+
/**#@+
|
76 |
+
* @access public
|
77 |
+
* @see Crypt_DES::encrypt()
|
78 |
+
* @see Crypt_DES::decrypt()
|
79 |
+
*/
|
80 |
+
/**
|
81 |
+
* Encrypt / decrypt using the Counter mode.
|
82 |
+
*
|
83 |
+
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
84 |
+
*
|
85 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
86 |
+
*/
|
87 |
+
define('CRYPT_DES_MODE_CTR', -1);
|
88 |
+
/**
|
89 |
+
* Encrypt / decrypt using the Electronic Code Book mode.
|
90 |
+
*
|
91 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
92 |
+
*/
|
93 |
+
define('CRYPT_DES_MODE_ECB', 1);
|
94 |
+
/**
|
95 |
+
* Encrypt / decrypt using the Code Book Chaining mode.
|
96 |
+
*
|
97 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
98 |
+
*/
|
99 |
+
define('CRYPT_DES_MODE_CBC', 2);
|
100 |
+
/**#@-*/
|
101 |
+
|
102 |
+
/**#@+
|
103 |
+
* @access private
|
104 |
+
* @see Crypt_DES::Crypt_DES()
|
105 |
+
*/
|
106 |
+
/**
|
107 |
+
* Toggles the internal implementation
|
108 |
+
*/
|
109 |
+
define('CRYPT_DES_MODE_INTERNAL', 1);
|
110 |
+
/**
|
111 |
+
* Toggles the mcrypt implementation
|
112 |
+
*/
|
113 |
+
define('CRYPT_DES_MODE_MCRYPT', 2);
|
114 |
+
/**#@-*/
|
115 |
+
|
116 |
+
/**
|
117 |
+
* Pure-PHP implementation of DES.
|
118 |
+
*
|
119 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
120 |
+
* @version 0.1.0
|
121 |
+
* @access public
|
122 |
+
* @package Crypt_DES
|
123 |
+
*/
|
124 |
+
class Crypt_DES {
|
125 |
+
/**
|
126 |
+
* The Key Schedule
|
127 |
+
*
|
128 |
+
* @see Crypt_DES::setKey()
|
129 |
+
* @var Array
|
130 |
+
* @access private
|
131 |
+
*/
|
132 |
+
var $keys = "\0\0\0\0\0\0\0\0";
|
133 |
+
|
134 |
+
/**
|
135 |
+
* The Encryption Mode
|
136 |
+
*
|
137 |
+
* @see Crypt_DES::Crypt_DES()
|
138 |
+
* @var Integer
|
139 |
+
* @access private
|
140 |
+
*/
|
141 |
+
var $mode;
|
142 |
+
|
143 |
+
/**
|
144 |
+
* Continuous Buffer status
|
145 |
+
*
|
146 |
+
* @see Crypt_DES::enableContinuousBuffer()
|
147 |
+
* @var Boolean
|
148 |
+
* @access private
|
149 |
+
*/
|
150 |
+
var $continuousBuffer = false;
|
151 |
+
|
152 |
+
/**
|
153 |
+
* Padding status
|
154 |
+
*
|
155 |
+
* @see Crypt_DES::enablePadding()
|
156 |
+
* @var Boolean
|
157 |
+
* @access private
|
158 |
+
*/
|
159 |
+
var $padding = true;
|
160 |
+
|
161 |
+
/**
|
162 |
+
* The Initialization Vector
|
163 |
+
*
|
164 |
+
* @see Crypt_DES::setIV()
|
165 |
+
* @var String
|
166 |
+
* @access private
|
167 |
+
*/
|
168 |
+
var $iv = "\0\0\0\0\0\0\0\0";
|
169 |
+
|
170 |
+
/**
|
171 |
+
* A "sliding" Initialization Vector
|
172 |
+
*
|
173 |
+
* @see Crypt_DES::enableContinuousBuffer()
|
174 |
+
* @var String
|
175 |
+
* @access private
|
176 |
+
*/
|
177 |
+
var $encryptIV = "\0\0\0\0\0\0\0\0";
|
178 |
+
|
179 |
+
/**
|
180 |
+
* A "sliding" Initialization Vector
|
181 |
+
*
|
182 |
+
* @see Crypt_DES::enableContinuousBuffer()
|
183 |
+
* @var String
|
184 |
+
* @access private
|
185 |
+
*/
|
186 |
+
var $decryptIV = "\0\0\0\0\0\0\0\0";
|
187 |
+
|
188 |
+
/**
|
189 |
+
* mcrypt resource for encryption
|
190 |
+
*
|
191 |
+
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
192 |
+
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
193 |
+
*
|
194 |
+
* @see Crypt_AES::encrypt()
|
195 |
+
* @var String
|
196 |
+
* @access private
|
197 |
+
*/
|
198 |
+
var $enmcrypt;
|
199 |
+
|
200 |
+
/**
|
201 |
+
* mcrypt resource for decryption
|
202 |
+
*
|
203 |
+
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
204 |
+
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
205 |
+
*
|
206 |
+
* @see Crypt_AES::decrypt()
|
207 |
+
* @var String
|
208 |
+
* @access private
|
209 |
+
*/
|
210 |
+
var $demcrypt;
|
211 |
+
|
212 |
+
/**
|
213 |
+
* Does the (en|de)mcrypt resource need to be (re)initialized?
|
214 |
+
*
|
215 |
+
* @see setKey()
|
216 |
+
* @see setIV()
|
217 |
+
* @var Boolean
|
218 |
+
* @access private
|
219 |
+
*/
|
220 |
+
var $changed = true;
|
221 |
+
|
222 |
+
/**
|
223 |
+
* Default Constructor.
|
224 |
+
*
|
225 |
+
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
226 |
+
* CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used.
|
227 |
+
*
|
228 |
+
* @param optional Integer $mode
|
229 |
+
* @return Crypt_DES
|
230 |
+
* @access public
|
231 |
+
*/
|
232 |
+
function Crypt_DES($mode = CRYPT_MODE_DES_CBC)
|
233 |
+
{
|
234 |
+
if ( !defined('CRYPT_DES_MODE') ) {
|
235 |
+
switch (true) {
|
236 |
+
case extension_loaded('mcrypt'):
|
237 |
+
// i'd check to see if des was supported, by doing in_array('des', mcrypt_list_algorithms('')),
|
238 |
+
// but since that can be changed after the object has been created, there doesn't seem to be
|
239 |
+
// a lot of point...
|
240 |
+
define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT);
|
241 |
+
break;
|
242 |
+
default:
|
243 |
+
define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL);
|
244 |
+
}
|
245 |
+
}
|
246 |
+
|
247 |
+
switch ( CRYPT_DES_MODE ) {
|
248 |
+
case CRYPT_DES_MODE_MCRYPT:
|
249 |
+
switch ($mode) {
|
250 |
+
case CRYPT_DES_MODE_ECB:
|
251 |
+
$this->mode = MCRYPT_MODE_ECB;
|
252 |
+
break;
|
253 |
+
case CRYPT_DES_MODE_CTR:
|
254 |
+
$this->mode = 'ctr';
|
255 |
+
//$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_DES_MODE_CTR;
|
256 |
+
break;
|
257 |
+
case CRYPT_DES_MODE_CBC:
|
258 |
+
default:
|
259 |
+
$this->mode = MCRYPT_MODE_CBC;
|
260 |
+
}
|
261 |
+
|
262 |
+
break;
|
263 |
+
default:
|
264 |
+
switch ($mode) {
|
265 |
+
case CRYPT_DES_MODE_ECB:
|
266 |
+
case CRYPT_DES_MODE_CTR:
|
267 |
+
case CRYPT_DES_MODE_CBC:
|
268 |
+
$this->mode = $mode;
|
269 |
+
break;
|
270 |
+
default:
|
271 |
+
$this->mode = CRYPT_DES_MODE_CBC;
|
272 |
+
}
|
273 |
+
}
|
274 |
+
}
|
275 |
+
|
276 |
+
/**
|
277 |
+
* Sets the key.
|
278 |
+
*
|
279 |
+
* Keys can be of any length. DES, itself, uses 64-bit keys (eg. strlen($key) == 8), however, we
|
280 |
+
* only use the first eight, if $key has more then eight characters in it, and pad $key with the
|
281 |
+
* null byte if it is less then eight characters long.
|
282 |
+
*
|
283 |
+
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
284 |
+
*
|
285 |
+
* If the key is not explicitly set, it'll be assumed to be all zero's.
|
286 |
+
*
|
287 |
+
* @access public
|
288 |
+
* @param String $key
|
289 |
+
*/
|
290 |
+
function setKey($key)
|
291 |
+
{
|
292 |
+
$this->keys = ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) ? substr($key, 0, 8) : $this->_prepareKey($key);
|
293 |
+
$this->changed = true;
|
294 |
+
}
|
295 |
+
|
296 |
+
/**
|
297 |
+
* Sets the initialization vector. (optional)
|
298 |
+
*
|
299 |
+
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed
|
300 |
+
* to be all zero's.
|
301 |
+
*
|
302 |
+
* @access public
|
303 |
+
* @param String $iv
|
304 |
+
*/
|
305 |
+
function setIV($iv)
|
306 |
+
{
|
307 |
+
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
|
308 |
+
$this->changed = true;
|
309 |
+
}
|
310 |
+
|
311 |
+
/**
|
312 |
+
* Generate CTR XOR encryption key
|
313 |
+
*
|
314 |
+
* Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
|
315 |
+
* plaintext / ciphertext in CTR mode.
|
316 |
+
*
|
317 |
+
* @see Crypt_DES::decrypt()
|
318 |
+
* @see Crypt_DES::encrypt()
|
319 |
+
* @access public
|
320 |
+
* @param Integer $length
|
321 |
+
* @param String $iv
|
322 |
+
*/
|
323 |
+
function _generate_xor($length, &$iv)
|
324 |
+
{
|
325 |
+
$xor = '';
|
326 |
+
$num_blocks = ($length + 7) >> 3;
|
327 |
+
for ($i = 0; $i < $num_blocks; $i++) {
|
328 |
+
$xor.= $iv;
|
329 |
+
for ($j = 4; $j <= 8; $j+=4) {
|
330 |
+
$temp = substr($iv, -$j, 4);
|
331 |
+
switch ($temp) {
|
332 |
+
case "\xFF\xFF\xFF\xFF":
|
333 |
+
$iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
|
334 |
+
break;
|
335 |
+
case "\x7F\xFF\xFF\xFF":
|
336 |
+
$iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
|
337 |
+
break 2;
|
338 |
+
default:
|
339 |
+
extract(unpack('Ncount', $temp));
|
340 |
+
$iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
|
341 |
+
break 2;
|
342 |
+
}
|
343 |
+
}
|
344 |
+
}
|
345 |
+
|
346 |
+
return $xor;
|
347 |
+
}
|
348 |
+
|
349 |
+
/**
|
350 |
+
* Encrypts a message.
|
351 |
+
*
|
352 |
+
* $plaintext will be padded with up to 8 additional bytes. Other DES implementations may or may not pad in the
|
353 |
+
* same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following
|
354 |
+
* URL:
|
355 |
+
*
|
356 |
+
* {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
|
357 |
+
*
|
358 |
+
* An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
|
359 |
+
* strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
|
360 |
+
* length.
|
361 |
+
*
|
362 |
+
* @see Crypt_DES::decrypt()
|
363 |
+
* @access public
|
364 |
+
* @param String $plaintext
|
365 |
+
*/
|
366 |
+
function encrypt($plaintext)
|
367 |
+
{
|
368 |
+
if ($this->mode != CRYPT_DES_MODE_CTR && $this->mode != 'ctr') {
|
369 |
+
$plaintext = $this->_pad($plaintext);
|
370 |
+
}
|
371 |
+
|
372 |
+
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
373 |
+
if ($this->changed) {
|
374 |
+
if (!isset($this->enmcrypt)) {
|
375 |
+
$this->enmcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, '');
|
376 |
+
}
|
377 |
+
mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV);
|
378 |
+
$this->changed = false;
|
379 |
+
}
|
380 |
+
|
381 |
+
$ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
|
382 |
+
|
383 |
+
if (!$this->continuousBuffer) {
|
384 |
+
mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV);
|
385 |
+
}
|
386 |
+
|
387 |
+
return $ciphertext;
|
388 |
+
}
|
389 |
+
|
390 |
+
if (!is_array($this->keys)) {
|
391 |
+
$this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0");
|
392 |
+
}
|
393 |
+
|
394 |
+
$ciphertext = '';
|
395 |
+
switch ($this->mode) {
|
396 |
+
case CRYPT_DES_MODE_ECB:
|
397 |
+
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
398 |
+
$ciphertext.= $this->_processBlock(substr($plaintext, $i, 8), CRYPT_DES_ENCRYPT);
|
399 |
+
}
|
400 |
+
break;
|
401 |
+
case CRYPT_DES_MODE_CBC:
|
402 |
+
$xor = $this->encryptIV;
|
403 |
+
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
404 |
+
$block = substr($plaintext, $i, 8);
|
405 |
+
$block = $this->_processBlock($block ^ $xor, CRYPT_DES_ENCRYPT);
|
406 |
+
$xor = $block;
|
407 |
+
$ciphertext.= $block;
|
408 |
+
}
|
409 |
+
if ($this->continuousBuffer) {
|
410 |
+
$this->encryptIV = $xor;
|
411 |
+
}
|
412 |
+
break;
|
413 |
+
case CRYPT_DES_MODE_CTR:
|
414 |
+
$xor = $this->encryptIV;
|
415 |
+
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
416 |
+
$block = substr($plaintext, $i, 8);
|
417 |
+
$key = $this->_processBlock($this->_generate_xor(8, $xor), CRYPT_DES_ENCRYPT);
|
418 |
+
$ciphertext.= $block ^ $key;
|
419 |
+
}
|
420 |
+
if ($this->continuousBuffer) {
|
421 |
+
$this->encryptIV = $xor;
|
422 |
+
}
|
423 |
+
}
|
424 |
+
|
425 |
+
return $ciphertext;
|
426 |
+
}
|
427 |
+
|
428 |
+
/**
|
429 |
+
* Decrypts a message.
|
430 |
+
*
|
431 |
+
* If strlen($ciphertext) is not a multiple of 8, null bytes will be added to the end of the string until it is.
|
432 |
+
*
|
433 |
+
* @see Crypt_DES::encrypt()
|
434 |
+
* @access public
|
435 |
+
* @param String $ciphertext
|
436 |
+
*/
|
437 |
+
function decrypt($ciphertext)
|
438 |
+
{
|
439 |
+
if ($this->mode != CRYPT_DES_MODE_CTR && $this->mode != 'ctr') {
|
440 |
+
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
441 |
+
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
442 |
+
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0));
|
443 |
+
}
|
444 |
+
|
445 |
+
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
446 |
+
if ($this->changed) {
|
447 |
+
if (!isset($this->demcrypt)) {
|
448 |
+
$this->demcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, '');
|
449 |
+
}
|
450 |
+
mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV);
|
451 |
+
$this->changed = false;
|
452 |
+
}
|
453 |
+
|
454 |
+
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
|
455 |
+
|
456 |
+
if (!$this->continuousBuffer) {
|
457 |
+
mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV);
|
458 |
+
}
|
459 |
+
|
460 |
+
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
|
461 |
+
}
|
462 |
+
|
463 |
+
if (!is_array($this->keys)) {
|
464 |
+
$this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0");
|
465 |
+
}
|
466 |
+
|
467 |
+
$plaintext = '';
|
468 |
+
switch ($this->mode) {
|
469 |
+
case CRYPT_DES_MODE_ECB:
|
470 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
471 |
+
$plaintext.= $this->_processBlock(substr($ciphertext, $i, 8), CRYPT_DES_DECRYPT);
|
472 |
+
}
|
473 |
+
break;
|
474 |
+
case CRYPT_DES_MODE_CBC:
|
475 |
+
$xor = $this->decryptIV;
|
476 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
477 |
+
$block = substr($ciphertext, $i, 8);
|
478 |
+
$plaintext.= $this->_processBlock($block, CRYPT_DES_DECRYPT) ^ $xor;
|
479 |
+
$xor = $block;
|
480 |
+
}
|
481 |
+
if ($this->continuousBuffer) {
|
482 |
+
$this->decryptIV = $xor;
|
483 |
+
}
|
484 |
+
break;
|
485 |
+
case CRYPT_DES_MODE_CTR:
|
486 |
+
$xor = $this->decryptIV;
|
487 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
488 |
+
$block = substr($ciphertext, $i, 8);
|
489 |
+
$key = $this->_processBlock($this->_generate_xor(8, $xor), CRYPT_DES_ENCRYPT);
|
490 |
+
$plaintext.= $block ^ $key;
|
491 |
+
}
|
492 |
+
if ($this->continuousBuffer) {
|
493 |
+
$this->decryptIV = $xor;
|
494 |
+
}
|
495 |
+
}
|
496 |
+
|
497 |
+
return $this->mode != CRYPT_DES_MODE_CTR ? $this->_unpad($plaintext) : $plaintext;
|
498 |
+
}
|
499 |
+
|
500 |
+
/**
|
501 |
+
* Treat consecutive "packets" as if they are a continuous buffer.
|
502 |
+
*
|
503 |
+
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
504 |
+
* will yield different outputs:
|
505 |
+
*
|
506 |
+
* <code>
|
507 |
+
* echo $des->encrypt(substr($plaintext, 0, 8));
|
508 |
+
* echo $des->encrypt(substr($plaintext, 8, 8));
|
509 |
+
* </code>
|
510 |
+
* <code>
|
511 |
+
* echo $des->encrypt($plaintext);
|
512 |
+
* </code>
|
513 |
+
*
|
514 |
+
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
515 |
+
* another, as demonstrated with the following:
|
516 |
+
*
|
517 |
+
* <code>
|
518 |
+
* $des->encrypt(substr($plaintext, 0, 8));
|
519 |
+
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
520 |
+
* </code>
|
521 |
+
* <code>
|
522 |
+
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
523 |
+
* </code>
|
524 |
+
*
|
525 |
+
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
526 |
+
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
527 |
+
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
528 |
+
*
|
529 |
+
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
530 |
+
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
531 |
+
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
532 |
+
* however, they are also less intuitive and more likely to cause you problems.
|
533 |
+
*
|
534 |
+
* @see Crypt_DES::disableContinuousBuffer()
|
535 |
+
* @access public
|
536 |
+
*/
|
537 |
+
function enableContinuousBuffer()
|
538 |
+
{
|
539 |
+
$this->continuousBuffer = true;
|
540 |
+
}
|
541 |
+
|
542 |
+
/**
|
543 |
+
* Treat consecutive packets as if they are a discontinuous buffer.
|
544 |
+
*
|
545 |
+
* The default behavior.
|
546 |
+
*
|
547 |
+
* @see Crypt_DES::enableContinuousBuffer()
|
548 |
+
* @access public
|
549 |
+
*/
|
550 |
+
function disableContinuousBuffer()
|
551 |
+
{
|
552 |
+
$this->continuousBuffer = false;
|
553 |
+
$this->encryptIV = $this->iv;
|
554 |
+
$this->decryptIV = $this->iv;
|
555 |
+
}
|
556 |
+
|
557 |
+
/**
|
558 |
+
* Pad "packets".
|
559 |
+
*
|
560 |
+
* DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not
|
561 |
+
* a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight.
|
562 |
+
*
|
563 |
+
* Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1,
|
564 |
+
* where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
|
565 |
+
* away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
|
566 |
+
* transmitted separately)
|
567 |
+
*
|
568 |
+
* @see Crypt_DES::disablePadding()
|
569 |
+
* @access public
|
570 |
+
*/
|
571 |
+
function enablePadding()
|
572 |
+
{
|
573 |
+
$this->padding = true;
|
574 |
+
}
|
575 |
+
|
576 |
+
/**
|
577 |
+
* Do not pad packets.
|
578 |
+
*
|
579 |
+
* @see Crypt_DES::enablePadding()
|
580 |
+
* @access public
|
581 |
+
*/
|
582 |
+
function disablePadding()
|
583 |
+
{
|
584 |
+
$this->padding = false;
|
585 |
+
}
|
586 |
+
|
587 |
+
/**
|
588 |
+
* Pads a string
|
589 |
+
*
|
590 |
+
* Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8).
|
591 |
+
* 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7)
|
592 |
+
*
|
593 |
+
* If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
|
594 |
+
* and padding will, hence forth, be enabled.
|
595 |
+
*
|
596 |
+
* @see Crypt_DES::_unpad()
|
597 |
+
* @access private
|
598 |
+
*/
|
599 |
+
function _pad($text)
|
600 |
+
{
|
601 |
+
$length = strlen($text);
|
602 |
+
|
603 |
+
if (!$this->padding) {
|
604 |
+
if (($length & 7) == 0) {
|
605 |
+
return $text;
|
606 |
+
} else {
|
607 |
+
user_error("The plaintext's length ($length) is not a multiple of the block size (8)", E_USER_NOTICE);
|
608 |
+
$this->padding = true;
|
609 |
+
}
|
610 |
+
}
|
611 |
+
|
612 |
+
$pad = 8 - ($length & 7);
|
613 |
+
return str_pad($text, $length + $pad, chr($pad));
|
614 |
+
}
|
615 |
+
|
616 |
+
/**
|
617 |
+
* Unpads a string
|
618 |
+
*
|
619 |
+
* If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
|
620 |
+
* and false will be returned.
|
621 |
+
*
|
622 |
+
* @see Crypt_DES::_pad()
|
623 |
+
* @access private
|
624 |
+
*/
|
625 |
+
function _unpad($text)
|
626 |
+
{
|
627 |
+
if (!$this->padding) {
|
628 |
+
return $text;
|
629 |
+
}
|
630 |
+
|
631 |
+
$length = ord($text[strlen($text) - 1]);
|
632 |
+
|
633 |
+
if (!$length || $length > 8) {
|
634 |
+
return false;
|
635 |
+
}
|
636 |
+
|
637 |
+
return substr($text, 0, -$length);
|
638 |
+
}
|
639 |
+
|
640 |
+
/**
|
641 |
+
* Encrypts or decrypts a 64-bit block
|
642 |
+
*
|
643 |
+
* $mode should be either CRYPT_DES_ENCRYPT or CRYPT_DES_DECRYPT. See
|
644 |
+
* {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general
|
645 |
+
* idea of what this function does.
|
646 |
+
*
|
647 |
+
* @access private
|
648 |
+
* @param String $block
|
649 |
+
* @param Integer $mode
|
650 |
+
* @return String
|
651 |
+
*/
|
652 |
+
function _processBlock($block, $mode)
|
653 |
+
{
|
654 |
+
// s-boxes. in the official DES docs, they're described as being matrices that
|
655 |
+
// one accesses by using the first and last bits to determine the row and the
|
656 |
+
// middle four bits to determine the column. in this implementation, they've
|
657 |
+
// been converted to vectors
|
658 |
+
static $sbox = array(
|
659 |
+
array(
|
660 |
+
14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
|
661 |
+
3, 10 ,10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
|
662 |
+
4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
|
663 |
+
15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13
|
664 |
+
),
|
665 |
+
array(
|
666 |
+
15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
|
667 |
+
9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
|
668 |
+
0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
|
669 |
+
5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9
|
670 |
+
),
|
671 |
+
array(
|
672 |
+
10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
|
673 |
+
1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
|
674 |
+
13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
|
675 |
+
11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12
|
676 |
+
),
|
677 |
+
array(
|
678 |
+
7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
|
679 |
+
1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
|
680 |
+
10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
|
681 |
+
15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14
|
682 |
+
),
|
683 |
+
array(
|
684 |
+
2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
|
685 |
+
8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
|
686 |
+
4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
|
687 |
+
15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3
|
688 |
+
),
|
689 |
+
array(
|
690 |
+
12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
|
691 |
+
0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
|
692 |
+
9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
|
693 |
+
7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13
|
694 |
+
),
|
695 |
+
array(
|
696 |
+
4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
|
697 |
+
3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
|
698 |
+
1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
|
699 |
+
10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12
|
700 |
+
),
|
701 |
+
array(
|
702 |
+
13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
|
703 |
+
10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
|
704 |
+
7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
|
705 |
+
0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
|
706 |
+
)
|
707 |
+
);
|
708 |
+
|
709 |
+
$keys = $this->keys;
|
710 |
+
|
711 |
+
$temp = unpack('Na/Nb', $block);
|
712 |
+
$block = array($temp['a'], $temp['b']);
|
713 |
+
|
714 |
+
// because php does arithmetic right shifts, if the most significant bits are set, right
|
715 |
+
// shifting those into the correct position will add 1's - not 0's. this will intefere
|
716 |
+
// with the | operation unless a second & is done. so we isolate these bits and left shift
|
717 |
+
// them into place. we then & each block with 0x7FFFFFFF to prevennt 1's from being added
|
718 |
+
// for any other shifts.
|
719 |
+
$msb = array(
|
720 |
+
($block[0] >> 31) & 1,
|
721 |
+
($block[1] >> 31) & 1
|
722 |
+
);
|
723 |
+
$block[0] &= 0x7FFFFFFF;
|
724 |
+
$block[1] &= 0x7FFFFFFF;
|
725 |
+
|
726 |
+
// we isolate the appropriate bit in the appropriate integer and shift as appropriate. in
|
727 |
+
// some cases, there are going to be multiple bits in the same integer that need to be shifted
|
728 |
+
// in the same way. we combine those into one shift operation.
|
729 |
+
$block = array(
|
730 |
+
(($block[1] & 0x00000040) << 25) | (($block[1] & 0x00004000) << 16) |
|
731 |
+
(($block[1] & 0x00400001) << 7) | (($block[1] & 0x40000100) >> 2) |
|
732 |
+
(($block[0] & 0x00000040) << 21) | (($block[0] & 0x00004000) << 12) |
|
733 |
+
(($block[0] & 0x00400001) << 3) | (($block[0] & 0x40000100) >> 6) |
|
734 |
+
(($block[1] & 0x00000010) << 19) | (($block[1] & 0x00001000) << 10) |
|
735 |
+
(($block[1] & 0x00100000) << 1) | (($block[1] & 0x10000000) >> 8) |
|
736 |
+
(($block[0] & 0x00000010) << 15) | (($block[0] & 0x00001000) << 6) |
|
737 |
+
(($block[0] & 0x00100000) >> 3) | (($block[0] & 0x10000000) >> 12) |
|
738 |
+
(($block[1] & 0x00000004) << 13) | (($block[1] & 0x00000400) << 4) |
|
739 |
+
(($block[1] & 0x00040000) >> 5) | (($block[1] & 0x04000000) >> 14) |
|
740 |
+
(($block[0] & 0x00000004) << 9) | ( $block[0] & 0x00000400 ) |
|
741 |
+
(($block[0] & 0x00040000) >> 9) | (($block[0] & 0x04000000) >> 18) |
|
742 |
+
(($block[1] & 0x00010000) >> 11) | (($block[1] & 0x01000000) >> 20) |
|
743 |
+
(($block[0] & 0x00010000) >> 15) | (($block[0] & 0x01000000) >> 24)
|
744 |
+
,
|
745 |
+
(($block[1] & 0x00000080) << 24) | (($block[1] & 0x00008000) << 15) |
|
746 |
+
(($block[1] & 0x00800002) << 6) | (($block[0] & 0x00000080) << 20) |
|
747 |
+
(($block[0] & 0x00008000) << 11) | (($block[0] & 0x00800002) << 2) |
|
748 |
+
(($block[1] & 0x00000020) << 18) | (($block[1] & 0x00002000) << 9) |
|
749 |
+
( $block[1] & 0x00200000 ) | (($block[1] & 0x20000000) >> 9) |
|
750 |
+
(($block[0] & 0x00000020) << 14) | (($block[0] & 0x00002000) << 5) |
|
751 |
+
(($block[0] & 0x00200000) >> 4) | (($block[0] & 0x20000000) >> 13) |
|
752 |
+
(($block[1] & 0x00000008) << 12) | (($block[1] & 0x00000800) << 3) |
|
753 |
+
(($block[1] & 0x00080000) >> 6) | (($block[1] & 0x08000000) >> 15) |
|
754 |
+
(($block[0] & 0x00000008) << 8) | (($block[0] & 0x00000800) >> 1) |
|
755 |
+
(($block[0] & 0x00080000) >> 10) | (($block[0] & 0x08000000) >> 19) |
|
756 |
+
(($block[1] & 0x00000200) >> 3) | (($block[0] & 0x00000200) >> 7) |
|
757 |
+
(($block[1] & 0x00020000) >> 12) | (($block[1] & 0x02000000) >> 21) |
|
758 |
+
(($block[0] & 0x00020000) >> 16) | (($block[0] & 0x02000000) >> 25) |
|
759 |
+
($msb[1] << 28) | ($msb[0] << 24)
|
760 |
+
);
|
761 |
+
|
762 |
+
for ($i = 0; $i < 16; $i++) {
|
763 |
+
// start of "the Feistel (F) function" - see the following URL:
|
764 |
+
// http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png
|
765 |
+
$temp = (($sbox[0][((($block[1] >> 27) & 0x1F) | (($block[1] & 1) << 5)) ^ $keys[$mode][$i][0]]) << 28)
|
766 |
+
| (($sbox[1][(($block[1] & 0x1F800000) >> 23) ^ $keys[$mode][$i][1]]) << 24)
|
767 |
+
| (($sbox[2][(($block[1] & 0x01F80000) >> 19) ^ $keys[$mode][$i][2]]) << 20)
|
768 |
+
| (($sbox[3][(($block[1] & 0x001F8000) >> 15) ^ $keys[$mode][$i][3]]) << 16)
|
769 |
+
| (($sbox[4][(($block[1] & 0x0001F800) >> 11) ^ $keys[$mode][$i][4]]) << 12)
|
770 |
+
| (($sbox[5][(($block[1] & 0x00001F80) >> 7) ^ $keys[$mode][$i][5]]) << 8)
|
771 |
+
| (($sbox[6][(($block[1] & 0x000001F8) >> 3) ^ $keys[$mode][$i][6]]) << 4)
|
772 |
+
| ( $sbox[7][((($block[1] & 0x1F) << 1) | (($block[1] >> 31) & 1)) ^ $keys[$mode][$i][7]]);
|
773 |
+
|
774 |
+
$msb = ($temp >> 31) & 1;
|
775 |
+
$temp &= 0x7FFFFFFF;
|
776 |
+
$newBlock = (($temp & 0x00010000) << 15) | (($temp & 0x02020120) << 5)
|
777 |
+
| (($temp & 0x00001800) << 17) | (($temp & 0x01000000) >> 10)
|
778 |
+
| (($temp & 0x00000008) << 24) | (($temp & 0x00100000) << 6)
|
779 |
+
| (($temp & 0x00000010) << 21) | (($temp & 0x00008000) << 9)
|
780 |
+
| (($temp & 0x00000200) << 12) | (($temp & 0x10000000) >> 27)
|
781 |
+
| (($temp & 0x00000040) << 14) | (($temp & 0x08000000) >> 8)
|
782 |
+
| (($temp & 0x00004000) << 4) | (($temp & 0x00000002) << 16)
|
783 |
+
| (($temp & 0x00442000) >> 6) | (($temp & 0x40800000) >> 15)
|
784 |
+
| (($temp & 0x00000001) << 11) | (($temp & 0x20000000) >> 20)
|
785 |
+
| (($temp & 0x00080000) >> 13) | (($temp & 0x00000004) << 3)
|
786 |
+
| (($temp & 0x04000000) >> 22) | (($temp & 0x00000480) >> 7)
|
787 |
+
| (($temp & 0x00200000) >> 19) | ($msb << 23);
|
788 |
+
// end of "the Feistel (F) function" - $newBlock is F's output
|
789 |
+
|
790 |
+
$temp = $block[1];
|
791 |
+
$block[1] = $block[0] ^ $newBlock;
|
792 |
+
$block[0] = $temp;
|
793 |
+
}
|
794 |
+
|
795 |
+
$msb = array(
|
796 |
+
($block[0] >> 31) & 1,
|
797 |
+
($block[1] >> 31) & 1
|
798 |
+
);
|
799 |
+
$block[0] &= 0x7FFFFFFF;
|
800 |
+
$block[1] &= 0x7FFFFFFF;
|
801 |
+
|
802 |
+
$block = array(
|
803 |
+
(($block[0] & 0x01000004) << 7) | (($block[1] & 0x01000004) << 6) |
|
804 |
+
(($block[0] & 0x00010000) << 13) | (($block[1] & 0x00010000) << 12) |
|
805 |
+
(($block[0] & 0x00000100) << 19) | (($block[1] & 0x00000100) << 18) |
|
806 |
+
(($block[0] & 0x00000001) << 25) | (($block[1] & 0x00000001) << 24) |
|
807 |
+
(($block[0] & 0x02000008) >> 2) | (($block[1] & 0x02000008) >> 3) |
|
808 |
+
(($block[0] & 0x00020000) << 4) | (($block[1] & 0x00020000) << 3) |
|
809 |
+
(($block[0] & 0x00000200) << 10) | (($block[1] & 0x00000200) << 9) |
|
810 |
+
(($block[0] & 0x00000002) << 16) | (($block[1] & 0x00000002) << 15) |
|
811 |
+
(($block[0] & 0x04000000) >> 11) | (($block[1] & 0x04000000) >> 12) |
|
812 |
+
(($block[0] & 0x00040000) >> 5) | (($block[1] & 0x00040000) >> 6) |
|
813 |
+
(($block[0] & 0x00000400) << 1) | ( $block[1] & 0x00000400 ) |
|
814 |
+
(($block[0] & 0x08000000) >> 20) | (($block[1] & 0x08000000) >> 21) |
|
815 |
+
(($block[0] & 0x00080000) >> 14) | (($block[1] & 0x00080000) >> 15) |
|
816 |
+
(($block[0] & 0x00000800) >> 8) | (($block[1] & 0x00000800) >> 9)
|
817 |
+
,
|
818 |
+
(($block[0] & 0x10000040) << 3) | (($block[1] & 0x10000040) << 2) |
|
819 |
+
(($block[0] & 0x00100000) << 9) | (($block[1] & 0x00100000) << 8) |
|
820 |
+
(($block[0] & 0x00001000) << 15) | (($block[1] & 0x00001000) << 14) |
|
821 |
+
(($block[0] & 0x00000010) << 21) | (($block[1] & 0x00000010) << 20) |
|
822 |
+
(($block[0] & 0x20000080) >> 6) | (($block[1] & 0x20000080) >> 7) |
|
823 |
+
( $block[0] & 0x00200000 ) | (($block[1] & 0x00200000) >> 1) |
|
824 |
+
(($block[0] & 0x00002000) << 6) | (($block[1] & 0x00002000) << 5) |
|
825 |
+
(($block[0] & 0x00000020) << 12) | (($block[1] & 0x00000020) << 11) |
|
826 |
+
(($block[0] & 0x40000000) >> 15) | (($block[1] & 0x40000000) >> 16) |
|
827 |
+
(($block[0] & 0x00400000) >> 9) | (($block[1] & 0x00400000) >> 10) |
|
828 |
+
(($block[0] & 0x00004000) >> 3) | (($block[1] & 0x00004000) >> 4) |
|
829 |
+
(($block[0] & 0x00800000) >> 18) | (($block[1] & 0x00800000) >> 19) |
|
830 |
+
(($block[0] & 0x00008000) >> 12) | (($block[1] & 0x00008000) >> 13) |
|
831 |
+
($msb[0] << 7) | ($msb[1] << 6)
|
832 |
+
);
|
833 |
+
|
834 |
+
return pack('NN', $block[0], $block[1]);
|
835 |
+
}
|
836 |
+
|
837 |
+
/**
|
838 |
+
* Creates the key schedule.
|
839 |
+
*
|
840 |
+
* @access private
|
841 |
+
* @param String $key
|
842 |
+
* @return Array
|
843 |
+
*/
|
844 |
+
function _prepareKey($key)
|
845 |
+
{
|
846 |
+
static $shifts = array( // number of key bits shifted per round
|
847 |
+
1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
|
848 |
+
);
|
849 |
+
|
850 |
+
// pad the key and remove extra characters as appropriate.
|
851 |
+
$key = str_pad(substr($key, 0, 8), 8, chr(0));
|
852 |
+
|
853 |
+
$temp = unpack('Na/Nb', $key);
|
854 |
+
$key = array($temp['a'], $temp['b']);
|
855 |
+
$msb = array(
|
856 |
+
($key[0] >> 31) & 1,
|
857 |
+
($key[1] >> 31) & 1
|
858 |
+
);
|
859 |
+
$key[0] &= 0x7FFFFFFF;
|
860 |
+
$key[1] &= 0x7FFFFFFF;
|
861 |
+
|
862 |
+
$key = array(
|
863 |
+
(($key[1] & 0x00000002) << 26) | (($key[1] & 0x00000204) << 17) |
|
864 |
+
(($key[1] & 0x00020408) << 8) | (($key[1] & 0x02040800) >> 1) |
|
865 |
+
(($key[0] & 0x00000002) << 22) | (($key[0] & 0x00000204) << 13) |
|
866 |
+
(($key[0] & 0x00020408) << 4) | (($key[0] & 0x02040800) >> 5) |
|
867 |
+
(($key[1] & 0x04080000) >> 10) | (($key[0] & 0x04080000) >> 14) |
|
868 |
+
(($key[1] & 0x08000000) >> 19) | (($key[0] & 0x08000000) >> 23) |
|
869 |
+
(($key[0] & 0x00000010) >> 1) | (($key[0] & 0x00001000) >> 10) |
|
870 |
+
(($key[0] & 0x00100000) >> 19) | (($key[0] & 0x10000000) >> 28)
|
871 |
+
,
|
872 |
+
(($key[1] & 0x00000080) << 20) | (($key[1] & 0x00008000) << 11) |
|
873 |
+
(($key[1] & 0x00800000) << 2) | (($key[0] & 0x00000080) << 16) |
|
874 |
+
(($key[0] & 0x00008000) << 7) | (($key[0] & 0x00800000) >> 2) |
|
875 |
+
(($key[1] & 0x00000040) << 13) | (($key[1] & 0x00004000) << 4) |
|
876 |
+
(($key[1] & 0x00400000) >> 5) | (($key[1] & 0x40000000) >> 14) |
|
877 |
+
(($key[0] & 0x00000040) << 9) | ( $key[0] & 0x00004000 ) |
|
878 |
+
(($key[0] & 0x00400000) >> 9) | (($key[0] & 0x40000000) >> 18) |
|
879 |
+
(($key[1] & 0x00000020) << 6) | (($key[1] & 0x00002000) >> 3) |
|
880 |
+
(($key[1] & 0x00200000) >> 12) | (($key[1] & 0x20000000) >> 21) |
|
881 |
+
(($key[0] & 0x00000020) << 2) | (($key[0] & 0x00002000) >> 7) |
|
882 |
+
(($key[0] & 0x00200000) >> 16) | (($key[0] & 0x20000000) >> 25) |
|
883 |
+
(($key[1] & 0x00000010) >> 1) | (($key[1] & 0x00001000) >> 10) |
|
884 |
+
(($key[1] & 0x00100000) >> 19) | (($key[1] & 0x10000000) >> 28) |
|
885 |
+
($msb[1] << 24) | ($msb[0] << 20)
|
886 |
+
);
|
887 |
+
|
888 |
+
$keys = array();
|
889 |
+
for ($i = 0; $i < 16; $i++) {
|
890 |
+
$key[0] <<= $shifts[$i];
|
891 |
+
$temp = ($key[0] & 0xF0000000) >> 28;
|
892 |
+
$key[0] = ($key[0] | $temp) & 0x0FFFFFFF;
|
893 |
+
|
894 |
+
$key[1] <<= $shifts[$i];
|
895 |
+
$temp = ($key[1] & 0xF0000000) >> 28;
|
896 |
+
$key[1] = ($key[1] | $temp) & 0x0FFFFFFF;
|
897 |
+
|
898 |
+
$temp = array(
|
899 |
+
(($key[1] & 0x00004000) >> 9) | (($key[1] & 0x00000800) >> 7) |
|
900 |
+
(($key[1] & 0x00020000) >> 14) | (($key[1] & 0x00000010) >> 2) |
|
901 |
+
(($key[1] & 0x08000000) >> 26) | (($key[1] & 0x00800000) >> 23)
|
902 |
+
,
|
903 |
+
(($key[1] & 0x02400000) >> 20) | (($key[1] & 0x00000001) << 4) |
|
904 |
+
(($key[1] & 0x00002000) >> 10) | (($key[1] & 0x00040000) >> 18) |
|
905 |
+
(($key[1] & 0x00000080) >> 6)
|
906 |
+
,
|
907 |
+
( $key[1] & 0x00000020 ) | (($key[1] & 0x00000200) >> 5) |
|
908 |
+
(($key[1] & 0x00010000) >> 13) | (($key[1] & 0x01000000) >> 22) |
|
909 |
+
(($key[1] & 0x00000004) >> 1) | (($key[1] & 0x00100000) >> 20)
|
910 |
+
,
|
911 |
+
(($key[1] & 0x00001000) >> 7) | (($key[1] & 0x00200000) >> 17) |
|
912 |
+
(($key[1] & 0x00000002) << 2) | (($key[1] & 0x00000100) >> 6) |
|
913 |
+
(($key[1] & 0x00008000) >> 14) | (($key[1] & 0x04000000) >> 26)
|
914 |
+
,
|
915 |
+
(($key[0] & 0x00008000) >> 10) | ( $key[0] & 0x00000010 ) |
|
916 |
+
(($key[0] & 0x02000000) >> 22) | (($key[0] & 0x00080000) >> 17) |
|
917 |
+
(($key[0] & 0x00000200) >> 8) | (($key[0] & 0x00000002) >> 1)
|
918 |
+
,
|
919 |
+
(($key[0] & 0x04000000) >> 21) | (($key[0] & 0x00010000) >> 12) |
|
920 |
+
(($key[0] & 0x00000020) >> 2) | (($key[0] & 0x00000800) >> 9) |
|
921 |
+
(($key[0] & 0x00800000) >> 22) | (($key[0] & 0x00000100) >> 8)
|
922 |
+
,
|
923 |
+
(($key[0] & 0x00001000) >> 7) | (($key[0] & 0x00000088) >> 3) |
|
924 |
+
(($key[0] & 0x00020000) >> 14) | (($key[0] & 0x00000001) << 2) |
|
925 |
+
(($key[0] & 0x00400000) >> 21)
|
926 |
+
,
|
927 |
+
(($key[0] & 0x00000400) >> 5) | (($key[0] & 0x00004000) >> 10) |
|
928 |
+
(($key[0] & 0x00000040) >> 3) | (($key[0] & 0x00100000) >> 18) |
|
929 |
+
(($key[0] & 0x08000000) >> 26) | (($key[0] & 0x01000000) >> 24)
|
930 |
+
);
|
931 |
+
|
932 |
+
$keys[] = $temp;
|
933 |
+
}
|
934 |
+
|
935 |
+
$temp = array(
|
936 |
+
CRYPT_DES_ENCRYPT => $keys,
|
937 |
+
CRYPT_DES_DECRYPT => array_reverse($keys)
|
938 |
+
);
|
939 |
+
|
940 |
+
return $temp;
|
941 |
+
}
|
942 |
+
}
|
943 |
+
|
944 |
+
// vim: ts=4:sw=4:et:
|
945 |
+
// vim6: fdl=1:
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/Hash.php
CHANGED
@@ -1,816 +1,816 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
|
6 |
-
*
|
7 |
-
* Uses hash() or mhash() if available and an internal implementation, otherwise. Currently supports the following:
|
8 |
-
*
|
9 |
-
* md2, md5, md5-96, sha1, sha1-96, sha256, sha384, and sha512
|
10 |
-
*
|
11 |
-
* If {@link Crypt_Hash::setKey() setKey()} is called, {@link Crypt_Hash::hash() hash()} will return the HMAC as opposed to
|
12 |
-
* the hash. If no valid algorithm is provided, sha1 will be used.
|
13 |
-
*
|
14 |
-
* PHP versions 4 and 5
|
15 |
-
*
|
16 |
-
* {@internal The variable names are the same as those in
|
17 |
-
* {@link http://tools.ietf.org/html/rfc2104#section-2 RFC2104}.}}
|
18 |
-
*
|
19 |
-
* Here's a short example of how to use this library:
|
20 |
-
* <code>
|
21 |
-
* <?php
|
22 |
-
* include('Crypt/Hash.php');
|
23 |
-
*
|
24 |
-
* $hash = new Crypt_Hash('sha1');
|
25 |
-
*
|
26 |
-
* $hash->setKey('abcdefg');
|
27 |
-
*
|
28 |
-
* echo base64_encode($hash->hash('abcdefg'));
|
29 |
-
* ?>
|
30 |
-
* </code>
|
31 |
-
*
|
32 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
33 |
-
* modify it under the terms of the GNU Lesser General Public
|
34 |
-
* License as published by the Free Software Foundation; either
|
35 |
-
* version 2.1 of the License, or (at your option) any later version.
|
36 |
-
*
|
37 |
-
* This library is distributed in the hope that it will be useful,
|
38 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
39 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
40 |
-
* Lesser General Public License for more details.
|
41 |
-
*
|
42 |
-
* You should have received a copy of the GNU Lesser General Public
|
43 |
-
* License along with this library; if not, write to the Free Software
|
44 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
45 |
-
* MA 02111-1307 USA
|
46 |
-
*
|
47 |
-
* @category Crypt
|
48 |
-
* @package Crypt_Hash
|
49 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
50 |
-
* @copyright MMVII Jim Wigginton
|
51 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
52 |
-
* @version $Id: Hash.php,v 1.6 2009/11/23 23:37:07 terrafrost Exp $
|
53 |
-
* @link http://phpseclib.sourceforge.net
|
54 |
-
*/
|
55 |
-
|
56 |
-
/**#@+
|
57 |
-
* @access private
|
58 |
-
* @see Crypt_Hash::Crypt_Hash()
|
59 |
-
*/
|
60 |
-
/**
|
61 |
-
* Toggles the internal implementation
|
62 |
-
*/
|
63 |
-
define('CRYPT_HASH_MODE_INTERNAL', 1);
|
64 |
-
/**
|
65 |
-
* Toggles the mhash() implementation, which has been deprecated on PHP 5.3.0+.
|
66 |
-
*/
|
67 |
-
define('CRYPT_HASH_MODE_MHASH', 2);
|
68 |
-
/**
|
69 |
-
* Toggles the hash() implementation, which works on PHP 5.1.2+.
|
70 |
-
*/
|
71 |
-
define('CRYPT_HASH_MODE_HASH', 3);
|
72 |
-
/**#@-*/
|
73 |
-
|
74 |
-
/**
|
75 |
-
* Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
|
76 |
-
*
|
77 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
78 |
-
* @version 0.1.0
|
79 |
-
* @access public
|
80 |
-
* @package Crypt_Hash
|
81 |
-
*/
|
82 |
-
class Crypt_Hash {
|
83 |
-
/**
|
84 |
-
* Byte-length of compression blocks / key (Internal HMAC)
|
85 |
-
*
|
86 |
-
* @see Crypt_Hash::setAlgorithm()
|
87 |
-
* @var Integer
|
88 |
-
* @access private
|
89 |
-
*/
|
90 |
-
var $b;
|
91 |
-
|
92 |
-
/**
|
93 |
-
* Byte-length of hash output (Internal HMAC)
|
94 |
-
*
|
95 |
-
* @see Crypt_Hash::setHash()
|
96 |
-
* @var Integer
|
97 |
-
* @access private
|
98 |
-
*/
|
99 |
-
var $l = false;
|
100 |
-
|
101 |
-
/**
|
102 |
-
* Hash Algorithm
|
103 |
-
*
|
104 |
-
* @see Crypt_Hash::setHash()
|
105 |
-
* @var String
|
106 |
-
* @access private
|
107 |
-
*/
|
108 |
-
var $hash;
|
109 |
-
|
110 |
-
/**
|
111 |
-
* Key
|
112 |
-
*
|
113 |
-
* @see Crypt_Hash::setKey()
|
114 |
-
* @var String
|
115 |
-
* @access private
|
116 |
-
*/
|
117 |
-
var $key = '';
|
118 |
-
|
119 |
-
/**
|
120 |
-
* Outer XOR (Internal HMAC)
|
121 |
-
*
|
122 |
-
* @see Crypt_Hash::setKey()
|
123 |
-
* @var String
|
124 |
-
* @access private
|
125 |
-
*/
|
126 |
-
var $opad;
|
127 |
-
|
128 |
-
/**
|
129 |
-
* Inner XOR (Internal HMAC)
|
130 |
-
*
|
131 |
-
* @see Crypt_Hash::setKey()
|
132 |
-
* @var String
|
133 |
-
* @access private
|
134 |
-
*/
|
135 |
-
var $ipad;
|
136 |
-
|
137 |
-
/**
|
138 |
-
* Default Constructor.
|
139 |
-
*
|
140 |
-
* @param optional String $hash
|
141 |
-
* @return Crypt_Hash
|
142 |
-
* @access public
|
143 |
-
*/
|
144 |
-
function Crypt_Hash($hash = 'sha1')
|
145 |
-
{
|
146 |
-
if ( !defined('CRYPT_HASH_MODE') ) {
|
147 |
-
switch (true) {
|
148 |
-
case extension_loaded('hash'):
|
149 |
-
define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_HASH);
|
150 |
-
break;
|
151 |
-
case extension_loaded('mhash'):
|
152 |
-
define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_MHASH);
|
153 |
-
break;
|
154 |
-
default:
|
155 |
-
define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_INTERNAL);
|
156 |
-
}
|
157 |
-
}
|
158 |
-
|
159 |
-
$this->setHash($hash);
|
160 |
-
}
|
161 |
-
|
162 |
-
/**
|
163 |
-
* Sets the key for HMACs
|
164 |
-
*
|
165 |
-
* Keys can be of any length.
|
166 |
-
*
|
167 |
-
* @access public
|
168 |
-
* @param String $key
|
169 |
-
*/
|
170 |
-
function setKey($key)
|
171 |
-
{
|
172 |
-
$this->key = $key;
|
173 |
-
}
|
174 |
-
|
175 |
-
/**
|
176 |
-
* Sets the hash function.
|
177 |
-
*
|
178 |
-
* @access public
|
179 |
-
* @param String $hash
|
180 |
-
*/
|
181 |
-
function setHash($hash)
|
182 |
-
{
|
183 |
-
switch ($hash) {
|
184 |
-
case 'md5-96':
|
185 |
-
case 'sha1-96':
|
186 |
-
$this->l = 12; // 96 / 8 = 12
|
187 |
-
break;
|
188 |
-
case 'md2':
|
189 |
-
case 'md5':
|
190 |
-
$this->l = 16;
|
191 |
-
break;
|
192 |
-
case 'sha1':
|
193 |
-
$this->l = 20;
|
194 |
-
break;
|
195 |
-
case 'sha256':
|
196 |
-
$this->l = 32;
|
197 |
-
break;
|
198 |
-
case 'sha384':
|
199 |
-
$this->l = 48;
|
200 |
-
break;
|
201 |
-
case 'sha512':
|
202 |
-
$this->l = 64;
|
203 |
-
}
|
204 |
-
|
205 |
-
switch ($hash) {
|
206 |
-
case 'md2':
|
207 |
-
$mode = CRYPT_HASH_MODE_INTERNAL;
|
208 |
-
break;
|
209 |
-
case 'sha384':
|
210 |
-
case 'sha512':
|
211 |
-
$mode = CRYPT_HASH_MODE == CRYPT_HASH_MODE_MHASH ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE;
|
212 |
-
break;
|
213 |
-
default:
|
214 |
-
$mode = CRYPT_HASH_MODE;
|
215 |
-
}
|
216 |
-
|
217 |
-
switch ( $mode ) {
|
218 |
-
case CRYPT_HASH_MODE_MHASH:
|
219 |
-
switch ($hash) {
|
220 |
-
case 'md5':
|
221 |
-
case 'md5-96':
|
222 |
-
$this->hash = MHASH_MD5;
|
223 |
-
break;
|
224 |
-
case 'sha256':
|
225 |
-
$this->hash = MHASH_SHA256;
|
226 |
-
break;
|
227 |
-
case 'sha1':
|
228 |
-
case 'sha1-96':
|
229 |
-
default:
|
230 |
-
$this->hash = MHASH_SHA1;
|
231 |
-
}
|
232 |
-
return;
|
233 |
-
case CRYPT_HASH_MODE_HASH:
|
234 |
-
switch ($hash) {
|
235 |
-
case 'md5':
|
236 |
-
case 'md5-96':
|
237 |
-
$this->hash = 'md5';
|
238 |
-
return;
|
239 |
-
case 'sha256':
|
240 |
-
case 'sha384':
|
241 |
-
case 'sha512':
|
242 |
-
$this->hash = $hash;
|
243 |
-
return;
|
244 |
-
case 'sha1':
|
245 |
-
case 'sha1-96':
|
246 |
-
default:
|
247 |
-
$this->hash = 'sha1';
|
248 |
-
}
|
249 |
-
return;
|
250 |
-
}
|
251 |
-
|
252 |
-
switch ($hash) {
|
253 |
-
case 'md2':
|
254 |
-
$this->b = 16;
|
255 |
-
$this->hash = array($this, '_md2');
|
256 |
-
break;
|
257 |
-
case 'md5':
|
258 |
-
case 'md5-96':
|
259 |
-
$this->b = 64;
|
260 |
-
$this->hash = array($this, '_md5');
|
261 |
-
break;
|
262 |
-
case 'sha256':
|
263 |
-
$this->b = 64;
|
264 |
-
$this->hash = array($this, '_sha256');
|
265 |
-
break;
|
266 |
-
case 'sha384':
|
267 |
-
case 'sha512':
|
268 |
-
$this->b = 128;
|
269 |
-
$this->hash = array($this, '_sha512');
|
270 |
-
break;
|
271 |
-
case 'sha1':
|
272 |
-
case 'sha1-96':
|
273 |
-
default:
|
274 |
-
$this->b = 64;
|
275 |
-
$this->hash = array($this, '_sha1');
|
276 |
-
}
|
277 |
-
|
278 |
-
$this->ipad = str_repeat(chr(0x36), $this->b);
|
279 |
-
$this->opad = str_repeat(chr(0x5C), $this->b);
|
280 |
-
}
|
281 |
-
|
282 |
-
/**
|
283 |
-
* Compute the HMAC.
|
284 |
-
*
|
285 |
-
* @access public
|
286 |
-
* @param String $text
|
287 |
-
* @return String
|
288 |
-
*/
|
289 |
-
function hash($text)
|
290 |
-
{
|
291 |
-
$mode = is_array($this->hash) ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE;
|
292 |
-
|
293 |
-
if (!empty($this->key)) {
|
294 |
-
switch ( $mode ) {
|
295 |
-
case CRYPT_HASH_MODE_MHASH:
|
296 |
-
$output = mhash($this->hash, $text, $this->key);
|
297 |
-
break;
|
298 |
-
case CRYPT_HASH_MODE_HASH:
|
299 |
-
$output = hash_hmac($this->hash, $text, $this->key, true);
|
300 |
-
break;
|
301 |
-
case CRYPT_HASH_MODE_INTERNAL:
|
302 |
-
/* "Applications that use keys longer than B bytes will first hash the key using H and then use the
|
303 |
-
resultant L byte string as the actual key to HMAC."
|
304 |
-
|
305 |
-
-- http://tools.ietf.org/html/rfc2104#section-2 */
|
306 |
-
$key = strlen($this->key) > $this->b ? call_user_func($this->$hash, $this->key) : $this->key;
|
307 |
-
|
308 |
-
$key = str_pad($key, $this->b, chr(0)); // step 1
|
309 |
-
$temp = $this->ipad ^ $key; // step 2
|
310 |
-
$temp .= $text; // step 3
|
311 |
-
$temp = call_user_func($this->hash, $temp); // step 4
|
312 |
-
$output = $this->opad ^ $key; // step 5
|
313 |
-
$output.= $temp; // step 6
|
314 |
-
$output = call_user_func($this->hash, $output); // step 7
|
315 |
-
}
|
316 |
-
} else {
|
317 |
-
switch ( $mode ) {
|
318 |
-
case CRYPT_HASH_MODE_MHASH:
|
319 |
-
$output = mhash($this->hash, $text);
|
320 |
-
break;
|
321 |
-
case CRYPT_HASH_MODE_HASH:
|
322 |
-
$output = hash($this->hash, $text, true);
|
323 |
-
break;
|
324 |
-
case CRYPT_HASH_MODE_INTERNAL:
|
325 |
-
$output = call_user_func($this->hash, $text);
|
326 |
-
}
|
327 |
-
}
|
328 |
-
|
329 |
-
return substr($output, 0, $this->l);
|
330 |
-
}
|
331 |
-
|
332 |
-
/**
|
333 |
-
* Returns the hash length (in bytes)
|
334 |
-
*
|
335 |
-
* @access private
|
336 |
-
* @return Integer
|
337 |
-
*/
|
338 |
-
function getLength()
|
339 |
-
{
|
340 |
-
return $this->l;
|
341 |
-
}
|
342 |
-
|
343 |
-
/**
|
344 |
-
* Wrapper for MD5
|
345 |
-
*
|
346 |
-
* @access private
|
347 |
-
* @param String $text
|
348 |
-
*/
|
349 |
-
function _md5($m)
|
350 |
-
{
|
351 |
-
return pack('H*', md5($m));
|
352 |
-
}
|
353 |
-
|
354 |
-
/**
|
355 |
-
* Wrapper for SHA1
|
356 |
-
*
|
357 |
-
* @access private
|
358 |
-
* @param String $text
|
359 |
-
*/
|
360 |
-
function _sha1($m)
|
361 |
-
{
|
362 |
-
return pack('H*', sha1($m));
|
363 |
-
}
|
364 |
-
|
365 |
-
/**
|
366 |
-
* Pure-PHP implementation of MD2
|
367 |
-
*
|
368 |
-
* See {@link http://tools.ietf.org/html/rfc1319 RFC1319}.
|
369 |
-
*
|
370 |
-
* @access private
|
371 |
-
* @param String $text
|
372 |
-
*/
|
373 |
-
function _md2($m)
|
374 |
-
{
|
375 |
-
static $s = array(
|
376 |
-
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
|
377 |
-
19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
|
378 |
-
76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
|
379 |
-
138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
|
380 |
-
245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
|
381 |
-
148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
|
382 |
-
39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
|
383 |
-
181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
|
384 |
-
150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
|
385 |
-
112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
|
386 |
-
96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
|
387 |
-
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
|
388 |
-
234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
|
389 |
-
129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
|
390 |
-
8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
|
391 |
-
203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
|
392 |
-
166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
|
393 |
-
31, 26, 219, 153, 141, 51, 159, 17, 131, 20
|
394 |
-
);
|
395 |
-
|
396 |
-
// Step 1. Append Padding Bytes
|
397 |
-
$pad = 16 - (strlen($m) & 0xF);
|
398 |
-
$m.= str_repeat(chr($pad), $pad);
|
399 |
-
|
400 |
-
$length = strlen($m);
|
401 |
-
|
402 |
-
// Step 2. Append Checksum
|
403 |
-
$c = str_repeat(chr(0), 16);
|
404 |
-
$l = chr(0);
|
405 |
-
for ($i = 0; $i < $length; $i+= 16) {
|
406 |
-
for ($j = 0; $j < 16; $j++) {
|
407 |
-
$c[$j] = chr($s[ord($m[$i + $j] ^ $l)]);
|
408 |
-
$l = $c[$j];
|
409 |
-
}
|
410 |
-
}
|
411 |
-
$m.= $c;
|
412 |
-
|
413 |
-
$length+= 16;
|
414 |
-
|
415 |
-
// Step 3. Initialize MD Buffer
|
416 |
-
$x = str_repeat(chr(0), 48);
|
417 |
-
|
418 |
-
// Step 4. Process Message in 16-Byte Blocks
|
419 |
-
for ($i = 0; $i < $length; $i+= 16) {
|
420 |
-
for ($j = 0; $j < 16; $j++) {
|
421 |
-
$x[$j + 16] = $m[$i + $j];
|
422 |
-
$x[$j + 32] = $x[$j + 16] ^ $x[$j];
|
423 |
-
}
|
424 |
-
$t = chr(0);
|
425 |
-
for ($j = 0; $j < 18; $j++) {
|
426 |
-
for ($k = 0; $k < 48; $k++) {
|
427 |
-
$x[$k] = $t = $x[$k] ^ chr($s[ord($t)]);
|
428 |
-
//$t = $x[$k] = $x[$k] ^ chr($s[ord($t)]);
|
429 |
-
}
|
430 |
-
$t = chr(ord($t) + $j);
|
431 |
-
}
|
432 |
-
}
|
433 |
-
|
434 |
-
// Step 5. Output
|
435 |
-
return substr($x, 0, 16);
|
436 |
-
}
|
437 |
-
|
438 |
-
/**
|
439 |
-
* Pure-PHP implementation of SHA256
|
440 |
-
*
|
441 |
-
* See {@link http://en.wikipedia.org/wiki/SHA_hash_functions#SHA-256_.28a_SHA-2_variant.29_pseudocode SHA-256 (a SHA-2 variant) pseudocode - Wikipedia}.
|
442 |
-
*
|
443 |
-
* @access private
|
444 |
-
* @param String $text
|
445 |
-
*/
|
446 |
-
function _sha256($m)
|
447 |
-
{
|
448 |
-
if (extension_loaded('suhosin')) {
|
449 |
-
return pack('H*', sha256($m));
|
450 |
-
}
|
451 |
-
|
452 |
-
// Initialize variables
|
453 |
-
$hash = array(
|
454 |
-
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
|
455 |
-
);
|
456 |
-
// Initialize table of round constants
|
457 |
-
// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
|
458 |
-
static $k = array(
|
459 |
-
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
460 |
-
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
461 |
-
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
462 |
-
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
463 |
-
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
464 |
-
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
465 |
-
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
466 |
-
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
|
467 |
-
);
|
468 |
-
|
469 |
-
// Pre-processing
|
470 |
-
$length = strlen($m);
|
471 |
-
// to round to nearest 56 mod 64, we'll add 64 - (length + (64 - 56)) % 64
|
472 |
-
$m.= str_repeat(chr(0), 64 - (($length + 8) & 0x3F));
|
473 |
-
$m[$length] = chr(0x80);
|
474 |
-
// we don't support hashing strings 512MB long
|
475 |
-
$m.= pack('N2', 0, $length << 3);
|
476 |
-
|
477 |
-
// Process the message in successive 512-bit chunks
|
478 |
-
$chunks = str_split($m, 64);
|
479 |
-
foreach ($chunks as $chunk) {
|
480 |
-
$w = array();
|
481 |
-
for ($i = 0; $i < 16; $i++) {
|
482 |
-
extract(unpack('Ntemp', $this->_string_shift($chunk, 4)));
|
483 |
-
$w[] = $temp;
|
484 |
-
}
|
485 |
-
|
486 |
-
// Extend the sixteen 32-bit words into sixty-four 32-bit words
|
487 |
-
for ($i = 16; $i < 64; $i++) {
|
488 |
-
$s0 = $this->_rightRotate($w[$i - 15], 7) ^
|
489 |
-
$this->_rightRotate($w[$i - 15], 18) ^
|
490 |
-
$this->_rightShift( $w[$i - 15], 3);
|
491 |
-
$s1 = $this->_rightRotate($w[$i - 2], 17) ^
|
492 |
-
$this->_rightRotate($w[$i - 2], 19) ^
|
493 |
-
$this->_rightShift( $w[$i - 2], 10);
|
494 |
-
$w[$i] = $this->_add($w[$i - 16], $s0, $w[$i - 7], $s1);
|
495 |
-
|
496 |
-
}
|
497 |
-
|
498 |
-
// Initialize hash value for this chunk
|
499 |
-
list($a, $b, $c, $d, $e, $f, $g, $h) = $hash;
|
500 |
-
|
501 |
-
// Main loop
|
502 |
-
for ($i = 0; $i < 64; $i++) {
|
503 |
-
$s0 = $this->_rightRotate($a, 2) ^
|
504 |
-
$this->_rightRotate($a, 13) ^
|
505 |
-
$this->_rightRotate($a, 22);
|
506 |
-
$maj = ($a & $b) ^
|
507 |
-
($a & $c) ^
|
508 |
-
($b & $c);
|
509 |
-
$t2 = $this->_add($s0, $maj);
|
510 |
-
|
511 |
-
$s1 = $this->_rightRotate($e, 6) ^
|
512 |
-
$this->_rightRotate($e, 11) ^
|
513 |
-
$this->_rightRotate($e, 25);
|
514 |
-
$ch = ($e & $f) ^
|
515 |
-
($this->_not($e) & $g);
|
516 |
-
$t1 = $this->_add($h, $s1, $ch, $k[$i], $w[$i]);
|
517 |
-
|
518 |
-
$h = $g;
|
519 |
-
$g = $f;
|
520 |
-
$f = $e;
|
521 |
-
$e = $this->_add($d, $t1);
|
522 |
-
$d = $c;
|
523 |
-
$c = $b;
|
524 |
-
$b = $a;
|
525 |
-
$a = $this->_add($t1, $t2);
|
526 |
-
}
|
527 |
-
|
528 |
-
// Add this chunk's hash to result so far
|
529 |
-
$hash = array(
|
530 |
-
$this->_add($hash[0], $a),
|
531 |
-
$this->_add($hash[1], $b),
|
532 |
-
$this->_add($hash[2], $c),
|
533 |
-
$this->_add($hash[3], $d),
|
534 |
-
$this->_add($hash[4], $e),
|
535 |
-
$this->_add($hash[5], $f),
|
536 |
-
$this->_add($hash[6], $g),
|
537 |
-
$this->_add($hash[7], $h)
|
538 |
-
);
|
539 |
-
}
|
540 |
-
|
541 |
-
// Produce the final hash value (big-endian)
|
542 |
-
return pack('N8', $hash[0], $hash[1], $hash[2], $hash[3], $hash[4], $hash[5], $hash[6], $hash[7]);
|
543 |
-
}
|
544 |
-
|
545 |
-
/**
|
546 |
-
* Pure-PHP implementation of SHA384 and SHA512
|
547 |
-
*
|
548 |
-
* @access private
|
549 |
-
* @param String $text
|
550 |
-
*/
|
551 |
-
function _sha512($m)
|
552 |
-
{
|
553 |
-
if (!class_exists('Math_BigInteger')) {
|
554 |
-
require_once('Math/BigInteger.php');
|
555 |
-
}
|
556 |
-
|
557 |
-
static $init384, $init512, $k;
|
558 |
-
|
559 |
-
if (!isset($k)) {
|
560 |
-
// Initialize variables
|
561 |
-
$init384 = array( // initial values for SHA384
|
562 |
-
'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939',
|
563 |
-
'67332667ffc00b31', '8eb44a8768581511', 'db0c2e0d64f98fa7', '47b5481dbefa4fa4'
|
564 |
-
);
|
565 |
-
$init512 = array( // initial values for SHA512
|
566 |
-
'6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1',
|
567 |
-
'510e527fade682d1', '9b05688c2b3e6c1f', '1f83d9abfb41bd6b', '5be0cd19137e2179'
|
568 |
-
);
|
569 |
-
|
570 |
-
for ($i = 0; $i < 8; $i++) {
|
571 |
-
$init384[$i] = new Math_BigInteger($init384[$i], 16);
|
572 |
-
$init384[$i]->setPrecision(64);
|
573 |
-
$init512[$i] = new Math_BigInteger($init512[$i], 16);
|
574 |
-
$init512[$i]->setPrecision(64);
|
575 |
-
}
|
576 |
-
|
577 |
-
// Initialize table of round constants
|
578 |
-
// (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409)
|
579 |
-
$k = array(
|
580 |
-
'428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc',
|
581 |
-
'3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118',
|
582 |
-
'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2',
|
583 |
-
'72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694',
|
584 |
-
'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65',
|
585 |
-
'2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5',
|
586 |
-
'983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4',
|
587 |
-
'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70',
|
588 |
-
'27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df',
|
589 |
-
'650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b',
|
590 |
-
'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30',
|
591 |
-
'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8',
|
592 |
-
'19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8',
|
593 |
-
'391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3',
|
594 |
-
'748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec',
|
595 |
-
'90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b',
|
596 |
-
'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178',
|
597 |
-
'06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b',
|
598 |
-
'28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c',
|
599 |
-
'4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817'
|
600 |
-
);
|
601 |
-
|
602 |
-
for ($i = 0; $i < 80; $i++) {
|
603 |
-
$k[$i] = new Math_BigInteger($k[$i], 16);
|
604 |
-
}
|
605 |
-
}
|
606 |
-
|
607 |
-
$hash = $this->l == 48 ? $init384 : $init512;
|
608 |
-
|
609 |
-
// Pre-processing
|
610 |
-
$length = strlen($m);
|
611 |
-
// to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128
|
612 |
-
$m.= str_repeat(chr(0), 128 - (($length + 16) & 0x7F));
|
613 |
-
$m[$length] = chr(0x80);
|
614 |
-
// we don't support hashing strings 512MB long
|
615 |
-
$m.= pack('N4', 0, 0, 0, $length << 3);
|
616 |
-
|
617 |
-
// Process the message in successive 1024-bit chunks
|
618 |
-
$chunks = str_split($m, 128);
|
619 |
-
foreach ($chunks as $chunk) {
|
620 |
-
$w = array();
|
621 |
-
for ($i = 0; $i < 16; $i++) {
|
622 |
-
$temp = new Math_BigInteger($this->_string_shift($chunk, 8), 256);
|
623 |
-
$temp->setPrecision(64);
|
624 |
-
$w[] = $temp;
|
625 |
-
}
|
626 |
-
|
627 |
-
// Extend the sixteen 32-bit words into eighty 32-bit words
|
628 |
-
for ($i = 16; $i < 80; $i++) {
|
629 |
-
$temp = array(
|
630 |
-
$w[$i - 15]->bitwise_rightRotate(1),
|
631 |
-
$w[$i - 15]->bitwise_rightRotate(8),
|
632 |
-
$w[$i - 15]->bitwise_rightShift(7)
|
633 |
-
);
|
634 |
-
$s0 = $temp[0]->bitwise_xor($temp[1]);
|
635 |
-
$s0 = $s0->bitwise_xor($temp[2]);
|
636 |
-
$temp = array(
|
637 |
-
$w[$i - 2]->bitwise_rightRotate(19),
|
638 |
-
$w[$i - 2]->bitwise_rightRotate(61),
|
639 |
-
$w[$i - 2]->bitwise_rightShift(6)
|
640 |
-
);
|
641 |
-
$s1 = $temp[0]->bitwise_xor($temp[1]);
|
642 |
-
$s1 = $s1->bitwise_xor($temp[2]);
|
643 |
-
$w[$i] = $w[$i - 16]->copy();
|
644 |
-
$w[$i] = $w[$i]->add($s0);
|
645 |
-
$w[$i] = $w[$i]->add($w[$i - 7]);
|
646 |
-
$w[$i] = $w[$i]->add($s1);
|
647 |
-
}
|
648 |
-
|
649 |
-
// Initialize hash value for this chunk
|
650 |
-
$a = $hash[0]->copy();
|
651 |
-
$b = $hash[1]->copy();
|
652 |
-
$c = $hash[2]->copy();
|
653 |
-
$d = $hash[3]->copy();
|
654 |
-
$e = $hash[4]->copy();
|
655 |
-
$f = $hash[5]->copy();
|
656 |
-
$g = $hash[6]->copy();
|
657 |
-
$h = $hash[7]->copy();
|
658 |
-
|
659 |
-
// Main loop
|
660 |
-
for ($i = 0; $i < 80; $i++) {
|
661 |
-
$temp = array(
|
662 |
-
$a->bitwise_rightRotate(28),
|
663 |
-
$a->bitwise_rightRotate(34),
|
664 |
-
$a->bitwise_rightRotate(39)
|
665 |
-
);
|
666 |
-
$s0 = $temp[0]->bitwise_xor($temp[1]);
|
667 |
-
$s0 = $s0->bitwise_xor($temp[2]);
|
668 |
-
$temp = array(
|
669 |
-
$a->bitwise_and($b),
|
670 |
-
$a->bitwise_and($c),
|
671 |
-
$b->bitwise_and($c)
|
672 |
-
);
|
673 |
-
$maj = $temp[0]->bitwise_xor($temp[1]);
|
674 |
-
$maj = $maj->bitwise_xor($temp[2]);
|
675 |
-
$t2 = $s0->add($maj);
|
676 |
-
|
677 |
-
$temp = array(
|
678 |
-
$e->bitwise_rightRotate(14),
|
679 |
-
$e->bitwise_rightRotate(18),
|
680 |
-
$e->bitwise_rightRotate(41)
|
681 |
-
);
|
682 |
-
$s1 = $temp[0]->bitwise_xor($temp[1]);
|
683 |
-
$s1 = $s1->bitwise_xor($temp[2]);
|
684 |
-
$temp = array(
|
685 |
-
$e->bitwise_and($f),
|
686 |
-
$g->bitwise_and($e->bitwise_not())
|
687 |
-
);
|
688 |
-
$ch = $temp[0]->bitwise_xor($temp[1]);
|
689 |
-
$t1 = $h->add($s1);
|
690 |
-
$t1 = $t1->add($ch);
|
691 |
-
$t1 = $t1->add($k[$i]);
|
692 |
-
$t1 = $t1->add($w[$i]);
|
693 |
-
|
694 |
-
$h = $g->copy();
|
695 |
-
$g = $f->copy();
|
696 |
-
$f = $e->copy();
|
697 |
-
$e = $d->add($t1);
|
698 |
-
$d = $c->copy();
|
699 |
-
$c = $b->copy();
|
700 |
-
$b = $a->copy();
|
701 |
-
$a = $t1->add($t2);
|
702 |
-
}
|
703 |
-
|
704 |
-
// Add this chunk's hash to result so far
|
705 |
-
$hash = array(
|
706 |
-
$hash[0]->add($a),
|
707 |
-
$hash[1]->add($b),
|
708 |
-
$hash[2]->add($c),
|
709 |
-
$hash[3]->add($d),
|
710 |
-
$hash[4]->add($e),
|
711 |
-
$hash[5]->add($f),
|
712 |
-
$hash[6]->add($g),
|
713 |
-
$hash[7]->add($h)
|
714 |
-
);
|
715 |
-
}
|
716 |
-
|
717 |
-
// Produce the final hash value (big-endian)
|
718 |
-
// (Crypt_Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here)
|
719 |
-
$temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() .
|
720 |
-
$hash[4]->toBytes() . $hash[5]->toBytes();
|
721 |
-
if ($this->l != 48) {
|
722 |
-
$temp.= $hash[6]->toBytes() . $hash[7]->toBytes();
|
723 |
-
}
|
724 |
-
|
725 |
-
return $temp;
|
726 |
-
}
|
727 |
-
|
728 |
-
/**
|
729 |
-
* Right Rotate
|
730 |
-
*
|
731 |
-
* @access private
|
732 |
-
* @param Integer $int
|
733 |
-
* @param Integer $amt
|
734 |
-
* @see _sha256()
|
735 |
-
* @return Integer
|
736 |
-
*/
|
737 |
-
function _rightRotate($int, $amt)
|
738 |
-
{
|
739 |
-
$invamt = 32 - $amt;
|
740 |
-
$mask = (1 << $invamt) - 1;
|
741 |
-
return (($int << $invamt) & 0xFFFFFFFF) | (($int >> $amt) & $mask);
|
742 |
-
}
|
743 |
-
|
744 |
-
/**
|
745 |
-
* Right Shift
|
746 |
-
*
|
747 |
-
* @access private
|
748 |
-
* @param Integer $int
|
749 |
-
* @param Integer $amt
|
750 |
-
* @see _sha256()
|
751 |
-
* @return Integer
|
752 |
-
*/
|
753 |
-
function _rightShift($int, $amt)
|
754 |
-
{
|
755 |
-
$mask = (1 << (32 - $amt)) - 1;
|
756 |
-
return ($int >> $amt) & $mask;
|
757 |
-
}
|
758 |
-
|
759 |
-
/**
|
760 |
-
* Not
|
761 |
-
*
|
762 |
-
* @access private
|
763 |
-
* @param Integer $int
|
764 |
-
* @see _sha256()
|
765 |
-
* @return Integer
|
766 |
-
*/
|
767 |
-
function _not($int)
|
768 |
-
{
|
769 |
-
return ~$int & 0xFFFFFFFF;
|
770 |
-
}
|
771 |
-
|
772 |
-
/**
|
773 |
-
* Add
|
774 |
-
*
|
775 |
-
* _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the
|
776 |
-
* possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster.
|
777 |
-
*
|
778 |
-
* @param String $string
|
779 |
-
* @param optional Integer $index
|
780 |
-
* @return String
|
781 |
-
* @see _sha256()
|
782 |
-
* @access private
|
783 |
-
*/
|
784 |
-
function _add()
|
785 |
-
{
|
786 |
-
static $mod;
|
787 |
-
if (!isset($mod)) {
|
788 |
-
$mod = pow(2, 32);
|
789 |
-
}
|
790 |
-
|
791 |
-
$result = 0;
|
792 |
-
$arguments = func_get_args();
|
793 |
-
foreach ($arguments as $argument) {
|
794 |
-
$result+= $argument < 0 ? ($argument & 0x7FFFFFFF) + 0x80000000 : $argument;
|
795 |
-
}
|
796 |
-
|
797 |
-
return fmod($result, $mod);
|
798 |
-
}
|
799 |
-
|
800 |
-
/**
|
801 |
-
* String Shift
|
802 |
-
*
|
803 |
-
* Inspired by array_shift
|
804 |
-
*
|
805 |
-
* @param String $string
|
806 |
-
* @param optional Integer $index
|
807 |
-
* @return String
|
808 |
-
* @access private
|
809 |
-
*/
|
810 |
-
function _string_shift(&$string, $index = 1)
|
811 |
-
{
|
812 |
-
$substr = substr($string, 0, $index);
|
813 |
-
$string = substr($string, $index);
|
814 |
-
return $substr;
|
815 |
-
}
|
816 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
|
6 |
+
*
|
7 |
+
* Uses hash() or mhash() if available and an internal implementation, otherwise. Currently supports the following:
|
8 |
+
*
|
9 |
+
* md2, md5, md5-96, sha1, sha1-96, sha256, sha384, and sha512
|
10 |
+
*
|
11 |
+
* If {@link Crypt_Hash::setKey() setKey()} is called, {@link Crypt_Hash::hash() hash()} will return the HMAC as opposed to
|
12 |
+
* the hash. If no valid algorithm is provided, sha1 will be used.
|
13 |
+
*
|
14 |
+
* PHP versions 4 and 5
|
15 |
+
*
|
16 |
+
* {@internal The variable names are the same as those in
|
17 |
+
* {@link http://tools.ietf.org/html/rfc2104#section-2 RFC2104}.}}
|
18 |
+
*
|
19 |
+
* Here's a short example of how to use this library:
|
20 |
+
* <code>
|
21 |
+
* <?php
|
22 |
+
* include('Crypt/Hash.php');
|
23 |
+
*
|
24 |
+
* $hash = new Crypt_Hash('sha1');
|
25 |
+
*
|
26 |
+
* $hash->setKey('abcdefg');
|
27 |
+
*
|
28 |
+
* echo base64_encode($hash->hash('abcdefg'));
|
29 |
+
* ?>
|
30 |
+
* </code>
|
31 |
+
*
|
32 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
33 |
+
* modify it under the terms of the GNU Lesser General Public
|
34 |
+
* License as published by the Free Software Foundation; either
|
35 |
+
* version 2.1 of the License, or (at your option) any later version.
|
36 |
+
*
|
37 |
+
* This library is distributed in the hope that it will be useful,
|
38 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
39 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
40 |
+
* Lesser General Public License for more details.
|
41 |
+
*
|
42 |
+
* You should have received a copy of the GNU Lesser General Public
|
43 |
+
* License along with this library; if not, write to the Free Software
|
44 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
45 |
+
* MA 02111-1307 USA
|
46 |
+
*
|
47 |
+
* @category Crypt
|
48 |
+
* @package Crypt_Hash
|
49 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
50 |
+
* @copyright MMVII Jim Wigginton
|
51 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
52 |
+
* @version $Id: Hash.php,v 1.6 2009/11/23 23:37:07 terrafrost Exp $
|
53 |
+
* @link http://phpseclib.sourceforge.net
|
54 |
+
*/
|
55 |
+
|
56 |
+
/**#@+
|
57 |
+
* @access private
|
58 |
+
* @see Crypt_Hash::Crypt_Hash()
|
59 |
+
*/
|
60 |
+
/**
|
61 |
+
* Toggles the internal implementation
|
62 |
+
*/
|
63 |
+
define('CRYPT_HASH_MODE_INTERNAL', 1);
|
64 |
+
/**
|
65 |
+
* Toggles the mhash() implementation, which has been deprecated on PHP 5.3.0+.
|
66 |
+
*/
|
67 |
+
define('CRYPT_HASH_MODE_MHASH', 2);
|
68 |
+
/**
|
69 |
+
* Toggles the hash() implementation, which works on PHP 5.1.2+.
|
70 |
+
*/
|
71 |
+
define('CRYPT_HASH_MODE_HASH', 3);
|
72 |
+
/**#@-*/
|
73 |
+
|
74 |
+
/**
|
75 |
+
* Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
|
76 |
+
*
|
77 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
78 |
+
* @version 0.1.0
|
79 |
+
* @access public
|
80 |
+
* @package Crypt_Hash
|
81 |
+
*/
|
82 |
+
class Crypt_Hash {
|
83 |
+
/**
|
84 |
+
* Byte-length of compression blocks / key (Internal HMAC)
|
85 |
+
*
|
86 |
+
* @see Crypt_Hash::setAlgorithm()
|
87 |
+
* @var Integer
|
88 |
+
* @access private
|
89 |
+
*/
|
90 |
+
var $b;
|
91 |
+
|
92 |
+
/**
|
93 |
+
* Byte-length of hash output (Internal HMAC)
|
94 |
+
*
|
95 |
+
* @see Crypt_Hash::setHash()
|
96 |
+
* @var Integer
|
97 |
+
* @access private
|
98 |
+
*/
|
99 |
+
var $l = false;
|
100 |
+
|
101 |
+
/**
|
102 |
+
* Hash Algorithm
|
103 |
+
*
|
104 |
+
* @see Crypt_Hash::setHash()
|
105 |
+
* @var String
|
106 |
+
* @access private
|
107 |
+
*/
|
108 |
+
var $hash;
|
109 |
+
|
110 |
+
/**
|
111 |
+
* Key
|
112 |
+
*
|
113 |
+
* @see Crypt_Hash::setKey()
|
114 |
+
* @var String
|
115 |
+
* @access private
|
116 |
+
*/
|
117 |
+
var $key = '';
|
118 |
+
|
119 |
+
/**
|
120 |
+
* Outer XOR (Internal HMAC)
|
121 |
+
*
|
122 |
+
* @see Crypt_Hash::setKey()
|
123 |
+
* @var String
|
124 |
+
* @access private
|
125 |
+
*/
|
126 |
+
var $opad;
|
127 |
+
|
128 |
+
/**
|
129 |
+
* Inner XOR (Internal HMAC)
|
130 |
+
*
|
131 |
+
* @see Crypt_Hash::setKey()
|
132 |
+
* @var String
|
133 |
+
* @access private
|
134 |
+
*/
|
135 |
+
var $ipad;
|
136 |
+
|
137 |
+
/**
|
138 |
+
* Default Constructor.
|
139 |
+
*
|
140 |
+
* @param optional String $hash
|
141 |
+
* @return Crypt_Hash
|
142 |
+
* @access public
|
143 |
+
*/
|
144 |
+
function Crypt_Hash($hash = 'sha1')
|
145 |
+
{
|
146 |
+
if ( !defined('CRYPT_HASH_MODE') ) {
|
147 |
+
switch (true) {
|
148 |
+
case extension_loaded('hash'):
|
149 |
+
define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_HASH);
|
150 |
+
break;
|
151 |
+
case extension_loaded('mhash'):
|
152 |
+
define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_MHASH);
|
153 |
+
break;
|
154 |
+
default:
|
155 |
+
define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_INTERNAL);
|
156 |
+
}
|
157 |
+
}
|
158 |
+
|
159 |
+
$this->setHash($hash);
|
160 |
+
}
|
161 |
+
|
162 |
+
/**
|
163 |
+
* Sets the key for HMACs
|
164 |
+
*
|
165 |
+
* Keys can be of any length.
|
166 |
+
*
|
167 |
+
* @access public
|
168 |
+
* @param String $key
|
169 |
+
*/
|
170 |
+
function setKey($key)
|
171 |
+
{
|
172 |
+
$this->key = $key;
|
173 |
+
}
|
174 |
+
|
175 |
+
/**
|
176 |
+
* Sets the hash function.
|
177 |
+
*
|
178 |
+
* @access public
|
179 |
+
* @param String $hash
|
180 |
+
*/
|
181 |
+
function setHash($hash)
|
182 |
+
{
|
183 |
+
switch ($hash) {
|
184 |
+
case 'md5-96':
|
185 |
+
case 'sha1-96':
|
186 |
+
$this->l = 12; // 96 / 8 = 12
|
187 |
+
break;
|
188 |
+
case 'md2':
|
189 |
+
case 'md5':
|
190 |
+
$this->l = 16;
|
191 |
+
break;
|
192 |
+
case 'sha1':
|
193 |
+
$this->l = 20;
|
194 |
+
break;
|
195 |
+
case 'sha256':
|
196 |
+
$this->l = 32;
|
197 |
+
break;
|
198 |
+
case 'sha384':
|
199 |
+
$this->l = 48;
|
200 |
+
break;
|
201 |
+
case 'sha512':
|
202 |
+
$this->l = 64;
|
203 |
+
}
|
204 |
+
|
205 |
+
switch ($hash) {
|
206 |
+
case 'md2':
|
207 |
+
$mode = CRYPT_HASH_MODE_INTERNAL;
|
208 |
+
break;
|
209 |
+
case 'sha384':
|
210 |
+
case 'sha512':
|
211 |
+
$mode = CRYPT_HASH_MODE == CRYPT_HASH_MODE_MHASH ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE;
|
212 |
+
break;
|
213 |
+
default:
|
214 |
+
$mode = CRYPT_HASH_MODE;
|
215 |
+
}
|
216 |
+
|
217 |
+
switch ( $mode ) {
|
218 |
+
case CRYPT_HASH_MODE_MHASH:
|
219 |
+
switch ($hash) {
|
220 |
+
case 'md5':
|
221 |
+
case 'md5-96':
|
222 |
+
$this->hash = MHASH_MD5;
|
223 |
+
break;
|
224 |
+
case 'sha256':
|
225 |
+
$this->hash = MHASH_SHA256;
|
226 |
+
break;
|
227 |
+
case 'sha1':
|
228 |
+
case 'sha1-96':
|
229 |
+
default:
|
230 |
+
$this->hash = MHASH_SHA1;
|
231 |
+
}
|
232 |
+
return;
|
233 |
+
case CRYPT_HASH_MODE_HASH:
|
234 |
+
switch ($hash) {
|
235 |
+
case 'md5':
|
236 |
+
case 'md5-96':
|
237 |
+
$this->hash = 'md5';
|
238 |
+
return;
|
239 |
+
case 'sha256':
|
240 |
+
case 'sha384':
|
241 |
+
case 'sha512':
|
242 |
+
$this->hash = $hash;
|
243 |
+
return;
|
244 |
+
case 'sha1':
|
245 |
+
case 'sha1-96':
|
246 |
+
default:
|
247 |
+
$this->hash = 'sha1';
|
248 |
+
}
|
249 |
+
return;
|
250 |
+
}
|
251 |
+
|
252 |
+
switch ($hash) {
|
253 |
+
case 'md2':
|
254 |
+
$this->b = 16;
|
255 |
+
$this->hash = array($this, '_md2');
|
256 |
+
break;
|
257 |
+
case 'md5':
|
258 |
+
case 'md5-96':
|
259 |
+
$this->b = 64;
|
260 |
+
$this->hash = array($this, '_md5');
|
261 |
+
break;
|
262 |
+
case 'sha256':
|
263 |
+
$this->b = 64;
|
264 |
+
$this->hash = array($this, '_sha256');
|
265 |
+
break;
|
266 |
+
case 'sha384':
|
267 |
+
case 'sha512':
|
268 |
+
$this->b = 128;
|
269 |
+
$this->hash = array($this, '_sha512');
|
270 |
+
break;
|
271 |
+
case 'sha1':
|
272 |
+
case 'sha1-96':
|
273 |
+
default:
|
274 |
+
$this->b = 64;
|
275 |
+
$this->hash = array($this, '_sha1');
|
276 |
+
}
|
277 |
+
|
278 |
+
$this->ipad = str_repeat(chr(0x36), $this->b);
|
279 |
+
$this->opad = str_repeat(chr(0x5C), $this->b);
|
280 |
+
}
|
281 |
+
|
282 |
+
/**
|
283 |
+
* Compute the HMAC.
|
284 |
+
*
|
285 |
+
* @access public
|
286 |
+
* @param String $text
|
287 |
+
* @return String
|
288 |
+
*/
|
289 |
+
function hash($text)
|
290 |
+
{
|
291 |
+
$mode = is_array($this->hash) ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE;
|
292 |
+
|
293 |
+
if (!empty($this->key)) {
|
294 |
+
switch ( $mode ) {
|
295 |
+
case CRYPT_HASH_MODE_MHASH:
|
296 |
+
$output = mhash($this->hash, $text, $this->key);
|
297 |
+
break;
|
298 |
+
case CRYPT_HASH_MODE_HASH:
|
299 |
+
$output = hash_hmac($this->hash, $text, $this->key, true);
|
300 |
+
break;
|
301 |
+
case CRYPT_HASH_MODE_INTERNAL:
|
302 |
+
/* "Applications that use keys longer than B bytes will first hash the key using H and then use the
|
303 |
+
resultant L byte string as the actual key to HMAC."
|
304 |
+
|
305 |
+
-- http://tools.ietf.org/html/rfc2104#section-2 */
|
306 |
+
$key = strlen($this->key) > $this->b ? call_user_func($this->$hash, $this->key) : $this->key;
|
307 |
+
|
308 |
+
$key = str_pad($key, $this->b, chr(0)); // step 1
|
309 |
+
$temp = $this->ipad ^ $key; // step 2
|
310 |
+
$temp .= $text; // step 3
|
311 |
+
$temp = call_user_func($this->hash, $temp); // step 4
|
312 |
+
$output = $this->opad ^ $key; // step 5
|
313 |
+
$output.= $temp; // step 6
|
314 |
+
$output = call_user_func($this->hash, $output); // step 7
|
315 |
+
}
|
316 |
+
} else {
|
317 |
+
switch ( $mode ) {
|
318 |
+
case CRYPT_HASH_MODE_MHASH:
|
319 |
+
$output = mhash($this->hash, $text);
|
320 |
+
break;
|
321 |
+
case CRYPT_HASH_MODE_HASH:
|
322 |
+
$output = hash($this->hash, $text, true);
|
323 |
+
break;
|
324 |
+
case CRYPT_HASH_MODE_INTERNAL:
|
325 |
+
$output = call_user_func($this->hash, $text);
|
326 |
+
}
|
327 |
+
}
|
328 |
+
|
329 |
+
return substr($output, 0, $this->l);
|
330 |
+
}
|
331 |
+
|
332 |
+
/**
|
333 |
+
* Returns the hash length (in bytes)
|
334 |
+
*
|
335 |
+
* @access private
|
336 |
+
* @return Integer
|
337 |
+
*/
|
338 |
+
function getLength()
|
339 |
+
{
|
340 |
+
return $this->l;
|
341 |
+
}
|
342 |
+
|
343 |
+
/**
|
344 |
+
* Wrapper for MD5
|
345 |
+
*
|
346 |
+
* @access private
|
347 |
+
* @param String $text
|
348 |
+
*/
|
349 |
+
function _md5($m)
|
350 |
+
{
|
351 |
+
return pack('H*', md5($m));
|
352 |
+
}
|
353 |
+
|
354 |
+
/**
|
355 |
+
* Wrapper for SHA1
|
356 |
+
*
|
357 |
+
* @access private
|
358 |
+
* @param String $text
|
359 |
+
*/
|
360 |
+
function _sha1($m)
|
361 |
+
{
|
362 |
+
return pack('H*', sha1($m));
|
363 |
+
}
|
364 |
+
|
365 |
+
/**
|
366 |
+
* Pure-PHP implementation of MD2
|
367 |
+
*
|
368 |
+
* See {@link http://tools.ietf.org/html/rfc1319 RFC1319}.
|
369 |
+
*
|
370 |
+
* @access private
|
371 |
+
* @param String $text
|
372 |
+
*/
|
373 |
+
function _md2($m)
|
374 |
+
{
|
375 |
+
static $s = array(
|
376 |
+
41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
|
377 |
+
19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
|
378 |
+
76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
|
379 |
+
138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
|
380 |
+
245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
|
381 |
+
148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
|
382 |
+
39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
|
383 |
+
181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
|
384 |
+
150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
|
385 |
+
112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
|
386 |
+
96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
|
387 |
+
85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
|
388 |
+
234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
|
389 |
+
129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
|
390 |
+
8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
|
391 |
+
203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
|
392 |
+
166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
|
393 |
+
31, 26, 219, 153, 141, 51, 159, 17, 131, 20
|
394 |
+
);
|
395 |
+
|
396 |
+
// Step 1. Append Padding Bytes
|
397 |
+
$pad = 16 - (strlen($m) & 0xF);
|
398 |
+
$m.= str_repeat(chr($pad), $pad);
|
399 |
+
|
400 |
+
$length = strlen($m);
|
401 |
+
|
402 |
+
// Step 2. Append Checksum
|
403 |
+
$c = str_repeat(chr(0), 16);
|
404 |
+
$l = chr(0);
|
405 |
+
for ($i = 0; $i < $length; $i+= 16) {
|
406 |
+
for ($j = 0; $j < 16; $j++) {
|
407 |
+
$c[$j] = chr($s[ord($m[$i + $j] ^ $l)]);
|
408 |
+
$l = $c[$j];
|
409 |
+
}
|
410 |
+
}
|
411 |
+
$m.= $c;
|
412 |
+
|
413 |
+
$length+= 16;
|
414 |
+
|
415 |
+
// Step 3. Initialize MD Buffer
|
416 |
+
$x = str_repeat(chr(0), 48);
|
417 |
+
|
418 |
+
// Step 4. Process Message in 16-Byte Blocks
|
419 |
+
for ($i = 0; $i < $length; $i+= 16) {
|
420 |
+
for ($j = 0; $j < 16; $j++) {
|
421 |
+
$x[$j + 16] = $m[$i + $j];
|
422 |
+
$x[$j + 32] = $x[$j + 16] ^ $x[$j];
|
423 |
+
}
|
424 |
+
$t = chr(0);
|
425 |
+
for ($j = 0; $j < 18; $j++) {
|
426 |
+
for ($k = 0; $k < 48; $k++) {
|
427 |
+
$x[$k] = $t = $x[$k] ^ chr($s[ord($t)]);
|
428 |
+
//$t = $x[$k] = $x[$k] ^ chr($s[ord($t)]);
|
429 |
+
}
|
430 |
+
$t = chr(ord($t) + $j);
|
431 |
+
}
|
432 |
+
}
|
433 |
+
|
434 |
+
// Step 5. Output
|
435 |
+
return substr($x, 0, 16);
|
436 |
+
}
|
437 |
+
|
438 |
+
/**
|
439 |
+
* Pure-PHP implementation of SHA256
|
440 |
+
*
|
441 |
+
* See {@link http://en.wikipedia.org/wiki/SHA_hash_functions#SHA-256_.28a_SHA-2_variant.29_pseudocode SHA-256 (a SHA-2 variant) pseudocode - Wikipedia}.
|
442 |
+
*
|
443 |
+
* @access private
|
444 |
+
* @param String $text
|
445 |
+
*/
|
446 |
+
function _sha256($m)
|
447 |
+
{
|
448 |
+
if (extension_loaded('suhosin')) {
|
449 |
+
return pack('H*', sha256($m));
|
450 |
+
}
|
451 |
+
|
452 |
+
// Initialize variables
|
453 |
+
$hash = array(
|
454 |
+
0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
|
455 |
+
);
|
456 |
+
// Initialize table of round constants
|
457 |
+
// (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
|
458 |
+
static $k = array(
|
459 |
+
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
|
460 |
+
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
|
461 |
+
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
|
462 |
+
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
|
463 |
+
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
|
464 |
+
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
|
465 |
+
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
|
466 |
+
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
|
467 |
+
);
|
468 |
+
|
469 |
+
// Pre-processing
|
470 |
+
$length = strlen($m);
|
471 |
+
// to round to nearest 56 mod 64, we'll add 64 - (length + (64 - 56)) % 64
|
472 |
+
$m.= str_repeat(chr(0), 64 - (($length + 8) & 0x3F));
|
473 |
+
$m[$length] = chr(0x80);
|
474 |
+
// we don't support hashing strings 512MB long
|
475 |
+
$m.= pack('N2', 0, $length << 3);
|
476 |
+
|
477 |
+
// Process the message in successive 512-bit chunks
|
478 |
+
$chunks = str_split($m, 64);
|
479 |
+
foreach ($chunks as $chunk) {
|
480 |
+
$w = array();
|
481 |
+
for ($i = 0; $i < 16; $i++) {
|
482 |
+
extract(unpack('Ntemp', $this->_string_shift($chunk, 4)));
|
483 |
+
$w[] = $temp;
|
484 |
+
}
|
485 |
+
|
486 |
+
// Extend the sixteen 32-bit words into sixty-four 32-bit words
|
487 |
+
for ($i = 16; $i < 64; $i++) {
|
488 |
+
$s0 = $this->_rightRotate($w[$i - 15], 7) ^
|
489 |
+
$this->_rightRotate($w[$i - 15], 18) ^
|
490 |
+
$this->_rightShift( $w[$i - 15], 3);
|
491 |
+
$s1 = $this->_rightRotate($w[$i - 2], 17) ^
|
492 |
+
$this->_rightRotate($w[$i - 2], 19) ^
|
493 |
+
$this->_rightShift( $w[$i - 2], 10);
|
494 |
+
$w[$i] = $this->_add($w[$i - 16], $s0, $w[$i - 7], $s1);
|
495 |
+
|
496 |
+
}
|
497 |
+
|
498 |
+
// Initialize hash value for this chunk
|
499 |
+
list($a, $b, $c, $d, $e, $f, $g, $h) = $hash;
|
500 |
+
|
501 |
+
// Main loop
|
502 |
+
for ($i = 0; $i < 64; $i++) {
|
503 |
+
$s0 = $this->_rightRotate($a, 2) ^
|
504 |
+
$this->_rightRotate($a, 13) ^
|
505 |
+
$this->_rightRotate($a, 22);
|
506 |
+
$maj = ($a & $b) ^
|
507 |
+
($a & $c) ^
|
508 |
+
($b & $c);
|
509 |
+
$t2 = $this->_add($s0, $maj);
|
510 |
+
|
511 |
+
$s1 = $this->_rightRotate($e, 6) ^
|
512 |
+
$this->_rightRotate($e, 11) ^
|
513 |
+
$this->_rightRotate($e, 25);
|
514 |
+
$ch = ($e & $f) ^
|
515 |
+
($this->_not($e) & $g);
|
516 |
+
$t1 = $this->_add($h, $s1, $ch, $k[$i], $w[$i]);
|
517 |
+
|
518 |
+
$h = $g;
|
519 |
+
$g = $f;
|
520 |
+
$f = $e;
|
521 |
+
$e = $this->_add($d, $t1);
|
522 |
+
$d = $c;
|
523 |
+
$c = $b;
|
524 |
+
$b = $a;
|
525 |
+
$a = $this->_add($t1, $t2);
|
526 |
+
}
|
527 |
+
|
528 |
+
// Add this chunk's hash to result so far
|
529 |
+
$hash = array(
|
530 |
+
$this->_add($hash[0], $a),
|
531 |
+
$this->_add($hash[1], $b),
|
532 |
+
$this->_add($hash[2], $c),
|
533 |
+
$this->_add($hash[3], $d),
|
534 |
+
$this->_add($hash[4], $e),
|
535 |
+
$this->_add($hash[5], $f),
|
536 |
+
$this->_add($hash[6], $g),
|
537 |
+
$this->_add($hash[7], $h)
|
538 |
+
);
|
539 |
+
}
|
540 |
+
|
541 |
+
// Produce the final hash value (big-endian)
|
542 |
+
return pack('N8', $hash[0], $hash[1], $hash[2], $hash[3], $hash[4], $hash[5], $hash[6], $hash[7]);
|
543 |
+
}
|
544 |
+
|
545 |
+
/**
|
546 |
+
* Pure-PHP implementation of SHA384 and SHA512
|
547 |
+
*
|
548 |
+
* @access private
|
549 |
+
* @param String $text
|
550 |
+
*/
|
551 |
+
function _sha512($m)
|
552 |
+
{
|
553 |
+
if (!class_exists('Math_BigInteger')) {
|
554 |
+
require_once('Math/BigInteger.php');
|
555 |
+
}
|
556 |
+
|
557 |
+
static $init384, $init512, $k;
|
558 |
+
|
559 |
+
if (!isset($k)) {
|
560 |
+
// Initialize variables
|
561 |
+
$init384 = array( // initial values for SHA384
|
562 |
+
'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939',
|
563 |
+
'67332667ffc00b31', '8eb44a8768581511', 'db0c2e0d64f98fa7', '47b5481dbefa4fa4'
|
564 |
+
);
|
565 |
+
$init512 = array( // initial values for SHA512
|
566 |
+
'6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1',
|
567 |
+
'510e527fade682d1', '9b05688c2b3e6c1f', '1f83d9abfb41bd6b', '5be0cd19137e2179'
|
568 |
+
);
|
569 |
+
|
570 |
+
for ($i = 0; $i < 8; $i++) {
|
571 |
+
$init384[$i] = new Math_BigInteger($init384[$i], 16);
|
572 |
+
$init384[$i]->setPrecision(64);
|
573 |
+
$init512[$i] = new Math_BigInteger($init512[$i], 16);
|
574 |
+
$init512[$i]->setPrecision(64);
|
575 |
+
}
|
576 |
+
|
577 |
+
// Initialize table of round constants
|
578 |
+
// (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409)
|
579 |
+
$k = array(
|
580 |
+
'428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc',
|
581 |
+
'3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118',
|
582 |
+
'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2',
|
583 |
+
'72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694',
|
584 |
+
'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65',
|
585 |
+
'2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5',
|
586 |
+
'983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4',
|
587 |
+
'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70',
|
588 |
+
'27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df',
|
589 |
+
'650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b',
|
590 |
+
'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30',
|
591 |
+
'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8',
|
592 |
+
'19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8',
|
593 |
+
'391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3',
|
594 |
+
'748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec',
|
595 |
+
'90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b',
|
596 |
+
'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178',
|
597 |
+
'06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b',
|
598 |
+
'28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c',
|
599 |
+
'4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817'
|
600 |
+
);
|
601 |
+
|
602 |
+
for ($i = 0; $i < 80; $i++) {
|
603 |
+
$k[$i] = new Math_BigInteger($k[$i], 16);
|
604 |
+
}
|
605 |
+
}
|
606 |
+
|
607 |
+
$hash = $this->l == 48 ? $init384 : $init512;
|
608 |
+
|
609 |
+
// Pre-processing
|
610 |
+
$length = strlen($m);
|
611 |
+
// to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128
|
612 |
+
$m.= str_repeat(chr(0), 128 - (($length + 16) & 0x7F));
|
613 |
+
$m[$length] = chr(0x80);
|
614 |
+
// we don't support hashing strings 512MB long
|
615 |
+
$m.= pack('N4', 0, 0, 0, $length << 3);
|
616 |
+
|
617 |
+
// Process the message in successive 1024-bit chunks
|
618 |
+
$chunks = str_split($m, 128);
|
619 |
+
foreach ($chunks as $chunk) {
|
620 |
+
$w = array();
|
621 |
+
for ($i = 0; $i < 16; $i++) {
|
622 |
+
$temp = new Math_BigInteger($this->_string_shift($chunk, 8), 256);
|
623 |
+
$temp->setPrecision(64);
|
624 |
+
$w[] = $temp;
|
625 |
+
}
|
626 |
+
|
627 |
+
// Extend the sixteen 32-bit words into eighty 32-bit words
|
628 |
+
for ($i = 16; $i < 80; $i++) {
|
629 |
+
$temp = array(
|
630 |
+
$w[$i - 15]->bitwise_rightRotate(1),
|
631 |
+
$w[$i - 15]->bitwise_rightRotate(8),
|
632 |
+
$w[$i - 15]->bitwise_rightShift(7)
|
633 |
+
);
|
634 |
+
$s0 = $temp[0]->bitwise_xor($temp[1]);
|
635 |
+
$s0 = $s0->bitwise_xor($temp[2]);
|
636 |
+
$temp = array(
|
637 |
+
$w[$i - 2]->bitwise_rightRotate(19),
|
638 |
+
$w[$i - 2]->bitwise_rightRotate(61),
|
639 |
+
$w[$i - 2]->bitwise_rightShift(6)
|
640 |
+
);
|
641 |
+
$s1 = $temp[0]->bitwise_xor($temp[1]);
|
642 |
+
$s1 = $s1->bitwise_xor($temp[2]);
|
643 |
+
$w[$i] = $w[$i - 16]->copy();
|
644 |
+
$w[$i] = $w[$i]->add($s0);
|
645 |
+
$w[$i] = $w[$i]->add($w[$i - 7]);
|
646 |
+
$w[$i] = $w[$i]->add($s1);
|
647 |
+
}
|
648 |
+
|
649 |
+
// Initialize hash value for this chunk
|
650 |
+
$a = $hash[0]->copy();
|
651 |
+
$b = $hash[1]->copy();
|
652 |
+
$c = $hash[2]->copy();
|
653 |
+
$d = $hash[3]->copy();
|
654 |
+
$e = $hash[4]->copy();
|
655 |
+
$f = $hash[5]->copy();
|
656 |
+
$g = $hash[6]->copy();
|
657 |
+
$h = $hash[7]->copy();
|
658 |
+
|
659 |
+
// Main loop
|
660 |
+
for ($i = 0; $i < 80; $i++) {
|
661 |
+
$temp = array(
|
662 |
+
$a->bitwise_rightRotate(28),
|
663 |
+
$a->bitwise_rightRotate(34),
|
664 |
+
$a->bitwise_rightRotate(39)
|
665 |
+
);
|
666 |
+
$s0 = $temp[0]->bitwise_xor($temp[1]);
|
667 |
+
$s0 = $s0->bitwise_xor($temp[2]);
|
668 |
+
$temp = array(
|
669 |
+
$a->bitwise_and($b),
|
670 |
+
$a->bitwise_and($c),
|
671 |
+
$b->bitwise_and($c)
|
672 |
+
);
|
673 |
+
$maj = $temp[0]->bitwise_xor($temp[1]);
|
674 |
+
$maj = $maj->bitwise_xor($temp[2]);
|
675 |
+
$t2 = $s0->add($maj);
|
676 |
+
|
677 |
+
$temp = array(
|
678 |
+
$e->bitwise_rightRotate(14),
|
679 |
+
$e->bitwise_rightRotate(18),
|
680 |
+
$e->bitwise_rightRotate(41)
|
681 |
+
);
|
682 |
+
$s1 = $temp[0]->bitwise_xor($temp[1]);
|
683 |
+
$s1 = $s1->bitwise_xor($temp[2]);
|
684 |
+
$temp = array(
|
685 |
+
$e->bitwise_and($f),
|
686 |
+
$g->bitwise_and($e->bitwise_not())
|
687 |
+
);
|
688 |
+
$ch = $temp[0]->bitwise_xor($temp[1]);
|
689 |
+
$t1 = $h->add($s1);
|
690 |
+
$t1 = $t1->add($ch);
|
691 |
+
$t1 = $t1->add($k[$i]);
|
692 |
+
$t1 = $t1->add($w[$i]);
|
693 |
+
|
694 |
+
$h = $g->copy();
|
695 |
+
$g = $f->copy();
|
696 |
+
$f = $e->copy();
|
697 |
+
$e = $d->add($t1);
|
698 |
+
$d = $c->copy();
|
699 |
+
$c = $b->copy();
|
700 |
+
$b = $a->copy();
|
701 |
+
$a = $t1->add($t2);
|
702 |
+
}
|
703 |
+
|
704 |
+
// Add this chunk's hash to result so far
|
705 |
+
$hash = array(
|
706 |
+
$hash[0]->add($a),
|
707 |
+
$hash[1]->add($b),
|
708 |
+
$hash[2]->add($c),
|
709 |
+
$hash[3]->add($d),
|
710 |
+
$hash[4]->add($e),
|
711 |
+
$hash[5]->add($f),
|
712 |
+
$hash[6]->add($g),
|
713 |
+
$hash[7]->add($h)
|
714 |
+
);
|
715 |
+
}
|
716 |
+
|
717 |
+
// Produce the final hash value (big-endian)
|
718 |
+
// (Crypt_Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here)
|
719 |
+
$temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() .
|
720 |
+
$hash[4]->toBytes() . $hash[5]->toBytes();
|
721 |
+
if ($this->l != 48) {
|
722 |
+
$temp.= $hash[6]->toBytes() . $hash[7]->toBytes();
|
723 |
+
}
|
724 |
+
|
725 |
+
return $temp;
|
726 |
+
}
|
727 |
+
|
728 |
+
/**
|
729 |
+
* Right Rotate
|
730 |
+
*
|
731 |
+
* @access private
|
732 |
+
* @param Integer $int
|
733 |
+
* @param Integer $amt
|
734 |
+
* @see _sha256()
|
735 |
+
* @return Integer
|
736 |
+
*/
|
737 |
+
function _rightRotate($int, $amt)
|
738 |
+
{
|
739 |
+
$invamt = 32 - $amt;
|
740 |
+
$mask = (1 << $invamt) - 1;
|
741 |
+
return (($int << $invamt) & 0xFFFFFFFF) | (($int >> $amt) & $mask);
|
742 |
+
}
|
743 |
+
|
744 |
+
/**
|
745 |
+
* Right Shift
|
746 |
+
*
|
747 |
+
* @access private
|
748 |
+
* @param Integer $int
|
749 |
+
* @param Integer $amt
|
750 |
+
* @see _sha256()
|
751 |
+
* @return Integer
|
752 |
+
*/
|
753 |
+
function _rightShift($int, $amt)
|
754 |
+
{
|
755 |
+
$mask = (1 << (32 - $amt)) - 1;
|
756 |
+
return ($int >> $amt) & $mask;
|
757 |
+
}
|
758 |
+
|
759 |
+
/**
|
760 |
+
* Not
|
761 |
+
*
|
762 |
+
* @access private
|
763 |
+
* @param Integer $int
|
764 |
+
* @see _sha256()
|
765 |
+
* @return Integer
|
766 |
+
*/
|
767 |
+
function _not($int)
|
768 |
+
{
|
769 |
+
return ~$int & 0xFFFFFFFF;
|
770 |
+
}
|
771 |
+
|
772 |
+
/**
|
773 |
+
* Add
|
774 |
+
*
|
775 |
+
* _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the
|
776 |
+
* possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster.
|
777 |
+
*
|
778 |
+
* @param String $string
|
779 |
+
* @param optional Integer $index
|
780 |
+
* @return String
|
781 |
+
* @see _sha256()
|
782 |
+
* @access private
|
783 |
+
*/
|
784 |
+
function _add()
|
785 |
+
{
|
786 |
+
static $mod;
|
787 |
+
if (!isset($mod)) {
|
788 |
+
$mod = pow(2, 32);
|
789 |
+
}
|
790 |
+
|
791 |
+
$result = 0;
|
792 |
+
$arguments = func_get_args();
|
793 |
+
foreach ($arguments as $argument) {
|
794 |
+
$result+= $argument < 0 ? ($argument & 0x7FFFFFFF) + 0x80000000 : $argument;
|
795 |
+
}
|
796 |
+
|
797 |
+
return fmod($result, $mod);
|
798 |
+
}
|
799 |
+
|
800 |
+
/**
|
801 |
+
* String Shift
|
802 |
+
*
|
803 |
+
* Inspired by array_shift
|
804 |
+
*
|
805 |
+
* @param String $string
|
806 |
+
* @param optional Integer $index
|
807 |
+
* @return String
|
808 |
+
* @access private
|
809 |
+
*/
|
810 |
+
function _string_shift(&$string, $index = 1)
|
811 |
+
{
|
812 |
+
$substr = substr($string, 0, $index);
|
813 |
+
$string = substr($string, $index);
|
814 |
+
return $substr;
|
815 |
+
}
|
816 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/RC4.php
CHANGED
@@ -1,493 +1,493 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of RC4.
|
6 |
-
*
|
7 |
-
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
8 |
-
*
|
9 |
-
* PHP versions 4 and 5
|
10 |
-
*
|
11 |
-
* Useful resources are as follows:
|
12 |
-
*
|
13 |
-
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
|
14 |
-
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
|
15 |
-
*
|
16 |
-
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
|
17 |
-
* ARCFOUR or ARC4 because RC4 is how it is refered to in the SSH1 specification.
|
18 |
-
*
|
19 |
-
* Here's a short example of how to use this library:
|
20 |
-
* <code>
|
21 |
-
* <?php
|
22 |
-
* include('Crypt/RC4.php');
|
23 |
-
*
|
24 |
-
* $rc4 = new Crypt_RC4();
|
25 |
-
*
|
26 |
-
* $rc4->setKey('abcdefgh');
|
27 |
-
*
|
28 |
-
* $size = 10 * 1024;
|
29 |
-
* $plaintext = '';
|
30 |
-
* for ($i = 0; $i < $size; $i++) {
|
31 |
-
* $plaintext.= 'a';
|
32 |
-
* }
|
33 |
-
*
|
34 |
-
* echo $rc4->decrypt($rc4->encrypt($plaintext));
|
35 |
-
* ?>
|
36 |
-
* </code>
|
37 |
-
*
|
38 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
39 |
-
* modify it under the terms of the GNU Lesser General Public
|
40 |
-
* License as published by the Free Software Foundation; either
|
41 |
-
* version 2.1 of the License, or (at your option) any later version.
|
42 |
-
*
|
43 |
-
* This library is distributed in the hope that it will be useful,
|
44 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
45 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
46 |
-
* Lesser General Public License for more details.
|
47 |
-
*
|
48 |
-
* You should have received a copy of the GNU Lesser General Public
|
49 |
-
* License along with this library; if not, write to the Free Software
|
50 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
51 |
-
* MA 02111-1307 USA
|
52 |
-
*
|
53 |
-
* @category Crypt
|
54 |
-
* @package Crypt_RC4
|
55 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
56 |
-
* @copyright MMVII Jim Wigginton
|
57 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
58 |
-
* @version $Id: RC4.php,v 1.8 2009/06/09 04:00:38 terrafrost Exp $
|
59 |
-
* @link http://phpseclib.sourceforge.net
|
60 |
-
*/
|
61 |
-
|
62 |
-
/**#@+
|
63 |
-
* @access private
|
64 |
-
* @see Crypt_RC4::Crypt_RC4()
|
65 |
-
*/
|
66 |
-
/**
|
67 |
-
* Toggles the internal implementation
|
68 |
-
*/
|
69 |
-
define('CRYPT_RC4_MODE_INTERNAL', 1);
|
70 |
-
/**
|
71 |
-
* Toggles the mcrypt implementation
|
72 |
-
*/
|
73 |
-
define('CRYPT_RC4_MODE_MCRYPT', 2);
|
74 |
-
/**#@-*/
|
75 |
-
|
76 |
-
/**#@+
|
77 |
-
* @access private
|
78 |
-
* @see Crypt_RC4::_crypt()
|
79 |
-
*/
|
80 |
-
define('CRYPT_RC4_ENCRYPT', 0);
|
81 |
-
define('CRYPT_RC4_DECRYPT', 1);
|
82 |
-
/**#@-*/
|
83 |
-
|
84 |
-
/**
|
85 |
-
* Pure-PHP implementation of RC4.
|
86 |
-
*
|
87 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
88 |
-
* @version 0.1.0
|
89 |
-
* @access public
|
90 |
-
* @package Crypt_RC4
|
91 |
-
*/
|
92 |
-
class Crypt_RC4 {
|
93 |
-
/**
|
94 |
-
* The Key
|
95 |
-
*
|
96 |
-
* @see Crypt_RC4::setKey()
|
97 |
-
* @var String
|
98 |
-
* @access private
|
99 |
-
*/
|
100 |
-
var $key = "\0";
|
101 |
-
|
102 |
-
/**
|
103 |
-
* The Key Stream for encryption
|
104 |
-
*
|
105 |
-
* If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object
|
106 |
-
*
|
107 |
-
* @see Crypt_RC4::setKey()
|
108 |
-
* @var Array
|
109 |
-
* @access private
|
110 |
-
*/
|
111 |
-
var $encryptStream = false;
|
112 |
-
|
113 |
-
/**
|
114 |
-
* The Key Stream for decryption
|
115 |
-
*
|
116 |
-
* If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object
|
117 |
-
*
|
118 |
-
* @see Crypt_RC4::setKey()
|
119 |
-
* @var Array
|
120 |
-
* @access private
|
121 |
-
*/
|
122 |
-
var $decryptStream = false;
|
123 |
-
|
124 |
-
/**
|
125 |
-
* The $i and $j indexes for encryption
|
126 |
-
*
|
127 |
-
* @see Crypt_RC4::_crypt()
|
128 |
-
* @var Integer
|
129 |
-
* @access private
|
130 |
-
*/
|
131 |
-
var $encryptIndex = 0;
|
132 |
-
|
133 |
-
/**
|
134 |
-
* The $i and $j indexes for decryption
|
135 |
-
*
|
136 |
-
* @see Crypt_RC4::_crypt()
|
137 |
-
* @var Integer
|
138 |
-
* @access private
|
139 |
-
*/
|
140 |
-
var $decryptIndex = 0;
|
141 |
-
|
142 |
-
/**
|
143 |
-
* MCrypt parameters
|
144 |
-
*
|
145 |
-
* @see Crypt_RC4::setMCrypt()
|
146 |
-
* @var Array
|
147 |
-
* @access private
|
148 |
-
*/
|
149 |
-
var $mcrypt = array('', '');
|
150 |
-
|
151 |
-
/**
|
152 |
-
* The Encryption Algorithm
|
153 |
-
*
|
154 |
-
* Only used if CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT. Only possible values are MCRYPT_RC4 or MCRYPT_ARCFOUR.
|
155 |
-
*
|
156 |
-
* @see Crypt_RC4::Crypt_RC4()
|
157 |
-
* @var Integer
|
158 |
-
* @access private
|
159 |
-
*/
|
160 |
-
var $mode;
|
161 |
-
|
162 |
-
/**
|
163 |
-
* Default Constructor.
|
164 |
-
*
|
165 |
-
* Determines whether or not the mcrypt extension should be used.
|
166 |
-
*
|
167 |
-
* @param optional Integer $mode
|
168 |
-
* @return Crypt_RC4
|
169 |
-
* @access public
|
170 |
-
*/
|
171 |
-
function Crypt_RC4()
|
172 |
-
{
|
173 |
-
if ( !defined('CRYPT_RC4_MODE') ) {
|
174 |
-
switch (true) {
|
175 |
-
case extension_loaded('mcrypt') && (defined('MCRYPT_ARCFOUR') || defined('MCRYPT_RC4')):
|
176 |
-
// i'd check to see if rc4 was supported, by doing in_array('arcfour', mcrypt_list_algorithms('')),
|
177 |
-
// but since that can be changed after the object has been created, there doesn't seem to be
|
178 |
-
// a lot of point...
|
179 |
-
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_MCRYPT);
|
180 |
-
break;
|
181 |
-
default:
|
182 |
-
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_INTERNAL);
|
183 |
-
}
|
184 |
-
}
|
185 |
-
|
186 |
-
switch ( CRYPT_RC4_MODE ) {
|
187 |
-
case CRYPT_RC4_MODE_MCRYPT:
|
188 |
-
switch (true) {
|
189 |
-
case defined('MCRYPT_ARCFOUR'):
|
190 |
-
$this->mode = MCRYPT_ARCFOUR;
|
191 |
-
break;
|
192 |
-
case defined('MCRYPT_RC4');
|
193 |
-
$this->mode = MCRYPT_RC4;
|
194 |
-
}
|
195 |
-
}
|
196 |
-
}
|
197 |
-
|
198 |
-
/**
|
199 |
-
* Sets the key.
|
200 |
-
*
|
201 |
-
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
|
202 |
-
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
|
203 |
-
*
|
204 |
-
* @access public
|
205 |
-
* @param String $key
|
206 |
-
*/
|
207 |
-
function setKey($key)
|
208 |
-
{
|
209 |
-
$this->key = $key;
|
210 |
-
|
211 |
-
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
212 |
-
return;
|
213 |
-
}
|
214 |
-
|
215 |
-
$keyLength = strlen($key);
|
216 |
-
$keyStream = array();
|
217 |
-
for ($i = 0; $i < 256; $i++) {
|
218 |
-
$keyStream[$i] = $i;
|
219 |
-
}
|
220 |
-
$j = 0;
|
221 |
-
for ($i = 0; $i < 256; $i++) {
|
222 |
-
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
|
223 |
-
$temp = $keyStream[$i];
|
224 |
-
$keyStream[$i] = $keyStream[$j];
|
225 |
-
$keyStream[$j] = $temp;
|
226 |
-
}
|
227 |
-
|
228 |
-
$this->encryptIndex = $this->decryptIndex = array(0, 0);
|
229 |
-
$this->encryptStream = $this->decryptStream = $keyStream;
|
230 |
-
}
|
231 |
-
|
232 |
-
/**
|
233 |
-
* Dummy function.
|
234 |
-
*
|
235 |
-
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
236 |
-
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
237 |
-
* calling setKey().
|
238 |
-
*
|
239 |
-
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
240 |
-
* the IV's are relatively easy to predict, an attack described by
|
241 |
-
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
242 |
-
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
243 |
-
*
|
244 |
-
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
245 |
-
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
246 |
-
*
|
247 |
-
* @param String $iv
|
248 |
-
* @see Crypt_RC4::setKey()
|
249 |
-
* @access public
|
250 |
-
*/
|
251 |
-
function setIV($iv)
|
252 |
-
{
|
253 |
-
}
|
254 |
-
|
255 |
-
/**
|
256 |
-
* Sets MCrypt parameters. (optional)
|
257 |
-
*
|
258 |
-
* If MCrypt is being used, empty strings will be used, unless otherwise specified.
|
259 |
-
*
|
260 |
-
* @link http://php.net/function.mcrypt-module-open#function.mcrypt-module-open
|
261 |
-
* @access public
|
262 |
-
* @param optional Integer $algorithm_directory
|
263 |
-
* @param optional Integer $mode_directory
|
264 |
-
*/
|
265 |
-
function setMCrypt($algorithm_directory = '', $mode_directory = '')
|
266 |
-
{
|
267 |
-
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
268 |
-
$this->mcrypt = array($algorithm_directory, $mode_directory);
|
269 |
-
$this->_closeMCrypt();
|
270 |
-
}
|
271 |
-
}
|
272 |
-
|
273 |
-
/**
|
274 |
-
* Encrypts a message.
|
275 |
-
*
|
276 |
-
* @see Crypt_RC4::_crypt()
|
277 |
-
* @access public
|
278 |
-
* @param String $plaintext
|
279 |
-
*/
|
280 |
-
function encrypt($plaintext)
|
281 |
-
{
|
282 |
-
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
|
283 |
-
}
|
284 |
-
|
285 |
-
/**
|
286 |
-
* Decrypts a message.
|
287 |
-
*
|
288 |
-
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
|
289 |
-
* Atleast if the continuous buffer is disabled.
|
290 |
-
*
|
291 |
-
* @see Crypt_RC4::_crypt()
|
292 |
-
* @access public
|
293 |
-
* @param String $ciphertext
|
294 |
-
*/
|
295 |
-
function decrypt($ciphertext)
|
296 |
-
{
|
297 |
-
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
|
298 |
-
}
|
299 |
-
|
300 |
-
/**
|
301 |
-
* Encrypts or decrypts a message.
|
302 |
-
*
|
303 |
-
* @see Crypt_RC4::encrypt()
|
304 |
-
* @see Crypt_RC4::decrypt()
|
305 |
-
* @access private
|
306 |
-
* @param String $text
|
307 |
-
* @param Integer $mode
|
308 |
-
*/
|
309 |
-
function _crypt($text, $mode)
|
310 |
-
{
|
311 |
-
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
312 |
-
$keyStream = $mode == CRYPT_RC4_ENCRYPT ? 'encryptStream' : 'decryptStream';
|
313 |
-
|
314 |
-
if ($this->$keyStream === false) {
|
315 |
-
$this->$keyStream = mcrypt_module_open($this->mode, $this->mcrypt[0], MCRYPT_MODE_STREAM, $this->mcrypt[1]);
|
316 |
-
mcrypt_generic_init($this->$keyStream, $this->key, '');
|
317 |
-
} else if (!$this->continuousBuffer) {
|
318 |
-
mcrypt_generic_init($this->$keyStream, $this->key, '');
|
319 |
-
}
|
320 |
-
$newText = mcrypt_generic($this->$keyStream, $text);
|
321 |
-
if (!$this->continuousBuffer) {
|
322 |
-
mcrypt_generic_deinit($this->$keyStream);
|
323 |
-
}
|
324 |
-
|
325 |
-
return $newText;
|
326 |
-
}
|
327 |
-
|
328 |
-
if ($this->encryptStream === false) {
|
329 |
-
$this->setKey($this->key);
|
330 |
-
}
|
331 |
-
|
332 |
-
switch ($mode) {
|
333 |
-
case CRYPT_RC4_ENCRYPT:
|
334 |
-
$keyStream = $this->encryptStream;
|
335 |
-
list($i, $j) = $this->encryptIndex;
|
336 |
-
break;
|
337 |
-
case CRYPT_RC4_DECRYPT:
|
338 |
-
$keyStream = $this->decryptStream;
|
339 |
-
list($i, $j) = $this->decryptIndex;
|
340 |
-
}
|
341 |
-
|
342 |
-
$newText = '';
|
343 |
-
for ($k = 0; $k < strlen($text); $k++) {
|
344 |
-
$i = ($i + 1) & 255;
|
345 |
-
$j = ($j + $keyStream[$i]) & 255;
|
346 |
-
$temp = $keyStream[$i];
|
347 |
-
$keyStream[$i] = $keyStream[$j];
|
348 |
-
$keyStream[$j] = $temp;
|
349 |
-
$temp = $keyStream[($keyStream[$i] + $keyStream[$j]) & 255];
|
350 |
-
$newText.= chr(ord($text[$k]) ^ $temp);
|
351 |
-
}
|
352 |
-
|
353 |
-
if ($this->continuousBuffer) {
|
354 |
-
switch ($mode) {
|
355 |
-
case CRYPT_RC4_ENCRYPT:
|
356 |
-
$this->encryptStream = $keyStream;
|
357 |
-
$this->encryptIndex = array($i, $j);
|
358 |
-
break;
|
359 |
-
case CRYPT_RC4_DECRYPT:
|
360 |
-
$this->decryptStream = $keyStream;
|
361 |
-
$this->decryptIndex = array($i, $j);
|
362 |
-
}
|
363 |
-
}
|
364 |
-
|
365 |
-
return $newText;
|
366 |
-
}
|
367 |
-
|
368 |
-
/**
|
369 |
-
* Treat consecutive "packets" as if they are a continuous buffer.
|
370 |
-
*
|
371 |
-
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
372 |
-
* will yield different outputs:
|
373 |
-
*
|
374 |
-
* <code>
|
375 |
-
* echo $rc4->encrypt(substr($plaintext, 0, 8));
|
376 |
-
* echo $rc4->encrypt(substr($plaintext, 8, 8));
|
377 |
-
* </code>
|
378 |
-
* <code>
|
379 |
-
* echo $rc4->encrypt($plaintext);
|
380 |
-
* </code>
|
381 |
-
*
|
382 |
-
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
383 |
-
* another, as demonstrated with the following:
|
384 |
-
*
|
385 |
-
* <code>
|
386 |
-
* $rc4->encrypt(substr($plaintext, 0, 8));
|
387 |
-
* echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
388 |
-
* </code>
|
389 |
-
* <code>
|
390 |
-
* echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
391 |
-
* </code>
|
392 |
-
*
|
393 |
-
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
394 |
-
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
395 |
-
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
396 |
-
*
|
397 |
-
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
398 |
-
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
399 |
-
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
400 |
-
* however, they are also less intuitive and more likely to cause you problems.
|
401 |
-
*
|
402 |
-
* @see Crypt_RC4::disableContinuousBuffer()
|
403 |
-
* @access public
|
404 |
-
*/
|
405 |
-
function enableContinuousBuffer()
|
406 |
-
{
|
407 |
-
$this->continuousBuffer = true;
|
408 |
-
}
|
409 |
-
|
410 |
-
/**
|
411 |
-
* Treat consecutive packets as if they are a discontinuous buffer.
|
412 |
-
*
|
413 |
-
* The default behavior.
|
414 |
-
*
|
415 |
-
* @see Crypt_RC4::enableContinuousBuffer()
|
416 |
-
* @access public
|
417 |
-
*/
|
418 |
-
function disableContinuousBuffer()
|
419 |
-
{
|
420 |
-
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_INTERNAL ) {
|
421 |
-
$this->encryptIndex = $this->decryptIndex = array(0, 0);
|
422 |
-
$this->setKey($this->key);
|
423 |
-
}
|
424 |
-
|
425 |
-
$this->continuousBuffer = false;
|
426 |
-
}
|
427 |
-
|
428 |
-
/**
|
429 |
-
* Dummy function.
|
430 |
-
*
|
431 |
-
* Since RC4 is a stream cipher and not a block cipher, no padding is necessary. The only reason this function is
|
432 |
-
* included is so that you can switch between a block cipher and a stream cipher transparently.
|
433 |
-
*
|
434 |
-
* @see Crypt_RC4::disablePadding()
|
435 |
-
* @access public
|
436 |
-
*/
|
437 |
-
function enablePadding()
|
438 |
-
{
|
439 |
-
}
|
440 |
-
|
441 |
-
/**
|
442 |
-
* Dummy function.
|
443 |
-
*
|
444 |
-
* @see Crypt_RC4::enablePadding()
|
445 |
-
* @access public
|
446 |
-
*/
|
447 |
-
function disablePadding()
|
448 |
-
{
|
449 |
-
}
|
450 |
-
|
451 |
-
/**
|
452 |
-
* Class destructor.
|
453 |
-
*
|
454 |
-
* Will be called, automatically, if you're using PHP5. If you're using PHP4, call it yourself. Only really
|
455 |
-
* needs to be called if mcrypt is being used.
|
456 |
-
*
|
457 |
-
* @access public
|
458 |
-
*/
|
459 |
-
function __destruct()
|
460 |
-
{
|
461 |
-
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
462 |
-
$this->_closeMCrypt();
|
463 |
-
}
|
464 |
-
}
|
465 |
-
|
466 |
-
/**
|
467 |
-
* Properly close the MCrypt objects.
|
468 |
-
*
|
469 |
-
* @access prviate
|
470 |
-
*/
|
471 |
-
function _closeMCrypt()
|
472 |
-
{
|
473 |
-
if ( $this->encryptStream !== false ) {
|
474 |
-
if ( $this->continuousBuffer ) {
|
475 |
-
mcrypt_generic_deinit($this->encryptStream);
|
476 |
-
}
|
477 |
-
|
478 |
-
mcrypt_module_close($this->encryptStream);
|
479 |
-
|
480 |
-
$this->encryptStream = false;
|
481 |
-
}
|
482 |
-
|
483 |
-
if ( $this->decryptStream !== false ) {
|
484 |
-
if ( $this->continuousBuffer ) {
|
485 |
-
mcrypt_generic_deinit($this->decryptStream);
|
486 |
-
}
|
487 |
-
|
488 |
-
mcrypt_module_close($this->decryptStream);
|
489 |
-
|
490 |
-
$this->decryptStream = false;
|
491 |
-
}
|
492 |
-
}
|
493 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of RC4.
|
6 |
+
*
|
7 |
+
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
8 |
+
*
|
9 |
+
* PHP versions 4 and 5
|
10 |
+
*
|
11 |
+
* Useful resources are as follows:
|
12 |
+
*
|
13 |
+
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
|
14 |
+
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
|
15 |
+
*
|
16 |
+
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
|
17 |
+
* ARCFOUR or ARC4 because RC4 is how it is refered to in the SSH1 specification.
|
18 |
+
*
|
19 |
+
* Here's a short example of how to use this library:
|
20 |
+
* <code>
|
21 |
+
* <?php
|
22 |
+
* include('Crypt/RC4.php');
|
23 |
+
*
|
24 |
+
* $rc4 = new Crypt_RC4();
|
25 |
+
*
|
26 |
+
* $rc4->setKey('abcdefgh');
|
27 |
+
*
|
28 |
+
* $size = 10 * 1024;
|
29 |
+
* $plaintext = '';
|
30 |
+
* for ($i = 0; $i < $size; $i++) {
|
31 |
+
* $plaintext.= 'a';
|
32 |
+
* }
|
33 |
+
*
|
34 |
+
* echo $rc4->decrypt($rc4->encrypt($plaintext));
|
35 |
+
* ?>
|
36 |
+
* </code>
|
37 |
+
*
|
38 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
39 |
+
* modify it under the terms of the GNU Lesser General Public
|
40 |
+
* License as published by the Free Software Foundation; either
|
41 |
+
* version 2.1 of the License, or (at your option) any later version.
|
42 |
+
*
|
43 |
+
* This library is distributed in the hope that it will be useful,
|
44 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
45 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
46 |
+
* Lesser General Public License for more details.
|
47 |
+
*
|
48 |
+
* You should have received a copy of the GNU Lesser General Public
|
49 |
+
* License along with this library; if not, write to the Free Software
|
50 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
51 |
+
* MA 02111-1307 USA
|
52 |
+
*
|
53 |
+
* @category Crypt
|
54 |
+
* @package Crypt_RC4
|
55 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
56 |
+
* @copyright MMVII Jim Wigginton
|
57 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
58 |
+
* @version $Id: RC4.php,v 1.8 2009/06/09 04:00:38 terrafrost Exp $
|
59 |
+
* @link http://phpseclib.sourceforge.net
|
60 |
+
*/
|
61 |
+
|
62 |
+
/**#@+
|
63 |
+
* @access private
|
64 |
+
* @see Crypt_RC4::Crypt_RC4()
|
65 |
+
*/
|
66 |
+
/**
|
67 |
+
* Toggles the internal implementation
|
68 |
+
*/
|
69 |
+
define('CRYPT_RC4_MODE_INTERNAL', 1);
|
70 |
+
/**
|
71 |
+
* Toggles the mcrypt implementation
|
72 |
+
*/
|
73 |
+
define('CRYPT_RC4_MODE_MCRYPT', 2);
|
74 |
+
/**#@-*/
|
75 |
+
|
76 |
+
/**#@+
|
77 |
+
* @access private
|
78 |
+
* @see Crypt_RC4::_crypt()
|
79 |
+
*/
|
80 |
+
define('CRYPT_RC4_ENCRYPT', 0);
|
81 |
+
define('CRYPT_RC4_DECRYPT', 1);
|
82 |
+
/**#@-*/
|
83 |
+
|
84 |
+
/**
|
85 |
+
* Pure-PHP implementation of RC4.
|
86 |
+
*
|
87 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
88 |
+
* @version 0.1.0
|
89 |
+
* @access public
|
90 |
+
* @package Crypt_RC4
|
91 |
+
*/
|
92 |
+
class Crypt_RC4 {
|
93 |
+
/**
|
94 |
+
* The Key
|
95 |
+
*
|
96 |
+
* @see Crypt_RC4::setKey()
|
97 |
+
* @var String
|
98 |
+
* @access private
|
99 |
+
*/
|
100 |
+
var $key = "\0";
|
101 |
+
|
102 |
+
/**
|
103 |
+
* The Key Stream for encryption
|
104 |
+
*
|
105 |
+
* If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object
|
106 |
+
*
|
107 |
+
* @see Crypt_RC4::setKey()
|
108 |
+
* @var Array
|
109 |
+
* @access private
|
110 |
+
*/
|
111 |
+
var $encryptStream = false;
|
112 |
+
|
113 |
+
/**
|
114 |
+
* The Key Stream for decryption
|
115 |
+
*
|
116 |
+
* If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object
|
117 |
+
*
|
118 |
+
* @see Crypt_RC4::setKey()
|
119 |
+
* @var Array
|
120 |
+
* @access private
|
121 |
+
*/
|
122 |
+
var $decryptStream = false;
|
123 |
+
|
124 |
+
/**
|
125 |
+
* The $i and $j indexes for encryption
|
126 |
+
*
|
127 |
+
* @see Crypt_RC4::_crypt()
|
128 |
+
* @var Integer
|
129 |
+
* @access private
|
130 |
+
*/
|
131 |
+
var $encryptIndex = 0;
|
132 |
+
|
133 |
+
/**
|
134 |
+
* The $i and $j indexes for decryption
|
135 |
+
*
|
136 |
+
* @see Crypt_RC4::_crypt()
|
137 |
+
* @var Integer
|
138 |
+
* @access private
|
139 |
+
*/
|
140 |
+
var $decryptIndex = 0;
|
141 |
+
|
142 |
+
/**
|
143 |
+
* MCrypt parameters
|
144 |
+
*
|
145 |
+
* @see Crypt_RC4::setMCrypt()
|
146 |
+
* @var Array
|
147 |
+
* @access private
|
148 |
+
*/
|
149 |
+
var $mcrypt = array('', '');
|
150 |
+
|
151 |
+
/**
|
152 |
+
* The Encryption Algorithm
|
153 |
+
*
|
154 |
+
* Only used if CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT. Only possible values are MCRYPT_RC4 or MCRYPT_ARCFOUR.
|
155 |
+
*
|
156 |
+
* @see Crypt_RC4::Crypt_RC4()
|
157 |
+
* @var Integer
|
158 |
+
* @access private
|
159 |
+
*/
|
160 |
+
var $mode;
|
161 |
+
|
162 |
+
/**
|
163 |
+
* Default Constructor.
|
164 |
+
*
|
165 |
+
* Determines whether or not the mcrypt extension should be used.
|
166 |
+
*
|
167 |
+
* @param optional Integer $mode
|
168 |
+
* @return Crypt_RC4
|
169 |
+
* @access public
|
170 |
+
*/
|
171 |
+
function Crypt_RC4()
|
172 |
+
{
|
173 |
+
if ( !defined('CRYPT_RC4_MODE') ) {
|
174 |
+
switch (true) {
|
175 |
+
case extension_loaded('mcrypt') && (defined('MCRYPT_ARCFOUR') || defined('MCRYPT_RC4')):
|
176 |
+
// i'd check to see if rc4 was supported, by doing in_array('arcfour', mcrypt_list_algorithms('')),
|
177 |
+
// but since that can be changed after the object has been created, there doesn't seem to be
|
178 |
+
// a lot of point...
|
179 |
+
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_MCRYPT);
|
180 |
+
break;
|
181 |
+
default:
|
182 |
+
define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_INTERNAL);
|
183 |
+
}
|
184 |
+
}
|
185 |
+
|
186 |
+
switch ( CRYPT_RC4_MODE ) {
|
187 |
+
case CRYPT_RC4_MODE_MCRYPT:
|
188 |
+
switch (true) {
|
189 |
+
case defined('MCRYPT_ARCFOUR'):
|
190 |
+
$this->mode = MCRYPT_ARCFOUR;
|
191 |
+
break;
|
192 |
+
case defined('MCRYPT_RC4');
|
193 |
+
$this->mode = MCRYPT_RC4;
|
194 |
+
}
|
195 |
+
}
|
196 |
+
}
|
197 |
+
|
198 |
+
/**
|
199 |
+
* Sets the key.
|
200 |
+
*
|
201 |
+
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
|
202 |
+
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
|
203 |
+
*
|
204 |
+
* @access public
|
205 |
+
* @param String $key
|
206 |
+
*/
|
207 |
+
function setKey($key)
|
208 |
+
{
|
209 |
+
$this->key = $key;
|
210 |
+
|
211 |
+
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
212 |
+
return;
|
213 |
+
}
|
214 |
+
|
215 |
+
$keyLength = strlen($key);
|
216 |
+
$keyStream = array();
|
217 |
+
for ($i = 0; $i < 256; $i++) {
|
218 |
+
$keyStream[$i] = $i;
|
219 |
+
}
|
220 |
+
$j = 0;
|
221 |
+
for ($i = 0; $i < 256; $i++) {
|
222 |
+
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
|
223 |
+
$temp = $keyStream[$i];
|
224 |
+
$keyStream[$i] = $keyStream[$j];
|
225 |
+
$keyStream[$j] = $temp;
|
226 |
+
}
|
227 |
+
|
228 |
+
$this->encryptIndex = $this->decryptIndex = array(0, 0);
|
229 |
+
$this->encryptStream = $this->decryptStream = $keyStream;
|
230 |
+
}
|
231 |
+
|
232 |
+
/**
|
233 |
+
* Dummy function.
|
234 |
+
*
|
235 |
+
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
236 |
+
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
237 |
+
* calling setKey().
|
238 |
+
*
|
239 |
+
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
240 |
+
* the IV's are relatively easy to predict, an attack described by
|
241 |
+
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
242 |
+
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
243 |
+
*
|
244 |
+
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
245 |
+
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
246 |
+
*
|
247 |
+
* @param String $iv
|
248 |
+
* @see Crypt_RC4::setKey()
|
249 |
+
* @access public
|
250 |
+
*/
|
251 |
+
function setIV($iv)
|
252 |
+
{
|
253 |
+
}
|
254 |
+
|
255 |
+
/**
|
256 |
+
* Sets MCrypt parameters. (optional)
|
257 |
+
*
|
258 |
+
* If MCrypt is being used, empty strings will be used, unless otherwise specified.
|
259 |
+
*
|
260 |
+
* @link http://php.net/function.mcrypt-module-open#function.mcrypt-module-open
|
261 |
+
* @access public
|
262 |
+
* @param optional Integer $algorithm_directory
|
263 |
+
* @param optional Integer $mode_directory
|
264 |
+
*/
|
265 |
+
function setMCrypt($algorithm_directory = '', $mode_directory = '')
|
266 |
+
{
|
267 |
+
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
268 |
+
$this->mcrypt = array($algorithm_directory, $mode_directory);
|
269 |
+
$this->_closeMCrypt();
|
270 |
+
}
|
271 |
+
}
|
272 |
+
|
273 |
+
/**
|
274 |
+
* Encrypts a message.
|
275 |
+
*
|
276 |
+
* @see Crypt_RC4::_crypt()
|
277 |
+
* @access public
|
278 |
+
* @param String $plaintext
|
279 |
+
*/
|
280 |
+
function encrypt($plaintext)
|
281 |
+
{
|
282 |
+
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
|
283 |
+
}
|
284 |
+
|
285 |
+
/**
|
286 |
+
* Decrypts a message.
|
287 |
+
*
|
288 |
+
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
|
289 |
+
* Atleast if the continuous buffer is disabled.
|
290 |
+
*
|
291 |
+
* @see Crypt_RC4::_crypt()
|
292 |
+
* @access public
|
293 |
+
* @param String $ciphertext
|
294 |
+
*/
|
295 |
+
function decrypt($ciphertext)
|
296 |
+
{
|
297 |
+
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
|
298 |
+
}
|
299 |
+
|
300 |
+
/**
|
301 |
+
* Encrypts or decrypts a message.
|
302 |
+
*
|
303 |
+
* @see Crypt_RC4::encrypt()
|
304 |
+
* @see Crypt_RC4::decrypt()
|
305 |
+
* @access private
|
306 |
+
* @param String $text
|
307 |
+
* @param Integer $mode
|
308 |
+
*/
|
309 |
+
function _crypt($text, $mode)
|
310 |
+
{
|
311 |
+
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
312 |
+
$keyStream = $mode == CRYPT_RC4_ENCRYPT ? 'encryptStream' : 'decryptStream';
|
313 |
+
|
314 |
+
if ($this->$keyStream === false) {
|
315 |
+
$this->$keyStream = mcrypt_module_open($this->mode, $this->mcrypt[0], MCRYPT_MODE_STREAM, $this->mcrypt[1]);
|
316 |
+
mcrypt_generic_init($this->$keyStream, $this->key, '');
|
317 |
+
} else if (!$this->continuousBuffer) {
|
318 |
+
mcrypt_generic_init($this->$keyStream, $this->key, '');
|
319 |
+
}
|
320 |
+
$newText = mcrypt_generic($this->$keyStream, $text);
|
321 |
+
if (!$this->continuousBuffer) {
|
322 |
+
mcrypt_generic_deinit($this->$keyStream);
|
323 |
+
}
|
324 |
+
|
325 |
+
return $newText;
|
326 |
+
}
|
327 |
+
|
328 |
+
if ($this->encryptStream === false) {
|
329 |
+
$this->setKey($this->key);
|
330 |
+
}
|
331 |
+
|
332 |
+
switch ($mode) {
|
333 |
+
case CRYPT_RC4_ENCRYPT:
|
334 |
+
$keyStream = $this->encryptStream;
|
335 |
+
list($i, $j) = $this->encryptIndex;
|
336 |
+
break;
|
337 |
+
case CRYPT_RC4_DECRYPT:
|
338 |
+
$keyStream = $this->decryptStream;
|
339 |
+
list($i, $j) = $this->decryptIndex;
|
340 |
+
}
|
341 |
+
|
342 |
+
$newText = '';
|
343 |
+
for ($k = 0; $k < strlen($text); $k++) {
|
344 |
+
$i = ($i + 1) & 255;
|
345 |
+
$j = ($j + $keyStream[$i]) & 255;
|
346 |
+
$temp = $keyStream[$i];
|
347 |
+
$keyStream[$i] = $keyStream[$j];
|
348 |
+
$keyStream[$j] = $temp;
|
349 |
+
$temp = $keyStream[($keyStream[$i] + $keyStream[$j]) & 255];
|
350 |
+
$newText.= chr(ord($text[$k]) ^ $temp);
|
351 |
+
}
|
352 |
+
|
353 |
+
if ($this->continuousBuffer) {
|
354 |
+
switch ($mode) {
|
355 |
+
case CRYPT_RC4_ENCRYPT:
|
356 |
+
$this->encryptStream = $keyStream;
|
357 |
+
$this->encryptIndex = array($i, $j);
|
358 |
+
break;
|
359 |
+
case CRYPT_RC4_DECRYPT:
|
360 |
+
$this->decryptStream = $keyStream;
|
361 |
+
$this->decryptIndex = array($i, $j);
|
362 |
+
}
|
363 |
+
}
|
364 |
+
|
365 |
+
return $newText;
|
366 |
+
}
|
367 |
+
|
368 |
+
/**
|
369 |
+
* Treat consecutive "packets" as if they are a continuous buffer.
|
370 |
+
*
|
371 |
+
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
372 |
+
* will yield different outputs:
|
373 |
+
*
|
374 |
+
* <code>
|
375 |
+
* echo $rc4->encrypt(substr($plaintext, 0, 8));
|
376 |
+
* echo $rc4->encrypt(substr($plaintext, 8, 8));
|
377 |
+
* </code>
|
378 |
+
* <code>
|
379 |
+
* echo $rc4->encrypt($plaintext);
|
380 |
+
* </code>
|
381 |
+
*
|
382 |
+
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
383 |
+
* another, as demonstrated with the following:
|
384 |
+
*
|
385 |
+
* <code>
|
386 |
+
* $rc4->encrypt(substr($plaintext, 0, 8));
|
387 |
+
* echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
388 |
+
* </code>
|
389 |
+
* <code>
|
390 |
+
* echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
391 |
+
* </code>
|
392 |
+
*
|
393 |
+
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
394 |
+
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
395 |
+
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
396 |
+
*
|
397 |
+
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
398 |
+
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
399 |
+
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
400 |
+
* however, they are also less intuitive and more likely to cause you problems.
|
401 |
+
*
|
402 |
+
* @see Crypt_RC4::disableContinuousBuffer()
|
403 |
+
* @access public
|
404 |
+
*/
|
405 |
+
function enableContinuousBuffer()
|
406 |
+
{
|
407 |
+
$this->continuousBuffer = true;
|
408 |
+
}
|
409 |
+
|
410 |
+
/**
|
411 |
+
* Treat consecutive packets as if they are a discontinuous buffer.
|
412 |
+
*
|
413 |
+
* The default behavior.
|
414 |
+
*
|
415 |
+
* @see Crypt_RC4::enableContinuousBuffer()
|
416 |
+
* @access public
|
417 |
+
*/
|
418 |
+
function disableContinuousBuffer()
|
419 |
+
{
|
420 |
+
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_INTERNAL ) {
|
421 |
+
$this->encryptIndex = $this->decryptIndex = array(0, 0);
|
422 |
+
$this->setKey($this->key);
|
423 |
+
}
|
424 |
+
|
425 |
+
$this->continuousBuffer = false;
|
426 |
+
}
|
427 |
+
|
428 |
+
/**
|
429 |
+
* Dummy function.
|
430 |
+
*
|
431 |
+
* Since RC4 is a stream cipher and not a block cipher, no padding is necessary. The only reason this function is
|
432 |
+
* included is so that you can switch between a block cipher and a stream cipher transparently.
|
433 |
+
*
|
434 |
+
* @see Crypt_RC4::disablePadding()
|
435 |
+
* @access public
|
436 |
+
*/
|
437 |
+
function enablePadding()
|
438 |
+
{
|
439 |
+
}
|
440 |
+
|
441 |
+
/**
|
442 |
+
* Dummy function.
|
443 |
+
*
|
444 |
+
* @see Crypt_RC4::enablePadding()
|
445 |
+
* @access public
|
446 |
+
*/
|
447 |
+
function disablePadding()
|
448 |
+
{
|
449 |
+
}
|
450 |
+
|
451 |
+
/**
|
452 |
+
* Class destructor.
|
453 |
+
*
|
454 |
+
* Will be called, automatically, if you're using PHP5. If you're using PHP4, call it yourself. Only really
|
455 |
+
* needs to be called if mcrypt is being used.
|
456 |
+
*
|
457 |
+
* @access public
|
458 |
+
*/
|
459 |
+
function __destruct()
|
460 |
+
{
|
461 |
+
if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
|
462 |
+
$this->_closeMCrypt();
|
463 |
+
}
|
464 |
+
}
|
465 |
+
|
466 |
+
/**
|
467 |
+
* Properly close the MCrypt objects.
|
468 |
+
*
|
469 |
+
* @access prviate
|
470 |
+
*/
|
471 |
+
function _closeMCrypt()
|
472 |
+
{
|
473 |
+
if ( $this->encryptStream !== false ) {
|
474 |
+
if ( $this->continuousBuffer ) {
|
475 |
+
mcrypt_generic_deinit($this->encryptStream);
|
476 |
+
}
|
477 |
+
|
478 |
+
mcrypt_module_close($this->encryptStream);
|
479 |
+
|
480 |
+
$this->encryptStream = false;
|
481 |
+
}
|
482 |
+
|
483 |
+
if ( $this->decryptStream !== false ) {
|
484 |
+
if ( $this->continuousBuffer ) {
|
485 |
+
mcrypt_generic_deinit($this->decryptStream);
|
486 |
+
}
|
487 |
+
|
488 |
+
mcrypt_module_close($this->decryptStream);
|
489 |
+
|
490 |
+
$this->decryptStream = false;
|
491 |
+
}
|
492 |
+
}
|
493 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/RSA.php
CHANGED
@@ -1,2119 +1,2119 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP PKCS#1 (v2.1) compliant implementation of RSA.
|
6 |
-
*
|
7 |
-
* PHP versions 4 and 5
|
8 |
-
*
|
9 |
-
* Here's an example of how to encrypt and decrypt text with this library:
|
10 |
-
* <code>
|
11 |
-
* <?php
|
12 |
-
* include('Crypt/RSA.php');
|
13 |
-
*
|
14 |
-
* $rsa = new Crypt_RSA();
|
15 |
-
* extract($rsa->createKey());
|
16 |
-
*
|
17 |
-
* $plaintext = 'terrafrost';
|
18 |
-
*
|
19 |
-
* $rsa->loadKey($privatekey);
|
20 |
-
* $ciphertext = $rsa->encrypt($plaintext);
|
21 |
-
*
|
22 |
-
* $rsa->loadKey($publickey);
|
23 |
-
* echo $rsa->decrypt($ciphertext);
|
24 |
-
* ?>
|
25 |
-
* </code>
|
26 |
-
*
|
27 |
-
* Here's an example of how to create signatures and verify signatures with this library:
|
28 |
-
* <code>
|
29 |
-
* <?php
|
30 |
-
* include('Crypt/RSA.php');
|
31 |
-
*
|
32 |
-
* $rsa = new Crypt_RSA();
|
33 |
-
* extract($rsa->createKey());
|
34 |
-
*
|
35 |
-
* $plaintext = 'terrafrost';
|
36 |
-
*
|
37 |
-
* $rsa->loadKey($privatekey);
|
38 |
-
* $signature = $rsa->sign($plaintext);
|
39 |
-
*
|
40 |
-
* $rsa->loadKey($publickey);
|
41 |
-
* echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
|
42 |
-
* ?>
|
43 |
-
* </code>
|
44 |
-
*
|
45 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
46 |
-
* modify it under the terms of the GNU Lesser General Public
|
47 |
-
* License as published by the Free Software Foundation; either
|
48 |
-
* version 2.1 of the License, or (at your option) any later version.
|
49 |
-
*
|
50 |
-
* This library is distributed in the hope that it will be useful,
|
51 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
52 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
53 |
-
* Lesser General Public License for more details.
|
54 |
-
*
|
55 |
-
* You should have received a copy of the GNU Lesser General Public
|
56 |
-
* License along with this library; if not, write to the Free Software
|
57 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
58 |
-
* MA 02111-1307 USA
|
59 |
-
*
|
60 |
-
* @category Crypt
|
61 |
-
* @package Crypt_RSA
|
62 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
63 |
-
* @copyright MMIX Jim Wigginton
|
64 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
65 |
-
* @version $Id: RSA.php,v 1.15 2010/04/10 15:57:02 terrafrost Exp $
|
66 |
-
* @link http://phpseclib.sourceforge.net
|
67 |
-
*/
|
68 |
-
|
69 |
-
/**
|
70 |
-
* Include Math_BigInteger
|
71 |
-
*/
|
72 |
-
require_once('Math/BigInteger.php');
|
73 |
-
|
74 |
-
/**
|
75 |
-
* Include Crypt_Random
|
76 |
-
*/
|
77 |
-
require_once('Crypt/Random.php');
|
78 |
-
|
79 |
-
/**
|
80 |
-
* Include Crypt_Hash
|
81 |
-
*/
|
82 |
-
require_once('Crypt/Hash.php');
|
83 |
-
|
84 |
-
/**#@+
|
85 |
-
* @access public
|
86 |
-
* @see Crypt_RSA::encrypt()
|
87 |
-
* @see Crypt_RSA::decrypt()
|
88 |
-
*/
|
89 |
-
/**
|
90 |
-
* Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding}
|
91 |
-
* (OAEP) for encryption / decryption.
|
92 |
-
*
|
93 |
-
* Uses sha1 by default.
|
94 |
-
*
|
95 |
-
* @see Crypt_RSA::setHash()
|
96 |
-
* @see Crypt_RSA::setMGFHash()
|
97 |
-
*/
|
98 |
-
define('CRYPT_RSA_ENCRYPTION_OAEP', 1);
|
99 |
-
/**
|
100 |
-
* Use PKCS#1 padding.
|
101 |
-
*
|
102 |
-
* Although CRYPT_RSA_ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards
|
103 |
-
* compatability with protocols (like SSH-1) written before OAEP's introduction.
|
104 |
-
*/
|
105 |
-
define('CRYPT_RSA_ENCRYPTION_PKCS1', 2);
|
106 |
-
/**#@-*/
|
107 |
-
|
108 |
-
/**#@+
|
109 |
-
* @access public
|
110 |
-
* @see Crypt_RSA::sign()
|
111 |
-
* @see Crypt_RSA::verify()
|
112 |
-
* @see Crypt_RSA::setHash()
|
113 |
-
*/
|
114 |
-
/**
|
115 |
-
* Use the Probabilistic Signature Scheme for signing
|
116 |
-
*
|
117 |
-
* Uses sha1 by default.
|
118 |
-
*
|
119 |
-
* @see Crypt_RSA::setSaltLength()
|
120 |
-
* @see Crypt_RSA::setMGFHash()
|
121 |
-
*/
|
122 |
-
define('CRYPT_RSA_SIGNATURE_PSS', 1);
|
123 |
-
/**
|
124 |
-
* Use the PKCS#1 scheme by default.
|
125 |
-
*
|
126 |
-
* Although CRYPT_RSA_SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards
|
127 |
-
* compatability with protocols (like SSH-2) written before PSS's introduction.
|
128 |
-
*/
|
129 |
-
define('CRYPT_RSA_SIGNATURE_PKCS1', 2);
|
130 |
-
/**#@-*/
|
131 |
-
|
132 |
-
/**#@+
|
133 |
-
* @access private
|
134 |
-
* @see Crypt_RSA::createKey()
|
135 |
-
*/
|
136 |
-
/**
|
137 |
-
* ASN1 Integer
|
138 |
-
*/
|
139 |
-
define('CRYPT_RSA_ASN1_INTEGER', 2);
|
140 |
-
/**
|
141 |
-
* ASN1 Sequence (with the constucted bit set)
|
142 |
-
*/
|
143 |
-
define('CRYPT_RSA_ASN1_SEQUENCE', 48);
|
144 |
-
/**#@-*/
|
145 |
-
|
146 |
-
/**#@+
|
147 |
-
* @access private
|
148 |
-
* @see Crypt_RSA::Crypt_RSA()
|
149 |
-
*/
|
150 |
-
/**
|
151 |
-
* To use the pure-PHP implementation
|
152 |
-
*/
|
153 |
-
define('CRYPT_RSA_MODE_INTERNAL', 1);
|
154 |
-
/**
|
155 |
-
* To use the OpenSSL library
|
156 |
-
*
|
157 |
-
* (if enabled; otherwise, the internal implementation will be used)
|
158 |
-
*/
|
159 |
-
define('CRYPT_RSA_MODE_OPENSSL', 2);
|
160 |
-
/**#@-*/
|
161 |
-
|
162 |
-
/**#@+
|
163 |
-
* @access public
|
164 |
-
* @see Crypt_RSA::createKey()
|
165 |
-
* @see Crypt_RSA::setPrivateKeyFormat()
|
166 |
-
*/
|
167 |
-
/**
|
168 |
-
* PKCS#1 formatted private key
|
169 |
-
*
|
170 |
-
* Used by OpenSSH
|
171 |
-
*/
|
172 |
-
define('CRYPT_RSA_PRIVATE_FORMAT_PKCS1', 0);
|
173 |
-
/**#@-*/
|
174 |
-
|
175 |
-
/**#@+
|
176 |
-
* @access public
|
177 |
-
* @see Crypt_RSA::createKey()
|
178 |
-
* @see Crypt_RSA::setPublicKeyFormat()
|
179 |
-
*/
|
180 |
-
/**
|
181 |
-
* Raw public key
|
182 |
-
*
|
183 |
-
* An array containing two Math_BigInteger objects.
|
184 |
-
*
|
185 |
-
* The exponent can be indexed with any of the following:
|
186 |
-
*
|
187 |
-
* 0, e, exponent, publicExponent
|
188 |
-
*
|
189 |
-
* The modulus can be indexed with any of the following:
|
190 |
-
*
|
191 |
-
* 1, n, modulo, modulus
|
192 |
-
*/
|
193 |
-
define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 1);
|
194 |
-
/**
|
195 |
-
* PKCS#1 formatted public key
|
196 |
-
*/
|
197 |
-
define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 2);
|
198 |
-
/**
|
199 |
-
* OpenSSH formatted public key
|
200 |
-
*
|
201 |
-
* Place in $HOME/.ssh/authorized_keys
|
202 |
-
*/
|
203 |
-
define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 3);
|
204 |
-
/**#@-*/
|
205 |
-
|
206 |
-
/**
|
207 |
-
* Pure-PHP PKCS#1 compliant implementation of RSA.
|
208 |
-
*
|
209 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
210 |
-
* @version 0.1.0
|
211 |
-
* @access public
|
212 |
-
* @package Crypt_RSA
|
213 |
-
*/
|
214 |
-
class Crypt_RSA {
|
215 |
-
/**
|
216 |
-
* Precomputed Zero
|
217 |
-
*
|
218 |
-
* @var Array
|
219 |
-
* @access private
|
220 |
-
*/
|
221 |
-
var $zero;
|
222 |
-
|
223 |
-
/**
|
224 |
-
* Precomputed One
|
225 |
-
*
|
226 |
-
* @var Array
|
227 |
-
* @access private
|
228 |
-
*/
|
229 |
-
var $one;
|
230 |
-
|
231 |
-
/**
|
232 |
-
* Private Key Format
|
233 |
-
*
|
234 |
-
* @var Integer
|
235 |
-
* @access private
|
236 |
-
*/
|
237 |
-
var $privateKeyFormat = CRYPT_RSA_PRIVATE_FORMAT_PKCS1;
|
238 |
-
|
239 |
-
/**
|
240 |
-
* Public Key Format
|
241 |
-
*
|
242 |
-
* @var Integer
|
243 |
-
* @access public
|
244 |
-
*/
|
245 |
-
var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS1;
|
246 |
-
|
247 |
-
/**
|
248 |
-
* Modulus (ie. n)
|
249 |
-
*
|
250 |
-
* @var Math_BigInteger
|
251 |
-
* @access private
|
252 |
-
*/
|
253 |
-
var $modulus;
|
254 |
-
|
255 |
-
/**
|
256 |
-
* Modulus length
|
257 |
-
*
|
258 |
-
* @var Math_BigInteger
|
259 |
-
* @access private
|
260 |
-
*/
|
261 |
-
var $k;
|
262 |
-
|
263 |
-
/**
|
264 |
-
* Exponent (ie. e or d)
|
265 |
-
*
|
266 |
-
* @var Math_BigInteger
|
267 |
-
* @access private
|
268 |
-
*/
|
269 |
-
var $exponent;
|
270 |
-
|
271 |
-
/**
|
272 |
-
* Primes for Chinese Remainder Theorem (ie. p and q)
|
273 |
-
*
|
274 |
-
* @var Array
|
275 |
-
* @access private
|
276 |
-
*/
|
277 |
-
var $primes;
|
278 |
-
|
279 |
-
/**
|
280 |
-
* Exponents for Chinese Remainder Theorem (ie. dP and dQ)
|
281 |
-
*
|
282 |
-
* @var Array
|
283 |
-
* @access private
|
284 |
-
*/
|
285 |
-
var $exponents;
|
286 |
-
|
287 |
-
/**
|
288 |
-
* Coefficients for Chinese Remainder Theorem (ie. qInv)
|
289 |
-
*
|
290 |
-
* @var Array
|
291 |
-
* @access private
|
292 |
-
*/
|
293 |
-
var $coefficients;
|
294 |
-
|
295 |
-
/**
|
296 |
-
* Hash name
|
297 |
-
*
|
298 |
-
* @var String
|
299 |
-
* @access private
|
300 |
-
*/
|
301 |
-
var $hashName;
|
302 |
-
|
303 |
-
/**
|
304 |
-
* Hash function
|
305 |
-
*
|
306 |
-
* @var Crypt_Hash
|
307 |
-
* @access private
|
308 |
-
*/
|
309 |
-
var $hash;
|
310 |
-
|
311 |
-
/**
|
312 |
-
* Length of hash function output
|
313 |
-
*
|
314 |
-
* @var Integer
|
315 |
-
* @access private
|
316 |
-
*/
|
317 |
-
var $hLen;
|
318 |
-
|
319 |
-
/**
|
320 |
-
* Length of salt
|
321 |
-
*
|
322 |
-
* @var Integer
|
323 |
-
* @access private
|
324 |
-
*/
|
325 |
-
var $sLen;
|
326 |
-
|
327 |
-
/**
|
328 |
-
* Hash function for the Mask Generation Function
|
329 |
-
*
|
330 |
-
* @var Crypt_Hash
|
331 |
-
* @access private
|
332 |
-
*/
|
333 |
-
var $mgfHash;
|
334 |
-
|
335 |
-
/**
|
336 |
-
* Length of MGF hash function output
|
337 |
-
*
|
338 |
-
* @var Integer
|
339 |
-
* @access private
|
340 |
-
*/
|
341 |
-
var $mgfHLen;
|
342 |
-
|
343 |
-
/**
|
344 |
-
* Encryption mode
|
345 |
-
*
|
346 |
-
* @var Integer
|
347 |
-
* @access private
|
348 |
-
*/
|
349 |
-
var $encryptionMode = CRYPT_RSA_ENCRYPTION_OAEP;
|
350 |
-
|
351 |
-
/**
|
352 |
-
* Signature mode
|
353 |
-
*
|
354 |
-
* @var Integer
|
355 |
-
* @access private
|
356 |
-
*/
|
357 |
-
var $signatureMode = CRYPT_RSA_SIGNATURE_PSS;
|
358 |
-
|
359 |
-
/**
|
360 |
-
* Public Exponent
|
361 |
-
*
|
362 |
-
* @var Mixed
|
363 |
-
* @access private
|
364 |
-
*/
|
365 |
-
var $publicExponent = false;
|
366 |
-
|
367 |
-
/**
|
368 |
-
* Password
|
369 |
-
*
|
370 |
-
* @var String
|
371 |
-
* @access private
|
372 |
-
*/
|
373 |
-
var $password = '';
|
374 |
-
|
375 |
-
/**
|
376 |
-
* The constructor
|
377 |
-
*
|
378 |
-
* If you want to make use of the openssl extension, you'll need to set the mode manually, yourself. The reason
|
379 |
-
* Crypt_RSA doesn't do it is because OpenSSL doesn't fail gracefully. openssl_pkey_new(), in particular, requires
|
380 |
-
* openssl.cnf be present somewhere and, unfortunately, the only real way to find out is too late.
|
381 |
-
*
|
382 |
-
* @return Crypt_RSA
|
383 |
-
* @access public
|
384 |
-
*/
|
385 |
-
function Crypt_RSA()
|
386 |
-
{
|
387 |
-
if ( !defined('CRYPT_RSA_MODE') ) {
|
388 |
-
switch (true) {
|
389 |
-
//case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>='):
|
390 |
-
// define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL);
|
391 |
-
// break;
|
392 |
-
default:
|
393 |
-
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
394 |
-
}
|
395 |
-
}
|
396 |
-
|
397 |
-
$this->zero = new Math_BigInteger();
|
398 |
-
$this->one = new Math_BigInteger(1);
|
399 |
-
|
400 |
-
$this->hash = new Crypt_Hash('sha1');
|
401 |
-
$this->hLen = $this->hash->getLength();
|
402 |
-
$this->hashName = 'sha1';
|
403 |
-
$this->mgfHash = new Crypt_Hash('sha1');
|
404 |
-
$this->mgfHLen = $this->mgfHash->getLength();
|
405 |
-
}
|
406 |
-
|
407 |
-
/**
|
408 |
-
* Create public / private key pair
|
409 |
-
*
|
410 |
-
* Returns an array with the following three elements:
|
411 |
-
* - 'privatekey': The private key.
|
412 |
-
* - 'publickey': The public key.
|
413 |
-
* - 'partialkey': A partially computed key (if the execution time exceeded $timeout).
|
414 |
-
* Will need to be passed back to Crypt_RSA::createKey() as the third parameter for further processing.
|
415 |
-
*
|
416 |
-
* @access public
|
417 |
-
* @param optional Integer $bits
|
418 |
-
* @param optional Integer $timeout
|
419 |
-
* @param optional Math_BigInteger $p
|
420 |
-
*/
|
421 |
-
function createKey($bits = 1024, $timeout = false, $partial = array())
|
422 |
-
{
|
423 |
-
if ( CRYPT_RSA_MODE == CRYPT_RSA_MODE_OPENSSL ) {
|
424 |
-
$rsa = openssl_pkey_new(array('private_key_bits' => $bits));
|
425 |
-
openssl_pkey_export($rsa, $privatekey);
|
426 |
-
$publickey = openssl_pkey_get_details($rsa);
|
427 |
-
$publickey = $publickey['key'];
|
428 |
-
|
429 |
-
if ($this->privateKeyFormat != CRYPT_RSA_PRIVATE_FORMAT_PKCS1) {
|
430 |
-
$privatekey = call_user_func_array(array($this, '_convertPrivateKey'), array_values($this->_parseKey($privatekey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1)));
|
431 |
-
$publickey = call_user_func_array(array($this, '_convertPublicKey'), array_values($this->_parseKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_PKCS1)));
|
432 |
-
}
|
433 |
-
|
434 |
-
return array(
|
435 |
-
'privatekey' => $privatekey,
|
436 |
-
'publickey' => $publickey,
|
437 |
-
'partialkey' => false
|
438 |
-
);
|
439 |
-
}
|
440 |
-
|
441 |
-
static $e;
|
442 |
-
if (!isset($e)) {
|
443 |
-
if (!defined('CRYPT_RSA_EXPONENT')) {
|
444 |
-
// http://en.wikipedia.org/wiki/65537_%28number%29
|
445 |
-
define('CRYPT_RSA_EXPONENT', '65537');
|
446 |
-
}
|
447 |
-
if (!defined('CRYPT_RSA_COMMENT')) {
|
448 |
-
define('CRYPT_RSA_COMMENT', 'phpseclib-generated-key');
|
449 |
-
}
|
450 |
-
// per <http://cseweb.ucsd.edu/~hovav/dist/survey.pdf#page=5>, this number ought not result in primes smaller
|
451 |
-
// than 256 bits.
|
452 |
-
if (!defined('CRYPT_RSA_SMALLEST_PRIME')) {
|
453 |
-
define('CRYPT_RSA_SMALLEST_PRIME', 4096);
|
454 |
-
}
|
455 |
-
|
456 |
-
$e = new Math_BigInteger(CRYPT_RSA_EXPONENT);
|
457 |
-
}
|
458 |
-
|
459 |
-
extract($this->_generateMinMax($bits));
|
460 |
-
$absoluteMin = $min;
|
461 |
-
$temp = $bits >> 1;
|
462 |
-
if ($temp > CRYPT_RSA_SMALLEST_PRIME) {
|
463 |
-
$num_primes = floor($bits / CRYPT_RSA_SMALLEST_PRIME);
|
464 |
-
$temp = CRYPT_RSA_SMALLEST_PRIME;
|
465 |
-
} else {
|
466 |
-
$num_primes = 2;
|
467 |
-
}
|
468 |
-
extract($this->_generateMinMax($temp + $bits % $temp));
|
469 |
-
$finalMax = $max;
|
470 |
-
extract($this->_generateMinMax($temp));
|
471 |
-
|
472 |
-
$generator = new Math_BigInteger();
|
473 |
-
$generator->setRandomGenerator('crypt_random');
|
474 |
-
|
475 |
-
$n = $this->one->copy();
|
476 |
-
if (!empty($partial)) {
|
477 |
-
extract(unserialize($partial));
|
478 |
-
} else {
|
479 |
-
$exponents = $coefficients = $primes = array();
|
480 |
-
$lcm = array(
|
481 |
-
'top' => $this->one->copy(),
|
482 |
-
'bottom' => false
|
483 |
-
);
|
484 |
-
}
|
485 |
-
|
486 |
-
$start = time();
|
487 |
-
$i0 = count($primes) + 1;
|
488 |
-
|
489 |
-
do {
|
490 |
-
for ($i = $i0; $i <= $num_primes; $i++) {
|
491 |
-
if ($timeout !== false) {
|
492 |
-
$timeout-= time() - $start;
|
493 |
-
$start = time();
|
494 |
-
if ($timeout <= 0) {
|
495 |
-
return serialize(array(
|
496 |
-
'privatekey' => '',
|
497 |
-
'publickey' => '',
|
498 |
-
'partialkey' => array(
|
499 |
-
'primes' => $primes,
|
500 |
-
'coefficients' => $coefficients,
|
501 |
-
'lcm' => $lcm,
|
502 |
-
'exponents' => $exponents
|
503 |
-
)
|
504 |
-
));
|
505 |
-
}
|
506 |
-
}
|
507 |
-
|
508 |
-
if ($i == $num_primes) {
|
509 |
-
list($min, $temp) = $absoluteMin->divide($n);
|
510 |
-
if (!$temp->equals($this->zero)) {
|
511 |
-
$min = $min->add($this->one); // ie. ceil()
|
512 |
-
}
|
513 |
-
$primes[$i] = $generator->randomPrime($min, $finalMax, $timeout);
|
514 |
-
} else {
|
515 |
-
$primes[$i] = $generator->randomPrime($min, $max, $timeout);
|
516 |
-
}
|
517 |
-
|
518 |
-
if ($primes[$i] === false) { // if we've reached the timeout
|
519 |
-
return array(
|
520 |
-
'privatekey' => '',
|
521 |
-
'publickey' => '',
|
522 |
-
'partialkey' => empty($primes) ? '' : serialize(array(
|
523 |
-
'primes' => array_slice($primes, 0, $i - 1),
|
524 |
-
'coefficients' => $coefficients,
|
525 |
-
'lcm' => $lcm,
|
526 |
-
'exponents' => $exponents
|
527 |
-
))
|
528 |
-
);
|
529 |
-
}
|
530 |
-
|
531 |
-
// the first coefficient is calculated differently from the rest
|
532 |
-
// ie. instead of being $primes[1]->modInverse($primes[2]), it's $primes[2]->modInverse($primes[1])
|
533 |
-
if ($i > 2) {
|
534 |
-
$coefficients[$i] = $n->modInverse($primes[$i]);
|
535 |
-
}
|
536 |
-
|
537 |
-
$n = $n->multiply($primes[$i]);
|
538 |
-
|
539 |
-
$temp = $primes[$i]->subtract($this->one);
|
540 |
-
|
541 |
-
// textbook RSA implementations use Euler's totient function instead of the least common multiple.
|
542 |
-
// see http://en.wikipedia.org/wiki/Euler%27s_totient_function
|
543 |
-
$lcm['top'] = $lcm['top']->multiply($temp);
|
544 |
-
$lcm['bottom'] = $lcm['bottom'] === false ? $temp : $lcm['bottom']->gcd($temp);
|
545 |
-
|
546 |
-
$exponents[$i] = $e->modInverse($temp);
|
547 |
-
}
|
548 |
-
|
549 |
-
list($lcm) = $lcm['top']->divide($lcm['bottom']);
|
550 |
-
$gcd = $lcm->gcd($e);
|
551 |
-
$i0 = 1;
|
552 |
-
} while (!$gcd->equals($this->one));
|
553 |
-
|
554 |
-
$d = $e->modInverse($lcm);
|
555 |
-
|
556 |
-
$coefficients[2] = $primes[2]->modInverse($primes[1]);
|
557 |
-
|
558 |
-
// from <http://tools.ietf.org/html/rfc3447#appendix-A.1.2>:
|
559 |
-
// RSAPrivateKey ::= SEQUENCE {
|
560 |
-
// version Version,
|
561 |
-
// modulus INTEGER, -- n
|
562 |
-
// publicExponent INTEGER, -- e
|
563 |
-
// privateExponent INTEGER, -- d
|
564 |
-
// prime1 INTEGER, -- p
|
565 |
-
// prime2 INTEGER, -- q
|
566 |
-
// exponent1 INTEGER, -- d mod (p-1)
|
567 |
-
// exponent2 INTEGER, -- d mod (q-1)
|
568 |
-
// coefficient INTEGER, -- (inverse of q) mod p
|
569 |
-
// otherPrimeInfos OtherPrimeInfos OPTIONAL
|
570 |
-
// }
|
571 |
-
|
572 |
-
return array(
|
573 |
-
'privatekey' => $this->_convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients),
|
574 |
-
'publickey' => $this->_convertPublicKey($n, $e),
|
575 |
-
'partialkey' => false
|
576 |
-
);
|
577 |
-
}
|
578 |
-
|
579 |
-
/**
|
580 |
-
* Convert a private key to the appropriate format.
|
581 |
-
*
|
582 |
-
* @access private
|
583 |
-
* @see setPrivateKeyFormat()
|
584 |
-
* @param String $RSAPrivateKey
|
585 |
-
* @return String
|
586 |
-
*/
|
587 |
-
function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
|
588 |
-
{
|
589 |
-
$num_primes = count($primes);
|
590 |
-
$raw = array(
|
591 |
-
'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi
|
592 |
-
'modulus' => $n->toBytes(true),
|
593 |
-
'publicExponent' => $e->toBytes(true),
|
594 |
-
'privateExponent' => $d->toBytes(true),
|
595 |
-
'prime1' => $primes[1]->toBytes(true),
|
596 |
-
'prime2' => $primes[2]->toBytes(true),
|
597 |
-
'exponent1' => $exponents[1]->toBytes(true),
|
598 |
-
'exponent2' => $exponents[2]->toBytes(true),
|
599 |
-
'coefficient' => $coefficients[2]->toBytes(true)
|
600 |
-
);
|
601 |
-
|
602 |
-
// if the format in question does not support multi-prime rsa and multi-prime rsa was used,
|
603 |
-
// call _convertPublicKey() instead.
|
604 |
-
switch ($this->privateKeyFormat) {
|
605 |
-
default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1
|
606 |
-
$components = array();
|
607 |
-
foreach ($raw as $name => $value) {
|
608 |
-
$components[$name] = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value);
|
609 |
-
}
|
610 |
-
|
611 |
-
$RSAPrivateKey = implode('', $components);
|
612 |
-
|
613 |
-
if ($num_primes > 2) {
|
614 |
-
$OtherPrimeInfos = '';
|
615 |
-
for ($i = 3; $i <= $num_primes; $i++) {
|
616 |
-
// OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
|
617 |
-
//
|
618 |
-
// OtherPrimeInfo ::= SEQUENCE {
|
619 |
-
// prime INTEGER, -- ri
|
620 |
-
// exponent INTEGER, -- di
|
621 |
-
// coefficient INTEGER -- ti
|
622 |
-
// }
|
623 |
-
$OtherPrimeInfo = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
|
624 |
-
$OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
|
625 |
-
$OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
|
626 |
-
$OtherPrimeInfos.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
|
627 |
-
}
|
628 |
-
$RSAPrivateKey.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
|
629 |
-
}
|
630 |
-
|
631 |
-
$RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
|
632 |
-
|
633 |
-
if (!empty($this->password)) {
|
634 |
-
$iv = $this->_random(8);
|
635 |
-
$symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
|
636 |
-
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
|
637 |
-
if (!class_exists('Crypt_TripleDES')) {
|
638 |
-
require_once('Crypt/TripleDES.php');
|
639 |
-
}
|
640 |
-
$des = new Crypt_TripleDES();
|
641 |
-
$des->setKey($symkey);
|
642 |
-
$des->setIV($iv);
|
643 |
-
$iv = strtoupper(bin2hex($iv));
|
644 |
-
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
|
645 |
-
"Proc-Type: 4,ENCRYPTED\r\n" .
|
646 |
-
"DEK-Info: DES-EDE3-CBC,$iv\r\n" .
|
647 |
-
"\r\n" .
|
648 |
-
chunk_split(base64_encode($des->encrypt($RSAPrivateKey))) .
|
649 |
-
'-----END RSA PRIVATE KEY-----';
|
650 |
-
} else {
|
651 |
-
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
|
652 |
-
chunk_split(base64_encode($RSAPrivateKey)) .
|
653 |
-
'-----END RSA PRIVATE KEY-----';
|
654 |
-
}
|
655 |
-
|
656 |
-
return $RSAPrivateKey;
|
657 |
-
}
|
658 |
-
}
|
659 |
-
|
660 |
-
/**
|
661 |
-
* Convert a public key to the appropriate format
|
662 |
-
*
|
663 |
-
* @access private
|
664 |
-
* @see setPublicKeyFormat()
|
665 |
-
* @param String $RSAPrivateKey
|
666 |
-
* @return String
|
667 |
-
*/
|
668 |
-
function _convertPublicKey($n, $e)
|
669 |
-
{
|
670 |
-
$modulus = $n->toBytes(true);
|
671 |
-
$publicExponent = $e->toBytes(true);
|
672 |
-
|
673 |
-
switch ($this->publicKeyFormat) {
|
674 |
-
case CRYPT_RSA_PUBLIC_FORMAT_RAW:
|
675 |
-
return array('e' => $e->copy(), 'n' => $n->copy());
|
676 |
-
case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
|
677 |
-
// from <http://tools.ietf.org/html/rfc4253#page-15>:
|
678 |
-
// string "ssh-rsa"
|
679 |
-
// mpint e
|
680 |
-
// mpint n
|
681 |
-
$RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
|
682 |
-
$RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . CRYPT_RSA_COMMENT;
|
683 |
-
|
684 |
-
return $RSAPublicKey;
|
685 |
-
default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1
|
686 |
-
// from <http://tools.ietf.org/html/rfc3447#appendix-A.1.1>:
|
687 |
-
// RSAPublicKey ::= SEQUENCE {
|
688 |
-
// modulus INTEGER, -- n
|
689 |
-
// publicExponent INTEGER -- e
|
690 |
-
// }
|
691 |
-
$components = array(
|
692 |
-
'modulus' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($modulus)), $modulus),
|
693 |
-
'publicExponent' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($publicExponent)), $publicExponent)
|
694 |
-
);
|
695 |
-
|
696 |
-
$RSAPublicKey = pack('Ca*a*a*',
|
697 |
-
CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])),
|
698 |
-
$components['modulus'], $components['publicExponent']
|
699 |
-
);
|
700 |
-
|
701 |
-
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
|
702 |
-
chunk_split(base64_encode($RSAPublicKey)) .
|
703 |
-
'-----END PUBLIC KEY-----';
|
704 |
-
|
705 |
-
return $RSAPublicKey;
|
706 |
-
}
|
707 |
-
}
|
708 |
-
|
709 |
-
/**
|
710 |
-
* Break a public or private key down into its constituant components
|
711 |
-
*
|
712 |
-
* @access private
|
713 |
-
* @see _convertPublicKey()
|
714 |
-
* @see _convertPrivateKey()
|
715 |
-
* @param String $key
|
716 |
-
* @param Integer $type
|
717 |
-
* @return Array
|
718 |
-
*/
|
719 |
-
function _parseKey($key, $type)
|
720 |
-
{
|
721 |
-
switch ($type) {
|
722 |
-
case CRYPT_RSA_PUBLIC_FORMAT_RAW:
|
723 |
-
if (!is_array($key)) {
|
724 |
-
return false;
|
725 |
-
}
|
726 |
-
$components = array();
|
727 |
-
switch (true) {
|
728 |
-
case isset($key['e']):
|
729 |
-
$components['publicExponent'] = $key['e']->copy();
|
730 |
-
break;
|
731 |
-
case isset($key['exponent']):
|
732 |
-
$components['publicExponent'] = $key['exponent']->copy();
|
733 |
-
break;
|
734 |
-
case isset($key['publicExponent']):
|
735 |
-
$components['publicExponent'] = $key['publicExponent']->copy();
|
736 |
-
break;
|
737 |
-
case isset($key[0]):
|
738 |
-
$components['publicExponent'] = $key[0]->copy();
|
739 |
-
}
|
740 |
-
switch (true) {
|
741 |
-
case isset($key['n']):
|
742 |
-
$components['modulus'] = $key['n']->copy();
|
743 |
-
break;
|
744 |
-
case isset($key['modulo']):
|
745 |
-
$components['modulus'] = $key['modulo']->copy();
|
746 |
-
break;
|
747 |
-
case isset($key['modulus']):
|
748 |
-
$components['modulus'] = $key['modulus']->copy();
|
749 |
-
break;
|
750 |
-
case isset($key[1]):
|
751 |
-
$components['modulus'] = $key[1]->copy();
|
752 |
-
}
|
753 |
-
return $components;
|
754 |
-
case CRYPT_RSA_PRIVATE_FORMAT_PKCS1:
|
755 |
-
case CRYPT_RSA_PUBLIC_FORMAT_PKCS1:
|
756 |
-
/* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is
|
757 |
-
"outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to
|
758 |
-
protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding
|
759 |
-
two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here:
|
760 |
-
|
761 |
-
http://tools.ietf.org/html/rfc1421#section-4.6.1.1
|
762 |
-
http://tools.ietf.org/html/rfc1421#section-4.6.1.3
|
763 |
-
|
764 |
-
DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell.
|
765 |
-
DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation
|
766 |
-
function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's
|
767 |
-
own implementation. ie. the implementation *is* the standard and any bugs that may exist in that
|
768 |
-
implementation are part of the standard, as well.
|
769 |
-
|
770 |
-
* OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */
|
771 |
-
if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) {
|
772 |
-
$iv = pack('H*', trim($matches[2]));
|
773 |
-
$symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
|
774 |
-
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
|
775 |
-
$ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-#s', '', $key);
|
776 |
-
$ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false;
|
777 |
-
if ($ciphertext === false) {
|
778 |
-
$ciphertext = $key;
|
779 |
-
}
|
780 |
-
switch ($matches[1]) {
|
781 |
-
case 'DES-EDE3-CBC':
|
782 |
-
if (!class_exists('Crypt_TripleDES')) {
|
783 |
-
require_once('Crypt/TripleDES.php');
|
784 |
-
}
|
785 |
-
$crypto = new Crypt_TripleDES();
|
786 |
-
break;
|
787 |
-
case 'DES-CBC':
|
788 |
-
if (!class_exists('Crypt_DES')) {
|
789 |
-
require_once('Crypt/DES.php');
|
790 |
-
}
|
791 |
-
$crypto = new Crypt_DES();
|
792 |
-
break;
|
793 |
-
default:
|
794 |
-
return false;
|
795 |
-
}
|
796 |
-
$crypto->setKey($symkey);
|
797 |
-
$crypto->setIV($iv);
|
798 |
-
$decoded = $crypto->decrypt($ciphertext);
|
799 |
-
} else {
|
800 |
-
$decoded = preg_replace('#-.+-|[\r\n]#', '', $key);
|
801 |
-
$decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false;
|
802 |
-
}
|
803 |
-
|
804 |
-
if ($decoded !== false) {
|
805 |
-
$key = $decoded;
|
806 |
-
}
|
807 |
-
|
808 |
-
$components = array();
|
809 |
-
|
810 |
-
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
811 |
-
return false;
|
812 |
-
}
|
813 |
-
if ($this->_decodeLength($key) != strlen($key)) {
|
814 |
-
return false;
|
815 |
-
}
|
816 |
-
|
817 |
-
$tag = ord($this->_string_shift($key));
|
818 |
-
if ($tag == CRYPT_RSA_ASN1_SEQUENCE) {
|
819 |
-
/* intended for keys for which OpenSSL's asn1parse returns the following:
|
820 |
-
|
821 |
-
0:d=0 hl=4 l= 290 cons: SEQUENCE
|
822 |
-
4:d=1 hl=2 l= 13 cons: SEQUENCE
|
823 |
-
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
|
824 |
-
17:d=2 hl=2 l= 0 prim: NULL
|
825 |
-
19:d=1 hl=4 l= 271 prim: BIT STRING */
|
826 |
-
$this->_string_shift($key, $this->_decodeLength($key));
|
827 |
-
$this->_string_shift($key); // skip over the BIT STRING tag
|
828 |
-
$this->_decodeLength($key); // skip over the BIT STRING length
|
829 |
-
// "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of
|
830 |
-
// unused bits in teh final subsequent octet. The number shall be in the range zero to seven."
|
831 |
-
// -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2)
|
832 |
-
$this->_string_shift($key);
|
833 |
-
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
834 |
-
return false;
|
835 |
-
}
|
836 |
-
if ($this->_decodeLength($key) != strlen($key)) {
|
837 |
-
return false;
|
838 |
-
}
|
839 |
-
$tag = ord($this->_string_shift($key));
|
840 |
-
}
|
841 |
-
if ($tag != CRYPT_RSA_ASN1_INTEGER) {
|
842 |
-
return false;
|
843 |
-
}
|
844 |
-
|
845 |
-
$length = $this->_decodeLength($key);
|
846 |
-
$temp = $this->_string_shift($key, $length);
|
847 |
-
if (strlen($temp) != 1 || ord($temp) > 2) {
|
848 |
-
$components['modulus'] = new Math_BigInteger($temp, -256);
|
849 |
-
$this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER
|
850 |
-
$length = $this->_decodeLength($key);
|
851 |
-
$components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
852 |
-
|
853 |
-
return $components;
|
854 |
-
}
|
855 |
-
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_INTEGER) {
|
856 |
-
return false;
|
857 |
-
}
|
858 |
-
$length = $this->_decodeLength($key);
|
859 |
-
$components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
860 |
-
$this->_string_shift($key);
|
861 |
-
$length = $this->_decodeLength($key);
|
862 |
-
$components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
863 |
-
$this->_string_shift($key);
|
864 |
-
$length = $this->_decodeLength($key);
|
865 |
-
$components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
866 |
-
$this->_string_shift($key);
|
867 |
-
$length = $this->_decodeLength($key);
|
868 |
-
$components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), -256));
|
869 |
-
$this->_string_shift($key);
|
870 |
-
$length = $this->_decodeLength($key);
|
871 |
-
$components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
872 |
-
$this->_string_shift($key);
|
873 |
-
$length = $this->_decodeLength($key);
|
874 |
-
$components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), -256));
|
875 |
-
$this->_string_shift($key);
|
876 |
-
$length = $this->_decodeLength($key);
|
877 |
-
$components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
878 |
-
$this->_string_shift($key);
|
879 |
-
$length = $this->_decodeLength($key);
|
880 |
-
$components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), -256));
|
881 |
-
|
882 |
-
if (!empty($key)) {
|
883 |
-
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
884 |
-
return false;
|
885 |
-
}
|
886 |
-
$this->_decodeLength($key);
|
887 |
-
while (!empty($key)) {
|
888 |
-
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
889 |
-
return false;
|
890 |
-
}
|
891 |
-
$this->_decodeLength($key);
|
892 |
-
$key = substr($key, 1);
|
893 |
-
$length = $this->_decodeLength($key);
|
894 |
-
$components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
895 |
-
$this->_string_shift($key);
|
896 |
-
$length = $this->_decodeLength($key);
|
897 |
-
$components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
898 |
-
$this->_string_shift($key);
|
899 |
-
$length = $this->_decodeLength($key);
|
900 |
-
$components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
901 |
-
}
|
902 |
-
}
|
903 |
-
|
904 |
-
return $components;
|
905 |
-
case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
|
906 |
-
$key = base64_decode(preg_replace('#^ssh-rsa | .+$#', '', $key));
|
907 |
-
if ($key === false) {
|
908 |
-
return false;
|
909 |
-
}
|
910 |
-
|
911 |
-
$cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa";
|
912 |
-
|
913 |
-
extract(unpack('Nlength', $this->_string_shift($key, 4)));
|
914 |
-
$publicExponent = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
915 |
-
extract(unpack('Nlength', $this->_string_shift($key, 4)));
|
916 |
-
$modulus = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
917 |
-
|
918 |
-
if ($cleanup && strlen($key)) {
|
919 |
-
extract(unpack('Nlength', $this->_string_shift($key, 4)));
|
920 |
-
return array(
|
921 |
-
'modulus' => new Math_BigInteger($this->_string_shift($key, $length), -256),
|
922 |
-
'publicExponent' => $modulus
|
923 |
-
);
|
924 |
-
} else {
|
925 |
-
return array(
|
926 |
-
'modulus' => $modulus,
|
927 |
-
'publicExponent' => $publicExponent
|
928 |
-
);
|
929 |
-
}
|
930 |
-
}
|
931 |
-
}
|
932 |
-
|
933 |
-
/**
|
934 |
-
* Loads a public or private key
|
935 |
-
*
|
936 |
-
* Returns true on success and false on failure (ie. an incorrect password was provided or the key was malformed)
|
937 |
-
*
|
938 |
-
* @access public
|
939 |
-
* @param String $key
|
940 |
-
* @param Integer $type optional
|
941 |
-
*/
|
942 |
-
function loadKey($key, $type = CRYPT_RSA_PRIVATE_FORMAT_PKCS1)
|
943 |
-
{
|
944 |
-
$components = $this->_parseKey($key, $type);
|
945 |
-
if ($components === false) {
|
946 |
-
return false;
|
947 |
-
}
|
948 |
-
|
949 |
-
$this->modulus = $components['modulus'];
|
950 |
-
$this->k = strlen($this->modulus->toBytes());
|
951 |
-
$this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent'];
|
952 |
-
if (isset($components['primes'])) {
|
953 |
-
$this->primes = $components['primes'];
|
954 |
-
$this->exponents = $components['exponents'];
|
955 |
-
$this->coefficients = $components['coefficients'];
|
956 |
-
$this->publicExponent = $components['publicExponent'];
|
957 |
-
} else {
|
958 |
-
$this->primes = array();
|
959 |
-
$this->exponents = array();
|
960 |
-
$this->coefficients = array();
|
961 |
-
$this->publicExponent = false;
|
962 |
-
}
|
963 |
-
|
964 |
-
return true;
|
965 |
-
}
|
966 |
-
|
967 |
-
/**
|
968 |
-
* Sets the password
|
969 |
-
*
|
970 |
-
* Private keys can be encrypted with a password. To unset the password, pass in the empty string or false.
|
971 |
-
* Or rather, pass in $password such that empty($password) is true.
|
972 |
-
*
|
973 |
-
* @see createKey()
|
974 |
-
* @see loadKey()
|
975 |
-
* @access public
|
976 |
-
* @param String $password
|
977 |
-
*/
|
978 |
-
function setPassword($password)
|
979 |
-
{
|
980 |
-
$this->password = $password;
|
981 |
-
}
|
982 |
-
|
983 |
-
/**
|
984 |
-
* Defines the public key
|
985 |
-
*
|
986 |
-
* Some private key formats define the public exponent and some don't. Those that don't define it are problematic when
|
987 |
-
* used in certain contexts. For example, in SSH-2, RSA authentication works by sending the public key along with a
|
988 |
-
* message signed by the private key to the server. The SSH-2 server looks the public key up in an index of public keys
|
989 |
-
* and if it's present then proceeds to verify the signature. Problem is, if your private key doesn't include the public
|
990 |
-
* exponent this won't work unless you manually add the public exponent.
|
991 |
-
*
|
992 |
-
* Do note that when a new key is loaded the index will be cleared.
|
993 |
-
*
|
994 |
-
* Returns true on success, false on failure
|
995 |
-
*
|
996 |
-
* @see getPublicKey()
|
997 |
-
* @access public
|
998 |
-
* @param String $key
|
999 |
-
* @param Integer $type optional
|
1000 |
-
* @return Boolean
|
1001 |
-
*/
|
1002 |
-
function setPublicKey($key, $type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
|
1003 |
-
{
|
1004 |
-
$components = $this->_parseKey($key, $type);
|
1005 |
-
if (empty($this->modulus) || !$this->modulus->equals($components['modulus'])) {
|
1006 |
-
return false;
|
1007 |
-
}
|
1008 |
-
$this->publicExponent = $components['publicExponent'];
|
1009 |
-
}
|
1010 |
-
|
1011 |
-
/**
|
1012 |
-
* Returns the public key
|
1013 |
-
*
|
1014 |
-
* The public key is only returned under two circumstances - if the private key had the public key embedded within it
|
1015 |
-
* or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this
|
1016 |
-
* function won't return it since this library, for the most part, doesn't distinguish between public and private keys.
|
1017 |
-
*
|
1018 |
-
* @see getPublicKey()
|
1019 |
-
* @access public
|
1020 |
-
* @param String $key
|
1021 |
-
* @param Integer $type optional
|
1022 |
-
*/
|
1023 |
-
function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
|
1024 |
-
{
|
1025 |
-
if (empty($this->modulus) || empty($this->publicExponent)) {
|
1026 |
-
return false;
|
1027 |
-
}
|
1028 |
-
|
1029 |
-
$oldFormat = $this->publicKeyFormat;
|
1030 |
-
$this->publicKeyFormat = $type;
|
1031 |
-
$temp = $this->_convertPublicKey($this->modulus, $this->publicExponent);
|
1032 |
-
$this->publicKeyFormat = $oldFormat;
|
1033 |
-
return $temp;
|
1034 |
-
}
|
1035 |
-
|
1036 |
-
/**
|
1037 |
-
* Generates the smallest and largest numbers requiring $bits bits
|
1038 |
-
*
|
1039 |
-
* @access private
|
1040 |
-
* @param Integer $bits
|
1041 |
-
* @return Array
|
1042 |
-
*/
|
1043 |
-
function _generateMinMax($bits)
|
1044 |
-
{
|
1045 |
-
$bytes = $bits >> 3;
|
1046 |
-
$min = str_repeat(chr(0), $bytes);
|
1047 |
-
$max = str_repeat(chr(0xFF), $bytes);
|
1048 |
-
$msb = $bits & 7;
|
1049 |
-
if ($msb) {
|
1050 |
-
$min = chr(1 << ($msb - 1)) . $min;
|
1051 |
-
$max = chr((1 << $msb) - 1) . $max;
|
1052 |
-
} else {
|
1053 |
-
$min[0] = chr(0x80);
|
1054 |
-
}
|
1055 |
-
|
1056 |
-
return array(
|
1057 |
-
'min' => new Math_BigInteger($min, 256),
|
1058 |
-
'max' => new Math_BigInteger($max, 256)
|
1059 |
-
);
|
1060 |
-
}
|
1061 |
-
|
1062 |
-
/**
|
1063 |
-
* DER-decode the length
|
1064 |
-
*
|
1065 |
-
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
|
1066 |
-
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 � 8.1.3} for more information.
|
1067 |
-
*
|
1068 |
-
* @access private
|
1069 |
-
* @param String $string
|
1070 |
-
* @return Integer
|
1071 |
-
*/
|
1072 |
-
function _decodeLength(&$string)
|
1073 |
-
{
|
1074 |
-
$length = ord($this->_string_shift($string));
|
1075 |
-
if ( $length & 0x80 ) { // definite length, long form
|
1076 |
-
$length&= 0x7F;
|
1077 |
-
$temp = $this->_string_shift($string, $length);
|
1078 |
-
list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4));
|
1079 |
-
}
|
1080 |
-
return $length;
|
1081 |
-
}
|
1082 |
-
|
1083 |
-
/**
|
1084 |
-
* DER-encode the length
|
1085 |
-
*
|
1086 |
-
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
|
1087 |
-
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 � 8.1.3} for more information.
|
1088 |
-
*
|
1089 |
-
* @access private
|
1090 |
-
* @param Integer $length
|
1091 |
-
* @return String
|
1092 |
-
*/
|
1093 |
-
function _encodeLength($length)
|
1094 |
-
{
|
1095 |
-
if ($length <= 0x7F) {
|
1096 |
-
return chr($length);
|
1097 |
-
}
|
1098 |
-
|
1099 |
-
$temp = ltrim(pack('N', $length), chr(0));
|
1100 |
-
return pack('Ca*', 0x80 | strlen($temp), $temp);
|
1101 |
-
}
|
1102 |
-
|
1103 |
-
/**
|
1104 |
-
* String Shift
|
1105 |
-
*
|
1106 |
-
* Inspired by array_shift
|
1107 |
-
*
|
1108 |
-
* @param String $string
|
1109 |
-
* @param optional Integer $index
|
1110 |
-
* @return String
|
1111 |
-
* @access private
|
1112 |
-
*/
|
1113 |
-
function _string_shift(&$string, $index = 1)
|
1114 |
-
{
|
1115 |
-
$substr = substr($string, 0, $index);
|
1116 |
-
$string = substr($string, $index);
|
1117 |
-
return $substr;
|
1118 |
-
}
|
1119 |
-
|
1120 |
-
/**
|
1121 |
-
* Determines the private key format
|
1122 |
-
*
|
1123 |
-
* @see createKey()
|
1124 |
-
* @access public
|
1125 |
-
* @param Integer $format
|
1126 |
-
*/
|
1127 |
-
function setPrivateKeyFormat($format)
|
1128 |
-
{
|
1129 |
-
$this->privateKeyFormat = $format;
|
1130 |
-
}
|
1131 |
-
|
1132 |
-
/**
|
1133 |
-
* Determines the public key format
|
1134 |
-
*
|
1135 |
-
* @see createKey()
|
1136 |
-
* @access public
|
1137 |
-
* @param Integer $format
|
1138 |
-
*/
|
1139 |
-
function setPublicKeyFormat($format)
|
1140 |
-
{
|
1141 |
-
$this->publicKeyFormat = $format;
|
1142 |
-
}
|
1143 |
-
|
1144 |
-
/**
|
1145 |
-
* Determines which hashing function should be used
|
1146 |
-
*
|
1147 |
-
* Used with signature production / verification and (if the encryption mode is CRYPT_RSA_ENCRYPTION_OAEP) encryption and
|
1148 |
-
* decryption. If $hash isn't supported, sha1 is used.
|
1149 |
-
*
|
1150 |
-
* @access public
|
1151 |
-
* @param String $hash
|
1152 |
-
*/
|
1153 |
-
function setHash($hash)
|
1154 |
-
{
|
1155 |
-
// Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
|
1156 |
-
switch ($hash) {
|
1157 |
-
case 'md2':
|
1158 |
-
case 'md5':
|
1159 |
-
case 'sha1':
|
1160 |
-
case 'sha256':
|
1161 |
-
case 'sha384':
|
1162 |
-
case 'sha512':
|
1163 |
-
$this->hash = new Crypt_Hash($hash);
|
1164 |
-
$this->hashName = $hash;
|
1165 |
-
break;
|
1166 |
-
default:
|
1167 |
-
$this->hash = new Crypt_Hash('sha1');
|
1168 |
-
$this->hashName = 'sha1';
|
1169 |
-
}
|
1170 |
-
$this->hLen = $this->hash->getLength();
|
1171 |
-
}
|
1172 |
-
|
1173 |
-
/**
|
1174 |
-
* Determines which hashing function should be used for the mask generation function
|
1175 |
-
*
|
1176 |
-
* The mask generation function is used by CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_SIGNATURE_PSS and although it's
|
1177 |
-
* best if Hash and MGFHash are set to the same thing this is not a requirement.
|
1178 |
-
*
|
1179 |
-
* @access public
|
1180 |
-
* @param String $hash
|
1181 |
-
*/
|
1182 |
-
function setMGFHash($hash)
|
1183 |
-
{
|
1184 |
-
// Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
|
1185 |
-
switch ($hash) {
|
1186 |
-
case 'md2':
|
1187 |
-
case 'md5':
|
1188 |
-
case 'sha1':
|
1189 |
-
case 'sha256':
|
1190 |
-
case 'sha384':
|
1191 |
-
case 'sha512':
|
1192 |
-
$this->mgfHash = new Crypt_Hash($hash);
|
1193 |
-
break;
|
1194 |
-
default:
|
1195 |
-
$this->mgfHash = new Crypt_Hash('sha1');
|
1196 |
-
}
|
1197 |
-
$this->mgfHLen = $this->mgfHash->getLength();
|
1198 |
-
}
|
1199 |
-
|
1200 |
-
/**
|
1201 |
-
* Determines the salt length
|
1202 |
-
*
|
1203 |
-
* To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}:
|
1204 |
-
*
|
1205 |
-
* Typical salt lengths in octets are hLen (the length of the output
|
1206 |
-
* of the hash function Hash) and 0.
|
1207 |
-
*
|
1208 |
-
* @access public
|
1209 |
-
* @param Integer $format
|
1210 |
-
*/
|
1211 |
-
function setSaltLength($sLen)
|
1212 |
-
{
|
1213 |
-
$this->sLen = $sLen;
|
1214 |
-
}
|
1215 |
-
|
1216 |
-
/**
|
1217 |
-
* Generates a random string x bytes long
|
1218 |
-
*
|
1219 |
-
* @access public
|
1220 |
-
* @param Integer $bytes
|
1221 |
-
* @param optional Integer $nonzero
|
1222 |
-
* @return String
|
1223 |
-
*/
|
1224 |
-
function _random($bytes, $nonzero = false)
|
1225 |
-
{
|
1226 |
-
$temp = '';
|
1227 |
-
if ($nonzero) {
|
1228 |
-
for ($i = 0; $i < $bytes; $i++) {
|
1229 |
-
$temp.= chr(crypt_random(1, 255));
|
1230 |
-
}
|
1231 |
-
} else {
|
1232 |
-
$ints = ($bytes + 1) >> 2;
|
1233 |
-
for ($i = 0; $i < $ints; $i++) {
|
1234 |
-
$temp.= pack('N', crypt_random());
|
1235 |
-
}
|
1236 |
-
$temp = substr($temp, 0, $bytes);
|
1237 |
-
}
|
1238 |
-
return $temp;
|
1239 |
-
}
|
1240 |
-
|
1241 |
-
/**
|
1242 |
-
* Integer-to-Octet-String primitive
|
1243 |
-
*
|
1244 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}.
|
1245 |
-
*
|
1246 |
-
* @access private
|
1247 |
-
* @param Math_BigInteger $x
|
1248 |
-
* @param Integer $xLen
|
1249 |
-
* @return String
|
1250 |
-
*/
|
1251 |
-
function _i2osp($x, $xLen)
|
1252 |
-
{
|
1253 |
-
$x = $x->toBytes();
|
1254 |
-
if (strlen($x) > $xLen) {
|
1255 |
-
user_error('Integer too large', E_USER_NOTICE);
|
1256 |
-
return false;
|
1257 |
-
}
|
1258 |
-
return str_pad($x, $xLen, chr(0), STR_PAD_LEFT);
|
1259 |
-
}
|
1260 |
-
|
1261 |
-
/**
|
1262 |
-
* Octet-String-to-Integer primitive
|
1263 |
-
*
|
1264 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}.
|
1265 |
-
*
|
1266 |
-
* @access private
|
1267 |
-
* @param String $x
|
1268 |
-
* @return Math_BigInteger
|
1269 |
-
*/
|
1270 |
-
function _os2ip($x)
|
1271 |
-
{
|
1272 |
-
return new Math_BigInteger($x, 256);
|
1273 |
-
}
|
1274 |
-
|
1275 |
-
/**
|
1276 |
-
* Exponentiate with or without Chinese Remainder Theorem
|
1277 |
-
*
|
1278 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.2}.
|
1279 |
-
*
|
1280 |
-
* @access private
|
1281 |
-
* @param Math_BigInteger $x
|
1282 |
-
* @return Math_BigInteger
|
1283 |
-
*/
|
1284 |
-
function _exponentiate($x)
|
1285 |
-
{
|
1286 |
-
if (empty($this->primes) || empty($this->coefficients) || empty($this->exponents)) {
|
1287 |
-
return $x->modPow($this->exponent, $this->modulus);
|
1288 |
-
}
|
1289 |
-
|
1290 |
-
$num_primes = count($this->primes);
|
1291 |
-
|
1292 |
-
if (defined('CRYPT_RSA_DISABLE_BLINDING')) {
|
1293 |
-
$m_i = array(
|
1294 |
-
1 => $x->modPow($this->exponents[1], $this->primes[1]),
|
1295 |
-
2 => $x->modPow($this->exponents[2], $this->primes[2])
|
1296 |
-
);
|
1297 |
-
$h = $m_i[1]->subtract($m_i[2]);
|
1298 |
-
$h = $h->multiply($this->coefficients[2]);
|
1299 |
-
list(, $h) = $h->divide($this->primes[1]);
|
1300 |
-
$m = $m_i[2]->add($h->multiply($this->primes[2]));
|
1301 |
-
|
1302 |
-
$r = $this->primes[1];
|
1303 |
-
for ($i = 3; $i <= $num_primes; $i++) {
|
1304 |
-
$m_i = $x->modPow($this->exponents[$i], $this->primes[$i]);
|
1305 |
-
|
1306 |
-
$r = $r->multiply($this->primes[$i - 1]);
|
1307 |
-
|
1308 |
-
$h = $m_i->subtract($m);
|
1309 |
-
$h = $h->multiply($this->coefficients[$i]);
|
1310 |
-
list(, $h) = $h->divide($this->primes[$i]);
|
1311 |
-
|
1312 |
-
$m = $m->add($r->multiply($h));
|
1313 |
-
}
|
1314 |
-
} else {
|
1315 |
-
$smallest = $this->primes[1];
|
1316 |
-
for ($i = 2; $i <= $num_primes; $i++) {
|
1317 |
-
if ($smallest->compare($this->primes[$i]) > 0) {
|
1318 |
-
$smallest = $this->primes[$i];
|
1319 |
-
}
|
1320 |
-
}
|
1321 |
-
|
1322 |
-
$one = new Math_BigInteger(1);
|
1323 |
-
$one->setRandomGenerator('crypt_random');
|
1324 |
-
|
1325 |
-
$r = $one->random($one, $smallest->subtract($one));
|
1326 |
-
|
1327 |
-
$m_i = array(
|
1328 |
-
1 => $this->_blind($x, $r, 1),
|
1329 |
-
2 => $this->_blind($x, $r, 2)
|
1330 |
-
);
|
1331 |
-
$h = $m_i[1]->subtract($m_i[2]);
|
1332 |
-
$h = $h->multiply($this->coefficients[2]);
|
1333 |
-
list(, $h) = $h->divide($this->primes[1]);
|
1334 |
-
$m = $m_i[2]->add($h->multiply($this->primes[2]));
|
1335 |
-
|
1336 |
-
$r = $this->primes[1];
|
1337 |
-
for ($i = 3; $i <= $num_primes; $i++) {
|
1338 |
-
$m_i = $this->_blind($x, $r, $i);
|
1339 |
-
|
1340 |
-
$r = $r->multiply($this->primes[$i - 1]);
|
1341 |
-
|
1342 |
-
$h = $m_i->subtract($m);
|
1343 |
-
$h = $h->multiply($this->coefficients[$i]);
|
1344 |
-
list(, $h) = $h->divide($this->primes[$i]);
|
1345 |
-
|
1346 |
-
$m = $m->add($r->multiply($h));
|
1347 |
-
}
|
1348 |
-
}
|
1349 |
-
|
1350 |
-
return $m;
|
1351 |
-
}
|
1352 |
-
|
1353 |
-
/**
|
1354 |
-
* Performs RSA Blinding
|
1355 |
-
*
|
1356 |
-
* Protects against timing attacks by employing RSA Blinding.
|
1357 |
-
* Returns $x->modPow($this->exponents[$i], $this->primes[$i])
|
1358 |
-
*
|
1359 |
-
* @access private
|
1360 |
-
* @param Math_BigInteger $x
|
1361 |
-
* @param Math_BigInteger $r
|
1362 |
-
* @param Integer $i
|
1363 |
-
* @return Math_BigInteger
|
1364 |
-
*/
|
1365 |
-
function _blind($x, $r, $i)
|
1366 |
-
{
|
1367 |
-
$x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i]));
|
1368 |
-
|
1369 |
-
$x = $x->modPow($this->exponents[$i], $this->primes[$i]);
|
1370 |
-
|
1371 |
-
$r = $r->modInverse($this->primes[$i]);
|
1372 |
-
$x = $x->multiply($r);
|
1373 |
-
list(, $x) = $x->divide($this->primes[$i]);
|
1374 |
-
|
1375 |
-
return $x;
|
1376 |
-
}
|
1377 |
-
|
1378 |
-
/**
|
1379 |
-
* RSAEP
|
1380 |
-
*
|
1381 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}.
|
1382 |
-
*
|
1383 |
-
* @access private
|
1384 |
-
* @param Math_BigInteger $m
|
1385 |
-
* @return Math_BigInteger
|
1386 |
-
*/
|
1387 |
-
function _rsaep($m)
|
1388 |
-
{
|
1389 |
-
if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
|
1390 |
-
user_error('Message representative out of range', E_USER_NOTICE);
|
1391 |
-
return false;
|
1392 |
-
}
|
1393 |
-
return $this->_exponentiate($m);
|
1394 |
-
}
|
1395 |
-
|
1396 |
-
/**
|
1397 |
-
* RSADP
|
1398 |
-
*
|
1399 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}.
|
1400 |
-
*
|
1401 |
-
* @access private
|
1402 |
-
* @param Math_BigInteger $c
|
1403 |
-
* @return Math_BigInteger
|
1404 |
-
*/
|
1405 |
-
function _rsadp($c)
|
1406 |
-
{
|
1407 |
-
if ($c->compare($this->zero) < 0 || $c->compare($this->modulus) > 0) {
|
1408 |
-
user_error('Ciphertext representative out of range', E_USER_NOTICE);
|
1409 |
-
return false;
|
1410 |
-
}
|
1411 |
-
return $this->_exponentiate($c);
|
1412 |
-
}
|
1413 |
-
|
1414 |
-
/**
|
1415 |
-
* RSASP1
|
1416 |
-
*
|
1417 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}.
|
1418 |
-
*
|
1419 |
-
* @access private
|
1420 |
-
* @param Math_BigInteger $m
|
1421 |
-
* @return Math_BigInteger
|
1422 |
-
*/
|
1423 |
-
function _rsasp1($m)
|
1424 |
-
{
|
1425 |
-
if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
|
1426 |
-
user_error('Message representative out of range', E_USER_NOTICE);
|
1427 |
-
return false;
|
1428 |
-
}
|
1429 |
-
return $this->_exponentiate($m);
|
1430 |
-
}
|
1431 |
-
|
1432 |
-
/**
|
1433 |
-
* RSAVP1
|
1434 |
-
*
|
1435 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}.
|
1436 |
-
*
|
1437 |
-
* @access private
|
1438 |
-
* @param Math_BigInteger $s
|
1439 |
-
* @return Math_BigInteger
|
1440 |
-
*/
|
1441 |
-
function _rsavp1($s)
|
1442 |
-
{
|
1443 |
-
if ($s->compare($this->zero) < 0 || $s->compare($this->modulus) > 0) {
|
1444 |
-
user_error('Signature representative out of range', E_USER_NOTICE);
|
1445 |
-
return false;
|
1446 |
-
}
|
1447 |
-
return $this->_exponentiate($s);
|
1448 |
-
}
|
1449 |
-
|
1450 |
-
/**
|
1451 |
-
* MGF1
|
1452 |
-
*
|
1453 |
-
* See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}.
|
1454 |
-
*
|
1455 |
-
* @access private
|
1456 |
-
* @param String $mgfSeed
|
1457 |
-
* @param Integer $mgfLen
|
1458 |
-
* @return String
|
1459 |
-
*/
|
1460 |
-
function _mgf1($mgfSeed, $maskLen)
|
1461 |
-
{
|
1462 |
-
// if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output.
|
1463 |
-
|
1464 |
-
$t = '';
|
1465 |
-
$count = ceil($maskLen / $this->mgfHLen);
|
1466 |
-
for ($i = 0; $i < $count; $i++) {
|
1467 |
-
$c = pack('N', $i);
|
1468 |
-
$t.= $this->mgfHash->hash($mgfSeed . $c);
|
1469 |
-
}
|
1470 |
-
|
1471 |
-
return substr($t, 0, $maskLen);
|
1472 |
-
}
|
1473 |
-
|
1474 |
-
/**
|
1475 |
-
* RSAES-OAEP-ENCRYPT
|
1476 |
-
*
|
1477 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-7.1.1 RFC3447#section-7.1.1} and
|
1478 |
-
* {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}.
|
1479 |
-
*
|
1480 |
-
* @access private
|
1481 |
-
* @param String $m
|
1482 |
-
* @param String $l
|
1483 |
-
* @return String
|
1484 |
-
*/
|
1485 |
-
function _rsaes_oaep_encrypt($m, $l = '')
|
1486 |
-
{
|
1487 |
-
$mLen = strlen($m);
|
1488 |
-
|
1489 |
-
// Length checking
|
1490 |
-
|
1491 |
-
// if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1492 |
-
// be output.
|
1493 |
-
|
1494 |
-
if ($mLen > $this->k - 2 * $this->hLen - 2) {
|
1495 |
-
user_error('Message too long', E_USER_NOTICE);
|
1496 |
-
return false;
|
1497 |
-
}
|
1498 |
-
|
1499 |
-
// EME-OAEP encoding
|
1500 |
-
|
1501 |
-
$lHash = $this->hash->hash($l);
|
1502 |
-
$ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2);
|
1503 |
-
$db = $lHash . $ps . chr(1) . $m;
|
1504 |
-
$seed = $this->_random($this->hLen);
|
1505 |
-
$dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
|
1506 |
-
$maskedDB = $db ^ $dbMask;
|
1507 |
-
$seedMask = $this->_mgf1($maskedDB, $this->hLen);
|
1508 |
-
$maskedSeed = $seed ^ $seedMask;
|
1509 |
-
$em = chr(0) . $maskedSeed . $maskedDB;
|
1510 |
-
|
1511 |
-
// RSA encryption
|
1512 |
-
|
1513 |
-
$m = $this->_os2ip($em);
|
1514 |
-
$c = $this->_rsaep($m);
|
1515 |
-
$c = $this->_i2osp($c, $this->k);
|
1516 |
-
|
1517 |
-
// Output the ciphertext C
|
1518 |
-
|
1519 |
-
return $c;
|
1520 |
-
}
|
1521 |
-
|
1522 |
-
/**
|
1523 |
-
* RSAES-OAEP-DECRYPT
|
1524 |
-
*
|
1525 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error
|
1526 |
-
* messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2:
|
1527 |
-
*
|
1528 |
-
* Note. Care must be taken to ensure that an opponent cannot
|
1529 |
-
* distinguish the different error conditions in Step 3.g, whether by
|
1530 |
-
* error message or timing, or, more generally, learn partial
|
1531 |
-
* information about the encoded message EM. Otherwise an opponent may
|
1532 |
-
* be able to obtain useful information about the decryption of the
|
1533 |
-
* ciphertext C, leading to a chosen-ciphertext attack such as the one
|
1534 |
-
* observed by Manger [36].
|
1535 |
-
*
|
1536 |
-
* As for $l... to quote from {@link http://tools.ietf.org/html/rfc3447#page-17 RFC3447#page-17}:
|
1537 |
-
*
|
1538 |
-
* Both the encryption and the decryption operations of RSAES-OAEP take
|
1539 |
-
* the value of a label L as input. In this version of PKCS #1, L is
|
1540 |
-
* the empty string; other uses of the label are outside the scope of
|
1541 |
-
* this document.
|
1542 |
-
*
|
1543 |
-
* @access private
|
1544 |
-
* @param String $c
|
1545 |
-
* @param String $l
|
1546 |
-
* @return String
|
1547 |
-
*/
|
1548 |
-
function _rsaes_oaep_decrypt($c, $l = '')
|
1549 |
-
{
|
1550 |
-
// Length checking
|
1551 |
-
|
1552 |
-
// if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1553 |
-
// be output.
|
1554 |
-
|
1555 |
-
if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) {
|
1556 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1557 |
-
return false;
|
1558 |
-
}
|
1559 |
-
|
1560 |
-
// RSA decryption
|
1561 |
-
|
1562 |
-
$c = $this->_os2ip($c);
|
1563 |
-
$m = $this->_rsadp($c);
|
1564 |
-
if ($m === false) {
|
1565 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1566 |
-
return false;
|
1567 |
-
}
|
1568 |
-
$em = $this->_i2osp($m, $this->k);
|
1569 |
-
|
1570 |
-
// EME-OAEP decoding
|
1571 |
-
|
1572 |
-
$lHash = $this->hash->hash($l);
|
1573 |
-
$y = ord($em[0]);
|
1574 |
-
$maskedSeed = substr($em, 1, $this->hLen);
|
1575 |
-
$maskedDB = substr($em, $this->hLen + 1);
|
1576 |
-
$seedMask = $this->_mgf1($maskedDB, $this->hLen);
|
1577 |
-
$seed = $maskedSeed ^ $seedMask;
|
1578 |
-
$dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
|
1579 |
-
$db = $maskedDB ^ $dbMask;
|
1580 |
-
$lHash2 = substr($db, 0, $this->hLen);
|
1581 |
-
$m = substr($db, $this->hLen);
|
1582 |
-
if ($lHash != $lHash2) {
|
1583 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1584 |
-
return false;
|
1585 |
-
}
|
1586 |
-
$m = ltrim($m, chr(0));
|
1587 |
-
if (ord($m[0]) != 1) {
|
1588 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1589 |
-
return false;
|
1590 |
-
}
|
1591 |
-
|
1592 |
-
// Output the message M
|
1593 |
-
|
1594 |
-
return substr($m, 1);
|
1595 |
-
}
|
1596 |
-
|
1597 |
-
/**
|
1598 |
-
* RSAES-PKCS1-V1_5-ENCRYPT
|
1599 |
-
*
|
1600 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}.
|
1601 |
-
*
|
1602 |
-
* @access private
|
1603 |
-
* @param String $m
|
1604 |
-
* @return String
|
1605 |
-
*/
|
1606 |
-
function _rsaes_pkcs1_v1_5_encrypt($m)
|
1607 |
-
{
|
1608 |
-
$mLen = strlen($m);
|
1609 |
-
|
1610 |
-
// Length checking
|
1611 |
-
|
1612 |
-
if ($mLen > $this->k - 11) {
|
1613 |
-
user_error('Message too long', E_USER_NOTICE);
|
1614 |
-
return false;
|
1615 |
-
}
|
1616 |
-
|
1617 |
-
// EME-PKCS1-v1_5 encoding
|
1618 |
-
|
1619 |
-
$ps = $this->_random($this->k - $mLen - 3, true);
|
1620 |
-
$em = chr(0) . chr(2) . $ps . chr(0) . $m;
|
1621 |
-
|
1622 |
-
// RSA encryption
|
1623 |
-
$m = $this->_os2ip($em);
|
1624 |
-
$c = $this->_rsaep($m);
|
1625 |
-
$c = $this->_i2osp($c, $this->k);
|
1626 |
-
|
1627 |
-
// Output the ciphertext C
|
1628 |
-
|
1629 |
-
return $c;
|
1630 |
-
}
|
1631 |
-
|
1632 |
-
/**
|
1633 |
-
* RSAES-PKCS1-V1_5-DECRYPT
|
1634 |
-
*
|
1635 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
|
1636 |
-
*
|
1637 |
-
* For compatability purposes, this function departs slightly from the description given in RFC3447.
|
1638 |
-
* The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
|
1639 |
-
* private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
|
1640 |
-
* public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed
|
1641 |
-
* to be 2 regardless of which key is used. for compatability purposes, we'll just check to make sure the
|
1642 |
-
* second byte is 2 or less. If it is, we'll accept the decrypted string as valid.
|
1643 |
-
*
|
1644 |
-
* As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt
|
1645 |
-
* with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but
|
1646 |
-
* not private key encrypted ciphertext's.
|
1647 |
-
*
|
1648 |
-
* @access private
|
1649 |
-
* @param String $c
|
1650 |
-
* @return String
|
1651 |
-
*/
|
1652 |
-
function _rsaes_pkcs1_v1_5_decrypt($c)
|
1653 |
-
{
|
1654 |
-
// Length checking
|
1655 |
-
|
1656 |
-
if (strlen($c) != $this->k) { // or if k < 11
|
1657 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1658 |
-
return false;
|
1659 |
-
}
|
1660 |
-
|
1661 |
-
// RSA decryption
|
1662 |
-
|
1663 |
-
$c = $this->_os2ip($c);
|
1664 |
-
$m = $this->_rsadp($c);
|
1665 |
-
if ($m === false) {
|
1666 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1667 |
-
return false;
|
1668 |
-
}
|
1669 |
-
$em = $this->_i2osp($m, $this->k);
|
1670 |
-
|
1671 |
-
// EME-PKCS1-v1_5 decoding
|
1672 |
-
|
1673 |
-
if (ord($em[0]) != 0 || ord($em[1]) > 2) {
|
1674 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1675 |
-
return false;
|
1676 |
-
}
|
1677 |
-
|
1678 |
-
$ps = substr($em, 2, strpos($em, chr(0), 2) - 2);
|
1679 |
-
$m = substr($em, strlen($ps) + 3);
|
1680 |
-
|
1681 |
-
if (strlen($ps) < 8) {
|
1682 |
-
user_error('Decryption error', E_USER_NOTICE);
|
1683 |
-
return false;
|
1684 |
-
}
|
1685 |
-
|
1686 |
-
// Output M
|
1687 |
-
|
1688 |
-
return $m;
|
1689 |
-
}
|
1690 |
-
|
1691 |
-
/**
|
1692 |
-
* EMSA-PSS-ENCODE
|
1693 |
-
*
|
1694 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}.
|
1695 |
-
*
|
1696 |
-
* @access private
|
1697 |
-
* @param String $m
|
1698 |
-
* @param Integer $emBits
|
1699 |
-
*/
|
1700 |
-
function _emsa_pss_encode($m, $emBits)
|
1701 |
-
{
|
1702 |
-
// if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1703 |
-
// be output.
|
1704 |
-
|
1705 |
-
$emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8)
|
1706 |
-
$sLen = $this->sLen == false ? $this->hLen : $this->sLen;
|
1707 |
-
|
1708 |
-
$mHash = $this->hash->hash($m);
|
1709 |
-
if ($emLen < $this->hLen + $sLen + 2) {
|
1710 |
-
user_error('Encoding error', E_USER_NOTICE);
|
1711 |
-
return false;
|
1712 |
-
}
|
1713 |
-
|
1714 |
-
$salt = $this->_random($sLen);
|
1715 |
-
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
|
1716 |
-
$h = $this->hash->hash($m2);
|
1717 |
-
$ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2);
|
1718 |
-
$db = $ps . chr(1) . $salt;
|
1719 |
-
$dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
|
1720 |
-
$maskedDB = $db ^ $dbMask;
|
1721 |
-
$maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0];
|
1722 |
-
$em = $maskedDB . $h . chr(0xBC);
|
1723 |
-
|
1724 |
-
return $em;
|
1725 |
-
}
|
1726 |
-
|
1727 |
-
/**
|
1728 |
-
* EMSA-PSS-VERIFY
|
1729 |
-
*
|
1730 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}.
|
1731 |
-
*
|
1732 |
-
* @access private
|
1733 |
-
* @param String $m
|
1734 |
-
* @param String $em
|
1735 |
-
* @param Integer $emBits
|
1736 |
-
* @return String
|
1737 |
-
*/
|
1738 |
-
function _emsa_pss_verify($m, $em, $emBits)
|
1739 |
-
{
|
1740 |
-
// if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1741 |
-
// be output.
|
1742 |
-
|
1743 |
-
$emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8);
|
1744 |
-
$sLen = $this->sLen == false ? $this->hLen : $this->sLen;
|
1745 |
-
|
1746 |
-
$mHash = $this->hash->hash($m);
|
1747 |
-
if ($emLen < $this->hLen + $sLen + 2) {
|
1748 |
-
return false;
|
1749 |
-
}
|
1750 |
-
|
1751 |
-
if ($em[strlen($em) - 1] != chr(0xBC)) {
|
1752 |
-
return false;
|
1753 |
-
}
|
1754 |
-
|
1755 |
-
$maskedDB = substr($em, 0, $em - $this->hLen - 1);
|
1756 |
-
$h = substr($em, $em - $this->hLen - 1, $this->hLen);
|
1757 |
-
$temp = chr(0xFF << ($emBits & 7));
|
1758 |
-
if ((~$maskedDB[0] & $temp) != $temp) {
|
1759 |
-
return false;
|
1760 |
-
}
|
1761 |
-
$dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
|
1762 |
-
$db = $maskedDB ^ $dbMask;
|
1763 |
-
$db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0];
|
1764 |
-
$temp = $emLen - $this->hLen - $sLen - 2;
|
1765 |
-
if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) {
|
1766 |
-
return false;
|
1767 |
-
}
|
1768 |
-
$salt = substr($db, $temp + 1); // should be $sLen long
|
1769 |
-
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
|
1770 |
-
$h2 = $this->hash->hash($m2);
|
1771 |
-
return $h == $h2;
|
1772 |
-
}
|
1773 |
-
|
1774 |
-
/**
|
1775 |
-
* RSASSA-PSS-SIGN
|
1776 |
-
*
|
1777 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}.
|
1778 |
-
*
|
1779 |
-
* @access private
|
1780 |
-
* @param String $m
|
1781 |
-
* @return String
|
1782 |
-
*/
|
1783 |
-
function _rsassa_pss_sign($m)
|
1784 |
-
{
|
1785 |
-
// EMSA-PSS encoding
|
1786 |
-
|
1787 |
-
$em = $this->_emsa_pss_encode($m, 8 * $this->k - 1);
|
1788 |
-
|
1789 |
-
// RSA signature
|
1790 |
-
|
1791 |
-
$m = $this->_os2ip($em);
|
1792 |
-
$s = $this->_rsasp1($m);
|
1793 |
-
$s = $this->_i2osp($s, $this->k);
|
1794 |
-
|
1795 |
-
// Output the signature S
|
1796 |
-
|
1797 |
-
return $s;
|
1798 |
-
}
|
1799 |
-
|
1800 |
-
/**
|
1801 |
-
* RSASSA-PSS-VERIFY
|
1802 |
-
*
|
1803 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}.
|
1804 |
-
*
|
1805 |
-
* @access private
|
1806 |
-
* @param String $m
|
1807 |
-
* @param String $s
|
1808 |
-
* @return String
|
1809 |
-
*/
|
1810 |
-
function _rsassa_pss_verify($m, $s)
|
1811 |
-
{
|
1812 |
-
// Length checking
|
1813 |
-
|
1814 |
-
if (strlen($s) != $this->k) {
|
1815 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
1816 |
-
return false;
|
1817 |
-
}
|
1818 |
-
|
1819 |
-
// RSA verification
|
1820 |
-
|
1821 |
-
$modBits = 8 * $this->k;
|
1822 |
-
|
1823 |
-
$s2 = $this->_os2ip($s);
|
1824 |
-
$m2 = $this->_rsavp1($s2);
|
1825 |
-
if ($m2 === false) {
|
1826 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
1827 |
-
return false;
|
1828 |
-
}
|
1829 |
-
$em = $this->_i2osp($m2, $modBits >> 3);
|
1830 |
-
if ($em === false) {
|
1831 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
1832 |
-
return false;
|
1833 |
-
}
|
1834 |
-
|
1835 |
-
// EMSA-PSS verification
|
1836 |
-
|
1837 |
-
return $this->_emsa_pss_verify($m, $em, $modBits - 1);
|
1838 |
-
}
|
1839 |
-
|
1840 |
-
/**
|
1841 |
-
* EMSA-PKCS1-V1_5-ENCODE
|
1842 |
-
*
|
1843 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}.
|
1844 |
-
*
|
1845 |
-
* @access private
|
1846 |
-
* @param String $m
|
1847 |
-
* @param Integer $emLen
|
1848 |
-
* @return String
|
1849 |
-
*/
|
1850 |
-
function _emsa_pkcs1_v1_5_encode($m, $emLen)
|
1851 |
-
{
|
1852 |
-
$h = $this->hash->hash($m);
|
1853 |
-
if ($h === false) {
|
1854 |
-
return false;
|
1855 |
-
}
|
1856 |
-
|
1857 |
-
// see http://tools.ietf.org/html/rfc3447#page-43
|
1858 |
-
switch ($this->hashName) {
|
1859 |
-
case 'md2':
|
1860 |
-
$t = pack('H*', '3020300c06082a864886f70d020205000410');
|
1861 |
-
break;
|
1862 |
-
case 'md5':
|
1863 |
-
$t = pack('H*', '3020300c06082a864886f70d020505000410');
|
1864 |
-
break;
|
1865 |
-
case 'sha1':
|
1866 |
-
$t = pack('H*', '3021300906052b0e03021a05000414');
|
1867 |
-
break;
|
1868 |
-
case 'sha256':
|
1869 |
-
$t = pack('H*', '3031300d060960864801650304020105000420');
|
1870 |
-
break;
|
1871 |
-
case 'sha384':
|
1872 |
-
$t = pack('H*', '3041300d060960864801650304020205000430');
|
1873 |
-
break;
|
1874 |
-
case 'sha512':
|
1875 |
-
$t = pack('H*', '3051300d060960864801650304020305000440');
|
1876 |
-
}
|
1877 |
-
$t.= $h;
|
1878 |
-
$tLen = strlen($t);
|
1879 |
-
|
1880 |
-
if ($emLen < $tLen + 11) {
|
1881 |
-
user_error('Intended encoded message length too short', E_USER_NOTICE);
|
1882 |
-
return false;
|
1883 |
-
}
|
1884 |
-
|
1885 |
-
$ps = str_repeat(chr(0xFF), $emLen - $tLen - 3);
|
1886 |
-
|
1887 |
-
$em = "\0\1$ps\0$t";
|
1888 |
-
|
1889 |
-
return $em;
|
1890 |
-
}
|
1891 |
-
|
1892 |
-
/**
|
1893 |
-
* RSASSA-PKCS1-V1_5-SIGN
|
1894 |
-
*
|
1895 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}.
|
1896 |
-
*
|
1897 |
-
* @access private
|
1898 |
-
* @param String $m
|
1899 |
-
* @return String
|
1900 |
-
*/
|
1901 |
-
function _rsassa_pkcs1_v1_5_sign($m)
|
1902 |
-
{
|
1903 |
-
// EMSA-PKCS1-v1_5 encoding
|
1904 |
-
|
1905 |
-
$em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
|
1906 |
-
if ($em === false) {
|
1907 |
-
user_error('RSA modulus too short', E_USER_NOTICE);
|
1908 |
-
return false;
|
1909 |
-
}
|
1910 |
-
|
1911 |
-
// RSA signature
|
1912 |
-
|
1913 |
-
$m = $this->_os2ip($em);
|
1914 |
-
$s = $this->_rsasp1($m);
|
1915 |
-
$s = $this->_i2osp($s, $this->k);
|
1916 |
-
|
1917 |
-
// Output the signature S
|
1918 |
-
|
1919 |
-
return $s;
|
1920 |
-
}
|
1921 |
-
|
1922 |
-
/**
|
1923 |
-
* RSASSA-PKCS1-V1_5-VERIFY
|
1924 |
-
*
|
1925 |
-
* See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}.
|
1926 |
-
*
|
1927 |
-
* @access private
|
1928 |
-
* @param String $m
|
1929 |
-
* @return String
|
1930 |
-
*/
|
1931 |
-
function _rsassa_pkcs1_v1_5_verify($m, $s)
|
1932 |
-
{
|
1933 |
-
// Length checking
|
1934 |
-
|
1935 |
-
if (strlen($s) != $this->k) {
|
1936 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
1937 |
-
return false;
|
1938 |
-
}
|
1939 |
-
|
1940 |
-
// RSA verification
|
1941 |
-
|
1942 |
-
$s = $this->_os2ip($s);
|
1943 |
-
$m2 = $this->_rsavp1($s);
|
1944 |
-
if ($m2 === false) {
|
1945 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
1946 |
-
return false;
|
1947 |
-
}
|
1948 |
-
$em = $this->_i2osp($m2, $this->k);
|
1949 |
-
if ($em === false) {
|
1950 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
1951 |
-
return false;
|
1952 |
-
}
|
1953 |
-
|
1954 |
-
// EMSA-PKCS1-v1_5 encoding
|
1955 |
-
|
1956 |
-
$em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
|
1957 |
-
if ($em2 === false) {
|
1958 |
-
user_error('RSA modulus too short', E_USER_NOTICE);
|
1959 |
-
return false;
|
1960 |
-
}
|
1961 |
-
|
1962 |
-
// Compare
|
1963 |
-
|
1964 |
-
return $em === $em2;
|
1965 |
-
}
|
1966 |
-
|
1967 |
-
/**
|
1968 |
-
* Set Encryption Mode
|
1969 |
-
*
|
1970 |
-
* Valid values include CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1.
|
1971 |
-
*
|
1972 |
-
* @access public
|
1973 |
-
* @param Integer $mode
|
1974 |
-
*/
|
1975 |
-
function setEncryptionMode($mode)
|
1976 |
-
{
|
1977 |
-
$this->encryptionMode = $mode;
|
1978 |
-
}
|
1979 |
-
|
1980 |
-
/**
|
1981 |
-
* Set Signature Mode
|
1982 |
-
*
|
1983 |
-
* Valid values include CRYPT_RSA_SIGNATURE_PSS and CRYPT_RSA_SIGNATURE_PKCS1
|
1984 |
-
*
|
1985 |
-
* @access public
|
1986 |
-
* @param Integer $mode
|
1987 |
-
*/
|
1988 |
-
function setSignatureMode($mode)
|
1989 |
-
{
|
1990 |
-
$this->signatureMode = $mode;
|
1991 |
-
}
|
1992 |
-
|
1993 |
-
/**
|
1994 |
-
* Encryption
|
1995 |
-
*
|
1996 |
-
* Both CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1 both place limits on how long $plaintext can be.
|
1997 |
-
* If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will
|
1998 |
-
* be concatenated together.
|
1999 |
-
*
|
2000 |
-
* @see decrypt()
|
2001 |
-
* @access public
|
2002 |
-
* @param String $plaintext
|
2003 |
-
* @return String
|
2004 |
-
*/
|
2005 |
-
function encrypt($plaintext)
|
2006 |
-
{
|
2007 |
-
switch ($this->encryptionMode) {
|
2008 |
-
case CRYPT_RSA_ENCRYPTION_PKCS1:
|
2009 |
-
$length = $this->k - 11;
|
2010 |
-
if ($length <= 0) {
|
2011 |
-
return false;
|
2012 |
-
}
|
2013 |
-
|
2014 |
-
$plaintext = str_split($plaintext, $length);
|
2015 |
-
$ciphertext = '';
|
2016 |
-
foreach ($plaintext as $m) {
|
2017 |
-
$ciphertext.= $this->_rsaes_pkcs1_v1_5_encrypt($m);
|
2018 |
-
}
|
2019 |
-
return $ciphertext;
|
2020 |
-
//case CRYPT_RSA_ENCRYPTION_OAEP:
|
2021 |
-
default:
|
2022 |
-
$length = $this->k - 2 * $this->hLen - 2;
|
2023 |
-
if ($length <= 0) {
|
2024 |
-
return false;
|
2025 |
-
}
|
2026 |
-
|
2027 |
-
$plaintext = str_split($plaintext, $length);
|
2028 |
-
$ciphertext = '';
|
2029 |
-
foreach ($plaintext as $m) {
|
2030 |
-
$ciphertext.= $this->_rsaes_oaep_encrypt($m);
|
2031 |
-
}
|
2032 |
-
return $ciphertext;
|
2033 |
-
}
|
2034 |
-
}
|
2035 |
-
|
2036 |
-
/**
|
2037 |
-
* Decryption
|
2038 |
-
*
|
2039 |
-
* @see encrypt()
|
2040 |
-
* @access public
|
2041 |
-
* @param String $plaintext
|
2042 |
-
* @return String
|
2043 |
-
*/
|
2044 |
-
function decrypt($ciphertext)
|
2045 |
-
{
|
2046 |
-
if ($this->k <= 0) {
|
2047 |
-
return false;
|
2048 |
-
}
|
2049 |
-
|
2050 |
-
$ciphertext = str_split($ciphertext, $this->k);
|
2051 |
-
$plaintext = '';
|
2052 |
-
|
2053 |
-
switch ($this->encryptionMode) {
|
2054 |
-
case CRYPT_RSA_ENCRYPTION_PKCS1:
|
2055 |
-
$decrypt = '_rsaes_pkcs1_v1_5_decrypt';
|
2056 |
-
break;
|
2057 |
-
//case CRYPT_RSA_ENCRYPTION_OAEP:
|
2058 |
-
default:
|
2059 |
-
$decrypt = '_rsaes_oaep_decrypt';
|
2060 |
-
}
|
2061 |
-
|
2062 |
-
foreach ($ciphertext as $c) {
|
2063 |
-
$temp = $this->$decrypt($c);
|
2064 |
-
if ($temp === false) {
|
2065 |
-
return false;
|
2066 |
-
}
|
2067 |
-
$plaintext.= $temp;
|
2068 |
-
}
|
2069 |
-
|
2070 |
-
return $plaintext;
|
2071 |
-
}
|
2072 |
-
|
2073 |
-
/**
|
2074 |
-
* Create a signature
|
2075 |
-
*
|
2076 |
-
* @see verify()
|
2077 |
-
* @access public
|
2078 |
-
* @param String $message
|
2079 |
-
* @return String
|
2080 |
-
*/
|
2081 |
-
function sign($message)
|
2082 |
-
{
|
2083 |
-
if (empty($this->modulus) || empty($this->exponent)) {
|
2084 |
-
return false;
|
2085 |
-
}
|
2086 |
-
|
2087 |
-
switch ($this->signatureMode) {
|
2088 |
-
case CRYPT_RSA_SIGNATURE_PKCS1:
|
2089 |
-
return $this->_rsassa_pkcs1_v1_5_sign($message);
|
2090 |
-
//case CRYPT_RSA_SIGNATURE_PSS:
|
2091 |
-
default:
|
2092 |
-
return $this->_rsassa_pss_sign($message);
|
2093 |
-
}
|
2094 |
-
}
|
2095 |
-
|
2096 |
-
/**
|
2097 |
-
* Verifies a signature
|
2098 |
-
*
|
2099 |
-
* @see sign()
|
2100 |
-
* @access public
|
2101 |
-
* @param String $message
|
2102 |
-
* @param String $signature
|
2103 |
-
* @return Boolean
|
2104 |
-
*/
|
2105 |
-
function verify($message, $signature)
|
2106 |
-
{
|
2107 |
-
if (empty($this->modulus) || empty($this->exponent)) {
|
2108 |
-
return false;
|
2109 |
-
}
|
2110 |
-
|
2111 |
-
switch ($this->signatureMode) {
|
2112 |
-
case CRYPT_RSA_SIGNATURE_PKCS1:
|
2113 |
-
return $this->_rsassa_pkcs1_v1_5_verify($message, $signature);
|
2114 |
-
//case CRYPT_RSA_SIGNATURE_PSS:
|
2115 |
-
default:
|
2116 |
-
return $this->_rsassa_pss_verify($message, $signature);
|
2117 |
-
}
|
2118 |
-
}
|
2119 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP PKCS#1 (v2.1) compliant implementation of RSA.
|
6 |
+
*
|
7 |
+
* PHP versions 4 and 5
|
8 |
+
*
|
9 |
+
* Here's an example of how to encrypt and decrypt text with this library:
|
10 |
+
* <code>
|
11 |
+
* <?php
|
12 |
+
* include('Crypt/RSA.php');
|
13 |
+
*
|
14 |
+
* $rsa = new Crypt_RSA();
|
15 |
+
* extract($rsa->createKey());
|
16 |
+
*
|
17 |
+
* $plaintext = 'terrafrost';
|
18 |
+
*
|
19 |
+
* $rsa->loadKey($privatekey);
|
20 |
+
* $ciphertext = $rsa->encrypt($plaintext);
|
21 |
+
*
|
22 |
+
* $rsa->loadKey($publickey);
|
23 |
+
* echo $rsa->decrypt($ciphertext);
|
24 |
+
* ?>
|
25 |
+
* </code>
|
26 |
+
*
|
27 |
+
* Here's an example of how to create signatures and verify signatures with this library:
|
28 |
+
* <code>
|
29 |
+
* <?php
|
30 |
+
* include('Crypt/RSA.php');
|
31 |
+
*
|
32 |
+
* $rsa = new Crypt_RSA();
|
33 |
+
* extract($rsa->createKey());
|
34 |
+
*
|
35 |
+
* $plaintext = 'terrafrost';
|
36 |
+
*
|
37 |
+
* $rsa->loadKey($privatekey);
|
38 |
+
* $signature = $rsa->sign($plaintext);
|
39 |
+
*
|
40 |
+
* $rsa->loadKey($publickey);
|
41 |
+
* echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
|
42 |
+
* ?>
|
43 |
+
* </code>
|
44 |
+
*
|
45 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
46 |
+
* modify it under the terms of the GNU Lesser General Public
|
47 |
+
* License as published by the Free Software Foundation; either
|
48 |
+
* version 2.1 of the License, or (at your option) any later version.
|
49 |
+
*
|
50 |
+
* This library is distributed in the hope that it will be useful,
|
51 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
52 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
53 |
+
* Lesser General Public License for more details.
|
54 |
+
*
|
55 |
+
* You should have received a copy of the GNU Lesser General Public
|
56 |
+
* License along with this library; if not, write to the Free Software
|
57 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
58 |
+
* MA 02111-1307 USA
|
59 |
+
*
|
60 |
+
* @category Crypt
|
61 |
+
* @package Crypt_RSA
|
62 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
63 |
+
* @copyright MMIX Jim Wigginton
|
64 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
65 |
+
* @version $Id: RSA.php,v 1.15 2010/04/10 15:57:02 terrafrost Exp $
|
66 |
+
* @link http://phpseclib.sourceforge.net
|
67 |
+
*/
|
68 |
+
|
69 |
+
/**
|
70 |
+
* Include Math_BigInteger
|
71 |
+
*/
|
72 |
+
require_once('Math/BigInteger.php');
|
73 |
+
|
74 |
+
/**
|
75 |
+
* Include Crypt_Random
|
76 |
+
*/
|
77 |
+
require_once('Crypt/Random.php');
|
78 |
+
|
79 |
+
/**
|
80 |
+
* Include Crypt_Hash
|
81 |
+
*/
|
82 |
+
require_once('Crypt/Hash.php');
|
83 |
+
|
84 |
+
/**#@+
|
85 |
+
* @access public
|
86 |
+
* @see Crypt_RSA::encrypt()
|
87 |
+
* @see Crypt_RSA::decrypt()
|
88 |
+
*/
|
89 |
+
/**
|
90 |
+
* Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding}
|
91 |
+
* (OAEP) for encryption / decryption.
|
92 |
+
*
|
93 |
+
* Uses sha1 by default.
|
94 |
+
*
|
95 |
+
* @see Crypt_RSA::setHash()
|
96 |
+
* @see Crypt_RSA::setMGFHash()
|
97 |
+
*/
|
98 |
+
define('CRYPT_RSA_ENCRYPTION_OAEP', 1);
|
99 |
+
/**
|
100 |
+
* Use PKCS#1 padding.
|
101 |
+
*
|
102 |
+
* Although CRYPT_RSA_ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards
|
103 |
+
* compatability with protocols (like SSH-1) written before OAEP's introduction.
|
104 |
+
*/
|
105 |
+
define('CRYPT_RSA_ENCRYPTION_PKCS1', 2);
|
106 |
+
/**#@-*/
|
107 |
+
|
108 |
+
/**#@+
|
109 |
+
* @access public
|
110 |
+
* @see Crypt_RSA::sign()
|
111 |
+
* @see Crypt_RSA::verify()
|
112 |
+
* @see Crypt_RSA::setHash()
|
113 |
+
*/
|
114 |
+
/**
|
115 |
+
* Use the Probabilistic Signature Scheme for signing
|
116 |
+
*
|
117 |
+
* Uses sha1 by default.
|
118 |
+
*
|
119 |
+
* @see Crypt_RSA::setSaltLength()
|
120 |
+
* @see Crypt_RSA::setMGFHash()
|
121 |
+
*/
|
122 |
+
define('CRYPT_RSA_SIGNATURE_PSS', 1);
|
123 |
+
/**
|
124 |
+
* Use the PKCS#1 scheme by default.
|
125 |
+
*
|
126 |
+
* Although CRYPT_RSA_SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards
|
127 |
+
* compatability with protocols (like SSH-2) written before PSS's introduction.
|
128 |
+
*/
|
129 |
+
define('CRYPT_RSA_SIGNATURE_PKCS1', 2);
|
130 |
+
/**#@-*/
|
131 |
+
|
132 |
+
/**#@+
|
133 |
+
* @access private
|
134 |
+
* @see Crypt_RSA::createKey()
|
135 |
+
*/
|
136 |
+
/**
|
137 |
+
* ASN1 Integer
|
138 |
+
*/
|
139 |
+
define('CRYPT_RSA_ASN1_INTEGER', 2);
|
140 |
+
/**
|
141 |
+
* ASN1 Sequence (with the constucted bit set)
|
142 |
+
*/
|
143 |
+
define('CRYPT_RSA_ASN1_SEQUENCE', 48);
|
144 |
+
/**#@-*/
|
145 |
+
|
146 |
+
/**#@+
|
147 |
+
* @access private
|
148 |
+
* @see Crypt_RSA::Crypt_RSA()
|
149 |
+
*/
|
150 |
+
/**
|
151 |
+
* To use the pure-PHP implementation
|
152 |
+
*/
|
153 |
+
define('CRYPT_RSA_MODE_INTERNAL', 1);
|
154 |
+
/**
|
155 |
+
* To use the OpenSSL library
|
156 |
+
*
|
157 |
+
* (if enabled; otherwise, the internal implementation will be used)
|
158 |
+
*/
|
159 |
+
define('CRYPT_RSA_MODE_OPENSSL', 2);
|
160 |
+
/**#@-*/
|
161 |
+
|
162 |
+
/**#@+
|
163 |
+
* @access public
|
164 |
+
* @see Crypt_RSA::createKey()
|
165 |
+
* @see Crypt_RSA::setPrivateKeyFormat()
|
166 |
+
*/
|
167 |
+
/**
|
168 |
+
* PKCS#1 formatted private key
|
169 |
+
*
|
170 |
+
* Used by OpenSSH
|
171 |
+
*/
|
172 |
+
define('CRYPT_RSA_PRIVATE_FORMAT_PKCS1', 0);
|
173 |
+
/**#@-*/
|
174 |
+
|
175 |
+
/**#@+
|
176 |
+
* @access public
|
177 |
+
* @see Crypt_RSA::createKey()
|
178 |
+
* @see Crypt_RSA::setPublicKeyFormat()
|
179 |
+
*/
|
180 |
+
/**
|
181 |
+
* Raw public key
|
182 |
+
*
|
183 |
+
* An array containing two Math_BigInteger objects.
|
184 |
+
*
|
185 |
+
* The exponent can be indexed with any of the following:
|
186 |
+
*
|
187 |
+
* 0, e, exponent, publicExponent
|
188 |
+
*
|
189 |
+
* The modulus can be indexed with any of the following:
|
190 |
+
*
|
191 |
+
* 1, n, modulo, modulus
|
192 |
+
*/
|
193 |
+
define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 1);
|
194 |
+
/**
|
195 |
+
* PKCS#1 formatted public key
|
196 |
+
*/
|
197 |
+
define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 2);
|
198 |
+
/**
|
199 |
+
* OpenSSH formatted public key
|
200 |
+
*
|
201 |
+
* Place in $HOME/.ssh/authorized_keys
|
202 |
+
*/
|
203 |
+
define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 3);
|
204 |
+
/**#@-*/
|
205 |
+
|
206 |
+
/**
|
207 |
+
* Pure-PHP PKCS#1 compliant implementation of RSA.
|
208 |
+
*
|
209 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
210 |
+
* @version 0.1.0
|
211 |
+
* @access public
|
212 |
+
* @package Crypt_RSA
|
213 |
+
*/
|
214 |
+
class Crypt_RSA {
|
215 |
+
/**
|
216 |
+
* Precomputed Zero
|
217 |
+
*
|
218 |
+
* @var Array
|
219 |
+
* @access private
|
220 |
+
*/
|
221 |
+
var $zero;
|
222 |
+
|
223 |
+
/**
|
224 |
+
* Precomputed One
|
225 |
+
*
|
226 |
+
* @var Array
|
227 |
+
* @access private
|
228 |
+
*/
|
229 |
+
var $one;
|
230 |
+
|
231 |
+
/**
|
232 |
+
* Private Key Format
|
233 |
+
*
|
234 |
+
* @var Integer
|
235 |
+
* @access private
|
236 |
+
*/
|
237 |
+
var $privateKeyFormat = CRYPT_RSA_PRIVATE_FORMAT_PKCS1;
|
238 |
+
|
239 |
+
/**
|
240 |
+
* Public Key Format
|
241 |
+
*
|
242 |
+
* @var Integer
|
243 |
+
* @access public
|
244 |
+
*/
|
245 |
+
var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS1;
|
246 |
+
|
247 |
+
/**
|
248 |
+
* Modulus (ie. n)
|
249 |
+
*
|
250 |
+
* @var Math_BigInteger
|
251 |
+
* @access private
|
252 |
+
*/
|
253 |
+
var $modulus;
|
254 |
+
|
255 |
+
/**
|
256 |
+
* Modulus length
|
257 |
+
*
|
258 |
+
* @var Math_BigInteger
|
259 |
+
* @access private
|
260 |
+
*/
|
261 |
+
var $k;
|
262 |
+
|
263 |
+
/**
|
264 |
+
* Exponent (ie. e or d)
|
265 |
+
*
|
266 |
+
* @var Math_BigInteger
|
267 |
+
* @access private
|
268 |
+
*/
|
269 |
+
var $exponent;
|
270 |
+
|
271 |
+
/**
|
272 |
+
* Primes for Chinese Remainder Theorem (ie. p and q)
|
273 |
+
*
|
274 |
+
* @var Array
|
275 |
+
* @access private
|
276 |
+
*/
|
277 |
+
var $primes;
|
278 |
+
|
279 |
+
/**
|
280 |
+
* Exponents for Chinese Remainder Theorem (ie. dP and dQ)
|
281 |
+
*
|
282 |
+
* @var Array
|
283 |
+
* @access private
|
284 |
+
*/
|
285 |
+
var $exponents;
|
286 |
+
|
287 |
+
/**
|
288 |
+
* Coefficients for Chinese Remainder Theorem (ie. qInv)
|
289 |
+
*
|
290 |
+
* @var Array
|
291 |
+
* @access private
|
292 |
+
*/
|
293 |
+
var $coefficients;
|
294 |
+
|
295 |
+
/**
|
296 |
+
* Hash name
|
297 |
+
*
|
298 |
+
* @var String
|
299 |
+
* @access private
|
300 |
+
*/
|
301 |
+
var $hashName;
|
302 |
+
|
303 |
+
/**
|
304 |
+
* Hash function
|
305 |
+
*
|
306 |
+
* @var Crypt_Hash
|
307 |
+
* @access private
|
308 |
+
*/
|
309 |
+
var $hash;
|
310 |
+
|
311 |
+
/**
|
312 |
+
* Length of hash function output
|
313 |
+
*
|
314 |
+
* @var Integer
|
315 |
+
* @access private
|
316 |
+
*/
|
317 |
+
var $hLen;
|
318 |
+
|
319 |
+
/**
|
320 |
+
* Length of salt
|
321 |
+
*
|
322 |
+
* @var Integer
|
323 |
+
* @access private
|
324 |
+
*/
|
325 |
+
var $sLen;
|
326 |
+
|
327 |
+
/**
|
328 |
+
* Hash function for the Mask Generation Function
|
329 |
+
*
|
330 |
+
* @var Crypt_Hash
|
331 |
+
* @access private
|
332 |
+
*/
|
333 |
+
var $mgfHash;
|
334 |
+
|
335 |
+
/**
|
336 |
+
* Length of MGF hash function output
|
337 |
+
*
|
338 |
+
* @var Integer
|
339 |
+
* @access private
|
340 |
+
*/
|
341 |
+
var $mgfHLen;
|
342 |
+
|
343 |
+
/**
|
344 |
+
* Encryption mode
|
345 |
+
*
|
346 |
+
* @var Integer
|
347 |
+
* @access private
|
348 |
+
*/
|
349 |
+
var $encryptionMode = CRYPT_RSA_ENCRYPTION_OAEP;
|
350 |
+
|
351 |
+
/**
|
352 |
+
* Signature mode
|
353 |
+
*
|
354 |
+
* @var Integer
|
355 |
+
* @access private
|
356 |
+
*/
|
357 |
+
var $signatureMode = CRYPT_RSA_SIGNATURE_PSS;
|
358 |
+
|
359 |
+
/**
|
360 |
+
* Public Exponent
|
361 |
+
*
|
362 |
+
* @var Mixed
|
363 |
+
* @access private
|
364 |
+
*/
|
365 |
+
var $publicExponent = false;
|
366 |
+
|
367 |
+
/**
|
368 |
+
* Password
|
369 |
+
*
|
370 |
+
* @var String
|
371 |
+
* @access private
|
372 |
+
*/
|
373 |
+
var $password = '';
|
374 |
+
|
375 |
+
/**
|
376 |
+
* The constructor
|
377 |
+
*
|
378 |
+
* If you want to make use of the openssl extension, you'll need to set the mode manually, yourself. The reason
|
379 |
+
* Crypt_RSA doesn't do it is because OpenSSL doesn't fail gracefully. openssl_pkey_new(), in particular, requires
|
380 |
+
* openssl.cnf be present somewhere and, unfortunately, the only real way to find out is too late.
|
381 |
+
*
|
382 |
+
* @return Crypt_RSA
|
383 |
+
* @access public
|
384 |
+
*/
|
385 |
+
function Crypt_RSA()
|
386 |
+
{
|
387 |
+
if ( !defined('CRYPT_RSA_MODE') ) {
|
388 |
+
switch (true) {
|
389 |
+
//case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>='):
|
390 |
+
// define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL);
|
391 |
+
// break;
|
392 |
+
default:
|
393 |
+
define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
394 |
+
}
|
395 |
+
}
|
396 |
+
|
397 |
+
$this->zero = new Math_BigInteger();
|
398 |
+
$this->one = new Math_BigInteger(1);
|
399 |
+
|
400 |
+
$this->hash = new Crypt_Hash('sha1');
|
401 |
+
$this->hLen = $this->hash->getLength();
|
402 |
+
$this->hashName = 'sha1';
|
403 |
+
$this->mgfHash = new Crypt_Hash('sha1');
|
404 |
+
$this->mgfHLen = $this->mgfHash->getLength();
|
405 |
+
}
|
406 |
+
|
407 |
+
/**
|
408 |
+
* Create public / private key pair
|
409 |
+
*
|
410 |
+
* Returns an array with the following three elements:
|
411 |
+
* - 'privatekey': The private key.
|
412 |
+
* - 'publickey': The public key.
|
413 |
+
* - 'partialkey': A partially computed key (if the execution time exceeded $timeout).
|
414 |
+
* Will need to be passed back to Crypt_RSA::createKey() as the third parameter for further processing.
|
415 |
+
*
|
416 |
+
* @access public
|
417 |
+
* @param optional Integer $bits
|
418 |
+
* @param optional Integer $timeout
|
419 |
+
* @param optional Math_BigInteger $p
|
420 |
+
*/
|
421 |
+
function createKey($bits = 1024, $timeout = false, $partial = array())
|
422 |
+
{
|
423 |
+
if ( CRYPT_RSA_MODE == CRYPT_RSA_MODE_OPENSSL ) {
|
424 |
+
$rsa = openssl_pkey_new(array('private_key_bits' => $bits));
|
425 |
+
openssl_pkey_export($rsa, $privatekey);
|
426 |
+
$publickey = openssl_pkey_get_details($rsa);
|
427 |
+
$publickey = $publickey['key'];
|
428 |
+
|
429 |
+
if ($this->privateKeyFormat != CRYPT_RSA_PRIVATE_FORMAT_PKCS1) {
|
430 |
+
$privatekey = call_user_func_array(array($this, '_convertPrivateKey'), array_values($this->_parseKey($privatekey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1)));
|
431 |
+
$publickey = call_user_func_array(array($this, '_convertPublicKey'), array_values($this->_parseKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_PKCS1)));
|
432 |
+
}
|
433 |
+
|
434 |
+
return array(
|
435 |
+
'privatekey' => $privatekey,
|
436 |
+
'publickey' => $publickey,
|
437 |
+
'partialkey' => false
|
438 |
+
);
|
439 |
+
}
|
440 |
+
|
441 |
+
static $e;
|
442 |
+
if (!isset($e)) {
|
443 |
+
if (!defined('CRYPT_RSA_EXPONENT')) {
|
444 |
+
// http://en.wikipedia.org/wiki/65537_%28number%29
|
445 |
+
define('CRYPT_RSA_EXPONENT', '65537');
|
446 |
+
}
|
447 |
+
if (!defined('CRYPT_RSA_COMMENT')) {
|
448 |
+
define('CRYPT_RSA_COMMENT', 'phpseclib-generated-key');
|
449 |
+
}
|
450 |
+
// per <http://cseweb.ucsd.edu/~hovav/dist/survey.pdf#page=5>, this number ought not result in primes smaller
|
451 |
+
// than 256 bits.
|
452 |
+
if (!defined('CRYPT_RSA_SMALLEST_PRIME')) {
|
453 |
+
define('CRYPT_RSA_SMALLEST_PRIME', 4096);
|
454 |
+
}
|
455 |
+
|
456 |
+
$e = new Math_BigInteger(CRYPT_RSA_EXPONENT);
|
457 |
+
}
|
458 |
+
|
459 |
+
extract($this->_generateMinMax($bits));
|
460 |
+
$absoluteMin = $min;
|
461 |
+
$temp = $bits >> 1;
|
462 |
+
if ($temp > CRYPT_RSA_SMALLEST_PRIME) {
|
463 |
+
$num_primes = floor($bits / CRYPT_RSA_SMALLEST_PRIME);
|
464 |
+
$temp = CRYPT_RSA_SMALLEST_PRIME;
|
465 |
+
} else {
|
466 |
+
$num_primes = 2;
|
467 |
+
}
|
468 |
+
extract($this->_generateMinMax($temp + $bits % $temp));
|
469 |
+
$finalMax = $max;
|
470 |
+
extract($this->_generateMinMax($temp));
|
471 |
+
|
472 |
+
$generator = new Math_BigInteger();
|
473 |
+
$generator->setRandomGenerator('crypt_random');
|
474 |
+
|
475 |
+
$n = $this->one->copy();
|
476 |
+
if (!empty($partial)) {
|
477 |
+
extract(unserialize($partial));
|
478 |
+
} else {
|
479 |
+
$exponents = $coefficients = $primes = array();
|
480 |
+
$lcm = array(
|
481 |
+
'top' => $this->one->copy(),
|
482 |
+
'bottom' => false
|
483 |
+
);
|
484 |
+
}
|
485 |
+
|
486 |
+
$start = time();
|
487 |
+
$i0 = count($primes) + 1;
|
488 |
+
|
489 |
+
do {
|
490 |
+
for ($i = $i0; $i <= $num_primes; $i++) {
|
491 |
+
if ($timeout !== false) {
|
492 |
+
$timeout-= time() - $start;
|
493 |
+
$start = time();
|
494 |
+
if ($timeout <= 0) {
|
495 |
+
return serialize(array(
|
496 |
+
'privatekey' => '',
|
497 |
+
'publickey' => '',
|
498 |
+
'partialkey' => array(
|
499 |
+
'primes' => $primes,
|
500 |
+
'coefficients' => $coefficients,
|
501 |
+
'lcm' => $lcm,
|
502 |
+
'exponents' => $exponents
|
503 |
+
)
|
504 |
+
));
|
505 |
+
}
|
506 |
+
}
|
507 |
+
|
508 |
+
if ($i == $num_primes) {
|
509 |
+
list($min, $temp) = $absoluteMin->divide($n);
|
510 |
+
if (!$temp->equals($this->zero)) {
|
511 |
+
$min = $min->add($this->one); // ie. ceil()
|
512 |
+
}
|
513 |
+
$primes[$i] = $generator->randomPrime($min, $finalMax, $timeout);
|
514 |
+
} else {
|
515 |
+
$primes[$i] = $generator->randomPrime($min, $max, $timeout);
|
516 |
+
}
|
517 |
+
|
518 |
+
if ($primes[$i] === false) { // if we've reached the timeout
|
519 |
+
return array(
|
520 |
+
'privatekey' => '',
|
521 |
+
'publickey' => '',
|
522 |
+
'partialkey' => empty($primes) ? '' : serialize(array(
|
523 |
+
'primes' => array_slice($primes, 0, $i - 1),
|
524 |
+
'coefficients' => $coefficients,
|
525 |
+
'lcm' => $lcm,
|
526 |
+
'exponents' => $exponents
|
527 |
+
))
|
528 |
+
);
|
529 |
+
}
|
530 |
+
|
531 |
+
// the first coefficient is calculated differently from the rest
|
532 |
+
// ie. instead of being $primes[1]->modInverse($primes[2]), it's $primes[2]->modInverse($primes[1])
|
533 |
+
if ($i > 2) {
|
534 |
+
$coefficients[$i] = $n->modInverse($primes[$i]);
|
535 |
+
}
|
536 |
+
|
537 |
+
$n = $n->multiply($primes[$i]);
|
538 |
+
|
539 |
+
$temp = $primes[$i]->subtract($this->one);
|
540 |
+
|
541 |
+
// textbook RSA implementations use Euler's totient function instead of the least common multiple.
|
542 |
+
// see http://en.wikipedia.org/wiki/Euler%27s_totient_function
|
543 |
+
$lcm['top'] = $lcm['top']->multiply($temp);
|
544 |
+
$lcm['bottom'] = $lcm['bottom'] === false ? $temp : $lcm['bottom']->gcd($temp);
|
545 |
+
|
546 |
+
$exponents[$i] = $e->modInverse($temp);
|
547 |
+
}
|
548 |
+
|
549 |
+
list($lcm) = $lcm['top']->divide($lcm['bottom']);
|
550 |
+
$gcd = $lcm->gcd($e);
|
551 |
+
$i0 = 1;
|
552 |
+
} while (!$gcd->equals($this->one));
|
553 |
+
|
554 |
+
$d = $e->modInverse($lcm);
|
555 |
+
|
556 |
+
$coefficients[2] = $primes[2]->modInverse($primes[1]);
|
557 |
+
|
558 |
+
// from <http://tools.ietf.org/html/rfc3447#appendix-A.1.2>:
|
559 |
+
// RSAPrivateKey ::= SEQUENCE {
|
560 |
+
// version Version,
|
561 |
+
// modulus INTEGER, -- n
|
562 |
+
// publicExponent INTEGER, -- e
|
563 |
+
// privateExponent INTEGER, -- d
|
564 |
+
// prime1 INTEGER, -- p
|
565 |
+
// prime2 INTEGER, -- q
|
566 |
+
// exponent1 INTEGER, -- d mod (p-1)
|
567 |
+
// exponent2 INTEGER, -- d mod (q-1)
|
568 |
+
// coefficient INTEGER, -- (inverse of q) mod p
|
569 |
+
// otherPrimeInfos OtherPrimeInfos OPTIONAL
|
570 |
+
// }
|
571 |
+
|
572 |
+
return array(
|
573 |
+
'privatekey' => $this->_convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients),
|
574 |
+
'publickey' => $this->_convertPublicKey($n, $e),
|
575 |
+
'partialkey' => false
|
576 |
+
);
|
577 |
+
}
|
578 |
+
|
579 |
+
/**
|
580 |
+
* Convert a private key to the appropriate format.
|
581 |
+
*
|
582 |
+
* @access private
|
583 |
+
* @see setPrivateKeyFormat()
|
584 |
+
* @param String $RSAPrivateKey
|
585 |
+
* @return String
|
586 |
+
*/
|
587 |
+
function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
|
588 |
+
{
|
589 |
+
$num_primes = count($primes);
|
590 |
+
$raw = array(
|
591 |
+
'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi
|
592 |
+
'modulus' => $n->toBytes(true),
|
593 |
+
'publicExponent' => $e->toBytes(true),
|
594 |
+
'privateExponent' => $d->toBytes(true),
|
595 |
+
'prime1' => $primes[1]->toBytes(true),
|
596 |
+
'prime2' => $primes[2]->toBytes(true),
|
597 |
+
'exponent1' => $exponents[1]->toBytes(true),
|
598 |
+
'exponent2' => $exponents[2]->toBytes(true),
|
599 |
+
'coefficient' => $coefficients[2]->toBytes(true)
|
600 |
+
);
|
601 |
+
|
602 |
+
// if the format in question does not support multi-prime rsa and multi-prime rsa was used,
|
603 |
+
// call _convertPublicKey() instead.
|
604 |
+
switch ($this->privateKeyFormat) {
|
605 |
+
default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1
|
606 |
+
$components = array();
|
607 |
+
foreach ($raw as $name => $value) {
|
608 |
+
$components[$name] = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value);
|
609 |
+
}
|
610 |
+
|
611 |
+
$RSAPrivateKey = implode('', $components);
|
612 |
+
|
613 |
+
if ($num_primes > 2) {
|
614 |
+
$OtherPrimeInfos = '';
|
615 |
+
for ($i = 3; $i <= $num_primes; $i++) {
|
616 |
+
// OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
|
617 |
+
//
|
618 |
+
// OtherPrimeInfo ::= SEQUENCE {
|
619 |
+
// prime INTEGER, -- ri
|
620 |
+
// exponent INTEGER, -- di
|
621 |
+
// coefficient INTEGER -- ti
|
622 |
+
// }
|
623 |
+
$OtherPrimeInfo = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
|
624 |
+
$OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
|
625 |
+
$OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
|
626 |
+
$OtherPrimeInfos.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
|
627 |
+
}
|
628 |
+
$RSAPrivateKey.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
|
629 |
+
}
|
630 |
+
|
631 |
+
$RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
|
632 |
+
|
633 |
+
if (!empty($this->password)) {
|
634 |
+
$iv = $this->_random(8);
|
635 |
+
$symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
|
636 |
+
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
|
637 |
+
if (!class_exists('Crypt_TripleDES')) {
|
638 |
+
require_once('Crypt/TripleDES.php');
|
639 |
+
}
|
640 |
+
$des = new Crypt_TripleDES();
|
641 |
+
$des->setKey($symkey);
|
642 |
+
$des->setIV($iv);
|
643 |
+
$iv = strtoupper(bin2hex($iv));
|
644 |
+
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
|
645 |
+
"Proc-Type: 4,ENCRYPTED\r\n" .
|
646 |
+
"DEK-Info: DES-EDE3-CBC,$iv\r\n" .
|
647 |
+
"\r\n" .
|
648 |
+
chunk_split(base64_encode($des->encrypt($RSAPrivateKey))) .
|
649 |
+
'-----END RSA PRIVATE KEY-----';
|
650 |
+
} else {
|
651 |
+
$RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
|
652 |
+
chunk_split(base64_encode($RSAPrivateKey)) .
|
653 |
+
'-----END RSA PRIVATE KEY-----';
|
654 |
+
}
|
655 |
+
|
656 |
+
return $RSAPrivateKey;
|
657 |
+
}
|
658 |
+
}
|
659 |
+
|
660 |
+
/**
|
661 |
+
* Convert a public key to the appropriate format
|
662 |
+
*
|
663 |
+
* @access private
|
664 |
+
* @see setPublicKeyFormat()
|
665 |
+
* @param String $RSAPrivateKey
|
666 |
+
* @return String
|
667 |
+
*/
|
668 |
+
function _convertPublicKey($n, $e)
|
669 |
+
{
|
670 |
+
$modulus = $n->toBytes(true);
|
671 |
+
$publicExponent = $e->toBytes(true);
|
672 |
+
|
673 |
+
switch ($this->publicKeyFormat) {
|
674 |
+
case CRYPT_RSA_PUBLIC_FORMAT_RAW:
|
675 |
+
return array('e' => $e->copy(), 'n' => $n->copy());
|
676 |
+
case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
|
677 |
+
// from <http://tools.ietf.org/html/rfc4253#page-15>:
|
678 |
+
// string "ssh-rsa"
|
679 |
+
// mpint e
|
680 |
+
// mpint n
|
681 |
+
$RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
|
682 |
+
$RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . CRYPT_RSA_COMMENT;
|
683 |
+
|
684 |
+
return $RSAPublicKey;
|
685 |
+
default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1
|
686 |
+
// from <http://tools.ietf.org/html/rfc3447#appendix-A.1.1>:
|
687 |
+
// RSAPublicKey ::= SEQUENCE {
|
688 |
+
// modulus INTEGER, -- n
|
689 |
+
// publicExponent INTEGER -- e
|
690 |
+
// }
|
691 |
+
$components = array(
|
692 |
+
'modulus' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($modulus)), $modulus),
|
693 |
+
'publicExponent' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($publicExponent)), $publicExponent)
|
694 |
+
);
|
695 |
+
|
696 |
+
$RSAPublicKey = pack('Ca*a*a*',
|
697 |
+
CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])),
|
698 |
+
$components['modulus'], $components['publicExponent']
|
699 |
+
);
|
700 |
+
|
701 |
+
$RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
|
702 |
+
chunk_split(base64_encode($RSAPublicKey)) .
|
703 |
+
'-----END PUBLIC KEY-----';
|
704 |
+
|
705 |
+
return $RSAPublicKey;
|
706 |
+
}
|
707 |
+
}
|
708 |
+
|
709 |
+
/**
|
710 |
+
* Break a public or private key down into its constituant components
|
711 |
+
*
|
712 |
+
* @access private
|
713 |
+
* @see _convertPublicKey()
|
714 |
+
* @see _convertPrivateKey()
|
715 |
+
* @param String $key
|
716 |
+
* @param Integer $type
|
717 |
+
* @return Array
|
718 |
+
*/
|
719 |
+
function _parseKey($key, $type)
|
720 |
+
{
|
721 |
+
switch ($type) {
|
722 |
+
case CRYPT_RSA_PUBLIC_FORMAT_RAW:
|
723 |
+
if (!is_array($key)) {
|
724 |
+
return false;
|
725 |
+
}
|
726 |
+
$components = array();
|
727 |
+
switch (true) {
|
728 |
+
case isset($key['e']):
|
729 |
+
$components['publicExponent'] = $key['e']->copy();
|
730 |
+
break;
|
731 |
+
case isset($key['exponent']):
|
732 |
+
$components['publicExponent'] = $key['exponent']->copy();
|
733 |
+
break;
|
734 |
+
case isset($key['publicExponent']):
|
735 |
+
$components['publicExponent'] = $key['publicExponent']->copy();
|
736 |
+
break;
|
737 |
+
case isset($key[0]):
|
738 |
+
$components['publicExponent'] = $key[0]->copy();
|
739 |
+
}
|
740 |
+
switch (true) {
|
741 |
+
case isset($key['n']):
|
742 |
+
$components['modulus'] = $key['n']->copy();
|
743 |
+
break;
|
744 |
+
case isset($key['modulo']):
|
745 |
+
$components['modulus'] = $key['modulo']->copy();
|
746 |
+
break;
|
747 |
+
case isset($key['modulus']):
|
748 |
+
$components['modulus'] = $key['modulus']->copy();
|
749 |
+
break;
|
750 |
+
case isset($key[1]):
|
751 |
+
$components['modulus'] = $key[1]->copy();
|
752 |
+
}
|
753 |
+
return $components;
|
754 |
+
case CRYPT_RSA_PRIVATE_FORMAT_PKCS1:
|
755 |
+
case CRYPT_RSA_PUBLIC_FORMAT_PKCS1:
|
756 |
+
/* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is
|
757 |
+
"outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to
|
758 |
+
protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding
|
759 |
+
two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here:
|
760 |
+
|
761 |
+
http://tools.ietf.org/html/rfc1421#section-4.6.1.1
|
762 |
+
http://tools.ietf.org/html/rfc1421#section-4.6.1.3
|
763 |
+
|
764 |
+
DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell.
|
765 |
+
DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation
|
766 |
+
function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's
|
767 |
+
own implementation. ie. the implementation *is* the standard and any bugs that may exist in that
|
768 |
+
implementation are part of the standard, as well.
|
769 |
+
|
770 |
+
* OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */
|
771 |
+
if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) {
|
772 |
+
$iv = pack('H*', trim($matches[2]));
|
773 |
+
$symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
|
774 |
+
$symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
|
775 |
+
$ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-#s', '', $key);
|
776 |
+
$ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false;
|
777 |
+
if ($ciphertext === false) {
|
778 |
+
$ciphertext = $key;
|
779 |
+
}
|
780 |
+
switch ($matches[1]) {
|
781 |
+
case 'DES-EDE3-CBC':
|
782 |
+
if (!class_exists('Crypt_TripleDES')) {
|
783 |
+
require_once('Crypt/TripleDES.php');
|
784 |
+
}
|
785 |
+
$crypto = new Crypt_TripleDES();
|
786 |
+
break;
|
787 |
+
case 'DES-CBC':
|
788 |
+
if (!class_exists('Crypt_DES')) {
|
789 |
+
require_once('Crypt/DES.php');
|
790 |
+
}
|
791 |
+
$crypto = new Crypt_DES();
|
792 |
+
break;
|
793 |
+
default:
|
794 |
+
return false;
|
795 |
+
}
|
796 |
+
$crypto->setKey($symkey);
|
797 |
+
$crypto->setIV($iv);
|
798 |
+
$decoded = $crypto->decrypt($ciphertext);
|
799 |
+
} else {
|
800 |
+
$decoded = preg_replace('#-.+-|[\r\n]#', '', $key);
|
801 |
+
$decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false;
|
802 |
+
}
|
803 |
+
|
804 |
+
if ($decoded !== false) {
|
805 |
+
$key = $decoded;
|
806 |
+
}
|
807 |
+
|
808 |
+
$components = array();
|
809 |
+
|
810 |
+
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
811 |
+
return false;
|
812 |
+
}
|
813 |
+
if ($this->_decodeLength($key) != strlen($key)) {
|
814 |
+
return false;
|
815 |
+
}
|
816 |
+
|
817 |
+
$tag = ord($this->_string_shift($key));
|
818 |
+
if ($tag == CRYPT_RSA_ASN1_SEQUENCE) {
|
819 |
+
/* intended for keys for which OpenSSL's asn1parse returns the following:
|
820 |
+
|
821 |
+
0:d=0 hl=4 l= 290 cons: SEQUENCE
|
822 |
+
4:d=1 hl=2 l= 13 cons: SEQUENCE
|
823 |
+
6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
|
824 |
+
17:d=2 hl=2 l= 0 prim: NULL
|
825 |
+
19:d=1 hl=4 l= 271 prim: BIT STRING */
|
826 |
+
$this->_string_shift($key, $this->_decodeLength($key));
|
827 |
+
$this->_string_shift($key); // skip over the BIT STRING tag
|
828 |
+
$this->_decodeLength($key); // skip over the BIT STRING length
|
829 |
+
// "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of
|
830 |
+
// unused bits in teh final subsequent octet. The number shall be in the range zero to seven."
|
831 |
+
// -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2)
|
832 |
+
$this->_string_shift($key);
|
833 |
+
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
834 |
+
return false;
|
835 |
+
}
|
836 |
+
if ($this->_decodeLength($key) != strlen($key)) {
|
837 |
+
return false;
|
838 |
+
}
|
839 |
+
$tag = ord($this->_string_shift($key));
|
840 |
+
}
|
841 |
+
if ($tag != CRYPT_RSA_ASN1_INTEGER) {
|
842 |
+
return false;
|
843 |
+
}
|
844 |
+
|
845 |
+
$length = $this->_decodeLength($key);
|
846 |
+
$temp = $this->_string_shift($key, $length);
|
847 |
+
if (strlen($temp) != 1 || ord($temp) > 2) {
|
848 |
+
$components['modulus'] = new Math_BigInteger($temp, -256);
|
849 |
+
$this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER
|
850 |
+
$length = $this->_decodeLength($key);
|
851 |
+
$components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
852 |
+
|
853 |
+
return $components;
|
854 |
+
}
|
855 |
+
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_INTEGER) {
|
856 |
+
return false;
|
857 |
+
}
|
858 |
+
$length = $this->_decodeLength($key);
|
859 |
+
$components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
860 |
+
$this->_string_shift($key);
|
861 |
+
$length = $this->_decodeLength($key);
|
862 |
+
$components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
863 |
+
$this->_string_shift($key);
|
864 |
+
$length = $this->_decodeLength($key);
|
865 |
+
$components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
866 |
+
$this->_string_shift($key);
|
867 |
+
$length = $this->_decodeLength($key);
|
868 |
+
$components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), -256));
|
869 |
+
$this->_string_shift($key);
|
870 |
+
$length = $this->_decodeLength($key);
|
871 |
+
$components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
872 |
+
$this->_string_shift($key);
|
873 |
+
$length = $this->_decodeLength($key);
|
874 |
+
$components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), -256));
|
875 |
+
$this->_string_shift($key);
|
876 |
+
$length = $this->_decodeLength($key);
|
877 |
+
$components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
878 |
+
$this->_string_shift($key);
|
879 |
+
$length = $this->_decodeLength($key);
|
880 |
+
$components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), -256));
|
881 |
+
|
882 |
+
if (!empty($key)) {
|
883 |
+
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
884 |
+
return false;
|
885 |
+
}
|
886 |
+
$this->_decodeLength($key);
|
887 |
+
while (!empty($key)) {
|
888 |
+
if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
|
889 |
+
return false;
|
890 |
+
}
|
891 |
+
$this->_decodeLength($key);
|
892 |
+
$key = substr($key, 1);
|
893 |
+
$length = $this->_decodeLength($key);
|
894 |
+
$components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
895 |
+
$this->_string_shift($key);
|
896 |
+
$length = $this->_decodeLength($key);
|
897 |
+
$components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
898 |
+
$this->_string_shift($key);
|
899 |
+
$length = $this->_decodeLength($key);
|
900 |
+
$components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
901 |
+
}
|
902 |
+
}
|
903 |
+
|
904 |
+
return $components;
|
905 |
+
case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
|
906 |
+
$key = base64_decode(preg_replace('#^ssh-rsa | .+$#', '', $key));
|
907 |
+
if ($key === false) {
|
908 |
+
return false;
|
909 |
+
}
|
910 |
+
|
911 |
+
$cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa";
|
912 |
+
|
913 |
+
extract(unpack('Nlength', $this->_string_shift($key, 4)));
|
914 |
+
$publicExponent = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
915 |
+
extract(unpack('Nlength', $this->_string_shift($key, 4)));
|
916 |
+
$modulus = new Math_BigInteger($this->_string_shift($key, $length), -256);
|
917 |
+
|
918 |
+
if ($cleanup && strlen($key)) {
|
919 |
+
extract(unpack('Nlength', $this->_string_shift($key, 4)));
|
920 |
+
return array(
|
921 |
+
'modulus' => new Math_BigInteger($this->_string_shift($key, $length), -256),
|
922 |
+
'publicExponent' => $modulus
|
923 |
+
);
|
924 |
+
} else {
|
925 |
+
return array(
|
926 |
+
'modulus' => $modulus,
|
927 |
+
'publicExponent' => $publicExponent
|
928 |
+
);
|
929 |
+
}
|
930 |
+
}
|
931 |
+
}
|
932 |
+
|
933 |
+
/**
|
934 |
+
* Loads a public or private key
|
935 |
+
*
|
936 |
+
* Returns true on success and false on failure (ie. an incorrect password was provided or the key was malformed)
|
937 |
+
*
|
938 |
+
* @access public
|
939 |
+
* @param String $key
|
940 |
+
* @param Integer $type optional
|
941 |
+
*/
|
942 |
+
function loadKey($key, $type = CRYPT_RSA_PRIVATE_FORMAT_PKCS1)
|
943 |
+
{
|
944 |
+
$components = $this->_parseKey($key, $type);
|
945 |
+
if ($components === false) {
|
946 |
+
return false;
|
947 |
+
}
|
948 |
+
|
949 |
+
$this->modulus = $components['modulus'];
|
950 |
+
$this->k = strlen($this->modulus->toBytes());
|
951 |
+
$this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent'];
|
952 |
+
if (isset($components['primes'])) {
|
953 |
+
$this->primes = $components['primes'];
|
954 |
+
$this->exponents = $components['exponents'];
|
955 |
+
$this->coefficients = $components['coefficients'];
|
956 |
+
$this->publicExponent = $components['publicExponent'];
|
957 |
+
} else {
|
958 |
+
$this->primes = array();
|
959 |
+
$this->exponents = array();
|
960 |
+
$this->coefficients = array();
|
961 |
+
$this->publicExponent = false;
|
962 |
+
}
|
963 |
+
|
964 |
+
return true;
|
965 |
+
}
|
966 |
+
|
967 |
+
/**
|
968 |
+
* Sets the password
|
969 |
+
*
|
970 |
+
* Private keys can be encrypted with a password. To unset the password, pass in the empty string or false.
|
971 |
+
* Or rather, pass in $password such that empty($password) is true.
|
972 |
+
*
|
973 |
+
* @see createKey()
|
974 |
+
* @see loadKey()
|
975 |
+
* @access public
|
976 |
+
* @param String $password
|
977 |
+
*/
|
978 |
+
function setPassword($password)
|
979 |
+
{
|
980 |
+
$this->password = $password;
|
981 |
+
}
|
982 |
+
|
983 |
+
/**
|
984 |
+
* Defines the public key
|
985 |
+
*
|
986 |
+
* Some private key formats define the public exponent and some don't. Those that don't define it are problematic when
|
987 |
+
* used in certain contexts. For example, in SSH-2, RSA authentication works by sending the public key along with a
|
988 |
+
* message signed by the private key to the server. The SSH-2 server looks the public key up in an index of public keys
|
989 |
+
* and if it's present then proceeds to verify the signature. Problem is, if your private key doesn't include the public
|
990 |
+
* exponent this won't work unless you manually add the public exponent.
|
991 |
+
*
|
992 |
+
* Do note that when a new key is loaded the index will be cleared.
|
993 |
+
*
|
994 |
+
* Returns true on success, false on failure
|
995 |
+
*
|
996 |
+
* @see getPublicKey()
|
997 |
+
* @access public
|
998 |
+
* @param String $key
|
999 |
+
* @param Integer $type optional
|
1000 |
+
* @return Boolean
|
1001 |
+
*/
|
1002 |
+
function setPublicKey($key, $type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
|
1003 |
+
{
|
1004 |
+
$components = $this->_parseKey($key, $type);
|
1005 |
+
if (empty($this->modulus) || !$this->modulus->equals($components['modulus'])) {
|
1006 |
+
return false;
|
1007 |
+
}
|
1008 |
+
$this->publicExponent = $components['publicExponent'];
|
1009 |
+
}
|
1010 |
+
|
1011 |
+
/**
|
1012 |
+
* Returns the public key
|
1013 |
+
*
|
1014 |
+
* The public key is only returned under two circumstances - if the private key had the public key embedded within it
|
1015 |
+
* or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this
|
1016 |
+
* function won't return it since this library, for the most part, doesn't distinguish between public and private keys.
|
1017 |
+
*
|
1018 |
+
* @see getPublicKey()
|
1019 |
+
* @access public
|
1020 |
+
* @param String $key
|
1021 |
+
* @param Integer $type optional
|
1022 |
+
*/
|
1023 |
+
function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
|
1024 |
+
{
|
1025 |
+
if (empty($this->modulus) || empty($this->publicExponent)) {
|
1026 |
+
return false;
|
1027 |
+
}
|
1028 |
+
|
1029 |
+
$oldFormat = $this->publicKeyFormat;
|
1030 |
+
$this->publicKeyFormat = $type;
|
1031 |
+
$temp = $this->_convertPublicKey($this->modulus, $this->publicExponent);
|
1032 |
+
$this->publicKeyFormat = $oldFormat;
|
1033 |
+
return $temp;
|
1034 |
+
}
|
1035 |
+
|
1036 |
+
/**
|
1037 |
+
* Generates the smallest and largest numbers requiring $bits bits
|
1038 |
+
*
|
1039 |
+
* @access private
|
1040 |
+
* @param Integer $bits
|
1041 |
+
* @return Array
|
1042 |
+
*/
|
1043 |
+
function _generateMinMax($bits)
|
1044 |
+
{
|
1045 |
+
$bytes = $bits >> 3;
|
1046 |
+
$min = str_repeat(chr(0), $bytes);
|
1047 |
+
$max = str_repeat(chr(0xFF), $bytes);
|
1048 |
+
$msb = $bits & 7;
|
1049 |
+
if ($msb) {
|
1050 |
+
$min = chr(1 << ($msb - 1)) . $min;
|
1051 |
+
$max = chr((1 << $msb) - 1) . $max;
|
1052 |
+
} else {
|
1053 |
+
$min[0] = chr(0x80);
|
1054 |
+
}
|
1055 |
+
|
1056 |
+
return array(
|
1057 |
+
'min' => new Math_BigInteger($min, 256),
|
1058 |
+
'max' => new Math_BigInteger($max, 256)
|
1059 |
+
);
|
1060 |
+
}
|
1061 |
+
|
1062 |
+
/**
|
1063 |
+
* DER-decode the length
|
1064 |
+
*
|
1065 |
+
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
|
1066 |
+
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 � 8.1.3} for more information.
|
1067 |
+
*
|
1068 |
+
* @access private
|
1069 |
+
* @param String $string
|
1070 |
+
* @return Integer
|
1071 |
+
*/
|
1072 |
+
function _decodeLength(&$string)
|
1073 |
+
{
|
1074 |
+
$length = ord($this->_string_shift($string));
|
1075 |
+
if ( $length & 0x80 ) { // definite length, long form
|
1076 |
+
$length&= 0x7F;
|
1077 |
+
$temp = $this->_string_shift($string, $length);
|
1078 |
+
list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4));
|
1079 |
+
}
|
1080 |
+
return $length;
|
1081 |
+
}
|
1082 |
+
|
1083 |
+
/**
|
1084 |
+
* DER-encode the length
|
1085 |
+
*
|
1086 |
+
* DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
|
1087 |
+
* {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 � 8.1.3} for more information.
|
1088 |
+
*
|
1089 |
+
* @access private
|
1090 |
+
* @param Integer $length
|
1091 |
+
* @return String
|
1092 |
+
*/
|
1093 |
+
function _encodeLength($length)
|
1094 |
+
{
|
1095 |
+
if ($length <= 0x7F) {
|
1096 |
+
return chr($length);
|
1097 |
+
}
|
1098 |
+
|
1099 |
+
$temp = ltrim(pack('N', $length), chr(0));
|
1100 |
+
return pack('Ca*', 0x80 | strlen($temp), $temp);
|
1101 |
+
}
|
1102 |
+
|
1103 |
+
/**
|
1104 |
+
* String Shift
|
1105 |
+
*
|
1106 |
+
* Inspired by array_shift
|
1107 |
+
*
|
1108 |
+
* @param String $string
|
1109 |
+
* @param optional Integer $index
|
1110 |
+
* @return String
|
1111 |
+
* @access private
|
1112 |
+
*/
|
1113 |
+
function _string_shift(&$string, $index = 1)
|
1114 |
+
{
|
1115 |
+
$substr = substr($string, 0, $index);
|
1116 |
+
$string = substr($string, $index);
|
1117 |
+
return $substr;
|
1118 |
+
}
|
1119 |
+
|
1120 |
+
/**
|
1121 |
+
* Determines the private key format
|
1122 |
+
*
|
1123 |
+
* @see createKey()
|
1124 |
+
* @access public
|
1125 |
+
* @param Integer $format
|
1126 |
+
*/
|
1127 |
+
function setPrivateKeyFormat($format)
|
1128 |
+
{
|
1129 |
+
$this->privateKeyFormat = $format;
|
1130 |
+
}
|
1131 |
+
|
1132 |
+
/**
|
1133 |
+
* Determines the public key format
|
1134 |
+
*
|
1135 |
+
* @see createKey()
|
1136 |
+
* @access public
|
1137 |
+
* @param Integer $format
|
1138 |
+
*/
|
1139 |
+
function setPublicKeyFormat($format)
|
1140 |
+
{
|
1141 |
+
$this->publicKeyFormat = $format;
|
1142 |
+
}
|
1143 |
+
|
1144 |
+
/**
|
1145 |
+
* Determines which hashing function should be used
|
1146 |
+
*
|
1147 |
+
* Used with signature production / verification and (if the encryption mode is CRYPT_RSA_ENCRYPTION_OAEP) encryption and
|
1148 |
+
* decryption. If $hash isn't supported, sha1 is used.
|
1149 |
+
*
|
1150 |
+
* @access public
|
1151 |
+
* @param String $hash
|
1152 |
+
*/
|
1153 |
+
function setHash($hash)
|
1154 |
+
{
|
1155 |
+
// Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
|
1156 |
+
switch ($hash) {
|
1157 |
+
case 'md2':
|
1158 |
+
case 'md5':
|
1159 |
+
case 'sha1':
|
1160 |
+
case 'sha256':
|
1161 |
+
case 'sha384':
|
1162 |
+
case 'sha512':
|
1163 |
+
$this->hash = new Crypt_Hash($hash);
|
1164 |
+
$this->hashName = $hash;
|
1165 |
+
break;
|
1166 |
+
default:
|
1167 |
+
$this->hash = new Crypt_Hash('sha1');
|
1168 |
+
$this->hashName = 'sha1';
|
1169 |
+
}
|
1170 |
+
$this->hLen = $this->hash->getLength();
|
1171 |
+
}
|
1172 |
+
|
1173 |
+
/**
|
1174 |
+
* Determines which hashing function should be used for the mask generation function
|
1175 |
+
*
|
1176 |
+
* The mask generation function is used by CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_SIGNATURE_PSS and although it's
|
1177 |
+
* best if Hash and MGFHash are set to the same thing this is not a requirement.
|
1178 |
+
*
|
1179 |
+
* @access public
|
1180 |
+
* @param String $hash
|
1181 |
+
*/
|
1182 |
+
function setMGFHash($hash)
|
1183 |
+
{
|
1184 |
+
// Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
|
1185 |
+
switch ($hash) {
|
1186 |
+
case 'md2':
|
1187 |
+
case 'md5':
|
1188 |
+
case 'sha1':
|
1189 |
+
case 'sha256':
|
1190 |
+
case 'sha384':
|
1191 |
+
case 'sha512':
|
1192 |
+
$this->mgfHash = new Crypt_Hash($hash);
|
1193 |
+
break;
|
1194 |
+
default:
|
1195 |
+
$this->mgfHash = new Crypt_Hash('sha1');
|
1196 |
+
}
|
1197 |
+
$this->mgfHLen = $this->mgfHash->getLength();
|
1198 |
+
}
|
1199 |
+
|
1200 |
+
/**
|
1201 |
+
* Determines the salt length
|
1202 |
+
*
|
1203 |
+
* To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}:
|
1204 |
+
*
|
1205 |
+
* Typical salt lengths in octets are hLen (the length of the output
|
1206 |
+
* of the hash function Hash) and 0.
|
1207 |
+
*
|
1208 |
+
* @access public
|
1209 |
+
* @param Integer $format
|
1210 |
+
*/
|
1211 |
+
function setSaltLength($sLen)
|
1212 |
+
{
|
1213 |
+
$this->sLen = $sLen;
|
1214 |
+
}
|
1215 |
+
|
1216 |
+
/**
|
1217 |
+
* Generates a random string x bytes long
|
1218 |
+
*
|
1219 |
+
* @access public
|
1220 |
+
* @param Integer $bytes
|
1221 |
+
* @param optional Integer $nonzero
|
1222 |
+
* @return String
|
1223 |
+
*/
|
1224 |
+
function _random($bytes, $nonzero = false)
|
1225 |
+
{
|
1226 |
+
$temp = '';
|
1227 |
+
if ($nonzero) {
|
1228 |
+
for ($i = 0; $i < $bytes; $i++) {
|
1229 |
+
$temp.= chr(crypt_random(1, 255));
|
1230 |
+
}
|
1231 |
+
} else {
|
1232 |
+
$ints = ($bytes + 1) >> 2;
|
1233 |
+
for ($i = 0; $i < $ints; $i++) {
|
1234 |
+
$temp.= pack('N', crypt_random());
|
1235 |
+
}
|
1236 |
+
$temp = substr($temp, 0, $bytes);
|
1237 |
+
}
|
1238 |
+
return $temp;
|
1239 |
+
}
|
1240 |
+
|
1241 |
+
/**
|
1242 |
+
* Integer-to-Octet-String primitive
|
1243 |
+
*
|
1244 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}.
|
1245 |
+
*
|
1246 |
+
* @access private
|
1247 |
+
* @param Math_BigInteger $x
|
1248 |
+
* @param Integer $xLen
|
1249 |
+
* @return String
|
1250 |
+
*/
|
1251 |
+
function _i2osp($x, $xLen)
|
1252 |
+
{
|
1253 |
+
$x = $x->toBytes();
|
1254 |
+
if (strlen($x) > $xLen) {
|
1255 |
+
user_error('Integer too large', E_USER_NOTICE);
|
1256 |
+
return false;
|
1257 |
+
}
|
1258 |
+
return str_pad($x, $xLen, chr(0), STR_PAD_LEFT);
|
1259 |
+
}
|
1260 |
+
|
1261 |
+
/**
|
1262 |
+
* Octet-String-to-Integer primitive
|
1263 |
+
*
|
1264 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}.
|
1265 |
+
*
|
1266 |
+
* @access private
|
1267 |
+
* @param String $x
|
1268 |
+
* @return Math_BigInteger
|
1269 |
+
*/
|
1270 |
+
function _os2ip($x)
|
1271 |
+
{
|
1272 |
+
return new Math_BigInteger($x, 256);
|
1273 |
+
}
|
1274 |
+
|
1275 |
+
/**
|
1276 |
+
* Exponentiate with or without Chinese Remainder Theorem
|
1277 |
+
*
|
1278 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.2}.
|
1279 |
+
*
|
1280 |
+
* @access private
|
1281 |
+
* @param Math_BigInteger $x
|
1282 |
+
* @return Math_BigInteger
|
1283 |
+
*/
|
1284 |
+
function _exponentiate($x)
|
1285 |
+
{
|
1286 |
+
if (empty($this->primes) || empty($this->coefficients) || empty($this->exponents)) {
|
1287 |
+
return $x->modPow($this->exponent, $this->modulus);
|
1288 |
+
}
|
1289 |
+
|
1290 |
+
$num_primes = count($this->primes);
|
1291 |
+
|
1292 |
+
if (defined('CRYPT_RSA_DISABLE_BLINDING')) {
|
1293 |
+
$m_i = array(
|
1294 |
+
1 => $x->modPow($this->exponents[1], $this->primes[1]),
|
1295 |
+
2 => $x->modPow($this->exponents[2], $this->primes[2])
|
1296 |
+
);
|
1297 |
+
$h = $m_i[1]->subtract($m_i[2]);
|
1298 |
+
$h = $h->multiply($this->coefficients[2]);
|
1299 |
+
list(, $h) = $h->divide($this->primes[1]);
|
1300 |
+
$m = $m_i[2]->add($h->multiply($this->primes[2]));
|
1301 |
+
|
1302 |
+
$r = $this->primes[1];
|
1303 |
+
for ($i = 3; $i <= $num_primes; $i++) {
|
1304 |
+
$m_i = $x->modPow($this->exponents[$i], $this->primes[$i]);
|
1305 |
+
|
1306 |
+
$r = $r->multiply($this->primes[$i - 1]);
|
1307 |
+
|
1308 |
+
$h = $m_i->subtract($m);
|
1309 |
+
$h = $h->multiply($this->coefficients[$i]);
|
1310 |
+
list(, $h) = $h->divide($this->primes[$i]);
|
1311 |
+
|
1312 |
+
$m = $m->add($r->multiply($h));
|
1313 |
+
}
|
1314 |
+
} else {
|
1315 |
+
$smallest = $this->primes[1];
|
1316 |
+
for ($i = 2; $i <= $num_primes; $i++) {
|
1317 |
+
if ($smallest->compare($this->primes[$i]) > 0) {
|
1318 |
+
$smallest = $this->primes[$i];
|
1319 |
+
}
|
1320 |
+
}
|
1321 |
+
|
1322 |
+
$one = new Math_BigInteger(1);
|
1323 |
+
$one->setRandomGenerator('crypt_random');
|
1324 |
+
|
1325 |
+
$r = $one->random($one, $smallest->subtract($one));
|
1326 |
+
|
1327 |
+
$m_i = array(
|
1328 |
+
1 => $this->_blind($x, $r, 1),
|
1329 |
+
2 => $this->_blind($x, $r, 2)
|
1330 |
+
);
|
1331 |
+
$h = $m_i[1]->subtract($m_i[2]);
|
1332 |
+
$h = $h->multiply($this->coefficients[2]);
|
1333 |
+
list(, $h) = $h->divide($this->primes[1]);
|
1334 |
+
$m = $m_i[2]->add($h->multiply($this->primes[2]));
|
1335 |
+
|
1336 |
+
$r = $this->primes[1];
|
1337 |
+
for ($i = 3; $i <= $num_primes; $i++) {
|
1338 |
+
$m_i = $this->_blind($x, $r, $i);
|
1339 |
+
|
1340 |
+
$r = $r->multiply($this->primes[$i - 1]);
|
1341 |
+
|
1342 |
+
$h = $m_i->subtract($m);
|
1343 |
+
$h = $h->multiply($this->coefficients[$i]);
|
1344 |
+
list(, $h) = $h->divide($this->primes[$i]);
|
1345 |
+
|
1346 |
+
$m = $m->add($r->multiply($h));
|
1347 |
+
}
|
1348 |
+
}
|
1349 |
+
|
1350 |
+
return $m;
|
1351 |
+
}
|
1352 |
+
|
1353 |
+
/**
|
1354 |
+
* Performs RSA Blinding
|
1355 |
+
*
|
1356 |
+
* Protects against timing attacks by employing RSA Blinding.
|
1357 |
+
* Returns $x->modPow($this->exponents[$i], $this->primes[$i])
|
1358 |
+
*
|
1359 |
+
* @access private
|
1360 |
+
* @param Math_BigInteger $x
|
1361 |
+
* @param Math_BigInteger $r
|
1362 |
+
* @param Integer $i
|
1363 |
+
* @return Math_BigInteger
|
1364 |
+
*/
|
1365 |
+
function _blind($x, $r, $i)
|
1366 |
+
{
|
1367 |
+
$x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i]));
|
1368 |
+
|
1369 |
+
$x = $x->modPow($this->exponents[$i], $this->primes[$i]);
|
1370 |
+
|
1371 |
+
$r = $r->modInverse($this->primes[$i]);
|
1372 |
+
$x = $x->multiply($r);
|
1373 |
+
list(, $x) = $x->divide($this->primes[$i]);
|
1374 |
+
|
1375 |
+
return $x;
|
1376 |
+
}
|
1377 |
+
|
1378 |
+
/**
|
1379 |
+
* RSAEP
|
1380 |
+
*
|
1381 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}.
|
1382 |
+
*
|
1383 |
+
* @access private
|
1384 |
+
* @param Math_BigInteger $m
|
1385 |
+
* @return Math_BigInteger
|
1386 |
+
*/
|
1387 |
+
function _rsaep($m)
|
1388 |
+
{
|
1389 |
+
if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
|
1390 |
+
user_error('Message representative out of range', E_USER_NOTICE);
|
1391 |
+
return false;
|
1392 |
+
}
|
1393 |
+
return $this->_exponentiate($m);
|
1394 |
+
}
|
1395 |
+
|
1396 |
+
/**
|
1397 |
+
* RSADP
|
1398 |
+
*
|
1399 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}.
|
1400 |
+
*
|
1401 |
+
* @access private
|
1402 |
+
* @param Math_BigInteger $c
|
1403 |
+
* @return Math_BigInteger
|
1404 |
+
*/
|
1405 |
+
function _rsadp($c)
|
1406 |
+
{
|
1407 |
+
if ($c->compare($this->zero) < 0 || $c->compare($this->modulus) > 0) {
|
1408 |
+
user_error('Ciphertext representative out of range', E_USER_NOTICE);
|
1409 |
+
return false;
|
1410 |
+
}
|
1411 |
+
return $this->_exponentiate($c);
|
1412 |
+
}
|
1413 |
+
|
1414 |
+
/**
|
1415 |
+
* RSASP1
|
1416 |
+
*
|
1417 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}.
|
1418 |
+
*
|
1419 |
+
* @access private
|
1420 |
+
* @param Math_BigInteger $m
|
1421 |
+
* @return Math_BigInteger
|
1422 |
+
*/
|
1423 |
+
function _rsasp1($m)
|
1424 |
+
{
|
1425 |
+
if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
|
1426 |
+
user_error('Message representative out of range', E_USER_NOTICE);
|
1427 |
+
return false;
|
1428 |
+
}
|
1429 |
+
return $this->_exponentiate($m);
|
1430 |
+
}
|
1431 |
+
|
1432 |
+
/**
|
1433 |
+
* RSAVP1
|
1434 |
+
*
|
1435 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}.
|
1436 |
+
*
|
1437 |
+
* @access private
|
1438 |
+
* @param Math_BigInteger $s
|
1439 |
+
* @return Math_BigInteger
|
1440 |
+
*/
|
1441 |
+
function _rsavp1($s)
|
1442 |
+
{
|
1443 |
+
if ($s->compare($this->zero) < 0 || $s->compare($this->modulus) > 0) {
|
1444 |
+
user_error('Signature representative out of range', E_USER_NOTICE);
|
1445 |
+
return false;
|
1446 |
+
}
|
1447 |
+
return $this->_exponentiate($s);
|
1448 |
+
}
|
1449 |
+
|
1450 |
+
/**
|
1451 |
+
* MGF1
|
1452 |
+
*
|
1453 |
+
* See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}.
|
1454 |
+
*
|
1455 |
+
* @access private
|
1456 |
+
* @param String $mgfSeed
|
1457 |
+
* @param Integer $mgfLen
|
1458 |
+
* @return String
|
1459 |
+
*/
|
1460 |
+
function _mgf1($mgfSeed, $maskLen)
|
1461 |
+
{
|
1462 |
+
// if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output.
|
1463 |
+
|
1464 |
+
$t = '';
|
1465 |
+
$count = ceil($maskLen / $this->mgfHLen);
|
1466 |
+
for ($i = 0; $i < $count; $i++) {
|
1467 |
+
$c = pack('N', $i);
|
1468 |
+
$t.= $this->mgfHash->hash($mgfSeed . $c);
|
1469 |
+
}
|
1470 |
+
|
1471 |
+
return substr($t, 0, $maskLen);
|
1472 |
+
}
|
1473 |
+
|
1474 |
+
/**
|
1475 |
+
* RSAES-OAEP-ENCRYPT
|
1476 |
+
*
|
1477 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-7.1.1 RFC3447#section-7.1.1} and
|
1478 |
+
* {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}.
|
1479 |
+
*
|
1480 |
+
* @access private
|
1481 |
+
* @param String $m
|
1482 |
+
* @param String $l
|
1483 |
+
* @return String
|
1484 |
+
*/
|
1485 |
+
function _rsaes_oaep_encrypt($m, $l = '')
|
1486 |
+
{
|
1487 |
+
$mLen = strlen($m);
|
1488 |
+
|
1489 |
+
// Length checking
|
1490 |
+
|
1491 |
+
// if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1492 |
+
// be output.
|
1493 |
+
|
1494 |
+
if ($mLen > $this->k - 2 * $this->hLen - 2) {
|
1495 |
+
user_error('Message too long', E_USER_NOTICE);
|
1496 |
+
return false;
|
1497 |
+
}
|
1498 |
+
|
1499 |
+
// EME-OAEP encoding
|
1500 |
+
|
1501 |
+
$lHash = $this->hash->hash($l);
|
1502 |
+
$ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2);
|
1503 |
+
$db = $lHash . $ps . chr(1) . $m;
|
1504 |
+
$seed = $this->_random($this->hLen);
|
1505 |
+
$dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
|
1506 |
+
$maskedDB = $db ^ $dbMask;
|
1507 |
+
$seedMask = $this->_mgf1($maskedDB, $this->hLen);
|
1508 |
+
$maskedSeed = $seed ^ $seedMask;
|
1509 |
+
$em = chr(0) . $maskedSeed . $maskedDB;
|
1510 |
+
|
1511 |
+
// RSA encryption
|
1512 |
+
|
1513 |
+
$m = $this->_os2ip($em);
|
1514 |
+
$c = $this->_rsaep($m);
|
1515 |
+
$c = $this->_i2osp($c, $this->k);
|
1516 |
+
|
1517 |
+
// Output the ciphertext C
|
1518 |
+
|
1519 |
+
return $c;
|
1520 |
+
}
|
1521 |
+
|
1522 |
+
/**
|
1523 |
+
* RSAES-OAEP-DECRYPT
|
1524 |
+
*
|
1525 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error
|
1526 |
+
* messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2:
|
1527 |
+
*
|
1528 |
+
* Note. Care must be taken to ensure that an opponent cannot
|
1529 |
+
* distinguish the different error conditions in Step 3.g, whether by
|
1530 |
+
* error message or timing, or, more generally, learn partial
|
1531 |
+
* information about the encoded message EM. Otherwise an opponent may
|
1532 |
+
* be able to obtain useful information about the decryption of the
|
1533 |
+
* ciphertext C, leading to a chosen-ciphertext attack such as the one
|
1534 |
+
* observed by Manger [36].
|
1535 |
+
*
|
1536 |
+
* As for $l... to quote from {@link http://tools.ietf.org/html/rfc3447#page-17 RFC3447#page-17}:
|
1537 |
+
*
|
1538 |
+
* Both the encryption and the decryption operations of RSAES-OAEP take
|
1539 |
+
* the value of a label L as input. In this version of PKCS #1, L is
|
1540 |
+
* the empty string; other uses of the label are outside the scope of
|
1541 |
+
* this document.
|
1542 |
+
*
|
1543 |
+
* @access private
|
1544 |
+
* @param String $c
|
1545 |
+
* @param String $l
|
1546 |
+
* @return String
|
1547 |
+
*/
|
1548 |
+
function _rsaes_oaep_decrypt($c, $l = '')
|
1549 |
+
{
|
1550 |
+
// Length checking
|
1551 |
+
|
1552 |
+
// if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1553 |
+
// be output.
|
1554 |
+
|
1555 |
+
if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) {
|
1556 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1557 |
+
return false;
|
1558 |
+
}
|
1559 |
+
|
1560 |
+
// RSA decryption
|
1561 |
+
|
1562 |
+
$c = $this->_os2ip($c);
|
1563 |
+
$m = $this->_rsadp($c);
|
1564 |
+
if ($m === false) {
|
1565 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1566 |
+
return false;
|
1567 |
+
}
|
1568 |
+
$em = $this->_i2osp($m, $this->k);
|
1569 |
+
|
1570 |
+
// EME-OAEP decoding
|
1571 |
+
|
1572 |
+
$lHash = $this->hash->hash($l);
|
1573 |
+
$y = ord($em[0]);
|
1574 |
+
$maskedSeed = substr($em, 1, $this->hLen);
|
1575 |
+
$maskedDB = substr($em, $this->hLen + 1);
|
1576 |
+
$seedMask = $this->_mgf1($maskedDB, $this->hLen);
|
1577 |
+
$seed = $maskedSeed ^ $seedMask;
|
1578 |
+
$dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
|
1579 |
+
$db = $maskedDB ^ $dbMask;
|
1580 |
+
$lHash2 = substr($db, 0, $this->hLen);
|
1581 |
+
$m = substr($db, $this->hLen);
|
1582 |
+
if ($lHash != $lHash2) {
|
1583 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1584 |
+
return false;
|
1585 |
+
}
|
1586 |
+
$m = ltrim($m, chr(0));
|
1587 |
+
if (ord($m[0]) != 1) {
|
1588 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1589 |
+
return false;
|
1590 |
+
}
|
1591 |
+
|
1592 |
+
// Output the message M
|
1593 |
+
|
1594 |
+
return substr($m, 1);
|
1595 |
+
}
|
1596 |
+
|
1597 |
+
/**
|
1598 |
+
* RSAES-PKCS1-V1_5-ENCRYPT
|
1599 |
+
*
|
1600 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}.
|
1601 |
+
*
|
1602 |
+
* @access private
|
1603 |
+
* @param String $m
|
1604 |
+
* @return String
|
1605 |
+
*/
|
1606 |
+
function _rsaes_pkcs1_v1_5_encrypt($m)
|
1607 |
+
{
|
1608 |
+
$mLen = strlen($m);
|
1609 |
+
|
1610 |
+
// Length checking
|
1611 |
+
|
1612 |
+
if ($mLen > $this->k - 11) {
|
1613 |
+
user_error('Message too long', E_USER_NOTICE);
|
1614 |
+
return false;
|
1615 |
+
}
|
1616 |
+
|
1617 |
+
// EME-PKCS1-v1_5 encoding
|
1618 |
+
|
1619 |
+
$ps = $this->_random($this->k - $mLen - 3, true);
|
1620 |
+
$em = chr(0) . chr(2) . $ps . chr(0) . $m;
|
1621 |
+
|
1622 |
+
// RSA encryption
|
1623 |
+
$m = $this->_os2ip($em);
|
1624 |
+
$c = $this->_rsaep($m);
|
1625 |
+
$c = $this->_i2osp($c, $this->k);
|
1626 |
+
|
1627 |
+
// Output the ciphertext C
|
1628 |
+
|
1629 |
+
return $c;
|
1630 |
+
}
|
1631 |
+
|
1632 |
+
/**
|
1633 |
+
* RSAES-PKCS1-V1_5-DECRYPT
|
1634 |
+
*
|
1635 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
|
1636 |
+
*
|
1637 |
+
* For compatability purposes, this function departs slightly from the description given in RFC3447.
|
1638 |
+
* The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
|
1639 |
+
* private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
|
1640 |
+
* public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed
|
1641 |
+
* to be 2 regardless of which key is used. for compatability purposes, we'll just check to make sure the
|
1642 |
+
* second byte is 2 or less. If it is, we'll accept the decrypted string as valid.
|
1643 |
+
*
|
1644 |
+
* As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt
|
1645 |
+
* with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but
|
1646 |
+
* not private key encrypted ciphertext's.
|
1647 |
+
*
|
1648 |
+
* @access private
|
1649 |
+
* @param String $c
|
1650 |
+
* @return String
|
1651 |
+
*/
|
1652 |
+
function _rsaes_pkcs1_v1_5_decrypt($c)
|
1653 |
+
{
|
1654 |
+
// Length checking
|
1655 |
+
|
1656 |
+
if (strlen($c) != $this->k) { // or if k < 11
|
1657 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1658 |
+
return false;
|
1659 |
+
}
|
1660 |
+
|
1661 |
+
// RSA decryption
|
1662 |
+
|
1663 |
+
$c = $this->_os2ip($c);
|
1664 |
+
$m = $this->_rsadp($c);
|
1665 |
+
if ($m === false) {
|
1666 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1667 |
+
return false;
|
1668 |
+
}
|
1669 |
+
$em = $this->_i2osp($m, $this->k);
|
1670 |
+
|
1671 |
+
// EME-PKCS1-v1_5 decoding
|
1672 |
+
|
1673 |
+
if (ord($em[0]) != 0 || ord($em[1]) > 2) {
|
1674 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1675 |
+
return false;
|
1676 |
+
}
|
1677 |
+
|
1678 |
+
$ps = substr($em, 2, strpos($em, chr(0), 2) - 2);
|
1679 |
+
$m = substr($em, strlen($ps) + 3);
|
1680 |
+
|
1681 |
+
if (strlen($ps) < 8) {
|
1682 |
+
user_error('Decryption error', E_USER_NOTICE);
|
1683 |
+
return false;
|
1684 |
+
}
|
1685 |
+
|
1686 |
+
// Output M
|
1687 |
+
|
1688 |
+
return $m;
|
1689 |
+
}
|
1690 |
+
|
1691 |
+
/**
|
1692 |
+
* EMSA-PSS-ENCODE
|
1693 |
+
*
|
1694 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}.
|
1695 |
+
*
|
1696 |
+
* @access private
|
1697 |
+
* @param String $m
|
1698 |
+
* @param Integer $emBits
|
1699 |
+
*/
|
1700 |
+
function _emsa_pss_encode($m, $emBits)
|
1701 |
+
{
|
1702 |
+
// if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1703 |
+
// be output.
|
1704 |
+
|
1705 |
+
$emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8)
|
1706 |
+
$sLen = $this->sLen == false ? $this->hLen : $this->sLen;
|
1707 |
+
|
1708 |
+
$mHash = $this->hash->hash($m);
|
1709 |
+
if ($emLen < $this->hLen + $sLen + 2) {
|
1710 |
+
user_error('Encoding error', E_USER_NOTICE);
|
1711 |
+
return false;
|
1712 |
+
}
|
1713 |
+
|
1714 |
+
$salt = $this->_random($sLen);
|
1715 |
+
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
|
1716 |
+
$h = $this->hash->hash($m2);
|
1717 |
+
$ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2);
|
1718 |
+
$db = $ps . chr(1) . $salt;
|
1719 |
+
$dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
|
1720 |
+
$maskedDB = $db ^ $dbMask;
|
1721 |
+
$maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0];
|
1722 |
+
$em = $maskedDB . $h . chr(0xBC);
|
1723 |
+
|
1724 |
+
return $em;
|
1725 |
+
}
|
1726 |
+
|
1727 |
+
/**
|
1728 |
+
* EMSA-PSS-VERIFY
|
1729 |
+
*
|
1730 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}.
|
1731 |
+
*
|
1732 |
+
* @access private
|
1733 |
+
* @param String $m
|
1734 |
+
* @param String $em
|
1735 |
+
* @param Integer $emBits
|
1736 |
+
* @return String
|
1737 |
+
*/
|
1738 |
+
function _emsa_pss_verify($m, $em, $emBits)
|
1739 |
+
{
|
1740 |
+
// if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
|
1741 |
+
// be output.
|
1742 |
+
|
1743 |
+
$emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8);
|
1744 |
+
$sLen = $this->sLen == false ? $this->hLen : $this->sLen;
|
1745 |
+
|
1746 |
+
$mHash = $this->hash->hash($m);
|
1747 |
+
if ($emLen < $this->hLen + $sLen + 2) {
|
1748 |
+
return false;
|
1749 |
+
}
|
1750 |
+
|
1751 |
+
if ($em[strlen($em) - 1] != chr(0xBC)) {
|
1752 |
+
return false;
|
1753 |
+
}
|
1754 |
+
|
1755 |
+
$maskedDB = substr($em, 0, $em - $this->hLen - 1);
|
1756 |
+
$h = substr($em, $em - $this->hLen - 1, $this->hLen);
|
1757 |
+
$temp = chr(0xFF << ($emBits & 7));
|
1758 |
+
if ((~$maskedDB[0] & $temp) != $temp) {
|
1759 |
+
return false;
|
1760 |
+
}
|
1761 |
+
$dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
|
1762 |
+
$db = $maskedDB ^ $dbMask;
|
1763 |
+
$db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0];
|
1764 |
+
$temp = $emLen - $this->hLen - $sLen - 2;
|
1765 |
+
if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) {
|
1766 |
+
return false;
|
1767 |
+
}
|
1768 |
+
$salt = substr($db, $temp + 1); // should be $sLen long
|
1769 |
+
$m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
|
1770 |
+
$h2 = $this->hash->hash($m2);
|
1771 |
+
return $h == $h2;
|
1772 |
+
}
|
1773 |
+
|
1774 |
+
/**
|
1775 |
+
* RSASSA-PSS-SIGN
|
1776 |
+
*
|
1777 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}.
|
1778 |
+
*
|
1779 |
+
* @access private
|
1780 |
+
* @param String $m
|
1781 |
+
* @return String
|
1782 |
+
*/
|
1783 |
+
function _rsassa_pss_sign($m)
|
1784 |
+
{
|
1785 |
+
// EMSA-PSS encoding
|
1786 |
+
|
1787 |
+
$em = $this->_emsa_pss_encode($m, 8 * $this->k - 1);
|
1788 |
+
|
1789 |
+
// RSA signature
|
1790 |
+
|
1791 |
+
$m = $this->_os2ip($em);
|
1792 |
+
$s = $this->_rsasp1($m);
|
1793 |
+
$s = $this->_i2osp($s, $this->k);
|
1794 |
+
|
1795 |
+
// Output the signature S
|
1796 |
+
|
1797 |
+
return $s;
|
1798 |
+
}
|
1799 |
+
|
1800 |
+
/**
|
1801 |
+
* RSASSA-PSS-VERIFY
|
1802 |
+
*
|
1803 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}.
|
1804 |
+
*
|
1805 |
+
* @access private
|
1806 |
+
* @param String $m
|
1807 |
+
* @param String $s
|
1808 |
+
* @return String
|
1809 |
+
*/
|
1810 |
+
function _rsassa_pss_verify($m, $s)
|
1811 |
+
{
|
1812 |
+
// Length checking
|
1813 |
+
|
1814 |
+
if (strlen($s) != $this->k) {
|
1815 |
+
user_error('Invalid signature', E_USER_NOTICE);
|
1816 |
+
return false;
|
1817 |
+
}
|
1818 |
+
|
1819 |
+
// RSA verification
|
1820 |
+
|
1821 |
+
$modBits = 8 * $this->k;
|
1822 |
+
|
1823 |
+
$s2 = $this->_os2ip($s);
|
1824 |
+
$m2 = $this->_rsavp1($s2);
|
1825 |
+
if ($m2 === false) {
|
1826 |
+
user_error('Invalid signature', E_USER_NOTICE);
|
1827 |
+
return false;
|
1828 |
+
}
|
1829 |
+
$em = $this->_i2osp($m2, $modBits >> 3);
|
1830 |
+
if ($em === false) {
|
1831 |
+
user_error('Invalid signature', E_USER_NOTICE);
|
1832 |
+
return false;
|
1833 |
+
}
|
1834 |
+
|
1835 |
+
// EMSA-PSS verification
|
1836 |
+
|
1837 |
+
return $this->_emsa_pss_verify($m, $em, $modBits - 1);
|
1838 |
+
}
|
1839 |
+
|
1840 |
+
/**
|
1841 |
+
* EMSA-PKCS1-V1_5-ENCODE
|
1842 |
+
*
|
1843 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}.
|
1844 |
+
*
|
1845 |
+
* @access private
|
1846 |
+
* @param String $m
|
1847 |
+
* @param Integer $emLen
|
1848 |
+
* @return String
|
1849 |
+
*/
|
1850 |
+
function _emsa_pkcs1_v1_5_encode($m, $emLen)
|
1851 |
+
{
|
1852 |
+
$h = $this->hash->hash($m);
|
1853 |
+
if ($h === false) {
|
1854 |
+
return false;
|
1855 |
+
}
|
1856 |
+
|
1857 |
+
// see http://tools.ietf.org/html/rfc3447#page-43
|
1858 |
+
switch ($this->hashName) {
|
1859 |
+
case 'md2':
|
1860 |
+
$t = pack('H*', '3020300c06082a864886f70d020205000410');
|
1861 |
+
break;
|
1862 |
+
case 'md5':
|
1863 |
+
$t = pack('H*', '3020300c06082a864886f70d020505000410');
|
1864 |
+
break;
|
1865 |
+
case 'sha1':
|
1866 |
+
$t = pack('H*', '3021300906052b0e03021a05000414');
|
1867 |
+
break;
|
1868 |
+
case 'sha256':
|
1869 |
+
$t = pack('H*', '3031300d060960864801650304020105000420');
|
1870 |
+
break;
|
1871 |
+
case 'sha384':
|
1872 |
+
$t = pack('H*', '3041300d060960864801650304020205000430');
|
1873 |
+
break;
|
1874 |
+
case 'sha512':
|
1875 |
+
$t = pack('H*', '3051300d060960864801650304020305000440');
|
1876 |
+
}
|
1877 |
+
$t.= $h;
|
1878 |
+
$tLen = strlen($t);
|
1879 |
+
|
1880 |
+
if ($emLen < $tLen + 11) {
|
1881 |
+
user_error('Intended encoded message length too short', E_USER_NOTICE);
|
1882 |
+
return false;
|
1883 |
+
}
|
1884 |
+
|
1885 |
+
$ps = str_repeat(chr(0xFF), $emLen - $tLen - 3);
|
1886 |
+
|
1887 |
+
$em = "\0\1$ps\0$t";
|
1888 |
+
|
1889 |
+
return $em;
|
1890 |
+
}
|
1891 |
+
|
1892 |
+
/**
|
1893 |
+
* RSASSA-PKCS1-V1_5-SIGN
|
1894 |
+
*
|
1895 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}.
|
1896 |
+
*
|
1897 |
+
* @access private
|
1898 |
+
* @param String $m
|
1899 |
+
* @return String
|
1900 |
+
*/
|
1901 |
+
function _rsassa_pkcs1_v1_5_sign($m)
|
1902 |
+
{
|
1903 |
+
// EMSA-PKCS1-v1_5 encoding
|
1904 |
+
|
1905 |
+
$em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
|
1906 |
+
if ($em === false) {
|
1907 |
+
user_error('RSA modulus too short', E_USER_NOTICE);
|
1908 |
+
return false;
|
1909 |
+
}
|
1910 |
+
|
1911 |
+
// RSA signature
|
1912 |
+
|
1913 |
+
$m = $this->_os2ip($em);
|
1914 |
+
$s = $this->_rsasp1($m);
|
1915 |
+
$s = $this->_i2osp($s, $this->k);
|
1916 |
+
|
1917 |
+
// Output the signature S
|
1918 |
+
|
1919 |
+
return $s;
|
1920 |
+
}
|
1921 |
+
|
1922 |
+
/**
|
1923 |
+
* RSASSA-PKCS1-V1_5-VERIFY
|
1924 |
+
*
|
1925 |
+
* See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}.
|
1926 |
+
*
|
1927 |
+
* @access private
|
1928 |
+
* @param String $m
|
1929 |
+
* @return String
|
1930 |
+
*/
|
1931 |
+
function _rsassa_pkcs1_v1_5_verify($m, $s)
|
1932 |
+
{
|
1933 |
+
// Length checking
|
1934 |
+
|
1935 |
+
if (strlen($s) != $this->k) {
|
1936 |
+
user_error('Invalid signature', E_USER_NOTICE);
|
1937 |
+
return false;
|
1938 |
+
}
|
1939 |
+
|
1940 |
+
// RSA verification
|
1941 |
+
|
1942 |
+
$s = $this->_os2ip($s);
|
1943 |
+
$m2 = $this->_rsavp1($s);
|
1944 |
+
if ($m2 === false) {
|
1945 |
+
user_error('Invalid signature', E_USER_NOTICE);
|
1946 |
+
return false;
|
1947 |
+
}
|
1948 |
+
$em = $this->_i2osp($m2, $this->k);
|
1949 |
+
if ($em === false) {
|
1950 |
+
user_error('Invalid signature', E_USER_NOTICE);
|
1951 |
+
return false;
|
1952 |
+
}
|
1953 |
+
|
1954 |
+
// EMSA-PKCS1-v1_5 encoding
|
1955 |
+
|
1956 |
+
$em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
|
1957 |
+
if ($em2 === false) {
|
1958 |
+
user_error('RSA modulus too short', E_USER_NOTICE);
|
1959 |
+
return false;
|
1960 |
+
}
|
1961 |
+
|
1962 |
+
// Compare
|
1963 |
+
|
1964 |
+
return $em === $em2;
|
1965 |
+
}
|
1966 |
+
|
1967 |
+
/**
|
1968 |
+
* Set Encryption Mode
|
1969 |
+
*
|
1970 |
+
* Valid values include CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1.
|
1971 |
+
*
|
1972 |
+
* @access public
|
1973 |
+
* @param Integer $mode
|
1974 |
+
*/
|
1975 |
+
function setEncryptionMode($mode)
|
1976 |
+
{
|
1977 |
+
$this->encryptionMode = $mode;
|
1978 |
+
}
|
1979 |
+
|
1980 |
+
/**
|
1981 |
+
* Set Signature Mode
|
1982 |
+
*
|
1983 |
+
* Valid values include CRYPT_RSA_SIGNATURE_PSS and CRYPT_RSA_SIGNATURE_PKCS1
|
1984 |
+
*
|
1985 |
+
* @access public
|
1986 |
+
* @param Integer $mode
|
1987 |
+
*/
|
1988 |
+
function setSignatureMode($mode)
|
1989 |
+
{
|
1990 |
+
$this->signatureMode = $mode;
|
1991 |
+
}
|
1992 |
+
|
1993 |
+
/**
|
1994 |
+
* Encryption
|
1995 |
+
*
|
1996 |
+
* Both CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1 both place limits on how long $plaintext can be.
|
1997 |
+
* If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will
|
1998 |
+
* be concatenated together.
|
1999 |
+
*
|
2000 |
+
* @see decrypt()
|
2001 |
+
* @access public
|
2002 |
+
* @param String $plaintext
|
2003 |
+
* @return String
|
2004 |
+
*/
|
2005 |
+
function encrypt($plaintext)
|
2006 |
+
{
|
2007 |
+
switch ($this->encryptionMode) {
|
2008 |
+
case CRYPT_RSA_ENCRYPTION_PKCS1:
|
2009 |
+
$length = $this->k - 11;
|
2010 |
+
if ($length <= 0) {
|
2011 |
+
return false;
|
2012 |
+
}
|
2013 |
+
|
2014 |
+
$plaintext = str_split($plaintext, $length);
|
2015 |
+
$ciphertext = '';
|
2016 |
+
foreach ($plaintext as $m) {
|
2017 |
+
$ciphertext.= $this->_rsaes_pkcs1_v1_5_encrypt($m);
|
2018 |
+
}
|
2019 |
+
return $ciphertext;
|
2020 |
+
//case CRYPT_RSA_ENCRYPTION_OAEP:
|
2021 |
+
default:
|
2022 |
+
$length = $this->k - 2 * $this->hLen - 2;
|
2023 |
+
if ($length <= 0) {
|
2024 |
+
return false;
|
2025 |
+
}
|
2026 |
+
|
2027 |
+
$plaintext = str_split($plaintext, $length);
|
2028 |
+
$ciphertext = '';
|
2029 |
+
foreach ($plaintext as $m) {
|
2030 |
+
$ciphertext.= $this->_rsaes_oaep_encrypt($m);
|
2031 |
+
}
|
2032 |
+
return $ciphertext;
|
2033 |
+
}
|
2034 |
+
}
|
2035 |
+
|
2036 |
+
/**
|
2037 |
+
* Decryption
|
2038 |
+
*
|
2039 |
+
* @see encrypt()
|
2040 |
+
* @access public
|
2041 |
+
* @param String $plaintext
|
2042 |
+
* @return String
|
2043 |
+
*/
|
2044 |
+
function decrypt($ciphertext)
|
2045 |
+
{
|
2046 |
+
if ($this->k <= 0) {
|
2047 |
+
return false;
|
2048 |
+
}
|
2049 |
+
|
2050 |
+
$ciphertext = str_split($ciphertext, $this->k);
|
2051 |
+
$plaintext = '';
|
2052 |
+
|
2053 |
+
switch ($this->encryptionMode) {
|
2054 |
+
case CRYPT_RSA_ENCRYPTION_PKCS1:
|
2055 |
+
$decrypt = '_rsaes_pkcs1_v1_5_decrypt';
|
2056 |
+
break;
|
2057 |
+
//case CRYPT_RSA_ENCRYPTION_OAEP:
|
2058 |
+
default:
|
2059 |
+
$decrypt = '_rsaes_oaep_decrypt';
|
2060 |
+
}
|
2061 |
+
|
2062 |
+
foreach ($ciphertext as $c) {
|
2063 |
+
$temp = $this->$decrypt($c);
|
2064 |
+
if ($temp === false) {
|
2065 |
+
return false;
|
2066 |
+
}
|
2067 |
+
$plaintext.= $temp;
|
2068 |
+
}
|
2069 |
+
|
2070 |
+
return $plaintext;
|
2071 |
+
}
|
2072 |
+
|
2073 |
+
/**
|
2074 |
+
* Create a signature
|
2075 |
+
*
|
2076 |
+
* @see verify()
|
2077 |
+
* @access public
|
2078 |
+
* @param String $message
|
2079 |
+
* @return String
|
2080 |
+
*/
|
2081 |
+
function sign($message)
|
2082 |
+
{
|
2083 |
+
if (empty($this->modulus) || empty($this->exponent)) {
|
2084 |
+
return false;
|
2085 |
+
}
|
2086 |
+
|
2087 |
+
switch ($this->signatureMode) {
|
2088 |
+
case CRYPT_RSA_SIGNATURE_PKCS1:
|
2089 |
+
return $this->_rsassa_pkcs1_v1_5_sign($message);
|
2090 |
+
//case CRYPT_RSA_SIGNATURE_PSS:
|
2091 |
+
default:
|
2092 |
+
return $this->_rsassa_pss_sign($message);
|
2093 |
+
}
|
2094 |
+
}
|
2095 |
+
|
2096 |
+
/**
|
2097 |
+
* Verifies a signature
|
2098 |
+
*
|
2099 |
+
* @see sign()
|
2100 |
+
* @access public
|
2101 |
+
* @param String $message
|
2102 |
+
* @param String $signature
|
2103 |
+
* @return Boolean
|
2104 |
+
*/
|
2105 |
+
function verify($message, $signature)
|
2106 |
+
{
|
2107 |
+
if (empty($this->modulus) || empty($this->exponent)) {
|
2108 |
+
return false;
|
2109 |
+
}
|
2110 |
+
|
2111 |
+
switch ($this->signatureMode) {
|
2112 |
+
case CRYPT_RSA_SIGNATURE_PKCS1:
|
2113 |
+
return $this->_rsassa_pkcs1_v1_5_verify($message, $signature);
|
2114 |
+
//case CRYPT_RSA_SIGNATURE_PSS:
|
2115 |
+
default:
|
2116 |
+
return $this->_rsassa_pss_verify($message, $signature);
|
2117 |
+
}
|
2118 |
+
}
|
2119 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/Random.php
CHANGED
@@ -1,129 +1,129 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Random Number Generator
|
6 |
-
*
|
7 |
-
* PHP versions 4 and 5
|
8 |
-
*
|
9 |
-
* Here's a short example of how to use this library:
|
10 |
-
* <code>
|
11 |
-
* <?php
|
12 |
-
* include('Crypt/Random.php');
|
13 |
-
*
|
14 |
-
* echo crypt_random();
|
15 |
-
* ?>
|
16 |
-
* </code>
|
17 |
-
*
|
18 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
19 |
-
* modify it under the terms of the GNU Lesser General Public
|
20 |
-
* License as published by the Free Software Foundation; either
|
21 |
-
* version 2.1 of the License, or (at your option) any later version.
|
22 |
-
*
|
23 |
-
* This library is distributed in the hope that it will be useful,
|
24 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
25 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
26 |
-
* Lesser General Public License for more details.
|
27 |
-
*
|
28 |
-
* You should have received a copy of the GNU Lesser General Public
|
29 |
-
* License along with this library; if not, write to the Free Software
|
30 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
31 |
-
* MA 02111-1307 USA
|
32 |
-
*
|
33 |
-
* @category Crypt
|
34 |
-
* @package Crypt_Random
|
35 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
36 |
-
* @copyright MMVII Jim Wigginton
|
37 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
38 |
-
* @version $Id: Random.php,v 1.9 2010/04/24 06:40:48 terrafrost Exp $
|
39 |
-
* @link http://phpseclib.sourceforge.net
|
40 |
-
*/
|
41 |
-
|
42 |
-
/**
|
43 |
-
* Generate a random value.
|
44 |
-
*
|
45 |
-
* On 32-bit machines, the largest distance that can exist between $min and $max is 2**31.
|
46 |
-
* If $min and $max are farther apart than that then the last ($max - range) numbers.
|
47 |
-
*
|
48 |
-
* Depending on how this is being used, it may be worth while to write a replacement. For example,
|
49 |
-
* a PHP-based web app that stores its data in an SQL database can collect more entropy than this function
|
50 |
-
* can.
|
51 |
-
*
|
52 |
-
* @param optional Integer $min
|
53 |
-
* @param optional Integer $max
|
54 |
-
* @return Integer
|
55 |
-
* @access public
|
56 |
-
*/
|
57 |
-
function crypt_random($min = 0, $max = 0x7FFFFFFF)
|
58 |
-
{
|
59 |
-
if ($min == $max) {
|
60 |
-
return $min;
|
61 |
-
}
|
62 |
-
|
63 |
-
// see http://en.wikipedia.org/wiki//dev/random
|
64 |
-
// if open_basedir is enabled file_exists() will ouput an "open_basedir restriction in effect" warning,
|
65 |
-
// so we suppress it.
|
66 |
-
if (@file_exists('/dev/urandom')) {
|
67 |
-
static $fp;
|
68 |
-
if (!$fp) {
|
69 |
-
$fp = fopen('/dev/urandom', 'rb');
|
70 |
-
}
|
71 |
-
extract(unpack('Nrandom', fread($fp, 4)));
|
72 |
-
|
73 |
-
// say $min = 0 and $max = 3. if we didn't do abs() then we could have stuff like this:
|
74 |
-
// -4 % 3 + 0 = -1, even though -1 < $min
|
75 |
-
return abs($random) % ($max - $min) + $min;
|
76 |
-
}
|
77 |
-
|
78 |
-
/* Prior to PHP 4.2.0, mt_srand() had to be called before mt_rand() could be called.
|
79 |
-
Prior to PHP 5.2.6, mt_rand()'s automatic seeding was subpar, as elaborated here:
|
80 |
-
|
81 |
-
http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/
|
82 |
-
|
83 |
-
The seeding routine is pretty much ripped from PHP's own internal GENERATE_SEED() macro:
|
84 |
-
|
85 |
-
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3_2/ext/standard/php_rand.h?view=markup */
|
86 |
-
if (version_compare(PHP_VERSION, '5.2.5', '<=')) {
|
87 |
-
static $seeded;
|
88 |
-
if (!isset($seeded)) {
|
89 |
-
$seeded = true;
|
90 |
-
mt_srand(fmod(time() * getmypid(), 0x7FFFFFFF) ^ fmod(1000000 * lcg_value(), 0x7FFFFFFF));
|
91 |
-
}
|
92 |
-
}
|
93 |
-
|
94 |
-
static $crypto;
|
95 |
-
|
96 |
-
// The CSPRNG's Yarrow and Fortuna periodically reseed. This function can be reseeded by hitting F5
|
97 |
-
// in the browser and reloading the page.
|
98 |
-
|
99 |
-
if (!isset($crypto)) {
|
100 |
-
$key = $iv = '';
|
101 |
-
for ($i = 0; $i < 8; $i++) {
|
102 |
-
$key.= pack('n', mt_rand(0, 0xFFFF));
|
103 |
-
$iv .= pack('n', mt_rand(0, 0xFFFF));
|
104 |
-
}
|
105 |
-
switch (true) {
|
106 |
-
case class_exists('Crypt_AES'):
|
107 |
-
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
108 |
-
break;
|
109 |
-
case class_exists('Crypt_TripleDES'):
|
110 |
-
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
111 |
-
break;
|
112 |
-
case class_exists('Crypt_DES'):
|
113 |
-
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
|
114 |
-
break;
|
115 |
-
case class_exists('Crypt_RC4'):
|
116 |
-
$crypto = new Crypt_RC4();
|
117 |
-
break;
|
118 |
-
default:
|
119 |
-
extract(unpack('Nrandom', pack('H*', sha1(mt_rand(0, 0x7FFFFFFF)))));
|
120 |
-
return abs($random) % ($max - $min) + $min;
|
121 |
-
}
|
122 |
-
$crypto->setKey($key);
|
123 |
-
$crypto->setIV($iv);
|
124 |
-
$crypto->enableContinuousBuffer();
|
125 |
-
}
|
126 |
-
|
127 |
-
extract(unpack('Nrandom', $crypto->encrypt("\0\0\0\0")));
|
128 |
-
return abs($random) % ($max - $min) + $min;
|
129 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Random Number Generator
|
6 |
+
*
|
7 |
+
* PHP versions 4 and 5
|
8 |
+
*
|
9 |
+
* Here's a short example of how to use this library:
|
10 |
+
* <code>
|
11 |
+
* <?php
|
12 |
+
* include('Crypt/Random.php');
|
13 |
+
*
|
14 |
+
* echo crypt_random();
|
15 |
+
* ?>
|
16 |
+
* </code>
|
17 |
+
*
|
18 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
19 |
+
* modify it under the terms of the GNU Lesser General Public
|
20 |
+
* License as published by the Free Software Foundation; either
|
21 |
+
* version 2.1 of the License, or (at your option) any later version.
|
22 |
+
*
|
23 |
+
* This library is distributed in the hope that it will be useful,
|
24 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
25 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
26 |
+
* Lesser General Public License for more details.
|
27 |
+
*
|
28 |
+
* You should have received a copy of the GNU Lesser General Public
|
29 |
+
* License along with this library; if not, write to the Free Software
|
30 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
31 |
+
* MA 02111-1307 USA
|
32 |
+
*
|
33 |
+
* @category Crypt
|
34 |
+
* @package Crypt_Random
|
35 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
36 |
+
* @copyright MMVII Jim Wigginton
|
37 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
38 |
+
* @version $Id: Random.php,v 1.9 2010/04/24 06:40:48 terrafrost Exp $
|
39 |
+
* @link http://phpseclib.sourceforge.net
|
40 |
+
*/
|
41 |
+
|
42 |
+
/**
|
43 |
+
* Generate a random value.
|
44 |
+
*
|
45 |
+
* On 32-bit machines, the largest distance that can exist between $min and $max is 2**31.
|
46 |
+
* If $min and $max are farther apart than that then the last ($max - range) numbers.
|
47 |
+
*
|
48 |
+
* Depending on how this is being used, it may be worth while to write a replacement. For example,
|
49 |
+
* a PHP-based web app that stores its data in an SQL database can collect more entropy than this function
|
50 |
+
* can.
|
51 |
+
*
|
52 |
+
* @param optional Integer $min
|
53 |
+
* @param optional Integer $max
|
54 |
+
* @return Integer
|
55 |
+
* @access public
|
56 |
+
*/
|
57 |
+
function crypt_random($min = 0, $max = 0x7FFFFFFF)
|
58 |
+
{
|
59 |
+
if ($min == $max) {
|
60 |
+
return $min;
|
61 |
+
}
|
62 |
+
|
63 |
+
// see http://en.wikipedia.org/wiki//dev/random
|
64 |
+
// if open_basedir is enabled file_exists() will ouput an "open_basedir restriction in effect" warning,
|
65 |
+
// so we suppress it.
|
66 |
+
if (@file_exists('/dev/urandom')) {
|
67 |
+
static $fp;
|
68 |
+
if (!$fp) {
|
69 |
+
$fp = fopen('/dev/urandom', 'rb');
|
70 |
+
}
|
71 |
+
extract(unpack('Nrandom', fread($fp, 4)));
|
72 |
+
|
73 |
+
// say $min = 0 and $max = 3. if we didn't do abs() then we could have stuff like this:
|
74 |
+
// -4 % 3 + 0 = -1, even though -1 < $min
|
75 |
+
return abs($random) % ($max - $min) + $min;
|
76 |
+
}
|
77 |
+
|
78 |
+
/* Prior to PHP 4.2.0, mt_srand() had to be called before mt_rand() could be called.
|
79 |
+
Prior to PHP 5.2.6, mt_rand()'s automatic seeding was subpar, as elaborated here:
|
80 |
+
|
81 |
+
http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/
|
82 |
+
|
83 |
+
The seeding routine is pretty much ripped from PHP's own internal GENERATE_SEED() macro:
|
84 |
+
|
85 |
+
http://svn.php.net/viewvc/php/php-src/branches/PHP_5_3_2/ext/standard/php_rand.h?view=markup */
|
86 |
+
if (version_compare(PHP_VERSION, '5.2.5', '<=')) {
|
87 |
+
static $seeded;
|
88 |
+
if (!isset($seeded)) {
|
89 |
+
$seeded = true;
|
90 |
+
mt_srand(fmod(time() * getmypid(), 0x7FFFFFFF) ^ fmod(1000000 * lcg_value(), 0x7FFFFFFF));
|
91 |
+
}
|
92 |
+
}
|
93 |
+
|
94 |
+
static $crypto;
|
95 |
+
|
96 |
+
// The CSPRNG's Yarrow and Fortuna periodically reseed. This function can be reseeded by hitting F5
|
97 |
+
// in the browser and reloading the page.
|
98 |
+
|
99 |
+
if (!isset($crypto)) {
|
100 |
+
$key = $iv = '';
|
101 |
+
for ($i = 0; $i < 8; $i++) {
|
102 |
+
$key.= pack('n', mt_rand(0, 0xFFFF));
|
103 |
+
$iv .= pack('n', mt_rand(0, 0xFFFF));
|
104 |
+
}
|
105 |
+
switch (true) {
|
106 |
+
case class_exists('Crypt_AES'):
|
107 |
+
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
108 |
+
break;
|
109 |
+
case class_exists('Crypt_TripleDES'):
|
110 |
+
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
111 |
+
break;
|
112 |
+
case class_exists('Crypt_DES'):
|
113 |
+
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
|
114 |
+
break;
|
115 |
+
case class_exists('Crypt_RC4'):
|
116 |
+
$crypto = new Crypt_RC4();
|
117 |
+
break;
|
118 |
+
default:
|
119 |
+
extract(unpack('Nrandom', pack('H*', sha1(mt_rand(0, 0x7FFFFFFF)))));
|
120 |
+
return abs($random) % ($max - $min) + $min;
|
121 |
+
}
|
122 |
+
$crypto->setKey($key);
|
123 |
+
$crypto->setIV($iv);
|
124 |
+
$crypto->enableContinuousBuffer();
|
125 |
+
}
|
126 |
+
|
127 |
+
extract(unpack('Nrandom', $crypto->encrypt("\0\0\0\0")));
|
128 |
+
return abs($random) % ($max - $min) + $min;
|
129 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/Rijndael.php
CHANGED
@@ -1,1242 +1,1242 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of Rijndael.
|
6 |
-
*
|
7 |
-
* Does not use mcrypt, even when available, for reasons that are explained below.
|
8 |
-
*
|
9 |
-
* PHP versions 4 and 5
|
10 |
-
*
|
11 |
-
* If {@link Crypt_Rijndael::setBlockLength() setBlockLength()} isn't called, it'll be assumed to be 128 bits. If
|
12 |
-
* {@link Crypt_Rijndael::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
13 |
-
* {@link Crypt_Rijndael::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's
|
14 |
-
* 136-bits it'll be null-padded to 160-bits and 160 bits will be the key length until
|
15 |
-
* {@link Crypt_Rijndael::setKey() setKey()} is called, again, at which point, it'll be recalculated.
|
16 |
-
*
|
17 |
-
* Not all Rijndael implementations may support 160-bits or 224-bits as the block length / key length. mcrypt, for example,
|
18 |
-
* does not. AES, itself, only supports block lengths of 128 and key lengths of 128, 192, and 256.
|
19 |
-
* {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=10 Rijndael-ammended.pdf#page=10} defines the
|
20 |
-
* algorithm for block lengths of 192 and 256 but not for block lengths / key lengths of 160 and 224. Indeed, 160 and 224
|
21 |
-
* are first defined as valid key / block lengths in
|
22 |
-
* {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=44 Rijndael-ammended.pdf#page=44}:
|
23 |
-
* Extensions: Other block and Cipher Key lengths.
|
24 |
-
*
|
25 |
-
* {@internal The variable names are the same as those in
|
26 |
-
* {@link http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf#page=10 fips-197.pdf#page=10}.}}
|
27 |
-
*
|
28 |
-
* Here's a short example of how to use this library:
|
29 |
-
* <code>
|
30 |
-
* <?php
|
31 |
-
* include('Crypt/Rijndael.php');
|
32 |
-
*
|
33 |
-
* $rijndael = new Crypt_Rijndael();
|
34 |
-
*
|
35 |
-
* $rijndael->setKey('abcdefghijklmnop');
|
36 |
-
*
|
37 |
-
* $size = 10 * 1024;
|
38 |
-
* $plaintext = '';
|
39 |
-
* for ($i = 0; $i < $size; $i++) {
|
40 |
-
* $plaintext.= 'a';
|
41 |
-
* }
|
42 |
-
*
|
43 |
-
* echo $rijndael->decrypt($rijndael->encrypt($plaintext));
|
44 |
-
* ?>
|
45 |
-
* </code>
|
46 |
-
*
|
47 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
48 |
-
* modify it under the terms of the GNU Lesser General Public
|
49 |
-
* License as published by the Free Software Foundation; either
|
50 |
-
* version 2.1 of the License, or (at your option) any later version.
|
51 |
-
*
|
52 |
-
* This library is distributed in the hope that it will be useful,
|
53 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
54 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
55 |
-
* Lesser General Public License for more details.
|
56 |
-
*
|
57 |
-
* You should have received a copy of the GNU Lesser General Public
|
58 |
-
* License along with this library; if not, write to the Free Software
|
59 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
60 |
-
* MA 02111-1307 USA
|
61 |
-
*
|
62 |
-
* @category Crypt
|
63 |
-
* @package Crypt_Rijndael
|
64 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
65 |
-
* @copyright MMVIII Jim Wigginton
|
66 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
67 |
-
* @version $Id: Rijndael.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
|
68 |
-
* @link http://phpseclib.sourceforge.net
|
69 |
-
*/
|
70 |
-
|
71 |
-
/**#@+
|
72 |
-
* @access public
|
73 |
-
* @see Crypt_Rijndael::encrypt()
|
74 |
-
* @see Crypt_Rijndael::decrypt()
|
75 |
-
*/
|
76 |
-
/**
|
77 |
-
* Encrypt / decrypt using the Counter mode.
|
78 |
-
*
|
79 |
-
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
80 |
-
*
|
81 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
82 |
-
*/
|
83 |
-
define('CRYPT_RIJNDAEL_MODE_CTR', -1);
|
84 |
-
/**
|
85 |
-
* Encrypt / decrypt using the Electronic Code Book mode.
|
86 |
-
*
|
87 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
88 |
-
*/
|
89 |
-
define('CRYPT_RIJNDAEL_MODE_ECB', 1);
|
90 |
-
/**
|
91 |
-
* Encrypt / decrypt using the Code Book Chaining mode.
|
92 |
-
*
|
93 |
-
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
94 |
-
*/
|
95 |
-
define('CRYPT_RIJNDAEL_MODE_CBC', 2);
|
96 |
-
/**#@-*/
|
97 |
-
|
98 |
-
/**#@+
|
99 |
-
* @access private
|
100 |
-
* @see Crypt_Rijndael::Crypt_Rijndael()
|
101 |
-
*/
|
102 |
-
/**
|
103 |
-
* Toggles the internal implementation
|
104 |
-
*/
|
105 |
-
define('CRYPT_RIJNDAEL_MODE_INTERNAL', 1);
|
106 |
-
/**
|
107 |
-
* Toggles the mcrypt implementation
|
108 |
-
*/
|
109 |
-
define('CRYPT_RIJNDAEL_MODE_MCRYPT', 2);
|
110 |
-
/**#@-*/
|
111 |
-
|
112 |
-
/**
|
113 |
-
* Pure-PHP implementation of Rijndael.
|
114 |
-
*
|
115 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
116 |
-
* @version 0.1.0
|
117 |
-
* @access public
|
118 |
-
* @package Crypt_Rijndael
|
119 |
-
*/
|
120 |
-
class Crypt_Rijndael {
|
121 |
-
/**
|
122 |
-
* The Encryption Mode
|
123 |
-
*
|
124 |
-
* @see Crypt_Rijndael::Crypt_Rijndael()
|
125 |
-
* @var Integer
|
126 |
-
* @access private
|
127 |
-
*/
|
128 |
-
var $mode;
|
129 |
-
|
130 |
-
/**
|
131 |
-
* The Key
|
132 |
-
*
|
133 |
-
* @see Crypt_Rijndael::setKey()
|
134 |
-
* @var String
|
135 |
-
* @access private
|
136 |
-
*/
|
137 |
-
var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
138 |
-
|
139 |
-
/**
|
140 |
-
* The Initialization Vector
|
141 |
-
*
|
142 |
-
* @see Crypt_Rijndael::setIV()
|
143 |
-
* @var String
|
144 |
-
* @access private
|
145 |
-
*/
|
146 |
-
var $iv = '';
|
147 |
-
|
148 |
-
/**
|
149 |
-
* A "sliding" Initialization Vector
|
150 |
-
*
|
151 |
-
* @see Crypt_Rijndael::enableContinuousBuffer()
|
152 |
-
* @var String
|
153 |
-
* @access private
|
154 |
-
*/
|
155 |
-
var $encryptIV = '';
|
156 |
-
|
157 |
-
/**
|
158 |
-
* A "sliding" Initialization Vector
|
159 |
-
*
|
160 |
-
* @see Crypt_Rijndael::enableContinuousBuffer()
|
161 |
-
* @var String
|
162 |
-
* @access private
|
163 |
-
*/
|
164 |
-
var $decryptIV = '';
|
165 |
-
|
166 |
-
/**
|
167 |
-
* Continuous Buffer status
|
168 |
-
*
|
169 |
-
* @see Crypt_Rijndael::enableContinuousBuffer()
|
170 |
-
* @var Boolean
|
171 |
-
* @access private
|
172 |
-
*/
|
173 |
-
var $continuousBuffer = false;
|
174 |
-
|
175 |
-
/**
|
176 |
-
* Padding status
|
177 |
-
*
|
178 |
-
* @see Crypt_Rijndael::enablePadding()
|
179 |
-
* @var Boolean
|
180 |
-
* @access private
|
181 |
-
*/
|
182 |
-
var $padding = true;
|
183 |
-
|
184 |
-
/**
|
185 |
-
* Does the key schedule need to be (re)calculated?
|
186 |
-
*
|
187 |
-
* @see setKey()
|
188 |
-
* @see setBlockLength()
|
189 |
-
* @see setKeyLength()
|
190 |
-
* @var Boolean
|
191 |
-
* @access private
|
192 |
-
*/
|
193 |
-
var $changed = true;
|
194 |
-
|
195 |
-
/**
|
196 |
-
* Has the key length explicitly been set or should it be derived from the key, itself?
|
197 |
-
*
|
198 |
-
* @see setKeyLength()
|
199 |
-
* @var Boolean
|
200 |
-
* @access private
|
201 |
-
*/
|
202 |
-
var $explicit_key_length = false;
|
203 |
-
|
204 |
-
/**
|
205 |
-
* The Key Schedule
|
206 |
-
*
|
207 |
-
* @see _setup()
|
208 |
-
* @var Array
|
209 |
-
* @access private
|
210 |
-
*/
|
211 |
-
var $w;
|
212 |
-
|
213 |
-
/**
|
214 |
-
* The Inverse Key Schedule
|
215 |
-
*
|
216 |
-
* @see _setup()
|
217 |
-
* @var Array
|
218 |
-
* @access private
|
219 |
-
*/
|
220 |
-
var $dw;
|
221 |
-
|
222 |
-
/**
|
223 |
-
* The Block Length
|
224 |
-
*
|
225 |
-
* @see setBlockLength()
|
226 |
-
* @var Integer
|
227 |
-
* @access private
|
228 |
-
* @internal The max value is 32, the min value is 16. All valid values are multiples of 4. Exists in conjunction with
|
229 |
-
* $Nb because we need this value and not $Nb to pad strings appropriately.
|
230 |
-
*/
|
231 |
-
var $block_size = 16;
|
232 |
-
|
233 |
-
/**
|
234 |
-
* The Block Length divided by 32
|
235 |
-
*
|
236 |
-
* @see setBlockLength()
|
237 |
-
* @var Integer
|
238 |
-
* @access private
|
239 |
-
* @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size
|
240 |
-
* because the encryption / decryption / key schedule creation requires this number and not $block_size. We could
|
241 |
-
* derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
242 |
-
* of that, we'll just precompute it once.
|
243 |
-
*
|
244 |
-
*/
|
245 |
-
var $Nb = 4;
|
246 |
-
|
247 |
-
/**
|
248 |
-
* The Key Length
|
249 |
-
*
|
250 |
-
* @see setKeyLength()
|
251 |
-
* @var Integer
|
252 |
-
* @access private
|
253 |
-
* @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $key_size
|
254 |
-
* because the encryption / decryption / key schedule creation requires this number and not $key_size. We could
|
255 |
-
* derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
256 |
-
* of that, we'll just precompute it once.
|
257 |
-
*/
|
258 |
-
var $key_size = 16;
|
259 |
-
|
260 |
-
/**
|
261 |
-
* The Key Length divided by 32
|
262 |
-
*
|
263 |
-
* @see setKeyLength()
|
264 |
-
* @var Integer
|
265 |
-
* @access private
|
266 |
-
* @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4
|
267 |
-
*/
|
268 |
-
var $Nk = 4;
|
269 |
-
|
270 |
-
/**
|
271 |
-
* The Number of Rounds
|
272 |
-
*
|
273 |
-
* @var Integer
|
274 |
-
* @access private
|
275 |
-
* @internal The max value is 14, the min value is 10.
|
276 |
-
*/
|
277 |
-
var $Nr;
|
278 |
-
|
279 |
-
/**
|
280 |
-
* Shift offsets
|
281 |
-
*
|
282 |
-
* @var Array
|
283 |
-
* @access private
|
284 |
-
*/
|
285 |
-
var $c;
|
286 |
-
|
287 |
-
/**
|
288 |
-
* Precomputed mixColumns table
|
289 |
-
*
|
290 |
-
* @see Crypt_Rijndael()
|
291 |
-
* @var Array
|
292 |
-
* @access private
|
293 |
-
*/
|
294 |
-
var $t0;
|
295 |
-
|
296 |
-
/**
|
297 |
-
* Precomputed mixColumns table
|
298 |
-
*
|
299 |
-
* @see Crypt_Rijndael()
|
300 |
-
* @var Array
|
301 |
-
* @access private
|
302 |
-
*/
|
303 |
-
var $t1;
|
304 |
-
|
305 |
-
/**
|
306 |
-
* Precomputed mixColumns table
|
307 |
-
*
|
308 |
-
* @see Crypt_Rijndael()
|
309 |
-
* @var Array
|
310 |
-
* @access private
|
311 |
-
*/
|
312 |
-
var $t2;
|
313 |
-
|
314 |
-
/**
|
315 |
-
* Precomputed mixColumns table
|
316 |
-
*
|
317 |
-
* @see Crypt_Rijndael()
|
318 |
-
* @var Array
|
319 |
-
* @access private
|
320 |
-
*/
|
321 |
-
var $t3;
|
322 |
-
|
323 |
-
/**
|
324 |
-
* Precomputed invMixColumns table
|
325 |
-
*
|
326 |
-
* @see Crypt_Rijndael()
|
327 |
-
* @var Array
|
328 |
-
* @access private
|
329 |
-
*/
|
330 |
-
var $dt0;
|
331 |
-
|
332 |
-
/**
|
333 |
-
* Precomputed invMixColumns table
|
334 |
-
*
|
335 |
-
* @see Crypt_Rijndael()
|
336 |
-
* @var Array
|
337 |
-
* @access private
|
338 |
-
*/
|
339 |
-
var $dt1;
|
340 |
-
|
341 |
-
/**
|
342 |
-
* Precomputed invMixColumns table
|
343 |
-
*
|
344 |
-
* @see Crypt_Rijndael()
|
345 |
-
* @var Array
|
346 |
-
* @access private
|
347 |
-
*/
|
348 |
-
var $dt2;
|
349 |
-
|
350 |
-
/**
|
351 |
-
* Precomputed invMixColumns table
|
352 |
-
*
|
353 |
-
* @see Crypt_Rijndael()
|
354 |
-
* @var Array
|
355 |
-
* @access private
|
356 |
-
*/
|
357 |
-
var $dt3;
|
358 |
-
|
359 |
-
/**
|
360 |
-
* Default Constructor.
|
361 |
-
*
|
362 |
-
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
363 |
-
* CRYPT_RIJNDAEL_MODE_ECB or CRYPT_RIJNDAEL_MODE_CBC. If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used.
|
364 |
-
*
|
365 |
-
* @param optional Integer $mode
|
366 |
-
* @return Crypt_Rijndael
|
367 |
-
* @access public
|
368 |
-
*/
|
369 |
-
function Crypt_Rijndael($mode = CRYPT_RIJNDAEL_MODE_CBC)
|
370 |
-
{
|
371 |
-
switch ($mode) {
|
372 |
-
case CRYPT_RIJNDAEL_MODE_ECB:
|
373 |
-
case CRYPT_RIJNDAEL_MODE_CBC:
|
374 |
-
case CRYPT_RIJNDAEL_MODE_CTR:
|
375 |
-
$this->mode = $mode;
|
376 |
-
break;
|
377 |
-
default:
|
378 |
-
$this->mode = CRYPT_RIJNDAEL_MODE_CBC;
|
379 |
-
}
|
380 |
-
|
381 |
-
$t3 = &$this->t3;
|
382 |
-
$t2 = &$this->t2;
|
383 |
-
$t1 = &$this->t1;
|
384 |
-
$t0 = &$this->t0;
|
385 |
-
|
386 |
-
$dt3 = &$this->dt3;
|
387 |
-
$dt2 = &$this->dt2;
|
388 |
-
$dt1 = &$this->dt1;
|
389 |
-
$dt0 = &$this->dt0;
|
390 |
-
|
391 |
-
// according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=19> (section 5.2.1),
|
392 |
-
// precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so
|
393 |
-
// those are the names we'll use.
|
394 |
-
$t3 = array(
|
395 |
-
0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491,
|
396 |
-
0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC,
|
397 |
-
0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB,
|
398 |
-
0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B,
|
399 |
-
0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83,
|
400 |
-
0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A,
|
401 |
-
0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F,
|
402 |
-
0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA,
|
403 |
-
0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B,
|
404 |
-
0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713,
|
405 |
-
0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6,
|
406 |
-
0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85,
|
407 |
-
0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411,
|
408 |
-
0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B,
|
409 |
-
0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1,
|
410 |
-
0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF,
|
411 |
-
0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E,
|
412 |
-
0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6,
|
413 |
-
0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B,
|
414 |
-
0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD,
|
415 |
-
0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8,
|
416 |
-
0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2,
|
417 |
-
0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049,
|
418 |
-
0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810,
|
419 |
-
0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197,
|
420 |
-
0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F,
|
421 |
-
0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C,
|
422 |
-
0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927,
|
423 |
-
0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733,
|
424 |
-
0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5,
|
425 |
-
0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0,
|
426 |
-
0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C
|
427 |
-
);
|
428 |
-
|
429 |
-
$dt3 = array(
|
430 |
-
0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B,
|
431 |
-
0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5,
|
432 |
-
0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B,
|
433 |
-
0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E,
|
434 |
-
0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D,
|
435 |
-
0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9,
|
436 |
-
0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66,
|
437 |
-
0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED,
|
438 |
-
0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4,
|
439 |
-
0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD,
|
440 |
-
0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60,
|
441 |
-
0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79,
|
442 |
-
0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C,
|
443 |
-
0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24,
|
444 |
-
0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C,
|
445 |
-
0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814,
|
446 |
-
0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B,
|
447 |
-
0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084,
|
448 |
-
0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077,
|
449 |
-
0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22,
|
450 |
-
0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F,
|
451 |
-
0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582,
|
452 |
-
0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB,
|
453 |
-
0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF,
|
454 |
-
0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035,
|
455 |
-
0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17,
|
456 |
-
0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46,
|
457 |
-
0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D,
|
458 |
-
0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A,
|
459 |
-
0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678,
|
460 |
-
0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF,
|
461 |
-
0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0
|
462 |
-
);
|
463 |
-
|
464 |
-
for ($i = 0; $i < 256; $i++) {
|
465 |
-
$t2[$i << 8] = (($t3[$i] << 8) & 0xFFFFFF00) | (($t3[$i] >> 24) & 0x000000FF);
|
466 |
-
$t1[$i << 16] = (($t3[$i] << 16) & 0xFFFF0000) | (($t3[$i] >> 16) & 0x0000FFFF);
|
467 |
-
$t0[$i << 24] = (($t3[$i] << 24) & 0xFF000000) | (($t3[$i] >> 8) & 0x00FFFFFF);
|
468 |
-
|
469 |
-
$dt2[$i << 8] = (($this->dt3[$i] << 8) & 0xFFFFFF00) | (($dt3[$i] >> 24) & 0x000000FF);
|
470 |
-
$dt1[$i << 16] = (($this->dt3[$i] << 16) & 0xFFFF0000) | (($dt3[$i] >> 16) & 0x0000FFFF);
|
471 |
-
$dt0[$i << 24] = (($this->dt3[$i] << 24) & 0xFF000000) | (($dt3[$i] >> 8) & 0x00FFFFFF);
|
472 |
-
}
|
473 |
-
}
|
474 |
-
|
475 |
-
/**
|
476 |
-
* Sets the key.
|
477 |
-
*
|
478 |
-
* Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and
|
479 |
-
* whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length
|
480 |
-
* up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the
|
481 |
-
* excess bits.
|
482 |
-
*
|
483 |
-
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
484 |
-
*
|
485 |
-
* @access public
|
486 |
-
* @param String $key
|
487 |
-
*/
|
488 |
-
function setKey($key)
|
489 |
-
{
|
490 |
-
$this->key = $key;
|
491 |
-
$this->changed = true;
|
492 |
-
}
|
493 |
-
|
494 |
-
/**
|
495 |
-
* Sets the initialization vector. (optional)
|
496 |
-
*
|
497 |
-
* SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed
|
498 |
-
* to be all zero's.
|
499 |
-
*
|
500 |
-
* @access public
|
501 |
-
* @param String $iv
|
502 |
-
*/
|
503 |
-
function setIV($iv)
|
504 |
-
{
|
505 |
-
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, $this->block_size), $this->block_size, chr(0));;
|
506 |
-
}
|
507 |
-
|
508 |
-
/**
|
509 |
-
* Sets the key length
|
510 |
-
*
|
511 |
-
* Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
|
512 |
-
* 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
|
513 |
-
*
|
514 |
-
* @access public
|
515 |
-
* @param Integer $length
|
516 |
-
*/
|
517 |
-
function setKeyLength($length)
|
518 |
-
{
|
519 |
-
$length >>= 5;
|
520 |
-
if ($length > 8) {
|
521 |
-
$length = 8;
|
522 |
-
} else if ($length < 4) {
|
523 |
-
$length = 4;
|
524 |
-
}
|
525 |
-
$this->Nk = $length;
|
526 |
-
$this->key_size = $length << 2;
|
527 |
-
|
528 |
-
$this->explicit_key_length = true;
|
529 |
-
$this->changed = true;
|
530 |
-
}
|
531 |
-
|
532 |
-
/**
|
533 |
-
* Sets the block length
|
534 |
-
*
|
535 |
-
* Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
|
536 |
-
* 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
|
537 |
-
*
|
538 |
-
* @access public
|
539 |
-
* @param Integer $length
|
540 |
-
*/
|
541 |
-
function setBlockLength($length)
|
542 |
-
{
|
543 |
-
$length >>= 5;
|
544 |
-
if ($length > 8) {
|
545 |
-
$length = 8;
|
546 |
-
} else if ($length < 4) {
|
547 |
-
$length = 4;
|
548 |
-
}
|
549 |
-
$this->Nb = $length;
|
550 |
-
$this->block_size = $length << 2;
|
551 |
-
$this->changed = true;
|
552 |
-
}
|
553 |
-
|
554 |
-
/**
|
555 |
-
* Generate CTR XOR encryption key
|
556 |
-
*
|
557 |
-
* Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
|
558 |
-
* plaintext / ciphertext in CTR mode.
|
559 |
-
*
|
560 |
-
* @see Crypt_Rijndael::decrypt()
|
561 |
-
* @see Crypt_Rijndael::encrypt()
|
562 |
-
* @access public
|
563 |
-
* @param Integer $length
|
564 |
-
* @param String $iv
|
565 |
-
*/
|
566 |
-
function _generate_xor($length, &$iv)
|
567 |
-
{
|
568 |
-
$xor = '';
|
569 |
-
$block_size = $this->block_size;
|
570 |
-
$num_blocks = floor(($length + ($block_size - 1)) / $block_size);
|
571 |
-
for ($i = 0; $i < $num_blocks; $i++) {
|
572 |
-
$xor.= $iv;
|
573 |
-
for ($j = 4; $j <= $block_size; $j+=4) {
|
574 |
-
$temp = substr($iv, -$j, 4);
|
575 |
-
switch ($temp) {
|
576 |
-
case "\xFF\xFF\xFF\xFF":
|
577 |
-
$iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
|
578 |
-
break;
|
579 |
-
case "\x7F\xFF\xFF\xFF":
|
580 |
-
$iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
|
581 |
-
break 2;
|
582 |
-
default:
|
583 |
-
extract(unpack('Ncount', $temp));
|
584 |
-
$iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
|
585 |
-
break 2;
|
586 |
-
}
|
587 |
-
}
|
588 |
-
}
|
589 |
-
|
590 |
-
return $xor;
|
591 |
-
}
|
592 |
-
|
593 |
-
/**
|
594 |
-
* Encrypts a message.
|
595 |
-
*
|
596 |
-
* $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other Rjindael
|
597 |
-
* implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's
|
598 |
-
* necessary are discussed in the following
|
599 |
-
* URL:
|
600 |
-
*
|
601 |
-
* {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
|
602 |
-
*
|
603 |
-
* An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
|
604 |
-
* strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
|
605 |
-
* length.
|
606 |
-
*
|
607 |
-
* @see Crypt_Rijndael::decrypt()
|
608 |
-
* @access public
|
609 |
-
* @param String $plaintext
|
610 |
-
*/
|
611 |
-
function encrypt($plaintext)
|
612 |
-
{
|
613 |
-
$this->_setup();
|
614 |
-
if ($this->mode != CRYPT_RIJNDAEL_MODE_CTR) {
|
615 |
-
$plaintext = $this->_pad($plaintext);
|
616 |
-
}
|
617 |
-
|
618 |
-
$block_size = $this->block_size;
|
619 |
-
$ciphertext = '';
|
620 |
-
switch ($this->mode) {
|
621 |
-
case CRYPT_RIJNDAEL_MODE_ECB:
|
622 |
-
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
623 |
-
$ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size));
|
624 |
-
}
|
625 |
-
break;
|
626 |
-
case CRYPT_RIJNDAEL_MODE_CBC:
|
627 |
-
$xor = $this->encryptIV;
|
628 |
-
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
629 |
-
$block = substr($plaintext, $i, $block_size);
|
630 |
-
$block = $this->_encryptBlock($block ^ $xor);
|
631 |
-
$xor = $block;
|
632 |
-
$ciphertext.= $block;
|
633 |
-
}
|
634 |
-
if ($this->continuousBuffer) {
|
635 |
-
$this->encryptIV = $xor;
|
636 |
-
}
|
637 |
-
break;
|
638 |
-
case CRYPT_RIJNDAEL_MODE_CTR:
|
639 |
-
$xor = $this->encryptIV;
|
640 |
-
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
641 |
-
$block = substr($plaintext, $i, $block_size);
|
642 |
-
$key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
|
643 |
-
$ciphertext.= $block ^ $key;
|
644 |
-
}
|
645 |
-
if ($this->continuousBuffer) {
|
646 |
-
$this->encryptIV = $xor;
|
647 |
-
}
|
648 |
-
}
|
649 |
-
|
650 |
-
return $ciphertext;
|
651 |
-
}
|
652 |
-
|
653 |
-
/**
|
654 |
-
* Decrypts a message.
|
655 |
-
*
|
656 |
-
* If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until
|
657 |
-
* it is.
|
658 |
-
*
|
659 |
-
* @see Crypt_Rijndael::encrypt()
|
660 |
-
* @access public
|
661 |
-
* @param String $ciphertext
|
662 |
-
*/
|
663 |
-
function decrypt($ciphertext)
|
664 |
-
{
|
665 |
-
$this->_setup();
|
666 |
-
|
667 |
-
if ($this->mode != CRYPT_RIJNDAEL_MODE_CTR) {
|
668 |
-
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
669 |
-
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
670 |
-
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + $this->block_size - 1) % $this->block_size, chr(0));
|
671 |
-
}
|
672 |
-
|
673 |
-
$block_size = $this->block_size;
|
674 |
-
$plaintext = '';
|
675 |
-
switch ($this->mode) {
|
676 |
-
case CRYPT_RIJNDAEL_MODE_ECB:
|
677 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
678 |
-
$plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size));
|
679 |
-
}
|
680 |
-
break;
|
681 |
-
case CRYPT_RIJNDAEL_MODE_CBC:
|
682 |
-
$xor = $this->decryptIV;
|
683 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
684 |
-
$block = substr($ciphertext, $i, $block_size);
|
685 |
-
$plaintext.= $this->_decryptBlock($block) ^ $xor;
|
686 |
-
$xor = $block;
|
687 |
-
}
|
688 |
-
if ($this->continuousBuffer) {
|
689 |
-
$this->decryptIV = $xor;
|
690 |
-
}
|
691 |
-
break;
|
692 |
-
case CRYPT_RIJNDAEL_MODE_CTR:
|
693 |
-
$xor = $this->decryptIV;
|
694 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
695 |
-
$block = substr($ciphertext, $i, $block_size);
|
696 |
-
$key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
|
697 |
-
$plaintext.= $block ^ $key;
|
698 |
-
}
|
699 |
-
if ($this->continuousBuffer) {
|
700 |
-
$this->decryptIV = $xor;
|
701 |
-
}
|
702 |
-
}
|
703 |
-
|
704 |
-
return $this->mode != CRYPT_RIJNDAEL_MODE_CTR ? $this->_unpad($plaintext) : $plaintext;
|
705 |
-
}
|
706 |
-
|
707 |
-
/**
|
708 |
-
* Encrypts a block
|
709 |
-
*
|
710 |
-
* @access private
|
711 |
-
* @param String $in
|
712 |
-
* @return String
|
713 |
-
*/
|
714 |
-
function _encryptBlock($in)
|
715 |
-
{
|
716 |
-
$state = array();
|
717 |
-
$words = unpack('N*word', $in);
|
718 |
-
|
719 |
-
$w = $this->w;
|
720 |
-
$t0 = $this->t0;
|
721 |
-
$t1 = $this->t1;
|
722 |
-
$t2 = $this->t2;
|
723 |
-
$t3 = $this->t3;
|
724 |
-
$Nb = $this->Nb;
|
725 |
-
$Nr = $this->Nr;
|
726 |
-
$c = $this->c;
|
727 |
-
|
728 |
-
// addRoundKey
|
729 |
-
$i = 0;
|
730 |
-
foreach ($words as $word) {
|
731 |
-
$state[] = $word ^ $w[0][$i++];
|
732 |
-
}
|
733 |
-
|
734 |
-
// fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components -
|
735 |
-
// subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding
|
736 |
-
// Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf.
|
737 |
-
// Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization.
|
738 |
-
// Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1],
|
739 |
-
// equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well.
|
740 |
-
|
741 |
-
// [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf
|
742 |
-
$temp = array();
|
743 |
-
for ($round = 1; $round < $Nr; $round++) {
|
744 |
-
$i = 0; // $c[0] == 0
|
745 |
-
$j = $c[1];
|
746 |
-
$k = $c[2];
|
747 |
-
$l = $c[3];
|
748 |
-
|
749 |
-
while ($i < $this->Nb) {
|
750 |
-
$temp[$i] = $t0[$state[$i] & 0xFF000000] ^
|
751 |
-
$t1[$state[$j] & 0x00FF0000] ^
|
752 |
-
$t2[$state[$k] & 0x0000FF00] ^
|
753 |
-
$t3[$state[$l] & 0x000000FF] ^
|
754 |
-
$w[$round][$i];
|
755 |
-
$i++;
|
756 |
-
$j = ($j + 1) % $Nb;
|
757 |
-
$k = ($k + 1) % $Nb;
|
758 |
-
$l = ($l + 1) % $Nb;
|
759 |
-
}
|
760 |
-
|
761 |
-
for ($i = 0; $i < $Nb; $i++) {
|
762 |
-
$state[$i] = $temp[$i];
|
763 |
-
}
|
764 |
-
}
|
765 |
-
|
766 |
-
// subWord
|
767 |
-
for ($i = 0; $i < $Nb; $i++) {
|
768 |
-
$state[$i] = $this->_subWord($state[$i]);
|
769 |
-
}
|
770 |
-
|
771 |
-
// shiftRows + addRoundKey
|
772 |
-
$i = 0; // $c[0] == 0
|
773 |
-
$j = $c[1];
|
774 |
-
$k = $c[2];
|
775 |
-
$l = $c[3];
|
776 |
-
while ($i < $this->Nb) {
|
777 |
-
$temp[$i] = ($state[$i] & 0xFF000000) ^
|
778 |
-
($state[$j] & 0x00FF0000) ^
|
779 |
-
($state[$k] & 0x0000FF00) ^
|
780 |
-
($state[$l] & 0x000000FF) ^
|
781 |
-
$w[$Nr][$i];
|
782 |
-
$i++;
|
783 |
-
$j = ($j + 1) % $Nb;
|
784 |
-
$k = ($k + 1) % $Nb;
|
785 |
-
$l = ($l + 1) % $Nb;
|
786 |
-
}
|
787 |
-
$state = $temp;
|
788 |
-
|
789 |
-
array_unshift($state, 'N*');
|
790 |
-
|
791 |
-
return call_user_func_array('pack', $state);
|
792 |
-
}
|
793 |
-
|
794 |
-
/**
|
795 |
-
* Decrypts a block
|
796 |
-
*
|
797 |
-
* @access private
|
798 |
-
* @param String $in
|
799 |
-
* @return String
|
800 |
-
*/
|
801 |
-
function _decryptBlock($in)
|
802 |
-
{
|
803 |
-
$state = array();
|
804 |
-
$words = unpack('N*word', $in);
|
805 |
-
|
806 |
-
$num_states = count($state);
|
807 |
-
$dw = $this->dw;
|
808 |
-
$dt0 = $this->dt0;
|
809 |
-
$dt1 = $this->dt1;
|
810 |
-
$dt2 = $this->dt2;
|
811 |
-
$dt3 = $this->dt3;
|
812 |
-
$Nb = $this->Nb;
|
813 |
-
$Nr = $this->Nr;
|
814 |
-
$c = $this->c;
|
815 |
-
|
816 |
-
// addRoundKey
|
817 |
-
$i = 0;
|
818 |
-
foreach ($words as $word) {
|
819 |
-
$state[] = $word ^ $dw[$Nr][$i++];
|
820 |
-
}
|
821 |
-
|
822 |
-
$temp = array();
|
823 |
-
for ($round = $Nr - 1; $round > 0; $round--) {
|
824 |
-
$i = 0; // $c[0] == 0
|
825 |
-
$j = $Nb - $c[1];
|
826 |
-
$k = $Nb - $c[2];
|
827 |
-
$l = $Nb - $c[3];
|
828 |
-
|
829 |
-
while ($i < $Nb) {
|
830 |
-
$temp[$i] = $dt0[$state[$i] & 0xFF000000] ^
|
831 |
-
$dt1[$state[$j] & 0x00FF0000] ^
|
832 |
-
$dt2[$state[$k] & 0x0000FF00] ^
|
833 |
-
$dt3[$state[$l] & 0x000000FF] ^
|
834 |
-
$dw[$round][$i];
|
835 |
-
$i++;
|
836 |
-
$j = ($j + 1) % $Nb;
|
837 |
-
$k = ($k + 1) % $Nb;
|
838 |
-
$l = ($l + 1) % $Nb;
|
839 |
-
}
|
840 |
-
|
841 |
-
for ($i = 0; $i < $Nb; $i++) {
|
842 |
-
$state[$i] = $temp[$i];
|
843 |
-
}
|
844 |
-
}
|
845 |
-
|
846 |
-
// invShiftRows + invSubWord + addRoundKey
|
847 |
-
$i = 0; // $c[0] == 0
|
848 |
-
$j = $Nb - $c[1];
|
849 |
-
$k = $Nb - $c[2];
|
850 |
-
$l = $Nb - $c[3];
|
851 |
-
|
852 |
-
while ($i < $Nb) {
|
853 |
-
$temp[$i] = $dw[0][$i] ^
|
854 |
-
$this->_invSubWord(($state[$i] & 0xFF000000) |
|
855 |
-
($state[$j] & 0x00FF0000) |
|
856 |
-
($state[$k] & 0x0000FF00) |
|
857 |
-
($state[$l] & 0x000000FF));
|
858 |
-
$i++;
|
859 |
-
$j = ($j + 1) % $Nb;
|
860 |
-
$k = ($k + 1) % $Nb;
|
861 |
-
$l = ($l + 1) % $Nb;
|
862 |
-
}
|
863 |
-
|
864 |
-
$state = $temp;
|
865 |
-
|
866 |
-
array_unshift($state, 'N*');
|
867 |
-
|
868 |
-
return call_user_func_array('pack', $state);
|
869 |
-
}
|
870 |
-
|
871 |
-
/**
|
872 |
-
* Setup Rijndael
|
873 |
-
*
|
874 |
-
* Validates all the variables and calculates $Nr - the number of rounds that need to be performed - and $w - the key
|
875 |
-
* key schedule.
|
876 |
-
*
|
877 |
-
* @access private
|
878 |
-
*/
|
879 |
-
function _setup()
|
880 |
-
{
|
881 |
-
// Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field.
|
882 |
-
// See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse
|
883 |
-
static $rcon = array(0,
|
884 |
-
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
|
885 |
-
0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000,
|
886 |
-
0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000,
|
887 |
-
0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000,
|
888 |
-
0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000,
|
889 |
-
0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000
|
890 |
-
);
|
891 |
-
|
892 |
-
if (!$this->changed) {
|
893 |
-
return;
|
894 |
-
}
|
895 |
-
|
896 |
-
if (!$this->explicit_key_length) {
|
897 |
-
// we do >> 2, here, and not >> 5, as we do above, since strlen($this->key) tells us the number of bytes - not bits
|
898 |
-
$length = strlen($this->key) >> 2;
|
899 |
-
if ($length > 8) {
|
900 |
-
$length = 8;
|
901 |
-
} else if ($length < 4) {
|
902 |
-
$length = 4;
|
903 |
-
}
|
904 |
-
$this->Nk = $length;
|
905 |
-
$this->key_size = $length << 2;
|
906 |
-
}
|
907 |
-
|
908 |
-
$this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0));
|
909 |
-
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, chr(0));
|
910 |
-
|
911 |
-
// see Rijndael-ammended.pdf#page=44
|
912 |
-
$this->Nr = max($this->Nk, $this->Nb) + 6;
|
913 |
-
|
914 |
-
// shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44,
|
915 |
-
// "Table 8: Shift offsets in Shiftrow for the alternative block lengths"
|
916 |
-
// shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14,
|
917 |
-
// "Table 2: Shift offsets for different block lengths"
|
918 |
-
switch ($this->Nb) {
|
919 |
-
case 4:
|
920 |
-
case 5:
|
921 |
-
case 6:
|
922 |
-
$this->c = array(0, 1, 2, 3);
|
923 |
-
break;
|
924 |
-
case 7:
|
925 |
-
$this->c = array(0, 1, 2, 4);
|
926 |
-
break;
|
927 |
-
case 8:
|
928 |
-
$this->c = array(0, 1, 3, 4);
|
929 |
-
}
|
930 |
-
|
931 |
-
$key = $this->key;
|
932 |
-
|
933 |
-
$w = array_values(unpack('N*words', $key));
|
934 |
-
|
935 |
-
$length = $this->Nb * ($this->Nr + 1);
|
936 |
-
for ($i = $this->Nk; $i < $length; $i++) {
|
937 |
-
$temp = $w[$i - 1];
|
938 |
-
if ($i % $this->Nk == 0) {
|
939 |
-
// according to <http://php.net/language.types.integer>, "the size of an integer is platform-dependent".
|
940 |
-
// on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine,
|
941 |
-
// 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and'
|
942 |
-
// with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is.
|
943 |
-
$temp = (($temp << 8) & 0xFFFFFF00) | (($temp >> 24) & 0x000000FF); // rotWord
|
944 |
-
$temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk];
|
945 |
-
} else if ($this->Nk > 6 && $i % $this->Nk == 4) {
|
946 |
-
$temp = $this->_subWord($temp);
|
947 |
-
}
|
948 |
-
$w[$i] = $w[$i - $this->Nk] ^ $temp;
|
949 |
-
}
|
950 |
-
|
951 |
-
// convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns
|
952 |
-
// and generate the inverse key schedule. more specifically,
|
953 |
-
// according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=23> (section 5.3.3),
|
954 |
-
// "The key expansion for the Inverse Cipher is defined as follows:
|
955 |
-
// 1. Apply the Key Expansion.
|
956 |
-
// 2. Apply InvMixColumn to all Round Keys except the first and the last one."
|
957 |
-
// also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher"
|
958 |
-
$temp = array();
|
959 |
-
for ($i = $row = $col = 0; $i < $length; $i++, $col++) {
|
960 |
-
if ($col == $this->Nb) {
|
961 |
-
if ($row == 0) {
|
962 |
-
$this->dw[0] = $this->w[0];
|
963 |
-
} else {
|
964 |
-
// subWord + invMixColumn + invSubWord = invMixColumn
|
965 |
-
$j = 0;
|
966 |
-
while ($j < $this->Nb) {
|
967 |
-
$dw = $this->_subWord($this->w[$row][$j]);
|
968 |
-
$temp[$j] = $this->dt0[$dw & 0xFF000000] ^
|
969 |
-
$this->dt1[$dw & 0x00FF0000] ^
|
970 |
-
$this->dt2[$dw & 0x0000FF00] ^
|
971 |
-
$this->dt3[$dw & 0x000000FF];
|
972 |
-
$j++;
|
973 |
-
}
|
974 |
-
$this->dw[$row] = $temp;
|
975 |
-
}
|
976 |
-
|
977 |
-
$col = 0;
|
978 |
-
$row++;
|
979 |
-
}
|
980 |
-
$this->w[$row][$col] = $w[$i];
|
981 |
-
}
|
982 |
-
|
983 |
-
$this->dw[$row] = $this->w[$row];
|
984 |
-
|
985 |
-
$this->changed = false;
|
986 |
-
}
|
987 |
-
|
988 |
-
/**
|
989 |
-
* Performs S-Box substitutions
|
990 |
-
*
|
991 |
-
* @access private
|
992 |
-
*/
|
993 |
-
function _subWord($word)
|
994 |
-
{
|
995 |
-
static $sbox0, $sbox1, $sbox2, $sbox3;
|
996 |
-
|
997 |
-
if (empty($sbox0)) {
|
998 |
-
$sbox0 = array(
|
999 |
-
0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
|
1000 |
-
0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
|
1001 |
-
0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
|
1002 |
-
0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
|
1003 |
-
0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
|
1004 |
-
0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
|
1005 |
-
0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
|
1006 |
-
0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
|
1007 |
-
0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
|
1008 |
-
0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
|
1009 |
-
0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
|
1010 |
-
0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
|
1011 |
-
0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
|
1012 |
-
0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
|
1013 |
-
0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
|
1014 |
-
0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
|
1015 |
-
);
|
1016 |
-
|
1017 |
-
$sbox1 = array();
|
1018 |
-
$sbox2 = array();
|
1019 |
-
$sbox3 = array();
|
1020 |
-
|
1021 |
-
for ($i = 0; $i < 256; $i++) {
|
1022 |
-
$sbox1[$i << 8] = $sbox0[$i] << 8;
|
1023 |
-
$sbox2[$i << 16] = $sbox0[$i] << 16;
|
1024 |
-
$sbox3[$i << 24] = $sbox0[$i] << 24;
|
1025 |
-
}
|
1026 |
-
}
|
1027 |
-
|
1028 |
-
return $sbox0[$word & 0x000000FF] |
|
1029 |
-
$sbox1[$word & 0x0000FF00] |
|
1030 |
-
$sbox2[$word & 0x00FF0000] |
|
1031 |
-
$sbox3[$word & 0xFF000000];
|
1032 |
-
}
|
1033 |
-
|
1034 |
-
/**
|
1035 |
-
* Performs inverse S-Box substitutions
|
1036 |
-
*
|
1037 |
-
* @access private
|
1038 |
-
*/
|
1039 |
-
function _invSubWord($word)
|
1040 |
-
{
|
1041 |
-
static $sbox0, $sbox1, $sbox2, $sbox3;
|
1042 |
-
|
1043 |
-
if (empty($sbox0)) {
|
1044 |
-
$sbox0 = array(
|
1045 |
-
0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
|
1046 |
-
0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
|
1047 |
-
0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
|
1048 |
-
0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
|
1049 |
-
0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
|
1050 |
-
0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
|
1051 |
-
0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
|
1052 |
-
0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
|
1053 |
-
0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
|
1054 |
-
0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
|
1055 |
-
0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
|
1056 |
-
0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
|
1057 |
-
0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
|
1058 |
-
0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
|
1059 |
-
0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
|
1060 |
-
0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
|
1061 |
-
);
|
1062 |
-
|
1063 |
-
$sbox1 = array();
|
1064 |
-
$sbox2 = array();
|
1065 |
-
$sbox3 = array();
|
1066 |
-
|
1067 |
-
for ($i = 0; $i < 256; $i++) {
|
1068 |
-
$sbox1[$i << 8] = $sbox0[$i] << 8;
|
1069 |
-
$sbox2[$i << 16] = $sbox0[$i] << 16;
|
1070 |
-
$sbox3[$i << 24] = $sbox0[$i] << 24;
|
1071 |
-
}
|
1072 |
-
}
|
1073 |
-
|
1074 |
-
return $sbox0[$word & 0x000000FF] |
|
1075 |
-
$sbox1[$word & 0x0000FF00] |
|
1076 |
-
$sbox2[$word & 0x00FF0000] |
|
1077 |
-
$sbox3[$word & 0xFF000000];
|
1078 |
-
}
|
1079 |
-
|
1080 |
-
/**
|
1081 |
-
* Pad "packets".
|
1082 |
-
*
|
1083 |
-
* Rijndael works by encrypting between sixteen and thirty-two bytes at a time, provided that number is also a multiple
|
1084 |
-
* of four. If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to
|
1085 |
-
* pad the input so that it is of the proper length.
|
1086 |
-
*
|
1087 |
-
* Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH,
|
1088 |
-
* where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
|
1089 |
-
* away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
|
1090 |
-
* transmitted separately)
|
1091 |
-
*
|
1092 |
-
* @see Crypt_Rijndael::disablePadding()
|
1093 |
-
* @access public
|
1094 |
-
*/
|
1095 |
-
function enablePadding()
|
1096 |
-
{
|
1097 |
-
$this->padding = true;
|
1098 |
-
}
|
1099 |
-
|
1100 |
-
/**
|
1101 |
-
* Do not pad packets.
|
1102 |
-
*
|
1103 |
-
* @see Crypt_Rijndael::enablePadding()
|
1104 |
-
* @access public
|
1105 |
-
*/
|
1106 |
-
function disablePadding()
|
1107 |
-
{
|
1108 |
-
$this->padding = false;
|
1109 |
-
}
|
1110 |
-
|
1111 |
-
/**
|
1112 |
-
* Pads a string
|
1113 |
-
*
|
1114 |
-
* Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize.
|
1115 |
-
* $block_size - (strlen($text) % $block_size) bytes are added, each of which is equal to
|
1116 |
-
* chr($block_size - (strlen($text) % $block_size)
|
1117 |
-
*
|
1118 |
-
* If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
|
1119 |
-
* and padding will, hence forth, be enabled.
|
1120 |
-
*
|
1121 |
-
* @see Crypt_Rijndael::_unpad()
|
1122 |
-
* @access private
|
1123 |
-
*/
|
1124 |
-
function _pad($text)
|
1125 |
-
{
|
1126 |
-
$length = strlen($text);
|
1127 |
-
|
1128 |
-
if (!$this->padding) {
|
1129 |
-
if ($length % $this->block_size == 0) {
|
1130 |
-
return $text;
|
1131 |
-
} else {
|
1132 |
-
user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})", E_USER_NOTICE);
|
1133 |
-
$this->padding = true;
|
1134 |
-
}
|
1135 |
-
}
|
1136 |
-
|
1137 |
-
$pad = $this->block_size - ($length % $this->block_size);
|
1138 |
-
|
1139 |
-
return str_pad($text, $length + $pad, chr($pad));
|
1140 |
-
}
|
1141 |
-
|
1142 |
-
/**
|
1143 |
-
* Unpads a string.
|
1144 |
-
*
|
1145 |
-
* If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
|
1146 |
-
* and false will be returned.
|
1147 |
-
*
|
1148 |
-
* @see Crypt_Rijndael::_pad()
|
1149 |
-
* @access private
|
1150 |
-
*/
|
1151 |
-
function _unpad($text)
|
1152 |
-
{
|
1153 |
-
if (!$this->padding) {
|
1154 |
-
return $text;
|
1155 |
-
}
|
1156 |
-
|
1157 |
-
$length = ord($text[strlen($text) - 1]);
|
1158 |
-
|
1159 |
-
if (!$length || $length > $this->block_size) {
|
1160 |
-
return false;
|
1161 |
-
}
|
1162 |
-
|
1163 |
-
return substr($text, 0, -$length);
|
1164 |
-
}
|
1165 |
-
|
1166 |
-
/**
|
1167 |
-
* Treat consecutive "packets" as if they are a continuous buffer.
|
1168 |
-
*
|
1169 |
-
* Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
1170 |
-
* will yield different outputs:
|
1171 |
-
*
|
1172 |
-
* <code>
|
1173 |
-
* echo $rijndael->encrypt(substr($plaintext, 0, 16));
|
1174 |
-
* echo $rijndael->encrypt(substr($plaintext, 16, 16));
|
1175 |
-
* </code>
|
1176 |
-
* <code>
|
1177 |
-
* echo $rijndael->encrypt($plaintext);
|
1178 |
-
* </code>
|
1179 |
-
*
|
1180 |
-
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
1181 |
-
* another, as demonstrated with the following:
|
1182 |
-
*
|
1183 |
-
* <code>
|
1184 |
-
* $rijndael->encrypt(substr($plaintext, 0, 16));
|
1185 |
-
* echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
|
1186 |
-
* </code>
|
1187 |
-
* <code>
|
1188 |
-
* echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
|
1189 |
-
* </code>
|
1190 |
-
*
|
1191 |
-
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
1192 |
-
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
1193 |
-
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
1194 |
-
*
|
1195 |
-
* Put another way, when the continuous buffer is enabled, the state of the Crypt_Rijndael() object changes after each
|
1196 |
-
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
1197 |
-
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
1198 |
-
* however, they are also less intuitive and more likely to cause you problems.
|
1199 |
-
*
|
1200 |
-
* @see Crypt_Rijndael::disableContinuousBuffer()
|
1201 |
-
* @access public
|
1202 |
-
*/
|
1203 |
-
function enableContinuousBuffer()
|
1204 |
-
{
|
1205 |
-
$this->continuousBuffer = true;
|
1206 |
-
}
|
1207 |
-
|
1208 |
-
/**
|
1209 |
-
* Treat consecutive packets as if they are a discontinuous buffer.
|
1210 |
-
*
|
1211 |
-
* The default behavior.
|
1212 |
-
*
|
1213 |
-
* @see Crypt_Rijndael::enableContinuousBuffer()
|
1214 |
-
* @access public
|
1215 |
-
*/
|
1216 |
-
function disableContinuousBuffer()
|
1217 |
-
{
|
1218 |
-
$this->continuousBuffer = false;
|
1219 |
-
$this->encryptIV = $this->iv;
|
1220 |
-
$this->decryptIV = $this->iv;
|
1221 |
-
}
|
1222 |
-
|
1223 |
-
/**
|
1224 |
-
* String Shift
|
1225 |
-
*
|
1226 |
-
* Inspired by array_shift
|
1227 |
-
*
|
1228 |
-
* @param String $string
|
1229 |
-
* @param optional Integer $index
|
1230 |
-
* @return String
|
1231 |
-
* @access private
|
1232 |
-
*/
|
1233 |
-
function _string_shift(&$string, $index = 1)
|
1234 |
-
{
|
1235 |
-
$substr = substr($string, 0, $index);
|
1236 |
-
$string = substr($string, $index);
|
1237 |
-
return $substr;
|
1238 |
-
}
|
1239 |
-
}
|
1240 |
-
|
1241 |
-
// vim: ts=4:sw=4:et:
|
1242 |
-
// vim6: fdl=1:
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of Rijndael.
|
6 |
+
*
|
7 |
+
* Does not use mcrypt, even when available, for reasons that are explained below.
|
8 |
+
*
|
9 |
+
* PHP versions 4 and 5
|
10 |
+
*
|
11 |
+
* If {@link Crypt_Rijndael::setBlockLength() setBlockLength()} isn't called, it'll be assumed to be 128 bits. If
|
12 |
+
* {@link Crypt_Rijndael::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
13 |
+
* {@link Crypt_Rijndael::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's
|
14 |
+
* 136-bits it'll be null-padded to 160-bits and 160 bits will be the key length until
|
15 |
+
* {@link Crypt_Rijndael::setKey() setKey()} is called, again, at which point, it'll be recalculated.
|
16 |
+
*
|
17 |
+
* Not all Rijndael implementations may support 160-bits or 224-bits as the block length / key length. mcrypt, for example,
|
18 |
+
* does not. AES, itself, only supports block lengths of 128 and key lengths of 128, 192, and 256.
|
19 |
+
* {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=10 Rijndael-ammended.pdf#page=10} defines the
|
20 |
+
* algorithm for block lengths of 192 and 256 but not for block lengths / key lengths of 160 and 224. Indeed, 160 and 224
|
21 |
+
* are first defined as valid key / block lengths in
|
22 |
+
* {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=44 Rijndael-ammended.pdf#page=44}:
|
23 |
+
* Extensions: Other block and Cipher Key lengths.
|
24 |
+
*
|
25 |
+
* {@internal The variable names are the same as those in
|
26 |
+
* {@link http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf#page=10 fips-197.pdf#page=10}.}}
|
27 |
+
*
|
28 |
+
* Here's a short example of how to use this library:
|
29 |
+
* <code>
|
30 |
+
* <?php
|
31 |
+
* include('Crypt/Rijndael.php');
|
32 |
+
*
|
33 |
+
* $rijndael = new Crypt_Rijndael();
|
34 |
+
*
|
35 |
+
* $rijndael->setKey('abcdefghijklmnop');
|
36 |
+
*
|
37 |
+
* $size = 10 * 1024;
|
38 |
+
* $plaintext = '';
|
39 |
+
* for ($i = 0; $i < $size; $i++) {
|
40 |
+
* $plaintext.= 'a';
|
41 |
+
* }
|
42 |
+
*
|
43 |
+
* echo $rijndael->decrypt($rijndael->encrypt($plaintext));
|
44 |
+
* ?>
|
45 |
+
* </code>
|
46 |
+
*
|
47 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
48 |
+
* modify it under the terms of the GNU Lesser General Public
|
49 |
+
* License as published by the Free Software Foundation; either
|
50 |
+
* version 2.1 of the License, or (at your option) any later version.
|
51 |
+
*
|
52 |
+
* This library is distributed in the hope that it will be useful,
|
53 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
54 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
55 |
+
* Lesser General Public License for more details.
|
56 |
+
*
|
57 |
+
* You should have received a copy of the GNU Lesser General Public
|
58 |
+
* License along with this library; if not, write to the Free Software
|
59 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
60 |
+
* MA 02111-1307 USA
|
61 |
+
*
|
62 |
+
* @category Crypt
|
63 |
+
* @package Crypt_Rijndael
|
64 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
65 |
+
* @copyright MMVIII Jim Wigginton
|
66 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
67 |
+
* @version $Id: Rijndael.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
|
68 |
+
* @link http://phpseclib.sourceforge.net
|
69 |
+
*/
|
70 |
+
|
71 |
+
/**#@+
|
72 |
+
* @access public
|
73 |
+
* @see Crypt_Rijndael::encrypt()
|
74 |
+
* @see Crypt_Rijndael::decrypt()
|
75 |
+
*/
|
76 |
+
/**
|
77 |
+
* Encrypt / decrypt using the Counter mode.
|
78 |
+
*
|
79 |
+
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
80 |
+
*
|
81 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
82 |
+
*/
|
83 |
+
define('CRYPT_RIJNDAEL_MODE_CTR', -1);
|
84 |
+
/**
|
85 |
+
* Encrypt / decrypt using the Electronic Code Book mode.
|
86 |
+
*
|
87 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
88 |
+
*/
|
89 |
+
define('CRYPT_RIJNDAEL_MODE_ECB', 1);
|
90 |
+
/**
|
91 |
+
* Encrypt / decrypt using the Code Book Chaining mode.
|
92 |
+
*
|
93 |
+
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
94 |
+
*/
|
95 |
+
define('CRYPT_RIJNDAEL_MODE_CBC', 2);
|
96 |
+
/**#@-*/
|
97 |
+
|
98 |
+
/**#@+
|
99 |
+
* @access private
|
100 |
+
* @see Crypt_Rijndael::Crypt_Rijndael()
|
101 |
+
*/
|
102 |
+
/**
|
103 |
+
* Toggles the internal implementation
|
104 |
+
*/
|
105 |
+
define('CRYPT_RIJNDAEL_MODE_INTERNAL', 1);
|
106 |
+
/**
|
107 |
+
* Toggles the mcrypt implementation
|
108 |
+
*/
|
109 |
+
define('CRYPT_RIJNDAEL_MODE_MCRYPT', 2);
|
110 |
+
/**#@-*/
|
111 |
+
|
112 |
+
/**
|
113 |
+
* Pure-PHP implementation of Rijndael.
|
114 |
+
*
|
115 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
116 |
+
* @version 0.1.0
|
117 |
+
* @access public
|
118 |
+
* @package Crypt_Rijndael
|
119 |
+
*/
|
120 |
+
class Crypt_Rijndael {
|
121 |
+
/**
|
122 |
+
* The Encryption Mode
|
123 |
+
*
|
124 |
+
* @see Crypt_Rijndael::Crypt_Rijndael()
|
125 |
+
* @var Integer
|
126 |
+
* @access private
|
127 |
+
*/
|
128 |
+
var $mode;
|
129 |
+
|
130 |
+
/**
|
131 |
+
* The Key
|
132 |
+
*
|
133 |
+
* @see Crypt_Rijndael::setKey()
|
134 |
+
* @var String
|
135 |
+
* @access private
|
136 |
+
*/
|
137 |
+
var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
|
138 |
+
|
139 |
+
/**
|
140 |
+
* The Initialization Vector
|
141 |
+
*
|
142 |
+
* @see Crypt_Rijndael::setIV()
|
143 |
+
* @var String
|
144 |
+
* @access private
|
145 |
+
*/
|
146 |
+
var $iv = '';
|
147 |
+
|
148 |
+
/**
|
149 |
+
* A "sliding" Initialization Vector
|
150 |
+
*
|
151 |
+
* @see Crypt_Rijndael::enableContinuousBuffer()
|
152 |
+
* @var String
|
153 |
+
* @access private
|
154 |
+
*/
|
155 |
+
var $encryptIV = '';
|
156 |
+
|
157 |
+
/**
|
158 |
+
* A "sliding" Initialization Vector
|
159 |
+
*
|
160 |
+
* @see Crypt_Rijndael::enableContinuousBuffer()
|
161 |
+
* @var String
|
162 |
+
* @access private
|
163 |
+
*/
|
164 |
+
var $decryptIV = '';
|
165 |
+
|
166 |
+
/**
|
167 |
+
* Continuous Buffer status
|
168 |
+
*
|
169 |
+
* @see Crypt_Rijndael::enableContinuousBuffer()
|
170 |
+
* @var Boolean
|
171 |
+
* @access private
|
172 |
+
*/
|
173 |
+
var $continuousBuffer = false;
|
174 |
+
|
175 |
+
/**
|
176 |
+
* Padding status
|
177 |
+
*
|
178 |
+
* @see Crypt_Rijndael::enablePadding()
|
179 |
+
* @var Boolean
|
180 |
+
* @access private
|
181 |
+
*/
|
182 |
+
var $padding = true;
|
183 |
+
|
184 |
+
/**
|
185 |
+
* Does the key schedule need to be (re)calculated?
|
186 |
+
*
|
187 |
+
* @see setKey()
|
188 |
+
* @see setBlockLength()
|
189 |
+
* @see setKeyLength()
|
190 |
+
* @var Boolean
|
191 |
+
* @access private
|
192 |
+
*/
|
193 |
+
var $changed = true;
|
194 |
+
|
195 |
+
/**
|
196 |
+
* Has the key length explicitly been set or should it be derived from the key, itself?
|
197 |
+
*
|
198 |
+
* @see setKeyLength()
|
199 |
+
* @var Boolean
|
200 |
+
* @access private
|
201 |
+
*/
|
202 |
+
var $explicit_key_length = false;
|
203 |
+
|
204 |
+
/**
|
205 |
+
* The Key Schedule
|
206 |
+
*
|
207 |
+
* @see _setup()
|
208 |
+
* @var Array
|
209 |
+
* @access private
|
210 |
+
*/
|
211 |
+
var $w;
|
212 |
+
|
213 |
+
/**
|
214 |
+
* The Inverse Key Schedule
|
215 |
+
*
|
216 |
+
* @see _setup()
|
217 |
+
* @var Array
|
218 |
+
* @access private
|
219 |
+
*/
|
220 |
+
var $dw;
|
221 |
+
|
222 |
+
/**
|
223 |
+
* The Block Length
|
224 |
+
*
|
225 |
+
* @see setBlockLength()
|
226 |
+
* @var Integer
|
227 |
+
* @access private
|
228 |
+
* @internal The max value is 32, the min value is 16. All valid values are multiples of 4. Exists in conjunction with
|
229 |
+
* $Nb because we need this value and not $Nb to pad strings appropriately.
|
230 |
+
*/
|
231 |
+
var $block_size = 16;
|
232 |
+
|
233 |
+
/**
|
234 |
+
* The Block Length divided by 32
|
235 |
+
*
|
236 |
+
* @see setBlockLength()
|
237 |
+
* @var Integer
|
238 |
+
* @access private
|
239 |
+
* @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size
|
240 |
+
* because the encryption / decryption / key schedule creation requires this number and not $block_size. We could
|
241 |
+
* derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
242 |
+
* of that, we'll just precompute it once.
|
243 |
+
*
|
244 |
+
*/
|
245 |
+
var $Nb = 4;
|
246 |
+
|
247 |
+
/**
|
248 |
+
* The Key Length
|
249 |
+
*
|
250 |
+
* @see setKeyLength()
|
251 |
+
* @var Integer
|
252 |
+
* @access private
|
253 |
+
* @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $key_size
|
254 |
+
* because the encryption / decryption / key schedule creation requires this number and not $key_size. We could
|
255 |
+
* derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
|
256 |
+
* of that, we'll just precompute it once.
|
257 |
+
*/
|
258 |
+
var $key_size = 16;
|
259 |
+
|
260 |
+
/**
|
261 |
+
* The Key Length divided by 32
|
262 |
+
*
|
263 |
+
* @see setKeyLength()
|
264 |
+
* @var Integer
|
265 |
+
* @access private
|
266 |
+
* @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4
|
267 |
+
*/
|
268 |
+
var $Nk = 4;
|
269 |
+
|
270 |
+
/**
|
271 |
+
* The Number of Rounds
|
272 |
+
*
|
273 |
+
* @var Integer
|
274 |
+
* @access private
|
275 |
+
* @internal The max value is 14, the min value is 10.
|
276 |
+
*/
|
277 |
+
var $Nr;
|
278 |
+
|
279 |
+
/**
|
280 |
+
* Shift offsets
|
281 |
+
*
|
282 |
+
* @var Array
|
283 |
+
* @access private
|
284 |
+
*/
|
285 |
+
var $c;
|
286 |
+
|
287 |
+
/**
|
288 |
+
* Precomputed mixColumns table
|
289 |
+
*
|
290 |
+
* @see Crypt_Rijndael()
|
291 |
+
* @var Array
|
292 |
+
* @access private
|
293 |
+
*/
|
294 |
+
var $t0;
|
295 |
+
|
296 |
+
/**
|
297 |
+
* Precomputed mixColumns table
|
298 |
+
*
|
299 |
+
* @see Crypt_Rijndael()
|
300 |
+
* @var Array
|
301 |
+
* @access private
|
302 |
+
*/
|
303 |
+
var $t1;
|
304 |
+
|
305 |
+
/**
|
306 |
+
* Precomputed mixColumns table
|
307 |
+
*
|
308 |
+
* @see Crypt_Rijndael()
|
309 |
+
* @var Array
|
310 |
+
* @access private
|
311 |
+
*/
|
312 |
+
var $t2;
|
313 |
+
|
314 |
+
/**
|
315 |
+
* Precomputed mixColumns table
|
316 |
+
*
|
317 |
+
* @see Crypt_Rijndael()
|
318 |
+
* @var Array
|
319 |
+
* @access private
|
320 |
+
*/
|
321 |
+
var $t3;
|
322 |
+
|
323 |
+
/**
|
324 |
+
* Precomputed invMixColumns table
|
325 |
+
*
|
326 |
+
* @see Crypt_Rijndael()
|
327 |
+
* @var Array
|
328 |
+
* @access private
|
329 |
+
*/
|
330 |
+
var $dt0;
|
331 |
+
|
332 |
+
/**
|
333 |
+
* Precomputed invMixColumns table
|
334 |
+
*
|
335 |
+
* @see Crypt_Rijndael()
|
336 |
+
* @var Array
|
337 |
+
* @access private
|
338 |
+
*/
|
339 |
+
var $dt1;
|
340 |
+
|
341 |
+
/**
|
342 |
+
* Precomputed invMixColumns table
|
343 |
+
*
|
344 |
+
* @see Crypt_Rijndael()
|
345 |
+
* @var Array
|
346 |
+
* @access private
|
347 |
+
*/
|
348 |
+
var $dt2;
|
349 |
+
|
350 |
+
/**
|
351 |
+
* Precomputed invMixColumns table
|
352 |
+
*
|
353 |
+
* @see Crypt_Rijndael()
|
354 |
+
* @var Array
|
355 |
+
* @access private
|
356 |
+
*/
|
357 |
+
var $dt3;
|
358 |
+
|
359 |
+
/**
|
360 |
+
* Default Constructor.
|
361 |
+
*
|
362 |
+
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
363 |
+
* CRYPT_RIJNDAEL_MODE_ECB or CRYPT_RIJNDAEL_MODE_CBC. If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used.
|
364 |
+
*
|
365 |
+
* @param optional Integer $mode
|
366 |
+
* @return Crypt_Rijndael
|
367 |
+
* @access public
|
368 |
+
*/
|
369 |
+
function Crypt_Rijndael($mode = CRYPT_RIJNDAEL_MODE_CBC)
|
370 |
+
{
|
371 |
+
switch ($mode) {
|
372 |
+
case CRYPT_RIJNDAEL_MODE_ECB:
|
373 |
+
case CRYPT_RIJNDAEL_MODE_CBC:
|
374 |
+
case CRYPT_RIJNDAEL_MODE_CTR:
|
375 |
+
$this->mode = $mode;
|
376 |
+
break;
|
377 |
+
default:
|
378 |
+
$this->mode = CRYPT_RIJNDAEL_MODE_CBC;
|
379 |
+
}
|
380 |
+
|
381 |
+
$t3 = &$this->t3;
|
382 |
+
$t2 = &$this->t2;
|
383 |
+
$t1 = &$this->t1;
|
384 |
+
$t0 = &$this->t0;
|
385 |
+
|
386 |
+
$dt3 = &$this->dt3;
|
387 |
+
$dt2 = &$this->dt2;
|
388 |
+
$dt1 = &$this->dt1;
|
389 |
+
$dt0 = &$this->dt0;
|
390 |
+
|
391 |
+
// according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=19> (section 5.2.1),
|
392 |
+
// precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so
|
393 |
+
// those are the names we'll use.
|
394 |
+
$t3 = array(
|
395 |
+
0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491,
|
396 |
+
0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC,
|
397 |
+
0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB,
|
398 |
+
0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B,
|
399 |
+
0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83,
|
400 |
+
0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A,
|
401 |
+
0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F,
|
402 |
+
0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA,
|
403 |
+
0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B,
|
404 |
+
0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713,
|
405 |
+
0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6,
|
406 |
+
0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85,
|
407 |
+
0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411,
|
408 |
+
0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B,
|
409 |
+
0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1,
|
410 |
+
0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF,
|
411 |
+
0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E,
|
412 |
+
0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6,
|
413 |
+
0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B,
|
414 |
+
0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD,
|
415 |
+
0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8,
|
416 |
+
0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2,
|
417 |
+
0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049,
|
418 |
+
0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810,
|
419 |
+
0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197,
|
420 |
+
0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F,
|
421 |
+
0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C,
|
422 |
+
0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927,
|
423 |
+
0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733,
|
424 |
+
0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5,
|
425 |
+
0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0,
|
426 |
+
0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C
|
427 |
+
);
|
428 |
+
|
429 |
+
$dt3 = array(
|
430 |
+
0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B,
|
431 |
+
0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5,
|
432 |
+
0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B,
|
433 |
+
0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E,
|
434 |
+
0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D,
|
435 |
+
0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9,
|
436 |
+
0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66,
|
437 |
+
0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED,
|
438 |
+
0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4,
|
439 |
+
0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD,
|
440 |
+
0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60,
|
441 |
+
0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79,
|
442 |
+
0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C,
|
443 |
+
0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24,
|
444 |
+
0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C,
|
445 |
+
0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814,
|
446 |
+
0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B,
|
447 |
+
0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084,
|
448 |
+
0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077,
|
449 |
+
0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22,
|
450 |
+
0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F,
|
451 |
+
0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582,
|
452 |
+
0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB,
|
453 |
+
0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF,
|
454 |
+
0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035,
|
455 |
+
0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17,
|
456 |
+
0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46,
|
457 |
+
0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D,
|
458 |
+
0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A,
|
459 |
+
0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678,
|
460 |
+
0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF,
|
461 |
+
0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0
|
462 |
+
);
|
463 |
+
|
464 |
+
for ($i = 0; $i < 256; $i++) {
|
465 |
+
$t2[$i << 8] = (($t3[$i] << 8) & 0xFFFFFF00) | (($t3[$i] >> 24) & 0x000000FF);
|
466 |
+
$t1[$i << 16] = (($t3[$i] << 16) & 0xFFFF0000) | (($t3[$i] >> 16) & 0x0000FFFF);
|
467 |
+
$t0[$i << 24] = (($t3[$i] << 24) & 0xFF000000) | (($t3[$i] >> 8) & 0x00FFFFFF);
|
468 |
+
|
469 |
+
$dt2[$i << 8] = (($this->dt3[$i] << 8) & 0xFFFFFF00) | (($dt3[$i] >> 24) & 0x000000FF);
|
470 |
+
$dt1[$i << 16] = (($this->dt3[$i] << 16) & 0xFFFF0000) | (($dt3[$i] >> 16) & 0x0000FFFF);
|
471 |
+
$dt0[$i << 24] = (($this->dt3[$i] << 24) & 0xFF000000) | (($dt3[$i] >> 8) & 0x00FFFFFF);
|
472 |
+
}
|
473 |
+
}
|
474 |
+
|
475 |
+
/**
|
476 |
+
* Sets the key.
|
477 |
+
*
|
478 |
+
* Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and
|
479 |
+
* whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length
|
480 |
+
* up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the
|
481 |
+
* excess bits.
|
482 |
+
*
|
483 |
+
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
484 |
+
*
|
485 |
+
* @access public
|
486 |
+
* @param String $key
|
487 |
+
*/
|
488 |
+
function setKey($key)
|
489 |
+
{
|
490 |
+
$this->key = $key;
|
491 |
+
$this->changed = true;
|
492 |
+
}
|
493 |
+
|
494 |
+
/**
|
495 |
+
* Sets the initialization vector. (optional)
|
496 |
+
*
|
497 |
+
* SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed
|
498 |
+
* to be all zero's.
|
499 |
+
*
|
500 |
+
* @access public
|
501 |
+
* @param String $iv
|
502 |
+
*/
|
503 |
+
function setIV($iv)
|
504 |
+
{
|
505 |
+
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, $this->block_size), $this->block_size, chr(0));;
|
506 |
+
}
|
507 |
+
|
508 |
+
/**
|
509 |
+
* Sets the key length
|
510 |
+
*
|
511 |
+
* Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
|
512 |
+
* 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
|
513 |
+
*
|
514 |
+
* @access public
|
515 |
+
* @param Integer $length
|
516 |
+
*/
|
517 |
+
function setKeyLength($length)
|
518 |
+
{
|
519 |
+
$length >>= 5;
|
520 |
+
if ($length > 8) {
|
521 |
+
$length = 8;
|
522 |
+
} else if ($length < 4) {
|
523 |
+
$length = 4;
|
524 |
+
}
|
525 |
+
$this->Nk = $length;
|
526 |
+
$this->key_size = $length << 2;
|
527 |
+
|
528 |
+
$this->explicit_key_length = true;
|
529 |
+
$this->changed = true;
|
530 |
+
}
|
531 |
+
|
532 |
+
/**
|
533 |
+
* Sets the block length
|
534 |
+
*
|
535 |
+
* Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
|
536 |
+
* 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
|
537 |
+
*
|
538 |
+
* @access public
|
539 |
+
* @param Integer $length
|
540 |
+
*/
|
541 |
+
function setBlockLength($length)
|
542 |
+
{
|
543 |
+
$length >>= 5;
|
544 |
+
if ($length > 8) {
|
545 |
+
$length = 8;
|
546 |
+
} else if ($length < 4) {
|
547 |
+
$length = 4;
|
548 |
+
}
|
549 |
+
$this->Nb = $length;
|
550 |
+
$this->block_size = $length << 2;
|
551 |
+
$this->changed = true;
|
552 |
+
}
|
553 |
+
|
554 |
+
/**
|
555 |
+
* Generate CTR XOR encryption key
|
556 |
+
*
|
557 |
+
* Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
|
558 |
+
* plaintext / ciphertext in CTR mode.
|
559 |
+
*
|
560 |
+
* @see Crypt_Rijndael::decrypt()
|
561 |
+
* @see Crypt_Rijndael::encrypt()
|
562 |
+
* @access public
|
563 |
+
* @param Integer $length
|
564 |
+
* @param String $iv
|
565 |
+
*/
|
566 |
+
function _generate_xor($length, &$iv)
|
567 |
+
{
|
568 |
+
$xor = '';
|
569 |
+
$block_size = $this->block_size;
|
570 |
+
$num_blocks = floor(($length + ($block_size - 1)) / $block_size);
|
571 |
+
for ($i = 0; $i < $num_blocks; $i++) {
|
572 |
+
$xor.= $iv;
|
573 |
+
for ($j = 4; $j <= $block_size; $j+=4) {
|
574 |
+
$temp = substr($iv, -$j, 4);
|
575 |
+
switch ($temp) {
|
576 |
+
case "\xFF\xFF\xFF\xFF":
|
577 |
+
$iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
|
578 |
+
break;
|
579 |
+
case "\x7F\xFF\xFF\xFF":
|
580 |
+
$iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
|
581 |
+
break 2;
|
582 |
+
default:
|
583 |
+
extract(unpack('Ncount', $temp));
|
584 |
+
$iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
|
585 |
+
break 2;
|
586 |
+
}
|
587 |
+
}
|
588 |
+
}
|
589 |
+
|
590 |
+
return $xor;
|
591 |
+
}
|
592 |
+
|
593 |
+
/**
|
594 |
+
* Encrypts a message.
|
595 |
+
*
|
596 |
+
* $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other Rjindael
|
597 |
+
* implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's
|
598 |
+
* necessary are discussed in the following
|
599 |
+
* URL:
|
600 |
+
*
|
601 |
+
* {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
|
602 |
+
*
|
603 |
+
* An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
|
604 |
+
* strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
|
605 |
+
* length.
|
606 |
+
*
|
607 |
+
* @see Crypt_Rijndael::decrypt()
|
608 |
+
* @access public
|
609 |
+
* @param String $plaintext
|
610 |
+
*/
|
611 |
+
function encrypt($plaintext)
|
612 |
+
{
|
613 |
+
$this->_setup();
|
614 |
+
if ($this->mode != CRYPT_RIJNDAEL_MODE_CTR) {
|
615 |
+
$plaintext = $this->_pad($plaintext);
|
616 |
+
}
|
617 |
+
|
618 |
+
$block_size = $this->block_size;
|
619 |
+
$ciphertext = '';
|
620 |
+
switch ($this->mode) {
|
621 |
+
case CRYPT_RIJNDAEL_MODE_ECB:
|
622 |
+
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
623 |
+
$ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size));
|
624 |
+
}
|
625 |
+
break;
|
626 |
+
case CRYPT_RIJNDAEL_MODE_CBC:
|
627 |
+
$xor = $this->encryptIV;
|
628 |
+
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
629 |
+
$block = substr($plaintext, $i, $block_size);
|
630 |
+
$block = $this->_encryptBlock($block ^ $xor);
|
631 |
+
$xor = $block;
|
632 |
+
$ciphertext.= $block;
|
633 |
+
}
|
634 |
+
if ($this->continuousBuffer) {
|
635 |
+
$this->encryptIV = $xor;
|
636 |
+
}
|
637 |
+
break;
|
638 |
+
case CRYPT_RIJNDAEL_MODE_CTR:
|
639 |
+
$xor = $this->encryptIV;
|
640 |
+
for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
|
641 |
+
$block = substr($plaintext, $i, $block_size);
|
642 |
+
$key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
|
643 |
+
$ciphertext.= $block ^ $key;
|
644 |
+
}
|
645 |
+
if ($this->continuousBuffer) {
|
646 |
+
$this->encryptIV = $xor;
|
647 |
+
}
|
648 |
+
}
|
649 |
+
|
650 |
+
return $ciphertext;
|
651 |
+
}
|
652 |
+
|
653 |
+
/**
|
654 |
+
* Decrypts a message.
|
655 |
+
*
|
656 |
+
* If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until
|
657 |
+
* it is.
|
658 |
+
*
|
659 |
+
* @see Crypt_Rijndael::encrypt()
|
660 |
+
* @access public
|
661 |
+
* @param String $ciphertext
|
662 |
+
*/
|
663 |
+
function decrypt($ciphertext)
|
664 |
+
{
|
665 |
+
$this->_setup();
|
666 |
+
|
667 |
+
if ($this->mode != CRYPT_RIJNDAEL_MODE_CTR) {
|
668 |
+
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
669 |
+
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
670 |
+
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + $this->block_size - 1) % $this->block_size, chr(0));
|
671 |
+
}
|
672 |
+
|
673 |
+
$block_size = $this->block_size;
|
674 |
+
$plaintext = '';
|
675 |
+
switch ($this->mode) {
|
676 |
+
case CRYPT_RIJNDAEL_MODE_ECB:
|
677 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
678 |
+
$plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size));
|
679 |
+
}
|
680 |
+
break;
|
681 |
+
case CRYPT_RIJNDAEL_MODE_CBC:
|
682 |
+
$xor = $this->decryptIV;
|
683 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
684 |
+
$block = substr($ciphertext, $i, $block_size);
|
685 |
+
$plaintext.= $this->_decryptBlock($block) ^ $xor;
|
686 |
+
$xor = $block;
|
687 |
+
}
|
688 |
+
if ($this->continuousBuffer) {
|
689 |
+
$this->decryptIV = $xor;
|
690 |
+
}
|
691 |
+
break;
|
692 |
+
case CRYPT_RIJNDAEL_MODE_CTR:
|
693 |
+
$xor = $this->decryptIV;
|
694 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
|
695 |
+
$block = substr($ciphertext, $i, $block_size);
|
696 |
+
$key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
|
697 |
+
$plaintext.= $block ^ $key;
|
698 |
+
}
|
699 |
+
if ($this->continuousBuffer) {
|
700 |
+
$this->decryptIV = $xor;
|
701 |
+
}
|
702 |
+
}
|
703 |
+
|
704 |
+
return $this->mode != CRYPT_RIJNDAEL_MODE_CTR ? $this->_unpad($plaintext) : $plaintext;
|
705 |
+
}
|
706 |
+
|
707 |
+
/**
|
708 |
+
* Encrypts a block
|
709 |
+
*
|
710 |
+
* @access private
|
711 |
+
* @param String $in
|
712 |
+
* @return String
|
713 |
+
*/
|
714 |
+
function _encryptBlock($in)
|
715 |
+
{
|
716 |
+
$state = array();
|
717 |
+
$words = unpack('N*word', $in);
|
718 |
+
|
719 |
+
$w = $this->w;
|
720 |
+
$t0 = $this->t0;
|
721 |
+
$t1 = $this->t1;
|
722 |
+
$t2 = $this->t2;
|
723 |
+
$t3 = $this->t3;
|
724 |
+
$Nb = $this->Nb;
|
725 |
+
$Nr = $this->Nr;
|
726 |
+
$c = $this->c;
|
727 |
+
|
728 |
+
// addRoundKey
|
729 |
+
$i = 0;
|
730 |
+
foreach ($words as $word) {
|
731 |
+
$state[] = $word ^ $w[0][$i++];
|
732 |
+
}
|
733 |
+
|
734 |
+
// fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components -
|
735 |
+
// subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding
|
736 |
+
// Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf.
|
737 |
+
// Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization.
|
738 |
+
// Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1],
|
739 |
+
// equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well.
|
740 |
+
|
741 |
+
// [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf
|
742 |
+
$temp = array();
|
743 |
+
for ($round = 1; $round < $Nr; $round++) {
|
744 |
+
$i = 0; // $c[0] == 0
|
745 |
+
$j = $c[1];
|
746 |
+
$k = $c[2];
|
747 |
+
$l = $c[3];
|
748 |
+
|
749 |
+
while ($i < $this->Nb) {
|
750 |
+
$temp[$i] = $t0[$state[$i] & 0xFF000000] ^
|
751 |
+
$t1[$state[$j] & 0x00FF0000] ^
|
752 |
+
$t2[$state[$k] & 0x0000FF00] ^
|
753 |
+
$t3[$state[$l] & 0x000000FF] ^
|
754 |
+
$w[$round][$i];
|
755 |
+
$i++;
|
756 |
+
$j = ($j + 1) % $Nb;
|
757 |
+
$k = ($k + 1) % $Nb;
|
758 |
+
$l = ($l + 1) % $Nb;
|
759 |
+
}
|
760 |
+
|
761 |
+
for ($i = 0; $i < $Nb; $i++) {
|
762 |
+
$state[$i] = $temp[$i];
|
763 |
+
}
|
764 |
+
}
|
765 |
+
|
766 |
+
// subWord
|
767 |
+
for ($i = 0; $i < $Nb; $i++) {
|
768 |
+
$state[$i] = $this->_subWord($state[$i]);
|
769 |
+
}
|
770 |
+
|
771 |
+
// shiftRows + addRoundKey
|
772 |
+
$i = 0; // $c[0] == 0
|
773 |
+
$j = $c[1];
|
774 |
+
$k = $c[2];
|
775 |
+
$l = $c[3];
|
776 |
+
while ($i < $this->Nb) {
|
777 |
+
$temp[$i] = ($state[$i] & 0xFF000000) ^
|
778 |
+
($state[$j] & 0x00FF0000) ^
|
779 |
+
($state[$k] & 0x0000FF00) ^
|
780 |
+
($state[$l] & 0x000000FF) ^
|
781 |
+
$w[$Nr][$i];
|
782 |
+
$i++;
|
783 |
+
$j = ($j + 1) % $Nb;
|
784 |
+
$k = ($k + 1) % $Nb;
|
785 |
+
$l = ($l + 1) % $Nb;
|
786 |
+
}
|
787 |
+
$state = $temp;
|
788 |
+
|
789 |
+
array_unshift($state, 'N*');
|
790 |
+
|
791 |
+
return call_user_func_array('pack', $state);
|
792 |
+
}
|
793 |
+
|
794 |
+
/**
|
795 |
+
* Decrypts a block
|
796 |
+
*
|
797 |
+
* @access private
|
798 |
+
* @param String $in
|
799 |
+
* @return String
|
800 |
+
*/
|
801 |
+
function _decryptBlock($in)
|
802 |
+
{
|
803 |
+
$state = array();
|
804 |
+
$words = unpack('N*word', $in);
|
805 |
+
|
806 |
+
$num_states = count($state);
|
807 |
+
$dw = $this->dw;
|
808 |
+
$dt0 = $this->dt0;
|
809 |
+
$dt1 = $this->dt1;
|
810 |
+
$dt2 = $this->dt2;
|
811 |
+
$dt3 = $this->dt3;
|
812 |
+
$Nb = $this->Nb;
|
813 |
+
$Nr = $this->Nr;
|
814 |
+
$c = $this->c;
|
815 |
+
|
816 |
+
// addRoundKey
|
817 |
+
$i = 0;
|
818 |
+
foreach ($words as $word) {
|
819 |
+
$state[] = $word ^ $dw[$Nr][$i++];
|
820 |
+
}
|
821 |
+
|
822 |
+
$temp = array();
|
823 |
+
for ($round = $Nr - 1; $round > 0; $round--) {
|
824 |
+
$i = 0; // $c[0] == 0
|
825 |
+
$j = $Nb - $c[1];
|
826 |
+
$k = $Nb - $c[2];
|
827 |
+
$l = $Nb - $c[3];
|
828 |
+
|
829 |
+
while ($i < $Nb) {
|
830 |
+
$temp[$i] = $dt0[$state[$i] & 0xFF000000] ^
|
831 |
+
$dt1[$state[$j] & 0x00FF0000] ^
|
832 |
+
$dt2[$state[$k] & 0x0000FF00] ^
|
833 |
+
$dt3[$state[$l] & 0x000000FF] ^
|
834 |
+
$dw[$round][$i];
|
835 |
+
$i++;
|
836 |
+
$j = ($j + 1) % $Nb;
|
837 |
+
$k = ($k + 1) % $Nb;
|
838 |
+
$l = ($l + 1) % $Nb;
|
839 |
+
}
|
840 |
+
|
841 |
+
for ($i = 0; $i < $Nb; $i++) {
|
842 |
+
$state[$i] = $temp[$i];
|
843 |
+
}
|
844 |
+
}
|
845 |
+
|
846 |
+
// invShiftRows + invSubWord + addRoundKey
|
847 |
+
$i = 0; // $c[0] == 0
|
848 |
+
$j = $Nb - $c[1];
|
849 |
+
$k = $Nb - $c[2];
|
850 |
+
$l = $Nb - $c[3];
|
851 |
+
|
852 |
+
while ($i < $Nb) {
|
853 |
+
$temp[$i] = $dw[0][$i] ^
|
854 |
+
$this->_invSubWord(($state[$i] & 0xFF000000) |
|
855 |
+
($state[$j] & 0x00FF0000) |
|
856 |
+
($state[$k] & 0x0000FF00) |
|
857 |
+
($state[$l] & 0x000000FF));
|
858 |
+
$i++;
|
859 |
+
$j = ($j + 1) % $Nb;
|
860 |
+
$k = ($k + 1) % $Nb;
|
861 |
+
$l = ($l + 1) % $Nb;
|
862 |
+
}
|
863 |
+
|
864 |
+
$state = $temp;
|
865 |
+
|
866 |
+
array_unshift($state, 'N*');
|
867 |
+
|
868 |
+
return call_user_func_array('pack', $state);
|
869 |
+
}
|
870 |
+
|
871 |
+
/**
|
872 |
+
* Setup Rijndael
|
873 |
+
*
|
874 |
+
* Validates all the variables and calculates $Nr - the number of rounds that need to be performed - and $w - the key
|
875 |
+
* key schedule.
|
876 |
+
*
|
877 |
+
* @access private
|
878 |
+
*/
|
879 |
+
function _setup()
|
880 |
+
{
|
881 |
+
// Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field.
|
882 |
+
// See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse
|
883 |
+
static $rcon = array(0,
|
884 |
+
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
|
885 |
+
0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000,
|
886 |
+
0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000,
|
887 |
+
0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000,
|
888 |
+
0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000,
|
889 |
+
0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000
|
890 |
+
);
|
891 |
+
|
892 |
+
if (!$this->changed) {
|
893 |
+
return;
|
894 |
+
}
|
895 |
+
|
896 |
+
if (!$this->explicit_key_length) {
|
897 |
+
// we do >> 2, here, and not >> 5, as we do above, since strlen($this->key) tells us the number of bytes - not bits
|
898 |
+
$length = strlen($this->key) >> 2;
|
899 |
+
if ($length > 8) {
|
900 |
+
$length = 8;
|
901 |
+
} else if ($length < 4) {
|
902 |
+
$length = 4;
|
903 |
+
}
|
904 |
+
$this->Nk = $length;
|
905 |
+
$this->key_size = $length << 2;
|
906 |
+
}
|
907 |
+
|
908 |
+
$this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0));
|
909 |
+
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, chr(0));
|
910 |
+
|
911 |
+
// see Rijndael-ammended.pdf#page=44
|
912 |
+
$this->Nr = max($this->Nk, $this->Nb) + 6;
|
913 |
+
|
914 |
+
// shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44,
|
915 |
+
// "Table 8: Shift offsets in Shiftrow for the alternative block lengths"
|
916 |
+
// shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14,
|
917 |
+
// "Table 2: Shift offsets for different block lengths"
|
918 |
+
switch ($this->Nb) {
|
919 |
+
case 4:
|
920 |
+
case 5:
|
921 |
+
case 6:
|
922 |
+
$this->c = array(0, 1, 2, 3);
|
923 |
+
break;
|
924 |
+
case 7:
|
925 |
+
$this->c = array(0, 1, 2, 4);
|
926 |
+
break;
|
927 |
+
case 8:
|
928 |
+
$this->c = array(0, 1, 3, 4);
|
929 |
+
}
|
930 |
+
|
931 |
+
$key = $this->key;
|
932 |
+
|
933 |
+
$w = array_values(unpack('N*words', $key));
|
934 |
+
|
935 |
+
$length = $this->Nb * ($this->Nr + 1);
|
936 |
+
for ($i = $this->Nk; $i < $length; $i++) {
|
937 |
+
$temp = $w[$i - 1];
|
938 |
+
if ($i % $this->Nk == 0) {
|
939 |
+
// according to <http://php.net/language.types.integer>, "the size of an integer is platform-dependent".
|
940 |
+
// on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine,
|
941 |
+
// 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and'
|
942 |
+
// with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is.
|
943 |
+
$temp = (($temp << 8) & 0xFFFFFF00) | (($temp >> 24) & 0x000000FF); // rotWord
|
944 |
+
$temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk];
|
945 |
+
} else if ($this->Nk > 6 && $i % $this->Nk == 4) {
|
946 |
+
$temp = $this->_subWord($temp);
|
947 |
+
}
|
948 |
+
$w[$i] = $w[$i - $this->Nk] ^ $temp;
|
949 |
+
}
|
950 |
+
|
951 |
+
// convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns
|
952 |
+
// and generate the inverse key schedule. more specifically,
|
953 |
+
// according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=23> (section 5.3.3),
|
954 |
+
// "The key expansion for the Inverse Cipher is defined as follows:
|
955 |
+
// 1. Apply the Key Expansion.
|
956 |
+
// 2. Apply InvMixColumn to all Round Keys except the first and the last one."
|
957 |
+
// also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher"
|
958 |
+
$temp = array();
|
959 |
+
for ($i = $row = $col = 0; $i < $length; $i++, $col++) {
|
960 |
+
if ($col == $this->Nb) {
|
961 |
+
if ($row == 0) {
|
962 |
+
$this->dw[0] = $this->w[0];
|
963 |
+
} else {
|
964 |
+
// subWord + invMixColumn + invSubWord = invMixColumn
|
965 |
+
$j = 0;
|
966 |
+
while ($j < $this->Nb) {
|
967 |
+
$dw = $this->_subWord($this->w[$row][$j]);
|
968 |
+
$temp[$j] = $this->dt0[$dw & 0xFF000000] ^
|
969 |
+
$this->dt1[$dw & 0x00FF0000] ^
|
970 |
+
$this->dt2[$dw & 0x0000FF00] ^
|
971 |
+
$this->dt3[$dw & 0x000000FF];
|
972 |
+
$j++;
|
973 |
+
}
|
974 |
+
$this->dw[$row] = $temp;
|
975 |
+
}
|
976 |
+
|
977 |
+
$col = 0;
|
978 |
+
$row++;
|
979 |
+
}
|
980 |
+
$this->w[$row][$col] = $w[$i];
|
981 |
+
}
|
982 |
+
|
983 |
+
$this->dw[$row] = $this->w[$row];
|
984 |
+
|
985 |
+
$this->changed = false;
|
986 |
+
}
|
987 |
+
|
988 |
+
/**
|
989 |
+
* Performs S-Box substitutions
|
990 |
+
*
|
991 |
+
* @access private
|
992 |
+
*/
|
993 |
+
function _subWord($word)
|
994 |
+
{
|
995 |
+
static $sbox0, $sbox1, $sbox2, $sbox3;
|
996 |
+
|
997 |
+
if (empty($sbox0)) {
|
998 |
+
$sbox0 = array(
|
999 |
+
0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
|
1000 |
+
0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
|
1001 |
+
0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
|
1002 |
+
0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
|
1003 |
+
0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
|
1004 |
+
0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
|
1005 |
+
0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
|
1006 |
+
0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
|
1007 |
+
0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
|
1008 |
+
0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
|
1009 |
+
0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
|
1010 |
+
0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
|
1011 |
+
0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
|
1012 |
+
0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
|
1013 |
+
0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
|
1014 |
+
0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
|
1015 |
+
);
|
1016 |
+
|
1017 |
+
$sbox1 = array();
|
1018 |
+
$sbox2 = array();
|
1019 |
+
$sbox3 = array();
|
1020 |
+
|
1021 |
+
for ($i = 0; $i < 256; $i++) {
|
1022 |
+
$sbox1[$i << 8] = $sbox0[$i] << 8;
|
1023 |
+
$sbox2[$i << 16] = $sbox0[$i] << 16;
|
1024 |
+
$sbox3[$i << 24] = $sbox0[$i] << 24;
|
1025 |
+
}
|
1026 |
+
}
|
1027 |
+
|
1028 |
+
return $sbox0[$word & 0x000000FF] |
|
1029 |
+
$sbox1[$word & 0x0000FF00] |
|
1030 |
+
$sbox2[$word & 0x00FF0000] |
|
1031 |
+
$sbox3[$word & 0xFF000000];
|
1032 |
+
}
|
1033 |
+
|
1034 |
+
/**
|
1035 |
+
* Performs inverse S-Box substitutions
|
1036 |
+
*
|
1037 |
+
* @access private
|
1038 |
+
*/
|
1039 |
+
function _invSubWord($word)
|
1040 |
+
{
|
1041 |
+
static $sbox0, $sbox1, $sbox2, $sbox3;
|
1042 |
+
|
1043 |
+
if (empty($sbox0)) {
|
1044 |
+
$sbox0 = array(
|
1045 |
+
0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
|
1046 |
+
0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
|
1047 |
+
0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
|
1048 |
+
0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
|
1049 |
+
0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
|
1050 |
+
0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
|
1051 |
+
0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
|
1052 |
+
0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
|
1053 |
+
0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
|
1054 |
+
0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
|
1055 |
+
0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
|
1056 |
+
0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
|
1057 |
+
0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
|
1058 |
+
0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
|
1059 |
+
0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
|
1060 |
+
0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
|
1061 |
+
);
|
1062 |
+
|
1063 |
+
$sbox1 = array();
|
1064 |
+
$sbox2 = array();
|
1065 |
+
$sbox3 = array();
|
1066 |
+
|
1067 |
+
for ($i = 0; $i < 256; $i++) {
|
1068 |
+
$sbox1[$i << 8] = $sbox0[$i] << 8;
|
1069 |
+
$sbox2[$i << 16] = $sbox0[$i] << 16;
|
1070 |
+
$sbox3[$i << 24] = $sbox0[$i] << 24;
|
1071 |
+
}
|
1072 |
+
}
|
1073 |
+
|
1074 |
+
return $sbox0[$word & 0x000000FF] |
|
1075 |
+
$sbox1[$word & 0x0000FF00] |
|
1076 |
+
$sbox2[$word & 0x00FF0000] |
|
1077 |
+
$sbox3[$word & 0xFF000000];
|
1078 |
+
}
|
1079 |
+
|
1080 |
+
/**
|
1081 |
+
* Pad "packets".
|
1082 |
+
*
|
1083 |
+
* Rijndael works by encrypting between sixteen and thirty-two bytes at a time, provided that number is also a multiple
|
1084 |
+
* of four. If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to
|
1085 |
+
* pad the input so that it is of the proper length.
|
1086 |
+
*
|
1087 |
+
* Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH,
|
1088 |
+
* where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
|
1089 |
+
* away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
|
1090 |
+
* transmitted separately)
|
1091 |
+
*
|
1092 |
+
* @see Crypt_Rijndael::disablePadding()
|
1093 |
+
* @access public
|
1094 |
+
*/
|
1095 |
+
function enablePadding()
|
1096 |
+
{
|
1097 |
+
$this->padding = true;
|
1098 |
+
}
|
1099 |
+
|
1100 |
+
/**
|
1101 |
+
* Do not pad packets.
|
1102 |
+
*
|
1103 |
+
* @see Crypt_Rijndael::enablePadding()
|
1104 |
+
* @access public
|
1105 |
+
*/
|
1106 |
+
function disablePadding()
|
1107 |
+
{
|
1108 |
+
$this->padding = false;
|
1109 |
+
}
|
1110 |
+
|
1111 |
+
/**
|
1112 |
+
* Pads a string
|
1113 |
+
*
|
1114 |
+
* Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize.
|
1115 |
+
* $block_size - (strlen($text) % $block_size) bytes are added, each of which is equal to
|
1116 |
+
* chr($block_size - (strlen($text) % $block_size)
|
1117 |
+
*
|
1118 |
+
* If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
|
1119 |
+
* and padding will, hence forth, be enabled.
|
1120 |
+
*
|
1121 |
+
* @see Crypt_Rijndael::_unpad()
|
1122 |
+
* @access private
|
1123 |
+
*/
|
1124 |
+
function _pad($text)
|
1125 |
+
{
|
1126 |
+
$length = strlen($text);
|
1127 |
+
|
1128 |
+
if (!$this->padding) {
|
1129 |
+
if ($length % $this->block_size == 0) {
|
1130 |
+
return $text;
|
1131 |
+
} else {
|
1132 |
+
user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})", E_USER_NOTICE);
|
1133 |
+
$this->padding = true;
|
1134 |
+
}
|
1135 |
+
}
|
1136 |
+
|
1137 |
+
$pad = $this->block_size - ($length % $this->block_size);
|
1138 |
+
|
1139 |
+
return str_pad($text, $length + $pad, chr($pad));
|
1140 |
+
}
|
1141 |
+
|
1142 |
+
/**
|
1143 |
+
* Unpads a string.
|
1144 |
+
*
|
1145 |
+
* If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
|
1146 |
+
* and false will be returned.
|
1147 |
+
*
|
1148 |
+
* @see Crypt_Rijndael::_pad()
|
1149 |
+
* @access private
|
1150 |
+
*/
|
1151 |
+
function _unpad($text)
|
1152 |
+
{
|
1153 |
+
if (!$this->padding) {
|
1154 |
+
return $text;
|
1155 |
+
}
|
1156 |
+
|
1157 |
+
$length = ord($text[strlen($text) - 1]);
|
1158 |
+
|
1159 |
+
if (!$length || $length > $this->block_size) {
|
1160 |
+
return false;
|
1161 |
+
}
|
1162 |
+
|
1163 |
+
return substr($text, 0, -$length);
|
1164 |
+
}
|
1165 |
+
|
1166 |
+
/**
|
1167 |
+
* Treat consecutive "packets" as if they are a continuous buffer.
|
1168 |
+
*
|
1169 |
+
* Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
1170 |
+
* will yield different outputs:
|
1171 |
+
*
|
1172 |
+
* <code>
|
1173 |
+
* echo $rijndael->encrypt(substr($plaintext, 0, 16));
|
1174 |
+
* echo $rijndael->encrypt(substr($plaintext, 16, 16));
|
1175 |
+
* </code>
|
1176 |
+
* <code>
|
1177 |
+
* echo $rijndael->encrypt($plaintext);
|
1178 |
+
* </code>
|
1179 |
+
*
|
1180 |
+
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
1181 |
+
* another, as demonstrated with the following:
|
1182 |
+
*
|
1183 |
+
* <code>
|
1184 |
+
* $rijndael->encrypt(substr($plaintext, 0, 16));
|
1185 |
+
* echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
|
1186 |
+
* </code>
|
1187 |
+
* <code>
|
1188 |
+
* echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
|
1189 |
+
* </code>
|
1190 |
+
*
|
1191 |
+
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
1192 |
+
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
1193 |
+
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
1194 |
+
*
|
1195 |
+
* Put another way, when the continuous buffer is enabled, the state of the Crypt_Rijndael() object changes after each
|
1196 |
+
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
1197 |
+
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
1198 |
+
* however, they are also less intuitive and more likely to cause you problems.
|
1199 |
+
*
|
1200 |
+
* @see Crypt_Rijndael::disableContinuousBuffer()
|
1201 |
+
* @access public
|
1202 |
+
*/
|
1203 |
+
function enableContinuousBuffer()
|
1204 |
+
{
|
1205 |
+
$this->continuousBuffer = true;
|
1206 |
+
}
|
1207 |
+
|
1208 |
+
/**
|
1209 |
+
* Treat consecutive packets as if they are a discontinuous buffer.
|
1210 |
+
*
|
1211 |
+
* The default behavior.
|
1212 |
+
*
|
1213 |
+
* @see Crypt_Rijndael::enableContinuousBuffer()
|
1214 |
+
* @access public
|
1215 |
+
*/
|
1216 |
+
function disableContinuousBuffer()
|
1217 |
+
{
|
1218 |
+
$this->continuousBuffer = false;
|
1219 |
+
$this->encryptIV = $this->iv;
|
1220 |
+
$this->decryptIV = $this->iv;
|
1221 |
+
}
|
1222 |
+
|
1223 |
+
/**
|
1224 |
+
* String Shift
|
1225 |
+
*
|
1226 |
+
* Inspired by array_shift
|
1227 |
+
*
|
1228 |
+
* @param String $string
|
1229 |
+
* @param optional Integer $index
|
1230 |
+
* @return String
|
1231 |
+
* @access private
|
1232 |
+
*/
|
1233 |
+
function _string_shift(&$string, $index = 1)
|
1234 |
+
{
|
1235 |
+
$substr = substr($string, 0, $index);
|
1236 |
+
$string = substr($string, $index);
|
1237 |
+
return $substr;
|
1238 |
+
}
|
1239 |
+
}
|
1240 |
+
|
1241 |
+
// vim: ts=4:sw=4:et:
|
1242 |
+
// vim6: fdl=1:
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Crypt/TripleDES.php
CHANGED
@@ -1,690 +1,690 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of Triple DES.
|
6 |
-
*
|
7 |
-
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
8 |
-
*
|
9 |
-
* PHP versions 4 and 5
|
10 |
-
*
|
11 |
-
* Here's a short example of how to use this library:
|
12 |
-
* <code>
|
13 |
-
* <?php
|
14 |
-
* include('Crypt/TripleDES.php');
|
15 |
-
*
|
16 |
-
* $des = new Crypt_TripleDES();
|
17 |
-
*
|
18 |
-
* $des->setKey('abcdefghijklmnopqrstuvwx');
|
19 |
-
*
|
20 |
-
* $size = 10 * 1024;
|
21 |
-
* $plaintext = '';
|
22 |
-
* for ($i = 0; $i < $size; $i++) {
|
23 |
-
* $plaintext.= 'a';
|
24 |
-
* }
|
25 |
-
*
|
26 |
-
* echo $des->decrypt($des->encrypt($plaintext));
|
27 |
-
* ?>
|
28 |
-
* </code>
|
29 |
-
*
|
30 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
31 |
-
* modify it under the terms of the GNU Lesser General Public
|
32 |
-
* License as published by the Free Software Foundation; either
|
33 |
-
* version 2.1 of the License, or (at your option) any later version.
|
34 |
-
*
|
35 |
-
* This library is distributed in the hope that it will be useful,
|
36 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
37 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
38 |
-
* Lesser General Public License for more details.
|
39 |
-
*
|
40 |
-
* You should have received a copy of the GNU Lesser General Public
|
41 |
-
* License along with this library; if not, write to the Free Software
|
42 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
43 |
-
* MA 02111-1307 USA
|
44 |
-
*
|
45 |
-
* @category Crypt
|
46 |
-
* @package Crypt_TripleDES
|
47 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
48 |
-
* @copyright MMVII Jim Wigginton
|
49 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
50 |
-
* @version $Id: TripleDES.php,v 1.13 2010/02/26 03:40:25 terrafrost Exp $
|
51 |
-
* @link http://phpseclib.sourceforge.net
|
52 |
-
*/
|
53 |
-
|
54 |
-
/**
|
55 |
-
* Include Crypt_DES
|
56 |
-
*/
|
57 |
-
require_once 'DES.php';
|
58 |
-
|
59 |
-
/**
|
60 |
-
* Encrypt / decrypt using inner chaining
|
61 |
-
*
|
62 |
-
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
63 |
-
*/
|
64 |
-
define('CRYPT_DES_MODE_3CBC', 3);
|
65 |
-
|
66 |
-
/**
|
67 |
-
* Encrypt / decrypt using outer chaining
|
68 |
-
*
|
69 |
-
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
70 |
-
*/
|
71 |
-
define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC);
|
72 |
-
|
73 |
-
/**
|
74 |
-
* Pure-PHP implementation of Triple DES.
|
75 |
-
*
|
76 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
77 |
-
* @version 0.1.0
|
78 |
-
* @access public
|
79 |
-
* @package Crypt_TerraDES
|
80 |
-
*/
|
81 |
-
class Crypt_TripleDES {
|
82 |
-
/**
|
83 |
-
* The Three Keys
|
84 |
-
*
|
85 |
-
* @see Crypt_TripleDES::setKey()
|
86 |
-
* @var String
|
87 |
-
* @access private
|
88 |
-
*/
|
89 |
-
var $key = "\0\0\0\0\0\0\0\0";
|
90 |
-
|
91 |
-
/**
|
92 |
-
* The Encryption Mode
|
93 |
-
*
|
94 |
-
* @see Crypt_TripleDES::Crypt_TripleDES()
|
95 |
-
* @var Integer
|
96 |
-
* @access private
|
97 |
-
*/
|
98 |
-
var $mode = CRYPT_DES_MODE_CBC;
|
99 |
-
|
100 |
-
/**
|
101 |
-
* Continuous Buffer status
|
102 |
-
*
|
103 |
-
* @see Crypt_TripleDES::enableContinuousBuffer()
|
104 |
-
* @var Boolean
|
105 |
-
* @access private
|
106 |
-
*/
|
107 |
-
var $continuousBuffer = false;
|
108 |
-
|
109 |
-
/**
|
110 |
-
* Padding status
|
111 |
-
*
|
112 |
-
* @see Crypt_TripleDES::enablePadding()
|
113 |
-
* @var Boolean
|
114 |
-
* @access private
|
115 |
-
*/
|
116 |
-
var $padding = true;
|
117 |
-
|
118 |
-
/**
|
119 |
-
* The Initialization Vector
|
120 |
-
*
|
121 |
-
* @see Crypt_TripleDES::setIV()
|
122 |
-
* @var String
|
123 |
-
* @access private
|
124 |
-
*/
|
125 |
-
var $iv = "\0\0\0\0\0\0\0\0";
|
126 |
-
|
127 |
-
/**
|
128 |
-
* A "sliding" Initialization Vector
|
129 |
-
*
|
130 |
-
* @see Crypt_TripleDES::enableContinuousBuffer()
|
131 |
-
* @var String
|
132 |
-
* @access private
|
133 |
-
*/
|
134 |
-
var $encryptIV = "\0\0\0\0\0\0\0\0";
|
135 |
-
|
136 |
-
/**
|
137 |
-
* A "sliding" Initialization Vector
|
138 |
-
*
|
139 |
-
* @see Crypt_TripleDES::enableContinuousBuffer()
|
140 |
-
* @var String
|
141 |
-
* @access private
|
142 |
-
*/
|
143 |
-
var $decryptIV = "\0\0\0\0\0\0\0\0";
|
144 |
-
|
145 |
-
/**
|
146 |
-
* The Crypt_DES objects
|
147 |
-
*
|
148 |
-
* @var Array
|
149 |
-
* @access private
|
150 |
-
*/
|
151 |
-
var $des;
|
152 |
-
|
153 |
-
/**
|
154 |
-
* mcrypt resource for encryption
|
155 |
-
*
|
156 |
-
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
157 |
-
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
158 |
-
*
|
159 |
-
* @see Crypt_AES::encrypt()
|
160 |
-
* @var String
|
161 |
-
* @access private
|
162 |
-
*/
|
163 |
-
var $enmcrypt;
|
164 |
-
|
165 |
-
/**
|
166 |
-
* mcrypt resource for decryption
|
167 |
-
*
|
168 |
-
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
169 |
-
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
170 |
-
*
|
171 |
-
* @see Crypt_AES::decrypt()
|
172 |
-
* @var String
|
173 |
-
* @access private
|
174 |
-
*/
|
175 |
-
var $demcrypt;
|
176 |
-
|
177 |
-
/**
|
178 |
-
* Does the (en|de)mcrypt resource need to be (re)initialized?
|
179 |
-
*
|
180 |
-
* @see setKey()
|
181 |
-
* @see setIV()
|
182 |
-
* @var Boolean
|
183 |
-
* @access private
|
184 |
-
*/
|
185 |
-
var $changed = true;
|
186 |
-
|
187 |
-
/**
|
188 |
-
* Default Constructor.
|
189 |
-
*
|
190 |
-
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
191 |
-
* CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used.
|
192 |
-
*
|
193 |
-
* @param optional Integer $mode
|
194 |
-
* @return Crypt_TripleDES
|
195 |
-
* @access public
|
196 |
-
*/
|
197 |
-
function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC)
|
198 |
-
{
|
199 |
-
if ( !defined('CRYPT_DES_MODE') ) {
|
200 |
-
switch (true) {
|
201 |
-
case extension_loaded('mcrypt'):
|
202 |
-
// i'd check to see if des was supported, by doing in_array('des', mcrypt_list_algorithms('')),
|
203 |
-
// but since that can be changed after the object has been created, there doesn't seem to be
|
204 |
-
// a lot of point...
|
205 |
-
define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT);
|
206 |
-
break;
|
207 |
-
default:
|
208 |
-
define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL);
|
209 |
-
}
|
210 |
-
}
|
211 |
-
|
212 |
-
if ( $mode == CRYPT_DES_MODE_3CBC ) {
|
213 |
-
$this->mode = CRYPT_DES_MODE_3CBC;
|
214 |
-
$this->des = array(
|
215 |
-
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
216 |
-
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
217 |
-
new Crypt_DES(CRYPT_DES_MODE_CBC)
|
218 |
-
);
|
219 |
-
|
220 |
-
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
221 |
-
$this->des[0]->disablePadding();
|
222 |
-
$this->des[1]->disablePadding();
|
223 |
-
$this->des[2]->disablePadding();
|
224 |
-
|
225 |
-
return;
|
226 |
-
}
|
227 |
-
|
228 |
-
switch ( CRYPT_DES_MODE ) {
|
229 |
-
case CRYPT_DES_MODE_MCRYPT:
|
230 |
-
switch ($mode) {
|
231 |
-
case CRYPT_DES_MODE_ECB:
|
232 |
-
$this->mode = MCRYPT_MODE_ECB;
|
233 |
-
break;
|
234 |
-
case CRYPT_DES_MODE_CTR:
|
235 |
-
$this->mode = 'ctr';
|
236 |
-
break;
|
237 |
-
case CRYPT_DES_MODE_CBC:
|
238 |
-
default:
|
239 |
-
$this->mode = MCRYPT_MODE_CBC;
|
240 |
-
}
|
241 |
-
|
242 |
-
break;
|
243 |
-
default:
|
244 |
-
$this->des = array(
|
245 |
-
new Crypt_DES(CRYPT_DES_MODE_ECB),
|
246 |
-
new Crypt_DES(CRYPT_DES_MODE_ECB),
|
247 |
-
new Crypt_DES(CRYPT_DES_MODE_ECB)
|
248 |
-
);
|
249 |
-
|
250 |
-
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
251 |
-
$this->des[0]->disablePadding();
|
252 |
-
$this->des[1]->disablePadding();
|
253 |
-
$this->des[2]->disablePadding();
|
254 |
-
|
255 |
-
switch ($mode) {
|
256 |
-
case CRYPT_DES_MODE_ECB:
|
257 |
-
case CRYPT_DES_MODE_CTR:
|
258 |
-
case CRYPT_DES_MODE_CBC:
|
259 |
-
$this->mode = $mode;
|
260 |
-
break;
|
261 |
-
default:
|
262 |
-
$this->mode = CRYPT_DES_MODE_CBC;
|
263 |
-
}
|
264 |
-
}
|
265 |
-
}
|
266 |
-
|
267 |
-
/**
|
268 |
-
* Sets the key.
|
269 |
-
*
|
270 |
-
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
|
271 |
-
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
|
272 |
-
*
|
273 |
-
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
274 |
-
*
|
275 |
-
* If the key is not explicitly set, it'll be assumed to be all zero's.
|
276 |
-
*
|
277 |
-
* @access public
|
278 |
-
* @param String $key
|
279 |
-
*/
|
280 |
-
function setKey($key)
|
281 |
-
{
|
282 |
-
$length = strlen($key);
|
283 |
-
if ($length > 8) {
|
284 |
-
$key = str_pad($key, 24, chr(0));
|
285 |
-
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
286 |
-
// http://php.net/function.mcrypt-encrypt#47973
|
287 |
-
//$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
288 |
-
}
|
289 |
-
$this->key = $key;
|
290 |
-
switch (true) {
|
291 |
-
case CRYPT_DES_MODE == CRYPT_DES_MODE_INTERNAL:
|
292 |
-
case $this->mode == CRYPT_DES_MODE_3CBC:
|
293 |
-
$this->des[0]->setKey(substr($key, 0, 8));
|
294 |
-
$this->des[1]->setKey(substr($key, 8, 8));
|
295 |
-
$this->des[2]->setKey(substr($key, 16, 8));
|
296 |
-
}
|
297 |
-
$this->changed = true;
|
298 |
-
}
|
299 |
-
|
300 |
-
/**
|
301 |
-
* Sets the initialization vector. (optional)
|
302 |
-
*
|
303 |
-
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed
|
304 |
-
* to be all zero's.
|
305 |
-
*
|
306 |
-
* @access public
|
307 |
-
* @param String $iv
|
308 |
-
*/
|
309 |
-
function setIV($iv)
|
310 |
-
{
|
311 |
-
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
|
312 |
-
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
313 |
-
$this->des[0]->setIV($iv);
|
314 |
-
$this->des[1]->setIV($iv);
|
315 |
-
$this->des[2]->setIV($iv);
|
316 |
-
}
|
317 |
-
$this->changed = true;
|
318 |
-
}
|
319 |
-
|
320 |
-
/**
|
321 |
-
* Generate CTR XOR encryption key
|
322 |
-
*
|
323 |
-
* Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
|
324 |
-
* plaintext / ciphertext in CTR mode.
|
325 |
-
*
|
326 |
-
* @see Crypt_DES::decrypt()
|
327 |
-
* @see Crypt_DES::encrypt()
|
328 |
-
* @access public
|
329 |
-
* @param Integer $length
|
330 |
-
* @param String $iv
|
331 |
-
*/
|
332 |
-
function _generate_xor($length, &$iv)
|
333 |
-
{
|
334 |
-
$xor = '';
|
335 |
-
$num_blocks = ($length + 7) >> 3;
|
336 |
-
for ($i = 0; $i < $num_blocks; $i++) {
|
337 |
-
$xor.= $iv;
|
338 |
-
for ($j = 4; $j <= 8; $j+=4) {
|
339 |
-
$temp = substr($iv, -$j, 4);
|
340 |
-
switch ($temp) {
|
341 |
-
case "\xFF\xFF\xFF\xFF":
|
342 |
-
$iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
|
343 |
-
break;
|
344 |
-
case "\x7F\xFF\xFF\xFF":
|
345 |
-
$iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
|
346 |
-
break 2;
|
347 |
-
default:
|
348 |
-
extract(unpack('Ncount', $temp));
|
349 |
-
$iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
|
350 |
-
break 2;
|
351 |
-
}
|
352 |
-
}
|
353 |
-
}
|
354 |
-
|
355 |
-
return $xor;
|
356 |
-
}
|
357 |
-
|
358 |
-
/**
|
359 |
-
* Encrypts a message.
|
360 |
-
*
|
361 |
-
* @access public
|
362 |
-
* @param String $plaintext
|
363 |
-
*/
|
364 |
-
function encrypt($plaintext)
|
365 |
-
{
|
366 |
-
if ($this->mode != CRYPT_DES_MODE_CTR && $this->mode != 'ctr') {
|
367 |
-
$plaintext = $this->_pad($plaintext);
|
368 |
-
}
|
369 |
-
|
370 |
-
// if the key is smaller then 8, do what we'd normally do
|
371 |
-
if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
|
372 |
-
$ciphertext = $this->des[2]->encrypt($this->des[1]->decrypt($this->des[0]->encrypt($plaintext)));
|
373 |
-
|
374 |
-
return $ciphertext;
|
375 |
-
}
|
376 |
-
|
377 |
-
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
378 |
-
if ($this->changed) {
|
379 |
-
if (!isset($this->enmcrypt)) {
|
380 |
-
$this->enmcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
|
381 |
-
}
|
382 |
-
mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
|
383 |
-
$this->changed = false;
|
384 |
-
}
|
385 |
-
|
386 |
-
$ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
|
387 |
-
|
388 |
-
if (!$this->continuousBuffer) {
|
389 |
-
mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
|
390 |
-
}
|
391 |
-
|
392 |
-
return $ciphertext;
|
393 |
-
}
|
394 |
-
|
395 |
-
if (strlen($this->key) <= 8) {
|
396 |
-
$this->des[0]->mode = $this->mode;
|
397 |
-
|
398 |
-
return $this->des[0]->encrypt($plaintext);
|
399 |
-
}
|
400 |
-
|
401 |
-
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
402 |
-
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
403 |
-
$plaintext = str_pad($plaintext, ceil(strlen($plaintext) / 8) * 8, chr(0));
|
404 |
-
|
405 |
-
$des = $this->des;
|
406 |
-
|
407 |
-
$ciphertext = '';
|
408 |
-
switch ($this->mode) {
|
409 |
-
case CRYPT_DES_MODE_ECB:
|
410 |
-
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
411 |
-
$block = substr($plaintext, $i, 8);
|
412 |
-
$block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
413 |
-
$block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT);
|
414 |
-
$block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
415 |
-
$ciphertext.= $block;
|
416 |
-
}
|
417 |
-
break;
|
418 |
-
case CRYPT_DES_MODE_CBC:
|
419 |
-
$xor = $this->encryptIV;
|
420 |
-
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
421 |
-
$block = substr($plaintext, $i, 8) ^ $xor;
|
422 |
-
$block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
423 |
-
$block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT);
|
424 |
-
$block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
425 |
-
$xor = $block;
|
426 |
-
$ciphertext.= $block;
|
427 |
-
}
|
428 |
-
if ($this->continuousBuffer) {
|
429 |
-
$this->encryptIV = $xor;
|
430 |
-
}
|
431 |
-
break;
|
432 |
-
case CRYPT_DES_MODE_CTR:
|
433 |
-
$xor = $this->encryptIV;
|
434 |
-
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
435 |
-
$key = $this->_generate_xor(8, $xor);
|
436 |
-
$key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
437 |
-
$key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
|
438 |
-
$key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
439 |
-
$block = substr($plaintext, $i, 8);
|
440 |
-
$ciphertext.= $block ^ $key;
|
441 |
-
}
|
442 |
-
if ($this->continuousBuffer) {
|
443 |
-
$this->encryptIV = $xor;
|
444 |
-
}
|
445 |
-
}
|
446 |
-
|
447 |
-
return $ciphertext;
|
448 |
-
}
|
449 |
-
|
450 |
-
/**
|
451 |
-
* Decrypts a message.
|
452 |
-
*
|
453 |
-
* @access public
|
454 |
-
* @param String $ciphertext
|
455 |
-
*/
|
456 |
-
function decrypt($ciphertext)
|
457 |
-
{
|
458 |
-
if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
|
459 |
-
$plaintext = $this->des[0]->decrypt($this->des[1]->encrypt($this->des[2]->decrypt($ciphertext)));
|
460 |
-
|
461 |
-
return $this->_unpad($plaintext);
|
462 |
-
}
|
463 |
-
|
464 |
-
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
465 |
-
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
466 |
-
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0));
|
467 |
-
|
468 |
-
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
469 |
-
if ($this->changed) {
|
470 |
-
if (!isset($this->demcrypt)) {
|
471 |
-
$this->demcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
|
472 |
-
}
|
473 |
-
mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
|
474 |
-
$this->changed = false;
|
475 |
-
}
|
476 |
-
|
477 |
-
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
|
478 |
-
|
479 |
-
if (!$this->continuousBuffer) {
|
480 |
-
mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
|
481 |
-
}
|
482 |
-
|
483 |
-
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
|
484 |
-
}
|
485 |
-
|
486 |
-
if (strlen($this->key) <= 8) {
|
487 |
-
$this->des[0]->mode = $this->mode;
|
488 |
-
|
489 |
-
return $this->_unpad($this->des[0]->decrypt($plaintext));
|
490 |
-
}
|
491 |
-
|
492 |
-
$des = $this->des;
|
493 |
-
|
494 |
-
$plaintext = '';
|
495 |
-
switch ($this->mode) {
|
496 |
-
case CRYPT_DES_MODE_ECB:
|
497 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
498 |
-
$block = substr($ciphertext, $i, 8);
|
499 |
-
$block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
|
500 |
-
$block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
501 |
-
$block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
502 |
-
$plaintext.= $block;
|
503 |
-
}
|
504 |
-
break;
|
505 |
-
case CRYPT_DES_MODE_CBC:
|
506 |
-
$xor = $this->decryptIV;
|
507 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
508 |
-
$orig = $block = substr($ciphertext, $i, 8);
|
509 |
-
$block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
|
510 |
-
$block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
511 |
-
$block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
512 |
-
$plaintext.= $block ^ $xor;
|
513 |
-
$xor = $orig;
|
514 |
-
}
|
515 |
-
if ($this->continuousBuffer) {
|
516 |
-
$this->decryptIV = $xor;
|
517 |
-
}
|
518 |
-
break;
|
519 |
-
case CRYPT_DES_MODE_CTR:
|
520 |
-
$xor = $this->decryptIV;
|
521 |
-
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
522 |
-
$key = $this->_generate_xor(8, $xor);
|
523 |
-
$key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
524 |
-
$key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
|
525 |
-
$key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
526 |
-
$block = substr($ciphertext, $i, 8);
|
527 |
-
$plaintext.= $block ^ $key;
|
528 |
-
}
|
529 |
-
if ($this->continuousBuffer) {
|
530 |
-
$this->decryptIV = $xor;
|
531 |
-
}
|
532 |
-
}
|
533 |
-
|
534 |
-
return $this->mode != CRYPT_DES_MODE_CTR ? $this->_unpad($plaintext) : $plaintext;
|
535 |
-
}
|
536 |
-
|
537 |
-
/**
|
538 |
-
* Treat consecutive "packets" as if they are a continuous buffer.
|
539 |
-
*
|
540 |
-
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
541 |
-
* will yield different outputs:
|
542 |
-
*
|
543 |
-
* <code>
|
544 |
-
* echo $des->encrypt(substr($plaintext, 0, 8));
|
545 |
-
* echo $des->encrypt(substr($plaintext, 8, 8));
|
546 |
-
* </code>
|
547 |
-
* <code>
|
548 |
-
* echo $des->encrypt($plaintext);
|
549 |
-
* </code>
|
550 |
-
*
|
551 |
-
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
552 |
-
* another, as demonstrated with the following:
|
553 |
-
*
|
554 |
-
* <code>
|
555 |
-
* $des->encrypt(substr($plaintext, 0, 8));
|
556 |
-
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
557 |
-
* </code>
|
558 |
-
* <code>
|
559 |
-
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
560 |
-
* </code>
|
561 |
-
*
|
562 |
-
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
563 |
-
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
564 |
-
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
565 |
-
*
|
566 |
-
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
567 |
-
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
568 |
-
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
569 |
-
* however, they are also less intuitive and more likely to cause you problems.
|
570 |
-
*
|
571 |
-
* @see Crypt_TripleDES::disableContinuousBuffer()
|
572 |
-
* @access public
|
573 |
-
*/
|
574 |
-
function enableContinuousBuffer()
|
575 |
-
{
|
576 |
-
$this->continuousBuffer = true;
|
577 |
-
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
578 |
-
$this->des[0]->enableContinuousBuffer();
|
579 |
-
$this->des[1]->enableContinuousBuffer();
|
580 |
-
$this->des[2]->enableContinuousBuffer();
|
581 |
-
}
|
582 |
-
}
|
583 |
-
|
584 |
-
/**
|
585 |
-
* Treat consecutive packets as if they are a discontinuous buffer.
|
586 |
-
*
|
587 |
-
* The default behavior.
|
588 |
-
*
|
589 |
-
* @see Crypt_TripleDES::enableContinuousBuffer()
|
590 |
-
* @access public
|
591 |
-
*/
|
592 |
-
function disableContinuousBuffer()
|
593 |
-
{
|
594 |
-
$this->continuousBuffer = false;
|
595 |
-
$this->encryptIV = $this->iv;
|
596 |
-
$this->decryptIV = $this->iv;
|
597 |
-
|
598 |
-
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
599 |
-
$this->des[0]->disableContinuousBuffer();
|
600 |
-
$this->des[1]->disableContinuousBuffer();
|
601 |
-
$this->des[2]->disableContinuousBuffer();
|
602 |
-
}
|
603 |
-
}
|
604 |
-
|
605 |
-
/**
|
606 |
-
* Pad "packets".
|
607 |
-
*
|
608 |
-
* DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not
|
609 |
-
* a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight.
|
610 |
-
*
|
611 |
-
* Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1,
|
612 |
-
* where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
|
613 |
-
* away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
|
614 |
-
* transmitted separately)
|
615 |
-
*
|
616 |
-
* @see Crypt_TripleDES::disablePadding()
|
617 |
-
* @access public
|
618 |
-
*/
|
619 |
-
function enablePadding()
|
620 |
-
{
|
621 |
-
$this->padding = true;
|
622 |
-
}
|
623 |
-
|
624 |
-
/**
|
625 |
-
* Do not pad packets.
|
626 |
-
*
|
627 |
-
* @see Crypt_TripleDES::enablePadding()
|
628 |
-
* @access public
|
629 |
-
*/
|
630 |
-
function disablePadding()
|
631 |
-
{
|
632 |
-
$this->padding = false;
|
633 |
-
}
|
634 |
-
|
635 |
-
/**
|
636 |
-
* Pads a string
|
637 |
-
*
|
638 |
-
* Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8).
|
639 |
-
* 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7)
|
640 |
-
*
|
641 |
-
* If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
|
642 |
-
* and padding will, hence forth, be enabled.
|
643 |
-
*
|
644 |
-
* @see Crypt_TripleDES::_unpad()
|
645 |
-
* @access private
|
646 |
-
*/
|
647 |
-
function _pad($text)
|
648 |
-
{
|
649 |
-
$length = strlen($text);
|
650 |
-
|
651 |
-
if (!$this->padding) {
|
652 |
-
if (($length & 7) == 0) {
|
653 |
-
return $text;
|
654 |
-
} else {
|
655 |
-
user_error("The plaintext's length ($length) is not a multiple of the block size (8)", E_USER_NOTICE);
|
656 |
-
$this->padding = true;
|
657 |
-
}
|
658 |
-
}
|
659 |
-
|
660 |
-
$pad = 8 - ($length & 7);
|
661 |
-
return str_pad($text, $length + $pad, chr($pad));
|
662 |
-
}
|
663 |
-
|
664 |
-
/**
|
665 |
-
* Unpads a string
|
666 |
-
*
|
667 |
-
* If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
|
668 |
-
* and false will be returned.
|
669 |
-
*
|
670 |
-
* @see Crypt_TripleDES::_pad()
|
671 |
-
* @access private
|
672 |
-
*/
|
673 |
-
function _unpad($text)
|
674 |
-
{
|
675 |
-
if (!$this->padding) {
|
676 |
-
return $text;
|
677 |
-
}
|
678 |
-
|
679 |
-
$length = ord($text[strlen($text) - 1]);
|
680 |
-
|
681 |
-
if (!$length || $length > 8) {
|
682 |
-
return false;
|
683 |
-
}
|
684 |
-
|
685 |
-
return substr($text, 0, -$length);
|
686 |
-
}
|
687 |
-
}
|
688 |
-
|
689 |
-
// vim: ts=4:sw=4:et:
|
690 |
-
// vim6: fdl=1:
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of Triple DES.
|
6 |
+
*
|
7 |
+
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
8 |
+
*
|
9 |
+
* PHP versions 4 and 5
|
10 |
+
*
|
11 |
+
* Here's a short example of how to use this library:
|
12 |
+
* <code>
|
13 |
+
* <?php
|
14 |
+
* include('Crypt/TripleDES.php');
|
15 |
+
*
|
16 |
+
* $des = new Crypt_TripleDES();
|
17 |
+
*
|
18 |
+
* $des->setKey('abcdefghijklmnopqrstuvwx');
|
19 |
+
*
|
20 |
+
* $size = 10 * 1024;
|
21 |
+
* $plaintext = '';
|
22 |
+
* for ($i = 0; $i < $size; $i++) {
|
23 |
+
* $plaintext.= 'a';
|
24 |
+
* }
|
25 |
+
*
|
26 |
+
* echo $des->decrypt($des->encrypt($plaintext));
|
27 |
+
* ?>
|
28 |
+
* </code>
|
29 |
+
*
|
30 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
31 |
+
* modify it under the terms of the GNU Lesser General Public
|
32 |
+
* License as published by the Free Software Foundation; either
|
33 |
+
* version 2.1 of the License, or (at your option) any later version.
|
34 |
+
*
|
35 |
+
* This library is distributed in the hope that it will be useful,
|
36 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
37 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
38 |
+
* Lesser General Public License for more details.
|
39 |
+
*
|
40 |
+
* You should have received a copy of the GNU Lesser General Public
|
41 |
+
* License along with this library; if not, write to the Free Software
|
42 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
43 |
+
* MA 02111-1307 USA
|
44 |
+
*
|
45 |
+
* @category Crypt
|
46 |
+
* @package Crypt_TripleDES
|
47 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
48 |
+
* @copyright MMVII Jim Wigginton
|
49 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
50 |
+
* @version $Id: TripleDES.php,v 1.13 2010/02/26 03:40:25 terrafrost Exp $
|
51 |
+
* @link http://phpseclib.sourceforge.net
|
52 |
+
*/
|
53 |
+
|
54 |
+
/**
|
55 |
+
* Include Crypt_DES
|
56 |
+
*/
|
57 |
+
require_once 'DES.php';
|
58 |
+
|
59 |
+
/**
|
60 |
+
* Encrypt / decrypt using inner chaining
|
61 |
+
*
|
62 |
+
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
63 |
+
*/
|
64 |
+
define('CRYPT_DES_MODE_3CBC', 3);
|
65 |
+
|
66 |
+
/**
|
67 |
+
* Encrypt / decrypt using outer chaining
|
68 |
+
*
|
69 |
+
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
70 |
+
*/
|
71 |
+
define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC);
|
72 |
+
|
73 |
+
/**
|
74 |
+
* Pure-PHP implementation of Triple DES.
|
75 |
+
*
|
76 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
77 |
+
* @version 0.1.0
|
78 |
+
* @access public
|
79 |
+
* @package Crypt_TerraDES
|
80 |
+
*/
|
81 |
+
class Crypt_TripleDES {
|
82 |
+
/**
|
83 |
+
* The Three Keys
|
84 |
+
*
|
85 |
+
* @see Crypt_TripleDES::setKey()
|
86 |
+
* @var String
|
87 |
+
* @access private
|
88 |
+
*/
|
89 |
+
var $key = "\0\0\0\0\0\0\0\0";
|
90 |
+
|
91 |
+
/**
|
92 |
+
* The Encryption Mode
|
93 |
+
*
|
94 |
+
* @see Crypt_TripleDES::Crypt_TripleDES()
|
95 |
+
* @var Integer
|
96 |
+
* @access private
|
97 |
+
*/
|
98 |
+
var $mode = CRYPT_DES_MODE_CBC;
|
99 |
+
|
100 |
+
/**
|
101 |
+
* Continuous Buffer status
|
102 |
+
*
|
103 |
+
* @see Crypt_TripleDES::enableContinuousBuffer()
|
104 |
+
* @var Boolean
|
105 |
+
* @access private
|
106 |
+
*/
|
107 |
+
var $continuousBuffer = false;
|
108 |
+
|
109 |
+
/**
|
110 |
+
* Padding status
|
111 |
+
*
|
112 |
+
* @see Crypt_TripleDES::enablePadding()
|
113 |
+
* @var Boolean
|
114 |
+
* @access private
|
115 |
+
*/
|
116 |
+
var $padding = true;
|
117 |
+
|
118 |
+
/**
|
119 |
+
* The Initialization Vector
|
120 |
+
*
|
121 |
+
* @see Crypt_TripleDES::setIV()
|
122 |
+
* @var String
|
123 |
+
* @access private
|
124 |
+
*/
|
125 |
+
var $iv = "\0\0\0\0\0\0\0\0";
|
126 |
+
|
127 |
+
/**
|
128 |
+
* A "sliding" Initialization Vector
|
129 |
+
*
|
130 |
+
* @see Crypt_TripleDES::enableContinuousBuffer()
|
131 |
+
* @var String
|
132 |
+
* @access private
|
133 |
+
*/
|
134 |
+
var $encryptIV = "\0\0\0\0\0\0\0\0";
|
135 |
+
|
136 |
+
/**
|
137 |
+
* A "sliding" Initialization Vector
|
138 |
+
*
|
139 |
+
* @see Crypt_TripleDES::enableContinuousBuffer()
|
140 |
+
* @var String
|
141 |
+
* @access private
|
142 |
+
*/
|
143 |
+
var $decryptIV = "\0\0\0\0\0\0\0\0";
|
144 |
+
|
145 |
+
/**
|
146 |
+
* The Crypt_DES objects
|
147 |
+
*
|
148 |
+
* @var Array
|
149 |
+
* @access private
|
150 |
+
*/
|
151 |
+
var $des;
|
152 |
+
|
153 |
+
/**
|
154 |
+
* mcrypt resource for encryption
|
155 |
+
*
|
156 |
+
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
157 |
+
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
158 |
+
*
|
159 |
+
* @see Crypt_AES::encrypt()
|
160 |
+
* @var String
|
161 |
+
* @access private
|
162 |
+
*/
|
163 |
+
var $enmcrypt;
|
164 |
+
|
165 |
+
/**
|
166 |
+
* mcrypt resource for decryption
|
167 |
+
*
|
168 |
+
* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
|
169 |
+
* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
|
170 |
+
*
|
171 |
+
* @see Crypt_AES::decrypt()
|
172 |
+
* @var String
|
173 |
+
* @access private
|
174 |
+
*/
|
175 |
+
var $demcrypt;
|
176 |
+
|
177 |
+
/**
|
178 |
+
* Does the (en|de)mcrypt resource need to be (re)initialized?
|
179 |
+
*
|
180 |
+
* @see setKey()
|
181 |
+
* @see setIV()
|
182 |
+
* @var Boolean
|
183 |
+
* @access private
|
184 |
+
*/
|
185 |
+
var $changed = true;
|
186 |
+
|
187 |
+
/**
|
188 |
+
* Default Constructor.
|
189 |
+
*
|
190 |
+
* Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
|
191 |
+
* CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used.
|
192 |
+
*
|
193 |
+
* @param optional Integer $mode
|
194 |
+
* @return Crypt_TripleDES
|
195 |
+
* @access public
|
196 |
+
*/
|
197 |
+
function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC)
|
198 |
+
{
|
199 |
+
if ( !defined('CRYPT_DES_MODE') ) {
|
200 |
+
switch (true) {
|
201 |
+
case extension_loaded('mcrypt'):
|
202 |
+
// i'd check to see if des was supported, by doing in_array('des', mcrypt_list_algorithms('')),
|
203 |
+
// but since that can be changed after the object has been created, there doesn't seem to be
|
204 |
+
// a lot of point...
|
205 |
+
define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT);
|
206 |
+
break;
|
207 |
+
default:
|
208 |
+
define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL);
|
209 |
+
}
|
210 |
+
}
|
211 |
+
|
212 |
+
if ( $mode == CRYPT_DES_MODE_3CBC ) {
|
213 |
+
$this->mode = CRYPT_DES_MODE_3CBC;
|
214 |
+
$this->des = array(
|
215 |
+
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
216 |
+
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
217 |
+
new Crypt_DES(CRYPT_DES_MODE_CBC)
|
218 |
+
);
|
219 |
+
|
220 |
+
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
221 |
+
$this->des[0]->disablePadding();
|
222 |
+
$this->des[1]->disablePadding();
|
223 |
+
$this->des[2]->disablePadding();
|
224 |
+
|
225 |
+
return;
|
226 |
+
}
|
227 |
+
|
228 |
+
switch ( CRYPT_DES_MODE ) {
|
229 |
+
case CRYPT_DES_MODE_MCRYPT:
|
230 |
+
switch ($mode) {
|
231 |
+
case CRYPT_DES_MODE_ECB:
|
232 |
+
$this->mode = MCRYPT_MODE_ECB;
|
233 |
+
break;
|
234 |
+
case CRYPT_DES_MODE_CTR:
|
235 |
+
$this->mode = 'ctr';
|
236 |
+
break;
|
237 |
+
case CRYPT_DES_MODE_CBC:
|
238 |
+
default:
|
239 |
+
$this->mode = MCRYPT_MODE_CBC;
|
240 |
+
}
|
241 |
+
|
242 |
+
break;
|
243 |
+
default:
|
244 |
+
$this->des = array(
|
245 |
+
new Crypt_DES(CRYPT_DES_MODE_ECB),
|
246 |
+
new Crypt_DES(CRYPT_DES_MODE_ECB),
|
247 |
+
new Crypt_DES(CRYPT_DES_MODE_ECB)
|
248 |
+
);
|
249 |
+
|
250 |
+
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
251 |
+
$this->des[0]->disablePadding();
|
252 |
+
$this->des[1]->disablePadding();
|
253 |
+
$this->des[2]->disablePadding();
|
254 |
+
|
255 |
+
switch ($mode) {
|
256 |
+
case CRYPT_DES_MODE_ECB:
|
257 |
+
case CRYPT_DES_MODE_CTR:
|
258 |
+
case CRYPT_DES_MODE_CBC:
|
259 |
+
$this->mode = $mode;
|
260 |
+
break;
|
261 |
+
default:
|
262 |
+
$this->mode = CRYPT_DES_MODE_CBC;
|
263 |
+
}
|
264 |
+
}
|
265 |
+
}
|
266 |
+
|
267 |
+
/**
|
268 |
+
* Sets the key.
|
269 |
+
*
|
270 |
+
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
|
271 |
+
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
|
272 |
+
*
|
273 |
+
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
274 |
+
*
|
275 |
+
* If the key is not explicitly set, it'll be assumed to be all zero's.
|
276 |
+
*
|
277 |
+
* @access public
|
278 |
+
* @param String $key
|
279 |
+
*/
|
280 |
+
function setKey($key)
|
281 |
+
{
|
282 |
+
$length = strlen($key);
|
283 |
+
if ($length > 8) {
|
284 |
+
$key = str_pad($key, 24, chr(0));
|
285 |
+
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
286 |
+
// http://php.net/function.mcrypt-encrypt#47973
|
287 |
+
//$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
288 |
+
}
|
289 |
+
$this->key = $key;
|
290 |
+
switch (true) {
|
291 |
+
case CRYPT_DES_MODE == CRYPT_DES_MODE_INTERNAL:
|
292 |
+
case $this->mode == CRYPT_DES_MODE_3CBC:
|
293 |
+
$this->des[0]->setKey(substr($key, 0, 8));
|
294 |
+
$this->des[1]->setKey(substr($key, 8, 8));
|
295 |
+
$this->des[2]->setKey(substr($key, 16, 8));
|
296 |
+
}
|
297 |
+
$this->changed = true;
|
298 |
+
}
|
299 |
+
|
300 |
+
/**
|
301 |
+
* Sets the initialization vector. (optional)
|
302 |
+
*
|
303 |
+
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed
|
304 |
+
* to be all zero's.
|
305 |
+
*
|
306 |
+
* @access public
|
307 |
+
* @param String $iv
|
308 |
+
*/
|
309 |
+
function setIV($iv)
|
310 |
+
{
|
311 |
+
$this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
|
312 |
+
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
313 |
+
$this->des[0]->setIV($iv);
|
314 |
+
$this->des[1]->setIV($iv);
|
315 |
+
$this->des[2]->setIV($iv);
|
316 |
+
}
|
317 |
+
$this->changed = true;
|
318 |
+
}
|
319 |
+
|
320 |
+
/**
|
321 |
+
* Generate CTR XOR encryption key
|
322 |
+
*
|
323 |
+
* Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
|
324 |
+
* plaintext / ciphertext in CTR mode.
|
325 |
+
*
|
326 |
+
* @see Crypt_DES::decrypt()
|
327 |
+
* @see Crypt_DES::encrypt()
|
328 |
+
* @access public
|
329 |
+
* @param Integer $length
|
330 |
+
* @param String $iv
|
331 |
+
*/
|
332 |
+
function _generate_xor($length, &$iv)
|
333 |
+
{
|
334 |
+
$xor = '';
|
335 |
+
$num_blocks = ($length + 7) >> 3;
|
336 |
+
for ($i = 0; $i < $num_blocks; $i++) {
|
337 |
+
$xor.= $iv;
|
338 |
+
for ($j = 4; $j <= 8; $j+=4) {
|
339 |
+
$temp = substr($iv, -$j, 4);
|
340 |
+
switch ($temp) {
|
341 |
+
case "\xFF\xFF\xFF\xFF":
|
342 |
+
$iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
|
343 |
+
break;
|
344 |
+
case "\x7F\xFF\xFF\xFF":
|
345 |
+
$iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
|
346 |
+
break 2;
|
347 |
+
default:
|
348 |
+
extract(unpack('Ncount', $temp));
|
349 |
+
$iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
|
350 |
+
break 2;
|
351 |
+
}
|
352 |
+
}
|
353 |
+
}
|
354 |
+
|
355 |
+
return $xor;
|
356 |
+
}
|
357 |
+
|
358 |
+
/**
|
359 |
+
* Encrypts a message.
|
360 |
+
*
|
361 |
+
* @access public
|
362 |
+
* @param String $plaintext
|
363 |
+
*/
|
364 |
+
function encrypt($plaintext)
|
365 |
+
{
|
366 |
+
if ($this->mode != CRYPT_DES_MODE_CTR && $this->mode != 'ctr') {
|
367 |
+
$plaintext = $this->_pad($plaintext);
|
368 |
+
}
|
369 |
+
|
370 |
+
// if the key is smaller then 8, do what we'd normally do
|
371 |
+
if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
|
372 |
+
$ciphertext = $this->des[2]->encrypt($this->des[1]->decrypt($this->des[0]->encrypt($plaintext)));
|
373 |
+
|
374 |
+
return $ciphertext;
|
375 |
+
}
|
376 |
+
|
377 |
+
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
378 |
+
if ($this->changed) {
|
379 |
+
if (!isset($this->enmcrypt)) {
|
380 |
+
$this->enmcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
|
381 |
+
}
|
382 |
+
mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
|
383 |
+
$this->changed = false;
|
384 |
+
}
|
385 |
+
|
386 |
+
$ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
|
387 |
+
|
388 |
+
if (!$this->continuousBuffer) {
|
389 |
+
mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
|
390 |
+
}
|
391 |
+
|
392 |
+
return $ciphertext;
|
393 |
+
}
|
394 |
+
|
395 |
+
if (strlen($this->key) <= 8) {
|
396 |
+
$this->des[0]->mode = $this->mode;
|
397 |
+
|
398 |
+
return $this->des[0]->encrypt($plaintext);
|
399 |
+
}
|
400 |
+
|
401 |
+
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
402 |
+
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
403 |
+
$plaintext = str_pad($plaintext, ceil(strlen($plaintext) / 8) * 8, chr(0));
|
404 |
+
|
405 |
+
$des = $this->des;
|
406 |
+
|
407 |
+
$ciphertext = '';
|
408 |
+
switch ($this->mode) {
|
409 |
+
case CRYPT_DES_MODE_ECB:
|
410 |
+
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
411 |
+
$block = substr($plaintext, $i, 8);
|
412 |
+
$block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
413 |
+
$block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT);
|
414 |
+
$block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
415 |
+
$ciphertext.= $block;
|
416 |
+
}
|
417 |
+
break;
|
418 |
+
case CRYPT_DES_MODE_CBC:
|
419 |
+
$xor = $this->encryptIV;
|
420 |
+
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
421 |
+
$block = substr($plaintext, $i, 8) ^ $xor;
|
422 |
+
$block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
423 |
+
$block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT);
|
424 |
+
$block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
425 |
+
$xor = $block;
|
426 |
+
$ciphertext.= $block;
|
427 |
+
}
|
428 |
+
if ($this->continuousBuffer) {
|
429 |
+
$this->encryptIV = $xor;
|
430 |
+
}
|
431 |
+
break;
|
432 |
+
case CRYPT_DES_MODE_CTR:
|
433 |
+
$xor = $this->encryptIV;
|
434 |
+
for ($i = 0; $i < strlen($plaintext); $i+=8) {
|
435 |
+
$key = $this->_generate_xor(8, $xor);
|
436 |
+
$key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
437 |
+
$key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
|
438 |
+
$key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
439 |
+
$block = substr($plaintext, $i, 8);
|
440 |
+
$ciphertext.= $block ^ $key;
|
441 |
+
}
|
442 |
+
if ($this->continuousBuffer) {
|
443 |
+
$this->encryptIV = $xor;
|
444 |
+
}
|
445 |
+
}
|
446 |
+
|
447 |
+
return $ciphertext;
|
448 |
+
}
|
449 |
+
|
450 |
+
/**
|
451 |
+
* Decrypts a message.
|
452 |
+
*
|
453 |
+
* @access public
|
454 |
+
* @param String $ciphertext
|
455 |
+
*/
|
456 |
+
function decrypt($ciphertext)
|
457 |
+
{
|
458 |
+
if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
|
459 |
+
$plaintext = $this->des[0]->decrypt($this->des[1]->encrypt($this->des[2]->decrypt($ciphertext)));
|
460 |
+
|
461 |
+
return $this->_unpad($plaintext);
|
462 |
+
}
|
463 |
+
|
464 |
+
// we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
|
465 |
+
// "The data is padded with "\0" to make sure the length of the data is n * blocksize."
|
466 |
+
$ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0));
|
467 |
+
|
468 |
+
if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
|
469 |
+
if ($this->changed) {
|
470 |
+
if (!isset($this->demcrypt)) {
|
471 |
+
$this->demcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
|
472 |
+
}
|
473 |
+
mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
|
474 |
+
$this->changed = false;
|
475 |
+
}
|
476 |
+
|
477 |
+
$plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
|
478 |
+
|
479 |
+
if (!$this->continuousBuffer) {
|
480 |
+
mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
|
481 |
+
}
|
482 |
+
|
483 |
+
return $this->mode != 'ctr' ? $this->_unpad($plaintext) : $plaintext;
|
484 |
+
}
|
485 |
+
|
486 |
+
if (strlen($this->key) <= 8) {
|
487 |
+
$this->des[0]->mode = $this->mode;
|
488 |
+
|
489 |
+
return $this->_unpad($this->des[0]->decrypt($plaintext));
|
490 |
+
}
|
491 |
+
|
492 |
+
$des = $this->des;
|
493 |
+
|
494 |
+
$plaintext = '';
|
495 |
+
switch ($this->mode) {
|
496 |
+
case CRYPT_DES_MODE_ECB:
|
497 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
498 |
+
$block = substr($ciphertext, $i, 8);
|
499 |
+
$block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
|
500 |
+
$block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
501 |
+
$block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
502 |
+
$plaintext.= $block;
|
503 |
+
}
|
504 |
+
break;
|
505 |
+
case CRYPT_DES_MODE_CBC:
|
506 |
+
$xor = $this->decryptIV;
|
507 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
508 |
+
$orig = $block = substr($ciphertext, $i, 8);
|
509 |
+
$block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
|
510 |
+
$block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
|
511 |
+
$block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
|
512 |
+
$plaintext.= $block ^ $xor;
|
513 |
+
$xor = $orig;
|
514 |
+
}
|
515 |
+
if ($this->continuousBuffer) {
|
516 |
+
$this->decryptIV = $xor;
|
517 |
+
}
|
518 |
+
break;
|
519 |
+
case CRYPT_DES_MODE_CTR:
|
520 |
+
$xor = $this->decryptIV;
|
521 |
+
for ($i = 0; $i < strlen($ciphertext); $i+=8) {
|
522 |
+
$key = $this->_generate_xor(8, $xor);
|
523 |
+
$key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
524 |
+
$key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
|
525 |
+
$key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
|
526 |
+
$block = substr($ciphertext, $i, 8);
|
527 |
+
$plaintext.= $block ^ $key;
|
528 |
+
}
|
529 |
+
if ($this->continuousBuffer) {
|
530 |
+
$this->decryptIV = $xor;
|
531 |
+
}
|
532 |
+
}
|
533 |
+
|
534 |
+
return $this->mode != CRYPT_DES_MODE_CTR ? $this->_unpad($plaintext) : $plaintext;
|
535 |
+
}
|
536 |
+
|
537 |
+
/**
|
538 |
+
* Treat consecutive "packets" as if they are a continuous buffer.
|
539 |
+
*
|
540 |
+
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
541 |
+
* will yield different outputs:
|
542 |
+
*
|
543 |
+
* <code>
|
544 |
+
* echo $des->encrypt(substr($plaintext, 0, 8));
|
545 |
+
* echo $des->encrypt(substr($plaintext, 8, 8));
|
546 |
+
* </code>
|
547 |
+
* <code>
|
548 |
+
* echo $des->encrypt($plaintext);
|
549 |
+
* </code>
|
550 |
+
*
|
551 |
+
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
552 |
+
* another, as demonstrated with the following:
|
553 |
+
*
|
554 |
+
* <code>
|
555 |
+
* $des->encrypt(substr($plaintext, 0, 8));
|
556 |
+
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
557 |
+
* </code>
|
558 |
+
* <code>
|
559 |
+
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
560 |
+
* </code>
|
561 |
+
*
|
562 |
+
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
563 |
+
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
564 |
+
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
565 |
+
*
|
566 |
+
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
567 |
+
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
568 |
+
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
569 |
+
* however, they are also less intuitive and more likely to cause you problems.
|
570 |
+
*
|
571 |
+
* @see Crypt_TripleDES::disableContinuousBuffer()
|
572 |
+
* @access public
|
573 |
+
*/
|
574 |
+
function enableContinuousBuffer()
|
575 |
+
{
|
576 |
+
$this->continuousBuffer = true;
|
577 |
+
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
578 |
+
$this->des[0]->enableContinuousBuffer();
|
579 |
+
$this->des[1]->enableContinuousBuffer();
|
580 |
+
$this->des[2]->enableContinuousBuffer();
|
581 |
+
}
|
582 |
+
}
|
583 |
+
|
584 |
+
/**
|
585 |
+
* Treat consecutive packets as if they are a discontinuous buffer.
|
586 |
+
*
|
587 |
+
* The default behavior.
|
588 |
+
*
|
589 |
+
* @see Crypt_TripleDES::enableContinuousBuffer()
|
590 |
+
* @access public
|
591 |
+
*/
|
592 |
+
function disableContinuousBuffer()
|
593 |
+
{
|
594 |
+
$this->continuousBuffer = false;
|
595 |
+
$this->encryptIV = $this->iv;
|
596 |
+
$this->decryptIV = $this->iv;
|
597 |
+
|
598 |
+
if ($this->mode == CRYPT_DES_MODE_3CBC) {
|
599 |
+
$this->des[0]->disableContinuousBuffer();
|
600 |
+
$this->des[1]->disableContinuousBuffer();
|
601 |
+
$this->des[2]->disableContinuousBuffer();
|
602 |
+
}
|
603 |
+
}
|
604 |
+
|
605 |
+
/**
|
606 |
+
* Pad "packets".
|
607 |
+
*
|
608 |
+
* DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not
|
609 |
+
* a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight.
|
610 |
+
*
|
611 |
+
* Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1,
|
612 |
+
* where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
|
613 |
+
* away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
|
614 |
+
* transmitted separately)
|
615 |
+
*
|
616 |
+
* @see Crypt_TripleDES::disablePadding()
|
617 |
+
* @access public
|
618 |
+
*/
|
619 |
+
function enablePadding()
|
620 |
+
{
|
621 |
+
$this->padding = true;
|
622 |
+
}
|
623 |
+
|
624 |
+
/**
|
625 |
+
* Do not pad packets.
|
626 |
+
*
|
627 |
+
* @see Crypt_TripleDES::enablePadding()
|
628 |
+
* @access public
|
629 |
+
*/
|
630 |
+
function disablePadding()
|
631 |
+
{
|
632 |
+
$this->padding = false;
|
633 |
+
}
|
634 |
+
|
635 |
+
/**
|
636 |
+
* Pads a string
|
637 |
+
*
|
638 |
+
* Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8).
|
639 |
+
* 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7)
|
640 |
+
*
|
641 |
+
* If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
|
642 |
+
* and padding will, hence forth, be enabled.
|
643 |
+
*
|
644 |
+
* @see Crypt_TripleDES::_unpad()
|
645 |
+
* @access private
|
646 |
+
*/
|
647 |
+
function _pad($text)
|
648 |
+
{
|
649 |
+
$length = strlen($text);
|
650 |
+
|
651 |
+
if (!$this->padding) {
|
652 |
+
if (($length & 7) == 0) {
|
653 |
+
return $text;
|
654 |
+
} else {
|
655 |
+
user_error("The plaintext's length ($length) is not a multiple of the block size (8)", E_USER_NOTICE);
|
656 |
+
$this->padding = true;
|
657 |
+
}
|
658 |
+
}
|
659 |
+
|
660 |
+
$pad = 8 - ($length & 7);
|
661 |
+
return str_pad($text, $length + $pad, chr($pad));
|
662 |
+
}
|
663 |
+
|
664 |
+
/**
|
665 |
+
* Unpads a string
|
666 |
+
*
|
667 |
+
* If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
|
668 |
+
* and false will be returned.
|
669 |
+
*
|
670 |
+
* @see Crypt_TripleDES::_pad()
|
671 |
+
* @access private
|
672 |
+
*/
|
673 |
+
function _unpad($text)
|
674 |
+
{
|
675 |
+
if (!$this->padding) {
|
676 |
+
return $text;
|
677 |
+
}
|
678 |
+
|
679 |
+
$length = ord($text[strlen($text) - 1]);
|
680 |
+
|
681 |
+
if (!$length || $length > 8) {
|
682 |
+
return false;
|
683 |
+
}
|
684 |
+
|
685 |
+
return substr($text, 0, -$length);
|
686 |
+
}
|
687 |
+
}
|
688 |
+
|
689 |
+
// vim: ts=4:sw=4:et:
|
690 |
+
// vim6: fdl=1:
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Math/BigInteger.php
CHANGED
@@ -1,3545 +1,3545 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP arbitrary precision integer arithmetic library.
|
6 |
-
*
|
7 |
-
* Supports base-2, base-10, base-16, and base-256 numbers. Uses the GMP or BCMath extensions, if available,
|
8 |
-
* and an internal implementation, otherwise.
|
9 |
-
*
|
10 |
-
* PHP versions 4 and 5
|
11 |
-
*
|
12 |
-
* {@internal (all DocBlock comments regarding implementation - such as the one that follows - refer to the
|
13 |
-
* {@link MATH_BIGINTEGER_MODE_INTERNAL MATH_BIGINTEGER_MODE_INTERNAL} mode)
|
14 |
-
*
|
15 |
-
* Math_BigInteger uses base-2**26 to perform operations such as multiplication and division and
|
16 |
-
* base-2**52 (ie. two base 2**26 digits) to perform addition and subtraction. Because the largest possible
|
17 |
-
* value when multiplying two base-2**26 numbers together is a base-2**52 number, double precision floating
|
18 |
-
* point numbers - numbers that should be supported on most hardware and whose significand is 53 bits - are
|
19 |
-
* used. As a consequence, bitwise operators such as >> and << cannot be used, nor can the modulo operator %,
|
20 |
-
* which only supports integers. Although this fact will slow this library down, the fact that such a high
|
21 |
-
* base is being used should more than compensate.
|
22 |
-
*
|
23 |
-
* When PHP version 6 is officially released, we'll be able to use 64-bit integers. This should, once again,
|
24 |
-
* allow bitwise operators, and will increase the maximum possible base to 2**31 (or 2**62 for addition /
|
25 |
-
* subtraction).
|
26 |
-
*
|
27 |
-
* Numbers are stored in {@link http://en.wikipedia.org/wiki/Endianness little endian} format. ie.
|
28 |
-
* (new Math_BigInteger(pow(2, 26)))->value = array(0, 1)
|
29 |
-
*
|
30 |
-
* Useful resources are as follows:
|
31 |
-
*
|
32 |
-
* - {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf Handbook of Applied Cryptography (HAC)}
|
33 |
-
* - {@link http://math.libtomcrypt.com/files/tommath.pdf Multi-Precision Math (MPM)}
|
34 |
-
* - Java's BigInteger classes. See /j2se/src/share/classes/java/math in jdk-1_5_0-src-jrl.zip
|
35 |
-
*
|
36 |
-
* Here's an example of how to use this library:
|
37 |
-
* <code>
|
38 |
-
* <?php
|
39 |
-
* include('Math/BigInteger.php');
|
40 |
-
*
|
41 |
-
* $a = new Math_BigInteger(2);
|
42 |
-
* $b = new Math_BigInteger(3);
|
43 |
-
*
|
44 |
-
* $c = $a->add($b);
|
45 |
-
*
|
46 |
-
* echo $c->toString(); // outputs 5
|
47 |
-
* ?>
|
48 |
-
* </code>
|
49 |
-
*
|
50 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
51 |
-
* modify it under the terms of the GNU Lesser General Public
|
52 |
-
* License as published by the Free Software Foundation; either
|
53 |
-
* version 2.1 of the License, or (at your option) any later version.
|
54 |
-
*
|
55 |
-
* This library is distributed in the hope that it will be useful,
|
56 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
57 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
58 |
-
* Lesser General Public License for more details.
|
59 |
-
*
|
60 |
-
* You should have received a copy of the GNU Lesser General Public
|
61 |
-
* License along with this library; if not, write to the Free Software
|
62 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
63 |
-
* MA 02111-1307 USA
|
64 |
-
*
|
65 |
-
* @category Math
|
66 |
-
* @package Math_BigInteger
|
67 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
68 |
-
* @copyright MMVI Jim Wigginton
|
69 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
70 |
-
* @version $Id: BigInteger.php,v 1.33 2010/03/22 22:32:03 terrafrost Exp $
|
71 |
-
* @link http://pear.php.net/package/Math_BigInteger
|
72 |
-
*/
|
73 |
-
|
74 |
-
/**#@+
|
75 |
-
* Reduction constants
|
76 |
-
*
|
77 |
-
* @access private
|
78 |
-
* @see Math_BigInteger::_reduce()
|
79 |
-
*/
|
80 |
-
/**
|
81 |
-
* @see Math_BigInteger::_montgomery()
|
82 |
-
* @see Math_BigInteger::_prepMontgomery()
|
83 |
-
*/
|
84 |
-
define('MATH_BIGINTEGER_MONTGOMERY', 0);
|
85 |
-
/**
|
86 |
-
* @see Math_BigInteger::_barrett()
|
87 |
-
*/
|
88 |
-
define('MATH_BIGINTEGER_BARRETT', 1);
|
89 |
-
/**
|
90 |
-
* @see Math_BigInteger::_mod2()
|
91 |
-
*/
|
92 |
-
define('MATH_BIGINTEGER_POWEROF2', 2);
|
93 |
-
/**
|
94 |
-
* @see Math_BigInteger::_remainder()
|
95 |
-
*/
|
96 |
-
define('MATH_BIGINTEGER_CLASSIC', 3);
|
97 |
-
/**
|
98 |
-
* @see Math_BigInteger::__clone()
|
99 |
-
*/
|
100 |
-
define('MATH_BIGINTEGER_NONE', 4);
|
101 |
-
/**#@-*/
|
102 |
-
|
103 |
-
/**#@+
|
104 |
-
* Array constants
|
105 |
-
*
|
106 |
-
* Rather than create a thousands and thousands of new Math_BigInteger objects in repeated function calls to add() and
|
107 |
-
* multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them.
|
108 |
-
*
|
109 |
-
* @access private
|
110 |
-
*/
|
111 |
-
/**
|
112 |
-
* $result[MATH_BIGINTEGER_VALUE] contains the value.
|
113 |
-
*/
|
114 |
-
define('MATH_BIGINTEGER_VALUE', 0);
|
115 |
-
/**
|
116 |
-
* $result[MATH_BIGINTEGER_SIGN] contains the sign.
|
117 |
-
*/
|
118 |
-
define('MATH_BIGINTEGER_SIGN', 1);
|
119 |
-
/**#@-*/
|
120 |
-
|
121 |
-
/**#@+
|
122 |
-
* @access private
|
123 |
-
* @see Math_BigInteger::_montgomery()
|
124 |
-
* @see Math_BigInteger::_barrett()
|
125 |
-
*/
|
126 |
-
/**
|
127 |
-
* Cache constants
|
128 |
-
*
|
129 |
-
* $cache[MATH_BIGINTEGER_VARIABLE] tells us whether or not the cached data is still valid.
|
130 |
-
*/
|
131 |
-
define('MATH_BIGINTEGER_VARIABLE', 0);
|
132 |
-
/**
|
133 |
-
* $cache[MATH_BIGINTEGER_DATA] contains the cached data.
|
134 |
-
*/
|
135 |
-
define('MATH_BIGINTEGER_DATA', 1);
|
136 |
-
/**#@-*/
|
137 |
-
|
138 |
-
/**#@+
|
139 |
-
* Mode constants.
|
140 |
-
*
|
141 |
-
* @access private
|
142 |
-
* @see Math_BigInteger::Math_BigInteger()
|
143 |
-
*/
|
144 |
-
/**
|
145 |
-
* To use the pure-PHP implementation
|
146 |
-
*/
|
147 |
-
define('MATH_BIGINTEGER_MODE_INTERNAL', 1);
|
148 |
-
/**
|
149 |
-
* To use the BCMath library
|
150 |
-
*
|
151 |
-
* (if enabled; otherwise, the internal implementation will be used)
|
152 |
-
*/
|
153 |
-
define('MATH_BIGINTEGER_MODE_BCMATH', 2);
|
154 |
-
/**
|
155 |
-
* To use the GMP library
|
156 |
-
*
|
157 |
-
* (if present; otherwise, either the BCMath or the internal implementation will be used)
|
158 |
-
*/
|
159 |
-
define('MATH_BIGINTEGER_MODE_GMP', 3);
|
160 |
-
/**#@-*/
|
161 |
-
|
162 |
-
/**
|
163 |
-
* The largest digit that may be used in addition / subtraction
|
164 |
-
*
|
165 |
-
* (we do pow(2, 52) instead of using 4503599627370496, directly, because some PHP installations
|
166 |
-
* will truncate 4503599627370496)
|
167 |
-
*
|
168 |
-
* @access private
|
169 |
-
*/
|
170 |
-
define('MATH_BIGINTEGER_MAX_DIGIT52', pow(2, 52));
|
171 |
-
|
172 |
-
/**
|
173 |
-
* Karatsuba Cutoff
|
174 |
-
*
|
175 |
-
* At what point do we switch between Karatsuba multiplication and schoolbook long multiplication?
|
176 |
-
*
|
177 |
-
* @access private
|
178 |
-
*/
|
179 |
-
define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25);
|
180 |
-
|
181 |
-
/**
|
182 |
-
* Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256
|
183 |
-
* numbers.
|
184 |
-
*
|
185 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
186 |
-
* @version 1.0.0RC4
|
187 |
-
* @access public
|
188 |
-
* @package Math_BigInteger
|
189 |
-
*/
|
190 |
-
class Math_BigInteger {
|
191 |
-
/**
|
192 |
-
* Holds the BigInteger's value.
|
193 |
-
*
|
194 |
-
* @var Array
|
195 |
-
* @access private
|
196 |
-
*/
|
197 |
-
var $value;
|
198 |
-
|
199 |
-
/**
|
200 |
-
* Holds the BigInteger's magnitude.
|
201 |
-
*
|
202 |
-
* @var Boolean
|
203 |
-
* @access private
|
204 |
-
*/
|
205 |
-
var $is_negative = false;
|
206 |
-
|
207 |
-
/**
|
208 |
-
* Random number generator function
|
209 |
-
*
|
210 |
-
* @see setRandomGenerator()
|
211 |
-
* @access private
|
212 |
-
*/
|
213 |
-
var $generator = 'mt_rand';
|
214 |
-
|
215 |
-
/**
|
216 |
-
* Precision
|
217 |
-
*
|
218 |
-
* @see setPrecision()
|
219 |
-
* @access private
|
220 |
-
*/
|
221 |
-
var $precision = -1;
|
222 |
-
|
223 |
-
/**
|
224 |
-
* Precision Bitmask
|
225 |
-
*
|
226 |
-
* @see setPrecision()
|
227 |
-
* @access private
|
228 |
-
*/
|
229 |
-
var $bitmask = false;
|
230 |
-
|
231 |
-
/**
|
232 |
-
* Mode independant value used for serialization.
|
233 |
-
*
|
234 |
-
* If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for
|
235 |
-
* a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value,
|
236 |
-
* however, $this->hex is only calculated when $this->__sleep() is called.
|
237 |
-
*
|
238 |
-
* @see __sleep()
|
239 |
-
* @see __wakeup()
|
240 |
-
* @var String
|
241 |
-
* @access private
|
242 |
-
*/
|
243 |
-
var $hex;
|
244 |
-
|
245 |
-
/**
|
246 |
-
* Converts base-2, base-10, base-16, and binary strings (eg. base-256) to BigIntegers.
|
247 |
-
*
|
248 |
-
* If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using
|
249 |
-
* two's compliment. The sole exception to this is -10, which is treated the same as 10 is.
|
250 |
-
*
|
251 |
-
* Here's an example:
|
252 |
-
* <code>
|
253 |
-
* <?php
|
254 |
-
* include('Math/BigInteger.php');
|
255 |
-
*
|
256 |
-
* $a = new Math_BigInteger('0x32', 16); // 50 in base-16
|
257 |
-
*
|
258 |
-
* echo $a->toString(); // outputs 50
|
259 |
-
* ?>
|
260 |
-
* </code>
|
261 |
-
*
|
262 |
-
* @param optional $x base-10 number or base-$base number if $base set.
|
263 |
-
* @param optional integer $base
|
264 |
-
* @return Math_BigInteger
|
265 |
-
* @access public
|
266 |
-
*/
|
267 |
-
function Math_BigInteger($x = 0, $base = 10)
|
268 |
-
{
|
269 |
-
if ( !defined('MATH_BIGINTEGER_MODE') ) {
|
270 |
-
switch (true) {
|
271 |
-
case extension_loaded('gmp'):
|
272 |
-
define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_GMP);
|
273 |
-
break;
|
274 |
-
case extension_loaded('bcmath'):
|
275 |
-
define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_BCMATH);
|
276 |
-
break;
|
277 |
-
default:
|
278 |
-
define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_INTERNAL);
|
279 |
-
}
|
280 |
-
}
|
281 |
-
|
282 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
283 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
284 |
-
if (is_resource($x) && get_resource_type($x) == 'GMP integer') {
|
285 |
-
$this->value = $x;
|
286 |
-
return;
|
287 |
-
}
|
288 |
-
$this->value = gmp_init(0);
|
289 |
-
break;
|
290 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
291 |
-
$this->value = '0';
|
292 |
-
break;
|
293 |
-
default:
|
294 |
-
$this->value = array();
|
295 |
-
}
|
296 |
-
|
297 |
-
if (empty($x)) {
|
298 |
-
return;
|
299 |
-
}
|
300 |
-
|
301 |
-
switch ($base) {
|
302 |
-
case -256:
|
303 |
-
if (ord($x[0]) & 0x80) {
|
304 |
-
$x = ~$x;
|
305 |
-
$this->is_negative = true;
|
306 |
-
}
|
307 |
-
case 256:
|
308 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
309 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
310 |
-
$sign = $this->is_negative ? '-' : '';
|
311 |
-
$this->value = gmp_init($sign . '0x' . bin2hex($x));
|
312 |
-
break;
|
313 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
314 |
-
// round $len to the nearest 4 (thanks, DavidMJ!)
|
315 |
-
$len = (strlen($x) + 3) & 0xFFFFFFFC;
|
316 |
-
|
317 |
-
$x = str_pad($x, $len, chr(0), STR_PAD_LEFT);
|
318 |
-
|
319 |
-
for ($i = 0; $i < $len; $i+= 4) {
|
320 |
-
$this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 2**32
|
321 |
-
$this->value = bcadd($this->value, 0x1000000 * ord($x[$i]) + ((ord($x[$i + 1]) << 16) | (ord($x[$i + 2]) << 8) | ord($x[$i + 3])), 0);
|
322 |
-
}
|
323 |
-
|
324 |
-
if ($this->is_negative) {
|
325 |
-
$this->value = '-' . $this->value;
|
326 |
-
}
|
327 |
-
|
328 |
-
break;
|
329 |
-
// converts a base-2**8 (big endian / msb) number to base-2**26 (little endian / lsb)
|
330 |
-
default:
|
331 |
-
while (strlen($x)) {
|
332 |
-
$this->value[] = $this->_bytes2int($this->_base256_rshift($x, 26));
|
333 |
-
}
|
334 |
-
}
|
335 |
-
|
336 |
-
if ($this->is_negative) {
|
337 |
-
if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) {
|
338 |
-
$this->is_negative = false;
|
339 |
-
}
|
340 |
-
$temp = $this->add(new Math_BigInteger('-1'));
|
341 |
-
$this->value = $temp->value;
|
342 |
-
}
|
343 |
-
break;
|
344 |
-
case 16:
|
345 |
-
case -16:
|
346 |
-
if ($base > 0 && $x[0] == '-') {
|
347 |
-
$this->is_negative = true;
|
348 |
-
$x = substr($x, 1);
|
349 |
-
}
|
350 |
-
|
351 |
-
$x = preg_replace('#^(?:0x)?([A-Fa-f0-9]*).*#', '$1', $x);
|
352 |
-
|
353 |
-
$is_negative = false;
|
354 |
-
if ($base < 0 && hexdec($x[0]) >= 8) {
|
355 |
-
$this->is_negative = $is_negative = true;
|
356 |
-
$x = bin2hex(~pack('H*', $x));
|
357 |
-
}
|
358 |
-
|
359 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
360 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
361 |
-
$temp = $this->is_negative ? '-0x' . $x : '0x' . $x;
|
362 |
-
$this->value = gmp_init($temp);
|
363 |
-
$this->is_negative = false;
|
364 |
-
break;
|
365 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
366 |
-
$x = ( strlen($x) & 1 ) ? '0' . $x : $x;
|
367 |
-
$temp = new Math_BigInteger(pack('H*', $x), 256);
|
368 |
-
$this->value = $this->is_negative ? '-' . $temp->value : $temp->value;
|
369 |
-
$this->is_negative = false;
|
370 |
-
break;
|
371 |
-
default:
|
372 |
-
$x = ( strlen($x) & 1 ) ? '0' . $x : $x;
|
373 |
-
$temp = new Math_BigInteger(pack('H*', $x), 256);
|
374 |
-
$this->value = $temp->value;
|
375 |
-
}
|
376 |
-
|
377 |
-
if ($is_negative) {
|
378 |
-
$temp = $this->add(new Math_BigInteger('-1'));
|
379 |
-
$this->value = $temp->value;
|
380 |
-
}
|
381 |
-
break;
|
382 |
-
case 10:
|
383 |
-
case -10:
|
384 |
-
$x = preg_replace('#^(-?[0-9]*).*#', '$1', $x);
|
385 |
-
|
386 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
387 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
388 |
-
$this->value = gmp_init($x);
|
389 |
-
break;
|
390 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
391 |
-
// explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different
|
392 |
-
// results then doing it on '-1' does (modInverse does $x[0])
|
393 |
-
$this->value = (string) $x;
|
394 |
-
break;
|
395 |
-
default:
|
396 |
-
$temp = new Math_BigInteger();
|
397 |
-
|
398 |
-
// array(10000000) is 10**7 in base-2**26. 10**7 is the closest to 2**26 we can get without passing it.
|
399 |
-
$multiplier = new Math_BigInteger();
|
400 |
-
$multiplier->value = array(10000000);
|
401 |
-
|
402 |
-
if ($x[0] == '-') {
|
403 |
-
$this->is_negative = true;
|
404 |
-
$x = substr($x, 1);
|
405 |
-
}
|
406 |
-
|
407 |
-
$x = str_pad($x, strlen($x) + (6 * strlen($x)) % 7, 0, STR_PAD_LEFT);
|
408 |
-
|
409 |
-
while (strlen($x)) {
|
410 |
-
$temp = $temp->multiply($multiplier);
|
411 |
-
$temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, 7)), 256));
|
412 |
-
$x = substr($x, 7);
|
413 |
-
}
|
414 |
-
|
415 |
-
$this->value = $temp->value;
|
416 |
-
}
|
417 |
-
break;
|
418 |
-
case 2: // base-2 support originally implemented by Lluis Pamies - thanks!
|
419 |
-
case -2:
|
420 |
-
if ($base > 0 && $x[0] == '-') {
|
421 |
-
$this->is_negative = true;
|
422 |
-
$x = substr($x, 1);
|
423 |
-
}
|
424 |
-
|
425 |
-
$x = preg_replace('#^([01]*).*#', '$1', $x);
|
426 |
-
$x = str_pad($x, strlen($x) + (3 * strlen($x)) % 4, 0, STR_PAD_LEFT);
|
427 |
-
|
428 |
-
$str = '0x';
|
429 |
-
while (strlen($x)) {
|
430 |
-
$part = substr($x, 0, 4);
|
431 |
-
$str.= dechex(bindec($part));
|
432 |
-
$x = substr($x, 4);
|
433 |
-
}
|
434 |
-
|
435 |
-
if ($this->is_negative) {
|
436 |
-
$str = '-' . $str;
|
437 |
-
}
|
438 |
-
|
439 |
-
$temp = new Math_BigInteger($str, 8 * $base); // ie. either -16 or +16
|
440 |
-
$this->value = $temp->value;
|
441 |
-
$this->is_negative = $temp->is_negative;
|
442 |
-
|
443 |
-
break;
|
444 |
-
default:
|
445 |
-
// base not supported, so we'll let $this == 0
|
446 |
-
}
|
447 |
-
}
|
448 |
-
|
449 |
-
/**
|
450 |
-
* Converts a BigInteger to a byte string (eg. base-256).
|
451 |
-
*
|
452 |
-
* Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
|
453 |
-
* saved as two's compliment.
|
454 |
-
*
|
455 |
-
* Here's an example:
|
456 |
-
* <code>
|
457 |
-
* <?php
|
458 |
-
* include('Math/BigInteger.php');
|
459 |
-
*
|
460 |
-
* $a = new Math_BigInteger('65');
|
461 |
-
*
|
462 |
-
* echo $a->toBytes(); // outputs chr(65)
|
463 |
-
* ?>
|
464 |
-
* </code>
|
465 |
-
*
|
466 |
-
* @param Boolean $twos_compliment
|
467 |
-
* @return String
|
468 |
-
* @access public
|
469 |
-
* @internal Converts a base-2**26 number to base-2**8
|
470 |
-
*/
|
471 |
-
function toBytes($twos_compliment = false)
|
472 |
-
{
|
473 |
-
if ($twos_compliment) {
|
474 |
-
$comparison = $this->compare(new Math_BigInteger());
|
475 |
-
if ($comparison == 0) {
|
476 |
-
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
477 |
-
}
|
478 |
-
|
479 |
-
$temp = $comparison < 0 ? $this->add(new Math_BigInteger(1)) : $this->copy();
|
480 |
-
$bytes = $temp->toBytes();
|
481 |
-
|
482 |
-
if (empty($bytes)) { // eg. if the number we're trying to convert is -1
|
483 |
-
$bytes = chr(0);
|
484 |
-
}
|
485 |
-
|
486 |
-
if (ord($bytes[0]) & 0x80) {
|
487 |
-
$bytes = chr(0) . $bytes;
|
488 |
-
}
|
489 |
-
|
490 |
-
return $comparison < 0 ? ~$bytes : $bytes;
|
491 |
-
}
|
492 |
-
|
493 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
494 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
495 |
-
if (gmp_cmp($this->value, gmp_init(0)) == 0) {
|
496 |
-
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
497 |
-
}
|
498 |
-
|
499 |
-
$temp = gmp_strval(gmp_abs($this->value), 16);
|
500 |
-
$temp = ( strlen($temp) & 1 ) ? '0' . $temp : $temp;
|
501 |
-
$temp = pack('H*', $temp);
|
502 |
-
|
503 |
-
return $this->precision > 0 ?
|
504 |
-
substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
|
505 |
-
ltrim($temp, chr(0));
|
506 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
507 |
-
if ($this->value === '0') {
|
508 |
-
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
509 |
-
}
|
510 |
-
|
511 |
-
$value = '';
|
512 |
-
$current = $this->value;
|
513 |
-
|
514 |
-
if ($current[0] == '-') {
|
515 |
-
$current = substr($current, 1);
|
516 |
-
}
|
517 |
-
|
518 |
-
while (bccomp($current, '0', 0) > 0) {
|
519 |
-
$temp = bcmod($current, '16777216');
|
520 |
-
$value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value;
|
521 |
-
$current = bcdiv($current, '16777216', 0);
|
522 |
-
}
|
523 |
-
|
524 |
-
return $this->precision > 0 ?
|
525 |
-
substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
|
526 |
-
ltrim($value, chr(0));
|
527 |
-
}
|
528 |
-
|
529 |
-
if (!count($this->value)) {
|
530 |
-
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
531 |
-
}
|
532 |
-
$result = $this->_int2bytes($this->value[count($this->value) - 1]);
|
533 |
-
|
534 |
-
$temp = $this->copy();
|
535 |
-
|
536 |
-
for ($i = count($temp->value) - 2; $i >= 0; --$i) {
|
537 |
-
$temp->_base256_lshift($result, 26);
|
538 |
-
$result = $result | str_pad($temp->_int2bytes($temp->value[$i]), strlen($result), chr(0), STR_PAD_LEFT);
|
539 |
-
}
|
540 |
-
|
541 |
-
return $this->precision > 0 ?
|
542 |
-
str_pad(substr($result, -(($this->precision + 7) >> 3)), ($this->precision + 7) >> 3, chr(0), STR_PAD_LEFT) :
|
543 |
-
$result;
|
544 |
-
}
|
545 |
-
|
546 |
-
/**
|
547 |
-
* Converts a BigInteger to a hex string (eg. base-16)).
|
548 |
-
*
|
549 |
-
* Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
|
550 |
-
* saved as two's compliment.
|
551 |
-
*
|
552 |
-
* Here's an example:
|
553 |
-
* <code>
|
554 |
-
* <?php
|
555 |
-
* include('Math/BigInteger.php');
|
556 |
-
*
|
557 |
-
* $a = new Math_BigInteger('65');
|
558 |
-
*
|
559 |
-
* echo $a->toHex(); // outputs '41'
|
560 |
-
* ?>
|
561 |
-
* </code>
|
562 |
-
*
|
563 |
-
* @param Boolean $twos_compliment
|
564 |
-
* @return String
|
565 |
-
* @access public
|
566 |
-
* @internal Converts a base-2**26 number to base-2**8
|
567 |
-
*/
|
568 |
-
function toHex($twos_compliment = false)
|
569 |
-
{
|
570 |
-
return bin2hex($this->toBytes($twos_compliment));
|
571 |
-
}
|
572 |
-
|
573 |
-
/**
|
574 |
-
* Converts a BigInteger to a bit string (eg. base-2).
|
575 |
-
*
|
576 |
-
* Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
|
577 |
-
* saved as two's compliment.
|
578 |
-
*
|
579 |
-
* Here's an example:
|
580 |
-
* <code>
|
581 |
-
* <?php
|
582 |
-
* include('Math/BigInteger.php');
|
583 |
-
*
|
584 |
-
* $a = new Math_BigInteger('65');
|
585 |
-
*
|
586 |
-
* echo $a->toBits(); // outputs '1000001'
|
587 |
-
* ?>
|
588 |
-
* </code>
|
589 |
-
*
|
590 |
-
* @param Boolean $twos_compliment
|
591 |
-
* @return String
|
592 |
-
* @access public
|
593 |
-
* @internal Converts a base-2**26 number to base-2**2
|
594 |
-
*/
|
595 |
-
function toBits($twos_compliment = false)
|
596 |
-
{
|
597 |
-
$hex = $this->toHex($twos_compliment);
|
598 |
-
$bits = '';
|
599 |
-
for ($i = 0; $i < strlen($hex); $i+=8) {
|
600 |
-
$bits.= str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT);
|
601 |
-
}
|
602 |
-
return $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0');
|
603 |
-
}
|
604 |
-
|
605 |
-
/**
|
606 |
-
* Converts a BigInteger to a base-10 number.
|
607 |
-
*
|
608 |
-
* Here's an example:
|
609 |
-
* <code>
|
610 |
-
* <?php
|
611 |
-
* include('Math/BigInteger.php');
|
612 |
-
*
|
613 |
-
* $a = new Math_BigInteger('50');
|
614 |
-
*
|
615 |
-
* echo $a->toString(); // outputs 50
|
616 |
-
* ?>
|
617 |
-
* </code>
|
618 |
-
*
|
619 |
-
* @return String
|
620 |
-
* @access public
|
621 |
-
* @internal Converts a base-2**26 number to base-10**7 (which is pretty much base-10)
|
622 |
-
*/
|
623 |
-
function toString()
|
624 |
-
{
|
625 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
626 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
627 |
-
return gmp_strval($this->value);
|
628 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
629 |
-
if ($this->value === '0') {
|
630 |
-
return '0';
|
631 |
-
}
|
632 |
-
|
633 |
-
return ltrim($this->value, '0');
|
634 |
-
}
|
635 |
-
|
636 |
-
if (!count($this->value)) {
|
637 |
-
return '0';
|
638 |
-
}
|
639 |
-
|
640 |
-
$temp = $this->copy();
|
641 |
-
$temp->is_negative = false;
|
642 |
-
|
643 |
-
$divisor = new Math_BigInteger();
|
644 |
-
$divisor->value = array(10000000); // eg. 10**7
|
645 |
-
$result = '';
|
646 |
-
while (count($temp->value)) {
|
647 |
-
list($temp, $mod) = $temp->divide($divisor);
|
648 |
-
$result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', 7, '0', STR_PAD_LEFT) . $result;
|
649 |
-
}
|
650 |
-
$result = ltrim($result, '0');
|
651 |
-
if (empty($result)) {
|
652 |
-
$result = '0';
|
653 |
-
}
|
654 |
-
|
655 |
-
if ($this->is_negative) {
|
656 |
-
$result = '-' . $result;
|
657 |
-
}
|
658 |
-
|
659 |
-
return $result;
|
660 |
-
}
|
661 |
-
|
662 |
-
/**
|
663 |
-
* Copy an object
|
664 |
-
*
|
665 |
-
* PHP5 passes objects by reference while PHP4 passes by value. As such, we need a function to guarantee
|
666 |
-
* that all objects are passed by value, when appropriate. More information can be found here:
|
667 |
-
*
|
668 |
-
* {@link http://php.net/language.oop5.basic#51624}
|
669 |
-
*
|
670 |
-
* @access public
|
671 |
-
* @see __clone()
|
672 |
-
* @return Math_BigInteger
|
673 |
-
*/
|
674 |
-
function copy()
|
675 |
-
{
|
676 |
-
$temp = new Math_BigInteger();
|
677 |
-
$temp->value = $this->value;
|
678 |
-
$temp->is_negative = $this->is_negative;
|
679 |
-
$temp->generator = $this->generator;
|
680 |
-
$temp->precision = $this->precision;
|
681 |
-
$temp->bitmask = $this->bitmask;
|
682 |
-
return $temp;
|
683 |
-
}
|
684 |
-
|
685 |
-
/**
|
686 |
-
* __toString() magic method
|
687 |
-
*
|
688 |
-
* Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
|
689 |
-
* toString().
|
690 |
-
*
|
691 |
-
* @access public
|
692 |
-
* @internal Implemented per a suggestion by Techie-Michael - thanks!
|
693 |
-
*/
|
694 |
-
function __toString()
|
695 |
-
{
|
696 |
-
return $this->toString();
|
697 |
-
}
|
698 |
-
|
699 |
-
/**
|
700 |
-
* __clone() magic method
|
701 |
-
*
|
702 |
-
* Although you can call Math_BigInteger::__toString() directly in PHP5, you cannot call Math_BigInteger::__clone()
|
703 |
-
* directly in PHP5. You can in PHP4 since it's not a magic method, but in PHP5, you have to call it by using the PHP5
|
704 |
-
* only syntax of $y = clone $x. As such, if you're trying to write an application that works on both PHP4 and PHP5,
|
705 |
-
* call Math_BigInteger::copy(), instead.
|
706 |
-
*
|
707 |
-
* @access public
|
708 |
-
* @see copy()
|
709 |
-
* @return Math_BigInteger
|
710 |
-
*/
|
711 |
-
function __clone()
|
712 |
-
{
|
713 |
-
return $this->copy();
|
714 |
-
}
|
715 |
-
|
716 |
-
/**
|
717 |
-
* __sleep() magic method
|
718 |
-
*
|
719 |
-
* Will be called, automatically, when serialize() is called on a Math_BigInteger object.
|
720 |
-
*
|
721 |
-
* @see __wakeup()
|
722 |
-
* @access public
|
723 |
-
*/
|
724 |
-
function __sleep()
|
725 |
-
{
|
726 |
-
$this->hex = $this->toHex(true);
|
727 |
-
$vars = array('hex');
|
728 |
-
if ($this->generator != 'mt_rand') {
|
729 |
-
$vars[] = 'generator';
|
730 |
-
}
|
731 |
-
if ($this->precision > 0) {
|
732 |
-
$vars[] = 'precision';
|
733 |
-
}
|
734 |
-
return $vars;
|
735 |
-
|
736 |
-
}
|
737 |
-
|
738 |
-
/**
|
739 |
-
* __wakeup() magic method
|
740 |
-
*
|
741 |
-
* Will be called, automatically, when unserialize() is called on a Math_BigInteger object.
|
742 |
-
*
|
743 |
-
* @see __sleep()
|
744 |
-
* @access public
|
745 |
-
*/
|
746 |
-
function __wakeup()
|
747 |
-
{
|
748 |
-
$temp = new Math_BigInteger($this->hex, -16);
|
749 |
-
$this->value = $temp->value;
|
750 |
-
$this->is_negative = $temp->is_negative;
|
751 |
-
$this->setRandomGenerator($this->generator);
|
752 |
-
if ($this->precision > 0) {
|
753 |
-
// recalculate $this->bitmask
|
754 |
-
$this->setPrecision($this->precision);
|
755 |
-
}
|
756 |
-
}
|
757 |
-
|
758 |
-
/**
|
759 |
-
* Adds two BigIntegers.
|
760 |
-
*
|
761 |
-
* Here's an example:
|
762 |
-
* <code>
|
763 |
-
* <?php
|
764 |
-
* include('Math/BigInteger.php');
|
765 |
-
*
|
766 |
-
* $a = new Math_BigInteger('10');
|
767 |
-
* $b = new Math_BigInteger('20');
|
768 |
-
*
|
769 |
-
* $c = $a->add($b);
|
770 |
-
*
|
771 |
-
* echo $c->toString(); // outputs 30
|
772 |
-
* ?>
|
773 |
-
* </code>
|
774 |
-
*
|
775 |
-
* @param Math_BigInteger $y
|
776 |
-
* @return Math_BigInteger
|
777 |
-
* @access public
|
778 |
-
* @internal Performs base-2**52 addition
|
779 |
-
*/
|
780 |
-
function add($y)
|
781 |
-
{
|
782 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
783 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
784 |
-
$temp = new Math_BigInteger();
|
785 |
-
$temp->value = gmp_add($this->value, $y->value);
|
786 |
-
|
787 |
-
return $this->_normalize($temp);
|
788 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
789 |
-
$temp = new Math_BigInteger();
|
790 |
-
$temp->value = bcadd($this->value, $y->value, 0);
|
791 |
-
|
792 |
-
return $this->_normalize($temp);
|
793 |
-
}
|
794 |
-
|
795 |
-
$temp = $this->_add($this->value, $this->is_negative, $y->value, $y->is_negative);
|
796 |
-
|
797 |
-
$result = new Math_BigInteger();
|
798 |
-
$result->value = $temp[MATH_BIGINTEGER_VALUE];
|
799 |
-
$result->is_negative = $temp[MATH_BIGINTEGER_SIGN];
|
800 |
-
|
801 |
-
return $this->_normalize($result);
|
802 |
-
}
|
803 |
-
|
804 |
-
/**
|
805 |
-
* Performs addition.
|
806 |
-
*
|
807 |
-
* @param Array $x_value
|
808 |
-
* @param Boolean $x_negative
|
809 |
-
* @param Array $y_value
|
810 |
-
* @param Boolean $y_negative
|
811 |
-
* @return Array
|
812 |
-
* @access private
|
813 |
-
*/
|
814 |
-
function _add($x_value, $x_negative, $y_value, $y_negative)
|
815 |
-
{
|
816 |
-
$x_size = count($x_value);
|
817 |
-
$y_size = count($y_value);
|
818 |
-
|
819 |
-
if ($x_size == 0) {
|
820 |
-
return array(
|
821 |
-
MATH_BIGINTEGER_VALUE => $y_value,
|
822 |
-
MATH_BIGINTEGER_SIGN => $y_negative
|
823 |
-
);
|
824 |
-
} else if ($y_size == 0) {
|
825 |
-
return array(
|
826 |
-
MATH_BIGINTEGER_VALUE => $x_value,
|
827 |
-
MATH_BIGINTEGER_SIGN => $x_negative
|
828 |
-
);
|
829 |
-
}
|
830 |
-
|
831 |
-
// subtract, if appropriate
|
832 |
-
if ( $x_negative != $y_negative ) {
|
833 |
-
if ( $x_value == $y_value ) {
|
834 |
-
return array(
|
835 |
-
MATH_BIGINTEGER_VALUE => array(),
|
836 |
-
MATH_BIGINTEGER_SIGN => false
|
837 |
-
);
|
838 |
-
}
|
839 |
-
|
840 |
-
$temp = $this->_subtract($x_value, false, $y_value, false);
|
841 |
-
$temp[MATH_BIGINTEGER_SIGN] = $this->_compare($x_value, false, $y_value, false) > 0 ?
|
842 |
-
$x_negative : $y_negative;
|
843 |
-
|
844 |
-
return $temp;
|
845 |
-
}
|
846 |
-
|
847 |
-
if ($x_size < $y_size) {
|
848 |
-
$size = $x_size;
|
849 |
-
$value = $y_value;
|
850 |
-
} else {
|
851 |
-
$size = $y_size;
|
852 |
-
$value = $x_value;
|
853 |
-
}
|
854 |
-
|
855 |
-
$value[] = 0; // just in case the carry adds an extra digit
|
856 |
-
|
857 |
-
$carry = 0;
|
858 |
-
for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) {
|
859 |
-
$sum = $x_value[$j] * 0x4000000 + $x_value[$i] + $y_value[$j] * 0x4000000 + $y_value[$i] + $carry;
|
860 |
-
$carry = $sum >= MATH_BIGINTEGER_MAX_DIGIT52; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1
|
861 |
-
$sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT52 : $sum;
|
862 |
-
|
863 |
-
$temp = (int) ($sum / 0x4000000);
|
864 |
-
|
865 |
-
$value[$i] = (int) ($sum - 0x4000000 * $temp); // eg. a faster alternative to fmod($sum, 0x4000000)
|
866 |
-
$value[$j] = $temp;
|
867 |
-
}
|
868 |
-
|
869 |
-
if ($j == $size) { // ie. if $y_size is odd
|
870 |
-
$sum = $x_value[$i] + $y_value[$i] + $carry;
|
871 |
-
$carry = $sum >= 0x4000000;
|
872 |
-
$value[$i] = $carry ? $sum - 0x4000000 : $sum;
|
873 |
-
++$i; // ie. let $i = $j since we've just done $value[$i]
|
874 |
-
}
|
875 |
-
|
876 |
-
if ($carry) {
|
877 |
-
for (; $value[$i] == 0x3FFFFFF; ++$i) {
|
878 |
-
$value[$i] = 0;
|
879 |
-
}
|
880 |
-
++$value[$i];
|
881 |
-
}
|
882 |
-
|
883 |
-
return array(
|
884 |
-
MATH_BIGINTEGER_VALUE => $this->_trim($value),
|
885 |
-
MATH_BIGINTEGER_SIGN => $x_negative
|
886 |
-
);
|
887 |
-
}
|
888 |
-
|
889 |
-
/**
|
890 |
-
* Subtracts two BigIntegers.
|
891 |
-
*
|
892 |
-
* Here's an example:
|
893 |
-
* <code>
|
894 |
-
* <?php
|
895 |
-
* include('Math/BigInteger.php');
|
896 |
-
*
|
897 |
-
* $a = new Math_BigInteger('10');
|
898 |
-
* $b = new Math_BigInteger('20');
|
899 |
-
*
|
900 |
-
* $c = $a->subtract($b);
|
901 |
-
*
|
902 |
-
* echo $c->toString(); // outputs -10
|
903 |
-
* ?>
|
904 |
-
* </code>
|
905 |
-
*
|
906 |
-
* @param Math_BigInteger $y
|
907 |
-
* @return Math_BigInteger
|
908 |
-
* @access public
|
909 |
-
* @internal Performs base-2**52 subtraction
|
910 |
-
*/
|
911 |
-
function subtract($y)
|
912 |
-
{
|
913 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
914 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
915 |
-
$temp = new Math_BigInteger();
|
916 |
-
$temp->value = gmp_sub($this->value, $y->value);
|
917 |
-
|
918 |
-
return $this->_normalize($temp);
|
919 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
920 |
-
$temp = new Math_BigInteger();
|
921 |
-
$temp->value = bcsub($this->value, $y->value, 0);
|
922 |
-
|
923 |
-
return $this->_normalize($temp);
|
924 |
-
}
|
925 |
-
|
926 |
-
$temp = $this->_subtract($this->value, $this->is_negative, $y->value, $y->is_negative);
|
927 |
-
|
928 |
-
$result = new Math_BigInteger();
|
929 |
-
$result->value = $temp[MATH_BIGINTEGER_VALUE];
|
930 |
-
$result->is_negative = $temp[MATH_BIGINTEGER_SIGN];
|
931 |
-
|
932 |
-
return $this->_normalize($result);
|
933 |
-
}
|
934 |
-
|
935 |
-
/**
|
936 |
-
* Performs subtraction.
|
937 |
-
*
|
938 |
-
* @param Array $x_value
|
939 |
-
* @param Boolean $x_negative
|
940 |
-
* @param Array $y_value
|
941 |
-
* @param Boolean $y_negative
|
942 |
-
* @return Array
|
943 |
-
* @access private
|
944 |
-
*/
|
945 |
-
function _subtract($x_value, $x_negative, $y_value, $y_negative)
|
946 |
-
{
|
947 |
-
$x_size = count($x_value);
|
948 |
-
$y_size = count($y_value);
|
949 |
-
|
950 |
-
if ($x_size == 0) {
|
951 |
-
return array(
|
952 |
-
MATH_BIGINTEGER_VALUE => $y_value,
|
953 |
-
MATH_BIGINTEGER_SIGN => !$y_negative
|
954 |
-
);
|
955 |
-
} else if ($y_size == 0) {
|
956 |
-
return array(
|
957 |
-
MATH_BIGINTEGER_VALUE => $x_value,
|
958 |
-
MATH_BIGINTEGER_SIGN => $x_negative
|
959 |
-
);
|
960 |
-
}
|
961 |
-
|
962 |
-
// add, if appropriate (ie. -$x - +$y or +$x - -$y)
|
963 |
-
if ( $x_negative != $y_negative ) {
|
964 |
-
$temp = $this->_add($x_value, false, $y_value, false);
|
965 |
-
$temp[MATH_BIGINTEGER_SIGN] = $x_negative;
|
966 |
-
|
967 |
-
return $temp;
|
968 |
-
}
|
969 |
-
|
970 |
-
$diff = $this->_compare($x_value, $x_negative, $y_value, $y_negative);
|
971 |
-
|
972 |
-
if ( !$diff ) {
|
973 |
-
return array(
|
974 |
-
MATH_BIGINTEGER_VALUE => array(),
|
975 |
-
MATH_BIGINTEGER_SIGN => false
|
976 |
-
);
|
977 |
-
}
|
978 |
-
|
979 |
-
// switch $x and $y around, if appropriate.
|
980 |
-
if ( (!$x_negative && $diff < 0) || ($x_negative && $diff > 0) ) {
|
981 |
-
$temp = $x_value;
|
982 |
-
$x_value = $y_value;
|
983 |
-
$y_value = $temp;
|
984 |
-
|
985 |
-
$x_negative = !$x_negative;
|
986 |
-
|
987 |
-
$x_size = count($x_value);
|
988 |
-
$y_size = count($y_value);
|
989 |
-
}
|
990 |
-
|
991 |
-
// at this point, $x_value should be at least as big as - if not bigger than - $y_value
|
992 |
-
|
993 |
-
$carry = 0;
|
994 |
-
for ($i = 0, $j = 1; $j < $y_size; $i+=2, $j+=2) {
|
995 |
-
$sum = $x_value[$j] * 0x4000000 + $x_value[$i] - $y_value[$j] * 0x4000000 - $y_value[$i] - $carry;
|
996 |
-
$carry = $sum < 0; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1
|
997 |
-
$sum = $carry ? $sum + MATH_BIGINTEGER_MAX_DIGIT52 : $sum;
|
998 |
-
|
999 |
-
$temp = (int) ($sum / 0x4000000);
|
1000 |
-
|
1001 |
-
$x_value[$i] = (int) ($sum - 0x4000000 * $temp);
|
1002 |
-
$x_value[$j] = $temp;
|
1003 |
-
}
|
1004 |
-
|
1005 |
-
if ($j == $y_size) { // ie. if $y_size is odd
|
1006 |
-
$sum = $x_value[$i] - $y_value[$i] - $carry;
|
1007 |
-
$carry = $sum < 0;
|
1008 |
-
$x_value[$i] = $carry ? $sum + 0x4000000 : $sum;
|
1009 |
-
++$i;
|
1010 |
-
}
|
1011 |
-
|
1012 |
-
if ($carry) {
|
1013 |
-
for (; !$x_value[$i]; ++$i) {
|
1014 |
-
$x_value[$i] = 0x3FFFFFF;
|
1015 |
-
}
|
1016 |
-
--$x_value[$i];
|
1017 |
-
}
|
1018 |
-
|
1019 |
-
return array(
|
1020 |
-
MATH_BIGINTEGER_VALUE => $this->_trim($x_value),
|
1021 |
-
MATH_BIGINTEGER_SIGN => $x_negative
|
1022 |
-
);
|
1023 |
-
}
|
1024 |
-
|
1025 |
-
/**
|
1026 |
-
* Multiplies two BigIntegers
|
1027 |
-
*
|
1028 |
-
* Here's an example:
|
1029 |
-
* <code>
|
1030 |
-
* <?php
|
1031 |
-
* include('Math/BigInteger.php');
|
1032 |
-
*
|
1033 |
-
* $a = new Math_BigInteger('10');
|
1034 |
-
* $b = new Math_BigInteger('20');
|
1035 |
-
*
|
1036 |
-
* $c = $a->multiply($b);
|
1037 |
-
*
|
1038 |
-
* echo $c->toString(); // outputs 200
|
1039 |
-
* ?>
|
1040 |
-
* </code>
|
1041 |
-
*
|
1042 |
-
* @param Math_BigInteger $x
|
1043 |
-
* @return Math_BigInteger
|
1044 |
-
* @access public
|
1045 |
-
*/
|
1046 |
-
function multiply($x)
|
1047 |
-
{
|
1048 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
1049 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
1050 |
-
$temp = new Math_BigInteger();
|
1051 |
-
$temp->value = gmp_mul($this->value, $x->value);
|
1052 |
-
|
1053 |
-
return $this->_normalize($temp);
|
1054 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
1055 |
-
$temp = new Math_BigInteger();
|
1056 |
-
$temp->value = bcmul($this->value, $x->value, 0);
|
1057 |
-
|
1058 |
-
return $this->_normalize($temp);
|
1059 |
-
}
|
1060 |
-
|
1061 |
-
$temp = $this->_multiply($this->value, $this->is_negative, $x->value, $x->is_negative);
|
1062 |
-
|
1063 |
-
$product = new Math_BigInteger();
|
1064 |
-
$product->value = $temp[MATH_BIGINTEGER_VALUE];
|
1065 |
-
$product->is_negative = $temp[MATH_BIGINTEGER_SIGN];
|
1066 |
-
|
1067 |
-
return $this->_normalize($product);
|
1068 |
-
}
|
1069 |
-
|
1070 |
-
/**
|
1071 |
-
* Performs multiplication.
|
1072 |
-
*
|
1073 |
-
* @param Array $x_value
|
1074 |
-
* @param Boolean $x_negative
|
1075 |
-
* @param Array $y_value
|
1076 |
-
* @param Boolean $y_negative
|
1077 |
-
* @return Array
|
1078 |
-
* @access private
|
1079 |
-
*/
|
1080 |
-
function _multiply($x_value, $x_negative, $y_value, $y_negative)
|
1081 |
-
{
|
1082 |
-
//if ( $x_value == $y_value ) {
|
1083 |
-
// return array(
|
1084 |
-
// MATH_BIGINTEGER_VALUE => $this->_square($x_value),
|
1085 |
-
// MATH_BIGINTEGER_SIGN => $x_sign != $y_value
|
1086 |
-
// );
|
1087 |
-
//}
|
1088 |
-
|
1089 |
-
$x_length = count($x_value);
|
1090 |
-
$y_length = count($y_value);
|
1091 |
-
|
1092 |
-
if ( !$x_length || !$y_length ) { // a 0 is being multiplied
|
1093 |
-
return array(
|
1094 |
-
MATH_BIGINTEGER_VALUE => array(),
|
1095 |
-
MATH_BIGINTEGER_SIGN => false
|
1096 |
-
);
|
1097 |
-
}
|
1098 |
-
|
1099 |
-
return array(
|
1100 |
-
MATH_BIGINTEGER_VALUE => min($x_length, $y_length) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ?
|
1101 |
-
$this->_trim($this->_regularMultiply($x_value, $y_value)) :
|
1102 |
-
$this->_trim($this->_karatsuba($x_value, $y_value)),
|
1103 |
-
MATH_BIGINTEGER_SIGN => $x_negative != $y_negative
|
1104 |
-
);
|
1105 |
-
}
|
1106 |
-
|
1107 |
-
/**
|
1108 |
-
* Performs long multiplication on two BigIntegers
|
1109 |
-
*
|
1110 |
-
* Modeled after 'multiply' in MutableBigInteger.java.
|
1111 |
-
*
|
1112 |
-
* @param Array $x_value
|
1113 |
-
* @param Array $y_value
|
1114 |
-
* @return Array
|
1115 |
-
* @access private
|
1116 |
-
*/
|
1117 |
-
function _regularMultiply($x_value, $y_value)
|
1118 |
-
{
|
1119 |
-
$x_length = count($x_value);
|
1120 |
-
$y_length = count($y_value);
|
1121 |
-
|
1122 |
-
if ( !$x_length || !$y_length ) { // a 0 is being multiplied
|
1123 |
-
return array();
|
1124 |
-
}
|
1125 |
-
|
1126 |
-
if ( $x_length < $y_length ) {
|
1127 |
-
$temp = $x_value;
|
1128 |
-
$x_value = $y_value;
|
1129 |
-
$y_value = $temp;
|
1130 |
-
|
1131 |
-
$x_length = count($x_value);
|
1132 |
-
$y_length = count($y_value);
|
1133 |
-
}
|
1134 |
-
|
1135 |
-
$product_value = $this->_array_repeat(0, $x_length + $y_length);
|
1136 |
-
|
1137 |
-
// the following for loop could be removed if the for loop following it
|
1138 |
-
// (the one with nested for loops) initially set $i to 0, but
|
1139 |
-
// doing so would also make the result in one set of unnecessary adds,
|
1140 |
-
// since on the outermost loops first pass, $product->value[$k] is going
|
1141 |
-
// to always be 0
|
1142 |
-
|
1143 |
-
$carry = 0;
|
1144 |
-
|
1145 |
-
for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0
|
1146 |
-
$temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0
|
1147 |
-
$carry = (int) ($temp / 0x4000000);
|
1148 |
-
$product_value[$j] = (int) ($temp - 0x4000000 * $carry);
|
1149 |
-
}
|
1150 |
-
|
1151 |
-
$product_value[$j] = $carry;
|
1152 |
-
|
1153 |
-
// the above for loop is what the previous comment was talking about. the
|
1154 |
-
// following for loop is the "one with nested for loops"
|
1155 |
-
for ($i = 1; $i < $y_length; ++$i) {
|
1156 |
-
$carry = 0;
|
1157 |
-
|
1158 |
-
for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) {
|
1159 |
-
$temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry;
|
1160 |
-
$carry = (int) ($temp / 0x4000000);
|
1161 |
-
$product_value[$k] = (int) ($temp - 0x4000000 * $carry);
|
1162 |
-
}
|
1163 |
-
|
1164 |
-
$product_value[$k] = $carry;
|
1165 |
-
}
|
1166 |
-
|
1167 |
-
return $product_value;
|
1168 |
-
}
|
1169 |
-
|
1170 |
-
/**
|
1171 |
-
* Performs Karatsuba multiplication on two BigIntegers
|
1172 |
-
*
|
1173 |
-
* See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and
|
1174 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}.
|
1175 |
-
*
|
1176 |
-
* @param Array $x_value
|
1177 |
-
* @param Array $y_value
|
1178 |
-
* @return Array
|
1179 |
-
* @access private
|
1180 |
-
*/
|
1181 |
-
function _karatsuba($x_value, $y_value)
|
1182 |
-
{
|
1183 |
-
$m = min(count($x_value) >> 1, count($y_value) >> 1);
|
1184 |
-
|
1185 |
-
if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) {
|
1186 |
-
return $this->_regularMultiply($x_value, $y_value);
|
1187 |
-
}
|
1188 |
-
|
1189 |
-
$x1 = array_slice($x_value, $m);
|
1190 |
-
$x0 = array_slice($x_value, 0, $m);
|
1191 |
-
$y1 = array_slice($y_value, $m);
|
1192 |
-
$y0 = array_slice($y_value, 0, $m);
|
1193 |
-
|
1194 |
-
$z2 = $this->_karatsuba($x1, $y1);
|
1195 |
-
$z0 = $this->_karatsuba($x0, $y0);
|
1196 |
-
|
1197 |
-
$z1 = $this->_add($x1, false, $x0, false);
|
1198 |
-
$temp = $this->_add($y1, false, $y0, false);
|
1199 |
-
$z1 = $this->_karatsuba($z1[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_VALUE]);
|
1200 |
-
$temp = $this->_add($z2, false, $z0, false);
|
1201 |
-
$z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false);
|
1202 |
-
|
1203 |
-
$z2 = array_merge(array_fill(0, 2 * $m, 0), $z2);
|
1204 |
-
$z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]);
|
1205 |
-
|
1206 |
-
$xy = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]);
|
1207 |
-
$xy = $this->_add($xy[MATH_BIGINTEGER_VALUE], $xy[MATH_BIGINTEGER_SIGN], $z0, false);
|
1208 |
-
|
1209 |
-
return $xy[MATH_BIGINTEGER_VALUE];
|
1210 |
-
}
|
1211 |
-
|
1212 |
-
/**
|
1213 |
-
* Performs squaring
|
1214 |
-
*
|
1215 |
-
* @param Array $x
|
1216 |
-
* @return Array
|
1217 |
-
* @access private
|
1218 |
-
*/
|
1219 |
-
function _square($x = false)
|
1220 |
-
{
|
1221 |
-
return count($x) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ?
|
1222 |
-
$this->_trim($this->_baseSquare($x)) :
|
1223 |
-
$this->_trim($this->_karatsubaSquare($x));
|
1224 |
-
}
|
1225 |
-
|
1226 |
-
/**
|
1227 |
-
* Performs traditional squaring on two BigIntegers
|
1228 |
-
*
|
1229 |
-
* Squaring can be done faster than multiplying a number by itself can be. See
|
1230 |
-
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} /
|
1231 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information.
|
1232 |
-
*
|
1233 |
-
* @param Array $value
|
1234 |
-
* @return Array
|
1235 |
-
* @access private
|
1236 |
-
*/
|
1237 |
-
function _baseSquare($value)
|
1238 |
-
{
|
1239 |
-
if ( empty($value) ) {
|
1240 |
-
return array();
|
1241 |
-
}
|
1242 |
-
$square_value = $this->_array_repeat(0, 2 * count($value));
|
1243 |
-
|
1244 |
-
for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) {
|
1245 |
-
$i2 = $i << 1;
|
1246 |
-
|
1247 |
-
$temp = $square_value[$i2] + $value[$i] * $value[$i];
|
1248 |
-
$carry = (int) ($temp / 0x4000000);
|
1249 |
-
$square_value[$i2] = (int) ($temp - 0x4000000 * $carry);
|
1250 |
-
|
1251 |
-
// note how we start from $i+1 instead of 0 as we do in multiplication.
|
1252 |
-
for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) {
|
1253 |
-
$temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry;
|
1254 |
-
$carry = (int) ($temp / 0x4000000);
|
1255 |
-
$square_value[$k] = (int) ($temp - 0x4000000 * $carry);
|
1256 |
-
}
|
1257 |
-
|
1258 |
-
// the following line can yield values larger 2**15. at this point, PHP should switch
|
1259 |
-
// over to floats.
|
1260 |
-
$square_value[$i + $max_index + 1] = $carry;
|
1261 |
-
}
|
1262 |
-
|
1263 |
-
return $square_value;
|
1264 |
-
}
|
1265 |
-
|
1266 |
-
/**
|
1267 |
-
* Performs Karatsuba "squaring" on two BigIntegers
|
1268 |
-
*
|
1269 |
-
* See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and
|
1270 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}.
|
1271 |
-
*
|
1272 |
-
* @param Array $value
|
1273 |
-
* @return Array
|
1274 |
-
* @access private
|
1275 |
-
*/
|
1276 |
-
function _karatsubaSquare($value)
|
1277 |
-
{
|
1278 |
-
$m = count($value) >> 1;
|
1279 |
-
|
1280 |
-
if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) {
|
1281 |
-
return $this->_baseSquare($value);
|
1282 |
-
}
|
1283 |
-
|
1284 |
-
$x1 = array_slice($value, $m);
|
1285 |
-
$x0 = array_slice($value, 0, $m);
|
1286 |
-
|
1287 |
-
$z2 = $this->_karatsubaSquare($x1);
|
1288 |
-
$z0 = $this->_karatsubaSquare($x0);
|
1289 |
-
|
1290 |
-
$z1 = $this->_add($x1, false, $x0, false);
|
1291 |
-
$z1 = $this->_karatsubaSquare($z1[MATH_BIGINTEGER_VALUE]);
|
1292 |
-
$temp = $this->_add($z2, false, $z0, false);
|
1293 |
-
$z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false);
|
1294 |
-
|
1295 |
-
$z2 = array_merge(array_fill(0, 2 * $m, 0), $z2);
|
1296 |
-
$z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]);
|
1297 |
-
|
1298 |
-
$xx = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]);
|
1299 |
-
$xx = $this->_add($xx[MATH_BIGINTEGER_VALUE], $xx[MATH_BIGINTEGER_SIGN], $z0, false);
|
1300 |
-
|
1301 |
-
return $xx[MATH_BIGINTEGER_VALUE];
|
1302 |
-
}
|
1303 |
-
|
1304 |
-
/**
|
1305 |
-
* Divides two BigIntegers.
|
1306 |
-
*
|
1307 |
-
* Returns an array whose first element contains the quotient and whose second element contains the
|
1308 |
-
* "common residue". If the remainder would be positive, the "common residue" and the remainder are the
|
1309 |
-
* same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder
|
1310 |
-
* and the divisor (basically, the "common residue" is the first positive modulo).
|
1311 |
-
*
|
1312 |
-
* Here's an example:
|
1313 |
-
* <code>
|
1314 |
-
* <?php
|
1315 |
-
* include('Math/BigInteger.php');
|
1316 |
-
*
|
1317 |
-
* $a = new Math_BigInteger('10');
|
1318 |
-
* $b = new Math_BigInteger('20');
|
1319 |
-
*
|
1320 |
-
* list($quotient, $remainder) = $a->divide($b);
|
1321 |
-
*
|
1322 |
-
* echo $quotient->toString(); // outputs 0
|
1323 |
-
* echo "\r\n";
|
1324 |
-
* echo $remainder->toString(); // outputs 10
|
1325 |
-
* ?>
|
1326 |
-
* </code>
|
1327 |
-
*
|
1328 |
-
* @param Math_BigInteger $y
|
1329 |
-
* @return Array
|
1330 |
-
* @access public
|
1331 |
-
* @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}.
|
1332 |
-
*/
|
1333 |
-
function divide($y)
|
1334 |
-
{
|
1335 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
1336 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
1337 |
-
$quotient = new Math_BigInteger();
|
1338 |
-
$remainder = new Math_BigInteger();
|
1339 |
-
|
1340 |
-
list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value);
|
1341 |
-
|
1342 |
-
if (gmp_sign($remainder->value) < 0) {
|
1343 |
-
$remainder->value = gmp_add($remainder->value, gmp_abs($y->value));
|
1344 |
-
}
|
1345 |
-
|
1346 |
-
return array($this->_normalize($quotient), $this->_normalize($remainder));
|
1347 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
1348 |
-
$quotient = new Math_BigInteger();
|
1349 |
-
$remainder = new Math_BigInteger();
|
1350 |
-
|
1351 |
-
$quotient->value = bcdiv($this->value, $y->value, 0);
|
1352 |
-
$remainder->value = bcmod($this->value, $y->value);
|
1353 |
-
|
1354 |
-
if ($remainder->value[0] == '-') {
|
1355 |
-
$remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0);
|
1356 |
-
}
|
1357 |
-
|
1358 |
-
return array($this->_normalize($quotient), $this->_normalize($remainder));
|
1359 |
-
}
|
1360 |
-
|
1361 |
-
if (count($y->value) == 1) {
|
1362 |
-
list($q, $r) = $this->_divide_digit($this->value, $y->value[0]);
|
1363 |
-
$quotient = new Math_BigInteger();
|
1364 |
-
$remainder = new Math_BigInteger();
|
1365 |
-
$quotient->value = $q;
|
1366 |
-
$remainder->value = array($r);
|
1367 |
-
$quotient->is_negative = $this->is_negative != $y->is_negative;
|
1368 |
-
return array($this->_normalize($quotient), $this->_normalize($remainder));
|
1369 |
-
}
|
1370 |
-
|
1371 |
-
static $zero;
|
1372 |
-
if ( !isset($zero) ) {
|
1373 |
-
$zero = new Math_BigInteger();
|
1374 |
-
}
|
1375 |
-
|
1376 |
-
$x = $this->copy();
|
1377 |
-
$y = $y->copy();
|
1378 |
-
|
1379 |
-
$x_sign = $x->is_negative;
|
1380 |
-
$y_sign = $y->is_negative;
|
1381 |
-
|
1382 |
-
$x->is_negative = $y->is_negative = false;
|
1383 |
-
|
1384 |
-
$diff = $x->compare($y);
|
1385 |
-
|
1386 |
-
if ( !$diff ) {
|
1387 |
-
$temp = new Math_BigInteger();
|
1388 |
-
$temp->value = array(1);
|
1389 |
-
$temp->is_negative = $x_sign != $y_sign;
|
1390 |
-
return array($this->_normalize($temp), $this->_normalize(new Math_BigInteger()));
|
1391 |
-
}
|
1392 |
-
|
1393 |
-
if ( $diff < 0 ) {
|
1394 |
-
// if $x is negative, "add" $y.
|
1395 |
-
if ( $x_sign ) {
|
1396 |
-
$x = $y->subtract($x);
|
1397 |
-
}
|
1398 |
-
return array($this->_normalize(new Math_BigInteger()), $this->_normalize($x));
|
1399 |
-
}
|
1400 |
-
|
1401 |
-
// normalize $x and $y as described in HAC 14.23 / 14.24
|
1402 |
-
$msb = $y->value[count($y->value) - 1];
|
1403 |
-
for ($shift = 0; !($msb & 0x2000000); ++$shift) {
|
1404 |
-
$msb <<= 1;
|
1405 |
-
}
|
1406 |
-
$x->_lshift($shift);
|
1407 |
-
$y->_lshift($shift);
|
1408 |
-
$y_value = &$y->value;
|
1409 |
-
|
1410 |
-
$x_max = count($x->value) - 1;
|
1411 |
-
$y_max = count($y->value) - 1;
|
1412 |
-
|
1413 |
-
$quotient = new Math_BigInteger();
|
1414 |
-
$quotient_value = &$quotient->value;
|
1415 |
-
$quotient_value = $this->_array_repeat(0, $x_max - $y_max + 1);
|
1416 |
-
|
1417 |
-
static $temp, $lhs, $rhs;
|
1418 |
-
if (!isset($temp)) {
|
1419 |
-
$temp = new Math_BigInteger();
|
1420 |
-
$lhs = new Math_BigInteger();
|
1421 |
-
$rhs = new Math_BigInteger();
|
1422 |
-
}
|
1423 |
-
$temp_value = &$temp->value;
|
1424 |
-
$rhs_value = &$rhs->value;
|
1425 |
-
|
1426 |
-
// $temp = $y << ($x_max - $y_max-1) in base 2**26
|
1427 |
-
$temp_value = array_merge($this->_array_repeat(0, $x_max - $y_max), $y_value);
|
1428 |
-
|
1429 |
-
while ( $x->compare($temp) >= 0 ) {
|
1430 |
-
// calculate the "common residue"
|
1431 |
-
++$quotient_value[$x_max - $y_max];
|
1432 |
-
$x = $x->subtract($temp);
|
1433 |
-
$x_max = count($x->value) - 1;
|
1434 |
-
}
|
1435 |
-
|
1436 |
-
for ($i = $x_max; $i >= $y_max + 1; --$i) {
|
1437 |
-
$x_value = &$x->value;
|
1438 |
-
$x_window = array(
|
1439 |
-
isset($x_value[$i]) ? $x_value[$i] : 0,
|
1440 |
-
isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0,
|
1441 |
-
isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0
|
1442 |
-
);
|
1443 |
-
$y_window = array(
|
1444 |
-
$y_value[$y_max],
|
1445 |
-
( $y_max > 0 ) ? $y_value[$y_max - 1] : 0
|
1446 |
-
);
|
1447 |
-
|
1448 |
-
$q_index = $i - $y_max - 1;
|
1449 |
-
if ($x_window[0] == $y_window[0]) {
|
1450 |
-
$quotient_value[$q_index] = 0x3FFFFFF;
|
1451 |
-
} else {
|
1452 |
-
$quotient_value[$q_index] = (int) (
|
1453 |
-
($x_window[0] * 0x4000000 + $x_window[1])
|
1454 |
-
/
|
1455 |
-
$y_window[0]
|
1456 |
-
);
|
1457 |
-
}
|
1458 |
-
|
1459 |
-
$temp_value = array($y_window[1], $y_window[0]);
|
1460 |
-
|
1461 |
-
$lhs->value = array($quotient_value[$q_index]);
|
1462 |
-
$lhs = $lhs->multiply($temp);
|
1463 |
-
|
1464 |
-
$rhs_value = array($x_window[2], $x_window[1], $x_window[0]);
|
1465 |
-
|
1466 |
-
while ( $lhs->compare($rhs) > 0 ) {
|
1467 |
-
--$quotient_value[$q_index];
|
1468 |
-
|
1469 |
-
$lhs->value = array($quotient_value[$q_index]);
|
1470 |
-
$lhs = $lhs->multiply($temp);
|
1471 |
-
}
|
1472 |
-
|
1473 |
-
$adjust = $this->_array_repeat(0, $q_index);
|
1474 |
-
$temp_value = array($quotient_value[$q_index]);
|
1475 |
-
$temp = $temp->multiply($y);
|
1476 |
-
$temp_value = &$temp->value;
|
1477 |
-
$temp_value = array_merge($adjust, $temp_value);
|
1478 |
-
|
1479 |
-
$x = $x->subtract($temp);
|
1480 |
-
|
1481 |
-
if ($x->compare($zero) < 0) {
|
1482 |
-
$temp_value = array_merge($adjust, $y_value);
|
1483 |
-
$x = $x->add($temp);
|
1484 |
-
|
1485 |
-
--$quotient_value[$q_index];
|
1486 |
-
}
|
1487 |
-
|
1488 |
-
$x_max = count($x_value) - 1;
|
1489 |
-
}
|
1490 |
-
|
1491 |
-
// unnormalize the remainder
|
1492 |
-
$x->_rshift($shift);
|
1493 |
-
|
1494 |
-
$quotient->is_negative = $x_sign != $y_sign;
|
1495 |
-
|
1496 |
-
// calculate the "common residue", if appropriate
|
1497 |
-
if ( $x_sign ) {
|
1498 |
-
$y->_rshift($shift);
|
1499 |
-
$x = $y->subtract($x);
|
1500 |
-
}
|
1501 |
-
|
1502 |
-
return array($this->_normalize($quotient), $this->_normalize($x));
|
1503 |
-
}
|
1504 |
-
|
1505 |
-
/**
|
1506 |
-
* Divides a BigInteger by a regular integer
|
1507 |
-
*
|
1508 |
-
* abc / x = a00 / x + b0 / x + c / x
|
1509 |
-
*
|
1510 |
-
* @param Array $dividend
|
1511 |
-
* @param Array $divisor
|
1512 |
-
* @return Array
|
1513 |
-
* @access private
|
1514 |
-
*/
|
1515 |
-
function _divide_digit($dividend, $divisor)
|
1516 |
-
{
|
1517 |
-
$carry = 0;
|
1518 |
-
$result = array();
|
1519 |
-
|
1520 |
-
for ($i = count($dividend) - 1; $i >= 0; --$i) {
|
1521 |
-
$temp = 0x4000000 * $carry + $dividend[$i];
|
1522 |
-
$result[$i] = (int) ($temp / $divisor);
|
1523 |
-
$carry = (int) ($temp - $divisor * $result[$i]);
|
1524 |
-
}
|
1525 |
-
|
1526 |
-
return array($result, $carry);
|
1527 |
-
}
|
1528 |
-
|
1529 |
-
/**
|
1530 |
-
* Performs modular exponentiation.
|
1531 |
-
*
|
1532 |
-
* Here's an example:
|
1533 |
-
* <code>
|
1534 |
-
* <?php
|
1535 |
-
* include('Math/BigInteger.php');
|
1536 |
-
*
|
1537 |
-
* $a = new Math_BigInteger('10');
|
1538 |
-
* $b = new Math_BigInteger('20');
|
1539 |
-
* $c = new Math_BigInteger('30');
|
1540 |
-
*
|
1541 |
-
* $c = $a->modPow($b, $c);
|
1542 |
-
*
|
1543 |
-
* echo $c->toString(); // outputs 10
|
1544 |
-
* ?>
|
1545 |
-
* </code>
|
1546 |
-
*
|
1547 |
-
* @param Math_BigInteger $e
|
1548 |
-
* @param Math_BigInteger $n
|
1549 |
-
* @return Math_BigInteger
|
1550 |
-
* @access public
|
1551 |
-
* @internal The most naive approach to modular exponentiation has very unreasonable requirements, and
|
1552 |
-
* and although the approach involving repeated squaring does vastly better, it, too, is impractical
|
1553 |
-
* for our purposes. The reason being that division - by far the most complicated and time-consuming
|
1554 |
-
* of the basic operations (eg. +,-,*,/) - occurs multiple times within it.
|
1555 |
-
*
|
1556 |
-
* Modular reductions resolve this issue. Although an individual modular reduction takes more time
|
1557 |
-
* then an individual division, when performed in succession (with the same modulo), they're a lot faster.
|
1558 |
-
*
|
1559 |
-
* The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction,
|
1560 |
-
* although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the
|
1561 |
-
* base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because
|
1562 |
-
* the product of two odd numbers is odd), but what about when RSA isn't used?
|
1563 |
-
*
|
1564 |
-
* In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a
|
1565 |
-
* Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the
|
1566 |
-
* modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however,
|
1567 |
-
* uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and
|
1568 |
-
* the other, a power of two - and recombine them, later. This is the method that this modPow function uses.
|
1569 |
-
* {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates.
|
1570 |
-
*/
|
1571 |
-
function modPow($e, $n)
|
1572 |
-
{
|
1573 |
-
$n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs();
|
1574 |
-
|
1575 |
-
if ($e->compare(new Math_BigInteger()) < 0) {
|
1576 |
-
$e = $e->abs();
|
1577 |
-
|
1578 |
-
$temp = $this->modInverse($n);
|
1579 |
-
if ($temp === false) {
|
1580 |
-
return false;
|
1581 |
-
}
|
1582 |
-
|
1583 |
-
return $this->_normalize($temp->modPow($e, $n));
|
1584 |
-
}
|
1585 |
-
|
1586 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
1587 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
1588 |
-
$temp = new Math_BigInteger();
|
1589 |
-
$temp->value = gmp_powm($this->value, $e->value, $n->value);
|
1590 |
-
|
1591 |
-
return $this->_normalize($temp);
|
1592 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
1593 |
-
$temp = new Math_BigInteger();
|
1594 |
-
$temp->value = bcpowmod($this->value, $e->value, $n->value, 0);
|
1595 |
-
|
1596 |
-
return $this->_normalize($temp);
|
1597 |
-
}
|
1598 |
-
|
1599 |
-
if ( empty($e->value) ) {
|
1600 |
-
$temp = new Math_BigInteger();
|
1601 |
-
$temp->value = array(1);
|
1602 |
-
return $this->_normalize($temp);
|
1603 |
-
}
|
1604 |
-
|
1605 |
-
if ( $e->value == array(1) ) {
|
1606 |
-
list(, $temp) = $this->divide($n);
|
1607 |
-
return $this->_normalize($temp);
|
1608 |
-
}
|
1609 |
-
|
1610 |
-
if ( $e->value == array(2) ) {
|
1611 |
-
$temp = new Math_BigInteger();
|
1612 |
-
$temp->value = $this->_square($this->value);
|
1613 |
-
list(, $temp) = $temp->divide($n);
|
1614 |
-
return $this->_normalize($temp);
|
1615 |
-
}
|
1616 |
-
|
1617 |
-
return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT));
|
1618 |
-
|
1619 |
-
// is the modulo odd?
|
1620 |
-
if ( $n->value[0] & 1 ) {
|
1621 |
-
return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY));
|
1622 |
-
}
|
1623 |
-
// if it's not, it's even
|
1624 |
-
|
1625 |
-
// find the lowest set bit (eg. the max pow of 2 that divides $n)
|
1626 |
-
for ($i = 0; $i < count($n->value); ++$i) {
|
1627 |
-
if ( $n->value[$i] ) {
|
1628 |
-
$temp = decbin($n->value[$i]);
|
1629 |
-
$j = strlen($temp) - strrpos($temp, '1') - 1;
|
1630 |
-
$j+= 26 * $i;
|
1631 |
-
break;
|
1632 |
-
}
|
1633 |
-
}
|
1634 |
-
// at this point, 2^$j * $n/(2^$j) == $n
|
1635 |
-
|
1636 |
-
$mod1 = $n->copy();
|
1637 |
-
$mod1->_rshift($j);
|
1638 |
-
$mod2 = new Math_BigInteger();
|
1639 |
-
$mod2->value = array(1);
|
1640 |
-
$mod2->_lshift($j);
|
1641 |
-
|
1642 |
-
$part1 = ( $mod1->value != array(1) ) ? $this->_slidingWindow($e, $mod1, MATH_BIGINTEGER_MONTGOMERY) : new Math_BigInteger();
|
1643 |
-
$part2 = $this->_slidingWindow($e, $mod2, MATH_BIGINTEGER_POWEROF2);
|
1644 |
-
|
1645 |
-
$y1 = $mod2->modInverse($mod1);
|
1646 |
-
$y2 = $mod1->modInverse($mod2);
|
1647 |
-
|
1648 |
-
$result = $part1->multiply($mod2);
|
1649 |
-
$result = $result->multiply($y1);
|
1650 |
-
|
1651 |
-
$temp = $part2->multiply($mod1);
|
1652 |
-
$temp = $temp->multiply($y2);
|
1653 |
-
|
1654 |
-
$result = $result->add($temp);
|
1655 |
-
list(, $result) = $result->divide($n);
|
1656 |
-
|
1657 |
-
return $this->_normalize($result);
|
1658 |
-
}
|
1659 |
-
|
1660 |
-
/**
|
1661 |
-
* Performs modular exponentiation.
|
1662 |
-
*
|
1663 |
-
* Alias for Math_BigInteger::modPow()
|
1664 |
-
*
|
1665 |
-
* @param Math_BigInteger $e
|
1666 |
-
* @param Math_BigInteger $n
|
1667 |
-
* @return Math_BigInteger
|
1668 |
-
* @access public
|
1669 |
-
*/
|
1670 |
-
function powMod($e, $n)
|
1671 |
-
{
|
1672 |
-
return $this->modPow($e, $n);
|
1673 |
-
}
|
1674 |
-
|
1675 |
-
/**
|
1676 |
-
* Sliding Window k-ary Modular Exponentiation
|
1677 |
-
*
|
1678 |
-
* Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} /
|
1679 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims,
|
1680 |
-
* however, this function performs a modular reduction after every multiplication and squaring operation.
|
1681 |
-
* As such, this function has the same preconditions that the reductions being used do.
|
1682 |
-
*
|
1683 |
-
* @param Math_BigInteger $e
|
1684 |
-
* @param Math_BigInteger $n
|
1685 |
-
* @param Integer $mode
|
1686 |
-
* @return Math_BigInteger
|
1687 |
-
* @access private
|
1688 |
-
*/
|
1689 |
-
function _slidingWindow($e, $n, $mode)
|
1690 |
-
{
|
1691 |
-
static $window_ranges = array(7, 25, 81, 241, 673, 1793); // from BigInteger.java's oddModPow function
|
1692 |
-
//static $window_ranges = array(0, 7, 36, 140, 450, 1303, 3529); // from MPM 7.3.1
|
1693 |
-
|
1694 |
-
$e_value = $e->value;
|
1695 |
-
$e_length = count($e_value) - 1;
|
1696 |
-
$e_bits = decbin($e_value[$e_length]);
|
1697 |
-
for ($i = $e_length - 1; $i >= 0; --$i) {
|
1698 |
-
$e_bits.= str_pad(decbin($e_value[$i]), 26, '0', STR_PAD_LEFT);
|
1699 |
-
}
|
1700 |
-
|
1701 |
-
$e_length = strlen($e_bits);
|
1702 |
-
|
1703 |
-
// calculate the appropriate window size.
|
1704 |
-
// $window_size == 3 if $window_ranges is between 25 and 81, for example.
|
1705 |
-
for ($i = 0, $window_size = 1; $e_length > $window_ranges[$i] && $i < count($window_ranges); ++$window_size, ++$i);
|
1706 |
-
|
1707 |
-
$n_value = $n->value;
|
1708 |
-
|
1709 |
-
// precompute $this^0 through $this^$window_size
|
1710 |
-
$powers = array();
|
1711 |
-
$powers[1] = $this->_prepareReduce($this->value, $n_value, $mode);
|
1712 |
-
$powers[2] = $this->_squareReduce($powers[1], $n_value, $mode);
|
1713 |
-
|
1714 |
-
// we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end
|
1715 |
-
// in a 1. ie. it's supposed to be odd.
|
1716 |
-
$temp = 1 << ($window_size - 1);
|
1717 |
-
for ($i = 1; $i < $temp; ++$i) {
|
1718 |
-
$i2 = $i << 1;
|
1719 |
-
$powers[$i2 + 1] = $this->_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode);
|
1720 |
-
}
|
1721 |
-
|
1722 |
-
$result = array(1);
|
1723 |
-
$result = $this->_prepareReduce($result, $n_value, $mode);
|
1724 |
-
|
1725 |
-
for ($i = 0; $i < $e_length; ) {
|
1726 |
-
if ( !$e_bits[$i] ) {
|
1727 |
-
$result = $this->_squareReduce($result, $n_value, $mode);
|
1728 |
-
++$i;
|
1729 |
-
} else {
|
1730 |
-
for ($j = $window_size - 1; $j > 0; --$j) {
|
1731 |
-
if ( !empty($e_bits[$i + $j]) ) {
|
1732 |
-
break;
|
1733 |
-
}
|
1734 |
-
}
|
1735 |
-
|
1736 |
-
for ($k = 0; $k <= $j; ++$k) {// eg. the length of substr($e_bits, $i, $j+1)
|
1737 |
-
$result = $this->_squareReduce($result, $n_value, $mode);
|
1738 |
-
}
|
1739 |
-
|
1740 |
-
$result = $this->_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode);
|
1741 |
-
|
1742 |
-
$i+=$j + 1;
|
1743 |
-
}
|
1744 |
-
}
|
1745 |
-
|
1746 |
-
$temp = new Math_BigInteger();
|
1747 |
-
$temp->value = $this->_reduce($result, $n_value, $mode);
|
1748 |
-
|
1749 |
-
return $temp;
|
1750 |
-
}
|
1751 |
-
|
1752 |
-
/**
|
1753 |
-
* Modular reduction
|
1754 |
-
*
|
1755 |
-
* For most $modes this will return the remainder.
|
1756 |
-
*
|
1757 |
-
* @see _slidingWindow()
|
1758 |
-
* @access private
|
1759 |
-
* @param Array $x
|
1760 |
-
* @param Array $n
|
1761 |
-
* @param Integer $mode
|
1762 |
-
* @return Array
|
1763 |
-
*/
|
1764 |
-
function _reduce($x, $n, $mode)
|
1765 |
-
{
|
1766 |
-
switch ($mode) {
|
1767 |
-
case MATH_BIGINTEGER_MONTGOMERY:
|
1768 |
-
return $this->_montgomery($x, $n);
|
1769 |
-
case MATH_BIGINTEGER_BARRETT:
|
1770 |
-
return $this->_barrett($x, $n);
|
1771 |
-
case MATH_BIGINTEGER_POWEROF2:
|
1772 |
-
$lhs = new Math_BigInteger();
|
1773 |
-
$lhs->value = $x;
|
1774 |
-
$rhs = new Math_BigInteger();
|
1775 |
-
$rhs->value = $n;
|
1776 |
-
return $x->_mod2($n);
|
1777 |
-
case MATH_BIGINTEGER_CLASSIC:
|
1778 |
-
$lhs = new Math_BigInteger();
|
1779 |
-
$lhs->value = $x;
|
1780 |
-
$rhs = new Math_BigInteger();
|
1781 |
-
$rhs->value = $n;
|
1782 |
-
list(, $temp) = $lhs->divide($rhs);
|
1783 |
-
return $temp->value;
|
1784 |
-
case MATH_BIGINTEGER_NONE:
|
1785 |
-
return $x;
|
1786 |
-
default:
|
1787 |
-
// an invalid $mode was provided
|
1788 |
-
}
|
1789 |
-
}
|
1790 |
-
|
1791 |
-
/**
|
1792 |
-
* Modular reduction preperation
|
1793 |
-
*
|
1794 |
-
* @see _slidingWindow()
|
1795 |
-
* @access private
|
1796 |
-
* @param Array $x
|
1797 |
-
* @param Array $n
|
1798 |
-
* @param Integer $mode
|
1799 |
-
* @return Array
|
1800 |
-
*/
|
1801 |
-
function _prepareReduce($x, $n, $mode)
|
1802 |
-
{
|
1803 |
-
if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
|
1804 |
-
return $this->_prepMontgomery($x, $n);
|
1805 |
-
}
|
1806 |
-
return $this->_reduce($x, $n, $mode);
|
1807 |
-
}
|
1808 |
-
|
1809 |
-
/**
|
1810 |
-
* Modular multiply
|
1811 |
-
*
|
1812 |
-
* @see _slidingWindow()
|
1813 |
-
* @access private
|
1814 |
-
* @param Array $x
|
1815 |
-
* @param Array $y
|
1816 |
-
* @param Array $n
|
1817 |
-
* @param Integer $mode
|
1818 |
-
* @return Array
|
1819 |
-
*/
|
1820 |
-
function _multiplyReduce($x, $y, $n, $mode)
|
1821 |
-
{
|
1822 |
-
if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
|
1823 |
-
return $this->_montgomeryMultiply($x, $y, $n);
|
1824 |
-
}
|
1825 |
-
$temp = $this->_multiply($x, false, $y, false);
|
1826 |
-
return $this->_reduce($temp[MATH_BIGINTEGER_VALUE], $n, $mode);
|
1827 |
-
}
|
1828 |
-
|
1829 |
-
/**
|
1830 |
-
* Modular square
|
1831 |
-
*
|
1832 |
-
* @see _slidingWindow()
|
1833 |
-
* @access private
|
1834 |
-
* @param Array $x
|
1835 |
-
* @param Array $n
|
1836 |
-
* @param Integer $mode
|
1837 |
-
* @return Array
|
1838 |
-
*/
|
1839 |
-
function _squareReduce($x, $n, $mode)
|
1840 |
-
{
|
1841 |
-
if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
|
1842 |
-
return $this->_montgomeryMultiply($x, $x, $n);
|
1843 |
-
}
|
1844 |
-
return $this->_reduce($this->_square($x), $n, $mode);
|
1845 |
-
}
|
1846 |
-
|
1847 |
-
/**
|
1848 |
-
* Modulos for Powers of Two
|
1849 |
-
*
|
1850 |
-
* Calculates $x%$n, where $n = 2**$e, for some $e. Since this is basically the same as doing $x & ($n-1),
|
1851 |
-
* we'll just use this function as a wrapper for doing that.
|
1852 |
-
*
|
1853 |
-
* @see _slidingWindow()
|
1854 |
-
* @access private
|
1855 |
-
* @param Math_BigInteger
|
1856 |
-
* @return Math_BigInteger
|
1857 |
-
*/
|
1858 |
-
function _mod2($n)
|
1859 |
-
{
|
1860 |
-
$temp = new Math_BigInteger();
|
1861 |
-
$temp->value = array(1);
|
1862 |
-
return $this->bitwise_and($n->subtract($temp));
|
1863 |
-
}
|
1864 |
-
|
1865 |
-
/**
|
1866 |
-
* Barrett Modular Reduction
|
1867 |
-
*
|
1868 |
-
* See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} /
|
1869 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly,
|
1870 |
-
* so as not to require negative numbers (initially, this script didn't support negative numbers).
|
1871 |
-
*
|
1872 |
-
* Employs "folding", as described at
|
1873 |
-
* {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from
|
1874 |
-
* it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x."
|
1875 |
-
*
|
1876 |
-
* Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that
|
1877 |
-
* usable on account of (1) its not using reasonable radix points as discussed in
|
1878 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable
|
1879 |
-
* radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that
|
1880 |
-
* (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line
|
1881 |
-
* comments for details.
|
1882 |
-
*
|
1883 |
-
* @see _slidingWindow()
|
1884 |
-
* @access private
|
1885 |
-
* @param Array $n
|
1886 |
-
* @param Array $m
|
1887 |
-
* @return Array
|
1888 |
-
*/
|
1889 |
-
function _barrett($n, $m)
|
1890 |
-
{
|
1891 |
-
static $cache = array(
|
1892 |
-
MATH_BIGINTEGER_VARIABLE => array(),
|
1893 |
-
MATH_BIGINTEGER_DATA => array()
|
1894 |
-
);
|
1895 |
-
|
1896 |
-
$m_length = count($m);
|
1897 |
-
|
1898 |
-
// if ($this->_compare($n, $this->_square($m)) >= 0) {
|
1899 |
-
if (count($n) > 2 * $m_length) {
|
1900 |
-
$lhs = new Math_BigInteger();
|
1901 |
-
$rhs = new Math_BigInteger();
|
1902 |
-
$lhs->value = $n;
|
1903 |
-
$rhs->value = $m;
|
1904 |
-
list(, $temp) = $lhs->divide($rhs);
|
1905 |
-
return $temp->value;
|
1906 |
-
}
|
1907 |
-
|
1908 |
-
// if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced
|
1909 |
-
if ($m_length < 5) {
|
1910 |
-
return $this->_regularBarrett($n, $m);
|
1911 |
-
}
|
1912 |
-
|
1913 |
-
// n = 2 * m.length
|
1914 |
-
|
1915 |
-
if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
1916 |
-
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
1917 |
-
$cache[MATH_BIGINTEGER_VARIABLE][] = $m;
|
1918 |
-
|
1919 |
-
$lhs = new Math_BigInteger();
|
1920 |
-
$lhs_value = &$lhs->value;
|
1921 |
-
$lhs_value = $this->_array_repeat(0, $m_length + ($m_length >> 1));
|
1922 |
-
$lhs_value[] = 1;
|
1923 |
-
$rhs = new Math_BigInteger();
|
1924 |
-
$rhs->value = $m;
|
1925 |
-
|
1926 |
-
list($u, $m1) = $lhs->divide($rhs);
|
1927 |
-
$u = $u->value;
|
1928 |
-
$m1 = $m1->value;
|
1929 |
-
|
1930 |
-
$cache[MATH_BIGINTEGER_DATA][] = array(
|
1931 |
-
'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1)
|
1932 |
-
'm1'=> $m1 // m.length
|
1933 |
-
);
|
1934 |
-
} else {
|
1935 |
-
extract($cache[MATH_BIGINTEGER_DATA][$key]);
|
1936 |
-
}
|
1937 |
-
|
1938 |
-
$cutoff = $m_length + ($m_length >> 1);
|
1939 |
-
$lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1)
|
1940 |
-
$msd = array_slice($n, $cutoff); // m.length >> 1
|
1941 |
-
$lsd = $this->_trim($lsd);
|
1942 |
-
$temp = $this->_multiply($msd, false, $m1, false);
|
1943 |
-
$n = $this->_add($lsd, false, $temp[MATH_BIGINTEGER_VALUE], false); // m.length + (m.length >> 1) + 1
|
1944 |
-
|
1945 |
-
if ($m_length & 1) {
|
1946 |
-
return $this->_regularBarrett($n[MATH_BIGINTEGER_VALUE], $m);
|
1947 |
-
}
|
1948 |
-
|
1949 |
-
// (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2
|
1950 |
-
$temp = array_slice($n[MATH_BIGINTEGER_VALUE], $m_length - 1);
|
1951 |
-
// if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2
|
1952 |
-
// if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1
|
1953 |
-
$temp = $this->_multiply($temp, false, $u, false);
|
1954 |
-
// if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1
|
1955 |
-
// if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1)
|
1956 |
-
$temp = array_slice($temp[MATH_BIGINTEGER_VALUE], ($m_length >> 1) + 1);
|
1957 |
-
// if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1
|
1958 |
-
// if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1)
|
1959 |
-
$temp = $this->_multiply($temp, false, $m, false);
|
1960 |
-
|
1961 |
-
// at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit
|
1962 |
-
// number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop
|
1963 |
-
// following this comment would loop a lot (hence our calling _regularBarrett() in that situation).
|
1964 |
-
|
1965 |
-
$result = $this->_subtract($n[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false);
|
1966 |
-
|
1967 |
-
while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false) >= 0) {
|
1968 |
-
$result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false);
|
1969 |
-
}
|
1970 |
-
|
1971 |
-
return $result[MATH_BIGINTEGER_VALUE];
|
1972 |
-
}
|
1973 |
-
|
1974 |
-
/**
|
1975 |
-
* (Regular) Barrett Modular Reduction
|
1976 |
-
*
|
1977 |
-
* For numbers with more than four digits Math_BigInteger::_barrett() is faster. The difference between that and this
|
1978 |
-
* is that this function does not fold the denominator into a smaller form.
|
1979 |
-
*
|
1980 |
-
* @see _slidingWindow()
|
1981 |
-
* @access private
|
1982 |
-
* @param Array $x
|
1983 |
-
* @param Array $n
|
1984 |
-
* @return Array
|
1985 |
-
*/
|
1986 |
-
function _regularBarrett($x, $n)
|
1987 |
-
{
|
1988 |
-
static $cache = array(
|
1989 |
-
MATH_BIGINTEGER_VARIABLE => array(),
|
1990 |
-
MATH_BIGINTEGER_DATA => array()
|
1991 |
-
);
|
1992 |
-
|
1993 |
-
$n_length = count($n);
|
1994 |
-
|
1995 |
-
if (count($x) > 2 * $n_length) {
|
1996 |
-
$lhs = new Math_BigInteger();
|
1997 |
-
$rhs = new Math_BigInteger();
|
1998 |
-
$lhs->value = $x;
|
1999 |
-
$rhs->value = $n;
|
2000 |
-
list(, $temp) = $lhs->divide($rhs);
|
2001 |
-
return $temp->value;
|
2002 |
-
}
|
2003 |
-
|
2004 |
-
if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
2005 |
-
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
2006 |
-
$cache[MATH_BIGINTEGER_VARIABLE][] = $n;
|
2007 |
-
$lhs = new Math_BigInteger();
|
2008 |
-
$lhs_value = &$lhs->value;
|
2009 |
-
$lhs_value = $this->_array_repeat(0, 2 * $n_length);
|
2010 |
-
$lhs_value[] = 1;
|
2011 |
-
$rhs = new Math_BigInteger();
|
2012 |
-
$rhs->value = $n;
|
2013 |
-
list($temp, ) = $lhs->divide($rhs); // m.length
|
2014 |
-
$cache[MATH_BIGINTEGER_DATA][] = $temp->value;
|
2015 |
-
}
|
2016 |
-
|
2017 |
-
// 2 * m.length - (m.length - 1) = m.length + 1
|
2018 |
-
$temp = array_slice($x, $n_length - 1);
|
2019 |
-
// (m.length + 1) + m.length = 2 * m.length + 1
|
2020 |
-
$temp = $this->_multiply($temp, false, $cache[MATH_BIGINTEGER_DATA][$key], false);
|
2021 |
-
// (2 * m.length + 1) - (m.length - 1) = m.length + 2
|
2022 |
-
$temp = array_slice($temp[MATH_BIGINTEGER_VALUE], $n_length + 1);
|
2023 |
-
|
2024 |
-
// m.length + 1
|
2025 |
-
$result = array_slice($x, 0, $n_length + 1);
|
2026 |
-
// m.length + 1
|
2027 |
-
$temp = $this->_multiplyLower($temp, false, $n, false, $n_length + 1);
|
2028 |
-
// $temp == array_slice($temp->_multiply($temp, false, $n, false)->value, 0, $n_length + 1)
|
2029 |
-
|
2030 |
-
if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) {
|
2031 |
-
$corrector_value = $this->_array_repeat(0, $n_length + 1);
|
2032 |
-
$corrector_value[] = 1;
|
2033 |
-
$result = $this->_add($result, false, $corrector, false);
|
2034 |
-
$result = $result[MATH_BIGINTEGER_VALUE];
|
2035 |
-
}
|
2036 |
-
|
2037 |
-
// at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits
|
2038 |
-
$result = $this->_subtract($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]);
|
2039 |
-
while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false) > 0) {
|
2040 |
-
$result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false);
|
2041 |
-
}
|
2042 |
-
|
2043 |
-
return $result[MATH_BIGINTEGER_VALUE];
|
2044 |
-
}
|
2045 |
-
|
2046 |
-
/**
|
2047 |
-
* Performs long multiplication up to $stop digits
|
2048 |
-
*
|
2049 |
-
* If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved.
|
2050 |
-
*
|
2051 |
-
* @see _regularBarrett()
|
2052 |
-
* @param Array $x_value
|
2053 |
-
* @param Boolean $x_negative
|
2054 |
-
* @param Array $y_value
|
2055 |
-
* @param Boolean $y_negative
|
2056 |
-
* @return Array
|
2057 |
-
* @access private
|
2058 |
-
*/
|
2059 |
-
function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop)
|
2060 |
-
{
|
2061 |
-
$x_length = count($x_value);
|
2062 |
-
$y_length = count($y_value);
|
2063 |
-
|
2064 |
-
if ( !$x_length || !$y_length ) { // a 0 is being multiplied
|
2065 |
-
return array(
|
2066 |
-
MATH_BIGINTEGER_VALUE => array(),
|
2067 |
-
MATH_BIGINTEGER_SIGN => false
|
2068 |
-
);
|
2069 |
-
}
|
2070 |
-
|
2071 |
-
if ( $x_length < $y_length ) {
|
2072 |
-
$temp = $x_value;
|
2073 |
-
$x_value = $y_value;
|
2074 |
-
$y_value = $temp;
|
2075 |
-
|
2076 |
-
$x_length = count($x_value);
|
2077 |
-
$y_length = count($y_value);
|
2078 |
-
}
|
2079 |
-
|
2080 |
-
$product_value = $this->_array_repeat(0, $x_length + $y_length);
|
2081 |
-
|
2082 |
-
// the following for loop could be removed if the for loop following it
|
2083 |
-
// (the one with nested for loops) initially set $i to 0, but
|
2084 |
-
// doing so would also make the result in one set of unnecessary adds,
|
2085 |
-
// since on the outermost loops first pass, $product->value[$k] is going
|
2086 |
-
// to always be 0
|
2087 |
-
|
2088 |
-
$carry = 0;
|
2089 |
-
|
2090 |
-
for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i
|
2091 |
-
$temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0
|
2092 |
-
$carry = (int) ($temp / 0x4000000);
|
2093 |
-
$product_value[$j] = (int) ($temp - 0x4000000 * $carry);
|
2094 |
-
}
|
2095 |
-
|
2096 |
-
if ($j < $stop) {
|
2097 |
-
$product_value[$j] = $carry;
|
2098 |
-
}
|
2099 |
-
|
2100 |
-
// the above for loop is what the previous comment was talking about. the
|
2101 |
-
// following for loop is the "one with nested for loops"
|
2102 |
-
|
2103 |
-
for ($i = 1; $i < $y_length; ++$i) {
|
2104 |
-
$carry = 0;
|
2105 |
-
|
2106 |
-
for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) {
|
2107 |
-
$temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry;
|
2108 |
-
$carry = (int) ($temp / 0x4000000);
|
2109 |
-
$product_value[$k] = (int) ($temp - 0x4000000 * $carry);
|
2110 |
-
}
|
2111 |
-
|
2112 |
-
if ($k < $stop) {
|
2113 |
-
$product_value[$k] = $carry;
|
2114 |
-
}
|
2115 |
-
}
|
2116 |
-
|
2117 |
-
return array(
|
2118 |
-
MATH_BIGINTEGER_VALUE => $this->_trim($product_value),
|
2119 |
-
MATH_BIGINTEGER_SIGN => $x_negative != $y_negative
|
2120 |
-
);
|
2121 |
-
}
|
2122 |
-
|
2123 |
-
/**
|
2124 |
-
* Montgomery Modular Reduction
|
2125 |
-
*
|
2126 |
-
* ($x->_prepMontgomery($n))->_montgomery($n) yields $x % $n.
|
2127 |
-
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=170 MPM 6.3} provides insights on how this can be
|
2128 |
-
* improved upon (basically, by using the comba method). gcd($n, 2) must be equal to one for this function
|
2129 |
-
* to work correctly.
|
2130 |
-
*
|
2131 |
-
* @see _prepMontgomery()
|
2132 |
-
* @see _slidingWindow()
|
2133 |
-
* @access private
|
2134 |
-
* @param Array $x
|
2135 |
-
* @param Array $n
|
2136 |
-
* @return Array
|
2137 |
-
*/
|
2138 |
-
function _montgomery($x, $n)
|
2139 |
-
{
|
2140 |
-
static $cache = array(
|
2141 |
-
MATH_BIGINTEGER_VARIABLE => array(),
|
2142 |
-
MATH_BIGINTEGER_DATA => array()
|
2143 |
-
);
|
2144 |
-
|
2145 |
-
if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
2146 |
-
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
2147 |
-
$cache[MATH_BIGINTEGER_VARIABLE][] = $x;
|
2148 |
-
$cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($n);
|
2149 |
-
}
|
2150 |
-
|
2151 |
-
$k = count($n);
|
2152 |
-
|
2153 |
-
$result = array(MATH_BIGINTEGER_VALUE => $x);
|
2154 |
-
|
2155 |
-
for ($i = 0; $i < $k; ++$i) {
|
2156 |
-
$temp = $result[MATH_BIGINTEGER_VALUE][$i] * $cache[MATH_BIGINTEGER_DATA][$key];
|
2157 |
-
$temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
|
2158 |
-
$temp = $this->_regularMultiply(array($temp), $n);
|
2159 |
-
$temp = array_merge($this->_array_repeat(0, $i), $temp);
|
2160 |
-
$result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false);
|
2161 |
-
}
|
2162 |
-
|
2163 |
-
$result[MATH_BIGINTEGER_VALUE] = array_slice($result[MATH_BIGINTEGER_VALUE], $k);
|
2164 |
-
|
2165 |
-
if ($this->_compare($result, false, $n, false) >= 0) {
|
2166 |
-
$result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], false, $n, false);
|
2167 |
-
}
|
2168 |
-
|
2169 |
-
return $result[MATH_BIGINTEGER_VALUE];
|
2170 |
-
}
|
2171 |
-
|
2172 |
-
/**
|
2173 |
-
* Montgomery Multiply
|
2174 |
-
*
|
2175 |
-
* Interleaves the montgomery reduction and long multiplication algorithms together as described in
|
2176 |
-
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36}
|
2177 |
-
*
|
2178 |
-
* @see _prepMontgomery()
|
2179 |
-
* @see _montgomery()
|
2180 |
-
* @access private
|
2181 |
-
* @param Array $x
|
2182 |
-
* @param Array $y
|
2183 |
-
* @param Array $m
|
2184 |
-
* @return Array
|
2185 |
-
*/
|
2186 |
-
function _montgomeryMultiply($x, $y, $m)
|
2187 |
-
{
|
2188 |
-
$temp = $this->_multiply($x, false, $y, false);
|
2189 |
-
return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m);
|
2190 |
-
|
2191 |
-
static $cache = array(
|
2192 |
-
MATH_BIGINTEGER_VARIABLE => array(),
|
2193 |
-
MATH_BIGINTEGER_DATA => array()
|
2194 |
-
);
|
2195 |
-
|
2196 |
-
if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
2197 |
-
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
2198 |
-
$cache[MATH_BIGINTEGER_VARIABLE][] = $m;
|
2199 |
-
$cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($m);
|
2200 |
-
}
|
2201 |
-
|
2202 |
-
$n = max(count($x), count($y), count($m));
|
2203 |
-
$x = array_pad($x, $n, 0);
|
2204 |
-
$y = array_pad($y, $n, 0);
|
2205 |
-
$m = array_pad($m, $n, 0);
|
2206 |
-
$a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1));
|
2207 |
-
for ($i = 0; $i < $n; ++$i) {
|
2208 |
-
$temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] * $y[0];
|
2209 |
-
$temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
|
2210 |
-
$temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key];
|
2211 |
-
$temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
|
2212 |
-
$temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false);
|
2213 |
-
$a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false);
|
2214 |
-
$a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1);
|
2215 |
-
}
|
2216 |
-
if ($this->_compare($a[MATH_BIGINTEGER_VALUE], false, $m, false) >= 0) {
|
2217 |
-
$a = $this->_subtract($a[MATH_BIGINTEGER_VALUE], false, $m, false);
|
2218 |
-
}
|
2219 |
-
return $a[MATH_BIGINTEGER_VALUE];
|
2220 |
-
}
|
2221 |
-
|
2222 |
-
/**
|
2223 |
-
* Prepare a number for use in Montgomery Modular Reductions
|
2224 |
-
*
|
2225 |
-
* @see _montgomery()
|
2226 |
-
* @see _slidingWindow()
|
2227 |
-
* @access private
|
2228 |
-
* @param Array $x
|
2229 |
-
* @param Array $n
|
2230 |
-
* @return Array
|
2231 |
-
*/
|
2232 |
-
function _prepMontgomery($x, $n)
|
2233 |
-
{
|
2234 |
-
$lhs = new Math_BigInteger();
|
2235 |
-
$lhs->value = array_merge($this->_array_repeat(0, count($n)), $x);
|
2236 |
-
$rhs = new Math_BigInteger();
|
2237 |
-
$rhs->value = $n;
|
2238 |
-
|
2239 |
-
list(, $temp) = $lhs->divide($rhs);
|
2240 |
-
return $temp->value;
|
2241 |
-
}
|
2242 |
-
|
2243 |
-
/**
|
2244 |
-
* Modular Inverse of a number mod 2**26 (eg. 67108864)
|
2245 |
-
*
|
2246 |
-
* Based off of the bnpInvDigit function implemented and justified in the following URL:
|
2247 |
-
*
|
2248 |
-
* {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js}
|
2249 |
-
*
|
2250 |
-
* The following URL provides more info:
|
2251 |
-
*
|
2252 |
-
* {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85}
|
2253 |
-
*
|
2254 |
-
* As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For
|
2255 |
-
* instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields
|
2256 |
-
* int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't
|
2257 |
-
* auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that
|
2258 |
-
* the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the
|
2259 |
-
* maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to
|
2260 |
-
* 40 bits, which only 64-bit floating points will support.
|
2261 |
-
*
|
2262 |
-
* Thanks to Pedro Gimeno Fortea for input!
|
2263 |
-
*
|
2264 |
-
* @see _montgomery()
|
2265 |
-
* @access private
|
2266 |
-
* @param Array $x
|
2267 |
-
* @return Integer
|
2268 |
-
*/
|
2269 |
-
function _modInverse67108864($x) // 2**26 == 67108864
|
2270 |
-
{
|
2271 |
-
$x = -$x[0];
|
2272 |
-
$result = $x & 0x3; // x**-1 mod 2**2
|
2273 |
-
$result = ($result * (2 - $x * $result)) & 0xF; // x**-1 mod 2**4
|
2274 |
-
$result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x**-1 mod 2**8
|
2275 |
-
$result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x**-1 mod 2**16
|
2276 |
-
$result = fmod($result * (2 - fmod($x * $result, 0x4000000)), 0x4000000); // x**-1 mod 2**26
|
2277 |
-
return $result & 0x3FFFFFF;
|
2278 |
-
}
|
2279 |
-
|
2280 |
-
/**
|
2281 |
-
* Calculates modular inverses.
|
2282 |
-
*
|
2283 |
-
* Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses.
|
2284 |
-
*
|
2285 |
-
* Here's an example:
|
2286 |
-
* <code>
|
2287 |
-
* <?php
|
2288 |
-
* include('Math/BigInteger.php');
|
2289 |
-
*
|
2290 |
-
* $a = new Math_BigInteger(30);
|
2291 |
-
* $b = new Math_BigInteger(17);
|
2292 |
-
*
|
2293 |
-
* $c = $a->modInverse($b);
|
2294 |
-
* echo $c->toString(); // outputs 4
|
2295 |
-
*
|
2296 |
-
* echo "\r\n";
|
2297 |
-
*
|
2298 |
-
* $d = $a->multiply($c);
|
2299 |
-
* list(, $d) = $d->divide($b);
|
2300 |
-
* echo $d; // outputs 1 (as per the definition of modular inverse)
|
2301 |
-
* ?>
|
2302 |
-
* </code>
|
2303 |
-
*
|
2304 |
-
* @param Math_BigInteger $n
|
2305 |
-
* @return mixed false, if no modular inverse exists, Math_BigInteger, otherwise.
|
2306 |
-
* @access public
|
2307 |
-
* @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information.
|
2308 |
-
*/
|
2309 |
-
function modInverse($n)
|
2310 |
-
{
|
2311 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2312 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2313 |
-
$temp = new Math_BigInteger();
|
2314 |
-
$temp->value = gmp_invert($this->value, $n->value);
|
2315 |
-
|
2316 |
-
return ( $temp->value === false ) ? false : $this->_normalize($temp);
|
2317 |
-
}
|
2318 |
-
|
2319 |
-
static $zero, $one;
|
2320 |
-
if (!isset($zero)) {
|
2321 |
-
$zero = new Math_BigInteger();
|
2322 |
-
$one = new Math_BigInteger(1);
|
2323 |
-
}
|
2324 |
-
|
2325 |
-
// $x mod $n == $x mod -$n.
|
2326 |
-
$n = $n->abs();
|
2327 |
-
|
2328 |
-
if ($this->compare($zero) < 0) {
|
2329 |
-
$temp = $this->abs();
|
2330 |
-
$temp = $temp->modInverse($n);
|
2331 |
-
return $negated === false ? false : $this->_normalize($n->subtract($temp));
|
2332 |
-
}
|
2333 |
-
|
2334 |
-
extract($this->extendedGCD($n));
|
2335 |
-
|
2336 |
-
if (!$gcd->equals($one)) {
|
2337 |
-
return false;
|
2338 |
-
}
|
2339 |
-
|
2340 |
-
$x = $x->compare($zero) < 0 ? $x->add($n) : $x;
|
2341 |
-
|
2342 |
-
return $this->compare($zero) < 0 ? $this->_normalize($n->subtract($x)) : $this->_normalize($x);
|
2343 |
-
}
|
2344 |
-
|
2345 |
-
/**
|
2346 |
-
* Calculates the greatest common divisor and B�zout's identity.
|
2347 |
-
*
|
2348 |
-
* Say you have 693 and 609. The GCD is 21. B�zout's identity states that there exist integers x and y such that
|
2349 |
-
* 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which
|
2350 |
-
* combination is returned is dependant upon which mode is in use. See
|
2351 |
-
* {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity B�zout's identity - Wikipedia} for more information.
|
2352 |
-
*
|
2353 |
-
* Here's an example:
|
2354 |
-
* <code>
|
2355 |
-
* <?php
|
2356 |
-
* include('Math/BigInteger.php');
|
2357 |
-
*
|
2358 |
-
* $a = new Math_BigInteger(693);
|
2359 |
-
* $b = new Math_BigInteger(609);
|
2360 |
-
*
|
2361 |
-
* extract($a->extendedGCD($b));
|
2362 |
-
*
|
2363 |
-
* echo $gcd->toString() . "\r\n"; // outputs 21
|
2364 |
-
* echo $a->toString() * $x->toString() + $b->toString() * $y->toString(); // outputs 21
|
2365 |
-
* ?>
|
2366 |
-
* </code>
|
2367 |
-
*
|
2368 |
-
* @param Math_BigInteger $n
|
2369 |
-
* @return Math_BigInteger
|
2370 |
-
* @access public
|
2371 |
-
* @internal Calculates the GCD using the binary xGCD algorithim described in
|
2372 |
-
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes,
|
2373 |
-
* the more traditional algorithim requires "relatively costly multiple-precision divisions".
|
2374 |
-
*/
|
2375 |
-
function extendedGCD($n)
|
2376 |
-
{
|
2377 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2378 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2379 |
-
extract(gmp_gcdext($this->value, $n->value));
|
2380 |
-
|
2381 |
-
return array(
|
2382 |
-
'gcd' => $this->_normalize(new Math_BigInteger($g)),
|
2383 |
-
'x' => $this->_normalize(new Math_BigInteger($s)),
|
2384 |
-
'y' => $this->_normalize(new Math_BigInteger($t))
|
2385 |
-
);
|
2386 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2387 |
-
// it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works
|
2388 |
-
// best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is,
|
2389 |
-
// the basic extended euclidean algorithim is what we're using.
|
2390 |
-
|
2391 |
-
$u = $this->value;
|
2392 |
-
$v = $n->value;
|
2393 |
-
|
2394 |
-
$a = '1';
|
2395 |
-
$b = '0';
|
2396 |
-
$c = '0';
|
2397 |
-
$d = '1';
|
2398 |
-
|
2399 |
-
while (bccomp($v, '0', 0) != 0) {
|
2400 |
-
$q = bcdiv($u, $v, 0);
|
2401 |
-
|
2402 |
-
$temp = $u;
|
2403 |
-
$u = $v;
|
2404 |
-
$v = bcsub($temp, bcmul($v, $q, 0), 0);
|
2405 |
-
|
2406 |
-
$temp = $a;
|
2407 |
-
$a = $c;
|
2408 |
-
$c = bcsub($temp, bcmul($a, $q, 0), 0);
|
2409 |
-
|
2410 |
-
$temp = $b;
|
2411 |
-
$b = $d;
|
2412 |
-
$d = bcsub($temp, bcmul($b, $q, 0), 0);
|
2413 |
-
}
|
2414 |
-
|
2415 |
-
return array(
|
2416 |
-
'gcd' => $this->_normalize(new Math_BigInteger($u)),
|
2417 |
-
'x' => $this->_normalize(new Math_BigInteger($a)),
|
2418 |
-
'y' => $this->_normalize(new Math_BigInteger($b))
|
2419 |
-
);
|
2420 |
-
}
|
2421 |
-
|
2422 |
-
$y = $n->copy();
|
2423 |
-
$x = $this->copy();
|
2424 |
-
$g = new Math_BigInteger();
|
2425 |
-
$g->value = array(1);
|
2426 |
-
|
2427 |
-
while ( !(($x->value[0] & 1)|| ($y->value[0] & 1)) ) {
|
2428 |
-
$x->_rshift(1);
|
2429 |
-
$y->_rshift(1);
|
2430 |
-
$g->_lshift(1);
|
2431 |
-
}
|
2432 |
-
|
2433 |
-
$u = $x->copy();
|
2434 |
-
$v = $y->copy();
|
2435 |
-
|
2436 |
-
$a = new Math_BigInteger();
|
2437 |
-
$b = new Math_BigInteger();
|
2438 |
-
$c = new Math_BigInteger();
|
2439 |
-
$d = new Math_BigInteger();
|
2440 |
-
|
2441 |
-
$a->value = $d->value = $g->value = array(1);
|
2442 |
-
$b->value = $c->value = array();
|
2443 |
-
|
2444 |
-
while ( !empty($u->value) ) {
|
2445 |
-
while ( !($u->value[0] & 1) ) {
|
2446 |
-
$u->_rshift(1);
|
2447 |
-
if ( (!empty($a->value) && ($a->value[0] & 1)) || (!empty($b->value) && ($b->value[0] & 1)) ) {
|
2448 |
-
$a = $a->add($y);
|
2449 |
-
$b = $b->subtract($x);
|
2450 |
-
}
|
2451 |
-
$a->_rshift(1);
|
2452 |
-
$b->_rshift(1);
|
2453 |
-
}
|
2454 |
-
|
2455 |
-
while ( !($v->value[0] & 1) ) {
|
2456 |
-
$v->_rshift(1);
|
2457 |
-
if ( (!empty($d->value) && ($d->value[0] & 1)) || (!empty($c->value) && ($c->value[0] & 1)) ) {
|
2458 |
-
$c = $c->add($y);
|
2459 |
-
$d = $d->subtract($x);
|
2460 |
-
}
|
2461 |
-
$c->_rshift(1);
|
2462 |
-
$d->_rshift(1);
|
2463 |
-
}
|
2464 |
-
|
2465 |
-
if ($u->compare($v) >= 0) {
|
2466 |
-
$u = $u->subtract($v);
|
2467 |
-
$a = $a->subtract($c);
|
2468 |
-
$b = $b->subtract($d);
|
2469 |
-
} else {
|
2470 |
-
$v = $v->subtract($u);
|
2471 |
-
$c = $c->subtract($a);
|
2472 |
-
$d = $d->subtract($b);
|
2473 |
-
}
|
2474 |
-
}
|
2475 |
-
|
2476 |
-
return array(
|
2477 |
-
'gcd' => $this->_normalize($g->multiply($v)),
|
2478 |
-
'x' => $this->_normalize($c),
|
2479 |
-
'y' => $this->_normalize($d)
|
2480 |
-
);
|
2481 |
-
}
|
2482 |
-
|
2483 |
-
/**
|
2484 |
-
* Calculates the greatest common divisor
|
2485 |
-
*
|
2486 |
-
* Say you have 693 and 609. The GCD is 21.
|
2487 |
-
*
|
2488 |
-
* Here's an example:
|
2489 |
-
* <code>
|
2490 |
-
* <?php
|
2491 |
-
* include('Math/BigInteger.php');
|
2492 |
-
*
|
2493 |
-
* $a = new Math_BigInteger(693);
|
2494 |
-
* $b = new Math_BigInteger(609);
|
2495 |
-
*
|
2496 |
-
* $gcd = a->extendedGCD($b);
|
2497 |
-
*
|
2498 |
-
* echo $gcd->toString() . "\r\n"; // outputs 21
|
2499 |
-
* ?>
|
2500 |
-
* </code>
|
2501 |
-
*
|
2502 |
-
* @param Math_BigInteger $n
|
2503 |
-
* @return Math_BigInteger
|
2504 |
-
* @access public
|
2505 |
-
*/
|
2506 |
-
function gcd($n)
|
2507 |
-
{
|
2508 |
-
extract($this->extendedGCD($n));
|
2509 |
-
return $gcd;
|
2510 |
-
}
|
2511 |
-
|
2512 |
-
/**
|
2513 |
-
* Absolute value.
|
2514 |
-
*
|
2515 |
-
* @return Math_BigInteger
|
2516 |
-
* @access public
|
2517 |
-
*/
|
2518 |
-
function abs()
|
2519 |
-
{
|
2520 |
-
$temp = new Math_BigInteger();
|
2521 |
-
|
2522 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2523 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2524 |
-
$temp->value = gmp_abs($this->value);
|
2525 |
-
break;
|
2526 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2527 |
-
$temp->value = (bccomp($this->value, '0', 0) < 0) ? substr($this->value, 1) : $this->value;
|
2528 |
-
break;
|
2529 |
-
default:
|
2530 |
-
$temp->value = $this->value;
|
2531 |
-
}
|
2532 |
-
|
2533 |
-
return $temp;
|
2534 |
-
}
|
2535 |
-
|
2536 |
-
/**
|
2537 |
-
* Compares two numbers.
|
2538 |
-
*
|
2539 |
-
* Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is
|
2540 |
-
* demonstrated thusly:
|
2541 |
-
*
|
2542 |
-
* $x > $y: $x->compare($y) > 0
|
2543 |
-
* $x < $y: $x->compare($y) < 0
|
2544 |
-
* $x == $y: $x->compare($y) == 0
|
2545 |
-
*
|
2546 |
-
* Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y).
|
2547 |
-
*
|
2548 |
-
* @param Math_BigInteger $x
|
2549 |
-
* @return Integer < 0 if $this is less than $x; > 0 if $this is greater than $x, and 0 if they are equal.
|
2550 |
-
* @access public
|
2551 |
-
* @see equals()
|
2552 |
-
* @internal Could return $this->subtract($x), but that's not as fast as what we do do.
|
2553 |
-
*/
|
2554 |
-
function compare($y)
|
2555 |
-
{
|
2556 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2557 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2558 |
-
return gmp_cmp($this->value, $y->value);
|
2559 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2560 |
-
return bccomp($this->value, $y->value, 0);
|
2561 |
-
}
|
2562 |
-
|
2563 |
-
return $this->_compare($this->value, $this->is_negative, $y->value, $y->is_negative);
|
2564 |
-
}
|
2565 |
-
|
2566 |
-
/**
|
2567 |
-
* Compares two numbers.
|
2568 |
-
*
|
2569 |
-
* @param Array $x_value
|
2570 |
-
* @param Boolean $x_negative
|
2571 |
-
* @param Array $y_value
|
2572 |
-
* @param Boolean $y_negative
|
2573 |
-
* @return Integer
|
2574 |
-
* @see compare()
|
2575 |
-
* @access private
|
2576 |
-
*/
|
2577 |
-
function _compare($x_value, $x_negative, $y_value, $y_negative)
|
2578 |
-
{
|
2579 |
-
if ( $x_negative != $y_negative ) {
|
2580 |
-
return ( !$x_negative && $y_negative ) ? 1 : -1;
|
2581 |
-
}
|
2582 |
-
|
2583 |
-
$result = $x_negative ? -1 : 1;
|
2584 |
-
|
2585 |
-
if ( count($x_value) != count($y_value) ) {
|
2586 |
-
return ( count($x_value) > count($y_value) ) ? $result : -$result;
|
2587 |
-
}
|
2588 |
-
$size = max(count($x_value), count($y_value));
|
2589 |
-
|
2590 |
-
$x_value = array_pad($x_value, $size, 0);
|
2591 |
-
$y_value = array_pad($y_value, $size, 0);
|
2592 |
-
|
2593 |
-
for ($i = count($x_value) - 1; $i >= 0; --$i) {
|
2594 |
-
if ($x_value[$i] != $y_value[$i]) {
|
2595 |
-
return ( $x_value[$i] > $y_value[$i] ) ? $result : -$result;
|
2596 |
-
}
|
2597 |
-
}
|
2598 |
-
|
2599 |
-
return 0;
|
2600 |
-
}
|
2601 |
-
|
2602 |
-
/**
|
2603 |
-
* Tests the equality of two numbers.
|
2604 |
-
*
|
2605 |
-
* If you need to see if one number is greater than or less than another number, use Math_BigInteger::compare()
|
2606 |
-
*
|
2607 |
-
* @param Math_BigInteger $x
|
2608 |
-
* @return Boolean
|
2609 |
-
* @access public
|
2610 |
-
* @see compare()
|
2611 |
-
*/
|
2612 |
-
function equals($x)
|
2613 |
-
{
|
2614 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2615 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2616 |
-
return gmp_cmp($this->value, $x->value) == 0;
|
2617 |
-
default:
|
2618 |
-
return $this->value === $x->value && $this->is_negative == $x->is_negative;
|
2619 |
-
}
|
2620 |
-
}
|
2621 |
-
|
2622 |
-
/**
|
2623 |
-
* Set Precision
|
2624 |
-
*
|
2625 |
-
* Some bitwise operations give different results depending on the precision being used. Examples include left
|
2626 |
-
* shift, not, and rotates.
|
2627 |
-
*
|
2628 |
-
* @param Math_BigInteger $x
|
2629 |
-
* @access public
|
2630 |
-
* @return Math_BigInteger
|
2631 |
-
*/
|
2632 |
-
function setPrecision($bits)
|
2633 |
-
{
|
2634 |
-
$this->precision = $bits;
|
2635 |
-
if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ) {
|
2636 |
-
$this->bitmask = new Math_BigInteger(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256);
|
2637 |
-
} else {
|
2638 |
-
$this->bitmask = new Math_BigInteger(bcpow('2', $bits, 0));
|
2639 |
-
}
|
2640 |
-
|
2641 |
-
$temp = $this->_normalize($this);
|
2642 |
-
$this->value = $temp->value;
|
2643 |
-
}
|
2644 |
-
|
2645 |
-
/**
|
2646 |
-
* Logical And
|
2647 |
-
*
|
2648 |
-
* @param Math_BigInteger $x
|
2649 |
-
* @access public
|
2650 |
-
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2651 |
-
* @return Math_BigInteger
|
2652 |
-
*/
|
2653 |
-
function bitwise_and($x)
|
2654 |
-
{
|
2655 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2656 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2657 |
-
$temp = new Math_BigInteger();
|
2658 |
-
$temp->value = gmp_and($this->value, $x->value);
|
2659 |
-
|
2660 |
-
return $this->_normalize($temp);
|
2661 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2662 |
-
$left = $this->toBytes();
|
2663 |
-
$right = $x->toBytes();
|
2664 |
-
|
2665 |
-
$length = max(strlen($left), strlen($right));
|
2666 |
-
|
2667 |
-
$left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
|
2668 |
-
$right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
|
2669 |
-
|
2670 |
-
return $this->_normalize(new Math_BigInteger($left & $right, 256));
|
2671 |
-
}
|
2672 |
-
|
2673 |
-
$result = $this->copy();
|
2674 |
-
|
2675 |
-
$length = min(count($x->value), count($this->value));
|
2676 |
-
|
2677 |
-
$result->value = array_slice($result->value, 0, $length);
|
2678 |
-
|
2679 |
-
for ($i = 0; $i < $length; ++$i) {
|
2680 |
-
$result->value[$i] = $result->value[$i] & $x->value[$i];
|
2681 |
-
}
|
2682 |
-
|
2683 |
-
return $this->_normalize($result);
|
2684 |
-
}
|
2685 |
-
|
2686 |
-
/**
|
2687 |
-
* Logical Or
|
2688 |
-
*
|
2689 |
-
* @param Math_BigInteger $x
|
2690 |
-
* @access public
|
2691 |
-
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2692 |
-
* @return Math_BigInteger
|
2693 |
-
*/
|
2694 |
-
function bitwise_or($x)
|
2695 |
-
{
|
2696 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2697 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2698 |
-
$temp = new Math_BigInteger();
|
2699 |
-
$temp->value = gmp_or($this->value, $x->value);
|
2700 |
-
|
2701 |
-
return $this->_normalize($temp);
|
2702 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2703 |
-
$left = $this->toBytes();
|
2704 |
-
$right = $x->toBytes();
|
2705 |
-
|
2706 |
-
$length = max(strlen($left), strlen($right));
|
2707 |
-
|
2708 |
-
$left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
|
2709 |
-
$right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
|
2710 |
-
|
2711 |
-
return $this->_normalize(new Math_BigInteger($left | $right, 256));
|
2712 |
-
}
|
2713 |
-
|
2714 |
-
$length = max(count($this->value), count($x->value));
|
2715 |
-
$result = $this->copy();
|
2716 |
-
$result->value = array_pad($result->value, 0, $length);
|
2717 |
-
$x->value = array_pad($x->value, 0, $length);
|
2718 |
-
|
2719 |
-
for ($i = 0; $i < $length; ++$i) {
|
2720 |
-
$result->value[$i] = $this->value[$i] | $x->value[$i];
|
2721 |
-
}
|
2722 |
-
|
2723 |
-
return $this->_normalize($result);
|
2724 |
-
}
|
2725 |
-
|
2726 |
-
/**
|
2727 |
-
* Logical Exclusive-Or
|
2728 |
-
*
|
2729 |
-
* @param Math_BigInteger $x
|
2730 |
-
* @access public
|
2731 |
-
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2732 |
-
* @return Math_BigInteger
|
2733 |
-
*/
|
2734 |
-
function bitwise_xor($x)
|
2735 |
-
{
|
2736 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2737 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2738 |
-
$temp = new Math_BigInteger();
|
2739 |
-
$temp->value = gmp_xor($this->value, $x->value);
|
2740 |
-
|
2741 |
-
return $this->_normalize($temp);
|
2742 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2743 |
-
$left = $this->toBytes();
|
2744 |
-
$right = $x->toBytes();
|
2745 |
-
|
2746 |
-
$length = max(strlen($left), strlen($right));
|
2747 |
-
|
2748 |
-
$left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
|
2749 |
-
$right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
|
2750 |
-
|
2751 |
-
return $this->_normalize(new Math_BigInteger($left ^ $right, 256));
|
2752 |
-
}
|
2753 |
-
|
2754 |
-
$length = max(count($this->value), count($x->value));
|
2755 |
-
$result = $this->copy();
|
2756 |
-
$result->value = array_pad($result->value, 0, $length);
|
2757 |
-
$x->value = array_pad($x->value, 0, $length);
|
2758 |
-
|
2759 |
-
for ($i = 0; $i < $length; ++$i) {
|
2760 |
-
$result->value[$i] = $this->value[$i] ^ $x->value[$i];
|
2761 |
-
}
|
2762 |
-
|
2763 |
-
return $this->_normalize($result);
|
2764 |
-
}
|
2765 |
-
|
2766 |
-
/**
|
2767 |
-
* Logical Not
|
2768 |
-
*
|
2769 |
-
* @access public
|
2770 |
-
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2771 |
-
* @return Math_BigInteger
|
2772 |
-
*/
|
2773 |
-
function bitwise_not()
|
2774 |
-
{
|
2775 |
-
// calculuate "not" without regard to $this->precision
|
2776 |
-
// (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0)
|
2777 |
-
$temp = $this->toBytes();
|
2778 |
-
$pre_msb = decbin(ord($temp[0]));
|
2779 |
-
$temp = ~$temp;
|
2780 |
-
$msb = decbin(ord($temp[0]));
|
2781 |
-
if (strlen($msb) == 8) {
|
2782 |
-
$msb = substr($msb, strpos($msb, '0'));
|
2783 |
-
}
|
2784 |
-
$temp[0] = chr(bindec($msb));
|
2785 |
-
|
2786 |
-
// see if we need to add extra leading 1's
|
2787 |
-
$current_bits = strlen($pre_msb) + 8 * strlen($temp) - 8;
|
2788 |
-
$new_bits = $this->precision - $current_bits;
|
2789 |
-
if ($new_bits <= 0) {
|
2790 |
-
return $this->_normalize(new Math_BigInteger($temp, 256));
|
2791 |
-
}
|
2792 |
-
|
2793 |
-
// generate as many leading 1's as we need to.
|
2794 |
-
$leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3);
|
2795 |
-
$this->_base256_lshift($leading_ones, $current_bits);
|
2796 |
-
|
2797 |
-
$temp = str_pad($temp, ceil($this->bits / 8), chr(0), STR_PAD_LEFT);
|
2798 |
-
|
2799 |
-
return $this->_normalize(new Math_BigInteger($leading_ones | $temp, 256));
|
2800 |
-
}
|
2801 |
-
|
2802 |
-
/**
|
2803 |
-
* Logical Right Shift
|
2804 |
-
*
|
2805 |
-
* Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift.
|
2806 |
-
*
|
2807 |
-
* @param Integer $shift
|
2808 |
-
* @return Math_BigInteger
|
2809 |
-
* @access public
|
2810 |
-
* @internal The only version that yields any speed increases is the internal version.
|
2811 |
-
*/
|
2812 |
-
function bitwise_rightShift($shift)
|
2813 |
-
{
|
2814 |
-
$temp = new Math_BigInteger();
|
2815 |
-
|
2816 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2817 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2818 |
-
static $two;
|
2819 |
-
|
2820 |
-
if (!isset($two)) {
|
2821 |
-
$two = gmp_init('2');
|
2822 |
-
}
|
2823 |
-
|
2824 |
-
$temp->value = gmp_div_q($this->value, gmp_pow($two, $shift));
|
2825 |
-
|
2826 |
-
break;
|
2827 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2828 |
-
$temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0);
|
2829 |
-
|
2830 |
-
break;
|
2831 |
-
default: // could just replace _lshift with this, but then all _lshift() calls would need to be rewritten
|
2832 |
-
// and I don't want to do that...
|
2833 |
-
$temp->value = $this->value;
|
2834 |
-
$temp->_rshift($shift);
|
2835 |
-
}
|
2836 |
-
|
2837 |
-
return $this->_normalize($temp);
|
2838 |
-
}
|
2839 |
-
|
2840 |
-
/**
|
2841 |
-
* Logical Left Shift
|
2842 |
-
*
|
2843 |
-
* Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift.
|
2844 |
-
*
|
2845 |
-
* @param Integer $shift
|
2846 |
-
* @return Math_BigInteger
|
2847 |
-
* @access public
|
2848 |
-
* @internal The only version that yields any speed increases is the internal version.
|
2849 |
-
*/
|
2850 |
-
function bitwise_leftShift($shift)
|
2851 |
-
{
|
2852 |
-
$temp = new Math_BigInteger();
|
2853 |
-
|
2854 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
2855 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
2856 |
-
static $two;
|
2857 |
-
|
2858 |
-
if (!isset($two)) {
|
2859 |
-
$two = gmp_init('2');
|
2860 |
-
}
|
2861 |
-
|
2862 |
-
$temp->value = gmp_mul($this->value, gmp_pow($two, $shift));
|
2863 |
-
|
2864 |
-
break;
|
2865 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
2866 |
-
$temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0);
|
2867 |
-
|
2868 |
-
break;
|
2869 |
-
default: // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten
|
2870 |
-
// and I don't want to do that...
|
2871 |
-
$temp->value = $this->value;
|
2872 |
-
$temp->_lshift($shift);
|
2873 |
-
}
|
2874 |
-
|
2875 |
-
return $this->_normalize($temp);
|
2876 |
-
}
|
2877 |
-
|
2878 |
-
/**
|
2879 |
-
* Logical Left Rotate
|
2880 |
-
*
|
2881 |
-
* Instead of the top x bits being dropped they're appended to the shifted bit string.
|
2882 |
-
*
|
2883 |
-
* @param Integer $shift
|
2884 |
-
* @return Math_BigInteger
|
2885 |
-
* @access public
|
2886 |
-
*/
|
2887 |
-
function bitwise_leftRotate($shift)
|
2888 |
-
{
|
2889 |
-
$bits = $this->toBytes();
|
2890 |
-
|
2891 |
-
if ($this->precision > 0) {
|
2892 |
-
$precision = $this->precision;
|
2893 |
-
if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
|
2894 |
-
$mask = $this->bitmask->subtract(new Math_BigInteger(1));
|
2895 |
-
$mask = $mask->toBytes();
|
2896 |
-
} else {
|
2897 |
-
$mask = $this->bitmask->toBytes();
|
2898 |
-
}
|
2899 |
-
} else {
|
2900 |
-
$temp = ord($bits[0]);
|
2901 |
-
for ($i = 0; $temp >> $i; ++$i);
|
2902 |
-
$precision = 8 * strlen($bits) - 8 + $i;
|
2903 |
-
$mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3);
|
2904 |
-
}
|
2905 |
-
|
2906 |
-
if ($shift < 0) {
|
2907 |
-
$shift+= $precision;
|
2908 |
-
}
|
2909 |
-
$shift%= $precision;
|
2910 |
-
|
2911 |
-
if (!$shift) {
|
2912 |
-
return $this->copy();
|
2913 |
-
}
|
2914 |
-
|
2915 |
-
$left = $this->bitwise_leftShift($shift);
|
2916 |
-
$left = $left->bitwise_and(new Math_BigInteger($mask, 256));
|
2917 |
-
$right = $this->bitwise_rightShift($precision - $shift);
|
2918 |
-
$result = MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right);
|
2919 |
-
return $this->_normalize($result);
|
2920 |
-
}
|
2921 |
-
|
2922 |
-
/**
|
2923 |
-
* Logical Right Rotate
|
2924 |
-
*
|
2925 |
-
* Instead of the bottom x bits being dropped they're prepended to the shifted bit string.
|
2926 |
-
*
|
2927 |
-
* @param Integer $shift
|
2928 |
-
* @return Math_BigInteger
|
2929 |
-
* @access public
|
2930 |
-
*/
|
2931 |
-
function bitwise_rightRotate($shift)
|
2932 |
-
{
|
2933 |
-
return $this->bitwise_leftRotate(-$shift);
|
2934 |
-
}
|
2935 |
-
|
2936 |
-
/**
|
2937 |
-
* Set random number generator function
|
2938 |
-
*
|
2939 |
-
* $generator should be the name of a random generating function whose first parameter is the minimum
|
2940 |
-
* value and whose second parameter is the maximum value. If this function needs to be seeded, it should
|
2941 |
-
* be seeded prior to calling Math_BigInteger::random() or Math_BigInteger::randomPrime()
|
2942 |
-
*
|
2943 |
-
* If the random generating function is not explicitly set, it'll be assumed to be mt_rand().
|
2944 |
-
*
|
2945 |
-
* @see random()
|
2946 |
-
* @see randomPrime()
|
2947 |
-
* @param optional String $generator
|
2948 |
-
* @access public
|
2949 |
-
*/
|
2950 |
-
function setRandomGenerator($generator)
|
2951 |
-
{
|
2952 |
-
$this->generator = $generator;
|
2953 |
-
}
|
2954 |
-
|
2955 |
-
/**
|
2956 |
-
* Generate a random number
|
2957 |
-
*
|
2958 |
-
* @param optional Integer $min
|
2959 |
-
* @param optional Integer $max
|
2960 |
-
* @return Math_BigInteger
|
2961 |
-
* @access public
|
2962 |
-
*/
|
2963 |
-
function random($min = false, $max = false)
|
2964 |
-
{
|
2965 |
-
if ($min === false) {
|
2966 |
-
$min = new Math_BigInteger(0);
|
2967 |
-
}
|
2968 |
-
|
2969 |
-
if ($max === false) {
|
2970 |
-
$max = new Math_BigInteger(0x7FFFFFFF);
|
2971 |
-
}
|
2972 |
-
|
2973 |
-
$compare = $max->compare($min);
|
2974 |
-
|
2975 |
-
if (!$compare) {
|
2976 |
-
return $this->_normalize($min);
|
2977 |
-
} else if ($compare < 0) {
|
2978 |
-
// if $min is bigger then $max, swap $min and $max
|
2979 |
-
$temp = $max;
|
2980 |
-
$max = $min;
|
2981 |
-
$min = $temp;
|
2982 |
-
}
|
2983 |
-
|
2984 |
-
$generator = $this->generator;
|
2985 |
-
|
2986 |
-
$max = $max->subtract($min);
|
2987 |
-
$max = ltrim($max->toBytes(), chr(0));
|
2988 |
-
$size = strlen($max) - 1;
|
2989 |
-
$random = '';
|
2990 |
-
|
2991 |
-
$bytes = $size & 1;
|
2992 |
-
for ($i = 0; $i < $bytes; ++$i) {
|
2993 |
-
$random.= chr($generator(0, 255));
|
2994 |
-
}
|
2995 |
-
|
2996 |
-
$blocks = $size >> 1;
|
2997 |
-
for ($i = 0; $i < $blocks; ++$i) {
|
2998 |
-
// mt_rand(-2147483648, 0x7FFFFFFF) always produces -2147483648 on some systems
|
2999 |
-
$random.= pack('n', $generator(0, 0xFFFF));
|
3000 |
-
}
|
3001 |
-
|
3002 |
-
$temp = new Math_BigInteger($random, 256);
|
3003 |
-
if ($temp->compare(new Math_BigInteger(substr($max, 1), 256)) > 0) {
|
3004 |
-
$random = chr($generator(0, ord($max[0]) - 1)) . $random;
|
3005 |
-
} else {
|
3006 |
-
$random = chr($generator(0, ord($max[0]) )) . $random;
|
3007 |
-
}
|
3008 |
-
|
3009 |
-
$random = new Math_BigInteger($random, 256);
|
3010 |
-
|
3011 |
-
return $this->_normalize($random->add($min));
|
3012 |
-
}
|
3013 |
-
|
3014 |
-
/**
|
3015 |
-
* Generate a random prime number.
|
3016 |
-
*
|
3017 |
-
* If there's not a prime within the given range, false will be returned. If more than $timeout seconds have elapsed,
|
3018 |
-
* give up and return false.
|
3019 |
-
*
|
3020 |
-
* @param optional Integer $min
|
3021 |
-
* @param optional Integer $max
|
3022 |
-
* @param optional Integer $timeout
|
3023 |
-
* @return Math_BigInteger
|
3024 |
-
* @access public
|
3025 |
-
* @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}.
|
3026 |
-
*/
|
3027 |
-
function randomPrime($min = false, $max = false, $timeout = false)
|
3028 |
-
{
|
3029 |
-
$compare = $max->compare($min);
|
3030 |
-
|
3031 |
-
if (!$compare) {
|
3032 |
-
return $min;
|
3033 |
-
} else if ($compare < 0) {
|
3034 |
-
// if $min is bigger then $max, swap $min and $max
|
3035 |
-
$temp = $max;
|
3036 |
-
$max = $min;
|
3037 |
-
$min = $temp;
|
3038 |
-
}
|
3039 |
-
|
3040 |
-
// gmp_nextprime() requires PHP 5 >= 5.2.0 per <http://php.net/gmp-nextprime>.
|
3041 |
-
if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && function_exists('gmp_nextprime') ) {
|
3042 |
-
// we don't rely on Math_BigInteger::random()'s min / max when gmp_nextprime() is being used since this function
|
3043 |
-
// does its own checks on $max / $min when gmp_nextprime() is used. When gmp_nextprime() is not used, however,
|
3044 |
-
// the same $max / $min checks are not performed.
|
3045 |
-
if ($min === false) {
|
3046 |
-
$min = new Math_BigInteger(0);
|
3047 |
-
}
|
3048 |
-
|
3049 |
-
if ($max === false) {
|
3050 |
-
$max = new Math_BigInteger(0x7FFFFFFF);
|
3051 |
-
}
|
3052 |
-
|
3053 |
-
$x = $this->random($min, $max);
|
3054 |
-
|
3055 |
-
$x->value = gmp_nextprime($x->value);
|
3056 |
-
|
3057 |
-
if ($x->compare($max) <= 0) {
|
3058 |
-
return $x;
|
3059 |
-
}
|
3060 |
-
|
3061 |
-
$x->value = gmp_nextprime($min->value);
|
3062 |
-
|
3063 |
-
if ($x->compare($max) <= 0) {
|
3064 |
-
return $x;
|
3065 |
-
}
|
3066 |
-
|
3067 |
-
return false;
|
3068 |
-
}
|
3069 |
-
|
3070 |
-
static $one, $two;
|
3071 |
-
if (!isset($one)) {
|
3072 |
-
$one = new Math_BigInteger(1);
|
3073 |
-
$two = new Math_BigInteger(2);
|
3074 |
-
}
|
3075 |
-
|
3076 |
-
$start = time();
|
3077 |
-
|
3078 |
-
$x = $this->random($min, $max);
|
3079 |
-
if ($x->equals($two)) {
|
3080 |
-
return $x;
|
3081 |
-
}
|
3082 |
-
|
3083 |
-
$x->_make_odd();
|
3084 |
-
if ($x->compare($max) > 0) {
|
3085 |
-
// if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range
|
3086 |
-
if ($min->equals($max)) {
|
3087 |
-
return false;
|
3088 |
-
}
|
3089 |
-
$x = $min->copy();
|
3090 |
-
$x->_make_odd();
|
3091 |
-
}
|
3092 |
-
|
3093 |
-
$initial_x = $x->copy();
|
3094 |
-
|
3095 |
-
while (true) {
|
3096 |
-
if ($timeout !== false && time() - $start > $timeout) {
|
3097 |
-
return false;
|
3098 |
-
}
|
3099 |
-
|
3100 |
-
if ($x->isPrime()) {
|
3101 |
-
return $x;
|
3102 |
-
}
|
3103 |
-
|
3104 |
-
$x = $x->add($two);
|
3105 |
-
|
3106 |
-
if ($x->compare($max) > 0) {
|
3107 |
-
$x = $min->copy();
|
3108 |
-
if ($x->equals($two)) {
|
3109 |
-
return $x;
|
3110 |
-
}
|
3111 |
-
$x->_make_odd();
|
3112 |
-
}
|
3113 |
-
|
3114 |
-
if ($x->equals($initial_x)) {
|
3115 |
-
return false;
|
3116 |
-
}
|
3117 |
-
}
|
3118 |
-
}
|
3119 |
-
|
3120 |
-
/**
|
3121 |
-
* Make the current number odd
|
3122 |
-
*
|
3123 |
-
* If the current number is odd it'll be unchanged. If it's even, one will be added to it.
|
3124 |
-
*
|
3125 |
-
* @see randomPrime()
|
3126 |
-
* @access private
|
3127 |
-
*/
|
3128 |
-
function _make_odd()
|
3129 |
-
{
|
3130 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
3131 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
3132 |
-
gmp_setbit($this->value, 0);
|
3133 |
-
break;
|
3134 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
3135 |
-
if ($this->value[strlen($this->value) - 1] % 2 == 0) {
|
3136 |
-
$this->value = bcadd($this->value, '1');
|
3137 |
-
}
|
3138 |
-
break;
|
3139 |
-
default:
|
3140 |
-
$this->value[0] |= 1;
|
3141 |
-
}
|
3142 |
-
}
|
3143 |
-
|
3144 |
-
/**
|
3145 |
-
* Checks a numer to see if it's prime
|
3146 |
-
*
|
3147 |
-
* Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the
|
3148 |
-
* $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed accross multiple pageloads
|
3149 |
-
* on a website instead of just one.
|
3150 |
-
*
|
3151 |
-
* @param optional Integer $t
|
3152 |
-
* @return Boolean
|
3153 |
-
* @access public
|
3154 |
-
* @internal Uses the
|
3155 |
-
* {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See
|
3156 |
-
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}.
|
3157 |
-
*/
|
3158 |
-
function isPrime($t = false)
|
3159 |
-
{
|
3160 |
-
$length = strlen($this->toBytes());
|
3161 |
-
|
3162 |
-
if (!$t) {
|
3163 |
-
// see HAC 4.49 "Note (controlling the error probability)"
|
3164 |
-
if ($length >= 163) { $t = 2; } // floor(1300 / 8)
|
3165 |
-
else if ($length >= 106) { $t = 3; } // floor( 850 / 8)
|
3166 |
-
else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8)
|
3167 |
-
else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8)
|
3168 |
-
else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8)
|
3169 |
-
else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8)
|
3170 |
-
else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8)
|
3171 |
-
else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8)
|
3172 |
-
else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8)
|
3173 |
-
else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8)
|
3174 |
-
else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8)
|
3175 |
-
else { $t = 27; }
|
3176 |
-
}
|
3177 |
-
|
3178 |
-
// ie. gmp_testbit($this, 0)
|
3179 |
-
// ie. isEven() or !isOdd()
|
3180 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
3181 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
3182 |
-
return gmp_prob_prime($this->value, $t) != 0;
|
3183 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
3184 |
-
if ($this->value === '2') {
|
3185 |
-
return true;
|
3186 |
-
}
|
3187 |
-
if ($this->value[strlen($this->value) - 1] % 2 == 0) {
|
3188 |
-
return false;
|
3189 |
-
}
|
3190 |
-
break;
|
3191 |
-
default:
|
3192 |
-
if ($this->value == array(2)) {
|
3193 |
-
return true;
|
3194 |
-
}
|
3195 |
-
if (~$this->value[0] & 1) {
|
3196 |
-
return false;
|
3197 |
-
}
|
3198 |
-
}
|
3199 |
-
|
3200 |
-
static $primes, $zero, $one, $two;
|
3201 |
-
|
3202 |
-
if (!isset($primes)) {
|
3203 |
-
$primes = array(
|
3204 |
-
3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59,
|
3205 |
-
61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137,
|
3206 |
-
139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227,
|
3207 |
-
229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313,
|
3208 |
-
317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
|
3209 |
-
421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509,
|
3210 |
-
521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617,
|
3211 |
-
619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727,
|
3212 |
-
733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829,
|
3213 |
-
839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947,
|
3214 |
-
953, 967, 971, 977, 983, 991, 997
|
3215 |
-
);
|
3216 |
-
|
3217 |
-
if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) {
|
3218 |
-
for ($i = 0; $i < count($primes); ++$i) {
|
3219 |
-
$primes[$i] = new Math_BigInteger($primes[$i]);
|
3220 |
-
}
|
3221 |
-
}
|
3222 |
-
|
3223 |
-
$zero = new Math_BigInteger();
|
3224 |
-
$one = new Math_BigInteger(1);
|
3225 |
-
$two = new Math_BigInteger(2);
|
3226 |
-
}
|
3227 |
-
|
3228 |
-
if ($this->equals($one)) {
|
3229 |
-
return false;
|
3230 |
-
}
|
3231 |
-
|
3232 |
-
// see HAC 4.4.1 "Random search for probable primes"
|
3233 |
-
if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) {
|
3234 |
-
foreach ($primes as $prime) {
|
3235 |
-
list(, $r) = $this->divide($prime);
|
3236 |
-
if ($r->equals($zero)) {
|
3237 |
-
return $this->equals($prime);
|
3238 |
-
}
|
3239 |
-
}
|
3240 |
-
} else {
|
3241 |
-
$value = $this->value;
|
3242 |
-
foreach ($primes as $prime) {
|
3243 |
-
list(, $r) = $this->_divide_digit($value, $prime);
|
3244 |
-
if (!$r) {
|
3245 |
-
return count($value) == 1 && $value[0] == $prime;
|
3246 |
-
}
|
3247 |
-
}
|
3248 |
-
}
|
3249 |
-
|
3250 |
-
$n = $this->copy();
|
3251 |
-
$n_1 = $n->subtract($one);
|
3252 |
-
$n_2 = $n->subtract($two);
|
3253 |
-
|
3254 |
-
$r = $n_1->copy();
|
3255 |
-
$r_value = $r->value;
|
3256 |
-
// ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s));
|
3257 |
-
if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
|
3258 |
-
$s = 0;
|
3259 |
-
// if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals($one) check earlier
|
3260 |
-
while ($r->value[strlen($r->value) - 1] % 2 == 0) {
|
3261 |
-
$r->value = bcdiv($r->value, '2', 0);
|
3262 |
-
++$s;
|
3263 |
-
}
|
3264 |
-
} else {
|
3265 |
-
for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) {
|
3266 |
-
$temp = ~$r_value[$i] & 0xFFFFFF;
|
3267 |
-
for ($j = 1; ($temp >> $j) & 1; ++$j);
|
3268 |
-
if ($j != 25) {
|
3269 |
-
break;
|
3270 |
-
}
|
3271 |
-
}
|
3272 |
-
$s = 26 * $i + $j - 1;
|
3273 |
-
$r->_rshift($s);
|
3274 |
-
}
|
3275 |
-
|
3276 |
-
for ($i = 0; $i < $t; ++$i) {
|
3277 |
-
$a = $this->random($two, $n_2);
|
3278 |
-
$y = $a->modPow($r, $n);
|
3279 |
-
|
3280 |
-
if (!$y->equals($one) && !$y->equals($n_1)) {
|
3281 |
-
for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) {
|
3282 |
-
$y = $y->modPow($two, $n);
|
3283 |
-
if ($y->equals($one)) {
|
3284 |
-
return false;
|
3285 |
-
}
|
3286 |
-
}
|
3287 |
-
|
3288 |
-
if (!$y->equals($n_1)) {
|
3289 |
-
return false;
|
3290 |
-
}
|
3291 |
-
}
|
3292 |
-
}
|
3293 |
-
return true;
|
3294 |
-
}
|
3295 |
-
|
3296 |
-
/**
|
3297 |
-
* Logical Left Shift
|
3298 |
-
*
|
3299 |
-
* Shifts BigInteger's by $shift bits.
|
3300 |
-
*
|
3301 |
-
* @param Integer $shift
|
3302 |
-
* @access private
|
3303 |
-
*/
|
3304 |
-
function _lshift($shift)
|
3305 |
-
{
|
3306 |
-
if ( $shift == 0 ) {
|
3307 |
-
return;
|
3308 |
-
}
|
3309 |
-
|
3310 |
-
$num_digits = (int) ($shift / 26);
|
3311 |
-
$shift %= 26;
|
3312 |
-
$shift = 1 << $shift;
|
3313 |
-
|
3314 |
-
$carry = 0;
|
3315 |
-
|
3316 |
-
for ($i = 0; $i < count($this->value); ++$i) {
|
3317 |
-
$temp = $this->value[$i] * $shift + $carry;
|
3318 |
-
$carry = (int) ($temp / 0x4000000);
|
3319 |
-
$this->value[$i] = (int) ($temp - $carry * 0x4000000);
|
3320 |
-
}
|
3321 |
-
|
3322 |
-
if ( $carry ) {
|
3323 |
-
$this->value[] = $carry;
|
3324 |
-
}
|
3325 |
-
|
3326 |
-
while ($num_digits--) {
|
3327 |
-
array_unshift($this->value, 0);
|
3328 |
-
}
|
3329 |
-
}
|
3330 |
-
|
3331 |
-
/**
|
3332 |
-
* Logical Right Shift
|
3333 |
-
*
|
3334 |
-
* Shifts BigInteger's by $shift bits.
|
3335 |
-
*
|
3336 |
-
* @param Integer $shift
|
3337 |
-
* @access private
|
3338 |
-
*/
|
3339 |
-
function _rshift($shift)
|
3340 |
-
{
|
3341 |
-
if ($shift == 0) {
|
3342 |
-
return;
|
3343 |
-
}
|
3344 |
-
|
3345 |
-
$num_digits = (int) ($shift / 26);
|
3346 |
-
$shift %= 26;
|
3347 |
-
$carry_shift = 26 - $shift;
|
3348 |
-
$carry_mask = (1 << $shift) - 1;
|
3349 |
-
|
3350 |
-
if ( $num_digits ) {
|
3351 |
-
$this->value = array_slice($this->value, $num_digits);
|
3352 |
-
}
|
3353 |
-
|
3354 |
-
$carry = 0;
|
3355 |
-
|
3356 |
-
for ($i = count($this->value) - 1; $i >= 0; --$i) {
|
3357 |
-
$temp = $this->value[$i] >> $shift | $carry;
|
3358 |
-
$carry = ($this->value[$i] & $carry_mask) << $carry_shift;
|
3359 |
-
$this->value[$i] = $temp;
|
3360 |
-
}
|
3361 |
-
|
3362 |
-
$this->value = $this->_trim($this->value);
|
3363 |
-
}
|
3364 |
-
|
3365 |
-
/**
|
3366 |
-
* Normalize
|
3367 |
-
*
|
3368 |
-
* Removes leading zeros and truncates (if necessary) to maintain the appropriate precision
|
3369 |
-
*
|
3370 |
-
* @param Math_BigInteger
|
3371 |
-
* @return Math_BigInteger
|
3372 |
-
* @see _trim()
|
3373 |
-
* @access private
|
3374 |
-
*/
|
3375 |
-
function _normalize($result)
|
3376 |
-
{
|
3377 |
-
$result->precision = $this->precision;
|
3378 |
-
$result->bitmask = $this->bitmask;
|
3379 |
-
|
3380 |
-
switch ( MATH_BIGINTEGER_MODE ) {
|
3381 |
-
case MATH_BIGINTEGER_MODE_GMP:
|
3382 |
-
if (!empty($result->bitmask->value)) {
|
3383 |
-
$result->value = gmp_and($result->value, $result->bitmask->value);
|
3384 |
-
}
|
3385 |
-
|
3386 |
-
return $result;
|
3387 |
-
case MATH_BIGINTEGER_MODE_BCMATH:
|
3388 |
-
if (!empty($result->bitmask->value)) {
|
3389 |
-
$result->value = bcmod($result->value, $result->bitmask->value);
|
3390 |
-
}
|
3391 |
-
|
3392 |
-
return $result;
|
3393 |
-
}
|
3394 |
-
|
3395 |
-
$value = &$result->value;
|
3396 |
-
|
3397 |
-
if ( !count($value) ) {
|
3398 |
-
return $result;
|
3399 |
-
}
|
3400 |
-
|
3401 |
-
$value = $this->_trim($value);
|
3402 |
-
|
3403 |
-
if (!empty($result->bitmask->value)) {
|
3404 |
-
$length = min(count($value), count($this->bitmask->value));
|
3405 |
-
$value = array_slice($value, 0, $length);
|
3406 |
-
|
3407 |
-
for ($i = 0; $i < $length; ++$i) {
|
3408 |
-
$value[$i] = $value[$i] & $this->bitmask->value[$i];
|
3409 |
-
}
|
3410 |
-
}
|
3411 |
-
|
3412 |
-
return $result;
|
3413 |
-
}
|
3414 |
-
|
3415 |
-
/**
|
3416 |
-
* Trim
|
3417 |
-
*
|
3418 |
-
* Removes leading zeros
|
3419 |
-
*
|
3420 |
-
* @return Math_BigInteger
|
3421 |
-
* @access private
|
3422 |
-
*/
|
3423 |
-
function _trim($value)
|
3424 |
-
{
|
3425 |
-
for ($i = count($value) - 1; $i >= 0; --$i) {
|
3426 |
-
if ( $value[$i] ) {
|
3427 |
-
break;
|
3428 |
-
}
|
3429 |
-
unset($value[$i]);
|
3430 |
-
}
|
3431 |
-
|
3432 |
-
return $value;
|
3433 |
-
}
|
3434 |
-
|
3435 |
-
/**
|
3436 |
-
* Array Repeat
|
3437 |
-
*
|
3438 |
-
* @param $input Array
|
3439 |
-
* @param $multiplier mixed
|
3440 |
-
* @return Array
|
3441 |
-
* @access private
|
3442 |
-
*/
|
3443 |
-
function _array_repeat($input, $multiplier)
|
3444 |
-
{
|
3445 |
-
return ($multiplier) ? array_fill(0, $multiplier, $input) : array();
|
3446 |
-
}
|
3447 |
-
|
3448 |
-
/**
|
3449 |
-
* Logical Left Shift
|
3450 |
-
*
|
3451 |
-
* Shifts binary strings $shift bits, essentially multiplying by 2**$shift.
|
3452 |
-
*
|
3453 |
-
* @param $x String
|
3454 |
-
* @param $shift Integer
|
3455 |
-
* @return String
|
3456 |
-
* @access private
|
3457 |
-
*/
|
3458 |
-
function _base256_lshift(&$x, $shift)
|
3459 |
-
{
|
3460 |
-
if ($shift == 0) {
|
3461 |
-
return;
|
3462 |
-
}
|
3463 |
-
|
3464 |
-
$num_bytes = $shift >> 3; // eg. floor($shift/8)
|
3465 |
-
$shift &= 7; // eg. $shift % 8
|
3466 |
-
|
3467 |
-
$carry = 0;
|
3468 |
-
for ($i = strlen($x) - 1; $i >= 0; --$i) {
|
3469 |
-
$temp = ord($x[$i]) << $shift | $carry;
|
3470 |
-
$x[$i] = chr($temp);
|
3471 |
-
$carry = $temp >> 8;
|
3472 |
-
}
|
3473 |
-
$carry = ($carry != 0) ? chr($carry) : '';
|
3474 |
-
$x = $carry . $x . str_repeat(chr(0), $num_bytes);
|
3475 |
-
}
|
3476 |
-
|
3477 |
-
/**
|
3478 |
-
* Logical Right Shift
|
3479 |
-
*
|
3480 |
-
* Shifts binary strings $shift bits, essentially dividing by 2**$shift and returning the remainder.
|
3481 |
-
*
|
3482 |
-
* @param $x String
|
3483 |
-
* @param $shift Integer
|
3484 |
-
* @return String
|
3485 |
-
* @access private
|
3486 |
-
*/
|
3487 |
-
function _base256_rshift(&$x, $shift)
|
3488 |
-
{
|
3489 |
-
if ($shift == 0) {
|
3490 |
-
$x = ltrim($x, chr(0));
|
3491 |
-
return '';
|
3492 |
-
}
|
3493 |
-
|
3494 |
-
$num_bytes = $shift >> 3; // eg. floor($shift/8)
|
3495 |
-
$shift &= 7; // eg. $shift % 8
|
3496 |
-
|
3497 |
-
$remainder = '';
|
3498 |
-
if ($num_bytes) {
|
3499 |
-
$start = $num_bytes > strlen($x) ? -strlen($x) : -$num_bytes;
|
3500 |
-
$remainder = substr($x, $start);
|
3501 |
-
$x = substr($x, 0, -$num_bytes);
|
3502 |
-
}
|
3503 |
-
|
3504 |
-
$carry = 0;
|
3505 |
-
$carry_shift = 8 - $shift;
|
3506 |
-
for ($i = 0; $i < strlen($x); ++$i) {
|
3507 |
-
$temp = (ord($x[$i]) >> $shift) | $carry;
|
3508 |
-
$carry = (ord($x[$i]) << $carry_shift) & 0xFF;
|
3509 |
-
$x[$i] = chr($temp);
|
3510 |
-
}
|
3511 |
-
$x = ltrim($x, chr(0));
|
3512 |
-
|
3513 |
-
$remainder = chr($carry >> $carry_shift) . $remainder;
|
3514 |
-
|
3515 |
-
return ltrim($remainder, chr(0));
|
3516 |
-
}
|
3517 |
-
|
3518 |
-
// one quirk about how the following functions are implemented is that PHP defines N to be an unsigned long
|
3519 |
-
// at 32-bits, while java's longs are 64-bits.
|
3520 |
-
|
3521 |
-
/**
|
3522 |
-
* Converts 32-bit integers to bytes.
|
3523 |
-
*
|
3524 |
-
* @param Integer $x
|
3525 |
-
* @return String
|
3526 |
-
* @access private
|
3527 |
-
*/
|
3528 |
-
function _int2bytes($x)
|
3529 |
-
{
|
3530 |
-
return ltrim(pack('N', $x), chr(0));
|
3531 |
-
}
|
3532 |
-
|
3533 |
-
/**
|
3534 |
-
* Converts bytes to 32-bit integers
|
3535 |
-
*
|
3536 |
-
* @param String $x
|
3537 |
-
* @return Integer
|
3538 |
-
* @access private
|
3539 |
-
*/
|
3540 |
-
function _bytes2int($x)
|
3541 |
-
{
|
3542 |
-
$temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT));
|
3543 |
-
return $temp['int'];
|
3544 |
-
}
|
3545 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP arbitrary precision integer arithmetic library.
|
6 |
+
*
|
7 |
+
* Supports base-2, base-10, base-16, and base-256 numbers. Uses the GMP or BCMath extensions, if available,
|
8 |
+
* and an internal implementation, otherwise.
|
9 |
+
*
|
10 |
+
* PHP versions 4 and 5
|
11 |
+
*
|
12 |
+
* {@internal (all DocBlock comments regarding implementation - such as the one that follows - refer to the
|
13 |
+
* {@link MATH_BIGINTEGER_MODE_INTERNAL MATH_BIGINTEGER_MODE_INTERNAL} mode)
|
14 |
+
*
|
15 |
+
* Math_BigInteger uses base-2**26 to perform operations such as multiplication and division and
|
16 |
+
* base-2**52 (ie. two base 2**26 digits) to perform addition and subtraction. Because the largest possible
|
17 |
+
* value when multiplying two base-2**26 numbers together is a base-2**52 number, double precision floating
|
18 |
+
* point numbers - numbers that should be supported on most hardware and whose significand is 53 bits - are
|
19 |
+
* used. As a consequence, bitwise operators such as >> and << cannot be used, nor can the modulo operator %,
|
20 |
+
* which only supports integers. Although this fact will slow this library down, the fact that such a high
|
21 |
+
* base is being used should more than compensate.
|
22 |
+
*
|
23 |
+
* When PHP version 6 is officially released, we'll be able to use 64-bit integers. This should, once again,
|
24 |
+
* allow bitwise operators, and will increase the maximum possible base to 2**31 (or 2**62 for addition /
|
25 |
+
* subtraction).
|
26 |
+
*
|
27 |
+
* Numbers are stored in {@link http://en.wikipedia.org/wiki/Endianness little endian} format. ie.
|
28 |
+
* (new Math_BigInteger(pow(2, 26)))->value = array(0, 1)
|
29 |
+
*
|
30 |
+
* Useful resources are as follows:
|
31 |
+
*
|
32 |
+
* - {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf Handbook of Applied Cryptography (HAC)}
|
33 |
+
* - {@link http://math.libtomcrypt.com/files/tommath.pdf Multi-Precision Math (MPM)}
|
34 |
+
* - Java's BigInteger classes. See /j2se/src/share/classes/java/math in jdk-1_5_0-src-jrl.zip
|
35 |
+
*
|
36 |
+
* Here's an example of how to use this library:
|
37 |
+
* <code>
|
38 |
+
* <?php
|
39 |
+
* include('Math/BigInteger.php');
|
40 |
+
*
|
41 |
+
* $a = new Math_BigInteger(2);
|
42 |
+
* $b = new Math_BigInteger(3);
|
43 |
+
*
|
44 |
+
* $c = $a->add($b);
|
45 |
+
*
|
46 |
+
* echo $c->toString(); // outputs 5
|
47 |
+
* ?>
|
48 |
+
* </code>
|
49 |
+
*
|
50 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
51 |
+
* modify it under the terms of the GNU Lesser General Public
|
52 |
+
* License as published by the Free Software Foundation; either
|
53 |
+
* version 2.1 of the License, or (at your option) any later version.
|
54 |
+
*
|
55 |
+
* This library is distributed in the hope that it will be useful,
|
56 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
57 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
58 |
+
* Lesser General Public License for more details.
|
59 |
+
*
|
60 |
+
* You should have received a copy of the GNU Lesser General Public
|
61 |
+
* License along with this library; if not, write to the Free Software
|
62 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
63 |
+
* MA 02111-1307 USA
|
64 |
+
*
|
65 |
+
* @category Math
|
66 |
+
* @package Math_BigInteger
|
67 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
68 |
+
* @copyright MMVI Jim Wigginton
|
69 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
70 |
+
* @version $Id: BigInteger.php,v 1.33 2010/03/22 22:32:03 terrafrost Exp $
|
71 |
+
* @link http://pear.php.net/package/Math_BigInteger
|
72 |
+
*/
|
73 |
+
|
74 |
+
/**#@+
|
75 |
+
* Reduction constants
|
76 |
+
*
|
77 |
+
* @access private
|
78 |
+
* @see Math_BigInteger::_reduce()
|
79 |
+
*/
|
80 |
+
/**
|
81 |
+
* @see Math_BigInteger::_montgomery()
|
82 |
+
* @see Math_BigInteger::_prepMontgomery()
|
83 |
+
*/
|
84 |
+
define('MATH_BIGINTEGER_MONTGOMERY', 0);
|
85 |
+
/**
|
86 |
+
* @see Math_BigInteger::_barrett()
|
87 |
+
*/
|
88 |
+
define('MATH_BIGINTEGER_BARRETT', 1);
|
89 |
+
/**
|
90 |
+
* @see Math_BigInteger::_mod2()
|
91 |
+
*/
|
92 |
+
define('MATH_BIGINTEGER_POWEROF2', 2);
|
93 |
+
/**
|
94 |
+
* @see Math_BigInteger::_remainder()
|
95 |
+
*/
|
96 |
+
define('MATH_BIGINTEGER_CLASSIC', 3);
|
97 |
+
/**
|
98 |
+
* @see Math_BigInteger::__clone()
|
99 |
+
*/
|
100 |
+
define('MATH_BIGINTEGER_NONE', 4);
|
101 |
+
/**#@-*/
|
102 |
+
|
103 |
+
/**#@+
|
104 |
+
* Array constants
|
105 |
+
*
|
106 |
+
* Rather than create a thousands and thousands of new Math_BigInteger objects in repeated function calls to add() and
|
107 |
+
* multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them.
|
108 |
+
*
|
109 |
+
* @access private
|
110 |
+
*/
|
111 |
+
/**
|
112 |
+
* $result[MATH_BIGINTEGER_VALUE] contains the value.
|
113 |
+
*/
|
114 |
+
define('MATH_BIGINTEGER_VALUE', 0);
|
115 |
+
/**
|
116 |
+
* $result[MATH_BIGINTEGER_SIGN] contains the sign.
|
117 |
+
*/
|
118 |
+
define('MATH_BIGINTEGER_SIGN', 1);
|
119 |
+
/**#@-*/
|
120 |
+
|
121 |
+
/**#@+
|
122 |
+
* @access private
|
123 |
+
* @see Math_BigInteger::_montgomery()
|
124 |
+
* @see Math_BigInteger::_barrett()
|
125 |
+
*/
|
126 |
+
/**
|
127 |
+
* Cache constants
|
128 |
+
*
|
129 |
+
* $cache[MATH_BIGINTEGER_VARIABLE] tells us whether or not the cached data is still valid.
|
130 |
+
*/
|
131 |
+
define('MATH_BIGINTEGER_VARIABLE', 0);
|
132 |
+
/**
|
133 |
+
* $cache[MATH_BIGINTEGER_DATA] contains the cached data.
|
134 |
+
*/
|
135 |
+
define('MATH_BIGINTEGER_DATA', 1);
|
136 |
+
/**#@-*/
|
137 |
+
|
138 |
+
/**#@+
|
139 |
+
* Mode constants.
|
140 |
+
*
|
141 |
+
* @access private
|
142 |
+
* @see Math_BigInteger::Math_BigInteger()
|
143 |
+
*/
|
144 |
+
/**
|
145 |
+
* To use the pure-PHP implementation
|
146 |
+
*/
|
147 |
+
define('MATH_BIGINTEGER_MODE_INTERNAL', 1);
|
148 |
+
/**
|
149 |
+
* To use the BCMath library
|
150 |
+
*
|
151 |
+
* (if enabled; otherwise, the internal implementation will be used)
|
152 |
+
*/
|
153 |
+
define('MATH_BIGINTEGER_MODE_BCMATH', 2);
|
154 |
+
/**
|
155 |
+
* To use the GMP library
|
156 |
+
*
|
157 |
+
* (if present; otherwise, either the BCMath or the internal implementation will be used)
|
158 |
+
*/
|
159 |
+
define('MATH_BIGINTEGER_MODE_GMP', 3);
|
160 |
+
/**#@-*/
|
161 |
+
|
162 |
+
/**
|
163 |
+
* The largest digit that may be used in addition / subtraction
|
164 |
+
*
|
165 |
+
* (we do pow(2, 52) instead of using 4503599627370496, directly, because some PHP installations
|
166 |
+
* will truncate 4503599627370496)
|
167 |
+
*
|
168 |
+
* @access private
|
169 |
+
*/
|
170 |
+
define('MATH_BIGINTEGER_MAX_DIGIT52', pow(2, 52));
|
171 |
+
|
172 |
+
/**
|
173 |
+
* Karatsuba Cutoff
|
174 |
+
*
|
175 |
+
* At what point do we switch between Karatsuba multiplication and schoolbook long multiplication?
|
176 |
+
*
|
177 |
+
* @access private
|
178 |
+
*/
|
179 |
+
define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25);
|
180 |
+
|
181 |
+
/**
|
182 |
+
* Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256
|
183 |
+
* numbers.
|
184 |
+
*
|
185 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
186 |
+
* @version 1.0.0RC4
|
187 |
+
* @access public
|
188 |
+
* @package Math_BigInteger
|
189 |
+
*/
|
190 |
+
class Math_BigInteger {
|
191 |
+
/**
|
192 |
+
* Holds the BigInteger's value.
|
193 |
+
*
|
194 |
+
* @var Array
|
195 |
+
* @access private
|
196 |
+
*/
|
197 |
+
var $value;
|
198 |
+
|
199 |
+
/**
|
200 |
+
* Holds the BigInteger's magnitude.
|
201 |
+
*
|
202 |
+
* @var Boolean
|
203 |
+
* @access private
|
204 |
+
*/
|
205 |
+
var $is_negative = false;
|
206 |
+
|
207 |
+
/**
|
208 |
+
* Random number generator function
|
209 |
+
*
|
210 |
+
* @see setRandomGenerator()
|
211 |
+
* @access private
|
212 |
+
*/
|
213 |
+
var $generator = 'mt_rand';
|
214 |
+
|
215 |
+
/**
|
216 |
+
* Precision
|
217 |
+
*
|
218 |
+
* @see setPrecision()
|
219 |
+
* @access private
|
220 |
+
*/
|
221 |
+
var $precision = -1;
|
222 |
+
|
223 |
+
/**
|
224 |
+
* Precision Bitmask
|
225 |
+
*
|
226 |
+
* @see setPrecision()
|
227 |
+
* @access private
|
228 |
+
*/
|
229 |
+
var $bitmask = false;
|
230 |
+
|
231 |
+
/**
|
232 |
+
* Mode independant value used for serialization.
|
233 |
+
*
|
234 |
+
* If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for
|
235 |
+
* a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value,
|
236 |
+
* however, $this->hex is only calculated when $this->__sleep() is called.
|
237 |
+
*
|
238 |
+
* @see __sleep()
|
239 |
+
* @see __wakeup()
|
240 |
+
* @var String
|
241 |
+
* @access private
|
242 |
+
*/
|
243 |
+
var $hex;
|
244 |
+
|
245 |
+
/**
|
246 |
+
* Converts base-2, base-10, base-16, and binary strings (eg. base-256) to BigIntegers.
|
247 |
+
*
|
248 |
+
* If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using
|
249 |
+
* two's compliment. The sole exception to this is -10, which is treated the same as 10 is.
|
250 |
+
*
|
251 |
+
* Here's an example:
|
252 |
+
* <code>
|
253 |
+
* <?php
|
254 |
+
* include('Math/BigInteger.php');
|
255 |
+
*
|
256 |
+
* $a = new Math_BigInteger('0x32', 16); // 50 in base-16
|
257 |
+
*
|
258 |
+
* echo $a->toString(); // outputs 50
|
259 |
+
* ?>
|
260 |
+
* </code>
|
261 |
+
*
|
262 |
+
* @param optional $x base-10 number or base-$base number if $base set.
|
263 |
+
* @param optional integer $base
|
264 |
+
* @return Math_BigInteger
|
265 |
+
* @access public
|
266 |
+
*/
|
267 |
+
function Math_BigInteger($x = 0, $base = 10)
|
268 |
+
{
|
269 |
+
if ( !defined('MATH_BIGINTEGER_MODE') ) {
|
270 |
+
switch (true) {
|
271 |
+
case extension_loaded('gmp'):
|
272 |
+
define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_GMP);
|
273 |
+
break;
|
274 |
+
case extension_loaded('bcmath'):
|
275 |
+
define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_BCMATH);
|
276 |
+
break;
|
277 |
+
default:
|
278 |
+
define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_INTERNAL);
|
279 |
+
}
|
280 |
+
}
|
281 |
+
|
282 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
283 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
284 |
+
if (is_resource($x) && get_resource_type($x) == 'GMP integer') {
|
285 |
+
$this->value = $x;
|
286 |
+
return;
|
287 |
+
}
|
288 |
+
$this->value = gmp_init(0);
|
289 |
+
break;
|
290 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
291 |
+
$this->value = '0';
|
292 |
+
break;
|
293 |
+
default:
|
294 |
+
$this->value = array();
|
295 |
+
}
|
296 |
+
|
297 |
+
if (empty($x)) {
|
298 |
+
return;
|
299 |
+
}
|
300 |
+
|
301 |
+
switch ($base) {
|
302 |
+
case -256:
|
303 |
+
if (ord($x[0]) & 0x80) {
|
304 |
+
$x = ~$x;
|
305 |
+
$this->is_negative = true;
|
306 |
+
}
|
307 |
+
case 256:
|
308 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
309 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
310 |
+
$sign = $this->is_negative ? '-' : '';
|
311 |
+
$this->value = gmp_init($sign . '0x' . bin2hex($x));
|
312 |
+
break;
|
313 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
314 |
+
// round $len to the nearest 4 (thanks, DavidMJ!)
|
315 |
+
$len = (strlen($x) + 3) & 0xFFFFFFFC;
|
316 |
+
|
317 |
+
$x = str_pad($x, $len, chr(0), STR_PAD_LEFT);
|
318 |
+
|
319 |
+
for ($i = 0; $i < $len; $i+= 4) {
|
320 |
+
$this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 2**32
|
321 |
+
$this->value = bcadd($this->value, 0x1000000 * ord($x[$i]) + ((ord($x[$i + 1]) << 16) | (ord($x[$i + 2]) << 8) | ord($x[$i + 3])), 0);
|
322 |
+
}
|
323 |
+
|
324 |
+
if ($this->is_negative) {
|
325 |
+
$this->value = '-' . $this->value;
|
326 |
+
}
|
327 |
+
|
328 |
+
break;
|
329 |
+
// converts a base-2**8 (big endian / msb) number to base-2**26 (little endian / lsb)
|
330 |
+
default:
|
331 |
+
while (strlen($x)) {
|
332 |
+
$this->value[] = $this->_bytes2int($this->_base256_rshift($x, 26));
|
333 |
+
}
|
334 |
+
}
|
335 |
+
|
336 |
+
if ($this->is_negative) {
|
337 |
+
if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) {
|
338 |
+
$this->is_negative = false;
|
339 |
+
}
|
340 |
+
$temp = $this->add(new Math_BigInteger('-1'));
|
341 |
+
$this->value = $temp->value;
|
342 |
+
}
|
343 |
+
break;
|
344 |
+
case 16:
|
345 |
+
case -16:
|
346 |
+
if ($base > 0 && $x[0] == '-') {
|
347 |
+
$this->is_negative = true;
|
348 |
+
$x = substr($x, 1);
|
349 |
+
}
|
350 |
+
|
351 |
+
$x = preg_replace('#^(?:0x)?([A-Fa-f0-9]*).*#', '$1', $x);
|
352 |
+
|
353 |
+
$is_negative = false;
|
354 |
+
if ($base < 0 && hexdec($x[0]) >= 8) {
|
355 |
+
$this->is_negative = $is_negative = true;
|
356 |
+
$x = bin2hex(~pack('H*', $x));
|
357 |
+
}
|
358 |
+
|
359 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
360 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
361 |
+
$temp = $this->is_negative ? '-0x' . $x : '0x' . $x;
|
362 |
+
$this->value = gmp_init($temp);
|
363 |
+
$this->is_negative = false;
|
364 |
+
break;
|
365 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
366 |
+
$x = ( strlen($x) & 1 ) ? '0' . $x : $x;
|
367 |
+
$temp = new Math_BigInteger(pack('H*', $x), 256);
|
368 |
+
$this->value = $this->is_negative ? '-' . $temp->value : $temp->value;
|
369 |
+
$this->is_negative = false;
|
370 |
+
break;
|
371 |
+
default:
|
372 |
+
$x = ( strlen($x) & 1 ) ? '0' . $x : $x;
|
373 |
+
$temp = new Math_BigInteger(pack('H*', $x), 256);
|
374 |
+
$this->value = $temp->value;
|
375 |
+
}
|
376 |
+
|
377 |
+
if ($is_negative) {
|
378 |
+
$temp = $this->add(new Math_BigInteger('-1'));
|
379 |
+
$this->value = $temp->value;
|
380 |
+
}
|
381 |
+
break;
|
382 |
+
case 10:
|
383 |
+
case -10:
|
384 |
+
$x = preg_replace('#^(-?[0-9]*).*#', '$1', $x);
|
385 |
+
|
386 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
387 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
388 |
+
$this->value = gmp_init($x);
|
389 |
+
break;
|
390 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
391 |
+
// explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different
|
392 |
+
// results then doing it on '-1' does (modInverse does $x[0])
|
393 |
+
$this->value = (string) $x;
|
394 |
+
break;
|
395 |
+
default:
|
396 |
+
$temp = new Math_BigInteger();
|
397 |
+
|
398 |
+
// array(10000000) is 10**7 in base-2**26. 10**7 is the closest to 2**26 we can get without passing it.
|
399 |
+
$multiplier = new Math_BigInteger();
|
400 |
+
$multiplier->value = array(10000000);
|
401 |
+
|
402 |
+
if ($x[0] == '-') {
|
403 |
+
$this->is_negative = true;
|
404 |
+
$x = substr($x, 1);
|
405 |
+
}
|
406 |
+
|
407 |
+
$x = str_pad($x, strlen($x) + (6 * strlen($x)) % 7, 0, STR_PAD_LEFT);
|
408 |
+
|
409 |
+
while (strlen($x)) {
|
410 |
+
$temp = $temp->multiply($multiplier);
|
411 |
+
$temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, 7)), 256));
|
412 |
+
$x = substr($x, 7);
|
413 |
+
}
|
414 |
+
|
415 |
+
$this->value = $temp->value;
|
416 |
+
}
|
417 |
+
break;
|
418 |
+
case 2: // base-2 support originally implemented by Lluis Pamies - thanks!
|
419 |
+
case -2:
|
420 |
+
if ($base > 0 && $x[0] == '-') {
|
421 |
+
$this->is_negative = true;
|
422 |
+
$x = substr($x, 1);
|
423 |
+
}
|
424 |
+
|
425 |
+
$x = preg_replace('#^([01]*).*#', '$1', $x);
|
426 |
+
$x = str_pad($x, strlen($x) + (3 * strlen($x)) % 4, 0, STR_PAD_LEFT);
|
427 |
+
|
428 |
+
$str = '0x';
|
429 |
+
while (strlen($x)) {
|
430 |
+
$part = substr($x, 0, 4);
|
431 |
+
$str.= dechex(bindec($part));
|
432 |
+
$x = substr($x, 4);
|
433 |
+
}
|
434 |
+
|
435 |
+
if ($this->is_negative) {
|
436 |
+
$str = '-' . $str;
|
437 |
+
}
|
438 |
+
|
439 |
+
$temp = new Math_BigInteger($str, 8 * $base); // ie. either -16 or +16
|
440 |
+
$this->value = $temp->value;
|
441 |
+
$this->is_negative = $temp->is_negative;
|
442 |
+
|
443 |
+
break;
|
444 |
+
default:
|
445 |
+
// base not supported, so we'll let $this == 0
|
446 |
+
}
|
447 |
+
}
|
448 |
+
|
449 |
+
/**
|
450 |
+
* Converts a BigInteger to a byte string (eg. base-256).
|
451 |
+
*
|
452 |
+
* Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
|
453 |
+
* saved as two's compliment.
|
454 |
+
*
|
455 |
+
* Here's an example:
|
456 |
+
* <code>
|
457 |
+
* <?php
|
458 |
+
* include('Math/BigInteger.php');
|
459 |
+
*
|
460 |
+
* $a = new Math_BigInteger('65');
|
461 |
+
*
|
462 |
+
* echo $a->toBytes(); // outputs chr(65)
|
463 |
+
* ?>
|
464 |
+
* </code>
|
465 |
+
*
|
466 |
+
* @param Boolean $twos_compliment
|
467 |
+
* @return String
|
468 |
+
* @access public
|
469 |
+
* @internal Converts a base-2**26 number to base-2**8
|
470 |
+
*/
|
471 |
+
function toBytes($twos_compliment = false)
|
472 |
+
{
|
473 |
+
if ($twos_compliment) {
|
474 |
+
$comparison = $this->compare(new Math_BigInteger());
|
475 |
+
if ($comparison == 0) {
|
476 |
+
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
477 |
+
}
|
478 |
+
|
479 |
+
$temp = $comparison < 0 ? $this->add(new Math_BigInteger(1)) : $this->copy();
|
480 |
+
$bytes = $temp->toBytes();
|
481 |
+
|
482 |
+
if (empty($bytes)) { // eg. if the number we're trying to convert is -1
|
483 |
+
$bytes = chr(0);
|
484 |
+
}
|
485 |
+
|
486 |
+
if (ord($bytes[0]) & 0x80) {
|
487 |
+
$bytes = chr(0) . $bytes;
|
488 |
+
}
|
489 |
+
|
490 |
+
return $comparison < 0 ? ~$bytes : $bytes;
|
491 |
+
}
|
492 |
+
|
493 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
494 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
495 |
+
if (gmp_cmp($this->value, gmp_init(0)) == 0) {
|
496 |
+
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
497 |
+
}
|
498 |
+
|
499 |
+
$temp = gmp_strval(gmp_abs($this->value), 16);
|
500 |
+
$temp = ( strlen($temp) & 1 ) ? '0' . $temp : $temp;
|
501 |
+
$temp = pack('H*', $temp);
|
502 |
+
|
503 |
+
return $this->precision > 0 ?
|
504 |
+
substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
|
505 |
+
ltrim($temp, chr(0));
|
506 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
507 |
+
if ($this->value === '0') {
|
508 |
+
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
509 |
+
}
|
510 |
+
|
511 |
+
$value = '';
|
512 |
+
$current = $this->value;
|
513 |
+
|
514 |
+
if ($current[0] == '-') {
|
515 |
+
$current = substr($current, 1);
|
516 |
+
}
|
517 |
+
|
518 |
+
while (bccomp($current, '0', 0) > 0) {
|
519 |
+
$temp = bcmod($current, '16777216');
|
520 |
+
$value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value;
|
521 |
+
$current = bcdiv($current, '16777216', 0);
|
522 |
+
}
|
523 |
+
|
524 |
+
return $this->precision > 0 ?
|
525 |
+
substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
|
526 |
+
ltrim($value, chr(0));
|
527 |
+
}
|
528 |
+
|
529 |
+
if (!count($this->value)) {
|
530 |
+
return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
|
531 |
+
}
|
532 |
+
$result = $this->_int2bytes($this->value[count($this->value) - 1]);
|
533 |
+
|
534 |
+
$temp = $this->copy();
|
535 |
+
|
536 |
+
for ($i = count($temp->value) - 2; $i >= 0; --$i) {
|
537 |
+
$temp->_base256_lshift($result, 26);
|
538 |
+
$result = $result | str_pad($temp->_int2bytes($temp->value[$i]), strlen($result), chr(0), STR_PAD_LEFT);
|
539 |
+
}
|
540 |
+
|
541 |
+
return $this->precision > 0 ?
|
542 |
+
str_pad(substr($result, -(($this->precision + 7) >> 3)), ($this->precision + 7) >> 3, chr(0), STR_PAD_LEFT) :
|
543 |
+
$result;
|
544 |
+
}
|
545 |
+
|
546 |
+
/**
|
547 |
+
* Converts a BigInteger to a hex string (eg. base-16)).
|
548 |
+
*
|
549 |
+
* Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
|
550 |
+
* saved as two's compliment.
|
551 |
+
*
|
552 |
+
* Here's an example:
|
553 |
+
* <code>
|
554 |
+
* <?php
|
555 |
+
* include('Math/BigInteger.php');
|
556 |
+
*
|
557 |
+
* $a = new Math_BigInteger('65');
|
558 |
+
*
|
559 |
+
* echo $a->toHex(); // outputs '41'
|
560 |
+
* ?>
|
561 |
+
* </code>
|
562 |
+
*
|
563 |
+
* @param Boolean $twos_compliment
|
564 |
+
* @return String
|
565 |
+
* @access public
|
566 |
+
* @internal Converts a base-2**26 number to base-2**8
|
567 |
+
*/
|
568 |
+
function toHex($twos_compliment = false)
|
569 |
+
{
|
570 |
+
return bin2hex($this->toBytes($twos_compliment));
|
571 |
+
}
|
572 |
+
|
573 |
+
/**
|
574 |
+
* Converts a BigInteger to a bit string (eg. base-2).
|
575 |
+
*
|
576 |
+
* Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
|
577 |
+
* saved as two's compliment.
|
578 |
+
*
|
579 |
+
* Here's an example:
|
580 |
+
* <code>
|
581 |
+
* <?php
|
582 |
+
* include('Math/BigInteger.php');
|
583 |
+
*
|
584 |
+
* $a = new Math_BigInteger('65');
|
585 |
+
*
|
586 |
+
* echo $a->toBits(); // outputs '1000001'
|
587 |
+
* ?>
|
588 |
+
* </code>
|
589 |
+
*
|
590 |
+
* @param Boolean $twos_compliment
|
591 |
+
* @return String
|
592 |
+
* @access public
|
593 |
+
* @internal Converts a base-2**26 number to base-2**2
|
594 |
+
*/
|
595 |
+
function toBits($twos_compliment = false)
|
596 |
+
{
|
597 |
+
$hex = $this->toHex($twos_compliment);
|
598 |
+
$bits = '';
|
599 |
+
for ($i = 0; $i < strlen($hex); $i+=8) {
|
600 |
+
$bits.= str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT);
|
601 |
+
}
|
602 |
+
return $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0');
|
603 |
+
}
|
604 |
+
|
605 |
+
/**
|
606 |
+
* Converts a BigInteger to a base-10 number.
|
607 |
+
*
|
608 |
+
* Here's an example:
|
609 |
+
* <code>
|
610 |
+
* <?php
|
611 |
+
* include('Math/BigInteger.php');
|
612 |
+
*
|
613 |
+
* $a = new Math_BigInteger('50');
|
614 |
+
*
|
615 |
+
* echo $a->toString(); // outputs 50
|
616 |
+
* ?>
|
617 |
+
* </code>
|
618 |
+
*
|
619 |
+
* @return String
|
620 |
+
* @access public
|
621 |
+
* @internal Converts a base-2**26 number to base-10**7 (which is pretty much base-10)
|
622 |
+
*/
|
623 |
+
function toString()
|
624 |
+
{
|
625 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
626 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
627 |
+
return gmp_strval($this->value);
|
628 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
629 |
+
if ($this->value === '0') {
|
630 |
+
return '0';
|
631 |
+
}
|
632 |
+
|
633 |
+
return ltrim($this->value, '0');
|
634 |
+
}
|
635 |
+
|
636 |
+
if (!count($this->value)) {
|
637 |
+
return '0';
|
638 |
+
}
|
639 |
+
|
640 |
+
$temp = $this->copy();
|
641 |
+
$temp->is_negative = false;
|
642 |
+
|
643 |
+
$divisor = new Math_BigInteger();
|
644 |
+
$divisor->value = array(10000000); // eg. 10**7
|
645 |
+
$result = '';
|
646 |
+
while (count($temp->value)) {
|
647 |
+
list($temp, $mod) = $temp->divide($divisor);
|
648 |
+
$result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', 7, '0', STR_PAD_LEFT) . $result;
|
649 |
+
}
|
650 |
+
$result = ltrim($result, '0');
|
651 |
+
if (empty($result)) {
|
652 |
+
$result = '0';
|
653 |
+
}
|
654 |
+
|
655 |
+
if ($this->is_negative) {
|
656 |
+
$result = '-' . $result;
|
657 |
+
}
|
658 |
+
|
659 |
+
return $result;
|
660 |
+
}
|
661 |
+
|
662 |
+
/**
|
663 |
+
* Copy an object
|
664 |
+
*
|
665 |
+
* PHP5 passes objects by reference while PHP4 passes by value. As such, we need a function to guarantee
|
666 |
+
* that all objects are passed by value, when appropriate. More information can be found here:
|
667 |
+
*
|
668 |
+
* {@link http://php.net/language.oop5.basic#51624}
|
669 |
+
*
|
670 |
+
* @access public
|
671 |
+
* @see __clone()
|
672 |
+
* @return Math_BigInteger
|
673 |
+
*/
|
674 |
+
function copy()
|
675 |
+
{
|
676 |
+
$temp = new Math_BigInteger();
|
677 |
+
$temp->value = $this->value;
|
678 |
+
$temp->is_negative = $this->is_negative;
|
679 |
+
$temp->generator = $this->generator;
|
680 |
+
$temp->precision = $this->precision;
|
681 |
+
$temp->bitmask = $this->bitmask;
|
682 |
+
return $temp;
|
683 |
+
}
|
684 |
+
|
685 |
+
/**
|
686 |
+
* __toString() magic method
|
687 |
+
*
|
688 |
+
* Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
|
689 |
+
* toString().
|
690 |
+
*
|
691 |
+
* @access public
|
692 |
+
* @internal Implemented per a suggestion by Techie-Michael - thanks!
|
693 |
+
*/
|
694 |
+
function __toString()
|
695 |
+
{
|
696 |
+
return $this->toString();
|
697 |
+
}
|
698 |
+
|
699 |
+
/**
|
700 |
+
* __clone() magic method
|
701 |
+
*
|
702 |
+
* Although you can call Math_BigInteger::__toString() directly in PHP5, you cannot call Math_BigInteger::__clone()
|
703 |
+
* directly in PHP5. You can in PHP4 since it's not a magic method, but in PHP5, you have to call it by using the PHP5
|
704 |
+
* only syntax of $y = clone $x. As such, if you're trying to write an application that works on both PHP4 and PHP5,
|
705 |
+
* call Math_BigInteger::copy(), instead.
|
706 |
+
*
|
707 |
+
* @access public
|
708 |
+
* @see copy()
|
709 |
+
* @return Math_BigInteger
|
710 |
+
*/
|
711 |
+
function __clone()
|
712 |
+
{
|
713 |
+
return $this->copy();
|
714 |
+
}
|
715 |
+
|
716 |
+
/**
|
717 |
+
* __sleep() magic method
|
718 |
+
*
|
719 |
+
* Will be called, automatically, when serialize() is called on a Math_BigInteger object.
|
720 |
+
*
|
721 |
+
* @see __wakeup()
|
722 |
+
* @access public
|
723 |
+
*/
|
724 |
+
function __sleep()
|
725 |
+
{
|
726 |
+
$this->hex = $this->toHex(true);
|
727 |
+
$vars = array('hex');
|
728 |
+
if ($this->generator != 'mt_rand') {
|
729 |
+
$vars[] = 'generator';
|
730 |
+
}
|
731 |
+
if ($this->precision > 0) {
|
732 |
+
$vars[] = 'precision';
|
733 |
+
}
|
734 |
+
return $vars;
|
735 |
+
|
736 |
+
}
|
737 |
+
|
738 |
+
/**
|
739 |
+
* __wakeup() magic method
|
740 |
+
*
|
741 |
+
* Will be called, automatically, when unserialize() is called on a Math_BigInteger object.
|
742 |
+
*
|
743 |
+
* @see __sleep()
|
744 |
+
* @access public
|
745 |
+
*/
|
746 |
+
function __wakeup()
|
747 |
+
{
|
748 |
+
$temp = new Math_BigInteger($this->hex, -16);
|
749 |
+
$this->value = $temp->value;
|
750 |
+
$this->is_negative = $temp->is_negative;
|
751 |
+
$this->setRandomGenerator($this->generator);
|
752 |
+
if ($this->precision > 0) {
|
753 |
+
// recalculate $this->bitmask
|
754 |
+
$this->setPrecision($this->precision);
|
755 |
+
}
|
756 |
+
}
|
757 |
+
|
758 |
+
/**
|
759 |
+
* Adds two BigIntegers.
|
760 |
+
*
|
761 |
+
* Here's an example:
|
762 |
+
* <code>
|
763 |
+
* <?php
|
764 |
+
* include('Math/BigInteger.php');
|
765 |
+
*
|
766 |
+
* $a = new Math_BigInteger('10');
|
767 |
+
* $b = new Math_BigInteger('20');
|
768 |
+
*
|
769 |
+
* $c = $a->add($b);
|
770 |
+
*
|
771 |
+
* echo $c->toString(); // outputs 30
|
772 |
+
* ?>
|
773 |
+
* </code>
|
774 |
+
*
|
775 |
+
* @param Math_BigInteger $y
|
776 |
+
* @return Math_BigInteger
|
777 |
+
* @access public
|
778 |
+
* @internal Performs base-2**52 addition
|
779 |
+
*/
|
780 |
+
function add($y)
|
781 |
+
{
|
782 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
783 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
784 |
+
$temp = new Math_BigInteger();
|
785 |
+
$temp->value = gmp_add($this->value, $y->value);
|
786 |
+
|
787 |
+
return $this->_normalize($temp);
|
788 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
789 |
+
$temp = new Math_BigInteger();
|
790 |
+
$temp->value = bcadd($this->value, $y->value, 0);
|
791 |
+
|
792 |
+
return $this->_normalize($temp);
|
793 |
+
}
|
794 |
+
|
795 |
+
$temp = $this->_add($this->value, $this->is_negative, $y->value, $y->is_negative);
|
796 |
+
|
797 |
+
$result = new Math_BigInteger();
|
798 |
+
$result->value = $temp[MATH_BIGINTEGER_VALUE];
|
799 |
+
$result->is_negative = $temp[MATH_BIGINTEGER_SIGN];
|
800 |
+
|
801 |
+
return $this->_normalize($result);
|
802 |
+
}
|
803 |
+
|
804 |
+
/**
|
805 |
+
* Performs addition.
|
806 |
+
*
|
807 |
+
* @param Array $x_value
|
808 |
+
* @param Boolean $x_negative
|
809 |
+
* @param Array $y_value
|
810 |
+
* @param Boolean $y_negative
|
811 |
+
* @return Array
|
812 |
+
* @access private
|
813 |
+
*/
|
814 |
+
function _add($x_value, $x_negative, $y_value, $y_negative)
|
815 |
+
{
|
816 |
+
$x_size = count($x_value);
|
817 |
+
$y_size = count($y_value);
|
818 |
+
|
819 |
+
if ($x_size == 0) {
|
820 |
+
return array(
|
821 |
+
MATH_BIGINTEGER_VALUE => $y_value,
|
822 |
+
MATH_BIGINTEGER_SIGN => $y_negative
|
823 |
+
);
|
824 |
+
} else if ($y_size == 0) {
|
825 |
+
return array(
|
826 |
+
MATH_BIGINTEGER_VALUE => $x_value,
|
827 |
+
MATH_BIGINTEGER_SIGN => $x_negative
|
828 |
+
);
|
829 |
+
}
|
830 |
+
|
831 |
+
// subtract, if appropriate
|
832 |
+
if ( $x_negative != $y_negative ) {
|
833 |
+
if ( $x_value == $y_value ) {
|
834 |
+
return array(
|
835 |
+
MATH_BIGINTEGER_VALUE => array(),
|
836 |
+
MATH_BIGINTEGER_SIGN => false
|
837 |
+
);
|
838 |
+
}
|
839 |
+
|
840 |
+
$temp = $this->_subtract($x_value, false, $y_value, false);
|
841 |
+
$temp[MATH_BIGINTEGER_SIGN] = $this->_compare($x_value, false, $y_value, false) > 0 ?
|
842 |
+
$x_negative : $y_negative;
|
843 |
+
|
844 |
+
return $temp;
|
845 |
+
}
|
846 |
+
|
847 |
+
if ($x_size < $y_size) {
|
848 |
+
$size = $x_size;
|
849 |
+
$value = $y_value;
|
850 |
+
} else {
|
851 |
+
$size = $y_size;
|
852 |
+
$value = $x_value;
|
853 |
+
}
|
854 |
+
|
855 |
+
$value[] = 0; // just in case the carry adds an extra digit
|
856 |
+
|
857 |
+
$carry = 0;
|
858 |
+
for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) {
|
859 |
+
$sum = $x_value[$j] * 0x4000000 + $x_value[$i] + $y_value[$j] * 0x4000000 + $y_value[$i] + $carry;
|
860 |
+
$carry = $sum >= MATH_BIGINTEGER_MAX_DIGIT52; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1
|
861 |
+
$sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT52 : $sum;
|
862 |
+
|
863 |
+
$temp = (int) ($sum / 0x4000000);
|
864 |
+
|
865 |
+
$value[$i] = (int) ($sum - 0x4000000 * $temp); // eg. a faster alternative to fmod($sum, 0x4000000)
|
866 |
+
$value[$j] = $temp;
|
867 |
+
}
|
868 |
+
|
869 |
+
if ($j == $size) { // ie. if $y_size is odd
|
870 |
+
$sum = $x_value[$i] + $y_value[$i] + $carry;
|
871 |
+
$carry = $sum >= 0x4000000;
|
872 |
+
$value[$i] = $carry ? $sum - 0x4000000 : $sum;
|
873 |
+
++$i; // ie. let $i = $j since we've just done $value[$i]
|
874 |
+
}
|
875 |
+
|
876 |
+
if ($carry) {
|
877 |
+
for (; $value[$i] == 0x3FFFFFF; ++$i) {
|
878 |
+
$value[$i] = 0;
|
879 |
+
}
|
880 |
+
++$value[$i];
|
881 |
+
}
|
882 |
+
|
883 |
+
return array(
|
884 |
+
MATH_BIGINTEGER_VALUE => $this->_trim($value),
|
885 |
+
MATH_BIGINTEGER_SIGN => $x_negative
|
886 |
+
);
|
887 |
+
}
|
888 |
+
|
889 |
+
/**
|
890 |
+
* Subtracts two BigIntegers.
|
891 |
+
*
|
892 |
+
* Here's an example:
|
893 |
+
* <code>
|
894 |
+
* <?php
|
895 |
+
* include('Math/BigInteger.php');
|
896 |
+
*
|
897 |
+
* $a = new Math_BigInteger('10');
|
898 |
+
* $b = new Math_BigInteger('20');
|
899 |
+
*
|
900 |
+
* $c = $a->subtract($b);
|
901 |
+
*
|
902 |
+
* echo $c->toString(); // outputs -10
|
903 |
+
* ?>
|
904 |
+
* </code>
|
905 |
+
*
|
906 |
+
* @param Math_BigInteger $y
|
907 |
+
* @return Math_BigInteger
|
908 |
+
* @access public
|
909 |
+
* @internal Performs base-2**52 subtraction
|
910 |
+
*/
|
911 |
+
function subtract($y)
|
912 |
+
{
|
913 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
914 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
915 |
+
$temp = new Math_BigInteger();
|
916 |
+
$temp->value = gmp_sub($this->value, $y->value);
|
917 |
+
|
918 |
+
return $this->_normalize($temp);
|
919 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
920 |
+
$temp = new Math_BigInteger();
|
921 |
+
$temp->value = bcsub($this->value, $y->value, 0);
|
922 |
+
|
923 |
+
return $this->_normalize($temp);
|
924 |
+
}
|
925 |
+
|
926 |
+
$temp = $this->_subtract($this->value, $this->is_negative, $y->value, $y->is_negative);
|
927 |
+
|
928 |
+
$result = new Math_BigInteger();
|
929 |
+
$result->value = $temp[MATH_BIGINTEGER_VALUE];
|
930 |
+
$result->is_negative = $temp[MATH_BIGINTEGER_SIGN];
|
931 |
+
|
932 |
+
return $this->_normalize($result);
|
933 |
+
}
|
934 |
+
|
935 |
+
/**
|
936 |
+
* Performs subtraction.
|
937 |
+
*
|
938 |
+
* @param Array $x_value
|
939 |
+
* @param Boolean $x_negative
|
940 |
+
* @param Array $y_value
|
941 |
+
* @param Boolean $y_negative
|
942 |
+
* @return Array
|
943 |
+
* @access private
|
944 |
+
*/
|
945 |
+
function _subtract($x_value, $x_negative, $y_value, $y_negative)
|
946 |
+
{
|
947 |
+
$x_size = count($x_value);
|
948 |
+
$y_size = count($y_value);
|
949 |
+
|
950 |
+
if ($x_size == 0) {
|
951 |
+
return array(
|
952 |
+
MATH_BIGINTEGER_VALUE => $y_value,
|
953 |
+
MATH_BIGINTEGER_SIGN => !$y_negative
|
954 |
+
);
|
955 |
+
} else if ($y_size == 0) {
|
956 |
+
return array(
|
957 |
+
MATH_BIGINTEGER_VALUE => $x_value,
|
958 |
+
MATH_BIGINTEGER_SIGN => $x_negative
|
959 |
+
);
|
960 |
+
}
|
961 |
+
|
962 |
+
// add, if appropriate (ie. -$x - +$y or +$x - -$y)
|
963 |
+
if ( $x_negative != $y_negative ) {
|
964 |
+
$temp = $this->_add($x_value, false, $y_value, false);
|
965 |
+
$temp[MATH_BIGINTEGER_SIGN] = $x_negative;
|
966 |
+
|
967 |
+
return $temp;
|
968 |
+
}
|
969 |
+
|
970 |
+
$diff = $this->_compare($x_value, $x_negative, $y_value, $y_negative);
|
971 |
+
|
972 |
+
if ( !$diff ) {
|
973 |
+
return array(
|
974 |
+
MATH_BIGINTEGER_VALUE => array(),
|
975 |
+
MATH_BIGINTEGER_SIGN => false
|
976 |
+
);
|
977 |
+
}
|
978 |
+
|
979 |
+
// switch $x and $y around, if appropriate.
|
980 |
+
if ( (!$x_negative && $diff < 0) || ($x_negative && $diff > 0) ) {
|
981 |
+
$temp = $x_value;
|
982 |
+
$x_value = $y_value;
|
983 |
+
$y_value = $temp;
|
984 |
+
|
985 |
+
$x_negative = !$x_negative;
|
986 |
+
|
987 |
+
$x_size = count($x_value);
|
988 |
+
$y_size = count($y_value);
|
989 |
+
}
|
990 |
+
|
991 |
+
// at this point, $x_value should be at least as big as - if not bigger than - $y_value
|
992 |
+
|
993 |
+
$carry = 0;
|
994 |
+
for ($i = 0, $j = 1; $j < $y_size; $i+=2, $j+=2) {
|
995 |
+
$sum = $x_value[$j] * 0x4000000 + $x_value[$i] - $y_value[$j] * 0x4000000 - $y_value[$i] - $carry;
|
996 |
+
$carry = $sum < 0; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1
|
997 |
+
$sum = $carry ? $sum + MATH_BIGINTEGER_MAX_DIGIT52 : $sum;
|
998 |
+
|
999 |
+
$temp = (int) ($sum / 0x4000000);
|
1000 |
+
|
1001 |
+
$x_value[$i] = (int) ($sum - 0x4000000 * $temp);
|
1002 |
+
$x_value[$j] = $temp;
|
1003 |
+
}
|
1004 |
+
|
1005 |
+
if ($j == $y_size) { // ie. if $y_size is odd
|
1006 |
+
$sum = $x_value[$i] - $y_value[$i] - $carry;
|
1007 |
+
$carry = $sum < 0;
|
1008 |
+
$x_value[$i] = $carry ? $sum + 0x4000000 : $sum;
|
1009 |
+
++$i;
|
1010 |
+
}
|
1011 |
+
|
1012 |
+
if ($carry) {
|
1013 |
+
for (; !$x_value[$i]; ++$i) {
|
1014 |
+
$x_value[$i] = 0x3FFFFFF;
|
1015 |
+
}
|
1016 |
+
--$x_value[$i];
|
1017 |
+
}
|
1018 |
+
|
1019 |
+
return array(
|
1020 |
+
MATH_BIGINTEGER_VALUE => $this->_trim($x_value),
|
1021 |
+
MATH_BIGINTEGER_SIGN => $x_negative
|
1022 |
+
);
|
1023 |
+
}
|
1024 |
+
|
1025 |
+
/**
|
1026 |
+
* Multiplies two BigIntegers
|
1027 |
+
*
|
1028 |
+
* Here's an example:
|
1029 |
+
* <code>
|
1030 |
+
* <?php
|
1031 |
+
* include('Math/BigInteger.php');
|
1032 |
+
*
|
1033 |
+
* $a = new Math_BigInteger('10');
|
1034 |
+
* $b = new Math_BigInteger('20');
|
1035 |
+
*
|
1036 |
+
* $c = $a->multiply($b);
|
1037 |
+
*
|
1038 |
+
* echo $c->toString(); // outputs 200
|
1039 |
+
* ?>
|
1040 |
+
* </code>
|
1041 |
+
*
|
1042 |
+
* @param Math_BigInteger $x
|
1043 |
+
* @return Math_BigInteger
|
1044 |
+
* @access public
|
1045 |
+
*/
|
1046 |
+
function multiply($x)
|
1047 |
+
{
|
1048 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
1049 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
1050 |
+
$temp = new Math_BigInteger();
|
1051 |
+
$temp->value = gmp_mul($this->value, $x->value);
|
1052 |
+
|
1053 |
+
return $this->_normalize($temp);
|
1054 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
1055 |
+
$temp = new Math_BigInteger();
|
1056 |
+
$temp->value = bcmul($this->value, $x->value, 0);
|
1057 |
+
|
1058 |
+
return $this->_normalize($temp);
|
1059 |
+
}
|
1060 |
+
|
1061 |
+
$temp = $this->_multiply($this->value, $this->is_negative, $x->value, $x->is_negative);
|
1062 |
+
|
1063 |
+
$product = new Math_BigInteger();
|
1064 |
+
$product->value = $temp[MATH_BIGINTEGER_VALUE];
|
1065 |
+
$product->is_negative = $temp[MATH_BIGINTEGER_SIGN];
|
1066 |
+
|
1067 |
+
return $this->_normalize($product);
|
1068 |
+
}
|
1069 |
+
|
1070 |
+
/**
|
1071 |
+
* Performs multiplication.
|
1072 |
+
*
|
1073 |
+
* @param Array $x_value
|
1074 |
+
* @param Boolean $x_negative
|
1075 |
+
* @param Array $y_value
|
1076 |
+
* @param Boolean $y_negative
|
1077 |
+
* @return Array
|
1078 |
+
* @access private
|
1079 |
+
*/
|
1080 |
+
function _multiply($x_value, $x_negative, $y_value, $y_negative)
|
1081 |
+
{
|
1082 |
+
//if ( $x_value == $y_value ) {
|
1083 |
+
// return array(
|
1084 |
+
// MATH_BIGINTEGER_VALUE => $this->_square($x_value),
|
1085 |
+
// MATH_BIGINTEGER_SIGN => $x_sign != $y_value
|
1086 |
+
// );
|
1087 |
+
//}
|
1088 |
+
|
1089 |
+
$x_length = count($x_value);
|
1090 |
+
$y_length = count($y_value);
|
1091 |
+
|
1092 |
+
if ( !$x_length || !$y_length ) { // a 0 is being multiplied
|
1093 |
+
return array(
|
1094 |
+
MATH_BIGINTEGER_VALUE => array(),
|
1095 |
+
MATH_BIGINTEGER_SIGN => false
|
1096 |
+
);
|
1097 |
+
}
|
1098 |
+
|
1099 |
+
return array(
|
1100 |
+
MATH_BIGINTEGER_VALUE => min($x_length, $y_length) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ?
|
1101 |
+
$this->_trim($this->_regularMultiply($x_value, $y_value)) :
|
1102 |
+
$this->_trim($this->_karatsuba($x_value, $y_value)),
|
1103 |
+
MATH_BIGINTEGER_SIGN => $x_negative != $y_negative
|
1104 |
+
);
|
1105 |
+
}
|
1106 |
+
|
1107 |
+
/**
|
1108 |
+
* Performs long multiplication on two BigIntegers
|
1109 |
+
*
|
1110 |
+
* Modeled after 'multiply' in MutableBigInteger.java.
|
1111 |
+
*
|
1112 |
+
* @param Array $x_value
|
1113 |
+
* @param Array $y_value
|
1114 |
+
* @return Array
|
1115 |
+
* @access private
|
1116 |
+
*/
|
1117 |
+
function _regularMultiply($x_value, $y_value)
|
1118 |
+
{
|
1119 |
+
$x_length = count($x_value);
|
1120 |
+
$y_length = count($y_value);
|
1121 |
+
|
1122 |
+
if ( !$x_length || !$y_length ) { // a 0 is being multiplied
|
1123 |
+
return array();
|
1124 |
+
}
|
1125 |
+
|
1126 |
+
if ( $x_length < $y_length ) {
|
1127 |
+
$temp = $x_value;
|
1128 |
+
$x_value = $y_value;
|
1129 |
+
$y_value = $temp;
|
1130 |
+
|
1131 |
+
$x_length = count($x_value);
|
1132 |
+
$y_length = count($y_value);
|
1133 |
+
}
|
1134 |
+
|
1135 |
+
$product_value = $this->_array_repeat(0, $x_length + $y_length);
|
1136 |
+
|
1137 |
+
// the following for loop could be removed if the for loop following it
|
1138 |
+
// (the one with nested for loops) initially set $i to 0, but
|
1139 |
+
// doing so would also make the result in one set of unnecessary adds,
|
1140 |
+
// since on the outermost loops first pass, $product->value[$k] is going
|
1141 |
+
// to always be 0
|
1142 |
+
|
1143 |
+
$carry = 0;
|
1144 |
+
|
1145 |
+
for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0
|
1146 |
+
$temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0
|
1147 |
+
$carry = (int) ($temp / 0x4000000);
|
1148 |
+
$product_value[$j] = (int) ($temp - 0x4000000 * $carry);
|
1149 |
+
}
|
1150 |
+
|
1151 |
+
$product_value[$j] = $carry;
|
1152 |
+
|
1153 |
+
// the above for loop is what the previous comment was talking about. the
|
1154 |
+
// following for loop is the "one with nested for loops"
|
1155 |
+
for ($i = 1; $i < $y_length; ++$i) {
|
1156 |
+
$carry = 0;
|
1157 |
+
|
1158 |
+
for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) {
|
1159 |
+
$temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry;
|
1160 |
+
$carry = (int) ($temp / 0x4000000);
|
1161 |
+
$product_value[$k] = (int) ($temp - 0x4000000 * $carry);
|
1162 |
+
}
|
1163 |
+
|
1164 |
+
$product_value[$k] = $carry;
|
1165 |
+
}
|
1166 |
+
|
1167 |
+
return $product_value;
|
1168 |
+
}
|
1169 |
+
|
1170 |
+
/**
|
1171 |
+
* Performs Karatsuba multiplication on two BigIntegers
|
1172 |
+
*
|
1173 |
+
* See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and
|
1174 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}.
|
1175 |
+
*
|
1176 |
+
* @param Array $x_value
|
1177 |
+
* @param Array $y_value
|
1178 |
+
* @return Array
|
1179 |
+
* @access private
|
1180 |
+
*/
|
1181 |
+
function _karatsuba($x_value, $y_value)
|
1182 |
+
{
|
1183 |
+
$m = min(count($x_value) >> 1, count($y_value) >> 1);
|
1184 |
+
|
1185 |
+
if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) {
|
1186 |
+
return $this->_regularMultiply($x_value, $y_value);
|
1187 |
+
}
|
1188 |
+
|
1189 |
+
$x1 = array_slice($x_value, $m);
|
1190 |
+
$x0 = array_slice($x_value, 0, $m);
|
1191 |
+
$y1 = array_slice($y_value, $m);
|
1192 |
+
$y0 = array_slice($y_value, 0, $m);
|
1193 |
+
|
1194 |
+
$z2 = $this->_karatsuba($x1, $y1);
|
1195 |
+
$z0 = $this->_karatsuba($x0, $y0);
|
1196 |
+
|
1197 |
+
$z1 = $this->_add($x1, false, $x0, false);
|
1198 |
+
$temp = $this->_add($y1, false, $y0, false);
|
1199 |
+
$z1 = $this->_karatsuba($z1[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_VALUE]);
|
1200 |
+
$temp = $this->_add($z2, false, $z0, false);
|
1201 |
+
$z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false);
|
1202 |
+
|
1203 |
+
$z2 = array_merge(array_fill(0, 2 * $m, 0), $z2);
|
1204 |
+
$z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]);
|
1205 |
+
|
1206 |
+
$xy = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]);
|
1207 |
+
$xy = $this->_add($xy[MATH_BIGINTEGER_VALUE], $xy[MATH_BIGINTEGER_SIGN], $z0, false);
|
1208 |
+
|
1209 |
+
return $xy[MATH_BIGINTEGER_VALUE];
|
1210 |
+
}
|
1211 |
+
|
1212 |
+
/**
|
1213 |
+
* Performs squaring
|
1214 |
+
*
|
1215 |
+
* @param Array $x
|
1216 |
+
* @return Array
|
1217 |
+
* @access private
|
1218 |
+
*/
|
1219 |
+
function _square($x = false)
|
1220 |
+
{
|
1221 |
+
return count($x) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ?
|
1222 |
+
$this->_trim($this->_baseSquare($x)) :
|
1223 |
+
$this->_trim($this->_karatsubaSquare($x));
|
1224 |
+
}
|
1225 |
+
|
1226 |
+
/**
|
1227 |
+
* Performs traditional squaring on two BigIntegers
|
1228 |
+
*
|
1229 |
+
* Squaring can be done faster than multiplying a number by itself can be. See
|
1230 |
+
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} /
|
1231 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information.
|
1232 |
+
*
|
1233 |
+
* @param Array $value
|
1234 |
+
* @return Array
|
1235 |
+
* @access private
|
1236 |
+
*/
|
1237 |
+
function _baseSquare($value)
|
1238 |
+
{
|
1239 |
+
if ( empty($value) ) {
|
1240 |
+
return array();
|
1241 |
+
}
|
1242 |
+
$square_value = $this->_array_repeat(0, 2 * count($value));
|
1243 |
+
|
1244 |
+
for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) {
|
1245 |
+
$i2 = $i << 1;
|
1246 |
+
|
1247 |
+
$temp = $square_value[$i2] + $value[$i] * $value[$i];
|
1248 |
+
$carry = (int) ($temp / 0x4000000);
|
1249 |
+
$square_value[$i2] = (int) ($temp - 0x4000000 * $carry);
|
1250 |
+
|
1251 |
+
// note how we start from $i+1 instead of 0 as we do in multiplication.
|
1252 |
+
for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) {
|
1253 |
+
$temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry;
|
1254 |
+
$carry = (int) ($temp / 0x4000000);
|
1255 |
+
$square_value[$k] = (int) ($temp - 0x4000000 * $carry);
|
1256 |
+
}
|
1257 |
+
|
1258 |
+
// the following line can yield values larger 2**15. at this point, PHP should switch
|
1259 |
+
// over to floats.
|
1260 |
+
$square_value[$i + $max_index + 1] = $carry;
|
1261 |
+
}
|
1262 |
+
|
1263 |
+
return $square_value;
|
1264 |
+
}
|
1265 |
+
|
1266 |
+
/**
|
1267 |
+
* Performs Karatsuba "squaring" on two BigIntegers
|
1268 |
+
*
|
1269 |
+
* See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and
|
1270 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}.
|
1271 |
+
*
|
1272 |
+
* @param Array $value
|
1273 |
+
* @return Array
|
1274 |
+
* @access private
|
1275 |
+
*/
|
1276 |
+
function _karatsubaSquare($value)
|
1277 |
+
{
|
1278 |
+
$m = count($value) >> 1;
|
1279 |
+
|
1280 |
+
if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) {
|
1281 |
+
return $this->_baseSquare($value);
|
1282 |
+
}
|
1283 |
+
|
1284 |
+
$x1 = array_slice($value, $m);
|
1285 |
+
$x0 = array_slice($value, 0, $m);
|
1286 |
+
|
1287 |
+
$z2 = $this->_karatsubaSquare($x1);
|
1288 |
+
$z0 = $this->_karatsubaSquare($x0);
|
1289 |
+
|
1290 |
+
$z1 = $this->_add($x1, false, $x0, false);
|
1291 |
+
$z1 = $this->_karatsubaSquare($z1[MATH_BIGINTEGER_VALUE]);
|
1292 |
+
$temp = $this->_add($z2, false, $z0, false);
|
1293 |
+
$z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false);
|
1294 |
+
|
1295 |
+
$z2 = array_merge(array_fill(0, 2 * $m, 0), $z2);
|
1296 |
+
$z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]);
|
1297 |
+
|
1298 |
+
$xx = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]);
|
1299 |
+
$xx = $this->_add($xx[MATH_BIGINTEGER_VALUE], $xx[MATH_BIGINTEGER_SIGN], $z0, false);
|
1300 |
+
|
1301 |
+
return $xx[MATH_BIGINTEGER_VALUE];
|
1302 |
+
}
|
1303 |
+
|
1304 |
+
/**
|
1305 |
+
* Divides two BigIntegers.
|
1306 |
+
*
|
1307 |
+
* Returns an array whose first element contains the quotient and whose second element contains the
|
1308 |
+
* "common residue". If the remainder would be positive, the "common residue" and the remainder are the
|
1309 |
+
* same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder
|
1310 |
+
* and the divisor (basically, the "common residue" is the first positive modulo).
|
1311 |
+
*
|
1312 |
+
* Here's an example:
|
1313 |
+
* <code>
|
1314 |
+
* <?php
|
1315 |
+
* include('Math/BigInteger.php');
|
1316 |
+
*
|
1317 |
+
* $a = new Math_BigInteger('10');
|
1318 |
+
* $b = new Math_BigInteger('20');
|
1319 |
+
*
|
1320 |
+
* list($quotient, $remainder) = $a->divide($b);
|
1321 |
+
*
|
1322 |
+
* echo $quotient->toString(); // outputs 0
|
1323 |
+
* echo "\r\n";
|
1324 |
+
* echo $remainder->toString(); // outputs 10
|
1325 |
+
* ?>
|
1326 |
+
* </code>
|
1327 |
+
*
|
1328 |
+
* @param Math_BigInteger $y
|
1329 |
+
* @return Array
|
1330 |
+
* @access public
|
1331 |
+
* @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}.
|
1332 |
+
*/
|
1333 |
+
function divide($y)
|
1334 |
+
{
|
1335 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
1336 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
1337 |
+
$quotient = new Math_BigInteger();
|
1338 |
+
$remainder = new Math_BigInteger();
|
1339 |
+
|
1340 |
+
list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value);
|
1341 |
+
|
1342 |
+
if (gmp_sign($remainder->value) < 0) {
|
1343 |
+
$remainder->value = gmp_add($remainder->value, gmp_abs($y->value));
|
1344 |
+
}
|
1345 |
+
|
1346 |
+
return array($this->_normalize($quotient), $this->_normalize($remainder));
|
1347 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
1348 |
+
$quotient = new Math_BigInteger();
|
1349 |
+
$remainder = new Math_BigInteger();
|
1350 |
+
|
1351 |
+
$quotient->value = bcdiv($this->value, $y->value, 0);
|
1352 |
+
$remainder->value = bcmod($this->value, $y->value);
|
1353 |
+
|
1354 |
+
if ($remainder->value[0] == '-') {
|
1355 |
+
$remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0);
|
1356 |
+
}
|
1357 |
+
|
1358 |
+
return array($this->_normalize($quotient), $this->_normalize($remainder));
|
1359 |
+
}
|
1360 |
+
|
1361 |
+
if (count($y->value) == 1) {
|
1362 |
+
list($q, $r) = $this->_divide_digit($this->value, $y->value[0]);
|
1363 |
+
$quotient = new Math_BigInteger();
|
1364 |
+
$remainder = new Math_BigInteger();
|
1365 |
+
$quotient->value = $q;
|
1366 |
+
$remainder->value = array($r);
|
1367 |
+
$quotient->is_negative = $this->is_negative != $y->is_negative;
|
1368 |
+
return array($this->_normalize($quotient), $this->_normalize($remainder));
|
1369 |
+
}
|
1370 |
+
|
1371 |
+
static $zero;
|
1372 |
+
if ( !isset($zero) ) {
|
1373 |
+
$zero = new Math_BigInteger();
|
1374 |
+
}
|
1375 |
+
|
1376 |
+
$x = $this->copy();
|
1377 |
+
$y = $y->copy();
|
1378 |
+
|
1379 |
+
$x_sign = $x->is_negative;
|
1380 |
+
$y_sign = $y->is_negative;
|
1381 |
+
|
1382 |
+
$x->is_negative = $y->is_negative = false;
|
1383 |
+
|
1384 |
+
$diff = $x->compare($y);
|
1385 |
+
|
1386 |
+
if ( !$diff ) {
|
1387 |
+
$temp = new Math_BigInteger();
|
1388 |
+
$temp->value = array(1);
|
1389 |
+
$temp->is_negative = $x_sign != $y_sign;
|
1390 |
+
return array($this->_normalize($temp), $this->_normalize(new Math_BigInteger()));
|
1391 |
+
}
|
1392 |
+
|
1393 |
+
if ( $diff < 0 ) {
|
1394 |
+
// if $x is negative, "add" $y.
|
1395 |
+
if ( $x_sign ) {
|
1396 |
+
$x = $y->subtract($x);
|
1397 |
+
}
|
1398 |
+
return array($this->_normalize(new Math_BigInteger()), $this->_normalize($x));
|
1399 |
+
}
|
1400 |
+
|
1401 |
+
// normalize $x and $y as described in HAC 14.23 / 14.24
|
1402 |
+
$msb = $y->value[count($y->value) - 1];
|
1403 |
+
for ($shift = 0; !($msb & 0x2000000); ++$shift) {
|
1404 |
+
$msb <<= 1;
|
1405 |
+
}
|
1406 |
+
$x->_lshift($shift);
|
1407 |
+
$y->_lshift($shift);
|
1408 |
+
$y_value = &$y->value;
|
1409 |
+
|
1410 |
+
$x_max = count($x->value) - 1;
|
1411 |
+
$y_max = count($y->value) - 1;
|
1412 |
+
|
1413 |
+
$quotient = new Math_BigInteger();
|
1414 |
+
$quotient_value = &$quotient->value;
|
1415 |
+
$quotient_value = $this->_array_repeat(0, $x_max - $y_max + 1);
|
1416 |
+
|
1417 |
+
static $temp, $lhs, $rhs;
|
1418 |
+
if (!isset($temp)) {
|
1419 |
+
$temp = new Math_BigInteger();
|
1420 |
+
$lhs = new Math_BigInteger();
|
1421 |
+
$rhs = new Math_BigInteger();
|
1422 |
+
}
|
1423 |
+
$temp_value = &$temp->value;
|
1424 |
+
$rhs_value = &$rhs->value;
|
1425 |
+
|
1426 |
+
// $temp = $y << ($x_max - $y_max-1) in base 2**26
|
1427 |
+
$temp_value = array_merge($this->_array_repeat(0, $x_max - $y_max), $y_value);
|
1428 |
+
|
1429 |
+
while ( $x->compare($temp) >= 0 ) {
|
1430 |
+
// calculate the "common residue"
|
1431 |
+
++$quotient_value[$x_max - $y_max];
|
1432 |
+
$x = $x->subtract($temp);
|
1433 |
+
$x_max = count($x->value) - 1;
|
1434 |
+
}
|
1435 |
+
|
1436 |
+
for ($i = $x_max; $i >= $y_max + 1; --$i) {
|
1437 |
+
$x_value = &$x->value;
|
1438 |
+
$x_window = array(
|
1439 |
+
isset($x_value[$i]) ? $x_value[$i] : 0,
|
1440 |
+
isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0,
|
1441 |
+
isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0
|
1442 |
+
);
|
1443 |
+
$y_window = array(
|
1444 |
+
$y_value[$y_max],
|
1445 |
+
( $y_max > 0 ) ? $y_value[$y_max - 1] : 0
|
1446 |
+
);
|
1447 |
+
|
1448 |
+
$q_index = $i - $y_max - 1;
|
1449 |
+
if ($x_window[0] == $y_window[0]) {
|
1450 |
+
$quotient_value[$q_index] = 0x3FFFFFF;
|
1451 |
+
} else {
|
1452 |
+
$quotient_value[$q_index] = (int) (
|
1453 |
+
($x_window[0] * 0x4000000 + $x_window[1])
|
1454 |
+
/
|
1455 |
+
$y_window[0]
|
1456 |
+
);
|
1457 |
+
}
|
1458 |
+
|
1459 |
+
$temp_value = array($y_window[1], $y_window[0]);
|
1460 |
+
|
1461 |
+
$lhs->value = array($quotient_value[$q_index]);
|
1462 |
+
$lhs = $lhs->multiply($temp);
|
1463 |
+
|
1464 |
+
$rhs_value = array($x_window[2], $x_window[1], $x_window[0]);
|
1465 |
+
|
1466 |
+
while ( $lhs->compare($rhs) > 0 ) {
|
1467 |
+
--$quotient_value[$q_index];
|
1468 |
+
|
1469 |
+
$lhs->value = array($quotient_value[$q_index]);
|
1470 |
+
$lhs = $lhs->multiply($temp);
|
1471 |
+
}
|
1472 |
+
|
1473 |
+
$adjust = $this->_array_repeat(0, $q_index);
|
1474 |
+
$temp_value = array($quotient_value[$q_index]);
|
1475 |
+
$temp = $temp->multiply($y);
|
1476 |
+
$temp_value = &$temp->value;
|
1477 |
+
$temp_value = array_merge($adjust, $temp_value);
|
1478 |
+
|
1479 |
+
$x = $x->subtract($temp);
|
1480 |
+
|
1481 |
+
if ($x->compare($zero) < 0) {
|
1482 |
+
$temp_value = array_merge($adjust, $y_value);
|
1483 |
+
$x = $x->add($temp);
|
1484 |
+
|
1485 |
+
--$quotient_value[$q_index];
|
1486 |
+
}
|
1487 |
+
|
1488 |
+
$x_max = count($x_value) - 1;
|
1489 |
+
}
|
1490 |
+
|
1491 |
+
// unnormalize the remainder
|
1492 |
+
$x->_rshift($shift);
|
1493 |
+
|
1494 |
+
$quotient->is_negative = $x_sign != $y_sign;
|
1495 |
+
|
1496 |
+
// calculate the "common residue", if appropriate
|
1497 |
+
if ( $x_sign ) {
|
1498 |
+
$y->_rshift($shift);
|
1499 |
+
$x = $y->subtract($x);
|
1500 |
+
}
|
1501 |
+
|
1502 |
+
return array($this->_normalize($quotient), $this->_normalize($x));
|
1503 |
+
}
|
1504 |
+
|
1505 |
+
/**
|
1506 |
+
* Divides a BigInteger by a regular integer
|
1507 |
+
*
|
1508 |
+
* abc / x = a00 / x + b0 / x + c / x
|
1509 |
+
*
|
1510 |
+
* @param Array $dividend
|
1511 |
+
* @param Array $divisor
|
1512 |
+
* @return Array
|
1513 |
+
* @access private
|
1514 |
+
*/
|
1515 |
+
function _divide_digit($dividend, $divisor)
|
1516 |
+
{
|
1517 |
+
$carry = 0;
|
1518 |
+
$result = array();
|
1519 |
+
|
1520 |
+
for ($i = count($dividend) - 1; $i >= 0; --$i) {
|
1521 |
+
$temp = 0x4000000 * $carry + $dividend[$i];
|
1522 |
+
$result[$i] = (int) ($temp / $divisor);
|
1523 |
+
$carry = (int) ($temp - $divisor * $result[$i]);
|
1524 |
+
}
|
1525 |
+
|
1526 |
+
return array($result, $carry);
|
1527 |
+
}
|
1528 |
+
|
1529 |
+
/**
|
1530 |
+
* Performs modular exponentiation.
|
1531 |
+
*
|
1532 |
+
* Here's an example:
|
1533 |
+
* <code>
|
1534 |
+
* <?php
|
1535 |
+
* include('Math/BigInteger.php');
|
1536 |
+
*
|
1537 |
+
* $a = new Math_BigInteger('10');
|
1538 |
+
* $b = new Math_BigInteger('20');
|
1539 |
+
* $c = new Math_BigInteger('30');
|
1540 |
+
*
|
1541 |
+
* $c = $a->modPow($b, $c);
|
1542 |
+
*
|
1543 |
+
* echo $c->toString(); // outputs 10
|
1544 |
+
* ?>
|
1545 |
+
* </code>
|
1546 |
+
*
|
1547 |
+
* @param Math_BigInteger $e
|
1548 |
+
* @param Math_BigInteger $n
|
1549 |
+
* @return Math_BigInteger
|
1550 |
+
* @access public
|
1551 |
+
* @internal The most naive approach to modular exponentiation has very unreasonable requirements, and
|
1552 |
+
* and although the approach involving repeated squaring does vastly better, it, too, is impractical
|
1553 |
+
* for our purposes. The reason being that division - by far the most complicated and time-consuming
|
1554 |
+
* of the basic operations (eg. +,-,*,/) - occurs multiple times within it.
|
1555 |
+
*
|
1556 |
+
* Modular reductions resolve this issue. Although an individual modular reduction takes more time
|
1557 |
+
* then an individual division, when performed in succession (with the same modulo), they're a lot faster.
|
1558 |
+
*
|
1559 |
+
* The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction,
|
1560 |
+
* although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the
|
1561 |
+
* base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because
|
1562 |
+
* the product of two odd numbers is odd), but what about when RSA isn't used?
|
1563 |
+
*
|
1564 |
+
* In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a
|
1565 |
+
* Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the
|
1566 |
+
* modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however,
|
1567 |
+
* uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and
|
1568 |
+
* the other, a power of two - and recombine them, later. This is the method that this modPow function uses.
|
1569 |
+
* {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates.
|
1570 |
+
*/
|
1571 |
+
function modPow($e, $n)
|
1572 |
+
{
|
1573 |
+
$n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs();
|
1574 |
+
|
1575 |
+
if ($e->compare(new Math_BigInteger()) < 0) {
|
1576 |
+
$e = $e->abs();
|
1577 |
+
|
1578 |
+
$temp = $this->modInverse($n);
|
1579 |
+
if ($temp === false) {
|
1580 |
+
return false;
|
1581 |
+
}
|
1582 |
+
|
1583 |
+
return $this->_normalize($temp->modPow($e, $n));
|
1584 |
+
}
|
1585 |
+
|
1586 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
1587 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
1588 |
+
$temp = new Math_BigInteger();
|
1589 |
+
$temp->value = gmp_powm($this->value, $e->value, $n->value);
|
1590 |
+
|
1591 |
+
return $this->_normalize($temp);
|
1592 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
1593 |
+
$temp = new Math_BigInteger();
|
1594 |
+
$temp->value = bcpowmod($this->value, $e->value, $n->value, 0);
|
1595 |
+
|
1596 |
+
return $this->_normalize($temp);
|
1597 |
+
}
|
1598 |
+
|
1599 |
+
if ( empty($e->value) ) {
|
1600 |
+
$temp = new Math_BigInteger();
|
1601 |
+
$temp->value = array(1);
|
1602 |
+
return $this->_normalize($temp);
|
1603 |
+
}
|
1604 |
+
|
1605 |
+
if ( $e->value == array(1) ) {
|
1606 |
+
list(, $temp) = $this->divide($n);
|
1607 |
+
return $this->_normalize($temp);
|
1608 |
+
}
|
1609 |
+
|
1610 |
+
if ( $e->value == array(2) ) {
|
1611 |
+
$temp = new Math_BigInteger();
|
1612 |
+
$temp->value = $this->_square($this->value);
|
1613 |
+
list(, $temp) = $temp->divide($n);
|
1614 |
+
return $this->_normalize($temp);
|
1615 |
+
}
|
1616 |
+
|
1617 |
+
return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT));
|
1618 |
+
|
1619 |
+
// is the modulo odd?
|
1620 |
+
if ( $n->value[0] & 1 ) {
|
1621 |
+
return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY));
|
1622 |
+
}
|
1623 |
+
// if it's not, it's even
|
1624 |
+
|
1625 |
+
// find the lowest set bit (eg. the max pow of 2 that divides $n)
|
1626 |
+
for ($i = 0; $i < count($n->value); ++$i) {
|
1627 |
+
if ( $n->value[$i] ) {
|
1628 |
+
$temp = decbin($n->value[$i]);
|
1629 |
+
$j = strlen($temp) - strrpos($temp, '1') - 1;
|
1630 |
+
$j+= 26 * $i;
|
1631 |
+
break;
|
1632 |
+
}
|
1633 |
+
}
|
1634 |
+
// at this point, 2^$j * $n/(2^$j) == $n
|
1635 |
+
|
1636 |
+
$mod1 = $n->copy();
|
1637 |
+
$mod1->_rshift($j);
|
1638 |
+
$mod2 = new Math_BigInteger();
|
1639 |
+
$mod2->value = array(1);
|
1640 |
+
$mod2->_lshift($j);
|
1641 |
+
|
1642 |
+
$part1 = ( $mod1->value != array(1) ) ? $this->_slidingWindow($e, $mod1, MATH_BIGINTEGER_MONTGOMERY) : new Math_BigInteger();
|
1643 |
+
$part2 = $this->_slidingWindow($e, $mod2, MATH_BIGINTEGER_POWEROF2);
|
1644 |
+
|
1645 |
+
$y1 = $mod2->modInverse($mod1);
|
1646 |
+
$y2 = $mod1->modInverse($mod2);
|
1647 |
+
|
1648 |
+
$result = $part1->multiply($mod2);
|
1649 |
+
$result = $result->multiply($y1);
|
1650 |
+
|
1651 |
+
$temp = $part2->multiply($mod1);
|
1652 |
+
$temp = $temp->multiply($y2);
|
1653 |
+
|
1654 |
+
$result = $result->add($temp);
|
1655 |
+
list(, $result) = $result->divide($n);
|
1656 |
+
|
1657 |
+
return $this->_normalize($result);
|
1658 |
+
}
|
1659 |
+
|
1660 |
+
/**
|
1661 |
+
* Performs modular exponentiation.
|
1662 |
+
*
|
1663 |
+
* Alias for Math_BigInteger::modPow()
|
1664 |
+
*
|
1665 |
+
* @param Math_BigInteger $e
|
1666 |
+
* @param Math_BigInteger $n
|
1667 |
+
* @return Math_BigInteger
|
1668 |
+
* @access public
|
1669 |
+
*/
|
1670 |
+
function powMod($e, $n)
|
1671 |
+
{
|
1672 |
+
return $this->modPow($e, $n);
|
1673 |
+
}
|
1674 |
+
|
1675 |
+
/**
|
1676 |
+
* Sliding Window k-ary Modular Exponentiation
|
1677 |
+
*
|
1678 |
+
* Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} /
|
1679 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims,
|
1680 |
+
* however, this function performs a modular reduction after every multiplication and squaring operation.
|
1681 |
+
* As such, this function has the same preconditions that the reductions being used do.
|
1682 |
+
*
|
1683 |
+
* @param Math_BigInteger $e
|
1684 |
+
* @param Math_BigInteger $n
|
1685 |
+
* @param Integer $mode
|
1686 |
+
* @return Math_BigInteger
|
1687 |
+
* @access private
|
1688 |
+
*/
|
1689 |
+
function _slidingWindow($e, $n, $mode)
|
1690 |
+
{
|
1691 |
+
static $window_ranges = array(7, 25, 81, 241, 673, 1793); // from BigInteger.java's oddModPow function
|
1692 |
+
//static $window_ranges = array(0, 7, 36, 140, 450, 1303, 3529); // from MPM 7.3.1
|
1693 |
+
|
1694 |
+
$e_value = $e->value;
|
1695 |
+
$e_length = count($e_value) - 1;
|
1696 |
+
$e_bits = decbin($e_value[$e_length]);
|
1697 |
+
for ($i = $e_length - 1; $i >= 0; --$i) {
|
1698 |
+
$e_bits.= str_pad(decbin($e_value[$i]), 26, '0', STR_PAD_LEFT);
|
1699 |
+
}
|
1700 |
+
|
1701 |
+
$e_length = strlen($e_bits);
|
1702 |
+
|
1703 |
+
// calculate the appropriate window size.
|
1704 |
+
// $window_size == 3 if $window_ranges is between 25 and 81, for example.
|
1705 |
+
for ($i = 0, $window_size = 1; $e_length > $window_ranges[$i] && $i < count($window_ranges); ++$window_size, ++$i);
|
1706 |
+
|
1707 |
+
$n_value = $n->value;
|
1708 |
+
|
1709 |
+
// precompute $this^0 through $this^$window_size
|
1710 |
+
$powers = array();
|
1711 |
+
$powers[1] = $this->_prepareReduce($this->value, $n_value, $mode);
|
1712 |
+
$powers[2] = $this->_squareReduce($powers[1], $n_value, $mode);
|
1713 |
+
|
1714 |
+
// we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end
|
1715 |
+
// in a 1. ie. it's supposed to be odd.
|
1716 |
+
$temp = 1 << ($window_size - 1);
|
1717 |
+
for ($i = 1; $i < $temp; ++$i) {
|
1718 |
+
$i2 = $i << 1;
|
1719 |
+
$powers[$i2 + 1] = $this->_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode);
|
1720 |
+
}
|
1721 |
+
|
1722 |
+
$result = array(1);
|
1723 |
+
$result = $this->_prepareReduce($result, $n_value, $mode);
|
1724 |
+
|
1725 |
+
for ($i = 0; $i < $e_length; ) {
|
1726 |
+
if ( !$e_bits[$i] ) {
|
1727 |
+
$result = $this->_squareReduce($result, $n_value, $mode);
|
1728 |
+
++$i;
|
1729 |
+
} else {
|
1730 |
+
for ($j = $window_size - 1; $j > 0; --$j) {
|
1731 |
+
if ( !empty($e_bits[$i + $j]) ) {
|
1732 |
+
break;
|
1733 |
+
}
|
1734 |
+
}
|
1735 |
+
|
1736 |
+
for ($k = 0; $k <= $j; ++$k) {// eg. the length of substr($e_bits, $i, $j+1)
|
1737 |
+
$result = $this->_squareReduce($result, $n_value, $mode);
|
1738 |
+
}
|
1739 |
+
|
1740 |
+
$result = $this->_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode);
|
1741 |
+
|
1742 |
+
$i+=$j + 1;
|
1743 |
+
}
|
1744 |
+
}
|
1745 |
+
|
1746 |
+
$temp = new Math_BigInteger();
|
1747 |
+
$temp->value = $this->_reduce($result, $n_value, $mode);
|
1748 |
+
|
1749 |
+
return $temp;
|
1750 |
+
}
|
1751 |
+
|
1752 |
+
/**
|
1753 |
+
* Modular reduction
|
1754 |
+
*
|
1755 |
+
* For most $modes this will return the remainder.
|
1756 |
+
*
|
1757 |
+
* @see _slidingWindow()
|
1758 |
+
* @access private
|
1759 |
+
* @param Array $x
|
1760 |
+
* @param Array $n
|
1761 |
+
* @param Integer $mode
|
1762 |
+
* @return Array
|
1763 |
+
*/
|
1764 |
+
function _reduce($x, $n, $mode)
|
1765 |
+
{
|
1766 |
+
switch ($mode) {
|
1767 |
+
case MATH_BIGINTEGER_MONTGOMERY:
|
1768 |
+
return $this->_montgomery($x, $n);
|
1769 |
+
case MATH_BIGINTEGER_BARRETT:
|
1770 |
+
return $this->_barrett($x, $n);
|
1771 |
+
case MATH_BIGINTEGER_POWEROF2:
|
1772 |
+
$lhs = new Math_BigInteger();
|
1773 |
+
$lhs->value = $x;
|
1774 |
+
$rhs = new Math_BigInteger();
|
1775 |
+
$rhs->value = $n;
|
1776 |
+
return $x->_mod2($n);
|
1777 |
+
case MATH_BIGINTEGER_CLASSIC:
|
1778 |
+
$lhs = new Math_BigInteger();
|
1779 |
+
$lhs->value = $x;
|
1780 |
+
$rhs = new Math_BigInteger();
|
1781 |
+
$rhs->value = $n;
|
1782 |
+
list(, $temp) = $lhs->divide($rhs);
|
1783 |
+
return $temp->value;
|
1784 |
+
case MATH_BIGINTEGER_NONE:
|
1785 |
+
return $x;
|
1786 |
+
default:
|
1787 |
+
// an invalid $mode was provided
|
1788 |
+
}
|
1789 |
+
}
|
1790 |
+
|
1791 |
+
/**
|
1792 |
+
* Modular reduction preperation
|
1793 |
+
*
|
1794 |
+
* @see _slidingWindow()
|
1795 |
+
* @access private
|
1796 |
+
* @param Array $x
|
1797 |
+
* @param Array $n
|
1798 |
+
* @param Integer $mode
|
1799 |
+
* @return Array
|
1800 |
+
*/
|
1801 |
+
function _prepareReduce($x, $n, $mode)
|
1802 |
+
{
|
1803 |
+
if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
|
1804 |
+
return $this->_prepMontgomery($x, $n);
|
1805 |
+
}
|
1806 |
+
return $this->_reduce($x, $n, $mode);
|
1807 |
+
}
|
1808 |
+
|
1809 |
+
/**
|
1810 |
+
* Modular multiply
|
1811 |
+
*
|
1812 |
+
* @see _slidingWindow()
|
1813 |
+
* @access private
|
1814 |
+
* @param Array $x
|
1815 |
+
* @param Array $y
|
1816 |
+
* @param Array $n
|
1817 |
+
* @param Integer $mode
|
1818 |
+
* @return Array
|
1819 |
+
*/
|
1820 |
+
function _multiplyReduce($x, $y, $n, $mode)
|
1821 |
+
{
|
1822 |
+
if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
|
1823 |
+
return $this->_montgomeryMultiply($x, $y, $n);
|
1824 |
+
}
|
1825 |
+
$temp = $this->_multiply($x, false, $y, false);
|
1826 |
+
return $this->_reduce($temp[MATH_BIGINTEGER_VALUE], $n, $mode);
|
1827 |
+
}
|
1828 |
+
|
1829 |
+
/**
|
1830 |
+
* Modular square
|
1831 |
+
*
|
1832 |
+
* @see _slidingWindow()
|
1833 |
+
* @access private
|
1834 |
+
* @param Array $x
|
1835 |
+
* @param Array $n
|
1836 |
+
* @param Integer $mode
|
1837 |
+
* @return Array
|
1838 |
+
*/
|
1839 |
+
function _squareReduce($x, $n, $mode)
|
1840 |
+
{
|
1841 |
+
if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
|
1842 |
+
return $this->_montgomeryMultiply($x, $x, $n);
|
1843 |
+
}
|
1844 |
+
return $this->_reduce($this->_square($x), $n, $mode);
|
1845 |
+
}
|
1846 |
+
|
1847 |
+
/**
|
1848 |
+
* Modulos for Powers of Two
|
1849 |
+
*
|
1850 |
+
* Calculates $x%$n, where $n = 2**$e, for some $e. Since this is basically the same as doing $x & ($n-1),
|
1851 |
+
* we'll just use this function as a wrapper for doing that.
|
1852 |
+
*
|
1853 |
+
* @see _slidingWindow()
|
1854 |
+
* @access private
|
1855 |
+
* @param Math_BigInteger
|
1856 |
+
* @return Math_BigInteger
|
1857 |
+
*/
|
1858 |
+
function _mod2($n)
|
1859 |
+
{
|
1860 |
+
$temp = new Math_BigInteger();
|
1861 |
+
$temp->value = array(1);
|
1862 |
+
return $this->bitwise_and($n->subtract($temp));
|
1863 |
+
}
|
1864 |
+
|
1865 |
+
/**
|
1866 |
+
* Barrett Modular Reduction
|
1867 |
+
*
|
1868 |
+
* See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} /
|
1869 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly,
|
1870 |
+
* so as not to require negative numbers (initially, this script didn't support negative numbers).
|
1871 |
+
*
|
1872 |
+
* Employs "folding", as described at
|
1873 |
+
* {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from
|
1874 |
+
* it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x."
|
1875 |
+
*
|
1876 |
+
* Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that
|
1877 |
+
* usable on account of (1) its not using reasonable radix points as discussed in
|
1878 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable
|
1879 |
+
* radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that
|
1880 |
+
* (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line
|
1881 |
+
* comments for details.
|
1882 |
+
*
|
1883 |
+
* @see _slidingWindow()
|
1884 |
+
* @access private
|
1885 |
+
* @param Array $n
|
1886 |
+
* @param Array $m
|
1887 |
+
* @return Array
|
1888 |
+
*/
|
1889 |
+
function _barrett($n, $m)
|
1890 |
+
{
|
1891 |
+
static $cache = array(
|
1892 |
+
MATH_BIGINTEGER_VARIABLE => array(),
|
1893 |
+
MATH_BIGINTEGER_DATA => array()
|
1894 |
+
);
|
1895 |
+
|
1896 |
+
$m_length = count($m);
|
1897 |
+
|
1898 |
+
// if ($this->_compare($n, $this->_square($m)) >= 0) {
|
1899 |
+
if (count($n) > 2 * $m_length) {
|
1900 |
+
$lhs = new Math_BigInteger();
|
1901 |
+
$rhs = new Math_BigInteger();
|
1902 |
+
$lhs->value = $n;
|
1903 |
+
$rhs->value = $m;
|
1904 |
+
list(, $temp) = $lhs->divide($rhs);
|
1905 |
+
return $temp->value;
|
1906 |
+
}
|
1907 |
+
|
1908 |
+
// if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced
|
1909 |
+
if ($m_length < 5) {
|
1910 |
+
return $this->_regularBarrett($n, $m);
|
1911 |
+
}
|
1912 |
+
|
1913 |
+
// n = 2 * m.length
|
1914 |
+
|
1915 |
+
if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
1916 |
+
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
1917 |
+
$cache[MATH_BIGINTEGER_VARIABLE][] = $m;
|
1918 |
+
|
1919 |
+
$lhs = new Math_BigInteger();
|
1920 |
+
$lhs_value = &$lhs->value;
|
1921 |
+
$lhs_value = $this->_array_repeat(0, $m_length + ($m_length >> 1));
|
1922 |
+
$lhs_value[] = 1;
|
1923 |
+
$rhs = new Math_BigInteger();
|
1924 |
+
$rhs->value = $m;
|
1925 |
+
|
1926 |
+
list($u, $m1) = $lhs->divide($rhs);
|
1927 |
+
$u = $u->value;
|
1928 |
+
$m1 = $m1->value;
|
1929 |
+
|
1930 |
+
$cache[MATH_BIGINTEGER_DATA][] = array(
|
1931 |
+
'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1)
|
1932 |
+
'm1'=> $m1 // m.length
|
1933 |
+
);
|
1934 |
+
} else {
|
1935 |
+
extract($cache[MATH_BIGINTEGER_DATA][$key]);
|
1936 |
+
}
|
1937 |
+
|
1938 |
+
$cutoff = $m_length + ($m_length >> 1);
|
1939 |
+
$lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1)
|
1940 |
+
$msd = array_slice($n, $cutoff); // m.length >> 1
|
1941 |
+
$lsd = $this->_trim($lsd);
|
1942 |
+
$temp = $this->_multiply($msd, false, $m1, false);
|
1943 |
+
$n = $this->_add($lsd, false, $temp[MATH_BIGINTEGER_VALUE], false); // m.length + (m.length >> 1) + 1
|
1944 |
+
|
1945 |
+
if ($m_length & 1) {
|
1946 |
+
return $this->_regularBarrett($n[MATH_BIGINTEGER_VALUE], $m);
|
1947 |
+
}
|
1948 |
+
|
1949 |
+
// (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2
|
1950 |
+
$temp = array_slice($n[MATH_BIGINTEGER_VALUE], $m_length - 1);
|
1951 |
+
// if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2
|
1952 |
+
// if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1
|
1953 |
+
$temp = $this->_multiply($temp, false, $u, false);
|
1954 |
+
// if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1
|
1955 |
+
// if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1)
|
1956 |
+
$temp = array_slice($temp[MATH_BIGINTEGER_VALUE], ($m_length >> 1) + 1);
|
1957 |
+
// if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1
|
1958 |
+
// if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1)
|
1959 |
+
$temp = $this->_multiply($temp, false, $m, false);
|
1960 |
+
|
1961 |
+
// at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit
|
1962 |
+
// number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop
|
1963 |
+
// following this comment would loop a lot (hence our calling _regularBarrett() in that situation).
|
1964 |
+
|
1965 |
+
$result = $this->_subtract($n[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false);
|
1966 |
+
|
1967 |
+
while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false) >= 0) {
|
1968 |
+
$result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false);
|
1969 |
+
}
|
1970 |
+
|
1971 |
+
return $result[MATH_BIGINTEGER_VALUE];
|
1972 |
+
}
|
1973 |
+
|
1974 |
+
/**
|
1975 |
+
* (Regular) Barrett Modular Reduction
|
1976 |
+
*
|
1977 |
+
* For numbers with more than four digits Math_BigInteger::_barrett() is faster. The difference between that and this
|
1978 |
+
* is that this function does not fold the denominator into a smaller form.
|
1979 |
+
*
|
1980 |
+
* @see _slidingWindow()
|
1981 |
+
* @access private
|
1982 |
+
* @param Array $x
|
1983 |
+
* @param Array $n
|
1984 |
+
* @return Array
|
1985 |
+
*/
|
1986 |
+
function _regularBarrett($x, $n)
|
1987 |
+
{
|
1988 |
+
static $cache = array(
|
1989 |
+
MATH_BIGINTEGER_VARIABLE => array(),
|
1990 |
+
MATH_BIGINTEGER_DATA => array()
|
1991 |
+
);
|
1992 |
+
|
1993 |
+
$n_length = count($n);
|
1994 |
+
|
1995 |
+
if (count($x) > 2 * $n_length) {
|
1996 |
+
$lhs = new Math_BigInteger();
|
1997 |
+
$rhs = new Math_BigInteger();
|
1998 |
+
$lhs->value = $x;
|
1999 |
+
$rhs->value = $n;
|
2000 |
+
list(, $temp) = $lhs->divide($rhs);
|
2001 |
+
return $temp->value;
|
2002 |
+
}
|
2003 |
+
|
2004 |
+
if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
2005 |
+
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
2006 |
+
$cache[MATH_BIGINTEGER_VARIABLE][] = $n;
|
2007 |
+
$lhs = new Math_BigInteger();
|
2008 |
+
$lhs_value = &$lhs->value;
|
2009 |
+
$lhs_value = $this->_array_repeat(0, 2 * $n_length);
|
2010 |
+
$lhs_value[] = 1;
|
2011 |
+
$rhs = new Math_BigInteger();
|
2012 |
+
$rhs->value = $n;
|
2013 |
+
list($temp, ) = $lhs->divide($rhs); // m.length
|
2014 |
+
$cache[MATH_BIGINTEGER_DATA][] = $temp->value;
|
2015 |
+
}
|
2016 |
+
|
2017 |
+
// 2 * m.length - (m.length - 1) = m.length + 1
|
2018 |
+
$temp = array_slice($x, $n_length - 1);
|
2019 |
+
// (m.length + 1) + m.length = 2 * m.length + 1
|
2020 |
+
$temp = $this->_multiply($temp, false, $cache[MATH_BIGINTEGER_DATA][$key], false);
|
2021 |
+
// (2 * m.length + 1) - (m.length - 1) = m.length + 2
|
2022 |
+
$temp = array_slice($temp[MATH_BIGINTEGER_VALUE], $n_length + 1);
|
2023 |
+
|
2024 |
+
// m.length + 1
|
2025 |
+
$result = array_slice($x, 0, $n_length + 1);
|
2026 |
+
// m.length + 1
|
2027 |
+
$temp = $this->_multiplyLower($temp, false, $n, false, $n_length + 1);
|
2028 |
+
// $temp == array_slice($temp->_multiply($temp, false, $n, false)->value, 0, $n_length + 1)
|
2029 |
+
|
2030 |
+
if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) {
|
2031 |
+
$corrector_value = $this->_array_repeat(0, $n_length + 1);
|
2032 |
+
$corrector_value[] = 1;
|
2033 |
+
$result = $this->_add($result, false, $corrector, false);
|
2034 |
+
$result = $result[MATH_BIGINTEGER_VALUE];
|
2035 |
+
}
|
2036 |
+
|
2037 |
+
// at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits
|
2038 |
+
$result = $this->_subtract($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]);
|
2039 |
+
while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false) > 0) {
|
2040 |
+
$result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false);
|
2041 |
+
}
|
2042 |
+
|
2043 |
+
return $result[MATH_BIGINTEGER_VALUE];
|
2044 |
+
}
|
2045 |
+
|
2046 |
+
/**
|
2047 |
+
* Performs long multiplication up to $stop digits
|
2048 |
+
*
|
2049 |
+
* If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved.
|
2050 |
+
*
|
2051 |
+
* @see _regularBarrett()
|
2052 |
+
* @param Array $x_value
|
2053 |
+
* @param Boolean $x_negative
|
2054 |
+
* @param Array $y_value
|
2055 |
+
* @param Boolean $y_negative
|
2056 |
+
* @return Array
|
2057 |
+
* @access private
|
2058 |
+
*/
|
2059 |
+
function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop)
|
2060 |
+
{
|
2061 |
+
$x_length = count($x_value);
|
2062 |
+
$y_length = count($y_value);
|
2063 |
+
|
2064 |
+
if ( !$x_length || !$y_length ) { // a 0 is being multiplied
|
2065 |
+
return array(
|
2066 |
+
MATH_BIGINTEGER_VALUE => array(),
|
2067 |
+
MATH_BIGINTEGER_SIGN => false
|
2068 |
+
);
|
2069 |
+
}
|
2070 |
+
|
2071 |
+
if ( $x_length < $y_length ) {
|
2072 |
+
$temp = $x_value;
|
2073 |
+
$x_value = $y_value;
|
2074 |
+
$y_value = $temp;
|
2075 |
+
|
2076 |
+
$x_length = count($x_value);
|
2077 |
+
$y_length = count($y_value);
|
2078 |
+
}
|
2079 |
+
|
2080 |
+
$product_value = $this->_array_repeat(0, $x_length + $y_length);
|
2081 |
+
|
2082 |
+
// the following for loop could be removed if the for loop following it
|
2083 |
+
// (the one with nested for loops) initially set $i to 0, but
|
2084 |
+
// doing so would also make the result in one set of unnecessary adds,
|
2085 |
+
// since on the outermost loops first pass, $product->value[$k] is going
|
2086 |
+
// to always be 0
|
2087 |
+
|
2088 |
+
$carry = 0;
|
2089 |
+
|
2090 |
+
for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i
|
2091 |
+
$temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0
|
2092 |
+
$carry = (int) ($temp / 0x4000000);
|
2093 |
+
$product_value[$j] = (int) ($temp - 0x4000000 * $carry);
|
2094 |
+
}
|
2095 |
+
|
2096 |
+
if ($j < $stop) {
|
2097 |
+
$product_value[$j] = $carry;
|
2098 |
+
}
|
2099 |
+
|
2100 |
+
// the above for loop is what the previous comment was talking about. the
|
2101 |
+
// following for loop is the "one with nested for loops"
|
2102 |
+
|
2103 |
+
for ($i = 1; $i < $y_length; ++$i) {
|
2104 |
+
$carry = 0;
|
2105 |
+
|
2106 |
+
for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) {
|
2107 |
+
$temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry;
|
2108 |
+
$carry = (int) ($temp / 0x4000000);
|
2109 |
+
$product_value[$k] = (int) ($temp - 0x4000000 * $carry);
|
2110 |
+
}
|
2111 |
+
|
2112 |
+
if ($k < $stop) {
|
2113 |
+
$product_value[$k] = $carry;
|
2114 |
+
}
|
2115 |
+
}
|
2116 |
+
|
2117 |
+
return array(
|
2118 |
+
MATH_BIGINTEGER_VALUE => $this->_trim($product_value),
|
2119 |
+
MATH_BIGINTEGER_SIGN => $x_negative != $y_negative
|
2120 |
+
);
|
2121 |
+
}
|
2122 |
+
|
2123 |
+
/**
|
2124 |
+
* Montgomery Modular Reduction
|
2125 |
+
*
|
2126 |
+
* ($x->_prepMontgomery($n))->_montgomery($n) yields $x % $n.
|
2127 |
+
* {@link http://math.libtomcrypt.com/files/tommath.pdf#page=170 MPM 6.3} provides insights on how this can be
|
2128 |
+
* improved upon (basically, by using the comba method). gcd($n, 2) must be equal to one for this function
|
2129 |
+
* to work correctly.
|
2130 |
+
*
|
2131 |
+
* @see _prepMontgomery()
|
2132 |
+
* @see _slidingWindow()
|
2133 |
+
* @access private
|
2134 |
+
* @param Array $x
|
2135 |
+
* @param Array $n
|
2136 |
+
* @return Array
|
2137 |
+
*/
|
2138 |
+
function _montgomery($x, $n)
|
2139 |
+
{
|
2140 |
+
static $cache = array(
|
2141 |
+
MATH_BIGINTEGER_VARIABLE => array(),
|
2142 |
+
MATH_BIGINTEGER_DATA => array()
|
2143 |
+
);
|
2144 |
+
|
2145 |
+
if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
2146 |
+
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
2147 |
+
$cache[MATH_BIGINTEGER_VARIABLE][] = $x;
|
2148 |
+
$cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($n);
|
2149 |
+
}
|
2150 |
+
|
2151 |
+
$k = count($n);
|
2152 |
+
|
2153 |
+
$result = array(MATH_BIGINTEGER_VALUE => $x);
|
2154 |
+
|
2155 |
+
for ($i = 0; $i < $k; ++$i) {
|
2156 |
+
$temp = $result[MATH_BIGINTEGER_VALUE][$i] * $cache[MATH_BIGINTEGER_DATA][$key];
|
2157 |
+
$temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
|
2158 |
+
$temp = $this->_regularMultiply(array($temp), $n);
|
2159 |
+
$temp = array_merge($this->_array_repeat(0, $i), $temp);
|
2160 |
+
$result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false);
|
2161 |
+
}
|
2162 |
+
|
2163 |
+
$result[MATH_BIGINTEGER_VALUE] = array_slice($result[MATH_BIGINTEGER_VALUE], $k);
|
2164 |
+
|
2165 |
+
if ($this->_compare($result, false, $n, false) >= 0) {
|
2166 |
+
$result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], false, $n, false);
|
2167 |
+
}
|
2168 |
+
|
2169 |
+
return $result[MATH_BIGINTEGER_VALUE];
|
2170 |
+
}
|
2171 |
+
|
2172 |
+
/**
|
2173 |
+
* Montgomery Multiply
|
2174 |
+
*
|
2175 |
+
* Interleaves the montgomery reduction and long multiplication algorithms together as described in
|
2176 |
+
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36}
|
2177 |
+
*
|
2178 |
+
* @see _prepMontgomery()
|
2179 |
+
* @see _montgomery()
|
2180 |
+
* @access private
|
2181 |
+
* @param Array $x
|
2182 |
+
* @param Array $y
|
2183 |
+
* @param Array $m
|
2184 |
+
* @return Array
|
2185 |
+
*/
|
2186 |
+
function _montgomeryMultiply($x, $y, $m)
|
2187 |
+
{
|
2188 |
+
$temp = $this->_multiply($x, false, $y, false);
|
2189 |
+
return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m);
|
2190 |
+
|
2191 |
+
static $cache = array(
|
2192 |
+
MATH_BIGINTEGER_VARIABLE => array(),
|
2193 |
+
MATH_BIGINTEGER_DATA => array()
|
2194 |
+
);
|
2195 |
+
|
2196 |
+
if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
|
2197 |
+
$key = count($cache[MATH_BIGINTEGER_VARIABLE]);
|
2198 |
+
$cache[MATH_BIGINTEGER_VARIABLE][] = $m;
|
2199 |
+
$cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($m);
|
2200 |
+
}
|
2201 |
+
|
2202 |
+
$n = max(count($x), count($y), count($m));
|
2203 |
+
$x = array_pad($x, $n, 0);
|
2204 |
+
$y = array_pad($y, $n, 0);
|
2205 |
+
$m = array_pad($m, $n, 0);
|
2206 |
+
$a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1));
|
2207 |
+
for ($i = 0; $i < $n; ++$i) {
|
2208 |
+
$temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] * $y[0];
|
2209 |
+
$temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
|
2210 |
+
$temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key];
|
2211 |
+
$temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
|
2212 |
+
$temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false);
|
2213 |
+
$a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false);
|
2214 |
+
$a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1);
|
2215 |
+
}
|
2216 |
+
if ($this->_compare($a[MATH_BIGINTEGER_VALUE], false, $m, false) >= 0) {
|
2217 |
+
$a = $this->_subtract($a[MATH_BIGINTEGER_VALUE], false, $m, false);
|
2218 |
+
}
|
2219 |
+
return $a[MATH_BIGINTEGER_VALUE];
|
2220 |
+
}
|
2221 |
+
|
2222 |
+
/**
|
2223 |
+
* Prepare a number for use in Montgomery Modular Reductions
|
2224 |
+
*
|
2225 |
+
* @see _montgomery()
|
2226 |
+
* @see _slidingWindow()
|
2227 |
+
* @access private
|
2228 |
+
* @param Array $x
|
2229 |
+
* @param Array $n
|
2230 |
+
* @return Array
|
2231 |
+
*/
|
2232 |
+
function _prepMontgomery($x, $n)
|
2233 |
+
{
|
2234 |
+
$lhs = new Math_BigInteger();
|
2235 |
+
$lhs->value = array_merge($this->_array_repeat(0, count($n)), $x);
|
2236 |
+
$rhs = new Math_BigInteger();
|
2237 |
+
$rhs->value = $n;
|
2238 |
+
|
2239 |
+
list(, $temp) = $lhs->divide($rhs);
|
2240 |
+
return $temp->value;
|
2241 |
+
}
|
2242 |
+
|
2243 |
+
/**
|
2244 |
+
* Modular Inverse of a number mod 2**26 (eg. 67108864)
|
2245 |
+
*
|
2246 |
+
* Based off of the bnpInvDigit function implemented and justified in the following URL:
|
2247 |
+
*
|
2248 |
+
* {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js}
|
2249 |
+
*
|
2250 |
+
* The following URL provides more info:
|
2251 |
+
*
|
2252 |
+
* {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85}
|
2253 |
+
*
|
2254 |
+
* As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For
|
2255 |
+
* instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields
|
2256 |
+
* int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't
|
2257 |
+
* auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that
|
2258 |
+
* the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the
|
2259 |
+
* maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to
|
2260 |
+
* 40 bits, which only 64-bit floating points will support.
|
2261 |
+
*
|
2262 |
+
* Thanks to Pedro Gimeno Fortea for input!
|
2263 |
+
*
|
2264 |
+
* @see _montgomery()
|
2265 |
+
* @access private
|
2266 |
+
* @param Array $x
|
2267 |
+
* @return Integer
|
2268 |
+
*/
|
2269 |
+
function _modInverse67108864($x) // 2**26 == 67108864
|
2270 |
+
{
|
2271 |
+
$x = -$x[0];
|
2272 |
+
$result = $x & 0x3; // x**-1 mod 2**2
|
2273 |
+
$result = ($result * (2 - $x * $result)) & 0xF; // x**-1 mod 2**4
|
2274 |
+
$result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x**-1 mod 2**8
|
2275 |
+
$result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x**-1 mod 2**16
|
2276 |
+
$result = fmod($result * (2 - fmod($x * $result, 0x4000000)), 0x4000000); // x**-1 mod 2**26
|
2277 |
+
return $result & 0x3FFFFFF;
|
2278 |
+
}
|
2279 |
+
|
2280 |
+
/**
|
2281 |
+
* Calculates modular inverses.
|
2282 |
+
*
|
2283 |
+
* Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses.
|
2284 |
+
*
|
2285 |
+
* Here's an example:
|
2286 |
+
* <code>
|
2287 |
+
* <?php
|
2288 |
+
* include('Math/BigInteger.php');
|
2289 |
+
*
|
2290 |
+
* $a = new Math_BigInteger(30);
|
2291 |
+
* $b = new Math_BigInteger(17);
|
2292 |
+
*
|
2293 |
+
* $c = $a->modInverse($b);
|
2294 |
+
* echo $c->toString(); // outputs 4
|
2295 |
+
*
|
2296 |
+
* echo "\r\n";
|
2297 |
+
*
|
2298 |
+
* $d = $a->multiply($c);
|
2299 |
+
* list(, $d) = $d->divide($b);
|
2300 |
+
* echo $d; // outputs 1 (as per the definition of modular inverse)
|
2301 |
+
* ?>
|
2302 |
+
* </code>
|
2303 |
+
*
|
2304 |
+
* @param Math_BigInteger $n
|
2305 |
+
* @return mixed false, if no modular inverse exists, Math_BigInteger, otherwise.
|
2306 |
+
* @access public
|
2307 |
+
* @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information.
|
2308 |
+
*/
|
2309 |
+
function modInverse($n)
|
2310 |
+
{
|
2311 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2312 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2313 |
+
$temp = new Math_BigInteger();
|
2314 |
+
$temp->value = gmp_invert($this->value, $n->value);
|
2315 |
+
|
2316 |
+
return ( $temp->value === false ) ? false : $this->_normalize($temp);
|
2317 |
+
}
|
2318 |
+
|
2319 |
+
static $zero, $one;
|
2320 |
+
if (!isset($zero)) {
|
2321 |
+
$zero = new Math_BigInteger();
|
2322 |
+
$one = new Math_BigInteger(1);
|
2323 |
+
}
|
2324 |
+
|
2325 |
+
// $x mod $n == $x mod -$n.
|
2326 |
+
$n = $n->abs();
|
2327 |
+
|
2328 |
+
if ($this->compare($zero) < 0) {
|
2329 |
+
$temp = $this->abs();
|
2330 |
+
$temp = $temp->modInverse($n);
|
2331 |
+
return $negated === false ? false : $this->_normalize($n->subtract($temp));
|
2332 |
+
}
|
2333 |
+
|
2334 |
+
extract($this->extendedGCD($n));
|
2335 |
+
|
2336 |
+
if (!$gcd->equals($one)) {
|
2337 |
+
return false;
|
2338 |
+
}
|
2339 |
+
|
2340 |
+
$x = $x->compare($zero) < 0 ? $x->add($n) : $x;
|
2341 |
+
|
2342 |
+
return $this->compare($zero) < 0 ? $this->_normalize($n->subtract($x)) : $this->_normalize($x);
|
2343 |
+
}
|
2344 |
+
|
2345 |
+
/**
|
2346 |
+
* Calculates the greatest common divisor and B�zout's identity.
|
2347 |
+
*
|
2348 |
+
* Say you have 693 and 609. The GCD is 21. B�zout's identity states that there exist integers x and y such that
|
2349 |
+
* 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which
|
2350 |
+
* combination is returned is dependant upon which mode is in use. See
|
2351 |
+
* {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity B�zout's identity - Wikipedia} for more information.
|
2352 |
+
*
|
2353 |
+
* Here's an example:
|
2354 |
+
* <code>
|
2355 |
+
* <?php
|
2356 |
+
* include('Math/BigInteger.php');
|
2357 |
+
*
|
2358 |
+
* $a = new Math_BigInteger(693);
|
2359 |
+
* $b = new Math_BigInteger(609);
|
2360 |
+
*
|
2361 |
+
* extract($a->extendedGCD($b));
|
2362 |
+
*
|
2363 |
+
* echo $gcd->toString() . "\r\n"; // outputs 21
|
2364 |
+
* echo $a->toString() * $x->toString() + $b->toString() * $y->toString(); // outputs 21
|
2365 |
+
* ?>
|
2366 |
+
* </code>
|
2367 |
+
*
|
2368 |
+
* @param Math_BigInteger $n
|
2369 |
+
* @return Math_BigInteger
|
2370 |
+
* @access public
|
2371 |
+
* @internal Calculates the GCD using the binary xGCD algorithim described in
|
2372 |
+
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes,
|
2373 |
+
* the more traditional algorithim requires "relatively costly multiple-precision divisions".
|
2374 |
+
*/
|
2375 |
+
function extendedGCD($n)
|
2376 |
+
{
|
2377 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2378 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2379 |
+
extract(gmp_gcdext($this->value, $n->value));
|
2380 |
+
|
2381 |
+
return array(
|
2382 |
+
'gcd' => $this->_normalize(new Math_BigInteger($g)),
|
2383 |
+
'x' => $this->_normalize(new Math_BigInteger($s)),
|
2384 |
+
'y' => $this->_normalize(new Math_BigInteger($t))
|
2385 |
+
);
|
2386 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2387 |
+
// it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works
|
2388 |
+
// best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is,
|
2389 |
+
// the basic extended euclidean algorithim is what we're using.
|
2390 |
+
|
2391 |
+
$u = $this->value;
|
2392 |
+
$v = $n->value;
|
2393 |
+
|
2394 |
+
$a = '1';
|
2395 |
+
$b = '0';
|
2396 |
+
$c = '0';
|
2397 |
+
$d = '1';
|
2398 |
+
|
2399 |
+
while (bccomp($v, '0', 0) != 0) {
|
2400 |
+
$q = bcdiv($u, $v, 0);
|
2401 |
+
|
2402 |
+
$temp = $u;
|
2403 |
+
$u = $v;
|
2404 |
+
$v = bcsub($temp, bcmul($v, $q, 0), 0);
|
2405 |
+
|
2406 |
+
$temp = $a;
|
2407 |
+
$a = $c;
|
2408 |
+
$c = bcsub($temp, bcmul($a, $q, 0), 0);
|
2409 |
+
|
2410 |
+
$temp = $b;
|
2411 |
+
$b = $d;
|
2412 |
+
$d = bcsub($temp, bcmul($b, $q, 0), 0);
|
2413 |
+
}
|
2414 |
+
|
2415 |
+
return array(
|
2416 |
+
'gcd' => $this->_normalize(new Math_BigInteger($u)),
|
2417 |
+
'x' => $this->_normalize(new Math_BigInteger($a)),
|
2418 |
+
'y' => $this->_normalize(new Math_BigInteger($b))
|
2419 |
+
);
|
2420 |
+
}
|
2421 |
+
|
2422 |
+
$y = $n->copy();
|
2423 |
+
$x = $this->copy();
|
2424 |
+
$g = new Math_BigInteger();
|
2425 |
+
$g->value = array(1);
|
2426 |
+
|
2427 |
+
while ( !(($x->value[0] & 1)|| ($y->value[0] & 1)) ) {
|
2428 |
+
$x->_rshift(1);
|
2429 |
+
$y->_rshift(1);
|
2430 |
+
$g->_lshift(1);
|
2431 |
+
}
|
2432 |
+
|
2433 |
+
$u = $x->copy();
|
2434 |
+
$v = $y->copy();
|
2435 |
+
|
2436 |
+
$a = new Math_BigInteger();
|
2437 |
+
$b = new Math_BigInteger();
|
2438 |
+
$c = new Math_BigInteger();
|
2439 |
+
$d = new Math_BigInteger();
|
2440 |
+
|
2441 |
+
$a->value = $d->value = $g->value = array(1);
|
2442 |
+
$b->value = $c->value = array();
|
2443 |
+
|
2444 |
+
while ( !empty($u->value) ) {
|
2445 |
+
while ( !($u->value[0] & 1) ) {
|
2446 |
+
$u->_rshift(1);
|
2447 |
+
if ( (!empty($a->value) && ($a->value[0] & 1)) || (!empty($b->value) && ($b->value[0] & 1)) ) {
|
2448 |
+
$a = $a->add($y);
|
2449 |
+
$b = $b->subtract($x);
|
2450 |
+
}
|
2451 |
+
$a->_rshift(1);
|
2452 |
+
$b->_rshift(1);
|
2453 |
+
}
|
2454 |
+
|
2455 |
+
while ( !($v->value[0] & 1) ) {
|
2456 |
+
$v->_rshift(1);
|
2457 |
+
if ( (!empty($d->value) && ($d->value[0] & 1)) || (!empty($c->value) && ($c->value[0] & 1)) ) {
|
2458 |
+
$c = $c->add($y);
|
2459 |
+
$d = $d->subtract($x);
|
2460 |
+
}
|
2461 |
+
$c->_rshift(1);
|
2462 |
+
$d->_rshift(1);
|
2463 |
+
}
|
2464 |
+
|
2465 |
+
if ($u->compare($v) >= 0) {
|
2466 |
+
$u = $u->subtract($v);
|
2467 |
+
$a = $a->subtract($c);
|
2468 |
+
$b = $b->subtract($d);
|
2469 |
+
} else {
|
2470 |
+
$v = $v->subtract($u);
|
2471 |
+
$c = $c->subtract($a);
|
2472 |
+
$d = $d->subtract($b);
|
2473 |
+
}
|
2474 |
+
}
|
2475 |
+
|
2476 |
+
return array(
|
2477 |
+
'gcd' => $this->_normalize($g->multiply($v)),
|
2478 |
+
'x' => $this->_normalize($c),
|
2479 |
+
'y' => $this->_normalize($d)
|
2480 |
+
);
|
2481 |
+
}
|
2482 |
+
|
2483 |
+
/**
|
2484 |
+
* Calculates the greatest common divisor
|
2485 |
+
*
|
2486 |
+
* Say you have 693 and 609. The GCD is 21.
|
2487 |
+
*
|
2488 |
+
* Here's an example:
|
2489 |
+
* <code>
|
2490 |
+
* <?php
|
2491 |
+
* include('Math/BigInteger.php');
|
2492 |
+
*
|
2493 |
+
* $a = new Math_BigInteger(693);
|
2494 |
+
* $b = new Math_BigInteger(609);
|
2495 |
+
*
|
2496 |
+
* $gcd = a->extendedGCD($b);
|
2497 |
+
*
|
2498 |
+
* echo $gcd->toString() . "\r\n"; // outputs 21
|
2499 |
+
* ?>
|
2500 |
+
* </code>
|
2501 |
+
*
|
2502 |
+
* @param Math_BigInteger $n
|
2503 |
+
* @return Math_BigInteger
|
2504 |
+
* @access public
|
2505 |
+
*/
|
2506 |
+
function gcd($n)
|
2507 |
+
{
|
2508 |
+
extract($this->extendedGCD($n));
|
2509 |
+
return $gcd;
|
2510 |
+
}
|
2511 |
+
|
2512 |
+
/**
|
2513 |
+
* Absolute value.
|
2514 |
+
*
|
2515 |
+
* @return Math_BigInteger
|
2516 |
+
* @access public
|
2517 |
+
*/
|
2518 |
+
function abs()
|
2519 |
+
{
|
2520 |
+
$temp = new Math_BigInteger();
|
2521 |
+
|
2522 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2523 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2524 |
+
$temp->value = gmp_abs($this->value);
|
2525 |
+
break;
|
2526 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2527 |
+
$temp->value = (bccomp($this->value, '0', 0) < 0) ? substr($this->value, 1) : $this->value;
|
2528 |
+
break;
|
2529 |
+
default:
|
2530 |
+
$temp->value = $this->value;
|
2531 |
+
}
|
2532 |
+
|
2533 |
+
return $temp;
|
2534 |
+
}
|
2535 |
+
|
2536 |
+
/**
|
2537 |
+
* Compares two numbers.
|
2538 |
+
*
|
2539 |
+
* Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is
|
2540 |
+
* demonstrated thusly:
|
2541 |
+
*
|
2542 |
+
* $x > $y: $x->compare($y) > 0
|
2543 |
+
* $x < $y: $x->compare($y) < 0
|
2544 |
+
* $x == $y: $x->compare($y) == 0
|
2545 |
+
*
|
2546 |
+
* Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y).
|
2547 |
+
*
|
2548 |
+
* @param Math_BigInteger $x
|
2549 |
+
* @return Integer < 0 if $this is less than $x; > 0 if $this is greater than $x, and 0 if they are equal.
|
2550 |
+
* @access public
|
2551 |
+
* @see equals()
|
2552 |
+
* @internal Could return $this->subtract($x), but that's not as fast as what we do do.
|
2553 |
+
*/
|
2554 |
+
function compare($y)
|
2555 |
+
{
|
2556 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2557 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2558 |
+
return gmp_cmp($this->value, $y->value);
|
2559 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2560 |
+
return bccomp($this->value, $y->value, 0);
|
2561 |
+
}
|
2562 |
+
|
2563 |
+
return $this->_compare($this->value, $this->is_negative, $y->value, $y->is_negative);
|
2564 |
+
}
|
2565 |
+
|
2566 |
+
/**
|
2567 |
+
* Compares two numbers.
|
2568 |
+
*
|
2569 |
+
* @param Array $x_value
|
2570 |
+
* @param Boolean $x_negative
|
2571 |
+
* @param Array $y_value
|
2572 |
+
* @param Boolean $y_negative
|
2573 |
+
* @return Integer
|
2574 |
+
* @see compare()
|
2575 |
+
* @access private
|
2576 |
+
*/
|
2577 |
+
function _compare($x_value, $x_negative, $y_value, $y_negative)
|
2578 |
+
{
|
2579 |
+
if ( $x_negative != $y_negative ) {
|
2580 |
+
return ( !$x_negative && $y_negative ) ? 1 : -1;
|
2581 |
+
}
|
2582 |
+
|
2583 |
+
$result = $x_negative ? -1 : 1;
|
2584 |
+
|
2585 |
+
if ( count($x_value) != count($y_value) ) {
|
2586 |
+
return ( count($x_value) > count($y_value) ) ? $result : -$result;
|
2587 |
+
}
|
2588 |
+
$size = max(count($x_value), count($y_value));
|
2589 |
+
|
2590 |
+
$x_value = array_pad($x_value, $size, 0);
|
2591 |
+
$y_value = array_pad($y_value, $size, 0);
|
2592 |
+
|
2593 |
+
for ($i = count($x_value) - 1; $i >= 0; --$i) {
|
2594 |
+
if ($x_value[$i] != $y_value[$i]) {
|
2595 |
+
return ( $x_value[$i] > $y_value[$i] ) ? $result : -$result;
|
2596 |
+
}
|
2597 |
+
}
|
2598 |
+
|
2599 |
+
return 0;
|
2600 |
+
}
|
2601 |
+
|
2602 |
+
/**
|
2603 |
+
* Tests the equality of two numbers.
|
2604 |
+
*
|
2605 |
+
* If you need to see if one number is greater than or less than another number, use Math_BigInteger::compare()
|
2606 |
+
*
|
2607 |
+
* @param Math_BigInteger $x
|
2608 |
+
* @return Boolean
|
2609 |
+
* @access public
|
2610 |
+
* @see compare()
|
2611 |
+
*/
|
2612 |
+
function equals($x)
|
2613 |
+
{
|
2614 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2615 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2616 |
+
return gmp_cmp($this->value, $x->value) == 0;
|
2617 |
+
default:
|
2618 |
+
return $this->value === $x->value && $this->is_negative == $x->is_negative;
|
2619 |
+
}
|
2620 |
+
}
|
2621 |
+
|
2622 |
+
/**
|
2623 |
+
* Set Precision
|
2624 |
+
*
|
2625 |
+
* Some bitwise operations give different results depending on the precision being used. Examples include left
|
2626 |
+
* shift, not, and rotates.
|
2627 |
+
*
|
2628 |
+
* @param Math_BigInteger $x
|
2629 |
+
* @access public
|
2630 |
+
* @return Math_BigInteger
|
2631 |
+
*/
|
2632 |
+
function setPrecision($bits)
|
2633 |
+
{
|
2634 |
+
$this->precision = $bits;
|
2635 |
+
if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ) {
|
2636 |
+
$this->bitmask = new Math_BigInteger(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256);
|
2637 |
+
} else {
|
2638 |
+
$this->bitmask = new Math_BigInteger(bcpow('2', $bits, 0));
|
2639 |
+
}
|
2640 |
+
|
2641 |
+
$temp = $this->_normalize($this);
|
2642 |
+
$this->value = $temp->value;
|
2643 |
+
}
|
2644 |
+
|
2645 |
+
/**
|
2646 |
+
* Logical And
|
2647 |
+
*
|
2648 |
+
* @param Math_BigInteger $x
|
2649 |
+
* @access public
|
2650 |
+
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2651 |
+
* @return Math_BigInteger
|
2652 |
+
*/
|
2653 |
+
function bitwise_and($x)
|
2654 |
+
{
|
2655 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2656 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2657 |
+
$temp = new Math_BigInteger();
|
2658 |
+
$temp->value = gmp_and($this->value, $x->value);
|
2659 |
+
|
2660 |
+
return $this->_normalize($temp);
|
2661 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2662 |
+
$left = $this->toBytes();
|
2663 |
+
$right = $x->toBytes();
|
2664 |
+
|
2665 |
+
$length = max(strlen($left), strlen($right));
|
2666 |
+
|
2667 |
+
$left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
|
2668 |
+
$right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
|
2669 |
+
|
2670 |
+
return $this->_normalize(new Math_BigInteger($left & $right, 256));
|
2671 |
+
}
|
2672 |
+
|
2673 |
+
$result = $this->copy();
|
2674 |
+
|
2675 |
+
$length = min(count($x->value), count($this->value));
|
2676 |
+
|
2677 |
+
$result->value = array_slice($result->value, 0, $length);
|
2678 |
+
|
2679 |
+
for ($i = 0; $i < $length; ++$i) {
|
2680 |
+
$result->value[$i] = $result->value[$i] & $x->value[$i];
|
2681 |
+
}
|
2682 |
+
|
2683 |
+
return $this->_normalize($result);
|
2684 |
+
}
|
2685 |
+
|
2686 |
+
/**
|
2687 |
+
* Logical Or
|
2688 |
+
*
|
2689 |
+
* @param Math_BigInteger $x
|
2690 |
+
* @access public
|
2691 |
+
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2692 |
+
* @return Math_BigInteger
|
2693 |
+
*/
|
2694 |
+
function bitwise_or($x)
|
2695 |
+
{
|
2696 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2697 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2698 |
+
$temp = new Math_BigInteger();
|
2699 |
+
$temp->value = gmp_or($this->value, $x->value);
|
2700 |
+
|
2701 |
+
return $this->_normalize($temp);
|
2702 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2703 |
+
$left = $this->toBytes();
|
2704 |
+
$right = $x->toBytes();
|
2705 |
+
|
2706 |
+
$length = max(strlen($left), strlen($right));
|
2707 |
+
|
2708 |
+
$left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
|
2709 |
+
$right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
|
2710 |
+
|
2711 |
+
return $this->_normalize(new Math_BigInteger($left | $right, 256));
|
2712 |
+
}
|
2713 |
+
|
2714 |
+
$length = max(count($this->value), count($x->value));
|
2715 |
+
$result = $this->copy();
|
2716 |
+
$result->value = array_pad($result->value, 0, $length);
|
2717 |
+
$x->value = array_pad($x->value, 0, $length);
|
2718 |
+
|
2719 |
+
for ($i = 0; $i < $length; ++$i) {
|
2720 |
+
$result->value[$i] = $this->value[$i] | $x->value[$i];
|
2721 |
+
}
|
2722 |
+
|
2723 |
+
return $this->_normalize($result);
|
2724 |
+
}
|
2725 |
+
|
2726 |
+
/**
|
2727 |
+
* Logical Exclusive-Or
|
2728 |
+
*
|
2729 |
+
* @param Math_BigInteger $x
|
2730 |
+
* @access public
|
2731 |
+
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2732 |
+
* @return Math_BigInteger
|
2733 |
+
*/
|
2734 |
+
function bitwise_xor($x)
|
2735 |
+
{
|
2736 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2737 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2738 |
+
$temp = new Math_BigInteger();
|
2739 |
+
$temp->value = gmp_xor($this->value, $x->value);
|
2740 |
+
|
2741 |
+
return $this->_normalize($temp);
|
2742 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2743 |
+
$left = $this->toBytes();
|
2744 |
+
$right = $x->toBytes();
|
2745 |
+
|
2746 |
+
$length = max(strlen($left), strlen($right));
|
2747 |
+
|
2748 |
+
$left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
|
2749 |
+
$right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
|
2750 |
+
|
2751 |
+
return $this->_normalize(new Math_BigInteger($left ^ $right, 256));
|
2752 |
+
}
|
2753 |
+
|
2754 |
+
$length = max(count($this->value), count($x->value));
|
2755 |
+
$result = $this->copy();
|
2756 |
+
$result->value = array_pad($result->value, 0, $length);
|
2757 |
+
$x->value = array_pad($x->value, 0, $length);
|
2758 |
+
|
2759 |
+
for ($i = 0; $i < $length; ++$i) {
|
2760 |
+
$result->value[$i] = $this->value[$i] ^ $x->value[$i];
|
2761 |
+
}
|
2762 |
+
|
2763 |
+
return $this->_normalize($result);
|
2764 |
+
}
|
2765 |
+
|
2766 |
+
/**
|
2767 |
+
* Logical Not
|
2768 |
+
*
|
2769 |
+
* @access public
|
2770 |
+
* @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
|
2771 |
+
* @return Math_BigInteger
|
2772 |
+
*/
|
2773 |
+
function bitwise_not()
|
2774 |
+
{
|
2775 |
+
// calculuate "not" without regard to $this->precision
|
2776 |
+
// (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0)
|
2777 |
+
$temp = $this->toBytes();
|
2778 |
+
$pre_msb = decbin(ord($temp[0]));
|
2779 |
+
$temp = ~$temp;
|
2780 |
+
$msb = decbin(ord($temp[0]));
|
2781 |
+
if (strlen($msb) == 8) {
|
2782 |
+
$msb = substr($msb, strpos($msb, '0'));
|
2783 |
+
}
|
2784 |
+
$temp[0] = chr(bindec($msb));
|
2785 |
+
|
2786 |
+
// see if we need to add extra leading 1's
|
2787 |
+
$current_bits = strlen($pre_msb) + 8 * strlen($temp) - 8;
|
2788 |
+
$new_bits = $this->precision - $current_bits;
|
2789 |
+
if ($new_bits <= 0) {
|
2790 |
+
return $this->_normalize(new Math_BigInteger($temp, 256));
|
2791 |
+
}
|
2792 |
+
|
2793 |
+
// generate as many leading 1's as we need to.
|
2794 |
+
$leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3);
|
2795 |
+
$this->_base256_lshift($leading_ones, $current_bits);
|
2796 |
+
|
2797 |
+
$temp = str_pad($temp, ceil($this->bits / 8), chr(0), STR_PAD_LEFT);
|
2798 |
+
|
2799 |
+
return $this->_normalize(new Math_BigInteger($leading_ones | $temp, 256));
|
2800 |
+
}
|
2801 |
+
|
2802 |
+
/**
|
2803 |
+
* Logical Right Shift
|
2804 |
+
*
|
2805 |
+
* Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift.
|
2806 |
+
*
|
2807 |
+
* @param Integer $shift
|
2808 |
+
* @return Math_BigInteger
|
2809 |
+
* @access public
|
2810 |
+
* @internal The only version that yields any speed increases is the internal version.
|
2811 |
+
*/
|
2812 |
+
function bitwise_rightShift($shift)
|
2813 |
+
{
|
2814 |
+
$temp = new Math_BigInteger();
|
2815 |
+
|
2816 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2817 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2818 |
+
static $two;
|
2819 |
+
|
2820 |
+
if (!isset($two)) {
|
2821 |
+
$two = gmp_init('2');
|
2822 |
+
}
|
2823 |
+
|
2824 |
+
$temp->value = gmp_div_q($this->value, gmp_pow($two, $shift));
|
2825 |
+
|
2826 |
+
break;
|
2827 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2828 |
+
$temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0);
|
2829 |
+
|
2830 |
+
break;
|
2831 |
+
default: // could just replace _lshift with this, but then all _lshift() calls would need to be rewritten
|
2832 |
+
// and I don't want to do that...
|
2833 |
+
$temp->value = $this->value;
|
2834 |
+
$temp->_rshift($shift);
|
2835 |
+
}
|
2836 |
+
|
2837 |
+
return $this->_normalize($temp);
|
2838 |
+
}
|
2839 |
+
|
2840 |
+
/**
|
2841 |
+
* Logical Left Shift
|
2842 |
+
*
|
2843 |
+
* Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift.
|
2844 |
+
*
|
2845 |
+
* @param Integer $shift
|
2846 |
+
* @return Math_BigInteger
|
2847 |
+
* @access public
|
2848 |
+
* @internal The only version that yields any speed increases is the internal version.
|
2849 |
+
*/
|
2850 |
+
function bitwise_leftShift($shift)
|
2851 |
+
{
|
2852 |
+
$temp = new Math_BigInteger();
|
2853 |
+
|
2854 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
2855 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
2856 |
+
static $two;
|
2857 |
+
|
2858 |
+
if (!isset($two)) {
|
2859 |
+
$two = gmp_init('2');
|
2860 |
+
}
|
2861 |
+
|
2862 |
+
$temp->value = gmp_mul($this->value, gmp_pow($two, $shift));
|
2863 |
+
|
2864 |
+
break;
|
2865 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
2866 |
+
$temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0);
|
2867 |
+
|
2868 |
+
break;
|
2869 |
+
default: // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten
|
2870 |
+
// and I don't want to do that...
|
2871 |
+
$temp->value = $this->value;
|
2872 |
+
$temp->_lshift($shift);
|
2873 |
+
}
|
2874 |
+
|
2875 |
+
return $this->_normalize($temp);
|
2876 |
+
}
|
2877 |
+
|
2878 |
+
/**
|
2879 |
+
* Logical Left Rotate
|
2880 |
+
*
|
2881 |
+
* Instead of the top x bits being dropped they're appended to the shifted bit string.
|
2882 |
+
*
|
2883 |
+
* @param Integer $shift
|
2884 |
+
* @return Math_BigInteger
|
2885 |
+
* @access public
|
2886 |
+
*/
|
2887 |
+
function bitwise_leftRotate($shift)
|
2888 |
+
{
|
2889 |
+
$bits = $this->toBytes();
|
2890 |
+
|
2891 |
+
if ($this->precision > 0) {
|
2892 |
+
$precision = $this->precision;
|
2893 |
+
if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
|
2894 |
+
$mask = $this->bitmask->subtract(new Math_BigInteger(1));
|
2895 |
+
$mask = $mask->toBytes();
|
2896 |
+
} else {
|
2897 |
+
$mask = $this->bitmask->toBytes();
|
2898 |
+
}
|
2899 |
+
} else {
|
2900 |
+
$temp = ord($bits[0]);
|
2901 |
+
for ($i = 0; $temp >> $i; ++$i);
|
2902 |
+
$precision = 8 * strlen($bits) - 8 + $i;
|
2903 |
+
$mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3);
|
2904 |
+
}
|
2905 |
+
|
2906 |
+
if ($shift < 0) {
|
2907 |
+
$shift+= $precision;
|
2908 |
+
}
|
2909 |
+
$shift%= $precision;
|
2910 |
+
|
2911 |
+
if (!$shift) {
|
2912 |
+
return $this->copy();
|
2913 |
+
}
|
2914 |
+
|
2915 |
+
$left = $this->bitwise_leftShift($shift);
|
2916 |
+
$left = $left->bitwise_and(new Math_BigInteger($mask, 256));
|
2917 |
+
$right = $this->bitwise_rightShift($precision - $shift);
|
2918 |
+
$result = MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right);
|
2919 |
+
return $this->_normalize($result);
|
2920 |
+
}
|
2921 |
+
|
2922 |
+
/**
|
2923 |
+
* Logical Right Rotate
|
2924 |
+
*
|
2925 |
+
* Instead of the bottom x bits being dropped they're prepended to the shifted bit string.
|
2926 |
+
*
|
2927 |
+
* @param Integer $shift
|
2928 |
+
* @return Math_BigInteger
|
2929 |
+
* @access public
|
2930 |
+
*/
|
2931 |
+
function bitwise_rightRotate($shift)
|
2932 |
+
{
|
2933 |
+
return $this->bitwise_leftRotate(-$shift);
|
2934 |
+
}
|
2935 |
+
|
2936 |
+
/**
|
2937 |
+
* Set random number generator function
|
2938 |
+
*
|
2939 |
+
* $generator should be the name of a random generating function whose first parameter is the minimum
|
2940 |
+
* value and whose second parameter is the maximum value. If this function needs to be seeded, it should
|
2941 |
+
* be seeded prior to calling Math_BigInteger::random() or Math_BigInteger::randomPrime()
|
2942 |
+
*
|
2943 |
+
* If the random generating function is not explicitly set, it'll be assumed to be mt_rand().
|
2944 |
+
*
|
2945 |
+
* @see random()
|
2946 |
+
* @see randomPrime()
|
2947 |
+
* @param optional String $generator
|
2948 |
+
* @access public
|
2949 |
+
*/
|
2950 |
+
function setRandomGenerator($generator)
|
2951 |
+
{
|
2952 |
+
$this->generator = $generator;
|
2953 |
+
}
|
2954 |
+
|
2955 |
+
/**
|
2956 |
+
* Generate a random number
|
2957 |
+
*
|
2958 |
+
* @param optional Integer $min
|
2959 |
+
* @param optional Integer $max
|
2960 |
+
* @return Math_BigInteger
|
2961 |
+
* @access public
|
2962 |
+
*/
|
2963 |
+
function random($min = false, $max = false)
|
2964 |
+
{
|
2965 |
+
if ($min === false) {
|
2966 |
+
$min = new Math_BigInteger(0);
|
2967 |
+
}
|
2968 |
+
|
2969 |
+
if ($max === false) {
|
2970 |
+
$max = new Math_BigInteger(0x7FFFFFFF);
|
2971 |
+
}
|
2972 |
+
|
2973 |
+
$compare = $max->compare($min);
|
2974 |
+
|
2975 |
+
if (!$compare) {
|
2976 |
+
return $this->_normalize($min);
|
2977 |
+
} else if ($compare < 0) {
|
2978 |
+
// if $min is bigger then $max, swap $min and $max
|
2979 |
+
$temp = $max;
|
2980 |
+
$max = $min;
|
2981 |
+
$min = $temp;
|
2982 |
+
}
|
2983 |
+
|
2984 |
+
$generator = $this->generator;
|
2985 |
+
|
2986 |
+
$max = $max->subtract($min);
|
2987 |
+
$max = ltrim($max->toBytes(), chr(0));
|
2988 |
+
$size = strlen($max) - 1;
|
2989 |
+
$random = '';
|
2990 |
+
|
2991 |
+
$bytes = $size & 1;
|
2992 |
+
for ($i = 0; $i < $bytes; ++$i) {
|
2993 |
+
$random.= chr($generator(0, 255));
|
2994 |
+
}
|
2995 |
+
|
2996 |
+
$blocks = $size >> 1;
|
2997 |
+
for ($i = 0; $i < $blocks; ++$i) {
|
2998 |
+
// mt_rand(-2147483648, 0x7FFFFFFF) always produces -2147483648 on some systems
|
2999 |
+
$random.= pack('n', $generator(0, 0xFFFF));
|
3000 |
+
}
|
3001 |
+
|
3002 |
+
$temp = new Math_BigInteger($random, 256);
|
3003 |
+
if ($temp->compare(new Math_BigInteger(substr($max, 1), 256)) > 0) {
|
3004 |
+
$random = chr($generator(0, ord($max[0]) - 1)) . $random;
|
3005 |
+
} else {
|
3006 |
+
$random = chr($generator(0, ord($max[0]) )) . $random;
|
3007 |
+
}
|
3008 |
+
|
3009 |
+
$random = new Math_BigInteger($random, 256);
|
3010 |
+
|
3011 |
+
return $this->_normalize($random->add($min));
|
3012 |
+
}
|
3013 |
+
|
3014 |
+
/**
|
3015 |
+
* Generate a random prime number.
|
3016 |
+
*
|
3017 |
+
* If there's not a prime within the given range, false will be returned. If more than $timeout seconds have elapsed,
|
3018 |
+
* give up and return false.
|
3019 |
+
*
|
3020 |
+
* @param optional Integer $min
|
3021 |
+
* @param optional Integer $max
|
3022 |
+
* @param optional Integer $timeout
|
3023 |
+
* @return Math_BigInteger
|
3024 |
+
* @access public
|
3025 |
+
* @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}.
|
3026 |
+
*/
|
3027 |
+
function randomPrime($min = false, $max = false, $timeout = false)
|
3028 |
+
{
|
3029 |
+
$compare = $max->compare($min);
|
3030 |
+
|
3031 |
+
if (!$compare) {
|
3032 |
+
return $min;
|
3033 |
+
} else if ($compare < 0) {
|
3034 |
+
// if $min is bigger then $max, swap $min and $max
|
3035 |
+
$temp = $max;
|
3036 |
+
$max = $min;
|
3037 |
+
$min = $temp;
|
3038 |
+
}
|
3039 |
+
|
3040 |
+
// gmp_nextprime() requires PHP 5 >= 5.2.0 per <http://php.net/gmp-nextprime>.
|
3041 |
+
if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && function_exists('gmp_nextprime') ) {
|
3042 |
+
// we don't rely on Math_BigInteger::random()'s min / max when gmp_nextprime() is being used since this function
|
3043 |
+
// does its own checks on $max / $min when gmp_nextprime() is used. When gmp_nextprime() is not used, however,
|
3044 |
+
// the same $max / $min checks are not performed.
|
3045 |
+
if ($min === false) {
|
3046 |
+
$min = new Math_BigInteger(0);
|
3047 |
+
}
|
3048 |
+
|
3049 |
+
if ($max === false) {
|
3050 |
+
$max = new Math_BigInteger(0x7FFFFFFF);
|
3051 |
+
}
|
3052 |
+
|
3053 |
+
$x = $this->random($min, $max);
|
3054 |
+
|
3055 |
+
$x->value = gmp_nextprime($x->value);
|
3056 |
+
|
3057 |
+
if ($x->compare($max) <= 0) {
|
3058 |
+
return $x;
|
3059 |
+
}
|
3060 |
+
|
3061 |
+
$x->value = gmp_nextprime($min->value);
|
3062 |
+
|
3063 |
+
if ($x->compare($max) <= 0) {
|
3064 |
+
return $x;
|
3065 |
+
}
|
3066 |
+
|
3067 |
+
return false;
|
3068 |
+
}
|
3069 |
+
|
3070 |
+
static $one, $two;
|
3071 |
+
if (!isset($one)) {
|
3072 |
+
$one = new Math_BigInteger(1);
|
3073 |
+
$two = new Math_BigInteger(2);
|
3074 |
+
}
|
3075 |
+
|
3076 |
+
$start = time();
|
3077 |
+
|
3078 |
+
$x = $this->random($min, $max);
|
3079 |
+
if ($x->equals($two)) {
|
3080 |
+
return $x;
|
3081 |
+
}
|
3082 |
+
|
3083 |
+
$x->_make_odd();
|
3084 |
+
if ($x->compare($max) > 0) {
|
3085 |
+
// if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range
|
3086 |
+
if ($min->equals($max)) {
|
3087 |
+
return false;
|
3088 |
+
}
|
3089 |
+
$x = $min->copy();
|
3090 |
+
$x->_make_odd();
|
3091 |
+
}
|
3092 |
+
|
3093 |
+
$initial_x = $x->copy();
|
3094 |
+
|
3095 |
+
while (true) {
|
3096 |
+
if ($timeout !== false && time() - $start > $timeout) {
|
3097 |
+
return false;
|
3098 |
+
}
|
3099 |
+
|
3100 |
+
if ($x->isPrime()) {
|
3101 |
+
return $x;
|
3102 |
+
}
|
3103 |
+
|
3104 |
+
$x = $x->add($two);
|
3105 |
+
|
3106 |
+
if ($x->compare($max) > 0) {
|
3107 |
+
$x = $min->copy();
|
3108 |
+
if ($x->equals($two)) {
|
3109 |
+
return $x;
|
3110 |
+
}
|
3111 |
+
$x->_make_odd();
|
3112 |
+
}
|
3113 |
+
|
3114 |
+
if ($x->equals($initial_x)) {
|
3115 |
+
return false;
|
3116 |
+
}
|
3117 |
+
}
|
3118 |
+
}
|
3119 |
+
|
3120 |
+
/**
|
3121 |
+
* Make the current number odd
|
3122 |
+
*
|
3123 |
+
* If the current number is odd it'll be unchanged. If it's even, one will be added to it.
|
3124 |
+
*
|
3125 |
+
* @see randomPrime()
|
3126 |
+
* @access private
|
3127 |
+
*/
|
3128 |
+
function _make_odd()
|
3129 |
+
{
|
3130 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
3131 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
3132 |
+
gmp_setbit($this->value, 0);
|
3133 |
+
break;
|
3134 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
3135 |
+
if ($this->value[strlen($this->value) - 1] % 2 == 0) {
|
3136 |
+
$this->value = bcadd($this->value, '1');
|
3137 |
+
}
|
3138 |
+
break;
|
3139 |
+
default:
|
3140 |
+
$this->value[0] |= 1;
|
3141 |
+
}
|
3142 |
+
}
|
3143 |
+
|
3144 |
+
/**
|
3145 |
+
* Checks a numer to see if it's prime
|
3146 |
+
*
|
3147 |
+
* Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the
|
3148 |
+
* $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed accross multiple pageloads
|
3149 |
+
* on a website instead of just one.
|
3150 |
+
*
|
3151 |
+
* @param optional Integer $t
|
3152 |
+
* @return Boolean
|
3153 |
+
* @access public
|
3154 |
+
* @internal Uses the
|
3155 |
+
* {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See
|
3156 |
+
* {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}.
|
3157 |
+
*/
|
3158 |
+
function isPrime($t = false)
|
3159 |
+
{
|
3160 |
+
$length = strlen($this->toBytes());
|
3161 |
+
|
3162 |
+
if (!$t) {
|
3163 |
+
// see HAC 4.49 "Note (controlling the error probability)"
|
3164 |
+
if ($length >= 163) { $t = 2; } // floor(1300 / 8)
|
3165 |
+
else if ($length >= 106) { $t = 3; } // floor( 850 / 8)
|
3166 |
+
else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8)
|
3167 |
+
else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8)
|
3168 |
+
else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8)
|
3169 |
+
else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8)
|
3170 |
+
else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8)
|
3171 |
+
else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8)
|
3172 |
+
else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8)
|
3173 |
+
else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8)
|
3174 |
+
else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8)
|
3175 |
+
else { $t = 27; }
|
3176 |
+
}
|
3177 |
+
|
3178 |
+
// ie. gmp_testbit($this, 0)
|
3179 |
+
// ie. isEven() or !isOdd()
|
3180 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
3181 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
3182 |
+
return gmp_prob_prime($this->value, $t) != 0;
|
3183 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
3184 |
+
if ($this->value === '2') {
|
3185 |
+
return true;
|
3186 |
+
}
|
3187 |
+
if ($this->value[strlen($this->value) - 1] % 2 == 0) {
|
3188 |
+
return false;
|
3189 |
+
}
|
3190 |
+
break;
|
3191 |
+
default:
|
3192 |
+
if ($this->value == array(2)) {
|
3193 |
+
return true;
|
3194 |
+
}
|
3195 |
+
if (~$this->value[0] & 1) {
|
3196 |
+
return false;
|
3197 |
+
}
|
3198 |
+
}
|
3199 |
+
|
3200 |
+
static $primes, $zero, $one, $two;
|
3201 |
+
|
3202 |
+
if (!isset($primes)) {
|
3203 |
+
$primes = array(
|
3204 |
+
3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59,
|
3205 |
+
61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137,
|
3206 |
+
139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227,
|
3207 |
+
229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313,
|
3208 |
+
317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
|
3209 |
+
421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509,
|
3210 |
+
521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617,
|
3211 |
+
619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727,
|
3212 |
+
733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829,
|
3213 |
+
839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947,
|
3214 |
+
953, 967, 971, 977, 983, 991, 997
|
3215 |
+
);
|
3216 |
+
|
3217 |
+
if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) {
|
3218 |
+
for ($i = 0; $i < count($primes); ++$i) {
|
3219 |
+
$primes[$i] = new Math_BigInteger($primes[$i]);
|
3220 |
+
}
|
3221 |
+
}
|
3222 |
+
|
3223 |
+
$zero = new Math_BigInteger();
|
3224 |
+
$one = new Math_BigInteger(1);
|
3225 |
+
$two = new Math_BigInteger(2);
|
3226 |
+
}
|
3227 |
+
|
3228 |
+
if ($this->equals($one)) {
|
3229 |
+
return false;
|
3230 |
+
}
|
3231 |
+
|
3232 |
+
// see HAC 4.4.1 "Random search for probable primes"
|
3233 |
+
if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) {
|
3234 |
+
foreach ($primes as $prime) {
|
3235 |
+
list(, $r) = $this->divide($prime);
|
3236 |
+
if ($r->equals($zero)) {
|
3237 |
+
return $this->equals($prime);
|
3238 |
+
}
|
3239 |
+
}
|
3240 |
+
} else {
|
3241 |
+
$value = $this->value;
|
3242 |
+
foreach ($primes as $prime) {
|
3243 |
+
list(, $r) = $this->_divide_digit($value, $prime);
|
3244 |
+
if (!$r) {
|
3245 |
+
return count($value) == 1 && $value[0] == $prime;
|
3246 |
+
}
|
3247 |
+
}
|
3248 |
+
}
|
3249 |
+
|
3250 |
+
$n = $this->copy();
|
3251 |
+
$n_1 = $n->subtract($one);
|
3252 |
+
$n_2 = $n->subtract($two);
|
3253 |
+
|
3254 |
+
$r = $n_1->copy();
|
3255 |
+
$r_value = $r->value;
|
3256 |
+
// ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s));
|
3257 |
+
if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
|
3258 |
+
$s = 0;
|
3259 |
+
// if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals($one) check earlier
|
3260 |
+
while ($r->value[strlen($r->value) - 1] % 2 == 0) {
|
3261 |
+
$r->value = bcdiv($r->value, '2', 0);
|
3262 |
+
++$s;
|
3263 |
+
}
|
3264 |
+
} else {
|
3265 |
+
for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) {
|
3266 |
+
$temp = ~$r_value[$i] & 0xFFFFFF;
|
3267 |
+
for ($j = 1; ($temp >> $j) & 1; ++$j);
|
3268 |
+
if ($j != 25) {
|
3269 |
+
break;
|
3270 |
+
}
|
3271 |
+
}
|
3272 |
+
$s = 26 * $i + $j - 1;
|
3273 |
+
$r->_rshift($s);
|
3274 |
+
}
|
3275 |
+
|
3276 |
+
for ($i = 0; $i < $t; ++$i) {
|
3277 |
+
$a = $this->random($two, $n_2);
|
3278 |
+
$y = $a->modPow($r, $n);
|
3279 |
+
|
3280 |
+
if (!$y->equals($one) && !$y->equals($n_1)) {
|
3281 |
+
for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) {
|
3282 |
+
$y = $y->modPow($two, $n);
|
3283 |
+
if ($y->equals($one)) {
|
3284 |
+
return false;
|
3285 |
+
}
|
3286 |
+
}
|
3287 |
+
|
3288 |
+
if (!$y->equals($n_1)) {
|
3289 |
+
return false;
|
3290 |
+
}
|
3291 |
+
}
|
3292 |
+
}
|
3293 |
+
return true;
|
3294 |
+
}
|
3295 |
+
|
3296 |
+
/**
|
3297 |
+
* Logical Left Shift
|
3298 |
+
*
|
3299 |
+
* Shifts BigInteger's by $shift bits.
|
3300 |
+
*
|
3301 |
+
* @param Integer $shift
|
3302 |
+
* @access private
|
3303 |
+
*/
|
3304 |
+
function _lshift($shift)
|
3305 |
+
{
|
3306 |
+
if ( $shift == 0 ) {
|
3307 |
+
return;
|
3308 |
+
}
|
3309 |
+
|
3310 |
+
$num_digits = (int) ($shift / 26);
|
3311 |
+
$shift %= 26;
|
3312 |
+
$shift = 1 << $shift;
|
3313 |
+
|
3314 |
+
$carry = 0;
|
3315 |
+
|
3316 |
+
for ($i = 0; $i < count($this->value); ++$i) {
|
3317 |
+
$temp = $this->value[$i] * $shift + $carry;
|
3318 |
+
$carry = (int) ($temp / 0x4000000);
|
3319 |
+
$this->value[$i] = (int) ($temp - $carry * 0x4000000);
|
3320 |
+
}
|
3321 |
+
|
3322 |
+
if ( $carry ) {
|
3323 |
+
$this->value[] = $carry;
|
3324 |
+
}
|
3325 |
+
|
3326 |
+
while ($num_digits--) {
|
3327 |
+
array_unshift($this->value, 0);
|
3328 |
+
}
|
3329 |
+
}
|
3330 |
+
|
3331 |
+
/**
|
3332 |
+
* Logical Right Shift
|
3333 |
+
*
|
3334 |
+
* Shifts BigInteger's by $shift bits.
|
3335 |
+
*
|
3336 |
+
* @param Integer $shift
|
3337 |
+
* @access private
|
3338 |
+
*/
|
3339 |
+
function _rshift($shift)
|
3340 |
+
{
|
3341 |
+
if ($shift == 0) {
|
3342 |
+
return;
|
3343 |
+
}
|
3344 |
+
|
3345 |
+
$num_digits = (int) ($shift / 26);
|
3346 |
+
$shift %= 26;
|
3347 |
+
$carry_shift = 26 - $shift;
|
3348 |
+
$carry_mask = (1 << $shift) - 1;
|
3349 |
+
|
3350 |
+
if ( $num_digits ) {
|
3351 |
+
$this->value = array_slice($this->value, $num_digits);
|
3352 |
+
}
|
3353 |
+
|
3354 |
+
$carry = 0;
|
3355 |
+
|
3356 |
+
for ($i = count($this->value) - 1; $i >= 0; --$i) {
|
3357 |
+
$temp = $this->value[$i] >> $shift | $carry;
|
3358 |
+
$carry = ($this->value[$i] & $carry_mask) << $carry_shift;
|
3359 |
+
$this->value[$i] = $temp;
|
3360 |
+
}
|
3361 |
+
|
3362 |
+
$this->value = $this->_trim($this->value);
|
3363 |
+
}
|
3364 |
+
|
3365 |
+
/**
|
3366 |
+
* Normalize
|
3367 |
+
*
|
3368 |
+
* Removes leading zeros and truncates (if necessary) to maintain the appropriate precision
|
3369 |
+
*
|
3370 |
+
* @param Math_BigInteger
|
3371 |
+
* @return Math_BigInteger
|
3372 |
+
* @see _trim()
|
3373 |
+
* @access private
|
3374 |
+
*/
|
3375 |
+
function _normalize($result)
|
3376 |
+
{
|
3377 |
+
$result->precision = $this->precision;
|
3378 |
+
$result->bitmask = $this->bitmask;
|
3379 |
+
|
3380 |
+
switch ( MATH_BIGINTEGER_MODE ) {
|
3381 |
+
case MATH_BIGINTEGER_MODE_GMP:
|
3382 |
+
if (!empty($result->bitmask->value)) {
|
3383 |
+
$result->value = gmp_and($result->value, $result->bitmask->value);
|
3384 |
+
}
|
3385 |
+
|
3386 |
+
return $result;
|
3387 |
+
case MATH_BIGINTEGER_MODE_BCMATH:
|
3388 |
+
if (!empty($result->bitmask->value)) {
|
3389 |
+
$result->value = bcmod($result->value, $result->bitmask->value);
|
3390 |
+
}
|
3391 |
+
|
3392 |
+
return $result;
|
3393 |
+
}
|
3394 |
+
|
3395 |
+
$value = &$result->value;
|
3396 |
+
|
3397 |
+
if ( !count($value) ) {
|
3398 |
+
return $result;
|
3399 |
+
}
|
3400 |
+
|
3401 |
+
$value = $this->_trim($value);
|
3402 |
+
|
3403 |
+
if (!empty($result->bitmask->value)) {
|
3404 |
+
$length = min(count($value), count($this->bitmask->value));
|
3405 |
+
$value = array_slice($value, 0, $length);
|
3406 |
+
|
3407 |
+
for ($i = 0; $i < $length; ++$i) {
|
3408 |
+
$value[$i] = $value[$i] & $this->bitmask->value[$i];
|
3409 |
+
}
|
3410 |
+
}
|
3411 |
+
|
3412 |
+
return $result;
|
3413 |
+
}
|
3414 |
+
|
3415 |
+
/**
|
3416 |
+
* Trim
|
3417 |
+
*
|
3418 |
+
* Removes leading zeros
|
3419 |
+
*
|
3420 |
+
* @return Math_BigInteger
|
3421 |
+
* @access private
|
3422 |
+
*/
|
3423 |
+
function _trim($value)
|
3424 |
+
{
|
3425 |
+
for ($i = count($value) - 1; $i >= 0; --$i) {
|
3426 |
+
if ( $value[$i] ) {
|
3427 |
+
break;
|
3428 |
+
}
|
3429 |
+
unset($value[$i]);
|
3430 |
+
}
|
3431 |
+
|
3432 |
+
return $value;
|
3433 |
+
}
|
3434 |
+
|
3435 |
+
/**
|
3436 |
+
* Array Repeat
|
3437 |
+
*
|
3438 |
+
* @param $input Array
|
3439 |
+
* @param $multiplier mixed
|
3440 |
+
* @return Array
|
3441 |
+
* @access private
|
3442 |
+
*/
|
3443 |
+
function _array_repeat($input, $multiplier)
|
3444 |
+
{
|
3445 |
+
return ($multiplier) ? array_fill(0, $multiplier, $input) : array();
|
3446 |
+
}
|
3447 |
+
|
3448 |
+
/**
|
3449 |
+
* Logical Left Shift
|
3450 |
+
*
|
3451 |
+
* Shifts binary strings $shift bits, essentially multiplying by 2**$shift.
|
3452 |
+
*
|
3453 |
+
* @param $x String
|
3454 |
+
* @param $shift Integer
|
3455 |
+
* @return String
|
3456 |
+
* @access private
|
3457 |
+
*/
|
3458 |
+
function _base256_lshift(&$x, $shift)
|
3459 |
+
{
|
3460 |
+
if ($shift == 0) {
|
3461 |
+
return;
|
3462 |
+
}
|
3463 |
+
|
3464 |
+
$num_bytes = $shift >> 3; // eg. floor($shift/8)
|
3465 |
+
$shift &= 7; // eg. $shift % 8
|
3466 |
+
|
3467 |
+
$carry = 0;
|
3468 |
+
for ($i = strlen($x) - 1; $i >= 0; --$i) {
|
3469 |
+
$temp = ord($x[$i]) << $shift | $carry;
|
3470 |
+
$x[$i] = chr($temp);
|
3471 |
+
$carry = $temp >> 8;
|
3472 |
+
}
|
3473 |
+
$carry = ($carry != 0) ? chr($carry) : '';
|
3474 |
+
$x = $carry . $x . str_repeat(chr(0), $num_bytes);
|
3475 |
+
}
|
3476 |
+
|
3477 |
+
/**
|
3478 |
+
* Logical Right Shift
|
3479 |
+
*
|
3480 |
+
* Shifts binary strings $shift bits, essentially dividing by 2**$shift and returning the remainder.
|
3481 |
+
*
|
3482 |
+
* @param $x String
|
3483 |
+
* @param $shift Integer
|
3484 |
+
* @return String
|
3485 |
+
* @access private
|
3486 |
+
*/
|
3487 |
+
function _base256_rshift(&$x, $shift)
|
3488 |
+
{
|
3489 |
+
if ($shift == 0) {
|
3490 |
+
$x = ltrim($x, chr(0));
|
3491 |
+
return '';
|
3492 |
+
}
|
3493 |
+
|
3494 |
+
$num_bytes = $shift >> 3; // eg. floor($shift/8)
|
3495 |
+
$shift &= 7; // eg. $shift % 8
|
3496 |
+
|
3497 |
+
$remainder = '';
|
3498 |
+
if ($num_bytes) {
|
3499 |
+
$start = $num_bytes > strlen($x) ? -strlen($x) : -$num_bytes;
|
3500 |
+
$remainder = substr($x, $start);
|
3501 |
+
$x = substr($x, 0, -$num_bytes);
|
3502 |
+
}
|
3503 |
+
|
3504 |
+
$carry = 0;
|
3505 |
+
$carry_shift = 8 - $shift;
|
3506 |
+
for ($i = 0; $i < strlen($x); ++$i) {
|
3507 |
+
$temp = (ord($x[$i]) >> $shift) | $carry;
|
3508 |
+
$carry = (ord($x[$i]) << $carry_shift) & 0xFF;
|
3509 |
+
$x[$i] = chr($temp);
|
3510 |
+
}
|
3511 |
+
$x = ltrim($x, chr(0));
|
3512 |
+
|
3513 |
+
$remainder = chr($carry >> $carry_shift) . $remainder;
|
3514 |
+
|
3515 |
+
return ltrim($remainder, chr(0));
|
3516 |
+
}
|
3517 |
+
|
3518 |
+
// one quirk about how the following functions are implemented is that PHP defines N to be an unsigned long
|
3519 |
+
// at 32-bits, while java's longs are 64-bits.
|
3520 |
+
|
3521 |
+
/**
|
3522 |
+
* Converts 32-bit integers to bytes.
|
3523 |
+
*
|
3524 |
+
* @param Integer $x
|
3525 |
+
* @return String
|
3526 |
+
* @access private
|
3527 |
+
*/
|
3528 |
+
function _int2bytes($x)
|
3529 |
+
{
|
3530 |
+
return ltrim(pack('N', $x), chr(0));
|
3531 |
+
}
|
3532 |
+
|
3533 |
+
/**
|
3534 |
+
* Converts bytes to 32-bit integers
|
3535 |
+
*
|
3536 |
+
* @param String $x
|
3537 |
+
* @return Integer
|
3538 |
+
* @access private
|
3539 |
+
*/
|
3540 |
+
function _bytes2int($x)
|
3541 |
+
{
|
3542 |
+
$temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT));
|
3543 |
+
return $temp['int'];
|
3544 |
+
}
|
3545 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Net/SFTP.php
CHANGED
@@ -1,1461 +1,1461 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of SFTP.
|
6 |
-
*
|
7 |
-
* PHP versions 4 and 5
|
8 |
-
*
|
9 |
-
* Currently only supports SFTPv3, which, according to wikipedia.org, "is the most widely used version,
|
10 |
-
* implemented by the popular OpenSSH SFTP server". If you want SFTPv4/5/6 support, provide me with access
|
11 |
-
* to an SFTPv4/5/6 server.
|
12 |
-
*
|
13 |
-
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
|
14 |
-
*
|
15 |
-
* Here's a short example of how to use this library:
|
16 |
-
* <code>
|
17 |
-
* <?php
|
18 |
-
* include('Net/SFTP.php');
|
19 |
-
*
|
20 |
-
* $sftp = new Net_SFTP('www.domain.tld');
|
21 |
-
* if (!$sftp->login('username', 'password')) {
|
22 |
-
* exit('Login Failed');
|
23 |
-
* }
|
24 |
-
*
|
25 |
-
* echo $sftp->pwd() . "\r\n";
|
26 |
-
* $sftp->put('filename.ext', 'hello, world!');
|
27 |
-
* print_r($sftp->nlist());
|
28 |
-
* ?>
|
29 |
-
* </code>
|
30 |
-
*
|
31 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
32 |
-
* modify it under the terms of the GNU Lesser General Public
|
33 |
-
* License as published by the Free Software Foundation; either
|
34 |
-
* version 2.1 of the License, or (at your option) any later version.
|
35 |
-
*
|
36 |
-
* This library is distributed in the hope that it will be useful,
|
37 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
38 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
39 |
-
* Lesser General Public License for more details.
|
40 |
-
*
|
41 |
-
* You should have received a copy of the GNU Lesser General Public
|
42 |
-
* License along with this library; if not, write to the Free Software
|
43 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
44 |
-
* MA 02111-1307 USA
|
45 |
-
*
|
46 |
-
* @category Net
|
47 |
-
* @package Net_SFTP
|
48 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
49 |
-
* @copyright MMIX Jim Wigginton
|
50 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
51 |
-
* @version $Id: SFTP.php,v 1.21 2010/04/09 02:31:34 terrafrost Exp $
|
52 |
-
* @link http://phpseclib.sourceforge.net
|
53 |
-
*/
|
54 |
-
|
55 |
-
/**
|
56 |
-
* Include Net_SSH2
|
57 |
-
*/
|
58 |
-
require_once('phpseclib/Net/SSH2.php');
|
59 |
-
|
60 |
-
/**#@+
|
61 |
-
* @access public
|
62 |
-
* @see Net_SFTP::getLog()
|
63 |
-
*/
|
64 |
-
/**
|
65 |
-
* Returns the message numbers
|
66 |
-
*/
|
67 |
-
define('NET_SFTP_LOG_SIMPLE', NET_SSH2_LOG_SIMPLE);
|
68 |
-
/**
|
69 |
-
* Returns the message content
|
70 |
-
*/
|
71 |
-
define('NET_SFTP_LOG_COMPLEX', NET_SSH2_LOG_COMPLEX);
|
72 |
-
/**#@-*/
|
73 |
-
|
74 |
-
/**
|
75 |
-
* SFTP channel constant
|
76 |
-
*
|
77 |
-
* Net_SSH2::exec() uses 0 and Net_SSH2::interactiveRead() / Net_SSH2::interactiveWrite() use 1.
|
78 |
-
*
|
79 |
-
* @see Net_SSH2::_send_channel_packet()
|
80 |
-
* @see Net_SSH2::_get_channel_packet()
|
81 |
-
* @access private
|
82 |
-
*/
|
83 |
-
define('NET_SFTP_CHANNEL', 2);
|
84 |
-
|
85 |
-
/**#@+
|
86 |
-
* @access public
|
87 |
-
* @see Net_SFTP::put()
|
88 |
-
*/
|
89 |
-
/**
|
90 |
-
* Reads data from a local file.
|
91 |
-
*/
|
92 |
-
define('NET_SFTP_LOCAL_FILE', 1);
|
93 |
-
/**
|
94 |
-
* Reads data from a string.
|
95 |
-
*/
|
96 |
-
define('NET_SFTP_STRING', 2);
|
97 |
-
/**#@-*/
|
98 |
-
|
99 |
-
/**
|
100 |
-
* Pure-PHP implementations of SFTP.
|
101 |
-
*
|
102 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
103 |
-
* @version 0.1.0
|
104 |
-
* @access public
|
105 |
-
* @package Net_SFTP
|
106 |
-
*/
|
107 |
-
class Net_SFTP extends Net_SSH2 {
|
108 |
-
/**
|
109 |
-
* Packet Types
|
110 |
-
*
|
111 |
-
* @see Net_SFTP::Net_SFTP()
|
112 |
-
* @var Array
|
113 |
-
* @access private
|
114 |
-
*/
|
115 |
-
var $packet_types = array();
|
116 |
-
|
117 |
-
/**
|
118 |
-
* Status Codes
|
119 |
-
*
|
120 |
-
* @see Net_SFTP::Net_SFTP()
|
121 |
-
* @var Array
|
122 |
-
* @access private
|
123 |
-
*/
|
124 |
-
var $status_codes = array();
|
125 |
-
|
126 |
-
/**
|
127 |
-
* The Request ID
|
128 |
-
*
|
129 |
-
* The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support
|
130 |
-
* concurrent actions, so it's somewhat academic, here.
|
131 |
-
*
|
132 |
-
* @var Integer
|
133 |
-
* @see Net_SFTP::_send_sftp_packet()
|
134 |
-
* @access private
|
135 |
-
*/
|
136 |
-
var $request_id = false;
|
137 |
-
|
138 |
-
/**
|
139 |
-
* The Packet Type
|
140 |
-
*
|
141 |
-
* The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support
|
142 |
-
* concurrent actions, so it's somewhat academic, here.
|
143 |
-
*
|
144 |
-
* @var Integer
|
145 |
-
* @see Net_SFTP::_get_sftp_packet()
|
146 |
-
* @access private
|
147 |
-
*/
|
148 |
-
var $packet_type = -1;
|
149 |
-
|
150 |
-
/**
|
151 |
-
* Packet Buffer
|
152 |
-
*
|
153 |
-
* @var String
|
154 |
-
* @see Net_SFTP::_get_sftp_packet()
|
155 |
-
* @access private
|
156 |
-
*/
|
157 |
-
var $packet_buffer = '';
|
158 |
-
|
159 |
-
/**
|
160 |
-
* Extensions supported by the server
|
161 |
-
*
|
162 |
-
* @var Array
|
163 |
-
* @see Net_SFTP::_initChannel()
|
164 |
-
* @access private
|
165 |
-
*/
|
166 |
-
var $extensions = array();
|
167 |
-
|
168 |
-
/**
|
169 |
-
* Server SFTP version
|
170 |
-
*
|
171 |
-
* @var Integer
|
172 |
-
* @see Net_SFTP::_initChannel()
|
173 |
-
* @access private
|
174 |
-
*/
|
175 |
-
var $version;
|
176 |
-
|
177 |
-
/**
|
178 |
-
* Current working directory
|
179 |
-
*
|
180 |
-
* @var String
|
181 |
-
* @see Net_SFTP::_realpath()
|
182 |
-
* @see Net_SFTP::chdir()
|
183 |
-
* @access private
|
184 |
-
*/
|
185 |
-
var $pwd = false;
|
186 |
-
|
187 |
-
/**
|
188 |
-
* Packet Type Log
|
189 |
-
*
|
190 |
-
* @see Net_SFTP::getLog()
|
191 |
-
* @var Array
|
192 |
-
* @access private
|
193 |
-
*/
|
194 |
-
var $packet_type_log = array();
|
195 |
-
|
196 |
-
/**
|
197 |
-
* Packet Log
|
198 |
-
*
|
199 |
-
* @see Net_SFTP::getLog()
|
200 |
-
* @var Array
|
201 |
-
* @access private
|
202 |
-
*/
|
203 |
-
var $packet_log = array();
|
204 |
-
|
205 |
-
/**
|
206 |
-
* Error information
|
207 |
-
*
|
208 |
-
* @see Net_SFTP::getSFTPErrors()
|
209 |
-
* @see Net_SFTP::getLastSFTPError()
|
210 |
-
* @var String
|
211 |
-
* @access private
|
212 |
-
*/
|
213 |
-
var $errors = array();
|
214 |
-
|
215 |
-
/**
|
216 |
-
* Default Constructor.
|
217 |
-
*
|
218 |
-
* Connects to an SFTP server
|
219 |
-
*
|
220 |
-
* @param String $host
|
221 |
-
* @param optional Integer $port
|
222 |
-
* @param optional Integer $timeout
|
223 |
-
* @return Net_SFTP
|
224 |
-
* @access public
|
225 |
-
*/
|
226 |
-
function Net_SFTP($host, $port = 22, $timeout = 10)
|
227 |
-
{
|
228 |
-
parent::Net_SSH2($host, $port, $timeout);
|
229 |
-
$this->packet_types = array(
|
230 |
-
1 => 'NET_SFTP_INIT',
|
231 |
-
2 => 'NET_SFTP_VERSION',
|
232 |
-
/* the format of SSH_FXP_OPEN changed between SFTPv4 and SFTPv5+:
|
233 |
-
SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.1
|
234 |
-
pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 */
|
235 |
-
3 => 'NET_SFTP_OPEN',
|
236 |
-
4 => 'NET_SFTP_CLOSE',
|
237 |
-
5 => 'NET_SFTP_READ',
|
238 |
-
6 => 'NET_SFTP_WRITE',
|
239 |
-
8 => 'NET_SFTP_FSTAT',
|
240 |
-
9 => 'NET_SFTP_SETSTAT',
|
241 |
-
11 => 'NET_SFTP_OPENDIR',
|
242 |
-
12 => 'NET_SFTP_READDIR',
|
243 |
-
13 => 'NET_SFTP_REMOVE',
|
244 |
-
14 => 'NET_SFTP_MKDIR',
|
245 |
-
15 => 'NET_SFTP_RMDIR',
|
246 |
-
16 => 'NET_SFTP_REALPATH',
|
247 |
-
17 => 'NET_SFTP_STAT',
|
248 |
-
/* the format of SSH_FXP_RENAME changed between SFTPv4 and SFTPv5+:
|
249 |
-
SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
|
250 |
-
pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 */
|
251 |
-
18 => 'NET_SFTP_RENAME',
|
252 |
-
|
253 |
-
101=> 'NET_SFTP_STATUS',
|
254 |
-
102=> 'NET_SFTP_HANDLE',
|
255 |
-
/* the format of SSH_FXP_NAME changed between SFTPv3 and SFTPv4+:
|
256 |
-
SFTPv4+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.4
|
257 |
-
pre-SFTPv4 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 */
|
258 |
-
103=> 'NET_SFTP_DATA',
|
259 |
-
104=> 'NET_SFTP_NAME',
|
260 |
-
105=> 'NET_SFTP_ATTRS',
|
261 |
-
|
262 |
-
200=> 'NET_SFTP_EXTENDED'
|
263 |
-
);
|
264 |
-
$this->status_codes = array(
|
265 |
-
0 => 'NET_SFTP_STATUS_OK',
|
266 |
-
1 => 'NET_SFTP_STATUS_EOF',
|
267 |
-
2 => 'NET_SFTP_STATUS_NO_SUCH_FILE',
|
268 |
-
3 => 'NET_SFTP_STATUS_PERMISSION_DENIED',
|
269 |
-
4 => 'NET_SFTP_STATUS_FAILURE',
|
270 |
-
5 => 'NET_SFTP_STATUS_BAD_MESSAGE',
|
271 |
-
6 => 'NET_SFTP_STATUS_NO_CONNECTION',
|
272 |
-
7 => 'NET_SFTP_STATUS_CONNECTION_LOST',
|
273 |
-
8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED'
|
274 |
-
);
|
275 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1
|
276 |
-
// the order, in this case, matters quite a lot - see Net_SFTP::_parseAttributes() to understand why
|
277 |
-
$this->attributes = array(
|
278 |
-
0x00000001 => 'NET_SFTP_ATTR_SIZE',
|
279 |
-
0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+
|
280 |
-
0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS',
|
281 |
-
0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME',
|
282 |
-
-1 => 'NET_SFTP_ATTR_EXTENDED' // unpack('N', "\xFF\xFF\xFF\xFF") == array(1 => int(-1))
|
283 |
-
);
|
284 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3
|
285 |
-
// the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name
|
286 |
-
// the array for that $this->open5_flags and similarily alter the constant names.
|
287 |
-
$this->open_flags = array(
|
288 |
-
0x00000001 => 'NET_SFTP_OPEN_READ',
|
289 |
-
0x00000002 => 'NET_SFTP_OPEN_WRITE',
|
290 |
-
0x00000008 => 'NET_SFTP_OPEN_CREATE',
|
291 |
-
0x00000010 => 'NET_SFTP_OPEN_TRUNCATE'
|
292 |
-
);
|
293 |
-
$this->_define_array(
|
294 |
-
$this->packet_types,
|
295 |
-
$this->status_codes,
|
296 |
-
$this->attributes,
|
297 |
-
$this->open_flags
|
298 |
-
);
|
299 |
-
}
|
300 |
-
|
301 |
-
/**
|
302 |
-
* Login
|
303 |
-
*
|
304 |
-
* @param String $username
|
305 |
-
* @param optional String $password
|
306 |
-
* @return Boolean
|
307 |
-
* @access public
|
308 |
-
*/
|
309 |
-
function login($username, $password = '')
|
310 |
-
{
|
311 |
-
if (!parent::login($username, $password)) {
|
312 |
-
return false;
|
313 |
-
}
|
314 |
-
|
315 |
-
$this->window_size_client_to_server[NET_SFTP_CHANNEL] = $this->window_size;
|
316 |
-
|
317 |
-
$packet = pack('CNa*N3',
|
318 |
-
NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SFTP_CHANNEL, $this->window_size, 0x4000);
|
319 |
-
|
320 |
-
if (!$this->_send_binary_packet($packet)) {
|
321 |
-
return false;
|
322 |
-
}
|
323 |
-
|
324 |
-
$this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_OPEN;
|
325 |
-
|
326 |
-
$response = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
327 |
-
if ($response === false) {
|
328 |
-
return false;
|
329 |
-
}
|
330 |
-
|
331 |
-
$packet = pack('CNNa*CNa*',
|
332 |
-
NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SFTP_CHANNEL], strlen('subsystem'), 'subsystem', 1, strlen('sftp'), 'sftp');
|
333 |
-
if (!$this->_send_binary_packet($packet)) {
|
334 |
-
return false;
|
335 |
-
}
|
336 |
-
|
337 |
-
$this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST;
|
338 |
-
|
339 |
-
$response = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
340 |
-
if ($response === false) {
|
341 |
-
return false;
|
342 |
-
}
|
343 |
-
|
344 |
-
$this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA;
|
345 |
-
|
346 |
-
if (!$this->_send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) {
|
347 |
-
return false;
|
348 |
-
}
|
349 |
-
|
350 |
-
$response = $this->_get_sftp_packet();
|
351 |
-
if ($this->packet_type != NET_SFTP_VERSION) {
|
352 |
-
user_error('Expected SSH_FXP_VERSION', E_USER_NOTICE);
|
353 |
-
return false;
|
354 |
-
}
|
355 |
-
|
356 |
-
extract(unpack('Nversion', $this->_string_shift($response, 4)));
|
357 |
-
$this->version = $version;
|
358 |
-
while (!empty($response)) {
|
359 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
360 |
-
$key = $this->_string_shift($response, $length);
|
361 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
362 |
-
$value = $this->_string_shift($response, $length);
|
363 |
-
$this->extensions[$key] = $value;
|
364 |
-
}
|
365 |
-
|
366 |
-
/*
|
367 |
-
SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com',
|
368 |
-
however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's
|
369 |
-
not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for
|
370 |
-
one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that
|
371 |
-
'newline@vandyke.com' would.
|
372 |
-
*/
|
373 |
-
/*
|
374 |
-
if (isset($this->extensions['newline@vandyke.com'])) {
|
375 |
-
$this->extensions['newline'] = $this->extensions['newline@vandyke.com'];
|
376 |
-
unset($this->extensions['newline@vandyke.com']);
|
377 |
-
}
|
378 |
-
*/
|
379 |
-
|
380 |
-
$this->request_id = 1;
|
381 |
-
|
382 |
-
/*
|
383 |
-
A Note on SFTPv4/5/6 support:
|
384 |
-
<http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.1> states the following:
|
385 |
-
|
386 |
-
"If the client wishes to interoperate with servers that support noncontiguous version
|
387 |
-
numbers it SHOULD send '3'"
|
388 |
-
|
389 |
-
Given that the server only sends its version number after the client has already done so, the above
|
390 |
-
seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the
|
391 |
-
most popular.
|
392 |
-
|
393 |
-
<http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.5> states the following;
|
394 |
-
|
395 |
-
"If the server did not send the "versions" extension, or the version-from-list was not included, the
|
396 |
-
server MAY send a status response describing the failure, but MUST then close the channel without
|
397 |
-
processing any further requests."
|
398 |
-
|
399 |
-
So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and
|
400 |
-
a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements
|
401 |
-
v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed
|
402 |
-
in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what Net_SFTP would do is close the
|
403 |
-
channel and reopen it with a new and updated SSH_FXP_INIT packet.
|
404 |
-
*/
|
405 |
-
if ($this->version != 3) {
|
406 |
-
return false;
|
407 |
-
}
|
408 |
-
|
409 |
-
$this->pwd = $this->_realpath('.');
|
410 |
-
|
411 |
-
return true;
|
412 |
-
}
|
413 |
-
|
414 |
-
/**
|
415 |
-
* Returns the current directory name
|
416 |
-
*
|
417 |
-
* @return Mixed
|
418 |
-
* @access public
|
419 |
-
*/
|
420 |
-
function pwd()
|
421 |
-
{
|
422 |
-
return $this->pwd;
|
423 |
-
}
|
424 |
-
|
425 |
-
/**
|
426 |
-
* Canonicalize the Server-Side Path Name
|
427 |
-
*
|
428 |
-
* SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns
|
429 |
-
* the absolute (canonicalized) path. If $mode is set to NET_SFTP_CONFIRM_DIR (as opposed to NET_SFTP_CONFIRM_NONE,
|
430 |
-
* which is what it is set to by default), false is returned if $dir is not a valid directory.
|
431 |
-
*
|
432 |
-
* @see Net_SFTP::chdir()
|
433 |
-
* @param String $dir
|
434 |
-
* @param optional Integer $mode
|
435 |
-
* @return Mixed
|
436 |
-
* @access private
|
437 |
-
*/
|
438 |
-
function _realpath($dir)
|
439 |
-
{
|
440 |
-
/*
|
441 |
-
"This protocol represents file names as strings. File names are
|
442 |
-
assumed to use the slash ('/') character as a directory separator.
|
443 |
-
|
444 |
-
File names starting with a slash are "absolute", and are relative to
|
445 |
-
the root of the file system. Names starting with any other character
|
446 |
-
are relative to the user's default directory (home directory). Note
|
447 |
-
that identifying the user is assumed to take place outside of this
|
448 |
-
protocol."
|
449 |
-
|
450 |
-
-- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-6
|
451 |
-
*/
|
452 |
-
$file = '';
|
453 |
-
if ($this->pwd !== false) {
|
454 |
-
// if the SFTP server returned the canonicalized path even for non-existant files this wouldn't be necessary
|
455 |
-
// on OpenSSH it isn't necessary but on other SFTP servers it is. that and since the specs say nothing on
|
456 |
-
// the subject, we'll go ahead and work around it with the following.
|
457 |
-
if ($dir[strlen($dir) - 1] != '/') {
|
458 |
-
$file = basename($dir);
|
459 |
-
$dir = dirname($dir);
|
460 |
-
}
|
461 |
-
|
462 |
-
if ($dir == '.' || $dir == $this->pwd) {
|
463 |
-
return $this->pwd . $file;
|
464 |
-
}
|
465 |
-
|
466 |
-
if ($dir[0] != '/') {
|
467 |
-
$dir = $this->pwd . '/' . $dir;
|
468 |
-
}
|
469 |
-
// on the surface it seems like maybe resolving a path beginning with / is unnecessary, but such paths
|
470 |
-
// can contain .'s and ..'s just like any other. we could parse those out as appropriate or we can let
|
471 |
-
// the server do it. we'll do the latter.
|
472 |
-
}
|
473 |
-
|
474 |
-
/*
|
475 |
-
that SSH_FXP_REALPATH returns SSH_FXP_NAME does not necessarily mean that anything actually exists at the
|
476 |
-
specified path. generally speaking, no attributes are returned with this particular SSH_FXP_NAME packet
|
477 |
-
regardless of whether or not a file actually exists. and in SFTPv3, the longname field and the filename
|
478 |
-
field match for this particular SSH_FXP_NAME packet. for other SSH_FXP_NAME packets, this will likely
|
479 |
-
not be the case, but for this one, it is.
|
480 |
-
*/
|
481 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9
|
482 |
-
if (!$this->_send_sftp_packet(NET_SFTP_REALPATH, pack('Na*', strlen($dir), $dir))) {
|
483 |
-
return false;
|
484 |
-
}
|
485 |
-
|
486 |
-
$response = $this->_get_sftp_packet();
|
487 |
-
switch ($this->packet_type) {
|
488 |
-
case NET_SFTP_NAME:
|
489 |
-
// although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following
|
490 |
-
// should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks
|
491 |
-
// at is the first part and that part is defined the same in SFTP versions 3 through 6.
|
492 |
-
$this->_string_shift($response, 4); // skip over the count - it should be 1, anyway
|
493 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
494 |
-
$realpath = $this->_string_shift($response, $length);
|
495 |
-
break;
|
496 |
-
case NET_SFTP_STATUS:
|
497 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
498 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
499 |
-
return false;
|
500 |
-
default:
|
501 |
-
user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS', E_USER_NOTICE);
|
502 |
-
return false;
|
503 |
-
}
|
504 |
-
|
505 |
-
// if $this->pwd isn't set than the only thing $realpath could be is for '.', which is pretty much guaranteed to
|
506 |
-
// be a bonafide directory
|
507 |
-
return $realpath . '/' . $file;
|
508 |
-
}
|
509 |
-
|
510 |
-
/**
|
511 |
-
* Changes the current directory
|
512 |
-
*
|
513 |
-
* @param String $dir
|
514 |
-
* @return Boolean
|
515 |
-
* @access public
|
516 |
-
*/
|
517 |
-
function chdir($dir)
|
518 |
-
{
|
519 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
520 |
-
return false;
|
521 |
-
}
|
522 |
-
|
523 |
-
if ($dir[strlen($dir) - 1] != '/') {
|
524 |
-
$dir.= '/';
|
525 |
-
}
|
526 |
-
$dir = $this->_realpath($dir);
|
527 |
-
|
528 |
-
// confirm that $dir is, in fact, a valid directory
|
529 |
-
if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) {
|
530 |
-
return false;
|
531 |
-
}
|
532 |
-
|
533 |
-
// see Net_SFTP::nlist() for a more thorough explanation of the following
|
534 |
-
$response = $this->_get_sftp_packet();
|
535 |
-
switch ($this->packet_type) {
|
536 |
-
case NET_SFTP_HANDLE:
|
537 |
-
$handle = substr($response, 4);
|
538 |
-
break;
|
539 |
-
case NET_SFTP_STATUS:
|
540 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
541 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
542 |
-
return false;
|
543 |
-
default:
|
544 |
-
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
545 |
-
return false;
|
546 |
-
}
|
547 |
-
|
548 |
-
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
549 |
-
return false;
|
550 |
-
}
|
551 |
-
|
552 |
-
$response = $this->_get_sftp_packet();
|
553 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
554 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
555 |
-
return false;
|
556 |
-
}
|
557 |
-
|
558 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
559 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
560 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
561 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
562 |
-
return false;
|
563 |
-
}
|
564 |
-
|
565 |
-
$this->pwd = $dir;
|
566 |
-
return true;
|
567 |
-
}
|
568 |
-
|
569 |
-
/**
|
570 |
-
* Returns a list of files in the given directory
|
571 |
-
*
|
572 |
-
* @param optional String $dir
|
573 |
-
* @return Mixed
|
574 |
-
* @access public
|
575 |
-
*/
|
576 |
-
function nlist($dir = '.')
|
577 |
-
{
|
578 |
-
return $this->_list($dir, false);
|
579 |
-
}
|
580 |
-
|
581 |
-
/**
|
582 |
-
* Returns a list of files in the given directory
|
583 |
-
*
|
584 |
-
* @param optional String $dir
|
585 |
-
* @return Mixed
|
586 |
-
* @access public
|
587 |
-
*/
|
588 |
-
function rawlist($dir = '.')
|
589 |
-
{
|
590 |
-
return $this->_list($dir, true);
|
591 |
-
}
|
592 |
-
|
593 |
-
function _list($dir, $raw = true)
|
594 |
-
{
|
595 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
596 |
-
return false;
|
597 |
-
}
|
598 |
-
|
599 |
-
$dir = $this->_realpath($dir);
|
600 |
-
if ($dir === false) {
|
601 |
-
return false;
|
602 |
-
}
|
603 |
-
|
604 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2
|
605 |
-
if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) {
|
606 |
-
return false;
|
607 |
-
}
|
608 |
-
|
609 |
-
$response = $this->_get_sftp_packet();
|
610 |
-
switch ($this->packet_type) {
|
611 |
-
case NET_SFTP_HANDLE:
|
612 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2
|
613 |
-
// since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that
|
614 |
-
// represent the length of the string and leave it at that
|
615 |
-
$handle = substr($response, 4);
|
616 |
-
break;
|
617 |
-
case NET_SFTP_STATUS:
|
618 |
-
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
619 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
620 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
621 |
-
return false;
|
622 |
-
default:
|
623 |
-
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
624 |
-
return false;
|
625 |
-
}
|
626 |
-
|
627 |
-
$contents = array();
|
628 |
-
while (true) {
|
629 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2
|
630 |
-
// why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many
|
631 |
-
// SSH_MSG_CHANNEL_DATA messages is not known to me.
|
632 |
-
if (!$this->_send_sftp_packet(NET_SFTP_READDIR, pack('Na*', strlen($handle), $handle))) {
|
633 |
-
return false;
|
634 |
-
}
|
635 |
-
|
636 |
-
$response = $this->_get_sftp_packet();
|
637 |
-
switch ($this->packet_type) {
|
638 |
-
case NET_SFTP_NAME:
|
639 |
-
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
640 |
-
for ($i = 0; $i < $count; $i++) {
|
641 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
642 |
-
$shortname = $this->_string_shift($response, $length);
|
643 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
644 |
-
$this->_string_shift($response, $length); // SFTPv4+ drop this field - the "longname" field
|
645 |
-
$attributes = $this->_parseAttributes($response); // we also don't care about the attributes
|
646 |
-
if (!$raw) {
|
647 |
-
$contents[] = $shortname;
|
648 |
-
} else {
|
649 |
-
$contents[$shortname] = $attributes;
|
650 |
-
}
|
651 |
-
// SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the
|
652 |
-
// final SSH_FXP_STATUS packet should tell us that, already.
|
653 |
-
}
|
654 |
-
break;
|
655 |
-
case NET_SFTP_STATUS:
|
656 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
657 |
-
if ($status != NET_SFTP_STATUS_EOF) {
|
658 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
659 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
660 |
-
return false;
|
661 |
-
}
|
662 |
-
break 2;
|
663 |
-
default:
|
664 |
-
user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS', E_USER_NOTICE);
|
665 |
-
return false;
|
666 |
-
}
|
667 |
-
}
|
668 |
-
|
669 |
-
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
670 |
-
return false;
|
671 |
-
}
|
672 |
-
|
673 |
-
// "The client MUST release all resources associated with the handle regardless of the status."
|
674 |
-
// -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3
|
675 |
-
$response = $this->_get_sftp_packet();
|
676 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
677 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
678 |
-
return false;
|
679 |
-
}
|
680 |
-
|
681 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
682 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
683 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
684 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
685 |
-
return false;
|
686 |
-
}
|
687 |
-
|
688 |
-
return $contents;
|
689 |
-
}
|
690 |
-
|
691 |
-
/**
|
692 |
-
* Returns the file size, in bytes, or false, on failure
|
693 |
-
*
|
694 |
-
* Files larger than 4GB will show up as being exactly 4GB.
|
695 |
-
*
|
696 |
-
* @param optional String $dir
|
697 |
-
* @return Mixed
|
698 |
-
* @access public
|
699 |
-
*/
|
700 |
-
function size($filename)
|
701 |
-
{
|
702 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
703 |
-
return false;
|
704 |
-
}
|
705 |
-
|
706 |
-
$filename = $this->_realpath($filename);
|
707 |
-
if ($filename === false) {
|
708 |
-
return false;
|
709 |
-
}
|
710 |
-
|
711 |
-
// SFTPv4+ adds an additional 32-bit integer field - flags - to the following:
|
712 |
-
$packet = pack('Na*', strlen($filename), $filename);
|
713 |
-
if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) {
|
714 |
-
return false;
|
715 |
-
}
|
716 |
-
|
717 |
-
$response = $this->_get_sftp_packet();
|
718 |
-
switch ($this->packet_type) {
|
719 |
-
case NET_SFTP_ATTRS:
|
720 |
-
$attrs = $this->_parseAttributes($response);
|
721 |
-
return $attrs['size'];
|
722 |
-
case NET_SFTP_STATUS:
|
723 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
724 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
725 |
-
return false;
|
726 |
-
}
|
727 |
-
|
728 |
-
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS', E_USER_NOTICE);
|
729 |
-
return false;
|
730 |
-
}
|
731 |
-
|
732 |
-
/**
|
733 |
-
* Set permissions on a file.
|
734 |
-
*
|
735 |
-
* Returns the new file permissions on success or FALSE on error.
|
736 |
-
*
|
737 |
-
* @param Integer $mode
|
738 |
-
* @param String $filename
|
739 |
-
* @return Mixed
|
740 |
-
* @access public
|
741 |
-
*/
|
742 |
-
function chmod($mode, $filename)
|
743 |
-
{
|
744 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
745 |
-
return false;
|
746 |
-
}
|
747 |
-
|
748 |
-
$filename = $this->_realpath($filename);
|
749 |
-
if ($filename === false) {
|
750 |
-
return false;
|
751 |
-
}
|
752 |
-
|
753 |
-
// SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to
|
754 |
-
// SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT.
|
755 |
-
$attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777);
|
756 |
-
if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) {
|
757 |
-
return false;
|
758 |
-
}
|
759 |
-
|
760 |
-
/*
|
761 |
-
"Because some systems must use separate system calls to set various attributes, it is possible that a failure
|
762 |
-
response will be returned, but yet some of the attributes may be have been successfully modified. If possible,
|
763 |
-
servers SHOULD avoid this situation; however, clients MUST be aware that this is possible."
|
764 |
-
|
765 |
-
-- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6
|
766 |
-
*/
|
767 |
-
$response = $this->_get_sftp_packet();
|
768 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
769 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
770 |
-
return false;
|
771 |
-
}
|
772 |
-
|
773 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
774 |
-
if ($status != NET_SFTP_STATUS_EOF) {
|
775 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
776 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
777 |
-
}
|
778 |
-
|
779 |
-
// rather than return what the permissions *should* be, we'll return what they actually are. this will also
|
780 |
-
// tell us if the file actually exists.
|
781 |
-
// incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following:
|
782 |
-
$packet = pack('Na*', strlen($filename), $filename);
|
783 |
-
if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) {
|
784 |
-
return false;
|
785 |
-
}
|
786 |
-
|
787 |
-
$response = $this->_get_sftp_packet();
|
788 |
-
switch ($this->packet_type) {
|
789 |
-
case NET_SFTP_ATTRS:
|
790 |
-
$attrs = $this->_parseAttributes($response);
|
791 |
-
return $attrs['permissions'];
|
792 |
-
case NET_SFTP_STATUS:
|
793 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
794 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
795 |
-
return false;
|
796 |
-
}
|
797 |
-
|
798 |
-
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS', E_USER_NOTICE);
|
799 |
-
return false;
|
800 |
-
}
|
801 |
-
|
802 |
-
/**
|
803 |
-
* Creates a directory.
|
804 |
-
*
|
805 |
-
* @param String $dir
|
806 |
-
* @return Boolean
|
807 |
-
* @access public
|
808 |
-
*/
|
809 |
-
function mkdir($dir)
|
810 |
-
{
|
811 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
812 |
-
return false;
|
813 |
-
}
|
814 |
-
|
815 |
-
$dir = $this->_realpath(rtrim($dir, '/'));
|
816 |
-
if ($dir === false) {
|
817 |
-
return false;
|
818 |
-
}
|
819 |
-
|
820 |
-
// by not providing any permissions, hopefully the server will use the logged in users umask - their
|
821 |
-
// default permissions.
|
822 |
-
if (!$this->_send_sftp_packet(NET_SFTP_MKDIR, pack('Na*N', strlen($dir), $dir, 0))) {
|
823 |
-
return false;
|
824 |
-
}
|
825 |
-
|
826 |
-
$response = $this->_get_sftp_packet();
|
827 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
828 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
829 |
-
return false;
|
830 |
-
}
|
831 |
-
|
832 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
833 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
834 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
835 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
836 |
-
return false;
|
837 |
-
}
|
838 |
-
|
839 |
-
return true;
|
840 |
-
}
|
841 |
-
|
842 |
-
/**
|
843 |
-
* Removes a directory.
|
844 |
-
*
|
845 |
-
* @param String $dir
|
846 |
-
* @return Boolean
|
847 |
-
* @access public
|
848 |
-
*/
|
849 |
-
function rmdir($dir)
|
850 |
-
{
|
851 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
852 |
-
return false;
|
853 |
-
}
|
854 |
-
|
855 |
-
$dir = $this->_realpath($dir);
|
856 |
-
if ($dir === false) {
|
857 |
-
return false;
|
858 |
-
}
|
859 |
-
|
860 |
-
if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($dir), $dir))) {
|
861 |
-
return false;
|
862 |
-
}
|
863 |
-
|
864 |
-
$response = $this->_get_sftp_packet();
|
865 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
866 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
867 |
-
return false;
|
868 |
-
}
|
869 |
-
|
870 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
871 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
872 |
-
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED?
|
873 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
874 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
875 |
-
return false;
|
876 |
-
}
|
877 |
-
|
878 |
-
return true;
|
879 |
-
}
|
880 |
-
|
881 |
-
/**
|
882 |
-
* Uploads a file to the SFTP server.
|
883 |
-
*
|
884 |
-
* By default, Net_SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
|
885 |
-
* So, for example, if you set $data to 'filename.ext' and then do Net_SFTP::get(), you will get a file, twelve bytes
|
886 |
-
* long, containing 'filename.ext' as its contents.
|
887 |
-
*
|
888 |
-
* Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will
|
889 |
-
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
|
890 |
-
* large $remote_file will be, as well.
|
891 |
-
*
|
892 |
-
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
|
893 |
-
* care of that, yourself.
|
894 |
-
*
|
895 |
-
* @param String $remote_file
|
896 |
-
* @param String $data
|
897 |
-
* @param optional Integer $flags
|
898 |
-
* @return Boolean
|
899 |
-
* @access public
|
900 |
-
* @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - Net_SFTP::setMode().
|
901 |
-
*/
|
902 |
-
function put($remote_file, $data, $mode = NET_SFTP_STRING)
|
903 |
-
{
|
904 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
905 |
-
return false;
|
906 |
-
}
|
907 |
-
|
908 |
-
$remote_file = $this->_realpath($remote_file);
|
909 |
-
if ($remote_file === false) {
|
910 |
-
return false;
|
911 |
-
}
|
912 |
-
|
913 |
-
$packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_TRUNCATE, 0);
|
914 |
-
if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
|
915 |
-
return false;
|
916 |
-
}
|
917 |
-
|
918 |
-
$response = $this->_get_sftp_packet();
|
919 |
-
switch ($this->packet_type) {
|
920 |
-
case NET_SFTP_HANDLE:
|
921 |
-
$handle = substr($response, 4);
|
922 |
-
break;
|
923 |
-
case NET_SFTP_STATUS:
|
924 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
925 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
926 |
-
return false;
|
927 |
-
default:
|
928 |
-
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
929 |
-
return false;
|
930 |
-
}
|
931 |
-
|
932 |
-
$initialize = true;
|
933 |
-
|
934 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3
|
935 |
-
if ($mode == NET_SFTP_LOCAL_FILE) {
|
936 |
-
if (!is_file($data)) {
|
937 |
-
user_error("$data is not a valid file", E_USER_NOTICE);
|
938 |
-
return false;
|
939 |
-
}
|
940 |
-
$fp = fopen($data, 'rb');
|
941 |
-
if (!$fp) {
|
942 |
-
return false;
|
943 |
-
}
|
944 |
-
$sent = 0;
|
945 |
-
$size = filesize($data);
|
946 |
-
} else {
|
947 |
-
$sent = 0;
|
948 |
-
$size = strlen($data);
|
949 |
-
}
|
950 |
-
|
951 |
-
$size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
|
952 |
-
|
953 |
-
$sftp_packet_size = 34000; // PuTTY uses 4096
|
954 |
-
$i = 0;
|
955 |
-
while ($sent < $size) {
|
956 |
-
$temp = $mode == NET_SFTP_LOCAL_FILE ? fread($fp, $sftp_packet_size) : $this->_string_shift($data, $sftp_packet_size);
|
957 |
-
$packet = pack('Na*N3a*', strlen($handle), $handle, 0, $sent, strlen($temp), $temp);
|
958 |
-
if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) {
|
959 |
-
fclose($fp);
|
960 |
-
return false;
|
961 |
-
}
|
962 |
-
$sent+= strlen($temp);
|
963 |
-
|
964 |
-
$i++;
|
965 |
-
|
966 |
-
if ($i == 50) {
|
967 |
-
if (!$this->_read_put_responses($i)) {
|
968 |
-
$i = 0;
|
969 |
-
break;
|
970 |
-
}
|
971 |
-
$i = 0;
|
972 |
-
}
|
973 |
-
}
|
974 |
-
|
975 |
-
$this->_read_put_responses($i);
|
976 |
-
|
977 |
-
if ($mode == NET_SFTP_LOCAL_FILE) {
|
978 |
-
fclose($fp);
|
979 |
-
}
|
980 |
-
|
981 |
-
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
982 |
-
return false;
|
983 |
-
}
|
984 |
-
|
985 |
-
$response = $this->_get_sftp_packet();
|
986 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
987 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
988 |
-
return false;
|
989 |
-
}
|
990 |
-
|
991 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
992 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
993 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
994 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
995 |
-
return false;
|
996 |
-
}
|
997 |
-
|
998 |
-
return true;
|
999 |
-
}
|
1000 |
-
|
1001 |
-
/**
|
1002 |
-
* Reads multiple successive SSH_FXP_WRITE responses
|
1003 |
-
*
|
1004 |
-
* Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i
|
1005 |
-
* SSH_FXP_WRITEs, in succession, and then reading $i responses.
|
1006 |
-
*
|
1007 |
-
* @param Integer $i
|
1008 |
-
* @return Boolean
|
1009 |
-
* @access private
|
1010 |
-
*/
|
1011 |
-
function _read_put_responses($i)
|
1012 |
-
{
|
1013 |
-
while ($i--) {
|
1014 |
-
$response = $this->_get_sftp_packet();
|
1015 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
1016 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1017 |
-
return false;
|
1018 |
-
}
|
1019 |
-
|
1020 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1021 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
1022 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1023 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1024 |
-
break;
|
1025 |
-
}
|
1026 |
-
}
|
1027 |
-
|
1028 |
-
return $i < 0;
|
1029 |
-
}
|
1030 |
-
|
1031 |
-
/**
|
1032 |
-
* Downloads a file from the SFTP server.
|
1033 |
-
*
|
1034 |
-
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
|
1035 |
-
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
|
1036 |
-
* operation
|
1037 |
-
*
|
1038 |
-
* @param String $remote_file
|
1039 |
-
* @param optional String $local_file
|
1040 |
-
* @return Mixed
|
1041 |
-
* @access public
|
1042 |
-
*/
|
1043 |
-
function get($remote_file, $local_file = false)
|
1044 |
-
{
|
1045 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1046 |
-
return false;
|
1047 |
-
}
|
1048 |
-
|
1049 |
-
$remote_file = $this->_realpath($remote_file);
|
1050 |
-
if ($remote_file === false) {
|
1051 |
-
return false;
|
1052 |
-
}
|
1053 |
-
|
1054 |
-
$packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0);
|
1055 |
-
if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
|
1056 |
-
return false;
|
1057 |
-
}
|
1058 |
-
|
1059 |
-
$response = $this->_get_sftp_packet();
|
1060 |
-
switch ($this->packet_type) {
|
1061 |
-
case NET_SFTP_HANDLE:
|
1062 |
-
$handle = substr($response, 4);
|
1063 |
-
break;
|
1064 |
-
case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
1065 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
1066 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1067 |
-
return false;
|
1068 |
-
default:
|
1069 |
-
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
1070 |
-
return false;
|
1071 |
-
}
|
1072 |
-
|
1073 |
-
$packet = pack('Na*', strlen($handle), $handle);
|
1074 |
-
if (!$this->_send_sftp_packet(NET_SFTP_FSTAT, $packet)) {
|
1075 |
-
return false;
|
1076 |
-
}
|
1077 |
-
|
1078 |
-
$response = $this->_get_sftp_packet();
|
1079 |
-
switch ($this->packet_type) {
|
1080 |
-
case NET_SFTP_ATTRS:
|
1081 |
-
$attrs = $this->_parseAttributes($response);
|
1082 |
-
break;
|
1083 |
-
case NET_SFTP_STATUS:
|
1084 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
1085 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1086 |
-
return false;
|
1087 |
-
default:
|
1088 |
-
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS', E_USER_NOTICE);
|
1089 |
-
return false;
|
1090 |
-
}
|
1091 |
-
|
1092 |
-
if ($local_file !== false) {
|
1093 |
-
$fp = fopen($local_file, 'wb');
|
1094 |
-
if (!$fp) {
|
1095 |
-
return false;
|
1096 |
-
}
|
1097 |
-
} else {
|
1098 |
-
$content = '';
|
1099 |
-
}
|
1100 |
-
|
1101 |
-
$read = 0;
|
1102 |
-
while ($read < $attrs['size']) {
|
1103 |
-
$packet = pack('Na*N3', strlen($handle), $handle, 0, $read, 1 << 20);
|
1104 |
-
if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) {
|
1105 |
-
return false;
|
1106 |
-
}
|
1107 |
-
|
1108 |
-
$response = $this->_get_sftp_packet();
|
1109 |
-
switch ($this->packet_type) {
|
1110 |
-
case NET_SFTP_DATA:
|
1111 |
-
$temp = substr($response, 4);
|
1112 |
-
$read+= strlen($temp);
|
1113 |
-
if ($local_file === false) {
|
1114 |
-
$content.= $temp;
|
1115 |
-
} else {
|
1116 |
-
fputs($fp, $temp);
|
1117 |
-
}
|
1118 |
-
break;
|
1119 |
-
case NET_SFTP_STATUS:
|
1120 |
-
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
1121 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1122 |
-
break 2;
|
1123 |
-
default:
|
1124 |
-
user_error('Expected SSH_FXP_DATA or SSH_FXP_STATUS', E_USER_NOTICE);
|
1125 |
-
return false;
|
1126 |
-
}
|
1127 |
-
}
|
1128 |
-
|
1129 |
-
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
1130 |
-
return false;
|
1131 |
-
}
|
1132 |
-
|
1133 |
-
$response = $this->_get_sftp_packet();
|
1134 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
1135 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1136 |
-
return false;
|
1137 |
-
}
|
1138 |
-
|
1139 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1140 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
1141 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1142 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1143 |
-
return false;
|
1144 |
-
}
|
1145 |
-
|
1146 |
-
if (isset($content)) {
|
1147 |
-
return $content;
|
1148 |
-
}
|
1149 |
-
|
1150 |
-
fclose($fp);
|
1151 |
-
return true;
|
1152 |
-
}
|
1153 |
-
|
1154 |
-
/**
|
1155 |
-
* Deletes a file on the SFTP server.
|
1156 |
-
*
|
1157 |
-
* @param String $path
|
1158 |
-
* @return Boolean
|
1159 |
-
* @access public
|
1160 |
-
*/
|
1161 |
-
function delete($path)
|
1162 |
-
{
|
1163 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1164 |
-
return false;
|
1165 |
-
}
|
1166 |
-
|
1167 |
-
$remote_file = $this->_realpath($path);
|
1168 |
-
if ($path === false) {
|
1169 |
-
return false;
|
1170 |
-
}
|
1171 |
-
|
1172 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
|
1173 |
-
if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path))) {
|
1174 |
-
return false;
|
1175 |
-
}
|
1176 |
-
|
1177 |
-
$response = $this->_get_sftp_packet();
|
1178 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
1179 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1180 |
-
return false;
|
1181 |
-
}
|
1182 |
-
|
1183 |
-
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
1184 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1185 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
1186 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1187 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1188 |
-
return false;
|
1189 |
-
}
|
1190 |
-
|
1191 |
-
return true;
|
1192 |
-
}
|
1193 |
-
|
1194 |
-
/**
|
1195 |
-
* Renames a file or a directory on the SFTP server
|
1196 |
-
*
|
1197 |
-
* @param String $oldname
|
1198 |
-
* @param String $newname
|
1199 |
-
* @return Boolean
|
1200 |
-
* @access public
|
1201 |
-
*/
|
1202 |
-
function rename($oldname, $newname)
|
1203 |
-
{
|
1204 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1205 |
-
return false;
|
1206 |
-
}
|
1207 |
-
|
1208 |
-
$oldname = $this->_realpath($oldname);
|
1209 |
-
$newname = $this->_realpath($newname);
|
1210 |
-
if ($oldname === false || $newname === false) {
|
1211 |
-
return false;
|
1212 |
-
}
|
1213 |
-
|
1214 |
-
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
|
1215 |
-
$packet = pack('Na*Na*', strlen($oldname), $oldname, strlen($newname), $newname);
|
1216 |
-
if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) {
|
1217 |
-
return false;
|
1218 |
-
}
|
1219 |
-
|
1220 |
-
$response = $this->_get_sftp_packet();
|
1221 |
-
if ($this->packet_type != NET_SFTP_STATUS) {
|
1222 |
-
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1223 |
-
return false;
|
1224 |
-
}
|
1225 |
-
|
1226 |
-
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
1227 |
-
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1228 |
-
if ($status != NET_SFTP_STATUS_OK) {
|
1229 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1230 |
-
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1231 |
-
return false;
|
1232 |
-
}
|
1233 |
-
|
1234 |
-
return true;
|
1235 |
-
}
|
1236 |
-
|
1237 |
-
/**
|
1238 |
-
* Parse Attributes
|
1239 |
-
*
|
1240 |
-
* See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info.
|
1241 |
-
*
|
1242 |
-
* @param String $response
|
1243 |
-
* @return Array
|
1244 |
-
* @access private
|
1245 |
-
*/
|
1246 |
-
function _parseAttributes(&$response)
|
1247 |
-
{
|
1248 |
-
$attr = array();
|
1249 |
-
extract(unpack('Nflags', $this->_string_shift($response, 4)));
|
1250 |
-
// SFTPv4+ have a type field (a byte) that follows the above flag field
|
1251 |
-
foreach ($this->attributes as $key => $value) {
|
1252 |
-
switch ($flags & $key) {
|
1253 |
-
case NET_SFTP_ATTR_SIZE: // 0x00000001
|
1254 |
-
// size is represented by a 64-bit integer, so we perhaps ought to be doing the following:
|
1255 |
-
// $attr['size'] = new Math_BigInteger($this->_string_shift($response, 8), 256);
|
1256 |
-
// of course, you shouldn't be using Net_SFTP to transfer files that are in excess of 4GB
|
1257 |
-
// (0xFFFFFFFF bytes), anyway. as such, we'll just represent all file sizes that are bigger than
|
1258 |
-
// 4GB as being 4GB.
|
1259 |
-
extract(unpack('Nupper/Nsize', $this->_string_shift($response, 8)));
|
1260 |
-
if ($upper) {
|
1261 |
-
$attr['size'] = 0xFFFFFFFF;
|
1262 |
-
} else {
|
1263 |
-
$attr['size'] = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
|
1264 |
-
}
|
1265 |
-
break;
|
1266 |
-
case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
|
1267 |
-
$attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));
|
1268 |
-
break;
|
1269 |
-
case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
|
1270 |
-
$attr+= unpack('Npermissions', $this->_string_shift($response, 4));
|
1271 |
-
break;
|
1272 |
-
case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
|
1273 |
-
$attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8));
|
1274 |
-
break;
|
1275 |
-
case NET_SFTP_ATTR_EXTENDED: // 0x80000000
|
1276 |
-
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
1277 |
-
for ($i = 0; $i < $count; $i++) {
|
1278 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1279 |
-
$key = $this->_string_shift($response, $length);
|
1280 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1281 |
-
$attr[$key] = $this->_string_shift($response, $length);
|
1282 |
-
}
|
1283 |
-
}
|
1284 |
-
}
|
1285 |
-
return $attr;
|
1286 |
-
}
|
1287 |
-
|
1288 |
-
/**
|
1289 |
-
* Sends SFTP Packets
|
1290 |
-
*
|
1291 |
-
* See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info.
|
1292 |
-
*
|
1293 |
-
* @param Integer $type
|
1294 |
-
* @param String $data
|
1295 |
-
* @see Net_SFTP::_get_sftp_packet()
|
1296 |
-
* @see Net_SSH2::_send_channel_packet()
|
1297 |
-
* @return Boolean
|
1298 |
-
* @access private
|
1299 |
-
*/
|
1300 |
-
function _send_sftp_packet($type, $data)
|
1301 |
-
{
|
1302 |
-
$packet = $this->request_id !== false ?
|
1303 |
-
pack('NCNa*', strlen($data) + 5, $type, $this->request_id, $data) :
|
1304 |
-
pack('NCa*', strlen($data) + 1, $type, $data);
|
1305 |
-
|
1306 |
-
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
1307 |
-
$result = $this->_send_channel_packet(NET_SFTP_CHANNEL, $packet);
|
1308 |
-
$stop = strtok(microtime(), ' ') + strtok('');
|
1309 |
-
|
1310 |
-
if (defined('NET_SFTP_LOGGING')) {
|
1311 |
-
$this->packet_type_log[] = '-> ' . $this->packet_types[$type] .
|
1312 |
-
' (' . round($stop - $start, 4) . 's)';
|
1313 |
-
if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) {
|
1314 |
-
$this->packet_log[] = $data;
|
1315 |
-
}
|
1316 |
-
}
|
1317 |
-
|
1318 |
-
return $result;
|
1319 |
-
}
|
1320 |
-
|
1321 |
-
/**
|
1322 |
-
* Receives SFTP Packets
|
1323 |
-
*
|
1324 |
-
* See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info.
|
1325 |
-
*
|
1326 |
-
* Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present.
|
1327 |
-
* There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA
|
1328 |
-
* messages containing one SFTP packet.
|
1329 |
-
*
|
1330 |
-
* @see Net_SFTP::_send_sftp_packet()
|
1331 |
-
* @return String
|
1332 |
-
* @access private
|
1333 |
-
*/
|
1334 |
-
function _get_sftp_packet()
|
1335 |
-
{
|
1336 |
-
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
1337 |
-
|
1338 |
-
// SFTP packet length
|
1339 |
-
while (strlen($this->packet_buffer) < 4) {
|
1340 |
-
$temp = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
1341 |
-
if (is_bool($temp)) {
|
1342 |
-
$this->packet_type = false;
|
1343 |
-
$this->packet_buffer = '';
|
1344 |
-
return false;
|
1345 |
-
}
|
1346 |
-
$this->packet_buffer.= $temp;
|
1347 |
-
}
|
1348 |
-
extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4)));
|
1349 |
-
$tempLength = $length;
|
1350 |
-
$tempLength-= strlen($this->packet_buffer);
|
1351 |
-
|
1352 |
-
// SFTP packet type and data payload
|
1353 |
-
while ($tempLength > 0) {
|
1354 |
-
$temp = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
1355 |
-
if (is_bool($temp)) {
|
1356 |
-
$this->packet_type = false;
|
1357 |
-
$this->packet_buffer = '';
|
1358 |
-
return false;
|
1359 |
-
}
|
1360 |
-
$this->packet_buffer.= $temp;
|
1361 |
-
$tempLength-= strlen($temp);
|
1362 |
-
}
|
1363 |
-
|
1364 |
-
$stop = strtok(microtime(), ' ') + strtok('');
|
1365 |
-
|
1366 |
-
$this->packet_type = ord($this->_string_shift($this->packet_buffer));
|
1367 |
-
|
1368 |
-
if ($this->request_id !== false) {
|
1369 |
-
$this->_string_shift($this->packet_buffer, 4); // remove the request id
|
1370 |
-
$length-= 5; // account for the request id and the packet type
|
1371 |
-
} else {
|
1372 |
-
$length-= 1; // account for the packet type
|
1373 |
-
}
|
1374 |
-
|
1375 |
-
$packet = $this->_string_shift($this->packet_buffer, $length);
|
1376 |
-
|
1377 |
-
if (defined('NET_SFTP_LOGGING')) {
|
1378 |
-
$this->packet_type_log[] = '<- ' . $this->packet_types[$this->packet_type] .
|
1379 |
-
' (' . round($stop - $start, 4) . 's)';
|
1380 |
-
if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) {
|
1381 |
-
$this->packet_log[] = $packet;
|
1382 |
-
}
|
1383 |
-
}
|
1384 |
-
|
1385 |
-
return $packet;
|
1386 |
-
}
|
1387 |
-
|
1388 |
-
/**
|
1389 |
-
* Returns a log of the packets that have been sent and received.
|
1390 |
-
*
|
1391 |
-
* Returns a string if NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX, an array if NET_SFTP_LOGGING == NET_SFTP_LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING')
|
1392 |
-
*
|
1393 |
-
* @access public
|
1394 |
-
* @return String or Array
|
1395 |
-
*/
|
1396 |
-
function getSFTPLog()
|
1397 |
-
{
|
1398 |
-
if (!defined('NET_SFTP_LOGGING')) {
|
1399 |
-
return false;
|
1400 |
-
}
|
1401 |
-
|
1402 |
-
switch (NET_SFTP_LOGGING) {
|
1403 |
-
case NET_SFTP_LOG_COMPLEX:
|
1404 |
-
return $this->_format_log($this->packet_log, $this->packet_type_log);
|
1405 |
-
break;
|
1406 |
-
//case NET_SFTP_LOG_SIMPLE:
|
1407 |
-
default:
|
1408 |
-
return $this->packet_type_log;
|
1409 |
-
}
|
1410 |
-
}
|
1411 |
-
|
1412 |
-
/**
|
1413 |
-
* Returns all errors
|
1414 |
-
*
|
1415 |
-
* @return String
|
1416 |
-
* @access public
|
1417 |
-
*/
|
1418 |
-
function getSFTPErrors()
|
1419 |
-
{
|
1420 |
-
return $this->sftp_errors;
|
1421 |
-
}
|
1422 |
-
|
1423 |
-
/**
|
1424 |
-
* Returns the last error
|
1425 |
-
*
|
1426 |
-
* @return String
|
1427 |
-
* @access public
|
1428 |
-
*/
|
1429 |
-
function getLastSFTPError()
|
1430 |
-
{
|
1431 |
-
return $this->sftp_errors[count($this->sftp_errors) - 1];
|
1432 |
-
}
|
1433 |
-
|
1434 |
-
/**
|
1435 |
-
* Get supported SFTP versions
|
1436 |
-
*
|
1437 |
-
* @return Array
|
1438 |
-
* @access public
|
1439 |
-
*/
|
1440 |
-
function getSupportedVersions()
|
1441 |
-
{
|
1442 |
-
$temp = array('version' => $this->version);
|
1443 |
-
if (isset($this->extensions['versions'])) {
|
1444 |
-
$temp['extensions'] = $this->extensions['versions'];
|
1445 |
-
}
|
1446 |
-
return $temp;
|
1447 |
-
}
|
1448 |
-
|
1449 |
-
/**
|
1450 |
-
* Disconnect
|
1451 |
-
*
|
1452 |
-
* @param Integer $reason
|
1453 |
-
* @return Boolean
|
1454 |
-
* @access private
|
1455 |
-
*/
|
1456 |
-
function _disconnect($reason)
|
1457 |
-
{
|
1458 |
-
$this->pwd = false;
|
1459 |
-
parent::_disconnect($reason);
|
1460 |
-
}
|
1461 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of SFTP.
|
6 |
+
*
|
7 |
+
* PHP versions 4 and 5
|
8 |
+
*
|
9 |
+
* Currently only supports SFTPv3, which, according to wikipedia.org, "is the most widely used version,
|
10 |
+
* implemented by the popular OpenSSH SFTP server". If you want SFTPv4/5/6 support, provide me with access
|
11 |
+
* to an SFTPv4/5/6 server.
|
12 |
+
*
|
13 |
+
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
|
14 |
+
*
|
15 |
+
* Here's a short example of how to use this library:
|
16 |
+
* <code>
|
17 |
+
* <?php
|
18 |
+
* include('Net/SFTP.php');
|
19 |
+
*
|
20 |
+
* $sftp = new Net_SFTP('www.domain.tld');
|
21 |
+
* if (!$sftp->login('username', 'password')) {
|
22 |
+
* exit('Login Failed');
|
23 |
+
* }
|
24 |
+
*
|
25 |
+
* echo $sftp->pwd() . "\r\n";
|
26 |
+
* $sftp->put('filename.ext', 'hello, world!');
|
27 |
+
* print_r($sftp->nlist());
|
28 |
+
* ?>
|
29 |
+
* </code>
|
30 |
+
*
|
31 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
32 |
+
* modify it under the terms of the GNU Lesser General Public
|
33 |
+
* License as published by the Free Software Foundation; either
|
34 |
+
* version 2.1 of the License, or (at your option) any later version.
|
35 |
+
*
|
36 |
+
* This library is distributed in the hope that it will be useful,
|
37 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
38 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
39 |
+
* Lesser General Public License for more details.
|
40 |
+
*
|
41 |
+
* You should have received a copy of the GNU Lesser General Public
|
42 |
+
* License along with this library; if not, write to the Free Software
|
43 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
44 |
+
* MA 02111-1307 USA
|
45 |
+
*
|
46 |
+
* @category Net
|
47 |
+
* @package Net_SFTP
|
48 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
49 |
+
* @copyright MMIX Jim Wigginton
|
50 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
51 |
+
* @version $Id: SFTP.php,v 1.21 2010/04/09 02:31:34 terrafrost Exp $
|
52 |
+
* @link http://phpseclib.sourceforge.net
|
53 |
+
*/
|
54 |
+
|
55 |
+
/**
|
56 |
+
* Include Net_SSH2
|
57 |
+
*/
|
58 |
+
require_once('phpseclib/Net/SSH2.php');
|
59 |
+
|
60 |
+
/**#@+
|
61 |
+
* @access public
|
62 |
+
* @see Net_SFTP::getLog()
|
63 |
+
*/
|
64 |
+
/**
|
65 |
+
* Returns the message numbers
|
66 |
+
*/
|
67 |
+
define('NET_SFTP_LOG_SIMPLE', NET_SSH2_LOG_SIMPLE);
|
68 |
+
/**
|
69 |
+
* Returns the message content
|
70 |
+
*/
|
71 |
+
define('NET_SFTP_LOG_COMPLEX', NET_SSH2_LOG_COMPLEX);
|
72 |
+
/**#@-*/
|
73 |
+
|
74 |
+
/**
|
75 |
+
* SFTP channel constant
|
76 |
+
*
|
77 |
+
* Net_SSH2::exec() uses 0 and Net_SSH2::interactiveRead() / Net_SSH2::interactiveWrite() use 1.
|
78 |
+
*
|
79 |
+
* @see Net_SSH2::_send_channel_packet()
|
80 |
+
* @see Net_SSH2::_get_channel_packet()
|
81 |
+
* @access private
|
82 |
+
*/
|
83 |
+
define('NET_SFTP_CHANNEL', 2);
|
84 |
+
|
85 |
+
/**#@+
|
86 |
+
* @access public
|
87 |
+
* @see Net_SFTP::put()
|
88 |
+
*/
|
89 |
+
/**
|
90 |
+
* Reads data from a local file.
|
91 |
+
*/
|
92 |
+
define('NET_SFTP_LOCAL_FILE', 1);
|
93 |
+
/**
|
94 |
+
* Reads data from a string.
|
95 |
+
*/
|
96 |
+
define('NET_SFTP_STRING', 2);
|
97 |
+
/**#@-*/
|
98 |
+
|
99 |
+
/**
|
100 |
+
* Pure-PHP implementations of SFTP.
|
101 |
+
*
|
102 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
103 |
+
* @version 0.1.0
|
104 |
+
* @access public
|
105 |
+
* @package Net_SFTP
|
106 |
+
*/
|
107 |
+
class Net_SFTP extends Net_SSH2 {
|
108 |
+
/**
|
109 |
+
* Packet Types
|
110 |
+
*
|
111 |
+
* @see Net_SFTP::Net_SFTP()
|
112 |
+
* @var Array
|
113 |
+
* @access private
|
114 |
+
*/
|
115 |
+
var $packet_types = array();
|
116 |
+
|
117 |
+
/**
|
118 |
+
* Status Codes
|
119 |
+
*
|
120 |
+
* @see Net_SFTP::Net_SFTP()
|
121 |
+
* @var Array
|
122 |
+
* @access private
|
123 |
+
*/
|
124 |
+
var $status_codes = array();
|
125 |
+
|
126 |
+
/**
|
127 |
+
* The Request ID
|
128 |
+
*
|
129 |
+
* The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support
|
130 |
+
* concurrent actions, so it's somewhat academic, here.
|
131 |
+
*
|
132 |
+
* @var Integer
|
133 |
+
* @see Net_SFTP::_send_sftp_packet()
|
134 |
+
* @access private
|
135 |
+
*/
|
136 |
+
var $request_id = false;
|
137 |
+
|
138 |
+
/**
|
139 |
+
* The Packet Type
|
140 |
+
*
|
141 |
+
* The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support
|
142 |
+
* concurrent actions, so it's somewhat academic, here.
|
143 |
+
*
|
144 |
+
* @var Integer
|
145 |
+
* @see Net_SFTP::_get_sftp_packet()
|
146 |
+
* @access private
|
147 |
+
*/
|
148 |
+
var $packet_type = -1;
|
149 |
+
|
150 |
+
/**
|
151 |
+
* Packet Buffer
|
152 |
+
*
|
153 |
+
* @var String
|
154 |
+
* @see Net_SFTP::_get_sftp_packet()
|
155 |
+
* @access private
|
156 |
+
*/
|
157 |
+
var $packet_buffer = '';
|
158 |
+
|
159 |
+
/**
|
160 |
+
* Extensions supported by the server
|
161 |
+
*
|
162 |
+
* @var Array
|
163 |
+
* @see Net_SFTP::_initChannel()
|
164 |
+
* @access private
|
165 |
+
*/
|
166 |
+
var $extensions = array();
|
167 |
+
|
168 |
+
/**
|
169 |
+
* Server SFTP version
|
170 |
+
*
|
171 |
+
* @var Integer
|
172 |
+
* @see Net_SFTP::_initChannel()
|
173 |
+
* @access private
|
174 |
+
*/
|
175 |
+
var $version;
|
176 |
+
|
177 |
+
/**
|
178 |
+
* Current working directory
|
179 |
+
*
|
180 |
+
* @var String
|
181 |
+
* @see Net_SFTP::_realpath()
|
182 |
+
* @see Net_SFTP::chdir()
|
183 |
+
* @access private
|
184 |
+
*/
|
185 |
+
var $pwd = false;
|
186 |
+
|
187 |
+
/**
|
188 |
+
* Packet Type Log
|
189 |
+
*
|
190 |
+
* @see Net_SFTP::getLog()
|
191 |
+
* @var Array
|
192 |
+
* @access private
|
193 |
+
*/
|
194 |
+
var $packet_type_log = array();
|
195 |
+
|
196 |
+
/**
|
197 |
+
* Packet Log
|
198 |
+
*
|
199 |
+
* @see Net_SFTP::getLog()
|
200 |
+
* @var Array
|
201 |
+
* @access private
|
202 |
+
*/
|
203 |
+
var $packet_log = array();
|
204 |
+
|
205 |
+
/**
|
206 |
+
* Error information
|
207 |
+
*
|
208 |
+
* @see Net_SFTP::getSFTPErrors()
|
209 |
+
* @see Net_SFTP::getLastSFTPError()
|
210 |
+
* @var String
|
211 |
+
* @access private
|
212 |
+
*/
|
213 |
+
var $errors = array();
|
214 |
+
|
215 |
+
/**
|
216 |
+
* Default Constructor.
|
217 |
+
*
|
218 |
+
* Connects to an SFTP server
|
219 |
+
*
|
220 |
+
* @param String $host
|
221 |
+
* @param optional Integer $port
|
222 |
+
* @param optional Integer $timeout
|
223 |
+
* @return Net_SFTP
|
224 |
+
* @access public
|
225 |
+
*/
|
226 |
+
function Net_SFTP($host, $port = 22, $timeout = 10)
|
227 |
+
{
|
228 |
+
parent::Net_SSH2($host, $port, $timeout);
|
229 |
+
$this->packet_types = array(
|
230 |
+
1 => 'NET_SFTP_INIT',
|
231 |
+
2 => 'NET_SFTP_VERSION',
|
232 |
+
/* the format of SSH_FXP_OPEN changed between SFTPv4 and SFTPv5+:
|
233 |
+
SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.1
|
234 |
+
pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 */
|
235 |
+
3 => 'NET_SFTP_OPEN',
|
236 |
+
4 => 'NET_SFTP_CLOSE',
|
237 |
+
5 => 'NET_SFTP_READ',
|
238 |
+
6 => 'NET_SFTP_WRITE',
|
239 |
+
8 => 'NET_SFTP_FSTAT',
|
240 |
+
9 => 'NET_SFTP_SETSTAT',
|
241 |
+
11 => 'NET_SFTP_OPENDIR',
|
242 |
+
12 => 'NET_SFTP_READDIR',
|
243 |
+
13 => 'NET_SFTP_REMOVE',
|
244 |
+
14 => 'NET_SFTP_MKDIR',
|
245 |
+
15 => 'NET_SFTP_RMDIR',
|
246 |
+
16 => 'NET_SFTP_REALPATH',
|
247 |
+
17 => 'NET_SFTP_STAT',
|
248 |
+
/* the format of SSH_FXP_RENAME changed between SFTPv4 and SFTPv5+:
|
249 |
+
SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
|
250 |
+
pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 */
|
251 |
+
18 => 'NET_SFTP_RENAME',
|
252 |
+
|
253 |
+
101=> 'NET_SFTP_STATUS',
|
254 |
+
102=> 'NET_SFTP_HANDLE',
|
255 |
+
/* the format of SSH_FXP_NAME changed between SFTPv3 and SFTPv4+:
|
256 |
+
SFTPv4+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.4
|
257 |
+
pre-SFTPv4 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 */
|
258 |
+
103=> 'NET_SFTP_DATA',
|
259 |
+
104=> 'NET_SFTP_NAME',
|
260 |
+
105=> 'NET_SFTP_ATTRS',
|
261 |
+
|
262 |
+
200=> 'NET_SFTP_EXTENDED'
|
263 |
+
);
|
264 |
+
$this->status_codes = array(
|
265 |
+
0 => 'NET_SFTP_STATUS_OK',
|
266 |
+
1 => 'NET_SFTP_STATUS_EOF',
|
267 |
+
2 => 'NET_SFTP_STATUS_NO_SUCH_FILE',
|
268 |
+
3 => 'NET_SFTP_STATUS_PERMISSION_DENIED',
|
269 |
+
4 => 'NET_SFTP_STATUS_FAILURE',
|
270 |
+
5 => 'NET_SFTP_STATUS_BAD_MESSAGE',
|
271 |
+
6 => 'NET_SFTP_STATUS_NO_CONNECTION',
|
272 |
+
7 => 'NET_SFTP_STATUS_CONNECTION_LOST',
|
273 |
+
8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED'
|
274 |
+
);
|
275 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1
|
276 |
+
// the order, in this case, matters quite a lot - see Net_SFTP::_parseAttributes() to understand why
|
277 |
+
$this->attributes = array(
|
278 |
+
0x00000001 => 'NET_SFTP_ATTR_SIZE',
|
279 |
+
0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+
|
280 |
+
0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS',
|
281 |
+
0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME',
|
282 |
+
-1 => 'NET_SFTP_ATTR_EXTENDED' // unpack('N', "\xFF\xFF\xFF\xFF") == array(1 => int(-1))
|
283 |
+
);
|
284 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3
|
285 |
+
// the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name
|
286 |
+
// the array for that $this->open5_flags and similarily alter the constant names.
|
287 |
+
$this->open_flags = array(
|
288 |
+
0x00000001 => 'NET_SFTP_OPEN_READ',
|
289 |
+
0x00000002 => 'NET_SFTP_OPEN_WRITE',
|
290 |
+
0x00000008 => 'NET_SFTP_OPEN_CREATE',
|
291 |
+
0x00000010 => 'NET_SFTP_OPEN_TRUNCATE'
|
292 |
+
);
|
293 |
+
$this->_define_array(
|
294 |
+
$this->packet_types,
|
295 |
+
$this->status_codes,
|
296 |
+
$this->attributes,
|
297 |
+
$this->open_flags
|
298 |
+
);
|
299 |
+
}
|
300 |
+
|
301 |
+
/**
|
302 |
+
* Login
|
303 |
+
*
|
304 |
+
* @param String $username
|
305 |
+
* @param optional String $password
|
306 |
+
* @return Boolean
|
307 |
+
* @access public
|
308 |
+
*/
|
309 |
+
function login($username, $password = '')
|
310 |
+
{
|
311 |
+
if (!parent::login($username, $password)) {
|
312 |
+
return false;
|
313 |
+
}
|
314 |
+
|
315 |
+
$this->window_size_client_to_server[NET_SFTP_CHANNEL] = $this->window_size;
|
316 |
+
|
317 |
+
$packet = pack('CNa*N3',
|
318 |
+
NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SFTP_CHANNEL, $this->window_size, 0x4000);
|
319 |
+
|
320 |
+
if (!$this->_send_binary_packet($packet)) {
|
321 |
+
return false;
|
322 |
+
}
|
323 |
+
|
324 |
+
$this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_OPEN;
|
325 |
+
|
326 |
+
$response = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
327 |
+
if ($response === false) {
|
328 |
+
return false;
|
329 |
+
}
|
330 |
+
|
331 |
+
$packet = pack('CNNa*CNa*',
|
332 |
+
NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SFTP_CHANNEL], strlen('subsystem'), 'subsystem', 1, strlen('sftp'), 'sftp');
|
333 |
+
if (!$this->_send_binary_packet($packet)) {
|
334 |
+
return false;
|
335 |
+
}
|
336 |
+
|
337 |
+
$this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST;
|
338 |
+
|
339 |
+
$response = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
340 |
+
if ($response === false) {
|
341 |
+
return false;
|
342 |
+
}
|
343 |
+
|
344 |
+
$this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA;
|
345 |
+
|
346 |
+
if (!$this->_send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) {
|
347 |
+
return false;
|
348 |
+
}
|
349 |
+
|
350 |
+
$response = $this->_get_sftp_packet();
|
351 |
+
if ($this->packet_type != NET_SFTP_VERSION) {
|
352 |
+
user_error('Expected SSH_FXP_VERSION', E_USER_NOTICE);
|
353 |
+
return false;
|
354 |
+
}
|
355 |
+
|
356 |
+
extract(unpack('Nversion', $this->_string_shift($response, 4)));
|
357 |
+
$this->version = $version;
|
358 |
+
while (!empty($response)) {
|
359 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
360 |
+
$key = $this->_string_shift($response, $length);
|
361 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
362 |
+
$value = $this->_string_shift($response, $length);
|
363 |
+
$this->extensions[$key] = $value;
|
364 |
+
}
|
365 |
+
|
366 |
+
/*
|
367 |
+
SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com',
|
368 |
+
however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's
|
369 |
+
not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for
|
370 |
+
one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that
|
371 |
+
'newline@vandyke.com' would.
|
372 |
+
*/
|
373 |
+
/*
|
374 |
+
if (isset($this->extensions['newline@vandyke.com'])) {
|
375 |
+
$this->extensions['newline'] = $this->extensions['newline@vandyke.com'];
|
376 |
+
unset($this->extensions['newline@vandyke.com']);
|
377 |
+
}
|
378 |
+
*/
|
379 |
+
|
380 |
+
$this->request_id = 1;
|
381 |
+
|
382 |
+
/*
|
383 |
+
A Note on SFTPv4/5/6 support:
|
384 |
+
<http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.1> states the following:
|
385 |
+
|
386 |
+
"If the client wishes to interoperate with servers that support noncontiguous version
|
387 |
+
numbers it SHOULD send '3'"
|
388 |
+
|
389 |
+
Given that the server only sends its version number after the client has already done so, the above
|
390 |
+
seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the
|
391 |
+
most popular.
|
392 |
+
|
393 |
+
<http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.5> states the following;
|
394 |
+
|
395 |
+
"If the server did not send the "versions" extension, or the version-from-list was not included, the
|
396 |
+
server MAY send a status response describing the failure, but MUST then close the channel without
|
397 |
+
processing any further requests."
|
398 |
+
|
399 |
+
So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and
|
400 |
+
a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements
|
401 |
+
v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed
|
402 |
+
in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what Net_SFTP would do is close the
|
403 |
+
channel and reopen it with a new and updated SSH_FXP_INIT packet.
|
404 |
+
*/
|
405 |
+
if ($this->version != 3) {
|
406 |
+
return false;
|
407 |
+
}
|
408 |
+
|
409 |
+
$this->pwd = $this->_realpath('.');
|
410 |
+
|
411 |
+
return true;
|
412 |
+
}
|
413 |
+
|
414 |
+
/**
|
415 |
+
* Returns the current directory name
|
416 |
+
*
|
417 |
+
* @return Mixed
|
418 |
+
* @access public
|
419 |
+
*/
|
420 |
+
function pwd()
|
421 |
+
{
|
422 |
+
return $this->pwd;
|
423 |
+
}
|
424 |
+
|
425 |
+
/**
|
426 |
+
* Canonicalize the Server-Side Path Name
|
427 |
+
*
|
428 |
+
* SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns
|
429 |
+
* the absolute (canonicalized) path. If $mode is set to NET_SFTP_CONFIRM_DIR (as opposed to NET_SFTP_CONFIRM_NONE,
|
430 |
+
* which is what it is set to by default), false is returned if $dir is not a valid directory.
|
431 |
+
*
|
432 |
+
* @see Net_SFTP::chdir()
|
433 |
+
* @param String $dir
|
434 |
+
* @param optional Integer $mode
|
435 |
+
* @return Mixed
|
436 |
+
* @access private
|
437 |
+
*/
|
438 |
+
function _realpath($dir)
|
439 |
+
{
|
440 |
+
/*
|
441 |
+
"This protocol represents file names as strings. File names are
|
442 |
+
assumed to use the slash ('/') character as a directory separator.
|
443 |
+
|
444 |
+
File names starting with a slash are "absolute", and are relative to
|
445 |
+
the root of the file system. Names starting with any other character
|
446 |
+
are relative to the user's default directory (home directory). Note
|
447 |
+
that identifying the user is assumed to take place outside of this
|
448 |
+
protocol."
|
449 |
+
|
450 |
+
-- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-6
|
451 |
+
*/
|
452 |
+
$file = '';
|
453 |
+
if ($this->pwd !== false) {
|
454 |
+
// if the SFTP server returned the canonicalized path even for non-existant files this wouldn't be necessary
|
455 |
+
// on OpenSSH it isn't necessary but on other SFTP servers it is. that and since the specs say nothing on
|
456 |
+
// the subject, we'll go ahead and work around it with the following.
|
457 |
+
if ($dir[strlen($dir) - 1] != '/') {
|
458 |
+
$file = basename($dir);
|
459 |
+
$dir = dirname($dir);
|
460 |
+
}
|
461 |
+
|
462 |
+
if ($dir == '.' || $dir == $this->pwd) {
|
463 |
+
return $this->pwd . $file;
|
464 |
+
}
|
465 |
+
|
466 |
+
if ($dir[0] != '/') {
|
467 |
+
$dir = $this->pwd . '/' . $dir;
|
468 |
+
}
|
469 |
+
// on the surface it seems like maybe resolving a path beginning with / is unnecessary, but such paths
|
470 |
+
// can contain .'s and ..'s just like any other. we could parse those out as appropriate or we can let
|
471 |
+
// the server do it. we'll do the latter.
|
472 |
+
}
|
473 |
+
|
474 |
+
/*
|
475 |
+
that SSH_FXP_REALPATH returns SSH_FXP_NAME does not necessarily mean that anything actually exists at the
|
476 |
+
specified path. generally speaking, no attributes are returned with this particular SSH_FXP_NAME packet
|
477 |
+
regardless of whether or not a file actually exists. and in SFTPv3, the longname field and the filename
|
478 |
+
field match for this particular SSH_FXP_NAME packet. for other SSH_FXP_NAME packets, this will likely
|
479 |
+
not be the case, but for this one, it is.
|
480 |
+
*/
|
481 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9
|
482 |
+
if (!$this->_send_sftp_packet(NET_SFTP_REALPATH, pack('Na*', strlen($dir), $dir))) {
|
483 |
+
return false;
|
484 |
+
}
|
485 |
+
|
486 |
+
$response = $this->_get_sftp_packet();
|
487 |
+
switch ($this->packet_type) {
|
488 |
+
case NET_SFTP_NAME:
|
489 |
+
// although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following
|
490 |
+
// should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks
|
491 |
+
// at is the first part and that part is defined the same in SFTP versions 3 through 6.
|
492 |
+
$this->_string_shift($response, 4); // skip over the count - it should be 1, anyway
|
493 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
494 |
+
$realpath = $this->_string_shift($response, $length);
|
495 |
+
break;
|
496 |
+
case NET_SFTP_STATUS:
|
497 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
498 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
499 |
+
return false;
|
500 |
+
default:
|
501 |
+
user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS', E_USER_NOTICE);
|
502 |
+
return false;
|
503 |
+
}
|
504 |
+
|
505 |
+
// if $this->pwd isn't set than the only thing $realpath could be is for '.', which is pretty much guaranteed to
|
506 |
+
// be a bonafide directory
|
507 |
+
return $realpath . '/' . $file;
|
508 |
+
}
|
509 |
+
|
510 |
+
/**
|
511 |
+
* Changes the current directory
|
512 |
+
*
|
513 |
+
* @param String $dir
|
514 |
+
* @return Boolean
|
515 |
+
* @access public
|
516 |
+
*/
|
517 |
+
function chdir($dir)
|
518 |
+
{
|
519 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
520 |
+
return false;
|
521 |
+
}
|
522 |
+
|
523 |
+
if ($dir[strlen($dir) - 1] != '/') {
|
524 |
+
$dir.= '/';
|
525 |
+
}
|
526 |
+
$dir = $this->_realpath($dir);
|
527 |
+
|
528 |
+
// confirm that $dir is, in fact, a valid directory
|
529 |
+
if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) {
|
530 |
+
return false;
|
531 |
+
}
|
532 |
+
|
533 |
+
// see Net_SFTP::nlist() for a more thorough explanation of the following
|
534 |
+
$response = $this->_get_sftp_packet();
|
535 |
+
switch ($this->packet_type) {
|
536 |
+
case NET_SFTP_HANDLE:
|
537 |
+
$handle = substr($response, 4);
|
538 |
+
break;
|
539 |
+
case NET_SFTP_STATUS:
|
540 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
541 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
542 |
+
return false;
|
543 |
+
default:
|
544 |
+
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
545 |
+
return false;
|
546 |
+
}
|
547 |
+
|
548 |
+
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
549 |
+
return false;
|
550 |
+
}
|
551 |
+
|
552 |
+
$response = $this->_get_sftp_packet();
|
553 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
554 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
555 |
+
return false;
|
556 |
+
}
|
557 |
+
|
558 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
559 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
560 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
561 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
562 |
+
return false;
|
563 |
+
}
|
564 |
+
|
565 |
+
$this->pwd = $dir;
|
566 |
+
return true;
|
567 |
+
}
|
568 |
+
|
569 |
+
/**
|
570 |
+
* Returns a list of files in the given directory
|
571 |
+
*
|
572 |
+
* @param optional String $dir
|
573 |
+
* @return Mixed
|
574 |
+
* @access public
|
575 |
+
*/
|
576 |
+
function nlist($dir = '.')
|
577 |
+
{
|
578 |
+
return $this->_list($dir, false);
|
579 |
+
}
|
580 |
+
|
581 |
+
/**
|
582 |
+
* Returns a list of files in the given directory
|
583 |
+
*
|
584 |
+
* @param optional String $dir
|
585 |
+
* @return Mixed
|
586 |
+
* @access public
|
587 |
+
*/
|
588 |
+
function rawlist($dir = '.')
|
589 |
+
{
|
590 |
+
return $this->_list($dir, true);
|
591 |
+
}
|
592 |
+
|
593 |
+
function _list($dir, $raw = true)
|
594 |
+
{
|
595 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
596 |
+
return false;
|
597 |
+
}
|
598 |
+
|
599 |
+
$dir = $this->_realpath($dir);
|
600 |
+
if ($dir === false) {
|
601 |
+
return false;
|
602 |
+
}
|
603 |
+
|
604 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2
|
605 |
+
if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) {
|
606 |
+
return false;
|
607 |
+
}
|
608 |
+
|
609 |
+
$response = $this->_get_sftp_packet();
|
610 |
+
switch ($this->packet_type) {
|
611 |
+
case NET_SFTP_HANDLE:
|
612 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2
|
613 |
+
// since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that
|
614 |
+
// represent the length of the string and leave it at that
|
615 |
+
$handle = substr($response, 4);
|
616 |
+
break;
|
617 |
+
case NET_SFTP_STATUS:
|
618 |
+
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
619 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
620 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
621 |
+
return false;
|
622 |
+
default:
|
623 |
+
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
624 |
+
return false;
|
625 |
+
}
|
626 |
+
|
627 |
+
$contents = array();
|
628 |
+
while (true) {
|
629 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2
|
630 |
+
// why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many
|
631 |
+
// SSH_MSG_CHANNEL_DATA messages is not known to me.
|
632 |
+
if (!$this->_send_sftp_packet(NET_SFTP_READDIR, pack('Na*', strlen($handle), $handle))) {
|
633 |
+
return false;
|
634 |
+
}
|
635 |
+
|
636 |
+
$response = $this->_get_sftp_packet();
|
637 |
+
switch ($this->packet_type) {
|
638 |
+
case NET_SFTP_NAME:
|
639 |
+
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
640 |
+
for ($i = 0; $i < $count; $i++) {
|
641 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
642 |
+
$shortname = $this->_string_shift($response, $length);
|
643 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
644 |
+
$this->_string_shift($response, $length); // SFTPv4+ drop this field - the "longname" field
|
645 |
+
$attributes = $this->_parseAttributes($response); // we also don't care about the attributes
|
646 |
+
if (!$raw) {
|
647 |
+
$contents[] = $shortname;
|
648 |
+
} else {
|
649 |
+
$contents[$shortname] = $attributes;
|
650 |
+
}
|
651 |
+
// SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the
|
652 |
+
// final SSH_FXP_STATUS packet should tell us that, already.
|
653 |
+
}
|
654 |
+
break;
|
655 |
+
case NET_SFTP_STATUS:
|
656 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
657 |
+
if ($status != NET_SFTP_STATUS_EOF) {
|
658 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
659 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
660 |
+
return false;
|
661 |
+
}
|
662 |
+
break 2;
|
663 |
+
default:
|
664 |
+
user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS', E_USER_NOTICE);
|
665 |
+
return false;
|
666 |
+
}
|
667 |
+
}
|
668 |
+
|
669 |
+
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
670 |
+
return false;
|
671 |
+
}
|
672 |
+
|
673 |
+
// "The client MUST release all resources associated with the handle regardless of the status."
|
674 |
+
// -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3
|
675 |
+
$response = $this->_get_sftp_packet();
|
676 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
677 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
678 |
+
return false;
|
679 |
+
}
|
680 |
+
|
681 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
682 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
683 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
684 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
685 |
+
return false;
|
686 |
+
}
|
687 |
+
|
688 |
+
return $contents;
|
689 |
+
}
|
690 |
+
|
691 |
+
/**
|
692 |
+
* Returns the file size, in bytes, or false, on failure
|
693 |
+
*
|
694 |
+
* Files larger than 4GB will show up as being exactly 4GB.
|
695 |
+
*
|
696 |
+
* @param optional String $dir
|
697 |
+
* @return Mixed
|
698 |
+
* @access public
|
699 |
+
*/
|
700 |
+
function size($filename)
|
701 |
+
{
|
702 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
703 |
+
return false;
|
704 |
+
}
|
705 |
+
|
706 |
+
$filename = $this->_realpath($filename);
|
707 |
+
if ($filename === false) {
|
708 |
+
return false;
|
709 |
+
}
|
710 |
+
|
711 |
+
// SFTPv4+ adds an additional 32-bit integer field - flags - to the following:
|
712 |
+
$packet = pack('Na*', strlen($filename), $filename);
|
713 |
+
if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) {
|
714 |
+
return false;
|
715 |
+
}
|
716 |
+
|
717 |
+
$response = $this->_get_sftp_packet();
|
718 |
+
switch ($this->packet_type) {
|
719 |
+
case NET_SFTP_ATTRS:
|
720 |
+
$attrs = $this->_parseAttributes($response);
|
721 |
+
return $attrs['size'];
|
722 |
+
case NET_SFTP_STATUS:
|
723 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
724 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
725 |
+
return false;
|
726 |
+
}
|
727 |
+
|
728 |
+
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS', E_USER_NOTICE);
|
729 |
+
return false;
|
730 |
+
}
|
731 |
+
|
732 |
+
/**
|
733 |
+
* Set permissions on a file.
|
734 |
+
*
|
735 |
+
* Returns the new file permissions on success or FALSE on error.
|
736 |
+
*
|
737 |
+
* @param Integer $mode
|
738 |
+
* @param String $filename
|
739 |
+
* @return Mixed
|
740 |
+
* @access public
|
741 |
+
*/
|
742 |
+
function chmod($mode, $filename)
|
743 |
+
{
|
744 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
745 |
+
return false;
|
746 |
+
}
|
747 |
+
|
748 |
+
$filename = $this->_realpath($filename);
|
749 |
+
if ($filename === false) {
|
750 |
+
return false;
|
751 |
+
}
|
752 |
+
|
753 |
+
// SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to
|
754 |
+
// SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT.
|
755 |
+
$attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777);
|
756 |
+
if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) {
|
757 |
+
return false;
|
758 |
+
}
|
759 |
+
|
760 |
+
/*
|
761 |
+
"Because some systems must use separate system calls to set various attributes, it is possible that a failure
|
762 |
+
response will be returned, but yet some of the attributes may be have been successfully modified. If possible,
|
763 |
+
servers SHOULD avoid this situation; however, clients MUST be aware that this is possible."
|
764 |
+
|
765 |
+
-- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6
|
766 |
+
*/
|
767 |
+
$response = $this->_get_sftp_packet();
|
768 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
769 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
770 |
+
return false;
|
771 |
+
}
|
772 |
+
|
773 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
774 |
+
if ($status != NET_SFTP_STATUS_EOF) {
|
775 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
776 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
777 |
+
}
|
778 |
+
|
779 |
+
// rather than return what the permissions *should* be, we'll return what they actually are. this will also
|
780 |
+
// tell us if the file actually exists.
|
781 |
+
// incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following:
|
782 |
+
$packet = pack('Na*', strlen($filename), $filename);
|
783 |
+
if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) {
|
784 |
+
return false;
|
785 |
+
}
|
786 |
+
|
787 |
+
$response = $this->_get_sftp_packet();
|
788 |
+
switch ($this->packet_type) {
|
789 |
+
case NET_SFTP_ATTRS:
|
790 |
+
$attrs = $this->_parseAttributes($response);
|
791 |
+
return $attrs['permissions'];
|
792 |
+
case NET_SFTP_STATUS:
|
793 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
794 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
795 |
+
return false;
|
796 |
+
}
|
797 |
+
|
798 |
+
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS', E_USER_NOTICE);
|
799 |
+
return false;
|
800 |
+
}
|
801 |
+
|
802 |
+
/**
|
803 |
+
* Creates a directory.
|
804 |
+
*
|
805 |
+
* @param String $dir
|
806 |
+
* @return Boolean
|
807 |
+
* @access public
|
808 |
+
*/
|
809 |
+
function mkdir($dir)
|
810 |
+
{
|
811 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
812 |
+
return false;
|
813 |
+
}
|
814 |
+
|
815 |
+
$dir = $this->_realpath(rtrim($dir, '/'));
|
816 |
+
if ($dir === false) {
|
817 |
+
return false;
|
818 |
+
}
|
819 |
+
|
820 |
+
// by not providing any permissions, hopefully the server will use the logged in users umask - their
|
821 |
+
// default permissions.
|
822 |
+
if (!$this->_send_sftp_packet(NET_SFTP_MKDIR, pack('Na*N', strlen($dir), $dir, 0))) {
|
823 |
+
return false;
|
824 |
+
}
|
825 |
+
|
826 |
+
$response = $this->_get_sftp_packet();
|
827 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
828 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
829 |
+
return false;
|
830 |
+
}
|
831 |
+
|
832 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
833 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
834 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
835 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
836 |
+
return false;
|
837 |
+
}
|
838 |
+
|
839 |
+
return true;
|
840 |
+
}
|
841 |
+
|
842 |
+
/**
|
843 |
+
* Removes a directory.
|
844 |
+
*
|
845 |
+
* @param String $dir
|
846 |
+
* @return Boolean
|
847 |
+
* @access public
|
848 |
+
*/
|
849 |
+
function rmdir($dir)
|
850 |
+
{
|
851 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
852 |
+
return false;
|
853 |
+
}
|
854 |
+
|
855 |
+
$dir = $this->_realpath($dir);
|
856 |
+
if ($dir === false) {
|
857 |
+
return false;
|
858 |
+
}
|
859 |
+
|
860 |
+
if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($dir), $dir))) {
|
861 |
+
return false;
|
862 |
+
}
|
863 |
+
|
864 |
+
$response = $this->_get_sftp_packet();
|
865 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
866 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
867 |
+
return false;
|
868 |
+
}
|
869 |
+
|
870 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
871 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
872 |
+
// presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED?
|
873 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
874 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
875 |
+
return false;
|
876 |
+
}
|
877 |
+
|
878 |
+
return true;
|
879 |
+
}
|
880 |
+
|
881 |
+
/**
|
882 |
+
* Uploads a file to the SFTP server.
|
883 |
+
*
|
884 |
+
* By default, Net_SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
|
885 |
+
* So, for example, if you set $data to 'filename.ext' and then do Net_SFTP::get(), you will get a file, twelve bytes
|
886 |
+
* long, containing 'filename.ext' as its contents.
|
887 |
+
*
|
888 |
+
* Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will
|
889 |
+
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
|
890 |
+
* large $remote_file will be, as well.
|
891 |
+
*
|
892 |
+
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
|
893 |
+
* care of that, yourself.
|
894 |
+
*
|
895 |
+
* @param String $remote_file
|
896 |
+
* @param String $data
|
897 |
+
* @param optional Integer $flags
|
898 |
+
* @return Boolean
|
899 |
+
* @access public
|
900 |
+
* @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - Net_SFTP::setMode().
|
901 |
+
*/
|
902 |
+
function put($remote_file, $data, $mode = NET_SFTP_STRING)
|
903 |
+
{
|
904 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
905 |
+
return false;
|
906 |
+
}
|
907 |
+
|
908 |
+
$remote_file = $this->_realpath($remote_file);
|
909 |
+
if ($remote_file === false) {
|
910 |
+
return false;
|
911 |
+
}
|
912 |
+
|
913 |
+
$packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE | NET_SFTP_OPEN_TRUNCATE, 0);
|
914 |
+
if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
|
915 |
+
return false;
|
916 |
+
}
|
917 |
+
|
918 |
+
$response = $this->_get_sftp_packet();
|
919 |
+
switch ($this->packet_type) {
|
920 |
+
case NET_SFTP_HANDLE:
|
921 |
+
$handle = substr($response, 4);
|
922 |
+
break;
|
923 |
+
case NET_SFTP_STATUS:
|
924 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
925 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
926 |
+
return false;
|
927 |
+
default:
|
928 |
+
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
929 |
+
return false;
|
930 |
+
}
|
931 |
+
|
932 |
+
$initialize = true;
|
933 |
+
|
934 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3
|
935 |
+
if ($mode == NET_SFTP_LOCAL_FILE) {
|
936 |
+
if (!is_file($data)) {
|
937 |
+
user_error("$data is not a valid file", E_USER_NOTICE);
|
938 |
+
return false;
|
939 |
+
}
|
940 |
+
$fp = fopen($data, 'rb');
|
941 |
+
if (!$fp) {
|
942 |
+
return false;
|
943 |
+
}
|
944 |
+
$sent = 0;
|
945 |
+
$size = filesize($data);
|
946 |
+
} else {
|
947 |
+
$sent = 0;
|
948 |
+
$size = strlen($data);
|
949 |
+
}
|
950 |
+
|
951 |
+
$size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
|
952 |
+
|
953 |
+
$sftp_packet_size = 34000; // PuTTY uses 4096
|
954 |
+
$i = 0;
|
955 |
+
while ($sent < $size) {
|
956 |
+
$temp = $mode == NET_SFTP_LOCAL_FILE ? fread($fp, $sftp_packet_size) : $this->_string_shift($data, $sftp_packet_size);
|
957 |
+
$packet = pack('Na*N3a*', strlen($handle), $handle, 0, $sent, strlen($temp), $temp);
|
958 |
+
if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) {
|
959 |
+
fclose($fp);
|
960 |
+
return false;
|
961 |
+
}
|
962 |
+
$sent+= strlen($temp);
|
963 |
+
|
964 |
+
$i++;
|
965 |
+
|
966 |
+
if ($i == 50) {
|
967 |
+
if (!$this->_read_put_responses($i)) {
|
968 |
+
$i = 0;
|
969 |
+
break;
|
970 |
+
}
|
971 |
+
$i = 0;
|
972 |
+
}
|
973 |
+
}
|
974 |
+
|
975 |
+
$this->_read_put_responses($i);
|
976 |
+
|
977 |
+
if ($mode == NET_SFTP_LOCAL_FILE) {
|
978 |
+
fclose($fp);
|
979 |
+
}
|
980 |
+
|
981 |
+
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
982 |
+
return false;
|
983 |
+
}
|
984 |
+
|
985 |
+
$response = $this->_get_sftp_packet();
|
986 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
987 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
988 |
+
return false;
|
989 |
+
}
|
990 |
+
|
991 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
992 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
993 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
994 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
995 |
+
return false;
|
996 |
+
}
|
997 |
+
|
998 |
+
return true;
|
999 |
+
}
|
1000 |
+
|
1001 |
+
/**
|
1002 |
+
* Reads multiple successive SSH_FXP_WRITE responses
|
1003 |
+
*
|
1004 |
+
* Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i
|
1005 |
+
* SSH_FXP_WRITEs, in succession, and then reading $i responses.
|
1006 |
+
*
|
1007 |
+
* @param Integer $i
|
1008 |
+
* @return Boolean
|
1009 |
+
* @access private
|
1010 |
+
*/
|
1011 |
+
function _read_put_responses($i)
|
1012 |
+
{
|
1013 |
+
while ($i--) {
|
1014 |
+
$response = $this->_get_sftp_packet();
|
1015 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
1016 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1017 |
+
return false;
|
1018 |
+
}
|
1019 |
+
|
1020 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1021 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
1022 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1023 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1024 |
+
break;
|
1025 |
+
}
|
1026 |
+
}
|
1027 |
+
|
1028 |
+
return $i < 0;
|
1029 |
+
}
|
1030 |
+
|
1031 |
+
/**
|
1032 |
+
* Downloads a file from the SFTP server.
|
1033 |
+
*
|
1034 |
+
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
|
1035 |
+
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
|
1036 |
+
* operation
|
1037 |
+
*
|
1038 |
+
* @param String $remote_file
|
1039 |
+
* @param optional String $local_file
|
1040 |
+
* @return Mixed
|
1041 |
+
* @access public
|
1042 |
+
*/
|
1043 |
+
function get($remote_file, $local_file = false)
|
1044 |
+
{
|
1045 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1046 |
+
return false;
|
1047 |
+
}
|
1048 |
+
|
1049 |
+
$remote_file = $this->_realpath($remote_file);
|
1050 |
+
if ($remote_file === false) {
|
1051 |
+
return false;
|
1052 |
+
}
|
1053 |
+
|
1054 |
+
$packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0);
|
1055 |
+
if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
|
1056 |
+
return false;
|
1057 |
+
}
|
1058 |
+
|
1059 |
+
$response = $this->_get_sftp_packet();
|
1060 |
+
switch ($this->packet_type) {
|
1061 |
+
case NET_SFTP_HANDLE:
|
1062 |
+
$handle = substr($response, 4);
|
1063 |
+
break;
|
1064 |
+
case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
1065 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
1066 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1067 |
+
return false;
|
1068 |
+
default:
|
1069 |
+
user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS', E_USER_NOTICE);
|
1070 |
+
return false;
|
1071 |
+
}
|
1072 |
+
|
1073 |
+
$packet = pack('Na*', strlen($handle), $handle);
|
1074 |
+
if (!$this->_send_sftp_packet(NET_SFTP_FSTAT, $packet)) {
|
1075 |
+
return false;
|
1076 |
+
}
|
1077 |
+
|
1078 |
+
$response = $this->_get_sftp_packet();
|
1079 |
+
switch ($this->packet_type) {
|
1080 |
+
case NET_SFTP_ATTRS:
|
1081 |
+
$attrs = $this->_parseAttributes($response);
|
1082 |
+
break;
|
1083 |
+
case NET_SFTP_STATUS:
|
1084 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
1085 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1086 |
+
return false;
|
1087 |
+
default:
|
1088 |
+
user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS', E_USER_NOTICE);
|
1089 |
+
return false;
|
1090 |
+
}
|
1091 |
+
|
1092 |
+
if ($local_file !== false) {
|
1093 |
+
$fp = fopen($local_file, 'wb');
|
1094 |
+
if (!$fp) {
|
1095 |
+
return false;
|
1096 |
+
}
|
1097 |
+
} else {
|
1098 |
+
$content = '';
|
1099 |
+
}
|
1100 |
+
|
1101 |
+
$read = 0;
|
1102 |
+
while ($read < $attrs['size']) {
|
1103 |
+
$packet = pack('Na*N3', strlen($handle), $handle, 0, $read, 1 << 20);
|
1104 |
+
if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) {
|
1105 |
+
return false;
|
1106 |
+
}
|
1107 |
+
|
1108 |
+
$response = $this->_get_sftp_packet();
|
1109 |
+
switch ($this->packet_type) {
|
1110 |
+
case NET_SFTP_DATA:
|
1111 |
+
$temp = substr($response, 4);
|
1112 |
+
$read+= strlen($temp);
|
1113 |
+
if ($local_file === false) {
|
1114 |
+
$content.= $temp;
|
1115 |
+
} else {
|
1116 |
+
fputs($fp, $temp);
|
1117 |
+
}
|
1118 |
+
break;
|
1119 |
+
case NET_SFTP_STATUS:
|
1120 |
+
extract(unpack('Nstatus/Nlength', $this->_string_shift($response, 8)));
|
1121 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1122 |
+
break 2;
|
1123 |
+
default:
|
1124 |
+
user_error('Expected SSH_FXP_DATA or SSH_FXP_STATUS', E_USER_NOTICE);
|
1125 |
+
return false;
|
1126 |
+
}
|
1127 |
+
}
|
1128 |
+
|
1129 |
+
if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
|
1130 |
+
return false;
|
1131 |
+
}
|
1132 |
+
|
1133 |
+
$response = $this->_get_sftp_packet();
|
1134 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
1135 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1136 |
+
return false;
|
1137 |
+
}
|
1138 |
+
|
1139 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1140 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
1141 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1142 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1143 |
+
return false;
|
1144 |
+
}
|
1145 |
+
|
1146 |
+
if (isset($content)) {
|
1147 |
+
return $content;
|
1148 |
+
}
|
1149 |
+
|
1150 |
+
fclose($fp);
|
1151 |
+
return true;
|
1152 |
+
}
|
1153 |
+
|
1154 |
+
/**
|
1155 |
+
* Deletes a file on the SFTP server.
|
1156 |
+
*
|
1157 |
+
* @param String $path
|
1158 |
+
* @return Boolean
|
1159 |
+
* @access public
|
1160 |
+
*/
|
1161 |
+
function delete($path)
|
1162 |
+
{
|
1163 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1164 |
+
return false;
|
1165 |
+
}
|
1166 |
+
|
1167 |
+
$remote_file = $this->_realpath($path);
|
1168 |
+
if ($path === false) {
|
1169 |
+
return false;
|
1170 |
+
}
|
1171 |
+
|
1172 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
|
1173 |
+
if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path))) {
|
1174 |
+
return false;
|
1175 |
+
}
|
1176 |
+
|
1177 |
+
$response = $this->_get_sftp_packet();
|
1178 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
1179 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1180 |
+
return false;
|
1181 |
+
}
|
1182 |
+
|
1183 |
+
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
1184 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1185 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
1186 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1187 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1188 |
+
return false;
|
1189 |
+
}
|
1190 |
+
|
1191 |
+
return true;
|
1192 |
+
}
|
1193 |
+
|
1194 |
+
/**
|
1195 |
+
* Renames a file or a directory on the SFTP server
|
1196 |
+
*
|
1197 |
+
* @param String $oldname
|
1198 |
+
* @param String $newname
|
1199 |
+
* @return Boolean
|
1200 |
+
* @access public
|
1201 |
+
*/
|
1202 |
+
function rename($oldname, $newname)
|
1203 |
+
{
|
1204 |
+
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1205 |
+
return false;
|
1206 |
+
}
|
1207 |
+
|
1208 |
+
$oldname = $this->_realpath($oldname);
|
1209 |
+
$newname = $this->_realpath($newname);
|
1210 |
+
if ($oldname === false || $newname === false) {
|
1211 |
+
return false;
|
1212 |
+
}
|
1213 |
+
|
1214 |
+
// http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
|
1215 |
+
$packet = pack('Na*Na*', strlen($oldname), $oldname, strlen($newname), $newname);
|
1216 |
+
if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) {
|
1217 |
+
return false;
|
1218 |
+
}
|
1219 |
+
|
1220 |
+
$response = $this->_get_sftp_packet();
|
1221 |
+
if ($this->packet_type != NET_SFTP_STATUS) {
|
1222 |
+
user_error('Expected SSH_FXP_STATUS', E_USER_NOTICE);
|
1223 |
+
return false;
|
1224 |
+
}
|
1225 |
+
|
1226 |
+
// if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
|
1227 |
+
extract(unpack('Nstatus', $this->_string_shift($response, 4)));
|
1228 |
+
if ($status != NET_SFTP_STATUS_OK) {
|
1229 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1230 |
+
$this->sftp_errors[] = $this->status_codes[$status] . ': ' . $this->_string_shift($response, $length);
|
1231 |
+
return false;
|
1232 |
+
}
|
1233 |
+
|
1234 |
+
return true;
|
1235 |
+
}
|
1236 |
+
|
1237 |
+
/**
|
1238 |
+
* Parse Attributes
|
1239 |
+
*
|
1240 |
+
* See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info.
|
1241 |
+
*
|
1242 |
+
* @param String $response
|
1243 |
+
* @return Array
|
1244 |
+
* @access private
|
1245 |
+
*/
|
1246 |
+
function _parseAttributes(&$response)
|
1247 |
+
{
|
1248 |
+
$attr = array();
|
1249 |
+
extract(unpack('Nflags', $this->_string_shift($response, 4)));
|
1250 |
+
// SFTPv4+ have a type field (a byte) that follows the above flag field
|
1251 |
+
foreach ($this->attributes as $key => $value) {
|
1252 |
+
switch ($flags & $key) {
|
1253 |
+
case NET_SFTP_ATTR_SIZE: // 0x00000001
|
1254 |
+
// size is represented by a 64-bit integer, so we perhaps ought to be doing the following:
|
1255 |
+
// $attr['size'] = new Math_BigInteger($this->_string_shift($response, 8), 256);
|
1256 |
+
// of course, you shouldn't be using Net_SFTP to transfer files that are in excess of 4GB
|
1257 |
+
// (0xFFFFFFFF bytes), anyway. as such, we'll just represent all file sizes that are bigger than
|
1258 |
+
// 4GB as being 4GB.
|
1259 |
+
extract(unpack('Nupper/Nsize', $this->_string_shift($response, 8)));
|
1260 |
+
if ($upper) {
|
1261 |
+
$attr['size'] = 0xFFFFFFFF;
|
1262 |
+
} else {
|
1263 |
+
$attr['size'] = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
|
1264 |
+
}
|
1265 |
+
break;
|
1266 |
+
case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
|
1267 |
+
$attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));
|
1268 |
+
break;
|
1269 |
+
case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
|
1270 |
+
$attr+= unpack('Npermissions', $this->_string_shift($response, 4));
|
1271 |
+
break;
|
1272 |
+
case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
|
1273 |
+
$attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8));
|
1274 |
+
break;
|
1275 |
+
case NET_SFTP_ATTR_EXTENDED: // 0x80000000
|
1276 |
+
extract(unpack('Ncount', $this->_string_shift($response, 4)));
|
1277 |
+
for ($i = 0; $i < $count; $i++) {
|
1278 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1279 |
+
$key = $this->_string_shift($response, $length);
|
1280 |
+
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1281 |
+
$attr[$key] = $this->_string_shift($response, $length);
|
1282 |
+
}
|
1283 |
+
}
|
1284 |
+
}
|
1285 |
+
return $attr;
|
1286 |
+
}
|
1287 |
+
|
1288 |
+
/**
|
1289 |
+
* Sends SFTP Packets
|
1290 |
+
*
|
1291 |
+
* See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info.
|
1292 |
+
*
|
1293 |
+
* @param Integer $type
|
1294 |
+
* @param String $data
|
1295 |
+
* @see Net_SFTP::_get_sftp_packet()
|
1296 |
+
* @see Net_SSH2::_send_channel_packet()
|
1297 |
+
* @return Boolean
|
1298 |
+
* @access private
|
1299 |
+
*/
|
1300 |
+
function _send_sftp_packet($type, $data)
|
1301 |
+
{
|
1302 |
+
$packet = $this->request_id !== false ?
|
1303 |
+
pack('NCNa*', strlen($data) + 5, $type, $this->request_id, $data) :
|
1304 |
+
pack('NCa*', strlen($data) + 1, $type, $data);
|
1305 |
+
|
1306 |
+
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
1307 |
+
$result = $this->_send_channel_packet(NET_SFTP_CHANNEL, $packet);
|
1308 |
+
$stop = strtok(microtime(), ' ') + strtok('');
|
1309 |
+
|
1310 |
+
if (defined('NET_SFTP_LOGGING')) {
|
1311 |
+
$this->packet_type_log[] = '-> ' . $this->packet_types[$type] .
|
1312 |
+
' (' . round($stop - $start, 4) . 's)';
|
1313 |
+
if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) {
|
1314 |
+
$this->packet_log[] = $data;
|
1315 |
+
}
|
1316 |
+
}
|
1317 |
+
|
1318 |
+
return $result;
|
1319 |
+
}
|
1320 |
+
|
1321 |
+
/**
|
1322 |
+
* Receives SFTP Packets
|
1323 |
+
*
|
1324 |
+
* See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info.
|
1325 |
+
*
|
1326 |
+
* Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present.
|
1327 |
+
* There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA
|
1328 |
+
* messages containing one SFTP packet.
|
1329 |
+
*
|
1330 |
+
* @see Net_SFTP::_send_sftp_packet()
|
1331 |
+
* @return String
|
1332 |
+
* @access private
|
1333 |
+
*/
|
1334 |
+
function _get_sftp_packet()
|
1335 |
+
{
|
1336 |
+
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
1337 |
+
|
1338 |
+
// SFTP packet length
|
1339 |
+
while (strlen($this->packet_buffer) < 4) {
|
1340 |
+
$temp = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
1341 |
+
if (is_bool($temp)) {
|
1342 |
+
$this->packet_type = false;
|
1343 |
+
$this->packet_buffer = '';
|
1344 |
+
return false;
|
1345 |
+
}
|
1346 |
+
$this->packet_buffer.= $temp;
|
1347 |
+
}
|
1348 |
+
extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4)));
|
1349 |
+
$tempLength = $length;
|
1350 |
+
$tempLength-= strlen($this->packet_buffer);
|
1351 |
+
|
1352 |
+
// SFTP packet type and data payload
|
1353 |
+
while ($tempLength > 0) {
|
1354 |
+
$temp = $this->_get_channel_packet(NET_SFTP_CHANNEL);
|
1355 |
+
if (is_bool($temp)) {
|
1356 |
+
$this->packet_type = false;
|
1357 |
+
$this->packet_buffer = '';
|
1358 |
+
return false;
|
1359 |
+
}
|
1360 |
+
$this->packet_buffer.= $temp;
|
1361 |
+
$tempLength-= strlen($temp);
|
1362 |
+
}
|
1363 |
+
|
1364 |
+
$stop = strtok(microtime(), ' ') + strtok('');
|
1365 |
+
|
1366 |
+
$this->packet_type = ord($this->_string_shift($this->packet_buffer));
|
1367 |
+
|
1368 |
+
if ($this->request_id !== false) {
|
1369 |
+
$this->_string_shift($this->packet_buffer, 4); // remove the request id
|
1370 |
+
$length-= 5; // account for the request id and the packet type
|
1371 |
+
} else {
|
1372 |
+
$length-= 1; // account for the packet type
|
1373 |
+
}
|
1374 |
+
|
1375 |
+
$packet = $this->_string_shift($this->packet_buffer, $length);
|
1376 |
+
|
1377 |
+
if (defined('NET_SFTP_LOGGING')) {
|
1378 |
+
$this->packet_type_log[] = '<- ' . $this->packet_types[$this->packet_type] .
|
1379 |
+
' (' . round($stop - $start, 4) . 's)';
|
1380 |
+
if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) {
|
1381 |
+
$this->packet_log[] = $packet;
|
1382 |
+
}
|
1383 |
+
}
|
1384 |
+
|
1385 |
+
return $packet;
|
1386 |
+
}
|
1387 |
+
|
1388 |
+
/**
|
1389 |
+
* Returns a log of the packets that have been sent and received.
|
1390 |
+
*
|
1391 |
+
* Returns a string if NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX, an array if NET_SFTP_LOGGING == NET_SFTP_LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING')
|
1392 |
+
*
|
1393 |
+
* @access public
|
1394 |
+
* @return String or Array
|
1395 |
+
*/
|
1396 |
+
function getSFTPLog()
|
1397 |
+
{
|
1398 |
+
if (!defined('NET_SFTP_LOGGING')) {
|
1399 |
+
return false;
|
1400 |
+
}
|
1401 |
+
|
1402 |
+
switch (NET_SFTP_LOGGING) {
|
1403 |
+
case NET_SFTP_LOG_COMPLEX:
|
1404 |
+
return $this->_format_log($this->packet_log, $this->packet_type_log);
|
1405 |
+
break;
|
1406 |
+
//case NET_SFTP_LOG_SIMPLE:
|
1407 |
+
default:
|
1408 |
+
return $this->packet_type_log;
|
1409 |
+
}
|
1410 |
+
}
|
1411 |
+
|
1412 |
+
/**
|
1413 |
+
* Returns all errors
|
1414 |
+
*
|
1415 |
+
* @return String
|
1416 |
+
* @access public
|
1417 |
+
*/
|
1418 |
+
function getSFTPErrors()
|
1419 |
+
{
|
1420 |
+
return $this->sftp_errors;
|
1421 |
+
}
|
1422 |
+
|
1423 |
+
/**
|
1424 |
+
* Returns the last error
|
1425 |
+
*
|
1426 |
+
* @return String
|
1427 |
+
* @access public
|
1428 |
+
*/
|
1429 |
+
function getLastSFTPError()
|
1430 |
+
{
|
1431 |
+
return $this->sftp_errors[count($this->sftp_errors) - 1];
|
1432 |
+
}
|
1433 |
+
|
1434 |
+
/**
|
1435 |
+
* Get supported SFTP versions
|
1436 |
+
*
|
1437 |
+
* @return Array
|
1438 |
+
* @access public
|
1439 |
+
*/
|
1440 |
+
function getSupportedVersions()
|
1441 |
+
{
|
1442 |
+
$temp = array('version' => $this->version);
|
1443 |
+
if (isset($this->extensions['versions'])) {
|
1444 |
+
$temp['extensions'] = $this->extensions['versions'];
|
1445 |
+
}
|
1446 |
+
return $temp;
|
1447 |
+
}
|
1448 |
+
|
1449 |
+
/**
|
1450 |
+
* Disconnect
|
1451 |
+
*
|
1452 |
+
* @param Integer $reason
|
1453 |
+
* @return Boolean
|
1454 |
+
* @access private
|
1455 |
+
*/
|
1456 |
+
function _disconnect($reason)
|
1457 |
+
{
|
1458 |
+
$this->pwd = false;
|
1459 |
+
parent::_disconnect($reason);
|
1460 |
+
}
|
1461 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Net/SSH1.php
CHANGED
@@ -1,1159 +1,1159 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of SSHv1.
|
6 |
-
*
|
7 |
-
* PHP versions 4 and 5
|
8 |
-
*
|
9 |
-
* Here's a short example of how to use this library:
|
10 |
-
* <code>
|
11 |
-
* <?php
|
12 |
-
* include('Net/SSH1.php');
|
13 |
-
*
|
14 |
-
* $ssh = new Net_SSH1('www.domain.tld');
|
15 |
-
* if (!$ssh->login('username', 'password')) {
|
16 |
-
* exit('Login Failed');
|
17 |
-
* }
|
18 |
-
*
|
19 |
-
* while (true) {
|
20 |
-
* echo $ssh->interactiveRead();
|
21 |
-
*
|
22 |
-
* $read = array(STDIN);
|
23 |
-
* $write = $except = NULL;
|
24 |
-
* if (stream_select($read, $write, $except, 0)) {
|
25 |
-
* $ssh->interactiveWrite(fread(STDIN, 1));
|
26 |
-
* }
|
27 |
-
* }
|
28 |
-
* ?>
|
29 |
-
* </code>
|
30 |
-
*
|
31 |
-
* Here's another short example:
|
32 |
-
* <code>
|
33 |
-
* <?php
|
34 |
-
* include('Net/SSH1.php');
|
35 |
-
*
|
36 |
-
* $ssh = new Net_SSH1('www.domain.tld');
|
37 |
-
* if (!$ssh->login('username', 'password')) {
|
38 |
-
* exit('Login Failed');
|
39 |
-
* }
|
40 |
-
*
|
41 |
-
* echo $ssh->exec('ls -la');
|
42 |
-
* ?>
|
43 |
-
* </code>
|
44 |
-
*
|
45 |
-
* More information on the SSHv1 specification can be found by reading
|
46 |
-
* {@link http://www.snailbook.com/docs/protocol-1.5.txt protocol-1.5.txt}.
|
47 |
-
*
|
48 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
49 |
-
* modify it under the terms of the GNU Lesser General Public
|
50 |
-
* License as published by the Free Software Foundation; either
|
51 |
-
* version 2.1 of the License, or (at your option) any later version.
|
52 |
-
*
|
53 |
-
* This library is distributed in the hope that it will be useful,
|
54 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
55 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
56 |
-
* Lesser General Public License for more details.
|
57 |
-
*
|
58 |
-
* You should have received a copy of the GNU Lesser General Public
|
59 |
-
* License along with this library; if not, write to the Free Software
|
60 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
61 |
-
* MA 02111-1307 USA
|
62 |
-
*
|
63 |
-
* @category Net
|
64 |
-
* @package Net_SSH1
|
65 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
66 |
-
* @copyright MMVII Jim Wigginton
|
67 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
68 |
-
* @version $Id: SSH1.php,v 1.15 2010/03/22 22:01:38 terrafrost Exp $
|
69 |
-
* @link http://phpseclib.sourceforge.net
|
70 |
-
*/
|
71 |
-
|
72 |
-
/**
|
73 |
-
* Include Math_BigInteger
|
74 |
-
*
|
75 |
-
* Used to do RSA encryption.
|
76 |
-
*/
|
77 |
-
require_once('phpseclib/Math/BigInteger.php');
|
78 |
-
|
79 |
-
/**
|
80 |
-
* Include Crypt_Null
|
81 |
-
*/
|
82 |
-
//require_once('Crypt/Null.php');
|
83 |
-
|
84 |
-
/**
|
85 |
-
* Include Crypt_DES
|
86 |
-
*/
|
87 |
-
require_once('phpseclib/Crypt/DES.php');
|
88 |
-
|
89 |
-
/**
|
90 |
-
* Include Crypt_TripleDES
|
91 |
-
*/
|
92 |
-
require_once('phpseclib/Crypt/TripleDES.php');
|
93 |
-
|
94 |
-
/**
|
95 |
-
* Include Crypt_RC4
|
96 |
-
*/
|
97 |
-
require_once('phpseclib/Crypt/RC4.php');
|
98 |
-
|
99 |
-
/**
|
100 |
-
* Include Crypt_Random
|
101 |
-
*/
|
102 |
-
require_once('phpseclib/Crypt/Random.php');
|
103 |
-
|
104 |
-
/**#@+
|
105 |
-
* Protocol Flags
|
106 |
-
*
|
107 |
-
* @access private
|
108 |
-
*/
|
109 |
-
define('NET_SSH1_MSG_DISCONNECT', 1);
|
110 |
-
define('NET_SSH1_SMSG_PUBLIC_KEY', 2);
|
111 |
-
define('NET_SSH1_CMSG_SESSION_KEY', 3);
|
112 |
-
define('NET_SSH1_CMSG_USER', 4);
|
113 |
-
define('NET_SSH1_CMSG_AUTH_PASSWORD', 9);
|
114 |
-
define('NET_SSH1_CMSG_REQUEST_PTY', 10);
|
115 |
-
define('NET_SSH1_CMSG_EXEC_SHELL', 12);
|
116 |
-
define('NET_SSH1_CMSG_EXEC_CMD', 13);
|
117 |
-
define('NET_SSH1_SMSG_SUCCESS', 14);
|
118 |
-
define('NET_SSH1_SMSG_FAILURE', 15);
|
119 |
-
define('NET_SSH1_CMSG_STDIN_DATA', 16);
|
120 |
-
define('NET_SSH1_SMSG_STDOUT_DATA', 17);
|
121 |
-
define('NET_SSH1_SMSG_STDERR_DATA', 18);
|
122 |
-
define('NET_SSH1_SMSG_EXITSTATUS', 20);
|
123 |
-
define('NET_SSH1_CMSG_EXIT_CONFIRMATION', 33);
|
124 |
-
/**#@-*/
|
125 |
-
|
126 |
-
/**#@+
|
127 |
-
* Encryption Methods
|
128 |
-
*
|
129 |
-
* @see Net_SSH1::getSupportedCiphers()
|
130 |
-
* @access public
|
131 |
-
*/
|
132 |
-
/**
|
133 |
-
* No encryption
|
134 |
-
*
|
135 |
-
* Not supported.
|
136 |
-
*/
|
137 |
-
define('NET_SSH1_CIPHER_NONE', 0);
|
138 |
-
/**
|
139 |
-
* IDEA in CFB mode
|
140 |
-
*
|
141 |
-
* Not supported.
|
142 |
-
*/
|
143 |
-
define('NET_SSH1_CIPHER_IDEA', 1);
|
144 |
-
/**
|
145 |
-
* DES in CBC mode
|
146 |
-
*/
|
147 |
-
define('NET_SSH1_CIPHER_DES', 2);
|
148 |
-
/**
|
149 |
-
* Triple-DES in CBC mode
|
150 |
-
*
|
151 |
-
* All implementations are required to support this
|
152 |
-
*/
|
153 |
-
define('NET_SSH1_CIPHER_3DES', 3);
|
154 |
-
/**
|
155 |
-
* TRI's Simple Stream encryption CBC
|
156 |
-
*
|
157 |
-
* Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h),
|
158 |
-
* although it doesn't use it (see cipher.c)
|
159 |
-
*/
|
160 |
-
define('NET_SSH1_CIPHER_BROKEN_TSS', 4);
|
161 |
-
/**
|
162 |
-
* RC4
|
163 |
-
*
|
164 |
-
* Not supported.
|
165 |
-
*
|
166 |
-
* @internal According to the SSH1 specs:
|
167 |
-
*
|
168 |
-
* "The first 16 bytes of the session key are used as the key for
|
169 |
-
* the server to client direction. The remaining 16 bytes are used
|
170 |
-
* as the key for the client to server direction. This gives
|
171 |
-
* independent 128-bit keys for each direction."
|
172 |
-
*
|
173 |
-
* This library currently only supports encryption when the same key is being used for both directions. This is
|
174 |
-
* because there's only one $crypto object. Two could be added ($encrypt and $decrypt, perhaps).
|
175 |
-
*/
|
176 |
-
define('NET_SSH1_CIPHER_RC4', 5);
|
177 |
-
/**
|
178 |
-
* Blowfish
|
179 |
-
*
|
180 |
-
* Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and
|
181 |
-
* uses it (see cipher.c)
|
182 |
-
*/
|
183 |
-
define('NET_SSH1_CIPHER_BLOWFISH', 6);
|
184 |
-
/**#@-*/
|
185 |
-
|
186 |
-
/**#@+
|
187 |
-
* Authentication Methods
|
188 |
-
*
|
189 |
-
* @see Net_SSH1::getSupportedAuthentications()
|
190 |
-
* @access public
|
191 |
-
*/
|
192 |
-
/**
|
193 |
-
* .rhosts or /etc/hosts.equiv
|
194 |
-
*/
|
195 |
-
define('NET_SSH1_AUTH_RHOSTS', 1);
|
196 |
-
/**
|
197 |
-
* pure RSA authentication
|
198 |
-
*/
|
199 |
-
define('NET_SSH1_AUTH_RSA', 2);
|
200 |
-
/**
|
201 |
-
* password authentication
|
202 |
-
*
|
203 |
-
* This is the only method that is supported by this library.
|
204 |
-
*/
|
205 |
-
define('NET_SSH1_AUTH_PASSWORD', 3);
|
206 |
-
/**
|
207 |
-
* .rhosts with RSA host authentication
|
208 |
-
*/
|
209 |
-
define('NET_SSH1_AUTH_RHOSTS_RSA', 4);
|
210 |
-
/**#@-*/
|
211 |
-
|
212 |
-
/**#@+
|
213 |
-
* Terminal Modes
|
214 |
-
*
|
215 |
-
* @link http://3sp.com/content/developer/maverick-net/docs/Maverick.SSH.PseudoTerminalModesMembers.html
|
216 |
-
* @access private
|
217 |
-
*/
|
218 |
-
define('NET_SSH1_TTY_OP_END', 0);
|
219 |
-
/**#@-*/
|
220 |
-
|
221 |
-
/**
|
222 |
-
* The Response Type
|
223 |
-
*
|
224 |
-
* @see Net_SSH1::_get_binary_packet()
|
225 |
-
* @access private
|
226 |
-
*/
|
227 |
-
define('NET_SSH1_RESPONSE_TYPE', 1);
|
228 |
-
|
229 |
-
/**
|
230 |
-
* The Response Data
|
231 |
-
*
|
232 |
-
* @see Net_SSH1::_get_binary_packet()
|
233 |
-
* @access private
|
234 |
-
*/
|
235 |
-
define('NET_SSH1_RESPONSE_DATA', 2);
|
236 |
-
|
237 |
-
/**#@+
|
238 |
-
* Execution Bitmap Masks
|
239 |
-
*
|
240 |
-
* @see Net_SSH1::bitmap
|
241 |
-
* @access private
|
242 |
-
*/
|
243 |
-
define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001);
|
244 |
-
define('NET_SSH1_MASK_LOGIN', 0x00000002);
|
245 |
-
define('NET_SSH1_MASK_SHELL', 0x00000004);
|
246 |
-
/**#@-*/
|
247 |
-
|
248 |
-
/**
|
249 |
-
* Pure-PHP implementation of SSHv1.
|
250 |
-
*
|
251 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
252 |
-
* @version 0.1.0
|
253 |
-
* @access public
|
254 |
-
* @package Net_SSH1
|
255 |
-
*/
|
256 |
-
class Net_SSH1 {
|
257 |
-
/**
|
258 |
-
* The SSH identifier
|
259 |
-
*
|
260 |
-
* @var String
|
261 |
-
* @access private
|
262 |
-
*/
|
263 |
-
var $identifier = 'SSH-1.5-phpseclib';
|
264 |
-
|
265 |
-
/**
|
266 |
-
* The Socket Object
|
267 |
-
*
|
268 |
-
* @var Object
|
269 |
-
* @access private
|
270 |
-
*/
|
271 |
-
var $fsock;
|
272 |
-
|
273 |
-
/**
|
274 |
-
* The cryptography object
|
275 |
-
*
|
276 |
-
* @var Object
|
277 |
-
* @access private
|
278 |
-
*/
|
279 |
-
var $crypto = false;
|
280 |
-
|
281 |
-
/**
|
282 |
-
* Execution Bitmap
|
283 |
-
*
|
284 |
-
* The bits that are set reprsent functions that have been called already. This is used to determine
|
285 |
-
* if a requisite function has been successfully executed. If not, an error should be thrown.
|
286 |
-
*
|
287 |
-
* @var Integer
|
288 |
-
* @access private
|
289 |
-
*/
|
290 |
-
var $bitmap = 0;
|
291 |
-
|
292 |
-
/**
|
293 |
-
* The Server Key Public Exponent
|
294 |
-
*
|
295 |
-
* Logged for debug purposes
|
296 |
-
*
|
297 |
-
* @see Net_SSH1::getServerKeyPublicExponent()
|
298 |
-
* @var String
|
299 |
-
* @access private
|
300 |
-
*/
|
301 |
-
var $server_key_public_exponent;
|
302 |
-
|
303 |
-
/**
|
304 |
-
* The Server Key Public Modulus
|
305 |
-
*
|
306 |
-
* Logged for debug purposes
|
307 |
-
*
|
308 |
-
* @see Net_SSH1::getServerKeyPublicModulus()
|
309 |
-
* @var String
|
310 |
-
* @access private
|
311 |
-
*/
|
312 |
-
var $server_key_public_modulus;
|
313 |
-
|
314 |
-
/**
|
315 |
-
* The Host Key Public Exponent
|
316 |
-
*
|
317 |
-
* Logged for debug purposes
|
318 |
-
*
|
319 |
-
* @see Net_SSH1::getHostKeyPublicExponent()
|
320 |
-
* @var String
|
321 |
-
* @access private
|
322 |
-
*/
|
323 |
-
var $host_key_public_exponent;
|
324 |
-
|
325 |
-
/**
|
326 |
-
* The Host Key Public Modulus
|
327 |
-
*
|
328 |
-
* Logged for debug purposes
|
329 |
-
*
|
330 |
-
* @see Net_SSH1::getHostKeyPublicModulus()
|
331 |
-
* @var String
|
332 |
-
* @access private
|
333 |
-
*/
|
334 |
-
var $host_key_public_modulus;
|
335 |
-
|
336 |
-
/**
|
337 |
-
* Supported Ciphers
|
338 |
-
*
|
339 |
-
* Logged for debug purposes
|
340 |
-
*
|
341 |
-
* @see Net_SSH1::getSupportedCiphers()
|
342 |
-
* @var Array
|
343 |
-
* @access private
|
344 |
-
*/
|
345 |
-
var $supported_ciphers = array(
|
346 |
-
NET_SSH1_CIPHER_NONE => 'No encryption',
|
347 |
-
NET_SSH1_CIPHER_IDEA => 'IDEA in CFB mode',
|
348 |
-
NET_SSH1_CIPHER_DES => 'DES in CBC mode',
|
349 |
-
NET_SSH1_CIPHER_3DES => 'Triple-DES in CBC mode',
|
350 |
-
NET_SSH1_CIPHER_BROKEN_TSS => 'TRI\'s Simple Stream encryption CBC',
|
351 |
-
NET_SSH1_CIPHER_RC4 => 'RC4',
|
352 |
-
NET_SSH1_CIPHER_BLOWFISH => 'Blowfish'
|
353 |
-
);
|
354 |
-
|
355 |
-
/**
|
356 |
-
* Supported Authentications
|
357 |
-
*
|
358 |
-
* Logged for debug purposes
|
359 |
-
*
|
360 |
-
* @see Net_SSH1::getSupportedAuthentications()
|
361 |
-
* @var Array
|
362 |
-
* @access private
|
363 |
-
*/
|
364 |
-
var $supported_authentications = array(
|
365 |
-
NET_SSH1_AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv',
|
366 |
-
NET_SSH1_AUTH_RSA => 'pure RSA authentication',
|
367 |
-
NET_SSH1_AUTH_PASSWORD => 'password authentication',
|
368 |
-
NET_SSH1_AUTH_RHOSTS_RSA => '.rhosts with RSA host authentication'
|
369 |
-
);
|
370 |
-
|
371 |
-
/**
|
372 |
-
* Server Identification
|
373 |
-
*
|
374 |
-
* @see Net_SSH1::getServerIdentification()
|
375 |
-
* @var String
|
376 |
-
* @access private
|
377 |
-
*/
|
378 |
-
var $server_identification = '';
|
379 |
-
|
380 |
-
/**
|
381 |
-
* Default Constructor.
|
382 |
-
*
|
383 |
-
* Connects to an SSHv1 server
|
384 |
-
*
|
385 |
-
* @param String $host
|
386 |
-
* @param optional Integer $port
|
387 |
-
* @param optional Integer $timeout
|
388 |
-
* @param optional Integer $cipher
|
389 |
-
* @return Net_SSH1
|
390 |
-
* @access public
|
391 |
-
*/
|
392 |
-
function Net_SSH1($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES)
|
393 |
-
{
|
394 |
-
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
|
395 |
-
if (!$this->fsock) {
|
396 |
-
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"), E_USER_NOTICE);
|
397 |
-
return;
|
398 |
-
}
|
399 |
-
|
400 |
-
$this->server_identification = $init_line = fgets($this->fsock, 255);
|
401 |
-
if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) {
|
402 |
-
user_error('Can only connect to SSH servers', E_USER_NOTICE);
|
403 |
-
return;
|
404 |
-
}
|
405 |
-
if ($parts[1][0] != 1) {
|
406 |
-
user_error("Cannot connect to SSH $parts[1] servers", E_USER_NOTICE);
|
407 |
-
return;
|
408 |
-
}
|
409 |
-
|
410 |
-
fputs($this->fsock, $this->identifier."\r\n");
|
411 |
-
|
412 |
-
$response = $this->_get_binary_packet();
|
413 |
-
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) {
|
414 |
-
user_error('Expected SSH_SMSG_PUBLIC_KEY', E_USER_NOTICE);
|
415 |
-
return;
|
416 |
-
}
|
417 |
-
|
418 |
-
$anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8);
|
419 |
-
|
420 |
-
$this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
|
421 |
-
|
422 |
-
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
423 |
-
$server_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
424 |
-
$this->server_key_public_exponent = $server_key_public_exponent;
|
425 |
-
|
426 |
-
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
427 |
-
$server_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
428 |
-
$this->server_key_public_modulus = $server_key_public_modulus;
|
429 |
-
|
430 |
-
$this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
|
431 |
-
|
432 |
-
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
433 |
-
$host_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
434 |
-
$this->host_key_public_exponent = $host_key_public_exponent;
|
435 |
-
|
436 |
-
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
437 |
-
$host_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
438 |
-
$this->host_key_public_modulus = $host_key_public_modulus;
|
439 |
-
|
440 |
-
$this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
|
441 |
-
|
442 |
-
// get a list of the supported ciphers
|
443 |
-
extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4)));
|
444 |
-
foreach ($this->supported_ciphers as $mask=>$name) {
|
445 |
-
if (($supported_ciphers_mask & (1 << $mask)) == 0) {
|
446 |
-
unset($this->supported_ciphers[$mask]);
|
447 |
-
}
|
448 |
-
}
|
449 |
-
|
450 |
-
// get a list of the supported authentications
|
451 |
-
extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4)));
|
452 |
-
foreach ($this->supported_authentications as $mask=>$name) {
|
453 |
-
if (($supported_authentications_mask & (1 << $mask)) == 0) {
|
454 |
-
unset($this->supported_authentications[$mask]);
|
455 |
-
}
|
456 |
-
}
|
457 |
-
|
458 |
-
$session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie));
|
459 |
-
|
460 |
-
$session_key = '';
|
461 |
-
for ($i = 0; $i < 32; $i++) {
|
462 |
-
$session_key.= chr(crypt_random(0, 255));
|
463 |
-
}
|
464 |
-
$double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0));
|
465 |
-
|
466 |
-
if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) {
|
467 |
-
$double_encrypted_session_key = $this->_rsa_crypt(
|
468 |
-
$double_encrypted_session_key,
|
469 |
-
array(
|
470 |
-
$server_key_public_exponent,
|
471 |
-
$server_key_public_modulus
|
472 |
-
)
|
473 |
-
);
|
474 |
-
$double_encrypted_session_key = $this->_rsa_crypt(
|
475 |
-
$double_encrypted_session_key,
|
476 |
-
array(
|
477 |
-
$host_key_public_exponent,
|
478 |
-
$host_key_public_modulus
|
479 |
-
)
|
480 |
-
);
|
481 |
-
} else {
|
482 |
-
$double_encrypted_session_key = $this->_rsa_crypt(
|
483 |
-
$double_encrypted_session_key,
|
484 |
-
array(
|
485 |
-
$host_key_public_exponent,
|
486 |
-
$host_key_public_modulus
|
487 |
-
)
|
488 |
-
);
|
489 |
-
$double_encrypted_session_key = $this->_rsa_crypt(
|
490 |
-
$double_encrypted_session_key,
|
491 |
-
array(
|
492 |
-
$server_key_public_exponent,
|
493 |
-
$server_key_public_modulus
|
494 |
-
)
|
495 |
-
);
|
496 |
-
}
|
497 |
-
|
498 |
-
$cipher = isset($this->supported_ciphers[$cipher]) ? $cipher : NET_SSH1_CIPHER_3DES;
|
499 |
-
$data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0);
|
500 |
-
|
501 |
-
if (!$this->_send_binary_packet($data)) {
|
502 |
-
user_error('Error sending SSH_CMSG_SESSION_KEY', E_USER_NOTICE);
|
503 |
-
return;
|
504 |
-
}
|
505 |
-
|
506 |
-
switch ($cipher) {
|
507 |
-
//case NET_SSH1_CIPHER_NONE:
|
508 |
-
// $this->crypto = new Crypt_Null();
|
509 |
-
// break;
|
510 |
-
case NET_SSH1_CIPHER_DES:
|
511 |
-
$this->crypto = new Crypt_DES();
|
512 |
-
$this->crypto->disablePadding();
|
513 |
-
$this->crypto->enableContinuousBuffer();
|
514 |
-
$this->crypto->setKey(substr($session_key, 0, 8));
|
515 |
-
break;
|
516 |
-
case NET_SSH1_CIPHER_3DES:
|
517 |
-
$this->crypto = new Crypt_TripleDES(CRYPT_DES_MODE_3CBC);
|
518 |
-
$this->crypto->disablePadding();
|
519 |
-
$this->crypto->enableContinuousBuffer();
|
520 |
-
$this->crypto->setKey(substr($session_key, 0, 24));
|
521 |
-
break;
|
522 |
-
//case NET_SSH1_CIPHER_RC4:
|
523 |
-
// $this->crypto = new Crypt_RC4();
|
524 |
-
// $this->crypto->enableContinuousBuffer();
|
525 |
-
// $this->crypto->setKey(substr($session_key, 0, 16));
|
526 |
-
// break;
|
527 |
-
}
|
528 |
-
|
529 |
-
$response = $this->_get_binary_packet();
|
530 |
-
|
531 |
-
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
532 |
-
user_error('Expected SSH_SMSG_SUCCESS', E_USER_NOTICE);
|
533 |
-
return;
|
534 |
-
}
|
535 |
-
|
536 |
-
$this->bitmap = NET_SSH1_MASK_CONSTRUCTOR;
|
537 |
-
}
|
538 |
-
|
539 |
-
/**
|
540 |
-
* Login
|
541 |
-
*
|
542 |
-
* @param String $username
|
543 |
-
* @param optional String $password
|
544 |
-
* @return Boolean
|
545 |
-
* @access public
|
546 |
-
*/
|
547 |
-
function login($username, $password = '')
|
548 |
-
{
|
549 |
-
if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) {
|
550 |
-
return false;
|
551 |
-
}
|
552 |
-
|
553 |
-
$data = pack('CNa*', NET_SSH1_CMSG_USER, strlen($username), $username);
|
554 |
-
|
555 |
-
if (!$this->_send_binary_packet($data)) {
|
556 |
-
user_error('Error sending SSH_CMSG_USER', E_USER_NOTICE);
|
557 |
-
return false;
|
558 |
-
}
|
559 |
-
|
560 |
-
$response = $this->_get_binary_packet();
|
561 |
-
|
562 |
-
if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) {
|
563 |
-
$this->bitmap |= NET_SSH1_MASK_LOGIN;
|
564 |
-
return true;
|
565 |
-
} else if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_FAILURE) {
|
566 |
-
user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE', E_USER_NOTICE);
|
567 |
-
return false;
|
568 |
-
}
|
569 |
-
|
570 |
-
$data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password);
|
571 |
-
|
572 |
-
if (!$this->_send_binary_packet($data)) {
|
573 |
-
user_error('Error sending SSH_CMSG_AUTH_PASSWORD', E_USER_NOTICE);
|
574 |
-
return false;
|
575 |
-
}
|
576 |
-
|
577 |
-
$response = $this->_get_binary_packet();
|
578 |
-
|
579 |
-
if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) {
|
580 |
-
$this->bitmap |= NET_SSH1_MASK_LOGIN;
|
581 |
-
return true;
|
582 |
-
} else if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_FAILURE) {
|
583 |
-
return false;
|
584 |
-
} else {
|
585 |
-
user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE', E_USER_NOTICE);
|
586 |
-
return false;
|
587 |
-
}
|
588 |
-
}
|
589 |
-
|
590 |
-
/**
|
591 |
-
* Executes a command on a non-interactive shell, returns the output, and quits.
|
592 |
-
*
|
593 |
-
* An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2
|
594 |
-
* servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a
|
595 |
-
* shell with the -s option, as discussed in the following links:
|
596 |
-
*
|
597 |
-
* {@link http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_65.html}
|
598 |
-
* {@link http://www.faqs.org/docs/bashman/bashref_62.html http://www.faqs.org/docs/bashman/bashref_62.html}
|
599 |
-
*
|
600 |
-
* To execute further commands, a new Net_SSH1 object will need to be created.
|
601 |
-
*
|
602 |
-
* Returns false on failure and the output, otherwise.
|
603 |
-
*
|
604 |
-
* @see Net_SSH1::interactiveRead()
|
605 |
-
* @see Net_SSH1::interactiveWrite()
|
606 |
-
* @param String $cmd
|
607 |
-
* @return mixed
|
608 |
-
* @access public
|
609 |
-
*/
|
610 |
-
function exec($cmd)
|
611 |
-
{
|
612 |
-
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
|
613 |
-
user_error('Operation disallowed prior to login()', E_USER_NOTICE);
|
614 |
-
return false;
|
615 |
-
}
|
616 |
-
|
617 |
-
// connect using the sample parameters in protocol-1.5.txt.
|
618 |
-
// according to wikipedia.org's entry on text terminals, "the fundamental type of application running on a text
|
619 |
-
// terminal is a command line interpreter or shell". thus, opening a terminal session to run the shell.
|
620 |
-
$data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END);
|
621 |
-
|
622 |
-
if (!$this->_send_binary_packet($data)) {
|
623 |
-
user_error('Error sending SSH_CMSG_REQUEST_PTY', E_USER_NOTICE);
|
624 |
-
return false;
|
625 |
-
}
|
626 |
-
|
627 |
-
$response = $this->_get_binary_packet();
|
628 |
-
|
629 |
-
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
630 |
-
user_error('Expected SSH_SMSG_SUCCESS', E_USER_NOTICE);
|
631 |
-
return false;
|
632 |
-
}
|
633 |
-
|
634 |
-
$data = pack('CNa*', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd);
|
635 |
-
|
636 |
-
if (!$this->_send_binary_packet($data)) {
|
637 |
-
user_error('Error sending SSH_CMSG_EXEC_CMD', E_USER_NOTICE);
|
638 |
-
return false;
|
639 |
-
}
|
640 |
-
|
641 |
-
$output = '';
|
642 |
-
$response = $this->_get_binary_packet();
|
643 |
-
|
644 |
-
do {
|
645 |
-
$output.= substr($response[NET_SSH1_RESPONSE_DATA], 4);
|
646 |
-
$response = $this->_get_binary_packet();
|
647 |
-
} while ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_EXITSTATUS);
|
648 |
-
|
649 |
-
$data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION);
|
650 |
-
|
651 |
-
// i don't think it's really all that important if this packet gets sent or not.
|
652 |
-
$this->_send_binary_packet($data);
|
653 |
-
|
654 |
-
fclose($this->fsock);
|
655 |
-
|
656 |
-
// reset the execution bitmap - a new Net_SSH1 object needs to be created.
|
657 |
-
$this->bitmap = 0;
|
658 |
-
|
659 |
-
return $output;
|
660 |
-
}
|
661 |
-
|
662 |
-
/**
|
663 |
-
* Creates an interactive shell
|
664 |
-
*
|
665 |
-
* @see Net_SSH1::interactiveRead()
|
666 |
-
* @see Net_SSH1::interactiveWrite()
|
667 |
-
* @return Boolean
|
668 |
-
* @access private
|
669 |
-
*/
|
670 |
-
function _initShell()
|
671 |
-
{
|
672 |
-
$data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END);
|
673 |
-
|
674 |
-
if (!$this->_send_binary_packet($data)) {
|
675 |
-
user_error('Error sending SSH_CMSG_REQUEST_PTY', E_USER_NOTICE);
|
676 |
-
return false;
|
677 |
-
}
|
678 |
-
|
679 |
-
$response = $this->_get_binary_packet();
|
680 |
-
|
681 |
-
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
682 |
-
user_error('Expected SSH_SMSG_SUCCESS', E_USER_NOTICE);
|
683 |
-
return false;
|
684 |
-
}
|
685 |
-
|
686 |
-
$data = pack('C', NET_SSH1_CMSG_EXEC_SHELL);
|
687 |
-
|
688 |
-
if (!$this->_send_binary_packet($data)) {
|
689 |
-
user_error('Error sending SSH_CMSG_EXEC_SHELL', E_USER_NOTICE);
|
690 |
-
return false;
|
691 |
-
}
|
692 |
-
|
693 |
-
$this->bitmap |= NET_SSH1_MASK_SHELL;
|
694 |
-
|
695 |
-
//stream_set_blocking($this->fsock, 0);
|
696 |
-
|
697 |
-
return true;
|
698 |
-
}
|
699 |
-
|
700 |
-
/**
|
701 |
-
* Inputs a command into an interactive shell.
|
702 |
-
*
|
703 |
-
* @see Net_SSH1::interactiveRead()
|
704 |
-
* @param String $cmd
|
705 |
-
* @return Boolean
|
706 |
-
* @access public
|
707 |
-
*/
|
708 |
-
function interactiveWrite($cmd)
|
709 |
-
{
|
710 |
-
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
|
711 |
-
user_error('Operation disallowed prior to login()', E_USER_NOTICE);
|
712 |
-
return false;
|
713 |
-
}
|
714 |
-
|
715 |
-
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
|
716 |
-
user_error('Unable to initiate an interactive shell session', E_USER_NOTICE);
|
717 |
-
return false;
|
718 |
-
}
|
719 |
-
|
720 |
-
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd);
|
721 |
-
|
722 |
-
if (!$this->_send_binary_packet($data)) {
|
723 |
-
user_error('Error sending SSH_CMSG_STDIN', E_USER_NOTICE);
|
724 |
-
return false;
|
725 |
-
}
|
726 |
-
|
727 |
-
return true;
|
728 |
-
}
|
729 |
-
|
730 |
-
/**
|
731 |
-
* Reads the output of an interactive shell.
|
732 |
-
*
|
733 |
-
* Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like
|
734 |
-
* "[00m", you're seeing ANSI escape codes. According to
|
735 |
-
* {@link http://support.microsoft.com/kb/101875 How to Enable ANSI.SYS in a Command Window}, "Windows NT
|
736 |
-
* does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user,
|
737 |
-
* there's not going to be much recourse.
|
738 |
-
*
|
739 |
-
* @see Net_SSH1::interactiveRead()
|
740 |
-
* @return String
|
741 |
-
* @access public
|
742 |
-
*/
|
743 |
-
function interactiveRead()
|
744 |
-
{
|
745 |
-
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
|
746 |
-
user_error('Operation disallowed prior to login()', E_USER_NOTICE);
|
747 |
-
return false;
|
748 |
-
}
|
749 |
-
|
750 |
-
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
|
751 |
-
user_error('Unable to initiate an interactive shell session', E_USER_NOTICE);
|
752 |
-
return false;
|
753 |
-
}
|
754 |
-
|
755 |
-
$read = array($this->fsock);
|
756 |
-
$write = $except = null;
|
757 |
-
if (stream_select($read, $write, $except, 0)) {
|
758 |
-
$response = $this->_get_binary_packet();
|
759 |
-
return substr($response[NET_SSH1_RESPONSE_DATA], 4);
|
760 |
-
} else {
|
761 |
-
return '';
|
762 |
-
}
|
763 |
-
}
|
764 |
-
|
765 |
-
/**
|
766 |
-
* Disconnect
|
767 |
-
*
|
768 |
-
* @access public
|
769 |
-
*/
|
770 |
-
function disconnect()
|
771 |
-
{
|
772 |
-
$this->_disconnect();
|
773 |
-
}
|
774 |
-
|
775 |
-
/**
|
776 |
-
* Destructor.
|
777 |
-
*
|
778 |
-
* Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
|
779 |
-
* disconnect().
|
780 |
-
*
|
781 |
-
* @access public
|
782 |
-
*/
|
783 |
-
function __destruct()
|
784 |
-
{
|
785 |
-
$this->_disconnect();
|
786 |
-
}
|
787 |
-
|
788 |
-
/**
|
789 |
-
* Disconnect
|
790 |
-
*
|
791 |
-
* @param String $msg
|
792 |
-
* @access private
|
793 |
-
*/
|
794 |
-
function _disconnect($msg = 'Client Quit')
|
795 |
-
{
|
796 |
-
if ($this->bitmap) {
|
797 |
-
$data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg);
|
798 |
-
$this->_send_binary_packet($data);
|
799 |
-
fclose($this->fsock);
|
800 |
-
$this->bitmap = 0;
|
801 |
-
}
|
802 |
-
}
|
803 |
-
|
804 |
-
/**
|
805 |
-
* Gets Binary Packets
|
806 |
-
*
|
807 |
-
* See 'The Binary Packet Protocol' of protocol-1.5.txt for more info.
|
808 |
-
*
|
809 |
-
* Also, this function could be improved upon by adding detection for the following exploit:
|
810 |
-
* http://www.securiteam.com/securitynews/5LP042K3FY.html
|
811 |
-
*
|
812 |
-
* @see Net_SSH1::_send_binary_packet()
|
813 |
-
* @return Array
|
814 |
-
* @access private
|
815 |
-
*/
|
816 |
-
function _get_binary_packet()
|
817 |
-
{
|
818 |
-
if (feof($this->fsock)) {
|
819 |
-
//user_error('connection closed prematurely', E_USER_NOTICE);
|
820 |
-
return false;
|
821 |
-
}
|
822 |
-
|
823 |
-
$temp = unpack('Nlength', fread($this->fsock, 4));
|
824 |
-
|
825 |
-
$padding_length = 8 - ($temp['length'] & 7);
|
826 |
-
$length = $temp['length'] + $padding_length;
|
827 |
-
|
828 |
-
$raw = fread($this->fsock, $length);
|
829 |
-
|
830 |
-
if ($this->crypto !== false) {
|
831 |
-
$raw = $this->crypto->decrypt($raw);
|
832 |
-
}
|
833 |
-
|
834 |
-
$padding = substr($raw, 0, $padding_length);
|
835 |
-
$type = $raw[$padding_length];
|
836 |
-
$data = substr($raw, $padding_length + 1, -4);
|
837 |
-
|
838 |
-
$temp = unpack('Ncrc', substr($raw, -4));
|
839 |
-
|
840 |
-
//if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) {
|
841 |
-
// user_error('Bad CRC in packet from server', E_USER_NOTICE);
|
842 |
-
// return false;
|
843 |
-
//}
|
844 |
-
|
845 |
-
return array(
|
846 |
-
NET_SSH1_RESPONSE_TYPE => ord($type),
|
847 |
-
NET_SSH1_RESPONSE_DATA => $data
|
848 |
-
);
|
849 |
-
}
|
850 |
-
|
851 |
-
/**
|
852 |
-
* Sends Binary Packets
|
853 |
-
*
|
854 |
-
* Returns true on success, false on failure.
|
855 |
-
*
|
856 |
-
* @see Net_SSH1::_get_binary_packet()
|
857 |
-
* @param String $data
|
858 |
-
* @return Boolean
|
859 |
-
* @access private
|
860 |
-
*/
|
861 |
-
function _send_binary_packet($data) {
|
862 |
-
if (feof($this->fsock)) {
|
863 |
-
//user_error('connection closed prematurely', E_USER_NOTICE);
|
864 |
-
return false;
|
865 |
-
}
|
866 |
-
|
867 |
-
$length = strlen($data) + 4;
|
868 |
-
|
869 |
-
$padding_length = 8 - ($length & 7);
|
870 |
-
$padding = '';
|
871 |
-
for ($i = 0; $i < $padding_length; $i++) {
|
872 |
-
$padding.= chr(crypt_random(0, 255));
|
873 |
-
}
|
874 |
-
|
875 |
-
$data = $padding . $data;
|
876 |
-
$data.= pack('N', $this->_crc($data));
|
877 |
-
|
878 |
-
if ($this->crypto !== false) {
|
879 |
-
$data = $this->crypto->encrypt($data);
|
880 |
-
}
|
881 |
-
|
882 |
-
$packet = pack('Na*', $length, $data);
|
883 |
-
|
884 |
-
return strlen($packet) == fputs($this->fsock, $packet);
|
885 |
-
}
|
886 |
-
|
887 |
-
/**
|
888 |
-
* Cyclic Redundancy Check (CRC)
|
889 |
-
*
|
890 |
-
* PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so
|
891 |
-
* we've reimplemented it. A more detailed discussion of the differences can be found after
|
892 |
-
* $crc_lookup_table's initialization.
|
893 |
-
*
|
894 |
-
* @see Net_SSH1::_get_binary_packet()
|
895 |
-
* @see Net_SSH1::_send_binary_packet()
|
896 |
-
* @param String $data
|
897 |
-
* @return Integer
|
898 |
-
* @access private
|
899 |
-
*/
|
900 |
-
function _crc($data)
|
901 |
-
{
|
902 |
-
static $crc_lookup_table = array(
|
903 |
-
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA,
|
904 |
-
0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3,
|
905 |
-
0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
|
906 |
-
0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91,
|
907 |
-
0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE,
|
908 |
-
0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
|
909 |
-
0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC,
|
910 |
-
0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5,
|
911 |
-
0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
|
912 |
-
0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B,
|
913 |
-
0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940,
|
914 |
-
0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59,
|
915 |
-
0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116,
|
916 |
-
0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F,
|
917 |
-
0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924,
|
918 |
-
0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D,
|
919 |
-
0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A,
|
920 |
-
0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433,
|
921 |
-
0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818,
|
922 |
-
0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01,
|
923 |
-
0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
|
924 |
-
0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457,
|
925 |
-
0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C,
|
926 |
-
0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65,
|
927 |
-
0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2,
|
928 |
-
0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB,
|
929 |
-
0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0,
|
930 |
-
0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9,
|
931 |
-
0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086,
|
932 |
-
0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F,
|
933 |
-
0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4,
|
934 |
-
0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD,
|
935 |
-
0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A,
|
936 |
-
0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683,
|
937 |
-
0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8,
|
938 |
-
0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1,
|
939 |
-
0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE,
|
940 |
-
0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7,
|
941 |
-
0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC,
|
942 |
-
0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5,
|
943 |
-
0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252,
|
944 |
-
0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
|
945 |
-
0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60,
|
946 |
-
0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79,
|
947 |
-
0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236,
|
948 |
-
0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F,
|
949 |
-
0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04,
|
950 |
-
0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D,
|
951 |
-
0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A,
|
952 |
-
0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713,
|
953 |
-
0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38,
|
954 |
-
0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21,
|
955 |
-
0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E,
|
956 |
-
0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777,
|
957 |
-
0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C,
|
958 |
-
0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45,
|
959 |
-
0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2,
|
960 |
-
0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB,
|
961 |
-
0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0,
|
962 |
-
0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9,
|
963 |
-
0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6,
|
964 |
-
0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF,
|
965 |
-
0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
|
966 |
-
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
|
967 |
-
);
|
968 |
-
|
969 |
-
// For this function to yield the same output as PHP's crc32 function, $crc would have to be
|
970 |
-
// set to 0xFFFFFFFF, initially - not 0x00000000 as it currently is.
|
971 |
-
$crc = 0x00000000;
|
972 |
-
$length = strlen($data);
|
973 |
-
|
974 |
-
for ($i=0;$i<$length;$i++) {
|
975 |
-
// We AND $crc >> 8 with 0x00FFFFFF because we want the eight newly added bits to all
|
976 |
-
// be zero. PHP, unfortunately, doesn't always do this. 0x80000000 >> 8, as an example,
|
977 |
-
// yields 0xFF800000 - not 0x00800000. The following link elaborates:
|
978 |
-
// http://www.php.net/manual/en/language.operators.bitwise.php#57281
|
979 |
-
$crc = (($crc >> 8) & 0x00FFFFFF) ^ $crc_lookup_table[($crc & 0xFF) ^ ord($data[$i])];
|
980 |
-
}
|
981 |
-
|
982 |
-
// In addition to having to set $crc to 0xFFFFFFFF, initially, the return value must be XOR'd with
|
983 |
-
// 0xFFFFFFFF for this function to return the same thing that PHP's crc32 function would.
|
984 |
-
return $crc;
|
985 |
-
}
|
986 |
-
|
987 |
-
/**
|
988 |
-
* String Shift
|
989 |
-
*
|
990 |
-
* Inspired by array_shift
|
991 |
-
*
|
992 |
-
* @param String $string
|
993 |
-
* @param optional Integer $index
|
994 |
-
* @return String
|
995 |
-
* @access private
|
996 |
-
*/
|
997 |
-
function _string_shift(&$string, $index = 1)
|
998 |
-
{
|
999 |
-
$substr = substr($string, 0, $index);
|
1000 |
-
$string = substr($string, $index);
|
1001 |
-
return $substr;
|
1002 |
-
}
|
1003 |
-
|
1004 |
-
/**
|
1005 |
-
* RSA Encrypt
|
1006 |
-
*
|
1007 |
-
* Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e
|
1008 |
-
* should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that
|
1009 |
-
* calls this call modexp, instead, but I think this makes things clearer, maybe...
|
1010 |
-
*
|
1011 |
-
* @see Net_SSH1::Net_SSH1()
|
1012 |
-
* @param Math_BigInteger $m
|
1013 |
-
* @param Array $key
|
1014 |
-
* @return Math_BigInteger
|
1015 |
-
* @access private
|
1016 |
-
*/
|
1017 |
-
function _rsa_crypt($m, $key)
|
1018 |
-
{
|
1019 |
-
/*
|
1020 |
-
if (!class_exists('Crypt_RSA')) {
|
1021 |
-
require_once('Crypt/RSA.php');
|
1022 |
-
}
|
1023 |
-
|
1024 |
-
$rsa = new Crypt_RSA();
|
1025 |
-
$rsa->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW);
|
1026 |
-
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
|
1027 |
-
return $rsa->encrypt($m);
|
1028 |
-
*/
|
1029 |
-
|
1030 |
-
// To quote from protocol-1.5.txt:
|
1031 |
-
// The most significant byte (which is only partial as the value must be
|
1032 |
-
// less than the public modulus, which is never a power of two) is zero.
|
1033 |
-
//
|
1034 |
-
// The next byte contains the value 2 (which stands for public-key
|
1035 |
-
// encrypted data in the PKCS standard [PKCS#1]). Then, there are non-
|
1036 |
-
// zero random bytes to fill any unused space, a zero byte, and the data
|
1037 |
-
// to be encrypted in the least significant bytes, the last byte of the
|
1038 |
-
// data in the least significant byte.
|
1039 |
-
|
1040 |
-
// Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation",
|
1041 |
-
// under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL:
|
1042 |
-
// ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
|
1043 |
-
$temp = chr(0) . chr(2);
|
1044 |
-
$modulus = $key[1]->toBytes();
|
1045 |
-
$length = strlen($modulus) - strlen($m) - 3;
|
1046 |
-
for ($i = 0; $i < $length; $i++) {
|
1047 |
-
$temp.= chr(crypt_random(1, 255));
|
1048 |
-
}
|
1049 |
-
$temp.= chr(0) . $m;
|
1050 |
-
|
1051 |
-
$m = new Math_BigInteger($temp, 256);
|
1052 |
-
$m = $m->modPow($key[0], $key[1]);
|
1053 |
-
|
1054 |
-
return $m->toBytes();
|
1055 |
-
}
|
1056 |
-
|
1057 |
-
/**
|
1058 |
-
* Return the server key public exponent
|
1059 |
-
*
|
1060 |
-
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1061 |
-
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1062 |
-
*
|
1063 |
-
* @param optional Boolean $raw_output
|
1064 |
-
* @return String
|
1065 |
-
* @access public
|
1066 |
-
*/
|
1067 |
-
function getServerKeyPublicExponent($raw_output = false)
|
1068 |
-
{
|
1069 |
-
return $raw_output ? $this->server_key_public_exponent->toBytes() : $this->server_key_public_exponent->toString();
|
1070 |
-
}
|
1071 |
-
|
1072 |
-
/**
|
1073 |
-
* Return the server key public modulus
|
1074 |
-
*
|
1075 |
-
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1076 |
-
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1077 |
-
*
|
1078 |
-
* @param optional Boolean $raw_output
|
1079 |
-
* @return String
|
1080 |
-
* @access public
|
1081 |
-
*/
|
1082 |
-
function getServerKeyPublicModulus($raw_output = false)
|
1083 |
-
{
|
1084 |
-
return $raw_output ? $this->server_key_public_modulus->toBytes() : $this->server_key_public_modulus->toString();
|
1085 |
-
}
|
1086 |
-
|
1087 |
-
/**
|
1088 |
-
* Return the host key public exponent
|
1089 |
-
*
|
1090 |
-
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1091 |
-
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1092 |
-
*
|
1093 |
-
* @param optional Boolean $raw_output
|
1094 |
-
* @return String
|
1095 |
-
* @access public
|
1096 |
-
*/
|
1097 |
-
function getHostKeyPublicExponent($raw_output = false)
|
1098 |
-
{
|
1099 |
-
return $raw_output ? $this->host_key_public_exponent->toBytes() : $this->host_key_public_exponent->toString();
|
1100 |
-
}
|
1101 |
-
|
1102 |
-
/**
|
1103 |
-
* Return the host key public modulus
|
1104 |
-
*
|
1105 |
-
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1106 |
-
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1107 |
-
*
|
1108 |
-
* @param optional Boolean $raw_output
|
1109 |
-
* @return String
|
1110 |
-
* @access public
|
1111 |
-
*/
|
1112 |
-
function getHostKeyPublicModulus($raw_output = false)
|
1113 |
-
{
|
1114 |
-
return $raw_output ? $this->host_key_public_modulus->toBytes() : $this->host_key_public_modulus->toString();
|
1115 |
-
}
|
1116 |
-
|
1117 |
-
/**
|
1118 |
-
* Return a list of ciphers supported by SSH1 server.
|
1119 |
-
*
|
1120 |
-
* Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output
|
1121 |
-
* is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll
|
1122 |
-
* get array(NET_SSH1_CIPHER_3DES).
|
1123 |
-
*
|
1124 |
-
* @param optional Boolean $raw_output
|
1125 |
-
* @return Array
|
1126 |
-
* @access public
|
1127 |
-
*/
|
1128 |
-
function getSupportedCiphers($raw_output = false)
|
1129 |
-
{
|
1130 |
-
return $raw_output ? array_keys($this->supported_ciphers) : array_values($this->supported_ciphers);
|
1131 |
-
}
|
1132 |
-
|
1133 |
-
/**
|
1134 |
-
* Return a list of authentications supported by SSH1 server.
|
1135 |
-
*
|
1136 |
-
* Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output
|
1137 |
-
* is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll
|
1138 |
-
* get array(NET_SSH1_AUTH_PASSWORD).
|
1139 |
-
*
|
1140 |
-
* @param optional Boolean $raw_output
|
1141 |
-
* @return Array
|
1142 |
-
* @access public
|
1143 |
-
*/
|
1144 |
-
function getSupportedAuthentications($raw_output = false)
|
1145 |
-
{
|
1146 |
-
return $raw_output ? array_keys($this->supported_authentications) : array_values($this->supported_authentications);
|
1147 |
-
}
|
1148 |
-
|
1149 |
-
/**
|
1150 |
-
* Return the server identification.
|
1151 |
-
*
|
1152 |
-
* @return String
|
1153 |
-
* @access public
|
1154 |
-
*/
|
1155 |
-
function getServerIdentification()
|
1156 |
-
{
|
1157 |
-
return rtrim($this->server_identification);
|
1158 |
-
}
|
1159 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of SSHv1.
|
6 |
+
*
|
7 |
+
* PHP versions 4 and 5
|
8 |
+
*
|
9 |
+
* Here's a short example of how to use this library:
|
10 |
+
* <code>
|
11 |
+
* <?php
|
12 |
+
* include('Net/SSH1.php');
|
13 |
+
*
|
14 |
+
* $ssh = new Net_SSH1('www.domain.tld');
|
15 |
+
* if (!$ssh->login('username', 'password')) {
|
16 |
+
* exit('Login Failed');
|
17 |
+
* }
|
18 |
+
*
|
19 |
+
* while (true) {
|
20 |
+
* echo $ssh->interactiveRead();
|
21 |
+
*
|
22 |
+
* $read = array(STDIN);
|
23 |
+
* $write = $except = NULL;
|
24 |
+
* if (stream_select($read, $write, $except, 0)) {
|
25 |
+
* $ssh->interactiveWrite(fread(STDIN, 1));
|
26 |
+
* }
|
27 |
+
* }
|
28 |
+
* ?>
|
29 |
+
* </code>
|
30 |
+
*
|
31 |
+
* Here's another short example:
|
32 |
+
* <code>
|
33 |
+
* <?php
|
34 |
+
* include('Net/SSH1.php');
|
35 |
+
*
|
36 |
+
* $ssh = new Net_SSH1('www.domain.tld');
|
37 |
+
* if (!$ssh->login('username', 'password')) {
|
38 |
+
* exit('Login Failed');
|
39 |
+
* }
|
40 |
+
*
|
41 |
+
* echo $ssh->exec('ls -la');
|
42 |
+
* ?>
|
43 |
+
* </code>
|
44 |
+
*
|
45 |
+
* More information on the SSHv1 specification can be found by reading
|
46 |
+
* {@link http://www.snailbook.com/docs/protocol-1.5.txt protocol-1.5.txt}.
|
47 |
+
*
|
48 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
49 |
+
* modify it under the terms of the GNU Lesser General Public
|
50 |
+
* License as published by the Free Software Foundation; either
|
51 |
+
* version 2.1 of the License, or (at your option) any later version.
|
52 |
+
*
|
53 |
+
* This library is distributed in the hope that it will be useful,
|
54 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
55 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
56 |
+
* Lesser General Public License for more details.
|
57 |
+
*
|
58 |
+
* You should have received a copy of the GNU Lesser General Public
|
59 |
+
* License along with this library; if not, write to the Free Software
|
60 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
61 |
+
* MA 02111-1307 USA
|
62 |
+
*
|
63 |
+
* @category Net
|
64 |
+
* @package Net_SSH1
|
65 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
66 |
+
* @copyright MMVII Jim Wigginton
|
67 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
68 |
+
* @version $Id: SSH1.php,v 1.15 2010/03/22 22:01:38 terrafrost Exp $
|
69 |
+
* @link http://phpseclib.sourceforge.net
|
70 |
+
*/
|
71 |
+
|
72 |
+
/**
|
73 |
+
* Include Math_BigInteger
|
74 |
+
*
|
75 |
+
* Used to do RSA encryption.
|
76 |
+
*/
|
77 |
+
require_once('phpseclib/Math/BigInteger.php');
|
78 |
+
|
79 |
+
/**
|
80 |
+
* Include Crypt_Null
|
81 |
+
*/
|
82 |
+
//require_once('Crypt/Null.php');
|
83 |
+
|
84 |
+
/**
|
85 |
+
* Include Crypt_DES
|
86 |
+
*/
|
87 |
+
require_once('phpseclib/Crypt/DES.php');
|
88 |
+
|
89 |
+
/**
|
90 |
+
* Include Crypt_TripleDES
|
91 |
+
*/
|
92 |
+
require_once('phpseclib/Crypt/TripleDES.php');
|
93 |
+
|
94 |
+
/**
|
95 |
+
* Include Crypt_RC4
|
96 |
+
*/
|
97 |
+
require_once('phpseclib/Crypt/RC4.php');
|
98 |
+
|
99 |
+
/**
|
100 |
+
* Include Crypt_Random
|
101 |
+
*/
|
102 |
+
require_once('phpseclib/Crypt/Random.php');
|
103 |
+
|
104 |
+
/**#@+
|
105 |
+
* Protocol Flags
|
106 |
+
*
|
107 |
+
* @access private
|
108 |
+
*/
|
109 |
+
define('NET_SSH1_MSG_DISCONNECT', 1);
|
110 |
+
define('NET_SSH1_SMSG_PUBLIC_KEY', 2);
|
111 |
+
define('NET_SSH1_CMSG_SESSION_KEY', 3);
|
112 |
+
define('NET_SSH1_CMSG_USER', 4);
|
113 |
+
define('NET_SSH1_CMSG_AUTH_PASSWORD', 9);
|
114 |
+
define('NET_SSH1_CMSG_REQUEST_PTY', 10);
|
115 |
+
define('NET_SSH1_CMSG_EXEC_SHELL', 12);
|
116 |
+
define('NET_SSH1_CMSG_EXEC_CMD', 13);
|
117 |
+
define('NET_SSH1_SMSG_SUCCESS', 14);
|
118 |
+
define('NET_SSH1_SMSG_FAILURE', 15);
|
119 |
+
define('NET_SSH1_CMSG_STDIN_DATA', 16);
|
120 |
+
define('NET_SSH1_SMSG_STDOUT_DATA', 17);
|
121 |
+
define('NET_SSH1_SMSG_STDERR_DATA', 18);
|
122 |
+
define('NET_SSH1_SMSG_EXITSTATUS', 20);
|
123 |
+
define('NET_SSH1_CMSG_EXIT_CONFIRMATION', 33);
|
124 |
+
/**#@-*/
|
125 |
+
|
126 |
+
/**#@+
|
127 |
+
* Encryption Methods
|
128 |
+
*
|
129 |
+
* @see Net_SSH1::getSupportedCiphers()
|
130 |
+
* @access public
|
131 |
+
*/
|
132 |
+
/**
|
133 |
+
* No encryption
|
134 |
+
*
|
135 |
+
* Not supported.
|
136 |
+
*/
|
137 |
+
define('NET_SSH1_CIPHER_NONE', 0);
|
138 |
+
/**
|
139 |
+
* IDEA in CFB mode
|
140 |
+
*
|
141 |
+
* Not supported.
|
142 |
+
*/
|
143 |
+
define('NET_SSH1_CIPHER_IDEA', 1);
|
144 |
+
/**
|
145 |
+
* DES in CBC mode
|
146 |
+
*/
|
147 |
+
define('NET_SSH1_CIPHER_DES', 2);
|
148 |
+
/**
|
149 |
+
* Triple-DES in CBC mode
|
150 |
+
*
|
151 |
+
* All implementations are required to support this
|
152 |
+
*/
|
153 |
+
define('NET_SSH1_CIPHER_3DES', 3);
|
154 |
+
/**
|
155 |
+
* TRI's Simple Stream encryption CBC
|
156 |
+
*
|
157 |
+
* Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h),
|
158 |
+
* although it doesn't use it (see cipher.c)
|
159 |
+
*/
|
160 |
+
define('NET_SSH1_CIPHER_BROKEN_TSS', 4);
|
161 |
+
/**
|
162 |
+
* RC4
|
163 |
+
*
|
164 |
+
* Not supported.
|
165 |
+
*
|
166 |
+
* @internal According to the SSH1 specs:
|
167 |
+
*
|
168 |
+
* "The first 16 bytes of the session key are used as the key for
|
169 |
+
* the server to client direction. The remaining 16 bytes are used
|
170 |
+
* as the key for the client to server direction. This gives
|
171 |
+
* independent 128-bit keys for each direction."
|
172 |
+
*
|
173 |
+
* This library currently only supports encryption when the same key is being used for both directions. This is
|
174 |
+
* because there's only one $crypto object. Two could be added ($encrypt and $decrypt, perhaps).
|
175 |
+
*/
|
176 |
+
define('NET_SSH1_CIPHER_RC4', 5);
|
177 |
+
/**
|
178 |
+
* Blowfish
|
179 |
+
*
|
180 |
+
* Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and
|
181 |
+
* uses it (see cipher.c)
|
182 |
+
*/
|
183 |
+
define('NET_SSH1_CIPHER_BLOWFISH', 6);
|
184 |
+
/**#@-*/
|
185 |
+
|
186 |
+
/**#@+
|
187 |
+
* Authentication Methods
|
188 |
+
*
|
189 |
+
* @see Net_SSH1::getSupportedAuthentications()
|
190 |
+
* @access public
|
191 |
+
*/
|
192 |
+
/**
|
193 |
+
* .rhosts or /etc/hosts.equiv
|
194 |
+
*/
|
195 |
+
define('NET_SSH1_AUTH_RHOSTS', 1);
|
196 |
+
/**
|
197 |
+
* pure RSA authentication
|
198 |
+
*/
|
199 |
+
define('NET_SSH1_AUTH_RSA', 2);
|
200 |
+
/**
|
201 |
+
* password authentication
|
202 |
+
*
|
203 |
+
* This is the only method that is supported by this library.
|
204 |
+
*/
|
205 |
+
define('NET_SSH1_AUTH_PASSWORD', 3);
|
206 |
+
/**
|
207 |
+
* .rhosts with RSA host authentication
|
208 |
+
*/
|
209 |
+
define('NET_SSH1_AUTH_RHOSTS_RSA', 4);
|
210 |
+
/**#@-*/
|
211 |
+
|
212 |
+
/**#@+
|
213 |
+
* Terminal Modes
|
214 |
+
*
|
215 |
+
* @link http://3sp.com/content/developer/maverick-net/docs/Maverick.SSH.PseudoTerminalModesMembers.html
|
216 |
+
* @access private
|
217 |
+
*/
|
218 |
+
define('NET_SSH1_TTY_OP_END', 0);
|
219 |
+
/**#@-*/
|
220 |
+
|
221 |
+
/**
|
222 |
+
* The Response Type
|
223 |
+
*
|
224 |
+
* @see Net_SSH1::_get_binary_packet()
|
225 |
+
* @access private
|
226 |
+
*/
|
227 |
+
define('NET_SSH1_RESPONSE_TYPE', 1);
|
228 |
+
|
229 |
+
/**
|
230 |
+
* The Response Data
|
231 |
+
*
|
232 |
+
* @see Net_SSH1::_get_binary_packet()
|
233 |
+
* @access private
|
234 |
+
*/
|
235 |
+
define('NET_SSH1_RESPONSE_DATA', 2);
|
236 |
+
|
237 |
+
/**#@+
|
238 |
+
* Execution Bitmap Masks
|
239 |
+
*
|
240 |
+
* @see Net_SSH1::bitmap
|
241 |
+
* @access private
|
242 |
+
*/
|
243 |
+
define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001);
|
244 |
+
define('NET_SSH1_MASK_LOGIN', 0x00000002);
|
245 |
+
define('NET_SSH1_MASK_SHELL', 0x00000004);
|
246 |
+
/**#@-*/
|
247 |
+
|
248 |
+
/**
|
249 |
+
* Pure-PHP implementation of SSHv1.
|
250 |
+
*
|
251 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
252 |
+
* @version 0.1.0
|
253 |
+
* @access public
|
254 |
+
* @package Net_SSH1
|
255 |
+
*/
|
256 |
+
class Net_SSH1 {
|
257 |
+
/**
|
258 |
+
* The SSH identifier
|
259 |
+
*
|
260 |
+
* @var String
|
261 |
+
* @access private
|
262 |
+
*/
|
263 |
+
var $identifier = 'SSH-1.5-phpseclib';
|
264 |
+
|
265 |
+
/**
|
266 |
+
* The Socket Object
|
267 |
+
*
|
268 |
+
* @var Object
|
269 |
+
* @access private
|
270 |
+
*/
|
271 |
+
var $fsock;
|
272 |
+
|
273 |
+
/**
|
274 |
+
* The cryptography object
|
275 |
+
*
|
276 |
+
* @var Object
|
277 |
+
* @access private
|
278 |
+
*/
|
279 |
+
var $crypto = false;
|
280 |
+
|
281 |
+
/**
|
282 |
+
* Execution Bitmap
|
283 |
+
*
|
284 |
+
* The bits that are set reprsent functions that have been called already. This is used to determine
|
285 |
+
* if a requisite function has been successfully executed. If not, an error should be thrown.
|
286 |
+
*
|
287 |
+
* @var Integer
|
288 |
+
* @access private
|
289 |
+
*/
|
290 |
+
var $bitmap = 0;
|
291 |
+
|
292 |
+
/**
|
293 |
+
* The Server Key Public Exponent
|
294 |
+
*
|
295 |
+
* Logged for debug purposes
|
296 |
+
*
|
297 |
+
* @see Net_SSH1::getServerKeyPublicExponent()
|
298 |
+
* @var String
|
299 |
+
* @access private
|
300 |
+
*/
|
301 |
+
var $server_key_public_exponent;
|
302 |
+
|
303 |
+
/**
|
304 |
+
* The Server Key Public Modulus
|
305 |
+
*
|
306 |
+
* Logged for debug purposes
|
307 |
+
*
|
308 |
+
* @see Net_SSH1::getServerKeyPublicModulus()
|
309 |
+
* @var String
|
310 |
+
* @access private
|
311 |
+
*/
|
312 |
+
var $server_key_public_modulus;
|
313 |
+
|
314 |
+
/**
|
315 |
+
* The Host Key Public Exponent
|
316 |
+
*
|
317 |
+
* Logged for debug purposes
|
318 |
+
*
|
319 |
+
* @see Net_SSH1::getHostKeyPublicExponent()
|
320 |
+
* @var String
|
321 |
+
* @access private
|
322 |
+
*/
|
323 |
+
var $host_key_public_exponent;
|
324 |
+
|
325 |
+
/**
|
326 |
+
* The Host Key Public Modulus
|
327 |
+
*
|
328 |
+
* Logged for debug purposes
|
329 |
+
*
|
330 |
+
* @see Net_SSH1::getHostKeyPublicModulus()
|
331 |
+
* @var String
|
332 |
+
* @access private
|
333 |
+
*/
|
334 |
+
var $host_key_public_modulus;
|
335 |
+
|
336 |
+
/**
|
337 |
+
* Supported Ciphers
|
338 |
+
*
|
339 |
+
* Logged for debug purposes
|
340 |
+
*
|
341 |
+
* @see Net_SSH1::getSupportedCiphers()
|
342 |
+
* @var Array
|
343 |
+
* @access private
|
344 |
+
*/
|
345 |
+
var $supported_ciphers = array(
|
346 |
+
NET_SSH1_CIPHER_NONE => 'No encryption',
|
347 |
+
NET_SSH1_CIPHER_IDEA => 'IDEA in CFB mode',
|
348 |
+
NET_SSH1_CIPHER_DES => 'DES in CBC mode',
|
349 |
+
NET_SSH1_CIPHER_3DES => 'Triple-DES in CBC mode',
|
350 |
+
NET_SSH1_CIPHER_BROKEN_TSS => 'TRI\'s Simple Stream encryption CBC',
|
351 |
+
NET_SSH1_CIPHER_RC4 => 'RC4',
|
352 |
+
NET_SSH1_CIPHER_BLOWFISH => 'Blowfish'
|
353 |
+
);
|
354 |
+
|
355 |
+
/**
|
356 |
+
* Supported Authentications
|
357 |
+
*
|
358 |
+
* Logged for debug purposes
|
359 |
+
*
|
360 |
+
* @see Net_SSH1::getSupportedAuthentications()
|
361 |
+
* @var Array
|
362 |
+
* @access private
|
363 |
+
*/
|
364 |
+
var $supported_authentications = array(
|
365 |
+
NET_SSH1_AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv',
|
366 |
+
NET_SSH1_AUTH_RSA => 'pure RSA authentication',
|
367 |
+
NET_SSH1_AUTH_PASSWORD => 'password authentication',
|
368 |
+
NET_SSH1_AUTH_RHOSTS_RSA => '.rhosts with RSA host authentication'
|
369 |
+
);
|
370 |
+
|
371 |
+
/**
|
372 |
+
* Server Identification
|
373 |
+
*
|
374 |
+
* @see Net_SSH1::getServerIdentification()
|
375 |
+
* @var String
|
376 |
+
* @access private
|
377 |
+
*/
|
378 |
+
var $server_identification = '';
|
379 |
+
|
380 |
+
/**
|
381 |
+
* Default Constructor.
|
382 |
+
*
|
383 |
+
* Connects to an SSHv1 server
|
384 |
+
*
|
385 |
+
* @param String $host
|
386 |
+
* @param optional Integer $port
|
387 |
+
* @param optional Integer $timeout
|
388 |
+
* @param optional Integer $cipher
|
389 |
+
* @return Net_SSH1
|
390 |
+
* @access public
|
391 |
+
*/
|
392 |
+
function Net_SSH1($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES)
|
393 |
+
{
|
394 |
+
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
|
395 |
+
if (!$this->fsock) {
|
396 |
+
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"), E_USER_NOTICE);
|
397 |
+
return;
|
398 |
+
}
|
399 |
+
|
400 |
+
$this->server_identification = $init_line = fgets($this->fsock, 255);
|
401 |
+
if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) {
|
402 |
+
user_error('Can only connect to SSH servers', E_USER_NOTICE);
|
403 |
+
return;
|
404 |
+
}
|
405 |
+
if ($parts[1][0] != 1) {
|
406 |
+
user_error("Cannot connect to SSH $parts[1] servers", E_USER_NOTICE);
|
407 |
+
return;
|
408 |
+
}
|
409 |
+
|
410 |
+
fputs($this->fsock, $this->identifier."\r\n");
|
411 |
+
|
412 |
+
$response = $this->_get_binary_packet();
|
413 |
+
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) {
|
414 |
+
user_error('Expected SSH_SMSG_PUBLIC_KEY', E_USER_NOTICE);
|
415 |
+
return;
|
416 |
+
}
|
417 |
+
|
418 |
+
$anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8);
|
419 |
+
|
420 |
+
$this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
|
421 |
+
|
422 |
+
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
423 |
+
$server_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
424 |
+
$this->server_key_public_exponent = $server_key_public_exponent;
|
425 |
+
|
426 |
+
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
427 |
+
$server_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
428 |
+
$this->server_key_public_modulus = $server_key_public_modulus;
|
429 |
+
|
430 |
+
$this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
|
431 |
+
|
432 |
+
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
433 |
+
$host_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
434 |
+
$this->host_key_public_exponent = $host_key_public_exponent;
|
435 |
+
|
436 |
+
$temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
|
437 |
+
$host_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
|
438 |
+
$this->host_key_public_modulus = $host_key_public_modulus;
|
439 |
+
|
440 |
+
$this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
|
441 |
+
|
442 |
+
// get a list of the supported ciphers
|
443 |
+
extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4)));
|
444 |
+
foreach ($this->supported_ciphers as $mask=>$name) {
|
445 |
+
if (($supported_ciphers_mask & (1 << $mask)) == 0) {
|
446 |
+
unset($this->supported_ciphers[$mask]);
|
447 |
+
}
|
448 |
+
}
|
449 |
+
|
450 |
+
// get a list of the supported authentications
|
451 |
+
extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4)));
|
452 |
+
foreach ($this->supported_authentications as $mask=>$name) {
|
453 |
+
if (($supported_authentications_mask & (1 << $mask)) == 0) {
|
454 |
+
unset($this->supported_authentications[$mask]);
|
455 |
+
}
|
456 |
+
}
|
457 |
+
|
458 |
+
$session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie));
|
459 |
+
|
460 |
+
$session_key = '';
|
461 |
+
for ($i = 0; $i < 32; $i++) {
|
462 |
+
$session_key.= chr(crypt_random(0, 255));
|
463 |
+
}
|
464 |
+
$double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0));
|
465 |
+
|
466 |
+
if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) {
|
467 |
+
$double_encrypted_session_key = $this->_rsa_crypt(
|
468 |
+
$double_encrypted_session_key,
|
469 |
+
array(
|
470 |
+
$server_key_public_exponent,
|
471 |
+
$server_key_public_modulus
|
472 |
+
)
|
473 |
+
);
|
474 |
+
$double_encrypted_session_key = $this->_rsa_crypt(
|
475 |
+
$double_encrypted_session_key,
|
476 |
+
array(
|
477 |
+
$host_key_public_exponent,
|
478 |
+
$host_key_public_modulus
|
479 |
+
)
|
480 |
+
);
|
481 |
+
} else {
|
482 |
+
$double_encrypted_session_key = $this->_rsa_crypt(
|
483 |
+
$double_encrypted_session_key,
|
484 |
+
array(
|
485 |
+
$host_key_public_exponent,
|
486 |
+
$host_key_public_modulus
|
487 |
+
)
|
488 |
+
);
|
489 |
+
$double_encrypted_session_key = $this->_rsa_crypt(
|
490 |
+
$double_encrypted_session_key,
|
491 |
+
array(
|
492 |
+
$server_key_public_exponent,
|
493 |
+
$server_key_public_modulus
|
494 |
+
)
|
495 |
+
);
|
496 |
+
}
|
497 |
+
|
498 |
+
$cipher = isset($this->supported_ciphers[$cipher]) ? $cipher : NET_SSH1_CIPHER_3DES;
|
499 |
+
$data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0);
|
500 |
+
|
501 |
+
if (!$this->_send_binary_packet($data)) {
|
502 |
+
user_error('Error sending SSH_CMSG_SESSION_KEY', E_USER_NOTICE);
|
503 |
+
return;
|
504 |
+
}
|
505 |
+
|
506 |
+
switch ($cipher) {
|
507 |
+
//case NET_SSH1_CIPHER_NONE:
|
508 |
+
// $this->crypto = new Crypt_Null();
|
509 |
+
// break;
|
510 |
+
case NET_SSH1_CIPHER_DES:
|
511 |
+
$this->crypto = new Crypt_DES();
|
512 |
+
$this->crypto->disablePadding();
|
513 |
+
$this->crypto->enableContinuousBuffer();
|
514 |
+
$this->crypto->setKey(substr($session_key, 0, 8));
|
515 |
+
break;
|
516 |
+
case NET_SSH1_CIPHER_3DES:
|
517 |
+
$this->crypto = new Crypt_TripleDES(CRYPT_DES_MODE_3CBC);
|
518 |
+
$this->crypto->disablePadding();
|
519 |
+
$this->crypto->enableContinuousBuffer();
|
520 |
+
$this->crypto->setKey(substr($session_key, 0, 24));
|
521 |
+
break;
|
522 |
+
//case NET_SSH1_CIPHER_RC4:
|
523 |
+
// $this->crypto = new Crypt_RC4();
|
524 |
+
// $this->crypto->enableContinuousBuffer();
|
525 |
+
// $this->crypto->setKey(substr($session_key, 0, 16));
|
526 |
+
// break;
|
527 |
+
}
|
528 |
+
|
529 |
+
$response = $this->_get_binary_packet();
|
530 |
+
|
531 |
+
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
532 |
+
user_error('Expected SSH_SMSG_SUCCESS', E_USER_NOTICE);
|
533 |
+
return;
|
534 |
+
}
|
535 |
+
|
536 |
+
$this->bitmap = NET_SSH1_MASK_CONSTRUCTOR;
|
537 |
+
}
|
538 |
+
|
539 |
+
/**
|
540 |
+
* Login
|
541 |
+
*
|
542 |
+
* @param String $username
|
543 |
+
* @param optional String $password
|
544 |
+
* @return Boolean
|
545 |
+
* @access public
|
546 |
+
*/
|
547 |
+
function login($username, $password = '')
|
548 |
+
{
|
549 |
+
if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) {
|
550 |
+
return false;
|
551 |
+
}
|
552 |
+
|
553 |
+
$data = pack('CNa*', NET_SSH1_CMSG_USER, strlen($username), $username);
|
554 |
+
|
555 |
+
if (!$this->_send_binary_packet($data)) {
|
556 |
+
user_error('Error sending SSH_CMSG_USER', E_USER_NOTICE);
|
557 |
+
return false;
|
558 |
+
}
|
559 |
+
|
560 |
+
$response = $this->_get_binary_packet();
|
561 |
+
|
562 |
+
if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) {
|
563 |
+
$this->bitmap |= NET_SSH1_MASK_LOGIN;
|
564 |
+
return true;
|
565 |
+
} else if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_FAILURE) {
|
566 |
+
user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE', E_USER_NOTICE);
|
567 |
+
return false;
|
568 |
+
}
|
569 |
+
|
570 |
+
$data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password);
|
571 |
+
|
572 |
+
if (!$this->_send_binary_packet($data)) {
|
573 |
+
user_error('Error sending SSH_CMSG_AUTH_PASSWORD', E_USER_NOTICE);
|
574 |
+
return false;
|
575 |
+
}
|
576 |
+
|
577 |
+
$response = $this->_get_binary_packet();
|
578 |
+
|
579 |
+
if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) {
|
580 |
+
$this->bitmap |= NET_SSH1_MASK_LOGIN;
|
581 |
+
return true;
|
582 |
+
} else if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_FAILURE) {
|
583 |
+
return false;
|
584 |
+
} else {
|
585 |
+
user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE', E_USER_NOTICE);
|
586 |
+
return false;
|
587 |
+
}
|
588 |
+
}
|
589 |
+
|
590 |
+
/**
|
591 |
+
* Executes a command on a non-interactive shell, returns the output, and quits.
|
592 |
+
*
|
593 |
+
* An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2
|
594 |
+
* servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a
|
595 |
+
* shell with the -s option, as discussed in the following links:
|
596 |
+
*
|
597 |
+
* {@link http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_65.html}
|
598 |
+
* {@link http://www.faqs.org/docs/bashman/bashref_62.html http://www.faqs.org/docs/bashman/bashref_62.html}
|
599 |
+
*
|
600 |
+
* To execute further commands, a new Net_SSH1 object will need to be created.
|
601 |
+
*
|
602 |
+
* Returns false on failure and the output, otherwise.
|
603 |
+
*
|
604 |
+
* @see Net_SSH1::interactiveRead()
|
605 |
+
* @see Net_SSH1::interactiveWrite()
|
606 |
+
* @param String $cmd
|
607 |
+
* @return mixed
|
608 |
+
* @access public
|
609 |
+
*/
|
610 |
+
function exec($cmd)
|
611 |
+
{
|
612 |
+
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
|
613 |
+
user_error('Operation disallowed prior to login()', E_USER_NOTICE);
|
614 |
+
return false;
|
615 |
+
}
|
616 |
+
|
617 |
+
// connect using the sample parameters in protocol-1.5.txt.
|
618 |
+
// according to wikipedia.org's entry on text terminals, "the fundamental type of application running on a text
|
619 |
+
// terminal is a command line interpreter or shell". thus, opening a terminal session to run the shell.
|
620 |
+
$data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END);
|
621 |
+
|
622 |
+
if (!$this->_send_binary_packet($data)) {
|
623 |
+
user_error('Error sending SSH_CMSG_REQUEST_PTY', E_USER_NOTICE);
|
624 |
+
return false;
|
625 |
+
}
|
626 |
+
|
627 |
+
$response = $this->_get_binary_packet();
|
628 |
+
|
629 |
+
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
630 |
+
user_error('Expected SSH_SMSG_SUCCESS', E_USER_NOTICE);
|
631 |
+
return false;
|
632 |
+
}
|
633 |
+
|
634 |
+
$data = pack('CNa*', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd);
|
635 |
+
|
636 |
+
if (!$this->_send_binary_packet($data)) {
|
637 |
+
user_error('Error sending SSH_CMSG_EXEC_CMD', E_USER_NOTICE);
|
638 |
+
return false;
|
639 |
+
}
|
640 |
+
|
641 |
+
$output = '';
|
642 |
+
$response = $this->_get_binary_packet();
|
643 |
+
|
644 |
+
do {
|
645 |
+
$output.= substr($response[NET_SSH1_RESPONSE_DATA], 4);
|
646 |
+
$response = $this->_get_binary_packet();
|
647 |
+
} while ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_EXITSTATUS);
|
648 |
+
|
649 |
+
$data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION);
|
650 |
+
|
651 |
+
// i don't think it's really all that important if this packet gets sent or not.
|
652 |
+
$this->_send_binary_packet($data);
|
653 |
+
|
654 |
+
fclose($this->fsock);
|
655 |
+
|
656 |
+
// reset the execution bitmap - a new Net_SSH1 object needs to be created.
|
657 |
+
$this->bitmap = 0;
|
658 |
+
|
659 |
+
return $output;
|
660 |
+
}
|
661 |
+
|
662 |
+
/**
|
663 |
+
* Creates an interactive shell
|
664 |
+
*
|
665 |
+
* @see Net_SSH1::interactiveRead()
|
666 |
+
* @see Net_SSH1::interactiveWrite()
|
667 |
+
* @return Boolean
|
668 |
+
* @access private
|
669 |
+
*/
|
670 |
+
function _initShell()
|
671 |
+
{
|
672 |
+
$data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END);
|
673 |
+
|
674 |
+
if (!$this->_send_binary_packet($data)) {
|
675 |
+
user_error('Error sending SSH_CMSG_REQUEST_PTY', E_USER_NOTICE);
|
676 |
+
return false;
|
677 |
+
}
|
678 |
+
|
679 |
+
$response = $this->_get_binary_packet();
|
680 |
+
|
681 |
+
if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
|
682 |
+
user_error('Expected SSH_SMSG_SUCCESS', E_USER_NOTICE);
|
683 |
+
return false;
|
684 |
+
}
|
685 |
+
|
686 |
+
$data = pack('C', NET_SSH1_CMSG_EXEC_SHELL);
|
687 |
+
|
688 |
+
if (!$this->_send_binary_packet($data)) {
|
689 |
+
user_error('Error sending SSH_CMSG_EXEC_SHELL', E_USER_NOTICE);
|
690 |
+
return false;
|
691 |
+
}
|
692 |
+
|
693 |
+
$this->bitmap |= NET_SSH1_MASK_SHELL;
|
694 |
+
|
695 |
+
//stream_set_blocking($this->fsock, 0);
|
696 |
+
|
697 |
+
return true;
|
698 |
+
}
|
699 |
+
|
700 |
+
/**
|
701 |
+
* Inputs a command into an interactive shell.
|
702 |
+
*
|
703 |
+
* @see Net_SSH1::interactiveRead()
|
704 |
+
* @param String $cmd
|
705 |
+
* @return Boolean
|
706 |
+
* @access public
|
707 |
+
*/
|
708 |
+
function interactiveWrite($cmd)
|
709 |
+
{
|
710 |
+
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
|
711 |
+
user_error('Operation disallowed prior to login()', E_USER_NOTICE);
|
712 |
+
return false;
|
713 |
+
}
|
714 |
+
|
715 |
+
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
|
716 |
+
user_error('Unable to initiate an interactive shell session', E_USER_NOTICE);
|
717 |
+
return false;
|
718 |
+
}
|
719 |
+
|
720 |
+
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd);
|
721 |
+
|
722 |
+
if (!$this->_send_binary_packet($data)) {
|
723 |
+
user_error('Error sending SSH_CMSG_STDIN', E_USER_NOTICE);
|
724 |
+
return false;
|
725 |
+
}
|
726 |
+
|
727 |
+
return true;
|
728 |
+
}
|
729 |
+
|
730 |
+
/**
|
731 |
+
* Reads the output of an interactive shell.
|
732 |
+
*
|
733 |
+
* Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like
|
734 |
+
* "[00m", you're seeing ANSI escape codes. According to
|
735 |
+
* {@link http://support.microsoft.com/kb/101875 How to Enable ANSI.SYS in a Command Window}, "Windows NT
|
736 |
+
* does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user,
|
737 |
+
* there's not going to be much recourse.
|
738 |
+
*
|
739 |
+
* @see Net_SSH1::interactiveRead()
|
740 |
+
* @return String
|
741 |
+
* @access public
|
742 |
+
*/
|
743 |
+
function interactiveRead()
|
744 |
+
{
|
745 |
+
if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
|
746 |
+
user_error('Operation disallowed prior to login()', E_USER_NOTICE);
|
747 |
+
return false;
|
748 |
+
}
|
749 |
+
|
750 |
+
if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
|
751 |
+
user_error('Unable to initiate an interactive shell session', E_USER_NOTICE);
|
752 |
+
return false;
|
753 |
+
}
|
754 |
+
|
755 |
+
$read = array($this->fsock);
|
756 |
+
$write = $except = null;
|
757 |
+
if (stream_select($read, $write, $except, 0)) {
|
758 |
+
$response = $this->_get_binary_packet();
|
759 |
+
return substr($response[NET_SSH1_RESPONSE_DATA], 4);
|
760 |
+
} else {
|
761 |
+
return '';
|
762 |
+
}
|
763 |
+
}
|
764 |
+
|
765 |
+
/**
|
766 |
+
* Disconnect
|
767 |
+
*
|
768 |
+
* @access public
|
769 |
+
*/
|
770 |
+
function disconnect()
|
771 |
+
{
|
772 |
+
$this->_disconnect();
|
773 |
+
}
|
774 |
+
|
775 |
+
/**
|
776 |
+
* Destructor.
|
777 |
+
*
|
778 |
+
* Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
|
779 |
+
* disconnect().
|
780 |
+
*
|
781 |
+
* @access public
|
782 |
+
*/
|
783 |
+
function __destruct()
|
784 |
+
{
|
785 |
+
$this->_disconnect();
|
786 |
+
}
|
787 |
+
|
788 |
+
/**
|
789 |
+
* Disconnect
|
790 |
+
*
|
791 |
+
* @param String $msg
|
792 |
+
* @access private
|
793 |
+
*/
|
794 |
+
function _disconnect($msg = 'Client Quit')
|
795 |
+
{
|
796 |
+
if ($this->bitmap) {
|
797 |
+
$data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg);
|
798 |
+
$this->_send_binary_packet($data);
|
799 |
+
fclose($this->fsock);
|
800 |
+
$this->bitmap = 0;
|
801 |
+
}
|
802 |
+
}
|
803 |
+
|
804 |
+
/**
|
805 |
+
* Gets Binary Packets
|
806 |
+
*
|
807 |
+
* See 'The Binary Packet Protocol' of protocol-1.5.txt for more info.
|
808 |
+
*
|
809 |
+
* Also, this function could be improved upon by adding detection for the following exploit:
|
810 |
+
* http://www.securiteam.com/securitynews/5LP042K3FY.html
|
811 |
+
*
|
812 |
+
* @see Net_SSH1::_send_binary_packet()
|
813 |
+
* @return Array
|
814 |
+
* @access private
|
815 |
+
*/
|
816 |
+
function _get_binary_packet()
|
817 |
+
{
|
818 |
+
if (feof($this->fsock)) {
|
819 |
+
//user_error('connection closed prematurely', E_USER_NOTICE);
|
820 |
+
return false;
|
821 |
+
}
|
822 |
+
|
823 |
+
$temp = unpack('Nlength', fread($this->fsock, 4));
|
824 |
+
|
825 |
+
$padding_length = 8 - ($temp['length'] & 7);
|
826 |
+
$length = $temp['length'] + $padding_length;
|
827 |
+
|
828 |
+
$raw = fread($this->fsock, $length);
|
829 |
+
|
830 |
+
if ($this->crypto !== false) {
|
831 |
+
$raw = $this->crypto->decrypt($raw);
|
832 |
+
}
|
833 |
+
|
834 |
+
$padding = substr($raw, 0, $padding_length);
|
835 |
+
$type = $raw[$padding_length];
|
836 |
+
$data = substr($raw, $padding_length + 1, -4);
|
837 |
+
|
838 |
+
$temp = unpack('Ncrc', substr($raw, -4));
|
839 |
+
|
840 |
+
//if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) {
|
841 |
+
// user_error('Bad CRC in packet from server', E_USER_NOTICE);
|
842 |
+
// return false;
|
843 |
+
//}
|
844 |
+
|
845 |
+
return array(
|
846 |
+
NET_SSH1_RESPONSE_TYPE => ord($type),
|
847 |
+
NET_SSH1_RESPONSE_DATA => $data
|
848 |
+
);
|
849 |
+
}
|
850 |
+
|
851 |
+
/**
|
852 |
+
* Sends Binary Packets
|
853 |
+
*
|
854 |
+
* Returns true on success, false on failure.
|
855 |
+
*
|
856 |
+
* @see Net_SSH1::_get_binary_packet()
|
857 |
+
* @param String $data
|
858 |
+
* @return Boolean
|
859 |
+
* @access private
|
860 |
+
*/
|
861 |
+
function _send_binary_packet($data) {
|
862 |
+
if (feof($this->fsock)) {
|
863 |
+
//user_error('connection closed prematurely', E_USER_NOTICE);
|
864 |
+
return false;
|
865 |
+
}
|
866 |
+
|
867 |
+
$length = strlen($data) + 4;
|
868 |
+
|
869 |
+
$padding_length = 8 - ($length & 7);
|
870 |
+
$padding = '';
|
871 |
+
for ($i = 0; $i < $padding_length; $i++) {
|
872 |
+
$padding.= chr(crypt_random(0, 255));
|
873 |
+
}
|
874 |
+
|
875 |
+
$data = $padding . $data;
|
876 |
+
$data.= pack('N', $this->_crc($data));
|
877 |
+
|
878 |
+
if ($this->crypto !== false) {
|
879 |
+
$data = $this->crypto->encrypt($data);
|
880 |
+
}
|
881 |
+
|
882 |
+
$packet = pack('Na*', $length, $data);
|
883 |
+
|
884 |
+
return strlen($packet) == fputs($this->fsock, $packet);
|
885 |
+
}
|
886 |
+
|
887 |
+
/**
|
888 |
+
* Cyclic Redundancy Check (CRC)
|
889 |
+
*
|
890 |
+
* PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so
|
891 |
+
* we've reimplemented it. A more detailed discussion of the differences can be found after
|
892 |
+
* $crc_lookup_table's initialization.
|
893 |
+
*
|
894 |
+
* @see Net_SSH1::_get_binary_packet()
|
895 |
+
* @see Net_SSH1::_send_binary_packet()
|
896 |
+
* @param String $data
|
897 |
+
* @return Integer
|
898 |
+
* @access private
|
899 |
+
*/
|
900 |
+
function _crc($data)
|
901 |
+
{
|
902 |
+
static $crc_lookup_table = array(
|
903 |
+
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA,
|
904 |
+
0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3,
|
905 |
+
0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
|
906 |
+
0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91,
|
907 |
+
0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE,
|
908 |
+
0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
|
909 |
+
0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC,
|
910 |
+
0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5,
|
911 |
+
0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
|
912 |
+
0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B,
|
913 |
+
0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940,
|
914 |
+
0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59,
|
915 |
+
0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116,
|
916 |
+
0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F,
|
917 |
+
0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924,
|
918 |
+
0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D,
|
919 |
+
0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A,
|
920 |
+
0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433,
|
921 |
+
0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818,
|
922 |
+
0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01,
|
923 |
+
0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
|
924 |
+
0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457,
|
925 |
+
0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C,
|
926 |
+
0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65,
|
927 |
+
0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2,
|
928 |
+
0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB,
|
929 |
+
0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0,
|
930 |
+
0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9,
|
931 |
+
0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086,
|
932 |
+
0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F,
|
933 |
+
0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4,
|
934 |
+
0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD,
|
935 |
+
0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A,
|
936 |
+
0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683,
|
937 |
+
0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8,
|
938 |
+
0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1,
|
939 |
+
0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE,
|
940 |
+
0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7,
|
941 |
+
0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC,
|
942 |
+
0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5,
|
943 |
+
0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252,
|
944 |
+
0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
|
945 |
+
0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60,
|
946 |
+
0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79,
|
947 |
+
0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236,
|
948 |
+
0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F,
|
949 |
+
0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04,
|
950 |
+
0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D,
|
951 |
+
0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A,
|
952 |
+
0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713,
|
953 |
+
0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38,
|
954 |
+
0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21,
|
955 |
+
0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E,
|
956 |
+
0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777,
|
957 |
+
0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C,
|
958 |
+
0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45,
|
959 |
+
0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2,
|
960 |
+
0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB,
|
961 |
+
0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0,
|
962 |
+
0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9,
|
963 |
+
0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6,
|
964 |
+
0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF,
|
965 |
+
0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
|
966 |
+
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
|
967 |
+
);
|
968 |
+
|
969 |
+
// For this function to yield the same output as PHP's crc32 function, $crc would have to be
|
970 |
+
// set to 0xFFFFFFFF, initially - not 0x00000000 as it currently is.
|
971 |
+
$crc = 0x00000000;
|
972 |
+
$length = strlen($data);
|
973 |
+
|
974 |
+
for ($i=0;$i<$length;$i++) {
|
975 |
+
// We AND $crc >> 8 with 0x00FFFFFF because we want the eight newly added bits to all
|
976 |
+
// be zero. PHP, unfortunately, doesn't always do this. 0x80000000 >> 8, as an example,
|
977 |
+
// yields 0xFF800000 - not 0x00800000. The following link elaborates:
|
978 |
+
// http://www.php.net/manual/en/language.operators.bitwise.php#57281
|
979 |
+
$crc = (($crc >> 8) & 0x00FFFFFF) ^ $crc_lookup_table[($crc & 0xFF) ^ ord($data[$i])];
|
980 |
+
}
|
981 |
+
|
982 |
+
// In addition to having to set $crc to 0xFFFFFFFF, initially, the return value must be XOR'd with
|
983 |
+
// 0xFFFFFFFF for this function to return the same thing that PHP's crc32 function would.
|
984 |
+
return $crc;
|
985 |
+
}
|
986 |
+
|
987 |
+
/**
|
988 |
+
* String Shift
|
989 |
+
*
|
990 |
+
* Inspired by array_shift
|
991 |
+
*
|
992 |
+
* @param String $string
|
993 |
+
* @param optional Integer $index
|
994 |
+
* @return String
|
995 |
+
* @access private
|
996 |
+
*/
|
997 |
+
function _string_shift(&$string, $index = 1)
|
998 |
+
{
|
999 |
+
$substr = substr($string, 0, $index);
|
1000 |
+
$string = substr($string, $index);
|
1001 |
+
return $substr;
|
1002 |
+
}
|
1003 |
+
|
1004 |
+
/**
|
1005 |
+
* RSA Encrypt
|
1006 |
+
*
|
1007 |
+
* Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e
|
1008 |
+
* should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that
|
1009 |
+
* calls this call modexp, instead, but I think this makes things clearer, maybe...
|
1010 |
+
*
|
1011 |
+
* @see Net_SSH1::Net_SSH1()
|
1012 |
+
* @param Math_BigInteger $m
|
1013 |
+
* @param Array $key
|
1014 |
+
* @return Math_BigInteger
|
1015 |
+
* @access private
|
1016 |
+
*/
|
1017 |
+
function _rsa_crypt($m, $key)
|
1018 |
+
{
|
1019 |
+
/*
|
1020 |
+
if (!class_exists('Crypt_RSA')) {
|
1021 |
+
require_once('Crypt/RSA.php');
|
1022 |
+
}
|
1023 |
+
|
1024 |
+
$rsa = new Crypt_RSA();
|
1025 |
+
$rsa->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW);
|
1026 |
+
$rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
|
1027 |
+
return $rsa->encrypt($m);
|
1028 |
+
*/
|
1029 |
+
|
1030 |
+
// To quote from protocol-1.5.txt:
|
1031 |
+
// The most significant byte (which is only partial as the value must be
|
1032 |
+
// less than the public modulus, which is never a power of two) is zero.
|
1033 |
+
//
|
1034 |
+
// The next byte contains the value 2 (which stands for public-key
|
1035 |
+
// encrypted data in the PKCS standard [PKCS#1]). Then, there are non-
|
1036 |
+
// zero random bytes to fill any unused space, a zero byte, and the data
|
1037 |
+
// to be encrypted in the least significant bytes, the last byte of the
|
1038 |
+
// data in the least significant byte.
|
1039 |
+
|
1040 |
+
// Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation",
|
1041 |
+
// under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL:
|
1042 |
+
// ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
|
1043 |
+
$temp = chr(0) . chr(2);
|
1044 |
+
$modulus = $key[1]->toBytes();
|
1045 |
+
$length = strlen($modulus) - strlen($m) - 3;
|
1046 |
+
for ($i = 0; $i < $length; $i++) {
|
1047 |
+
$temp.= chr(crypt_random(1, 255));
|
1048 |
+
}
|
1049 |
+
$temp.= chr(0) . $m;
|
1050 |
+
|
1051 |
+
$m = new Math_BigInteger($temp, 256);
|
1052 |
+
$m = $m->modPow($key[0], $key[1]);
|
1053 |
+
|
1054 |
+
return $m->toBytes();
|
1055 |
+
}
|
1056 |
+
|
1057 |
+
/**
|
1058 |
+
* Return the server key public exponent
|
1059 |
+
*
|
1060 |
+
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1061 |
+
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1062 |
+
*
|
1063 |
+
* @param optional Boolean $raw_output
|
1064 |
+
* @return String
|
1065 |
+
* @access public
|
1066 |
+
*/
|
1067 |
+
function getServerKeyPublicExponent($raw_output = false)
|
1068 |
+
{
|
1069 |
+
return $raw_output ? $this->server_key_public_exponent->toBytes() : $this->server_key_public_exponent->toString();
|
1070 |
+
}
|
1071 |
+
|
1072 |
+
/**
|
1073 |
+
* Return the server key public modulus
|
1074 |
+
*
|
1075 |
+
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1076 |
+
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1077 |
+
*
|
1078 |
+
* @param optional Boolean $raw_output
|
1079 |
+
* @return String
|
1080 |
+
* @access public
|
1081 |
+
*/
|
1082 |
+
function getServerKeyPublicModulus($raw_output = false)
|
1083 |
+
{
|
1084 |
+
return $raw_output ? $this->server_key_public_modulus->toBytes() : $this->server_key_public_modulus->toString();
|
1085 |
+
}
|
1086 |
+
|
1087 |
+
/**
|
1088 |
+
* Return the host key public exponent
|
1089 |
+
*
|
1090 |
+
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1091 |
+
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1092 |
+
*
|
1093 |
+
* @param optional Boolean $raw_output
|
1094 |
+
* @return String
|
1095 |
+
* @access public
|
1096 |
+
*/
|
1097 |
+
function getHostKeyPublicExponent($raw_output = false)
|
1098 |
+
{
|
1099 |
+
return $raw_output ? $this->host_key_public_exponent->toBytes() : $this->host_key_public_exponent->toString();
|
1100 |
+
}
|
1101 |
+
|
1102 |
+
/**
|
1103 |
+
* Return the host key public modulus
|
1104 |
+
*
|
1105 |
+
* Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
|
1106 |
+
* the raw bytes. This behavior is similar to PHP's md5() function.
|
1107 |
+
*
|
1108 |
+
* @param optional Boolean $raw_output
|
1109 |
+
* @return String
|
1110 |
+
* @access public
|
1111 |
+
*/
|
1112 |
+
function getHostKeyPublicModulus($raw_output = false)
|
1113 |
+
{
|
1114 |
+
return $raw_output ? $this->host_key_public_modulus->toBytes() : $this->host_key_public_modulus->toString();
|
1115 |
+
}
|
1116 |
+
|
1117 |
+
/**
|
1118 |
+
* Return a list of ciphers supported by SSH1 server.
|
1119 |
+
*
|
1120 |
+
* Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output
|
1121 |
+
* is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll
|
1122 |
+
* get array(NET_SSH1_CIPHER_3DES).
|
1123 |
+
*
|
1124 |
+
* @param optional Boolean $raw_output
|
1125 |
+
* @return Array
|
1126 |
+
* @access public
|
1127 |
+
*/
|
1128 |
+
function getSupportedCiphers($raw_output = false)
|
1129 |
+
{
|
1130 |
+
return $raw_output ? array_keys($this->supported_ciphers) : array_values($this->supported_ciphers);
|
1131 |
+
}
|
1132 |
+
|
1133 |
+
/**
|
1134 |
+
* Return a list of authentications supported by SSH1 server.
|
1135 |
+
*
|
1136 |
+
* Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output
|
1137 |
+
* is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll
|
1138 |
+
* get array(NET_SSH1_AUTH_PASSWORD).
|
1139 |
+
*
|
1140 |
+
* @param optional Boolean $raw_output
|
1141 |
+
* @return Array
|
1142 |
+
* @access public
|
1143 |
+
*/
|
1144 |
+
function getSupportedAuthentications($raw_output = false)
|
1145 |
+
{
|
1146 |
+
return $raw_output ? array_keys($this->supported_authentications) : array_values($this->supported_authentications);
|
1147 |
+
}
|
1148 |
+
|
1149 |
+
/**
|
1150 |
+
* Return the server identification.
|
1151 |
+
*
|
1152 |
+
* @return String
|
1153 |
+
* @access public
|
1154 |
+
*/
|
1155 |
+
function getServerIdentification()
|
1156 |
+
{
|
1157 |
+
return rtrim($this->server_identification);
|
1158 |
+
}
|
1159 |
+
}
|
app/code/local/Wisepricer/Syncer/lib/phpseclib/Net/SSH2.php
CHANGED
@@ -1,2302 +1,2302 @@
|
|
1 |
-
<?php
|
2 |
-
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
-
|
4 |
-
/**
|
5 |
-
* Pure-PHP implementation of SSHv2.
|
6 |
-
*
|
7 |
-
* PHP versions 4 and 5
|
8 |
-
*
|
9 |
-
* Here are some examples of how to use this library:
|
10 |
-
* <code>
|
11 |
-
* <?php
|
12 |
-
* include('Net/SSH2.php');
|
13 |
-
*
|
14 |
-
* $ssh = new Net_SSH2('www.domain.tld');
|
15 |
-
* if (!$ssh->login('username', 'password')) {
|
16 |
-
* exit('Login Failed');
|
17 |
-
* }
|
18 |
-
*
|
19 |
-
* echo $ssh->exec('pwd');
|
20 |
-
* echo $ssh->exec('ls -la');
|
21 |
-
* ?>
|
22 |
-
* </code>
|
23 |
-
*
|
24 |
-
* <code>
|
25 |
-
* <?php
|
26 |
-
* include('Crypt/RSA.php');
|
27 |
-
* include('Net/SSH2.php');
|
28 |
-
*
|
29 |
-
* $key = new Crypt_RSA();
|
30 |
-
* //$key->setPassword('whatever');
|
31 |
-
* $key->loadKey(file_get_contents('privatekey'));
|
32 |
-
*
|
33 |
-
* $ssh = new Net_SSH2('www.domain.tld');
|
34 |
-
* if (!$ssh->login('username', $key)) {
|
35 |
-
* exit('Login Failed');
|
36 |
-
* }
|
37 |
-
*
|
38 |
-
* echo $ssh->exec('pwd');
|
39 |
-
* echo $ssh->exec('ls -la');
|
40 |
-
* ?>
|
41 |
-
* </code>
|
42 |
-
*
|
43 |
-
* LICENSE: This library is free software; you can redistribute it and/or
|
44 |
-
* modify it under the terms of the GNU Lesser General Public
|
45 |
-
* License as published by the Free Software Foundation; either
|
46 |
-
* version 2.1 of the License, or (at your option) any later version.
|
47 |
-
*
|
48 |
-
* This library is distributed in the hope that it will be useful,
|
49 |
-
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
50 |
-
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
51 |
-
* Lesser General Public License for more details.
|
52 |
-
*
|
53 |
-
* You should have received a copy of the GNU Lesser General Public
|
54 |
-
* License along with this library; if not, write to the Free Software
|
55 |
-
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
56 |
-
* MA 02111-1307 USA
|
57 |
-
*
|
58 |
-
* @category Net
|
59 |
-
* @package Net_SSH2
|
60 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
61 |
-
* @copyright MMVII Jim Wigginton
|
62 |
-
* @license http://www.gnu.org/licenses/lgpl.txt
|
63 |
-
* @version $Id: SSH2.php,v 1.46 2010/04/27 21:29:36 terrafrost Exp $
|
64 |
-
* @link http://phpseclib.sourceforge.net
|
65 |
-
*/
|
66 |
-
|
67 |
-
/**
|
68 |
-
* Include Math_BigInteger
|
69 |
-
*
|
70 |
-
* Used to do Diffie-Hellman key exchange and DSA/RSA signature verification.
|
71 |
-
*/
|
72 |
-
require_once('phpseclib/Math/BigInteger.php');
|
73 |
-
|
74 |
-
/**
|
75 |
-
* Include Crypt_Random
|
76 |
-
*/
|
77 |
-
require_once('phpseclib/Crypt/Random.php');
|
78 |
-
|
79 |
-
/**
|
80 |
-
* Include Crypt_Hash
|
81 |
-
*/
|
82 |
-
require_once('phpseclib/Crypt/Hash.php');
|
83 |
-
|
84 |
-
/**
|
85 |
-
* Include Crypt_TripleDES
|
86 |
-
*/
|
87 |
-
require_once('phpseclib/Crypt/TripleDES.php');
|
88 |
-
|
89 |
-
/**
|
90 |
-
* Include Crypt_RC4
|
91 |
-
*/
|
92 |
-
require_once('phpseclib/Crypt/RC4.php');
|
93 |
-
|
94 |
-
/**
|
95 |
-
* Include Crypt_AES
|
96 |
-
*/
|
97 |
-
require_once('phpseclib/Crypt/AES.php');
|
98 |
-
|
99 |
-
/**#@+
|
100 |
-
* Execution Bitmap Masks
|
101 |
-
*
|
102 |
-
* @see Net_SSH2::bitmap
|
103 |
-
* @access private
|
104 |
-
*/
|
105 |
-
define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001);
|
106 |
-
define('NET_SSH2_MASK_LOGIN', 0x00000002);
|
107 |
-
/**#@-*/
|
108 |
-
|
109 |
-
/**#@+
|
110 |
-
* Channel constants
|
111 |
-
*
|
112 |
-
* RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer
|
113 |
-
* to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with
|
114 |
-
* a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a
|
115 |
-
* recepient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel
|
116 |
-
* would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snipet:
|
117 |
-
* The 'recipient channel' is the channel number given in the original
|
118 |
-
* open request, and 'sender channel' is the channel number allocated by
|
119 |
-
* the other side.
|
120 |
-
*
|
121 |
-
* @see Net_SSH2::_send_channel_packet()
|
122 |
-
* @see Net_SSH2::_get_channel_packet()
|
123 |
-
* @access private
|
124 |
-
*/
|
125 |
-
define('NET_SSH2_CHANNEL_EXEC', 0); // PuTTy uses 0x100
|
126 |
-
/**#@-*/
|
127 |
-
|
128 |
-
/**#@+
|
129 |
-
* @access public
|
130 |
-
* @see Net_SSH2::getLog()
|
131 |
-
*/
|
132 |
-
/**
|
133 |
-
* Returns the message numbers
|
134 |
-
*/
|
135 |
-
define('NET_SSH2_LOG_SIMPLE', 1);
|
136 |
-
/**
|
137 |
-
* Returns the message content
|
138 |
-
*/
|
139 |
-
define('NET_SSH2_LOG_COMPLEX', 2);
|
140 |
-
/**#@-*/
|
141 |
-
|
142 |
-
/**
|
143 |
-
* Pure-PHP implementation of SSHv2.
|
144 |
-
*
|
145 |
-
* @author Jim Wigginton <terrafrost@php.net>
|
146 |
-
* @version 0.1.0
|
147 |
-
* @access public
|
148 |
-
* @package Net_SSH2
|
149 |
-
*/
|
150 |
-
class Net_SSH2 {
|
151 |
-
/**
|
152 |
-
* The SSH identifier
|
153 |
-
*
|
154 |
-
* @var String
|
155 |
-
* @access private
|
156 |
-
*/
|
157 |
-
var $identifier = 'SSH-2.0-phpseclib_0.2';
|
158 |
-
|
159 |
-
/**
|
160 |
-
* The Socket Object
|
161 |
-
*
|
162 |
-
* @var Object
|
163 |
-
* @access private
|
164 |
-
*/
|
165 |
-
var $fsock;
|
166 |
-
|
167 |
-
/**
|
168 |
-
* Execution Bitmap
|
169 |
-
*
|
170 |
-
* The bits that are set reprsent functions that have been called already. This is used to determine
|
171 |
-
* if a requisite function has been successfully executed. If not, an error should be thrown.
|
172 |
-
*
|
173 |
-
* @var Integer
|
174 |
-
* @access private
|
175 |
-
*/
|
176 |
-
var $bitmap = 0;
|
177 |
-
|
178 |
-
/**
|
179 |
-
* Error information
|
180 |
-
*
|
181 |
-
* @see Net_SSH2::getErrors()
|
182 |
-
* @see Net_SSH2::getLastError()
|
183 |
-
* @var String
|
184 |
-
* @access private
|
185 |
-
*/
|
186 |
-
var $errors = array();
|
187 |
-
|
188 |
-
/**
|
189 |
-
* Server Identifier
|
190 |
-
*
|
191 |
-
* @see Net_SSH2::getServerIdentification()
|
192 |
-
* @var String
|
193 |
-
* @access private
|
194 |
-
*/
|
195 |
-
var $server_identifier = '';
|
196 |
-
|
197 |
-
/**
|
198 |
-
* Key Exchange Algorithms
|
199 |
-
*
|
200 |
-
* @see Net_SSH2::getKexAlgorithims()
|
201 |
-
* @var Array
|
202 |
-
* @access private
|
203 |
-
*/
|
204 |
-
var $kex_algorithms;
|
205 |
-
|
206 |
-
/**
|
207 |
-
* Server Host Key Algorithms
|
208 |
-
*
|
209 |
-
* @see Net_SSH2::getServerHostKeyAlgorithms()
|
210 |
-
* @var Array
|
211 |
-
* @access private
|
212 |
-
*/
|
213 |
-
var $server_host_key_algorithms;
|
214 |
-
|
215 |
-
/**
|
216 |
-
* Encryption Algorithms: Client to Server
|
217 |
-
*
|
218 |
-
* @see Net_SSH2::getEncryptionAlgorithmsClient2Server()
|
219 |
-
* @var Array
|
220 |
-
* @access private
|
221 |
-
*/
|
222 |
-
var $encryption_algorithms_client_to_server;
|
223 |
-
|
224 |
-
/**
|
225 |
-
* Encryption Algorithms: Server to Client
|
226 |
-
*
|
227 |
-
* @see Net_SSH2::getEncryptionAlgorithmsServer2Client()
|
228 |
-
* @var Array
|
229 |
-
* @access private
|
230 |
-
*/
|
231 |
-
var $encryption_algorithms_server_to_client;
|
232 |
-
|
233 |
-
/**
|
234 |
-
* MAC Algorithms: Client to Server
|
235 |
-
*
|
236 |
-
* @see Net_SSH2::getMACAlgorithmsClient2Server()
|
237 |
-
* @var Array
|
238 |
-
* @access private
|
239 |
-
*/
|
240 |
-
var $mac_algorithms_client_to_server;
|
241 |
-
|
242 |
-
/**
|
243 |
-
* MAC Algorithms: Server to Client
|
244 |
-
*
|
245 |
-
* @see Net_SSH2::getMACAlgorithmsServer2Client()
|
246 |
-
* @var Array
|
247 |
-
* @access private
|
248 |
-
*/
|
249 |
-
var $mac_algorithms_server_to_client;
|
250 |
-
|
251 |
-
/**
|
252 |
-
* Compression Algorithms: Client to Server
|
253 |
-
*
|
254 |
-
* @see Net_SSH2::getCompressionAlgorithmsClient2Server()
|
255 |
-
* @var Array
|
256 |
-
* @access private
|
257 |
-
*/
|
258 |
-
var $compression_algorithms_client_to_server;
|
259 |
-
|
260 |
-
/**
|
261 |
-
* Compression Algorithms: Server to Client
|
262 |
-
*
|
263 |
-
* @see Net_SSH2::getCompressionAlgorithmsServer2Client()
|
264 |
-
* @var Array
|
265 |
-
* @access private
|
266 |
-
*/
|
267 |
-
var $compression_algorithms_server_to_client;
|
268 |
-
|
269 |
-
/**
|
270 |
-
* Languages: Server to Client
|
271 |
-
*
|
272 |
-
* @see Net_SSH2::getLanguagesServer2Client()
|
273 |
-
* @var Array
|
274 |
-
* @access private
|
275 |
-
*/
|
276 |
-
var $languages_server_to_client;
|
277 |
-
|
278 |
-
/**
|
279 |
-
* Languages: Client to Server
|
280 |
-
*
|
281 |
-
* @see Net_SSH2::getLanguagesClient2Server()
|
282 |
-
* @var Array
|
283 |
-
* @access private
|
284 |
-
*/
|
285 |
-
var $languages_client_to_server;
|
286 |
-
|
287 |
-
/**
|
288 |
-
* Block Size for Server to Client Encryption
|
289 |
-
*
|
290 |
-
* "Note that the length of the concatenation of 'packet_length',
|
291 |
-
* 'padding_length', 'payload', and 'random padding' MUST be a multiple
|
292 |
-
* of the cipher block size or 8, whichever is larger. This constraint
|
293 |
-
* MUST be enforced, even when using stream ciphers."
|
294 |
-
*
|
295 |
-
* -- http://tools.ietf.org/html/rfc4253#section-6
|
296 |
-
*
|
297 |
-
* @see Net_SSH2::Net_SSH2()
|
298 |
-
* @see Net_SSH2::_send_binary_packet()
|
299 |
-
* @var Integer
|
300 |
-
* @access private
|
301 |
-
*/
|
302 |
-
var $encrypt_block_size = 8;
|
303 |
-
|
304 |
-
/**
|
305 |
-
* Block Size for Client to Server Encryption
|
306 |
-
*
|
307 |
-
* @see Net_SSH2::Net_SSH2()
|
308 |
-
* @see Net_SSH2::_get_binary_packet()
|
309 |
-
* @var Integer
|
310 |
-
* @access private
|
311 |
-
*/
|
312 |
-
var $decrypt_block_size = 8;
|
313 |
-
|
314 |
-
/**
|
315 |
-
* Server to Client Encryption Object
|
316 |
-
*
|
317 |
-
* @see Net_SSH2::_get_binary_packet()
|
318 |
-
* @var Object
|
319 |
-
* @access private
|
320 |
-
*/
|
321 |
-
var $decrypt = false;
|
322 |
-
|
323 |
-
/**
|
324 |
-
* Client to Server Encryption Object
|
325 |
-
*
|
326 |
-
* @see Net_SSH2::_send_binary_packet()
|
327 |
-
* @var Object
|
328 |
-
* @access private
|
329 |
-
*/
|
330 |
-
var $encrypt = false;
|
331 |
-
|
332 |
-
/**
|
333 |
-
* Client to Server HMAC Object
|
334 |
-
*
|
335 |
-
* @see Net_SSH2::_send_binary_packet()
|
336 |
-
* @var Object
|
337 |
-
* @access private
|
338 |
-
*/
|
339 |
-
var $hmac_create = false;
|
340 |
-
|
341 |
-
/**
|
342 |
-
* Server to Client HMAC Object
|
343 |
-
*
|
344 |
-
* @see Net_SSH2::_get_binary_packet()
|
345 |
-
* @var Object
|
346 |
-
* @access private
|
347 |
-
*/
|
348 |
-
var $hmac_check = false;
|
349 |
-
|
350 |
-
/**
|
351 |
-
* Size of server to client HMAC
|
352 |
-
*
|
353 |
-
* We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read.
|
354 |
-
* For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is
|
355 |
-
* append it.
|
356 |
-
*
|
357 |
-
* @see Net_SSH2::_get_binary_packet()
|
358 |
-
* @var Integer
|
359 |
-
* @access private
|
360 |
-
*/
|
361 |
-
var $hmac_size = false;
|
362 |
-
|
363 |
-
/**
|
364 |
-
* Server Public Host Key
|
365 |
-
*
|
366 |
-
* @see Net_SSH2::getServerPublicHostKey()
|
367 |
-
* @var String
|
368 |
-
* @access private
|
369 |
-
*/
|
370 |
-
var $server_public_host_key;
|
371 |
-
|
372 |
-
/**
|
373 |
-
* Session identifer
|
374 |
-
*
|
375 |
-
* "The exchange hash H from the first key exchange is additionally
|
376 |
-
* used as the session identifier, which is a unique identifier for
|
377 |
-
* this connection."
|
378 |
-
*
|
379 |
-
* -- http://tools.ietf.org/html/rfc4253#section-7.2
|
380 |
-
*
|
381 |
-
* @see Net_SSH2::_key_exchange()
|
382 |
-
* @var String
|
383 |
-
* @access private
|
384 |
-
*/
|
385 |
-
var $session_id = false;
|
386 |
-
|
387 |
-
/**
|
388 |
-
* Message Numbers
|
389 |
-
*
|
390 |
-
* @see Net_SSH2::Net_SSH2()
|
391 |
-
* @var Array
|
392 |
-
* @access private
|
393 |
-
*/
|
394 |
-
var $message_numbers = array();
|
395 |
-
|
396 |
-
/**
|
397 |
-
* Disconnection Message 'reason codes' defined in RFC4253
|
398 |
-
*
|
399 |
-
* @see Net_SSH2::Net_SSH2()
|
400 |
-
* @var Array
|
401 |
-
* @access private
|
402 |
-
*/
|
403 |
-
var $disconnect_reasons = array();
|
404 |
-
|
405 |
-
/**
|
406 |
-
* SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254
|
407 |
-
*
|
408 |
-
* @see Net_SSH2::Net_SSH2()
|
409 |
-
* @var Array
|
410 |
-
* @access private
|
411 |
-
*/
|
412 |
-
var $channel_open_failure_reasons = array();
|
413 |
-
|
414 |
-
/**
|
415 |
-
* Terminal Modes
|
416 |
-
*
|
417 |
-
* @link http://tools.ietf.org/html/rfc4254#section-8
|
418 |
-
* @see Net_SSH2::Net_SSH2()
|
419 |
-
* @var Array
|
420 |
-
* @access private
|
421 |
-
*/
|
422 |
-
var $terminal_modes = array();
|
423 |
-
|
424 |
-
/**
|
425 |
-
* SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes
|
426 |
-
*
|
427 |
-
* @link http://tools.ietf.org/html/rfc4254#section-5.2
|
428 |
-
* @see Net_SSH2::Net_SSH2()
|
429 |
-
* @var Array
|
430 |
-
* @access private
|
431 |
-
*/
|
432 |
-
var $channel_extended_data_type_codes = array();
|
433 |
-
|
434 |
-
/**
|
435 |
-
* Send Sequence Number
|
436 |
-
*
|
437 |
-
* See 'Section 6.4. Data Integrity' of rfc4253 for more info.
|
438 |
-
*
|
439 |
-
* @see Net_SSH2::_send_binary_packet()
|
440 |
-
* @var Integer
|
441 |
-
* @access private
|
442 |
-
*/
|
443 |
-
var $send_seq_no = 0;
|
444 |
-
|
445 |
-
/**
|
446 |
-
* Get Sequence Number
|
447 |
-
*
|
448 |
-
* See 'Section 6.4. Data Integrity' of rfc4253 for more info.
|
449 |
-
*
|
450 |
-
* @see Net_SSH2::_get_binary_packet()
|
451 |
-
* @var Integer
|
452 |
-
* @access private
|
453 |
-
*/
|
454 |
-
var $get_seq_no = 0;
|
455 |
-
|
456 |
-
/**
|
457 |
-
* Server Channels
|
458 |
-
*
|
459 |
-
* Maps client channels to server channels
|
460 |
-
*
|
461 |
-
* @see Net_SSH2::_get_channel_packet()
|
462 |
-
* @see Net_SSH2::exec()
|
463 |
-
* @var Array
|
464 |
-
* @access private
|
465 |
-
*/
|
466 |
-
var $server_channels = array();
|
467 |
-
|
468 |
-
/**
|
469 |
-
* Channel Buffers
|
470 |
-
*
|
471 |
-
* If a client requests a packet from one channel but receives two packets from another those packets should
|
472 |
-
* be placed in a buffer
|
473 |
-
*
|
474 |
-
* @see Net_SSH2::_get_channel_packet()
|
475 |
-
* @see Net_SSH2::exec()
|
476 |
-
* @var Array
|
477 |
-
* @access private
|
478 |
-
*/
|
479 |
-
var $channel_buffers = array();
|
480 |
-
|
481 |
-
/**
|
482 |
-
* Channel Status
|
483 |
-
*
|
484 |
-
* Contains the type of the last sent message
|
485 |
-
*
|
486 |
-
* @see Net_SSH2::_get_channel_packet()
|
487 |
-
* @var Array
|
488 |
-
* @access private
|
489 |
-
*/
|
490 |
-
var $channel_status = array();
|
491 |
-
|
492 |
-
/**
|
493 |
-
* Packet Size
|
494 |
-
*
|
495 |
-
* Maximum packet size indexed by channel
|
496 |
-
*
|
497 |
-
* @see Net_SSH2::_send_channel_packet()
|
498 |
-
* @var Array
|
499 |
-
* @access private
|
500 |
-
*/
|
501 |
-
var $packet_size_client_to_server = array();
|
502 |
-
|
503 |
-
/**
|
504 |
-
* Message Number Log
|
505 |
-
*
|
506 |
-
* @see Net_SSH2::getLog()
|
507 |
-
* @var Array
|
508 |
-
* @access private
|
509 |
-
*/
|
510 |
-
var $message_number_log = array();
|
511 |
-
|
512 |
-
/**
|
513 |
-
* Message Log
|
514 |
-
*
|
515 |
-
* @see Net_SSH2::getLog()
|
516 |
-
* @var Array
|
517 |
-
* @access private
|
518 |
-
*/
|
519 |
-
var $message_log = array();
|
520 |
-
|
521 |
-
/**
|
522 |
-
* The Window Size
|
523 |
-
*
|
524 |
-
* Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 4GB)
|
525 |
-
*
|
526 |
-
* @var Integer
|
527 |
-
* @see Net_SSH2::_send_channel_packet()
|
528 |
-
* @see Net_SSH2::exec()
|
529 |
-
* @access private
|
530 |
-
*/
|
531 |
-
var $window_size = 0x7FFFFFFF;
|
532 |
-
|
533 |
-
/**
|
534 |
-
* Window size
|
535 |
-
*
|
536 |
-
* Window size indexed by channel
|
537 |
-
*
|
538 |
-
* @see Net_SSH2::_send_channel_packet()
|
539 |
-
* @var Array
|
540 |
-
* @access private
|
541 |
-
*/
|
542 |
-
var $window_size_client_to_server = array();
|
543 |
-
|
544 |
-
/**
|
545 |
-
* Server signature
|
546 |
-
*
|
547 |
-
* Verified against $this->session_id
|
548 |
-
*
|
549 |
-
* @see Net_SSH2::getServerPublicHostKey()
|
550 |
-
* @var String
|
551 |
-
* @access private
|
552 |
-
*/
|
553 |
-
var $signature = '';
|
554 |
-
|
555 |
-
/**
|
556 |
-
* Server signature format
|
557 |
-
*
|
558 |
-
* ssh-rsa or ssh-dss.
|
559 |
-
*
|
560 |
-
* @see Net_SSH2::getServerPublicHostKey()
|
561 |
-
* @var String
|
562 |
-
* @access private
|
563 |
-
*/
|
564 |
-
var $signature_format = '';
|
565 |
-
|
566 |
-
/**
|
567 |
-
* Default Constructor.
|
568 |
-
*
|
569 |
-
* Connects to an SSHv2 server
|
570 |
-
*
|
571 |
-
* @param String $host
|
572 |
-
* @param optional Integer $port
|
573 |
-
* @param optional Integer $timeout
|
574 |
-
* @return Net_SSH2
|
575 |
-
* @access public
|
576 |
-
*/
|
577 |
-
function Net_SSH2($host, $port = 22, $timeout = 10)
|
578 |
-
{
|
579 |
-
$this->message_numbers = array(
|
580 |
-
1 => 'NET_SSH2_MSG_DISCONNECT',
|
581 |
-
2 => 'NET_SSH2_MSG_IGNORE',
|
582 |
-
3 => 'NET_SSH2_MSG_UNIMPLEMENTED',
|
583 |
-
4 => 'NET_SSH2_MSG_DEBUG',
|
584 |
-
5 => 'NET_SSH2_MSG_SERVICE_REQUEST',
|
585 |
-
6 => 'NET_SSH2_MSG_SERVICE_ACCEPT',
|
586 |
-
20 => 'NET_SSH2_MSG_KEXINIT',
|
587 |
-
21 => 'NET_SSH2_MSG_NEWKEYS',
|
588 |
-
30 => 'NET_SSH2_MSG_KEXDH_INIT',
|
589 |
-
31 => 'NET_SSH2_MSG_KEXDH_REPLY',
|
590 |
-
50 => 'NET_SSH2_MSG_USERAUTH_REQUEST',
|
591 |
-
51 => 'NET_SSH2_MSG_USERAUTH_FAILURE',
|
592 |
-
52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS',
|
593 |
-
53 => 'NET_SSH2_MSG_USERAUTH_BANNER',
|
594 |
-
|
595 |
-
80 => 'NET_SSH2_MSG_GLOBAL_REQUEST',
|
596 |
-
81 => 'NET_SSH2_MSG_REQUEST_SUCCESS',
|
597 |
-
82 => 'NET_SSH2_MSG_REQUEST_FAILURE',
|
598 |
-
90 => 'NET_SSH2_MSG_CHANNEL_OPEN',
|
599 |
-
91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION',
|
600 |
-
92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE',
|
601 |
-
93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST',
|
602 |
-
94 => 'NET_SSH2_MSG_CHANNEL_DATA',
|
603 |
-
95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA',
|
604 |
-
96 => 'NET_SSH2_MSG_CHANNEL_EOF',
|
605 |
-
97 => 'NET_SSH2_MSG_CHANNEL_CLOSE',
|
606 |
-
98 => 'NET_SSH2_MSG_CHANNEL_REQUEST',
|
607 |
-
99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS',
|
608 |
-
100 => 'NET_SSH2_MSG_CHANNEL_FAILURE'
|
609 |
-
);
|
610 |
-
$this->disconnect_reasons = array(
|
611 |
-
1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT',
|
612 |
-
2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR',
|
613 |
-
3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED',
|
614 |
-
4 => 'NET_SSH2_DISCONNECT_RESERVED',
|
615 |
-
5 => 'NET_SSH2_DISCONNECT_MAC_ERROR',
|
616 |
-
6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR',
|
617 |
-
7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE',
|
618 |
-
8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED',
|
619 |
-
9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE',
|
620 |
-
10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST',
|
621 |
-
11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION',
|
622 |
-
12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS',
|
623 |
-
13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER',
|
624 |
-
14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE',
|
625 |
-
15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME'
|
626 |
-
);
|
627 |
-
$this->channel_open_failure_reasons = array(
|
628 |
-
1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED'
|
629 |
-
);
|
630 |
-
$this->terminal_modes = array(
|
631 |
-
0 => 'NET_SSH2_TTY_OP_END'
|
632 |
-
);
|
633 |
-
$this->channel_extended_data_type_codes = array(
|
634 |
-
1 => 'NET_SSH2_EXTENDED_DATA_STDERR'
|
635 |
-
);
|
636 |
-
|
637 |
-
$this->_define_array(
|
638 |
-
$this->message_numbers,
|
639 |
-
$this->disconnect_reasons,
|
640 |
-
$this->channel_open_failure_reasons,
|
641 |
-
$this->terminal_modes,
|
642 |
-
$this->channel_extended_data_type_codes,
|
643 |
-
array(60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'),
|
644 |
-
array(60 => 'NET_SSH2_MSG_USERAUTH_PK_OK')
|
645 |
-
);
|
646 |
-
|
647 |
-
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
|
648 |
-
if (!$this->fsock) {
|
649 |
-
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"), E_USER_NOTICE);
|
650 |
-
return;
|
651 |
-
}
|
652 |
-
|
653 |
-
/* According to the SSH2 specs,
|
654 |
-
|
655 |
-
"The server MAY send other lines of data before sending the version
|
656 |
-
string. Each line SHOULD be terminated by a Carriage Return and Line
|
657 |
-
Feed.
|
658 |
-
in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients
|
659 |
-
MUST be able to process such lines." */
|
660 |
-
$temp = '';
|
661 |
-
$extra = '';
|
662 |
-
while (!feof($this->fsock) && !preg_match('#^SSH-(\d\.\d+)#', $temp, $matches)) {
|
663 |
-
if (substr($temp, -2) == "\r\n") {
|
664 |
-
$extra.= $temp;
|
665 |
-
$temp = '';
|
666 |
-
}
|
667 |
-
$temp.= fgets($this->fsock, 255);
|
668 |
-
}
|
669 |
-
|
670 |
-
$ext = array();
|
671 |
-
if (extension_loaded('mcrypt')) {
|
672 |
-
$ext[] = 'mcrypt';
|
673 |
-
}
|
674 |
-
if (extension_loaded('gmp')) {
|
675 |
-
$ext[] = 'gmp';
|
676 |
-
} else if (extension_loaded('bcmath')) {
|
677 |
-
$ext[] = 'bcmath';
|
678 |
-
}
|
679 |
-
|
680 |
-
if (!empty($ext)) {
|
681 |
-
$this->identifier.= ' (' . implode(', ', $ext) . ')';
|
682 |
-
}
|
683 |
-
|
684 |
-
if (defined('NET_SSH2_LOGGING')) {
|
685 |
-
$this->message_number_log[] = '<-';
|
686 |
-
$this->message_number_log[] = '->';
|
687 |
-
|
688 |
-
if (NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
|
689 |
-
$this->message_log[] = $temp;
|
690 |
-
$this->message_log[] = $this->identifier . "\r\n";
|
691 |
-
}
|
692 |
-
}
|
693 |
-
|
694 |
-
$this->server_identifier = trim($temp, "\r\n");
|
695 |
-
if (!empty($extra)) {
|
696 |
-
$this->errors[] = utf8_decode($extra);
|
697 |
-
}
|
698 |
-
|
699 |
-
if ($matches[1] != '1.99' && $matches[1] != '2.0') {
|
700 |
-
user_error("Cannot connect to SSH $matches[1] servers", E_USER_NOTICE);
|
701 |
-
return;
|
702 |
-
}
|
703 |
-
|
704 |
-
fputs($this->fsock, $this->identifier . "\r\n");
|
705 |
-
|
706 |
-
$response = $this->_get_binary_packet();
|
707 |
-
if ($response === false) {
|
708 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
709 |
-
return;
|
710 |
-
}
|
711 |
-
|
712 |
-
if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
|
713 |
-
user_error('Expected SSH_MSG_KEXINIT', E_USER_NOTICE);
|
714 |
-
return;
|
715 |
-
}
|
716 |
-
|
717 |
-
if (!$this->_key_exchange($response)) {
|
718 |
-
return;
|
719 |
-
}
|
720 |
-
|
721 |
-
$this->bitmap = NET_SSH2_MASK_CONSTRUCTOR;
|
722 |
-
}
|
723 |
-
|
724 |
-
/**
|
725 |
-
* Key Exchange
|
726 |
-
*
|
727 |
-
* @param String $kexinit_payload_server
|
728 |
-
* @access private
|
729 |
-
*/
|
730 |
-
function _key_exchange($kexinit_payload_server)
|
731 |
-
{
|
732 |
-
static $kex_algorithms = array(
|
733 |
-
'diffie-hellman-group1-sha1', // REQUIRED
|
734 |
-
'diffie-hellman-group14-sha1' // REQUIRED
|
735 |
-
);
|
736 |
-
|
737 |
-
static $server_host_key_algorithms = array(
|
738 |
-
'ssh-rsa', // RECOMMENDED sign Raw RSA Key
|
739 |
-
'ssh-dss' // REQUIRED sign Raw DSS Key
|
740 |
-
);
|
741 |
-
|
742 |
-
static $encryption_algorithms = array(
|
743 |
-
// from <http://tools.ietf.org/html/rfc4345#section-4>:
|
744 |
-
'arcfour256',
|
745 |
-
'arcfour128',
|
746 |
-
|
747 |
-
'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key
|
748 |
-
|
749 |
-
'aes128-cbc', // RECOMMENDED AES with a 128-bit key
|
750 |
-
'aes192-cbc', // OPTIONAL AES with a 192-bit key
|
751 |
-
'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key
|
752 |
-
|
753 |
-
// from <http://tools.ietf.org/html/rfc4344#section-4>:
|
754 |
-
'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key
|
755 |
-
'aes192-ctr', // RECOMMENDED AES with 192-bit key
|
756 |
-
'aes256-ctr', // RECOMMENDED AES with 256-bit key
|
757 |
-
'3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode
|
758 |
-
|
759 |
-
'3des-cbc', // REQUIRED three-key 3DES in CBC mode
|
760 |
-
'none' // OPTIONAL no encryption; NOT RECOMMENDED
|
761 |
-
);
|
762 |
-
|
763 |
-
static $mac_algorithms = array(
|
764 |
-
'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20)
|
765 |
-
'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20)
|
766 |
-
'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16)
|
767 |
-
'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16)
|
768 |
-
'none' // OPTIONAL no MAC; NOT RECOMMENDED
|
769 |
-
);
|
770 |
-
|
771 |
-
static $compression_algorithms = array(
|
772 |
-
'none' // REQUIRED no compression
|
773 |
-
//'zlib' // OPTIONAL ZLIB (LZ77) compression
|
774 |
-
);
|
775 |
-
|
776 |
-
static $str_kex_algorithms, $str_server_host_key_algorithms,
|
777 |
-
$encryption_algorithms_server_to_client, $mac_algorithms_server_to_client, $compression_algorithms_server_to_client,
|
778 |
-
$encryption_algorithms_client_to_server, $mac_algorithms_client_to_server, $compression_algorithms_client_to_server;
|
779 |
-
|
780 |
-
if (empty($str_kex_algorithms)) {
|
781 |
-
$str_kex_algorithms = implode(',', $kex_algorithms);
|
782 |
-
$str_server_host_key_algorithms = implode(',', $server_host_key_algorithms);
|
783 |
-
$encryption_algorithms_server_to_client = $encryption_algorithms_client_to_server = implode(',', $encryption_algorithms);
|
784 |
-
$mac_algorithms_server_to_client = $mac_algorithms_client_to_server = implode(',', $mac_algorithms);
|
785 |
-
$compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms);
|
786 |
-
}
|
787 |
-
|
788 |
-
$client_cookie = '';
|
789 |
-
for ($i = 0; $i < 16; $i++) {
|
790 |
-
$client_cookie.= chr(crypt_random(0, 255));
|
791 |
-
}
|
792 |
-
|
793 |
-
$response = $kexinit_payload_server;
|
794 |
-
$this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
|
795 |
-
$server_cookie = $this->_string_shift($response, 16);
|
796 |
-
|
797 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
798 |
-
$this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
799 |
-
|
800 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
801 |
-
$this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
|
802 |
-
|
803 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
804 |
-
$this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
805 |
-
|
806 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
807 |
-
$this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
808 |
-
|
809 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
810 |
-
$this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
811 |
-
|
812 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
813 |
-
$this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
814 |
-
|
815 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
816 |
-
$this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
817 |
-
|
818 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
819 |
-
$this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
820 |
-
|
821 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
822 |
-
$this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
|
823 |
-
|
824 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
825 |
-
$this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
|
826 |
-
|
827 |
-
extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1)));
|
828 |
-
$first_kex_packet_follows = $first_kex_packet_follows != 0;
|
829 |
-
|
830 |
-
// the sending of SSH2_MSG_KEXINIT could go in one of two places. this is the second place.
|
831 |
-
$kexinit_payload_client = pack('Ca*Na*Na*Na*Na*Na*Na*Na*Na*Na*Na*CN',
|
832 |
-
NET_SSH2_MSG_KEXINIT, $client_cookie, strlen($str_kex_algorithms), $str_kex_algorithms,
|
833 |
-
strlen($str_server_host_key_algorithms), $str_server_host_key_algorithms, strlen($encryption_algorithms_client_to_server),
|
834 |
-
$encryption_algorithms_client_to_server, strlen($encryption_algorithms_server_to_client), $encryption_algorithms_server_to_client,
|
835 |
-
strlen($mac_algorithms_client_to_server), $mac_algorithms_client_to_server, strlen($mac_algorithms_server_to_client),
|
836 |
-
$mac_algorithms_server_to_client, strlen($compression_algorithms_client_to_server), $compression_algorithms_client_to_server,
|
837 |
-
strlen($compression_algorithms_server_to_client), $compression_algorithms_server_to_client, 0, '', 0, '',
|
838 |
-
0, 0
|
839 |
-
);
|
840 |
-
|
841 |
-
if (!$this->_send_binary_packet($kexinit_payload_client)) {
|
842 |
-
return false;
|
843 |
-
}
|
844 |
-
// here ends the second place.
|
845 |
-
|
846 |
-
// we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange
|
847 |
-
for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_server_to_client); $i++);
|
848 |
-
if ($i == count($encryption_algorithms)) {
|
849 |
-
user_error('No compatible server to client encryption algorithms found', E_USER_NOTICE);
|
850 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
851 |
-
}
|
852 |
-
|
853 |
-
// we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the
|
854 |
-
// diffie-hellman key exchange as fast as possible
|
855 |
-
$decrypt = $encryption_algorithms[$i];
|
856 |
-
switch ($decrypt) {
|
857 |
-
case '3des-cbc':
|
858 |
-
case '3des-ctr':
|
859 |
-
$decryptKeyLength = 24; // eg. 192 / 8
|
860 |
-
break;
|
861 |
-
case 'aes256-cbc':
|
862 |
-
case 'aes256-ctr':
|
863 |
-
$decryptKeyLength = 32; // eg. 256 / 8
|
864 |
-
break;
|
865 |
-
case 'aes192-cbc':
|
866 |
-
case 'aes192-ctr':
|
867 |
-
$decryptKeyLength = 24; // eg. 192 / 8
|
868 |
-
break;
|
869 |
-
case 'aes128-cbc':
|
870 |
-
case 'aes128-ctr':
|
871 |
-
$decryptKeyLength = 16; // eg. 128 / 8
|
872 |
-
break;
|
873 |
-
case 'arcfour':
|
874 |
-
case 'arcfour128':
|
875 |
-
$decryptKeyLength = 16; // eg. 128 / 8
|
876 |
-
break;
|
877 |
-
case 'arcfour256':
|
878 |
-
$decryptKeyLength = 32; // eg. 128 / 8
|
879 |
-
break;
|
880 |
-
case 'none';
|
881 |
-
$decryptKeyLength = 0;
|
882 |
-
}
|
883 |
-
|
884 |
-
for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_client_to_server); $i++);
|
885 |
-
if ($i == count($encryption_algorithms)) {
|
886 |
-
user_error('No compatible client to server encryption algorithms found', E_USER_NOTICE);
|
887 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
888 |
-
}
|
889 |
-
|
890 |
-
$encrypt = $encryption_algorithms[$i];
|
891 |
-
switch ($encrypt) {
|
892 |
-
case '3des-cbc':
|
893 |
-
case '3des-ctr':
|
894 |
-
$encryptKeyLength = 24;
|
895 |
-
break;
|
896 |
-
case 'aes256-cbc':
|
897 |
-
case 'aes256-ctr':
|
898 |
-
$encryptKeyLength = 32;
|
899 |
-
break;
|
900 |
-
case 'aes192-cbc':
|
901 |
-
case 'aes192-ctr':
|
902 |
-
$encryptKeyLength = 24;
|
903 |
-
break;
|
904 |
-
case 'aes128-cbc':
|
905 |
-
case 'aes128-ctr':
|
906 |
-
$encryptKeyLength = 16;
|
907 |
-
break;
|
908 |
-
case 'arcfour':
|
909 |
-
case 'arcfour128':
|
910 |
-
$encryptKeyLength = 16;
|
911 |
-
break;
|
912 |
-
case 'arcfour256':
|
913 |
-
$encryptKeyLength = 32;
|
914 |
-
break;
|
915 |
-
case 'none';
|
916 |
-
$encryptKeyLength = 0;
|
917 |
-
}
|
918 |
-
|
919 |
-
$keyLength = $decryptKeyLength > $encryptKeyLength ? $decryptKeyLength : $encryptKeyLength;
|
920 |
-
|
921 |
-
// through diffie-hellman key exchange a symmetric key is obtained
|
922 |
-
for ($i = 0; $i < count($kex_algorithms) && !in_array($kex_algorithms[$i], $this->kex_algorithms); $i++);
|
923 |
-
if ($i == count($kex_algorithms)) {
|
924 |
-
user_error('No compatible key exchange algorithms found', E_USER_NOTICE);
|
925 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
926 |
-
}
|
927 |
-
|
928 |
-
switch ($kex_algorithms[$i]) {
|
929 |
-
// see http://tools.ietf.org/html/rfc2409#section-6.2 and
|
930 |
-
// http://tools.ietf.org/html/rfc2412, appendex E
|
931 |
-
case 'diffie-hellman-group1-sha1':
|
932 |
-
$p = pack('H256', 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' .
|
933 |
-
'020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' .
|
934 |
-
'4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' .
|
935 |
-
'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF');
|
936 |
-
$keyLength = $keyLength < 160 ? $keyLength : 160;
|
937 |
-
$hash = 'sha1';
|
938 |
-
break;
|
939 |
-
// see http://tools.ietf.org/html/rfc3526#section-3
|
940 |
-
case 'diffie-hellman-group14-sha1':
|
941 |
-
$p = pack('H512', 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' .
|
942 |
-
'020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' .
|
943 |
-
'4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' .
|
944 |
-
'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' .
|
945 |
-
'98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' .
|
946 |
-
'9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' .
|
947 |
-
'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' .
|
948 |
-
'3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF');
|
949 |
-
$keyLength = $keyLength < 160 ? $keyLength : 160;
|
950 |
-
$hash = 'sha1';
|
951 |
-
}
|
952 |
-
|
953 |
-
$p = new Math_BigInteger($p, 256);
|
954 |
-
//$q = $p->bitwise_rightShift(1);
|
955 |
-
|
956 |
-
/* To increase the speed of the key exchange, both client and server may
|
957 |
-
reduce the size of their private exponents. It should be at least
|
958 |
-
twice as long as the key material that is generated from the shared
|
959 |
-
secret. For more details, see the paper by van Oorschot and Wiener
|
960 |
-
[VAN-OORSCHOT].
|
961 |
-
|
962 |
-
-- http://tools.ietf.org/html/rfc4419#section-6.2 */
|
963 |
-
$q = new Math_BigInteger(1);
|
964 |
-
$q = $q->bitwise_leftShift(2 * $keyLength);
|
965 |
-
$q = $q->subtract(new Math_BigInteger(1));
|
966 |
-
|
967 |
-
$g = new Math_BigInteger(2);
|
968 |
-
$x = new Math_BigInteger();
|
969 |
-
$x->setRandomGenerator('crypt_random');
|
970 |
-
$x = $x->random(new Math_BigInteger(1), $q);
|
971 |
-
$e = $g->modPow($x, $p);
|
972 |
-
|
973 |
-
$eBytes = $e->toBytes(true);
|
974 |
-
$data = pack('CNa*', NET_SSH2_MSG_KEXDH_INIT, strlen($eBytes), $eBytes);
|
975 |
-
|
976 |
-
if (!$this->_send_binary_packet($data)) {
|
977 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
978 |
-
return false;
|
979 |
-
}
|
980 |
-
|
981 |
-
$response = $this->_get_binary_packet();
|
982 |
-
if ($response === false) {
|
983 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
984 |
-
return false;
|
985 |
-
}
|
986 |
-
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
987 |
-
|
988 |
-
if ($type != NET_SSH2_MSG_KEXDH_REPLY) {
|
989 |
-
user_error('Expected SSH_MSG_KEXDH_REPLY', E_USER_NOTICE);
|
990 |
-
return false;
|
991 |
-
}
|
992 |
-
|
993 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
994 |
-
$this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']);
|
995 |
-
|
996 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
997 |
-
$public_key_format = $this->_string_shift($server_public_host_key, $temp['length']);
|
998 |
-
|
999 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
1000 |
-
$fBytes = $this->_string_shift($response, $temp['length']);
|
1001 |
-
$f = new Math_BigInteger($fBytes, -256);
|
1002 |
-
|
1003 |
-
$temp = unpack('Nlength', $this->_string_shift($response, 4));
|
1004 |
-
$this->signature = $this->_string_shift($response, $temp['length']);
|
1005 |
-
|
1006 |
-
$temp = unpack('Nlength', $this->_string_shift($this->signature, 4));
|
1007 |
-
$this->signature_format = $this->_string_shift($this->signature, $temp['length']);
|
1008 |
-
|
1009 |
-
$key = $f->modPow($x, $p);
|
1010 |
-
$keyBytes = $key->toBytes(true);
|
1011 |
-
|
1012 |
-
if ($this->session_id === false) {
|
1013 |
-
$source = pack('Na*Na*Na*Na*Na*Na*Na*Na*',
|
1014 |
-
strlen($this->identifier), $this->identifier, strlen($this->server_identifier), $this->server_identifier,
|
1015 |
-
strlen($kexinit_payload_client), $kexinit_payload_client, strlen($kexinit_payload_server),
|
1016 |
-
$kexinit_payload_server, strlen($this->server_public_host_key), $this->server_public_host_key, strlen($eBytes),
|
1017 |
-
$eBytes, strlen($fBytes), $fBytes, strlen($keyBytes), $keyBytes
|
1018 |
-
);
|
1019 |
-
|
1020 |
-
$source = pack('H*', $hash($source));
|
1021 |
-
|
1022 |
-
$this->session_id = $source;
|
1023 |
-
}
|
1024 |
-
|
1025 |
-
for ($i = 0; $i < count($server_host_key_algorithms) && !in_array($server_host_key_algorithms[$i], $this->server_host_key_algorithms); $i++);
|
1026 |
-
if ($i == count($server_host_key_algorithms)) {
|
1027 |
-
user_error('No compatible server host key algorithms found', E_USER_NOTICE);
|
1028 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
1029 |
-
}
|
1030 |
-
|
1031 |
-
if ($public_key_format != $server_host_key_algorithms[$i] || $this->signature_format != $server_host_key_algorithms[$i]) {
|
1032 |
-
user_error('Sever Host Key Algorithm Mismatch', E_USER_NOTICE);
|
1033 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
1034 |
-
}
|
1035 |
-
|
1036 |
-
$packet = pack('C',
|
1037 |
-
NET_SSH2_MSG_NEWKEYS
|
1038 |
-
);
|
1039 |
-
|
1040 |
-
if (!$this->_send_binary_packet($packet)) {
|
1041 |
-
return false;
|
1042 |
-
}
|
1043 |
-
|
1044 |
-
$response = $this->_get_binary_packet();
|
1045 |
-
|
1046 |
-
if ($response === false) {
|
1047 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
1048 |
-
return false;
|
1049 |
-
}
|
1050 |
-
|
1051 |
-
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
1052 |
-
|
1053 |
-
if ($type != NET_SSH2_MSG_NEWKEYS) {
|
1054 |
-
user_error('Expected SSH_MSG_NEWKEYS', E_USER_NOTICE);
|
1055 |
-
return false;
|
1056 |
-
}
|
1057 |
-
|
1058 |
-
switch ($encrypt) {
|
1059 |
-
case '3des-cbc':
|
1060 |
-
$this->encrypt = new Crypt_TripleDES();
|
1061 |
-
// $this->encrypt_block_size = 64 / 8 == the default
|
1062 |
-
break;
|
1063 |
-
case '3des-ctr':
|
1064 |
-
$this->encrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
1065 |
-
// $this->encrypt_block_size = 64 / 8 == the default
|
1066 |
-
break;
|
1067 |
-
case 'aes256-cbc':
|
1068 |
-
case 'aes192-cbc':
|
1069 |
-
case 'aes128-cbc':
|
1070 |
-
$this->encrypt = new Crypt_AES();
|
1071 |
-
$this->encrypt_block_size = 16; // eg. 128 / 8
|
1072 |
-
break;
|
1073 |
-
case 'aes256-ctr':
|
1074 |
-
case 'aes192-ctr':
|
1075 |
-
case 'aes128-ctr':
|
1076 |
-
$this->encrypt = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
1077 |
-
$this->encrypt_block_size = 16; // eg. 128 / 8
|
1078 |
-
break;
|
1079 |
-
case 'arcfour':
|
1080 |
-
case 'arcfour128':
|
1081 |
-
case 'arcfour256':
|
1082 |
-
$this->encrypt = new Crypt_RC4();
|
1083 |
-
break;
|
1084 |
-
case 'none';
|
1085 |
-
//$this->encrypt = new Crypt_Null();
|
1086 |
-
}
|
1087 |
-
|
1088 |
-
switch ($decrypt) {
|
1089 |
-
case '3des-cbc':
|
1090 |
-
$this->decrypt = new Crypt_TripleDES();
|
1091 |
-
break;
|
1092 |
-
case '3des-ctr':
|
1093 |
-
$this->decrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
1094 |
-
break;
|
1095 |
-
case 'aes256-cbc':
|
1096 |
-
case 'aes192-cbc':
|
1097 |
-
case 'aes128-cbc':
|
1098 |
-
$this->decrypt = new Crypt_AES();
|
1099 |
-
$this->decrypt_block_size = 16;
|
1100 |
-
break;
|
1101 |
-
case 'aes256-ctr':
|
1102 |
-
case 'aes192-ctr':
|
1103 |
-
case 'aes128-ctr':
|
1104 |
-
$this->decrypt = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
1105 |
-
$this->decrypt_block_size = 16;
|
1106 |
-
break;
|
1107 |
-
case 'arcfour':
|
1108 |
-
case 'arcfour128':
|
1109 |
-
case 'arcfour256':
|
1110 |
-
$this->decrypt = new Crypt_RC4();
|
1111 |
-
break;
|
1112 |
-
case 'none';
|
1113 |
-
//$this->decrypt = new Crypt_Null();
|
1114 |
-
}
|
1115 |
-
|
1116 |
-
$keyBytes = pack('Na*', strlen($keyBytes), $keyBytes);
|
1117 |
-
|
1118 |
-
if ($this->encrypt) {
|
1119 |
-
$this->encrypt->enableContinuousBuffer();
|
1120 |
-
$this->encrypt->disablePadding();
|
1121 |
-
|
1122 |
-
$iv = pack('H*', $hash($keyBytes . $this->session_id . 'A' . $this->session_id));
|
1123 |
-
while ($this->encrypt_block_size > strlen($iv)) {
|
1124 |
-
$iv.= pack('H*', $hash($keyBytes . $this->session_id . $iv));
|
1125 |
-
}
|
1126 |
-
$this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size));
|
1127 |
-
|
1128 |
-
$key = pack('H*', $hash($keyBytes . $this->session_id . 'C' . $this->session_id));
|
1129 |
-
while ($encryptKeyLength > strlen($key)) {
|
1130 |
-
$key.= pack('H*', $hash($keyBytes . $this->session_id . $key));
|
1131 |
-
}
|
1132 |
-
$this->encrypt->setKey(substr($key, 0, $encryptKeyLength));
|
1133 |
-
}
|
1134 |
-
|
1135 |
-
if ($this->decrypt) {
|
1136 |
-
$this->decrypt->enableContinuousBuffer();
|
1137 |
-
$this->decrypt->disablePadding();
|
1138 |
-
|
1139 |
-
$iv = pack('H*', $hash($keyBytes . $this->session_id . 'B' . $this->session_id));
|
1140 |
-
while ($this->decrypt_block_size > strlen($iv)) {
|
1141 |
-
$iv.= pack('H*', $hash($keyBytes . $this->session_id . $iv));
|
1142 |
-
}
|
1143 |
-
$this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size));
|
1144 |
-
|
1145 |
-
$key = pack('H*', $hash($keyBytes . $this->session_id . 'D' . $this->session_id));
|
1146 |
-
while ($decryptKeyLength > strlen($key)) {
|
1147 |
-
$key.= pack('H*', $hash($keyBytes . $this->session_id . $key));
|
1148 |
-
}
|
1149 |
-
$this->decrypt->setKey(substr($key, 0, $decryptKeyLength));
|
1150 |
-
}
|
1151 |
-
|
1152 |
-
/* The "arcfour128" algorithm is the RC4 cipher, as described in
|
1153 |
-
[SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream
|
1154 |
-
generated by the cipher MUST be discarded, and the first byte of the
|
1155 |
-
first encrypted packet MUST be encrypted using the 1537th byte of
|
1156 |
-
keystream.
|
1157 |
-
|
1158 |
-
-- http://tools.ietf.org/html/rfc4345#section-4 */
|
1159 |
-
if ($encrypt == 'arcfour128' || $encrypt == 'arcfour256') {
|
1160 |
-
$this->encrypt->encrypt(str_repeat("\0", 1536));
|
1161 |
-
}
|
1162 |
-
if ($decrypt == 'arcfour128' || $decrypt == 'arcfour256') {
|
1163 |
-
$this->decrypt->decrypt(str_repeat("\0", 1536));
|
1164 |
-
}
|
1165 |
-
|
1166 |
-
for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_client_to_server); $i++);
|
1167 |
-
if ($i == count($mac_algorithms)) {
|
1168 |
-
user_error('No compatible client to server message authentication algorithms found', E_USER_NOTICE);
|
1169 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
1170 |
-
}
|
1171 |
-
|
1172 |
-
$createKeyLength = 0; // ie. $mac_algorithms[$i] == 'none'
|
1173 |
-
switch ($mac_algorithms[$i]) {
|
1174 |
-
case 'hmac-sha1':
|
1175 |
-
$this->hmac_create = new Crypt_Hash('sha1');
|
1176 |
-
$createKeyLength = 20;
|
1177 |
-
break;
|
1178 |
-
case 'hmac-sha1-96':
|
1179 |
-
$this->hmac_create = new Crypt_Hash('sha1-96');
|
1180 |
-
$createKeyLength = 20;
|
1181 |
-
break;
|
1182 |
-
case 'hmac-md5':
|
1183 |
-
$this->hmac_create = new Crypt_Hash('md5');
|
1184 |
-
$createKeyLength = 16;
|
1185 |
-
break;
|
1186 |
-
case 'hmac-md5-96':
|
1187 |
-
$this->hmac_create = new Crypt_Hash('md5-96');
|
1188 |
-
$createKeyLength = 16;
|
1189 |
-
}
|
1190 |
-
|
1191 |
-
for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_server_to_client); $i++);
|
1192 |
-
if ($i == count($mac_algorithms)) {
|
1193 |
-
user_error('No compatible server to client message authentication algorithms found', E_USER_NOTICE);
|
1194 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
1195 |
-
}
|
1196 |
-
|
1197 |
-
$checkKeyLength = 0;
|
1198 |
-
$this->hmac_size = 0;
|
1199 |
-
switch ($mac_algorithms[$i]) {
|
1200 |
-
case 'hmac-sha1':
|
1201 |
-
$this->hmac_check = new Crypt_Hash('sha1');
|
1202 |
-
$checkKeyLength = 20;
|
1203 |
-
$this->hmac_size = 20;
|
1204 |
-
break;
|
1205 |
-
case 'hmac-sha1-96':
|
1206 |
-
$this->hmac_check = new Crypt_Hash('sha1-96');
|
1207 |
-
$checkKeyLength = 20;
|
1208 |
-
$this->hmac_size = 12;
|
1209 |
-
break;
|
1210 |
-
case 'hmac-md5':
|
1211 |
-
$this->hmac_check = new Crypt_Hash('md5');
|
1212 |
-
$checkKeyLength = 16;
|
1213 |
-
$this->hmac_size = 16;
|
1214 |
-
break;
|
1215 |
-
case 'hmac-md5-96':
|
1216 |
-
$this->hmac_check = new Crypt_Hash('md5-96');
|
1217 |
-
$checkKeyLength = 16;
|
1218 |
-
$this->hmac_size = 12;
|
1219 |
-
}
|
1220 |
-
|
1221 |
-
$key = pack('H*', $hash($keyBytes . $this->session_id . 'E' . $this->session_id));
|
1222 |
-
while ($createKeyLength > strlen($key)) {
|
1223 |
-
$key.= pack('H*', $hash($keyBytes . $this->session_id . $key));
|
1224 |
-
}
|
1225 |
-
$this->hmac_create->setKey(substr($key, 0, $createKeyLength));
|
1226 |
-
|
1227 |
-
$key = pack('H*', $hash($keyBytes . $this->session_id . 'F' . $this->session_id));
|
1228 |
-
while ($checkKeyLength > strlen($key)) {
|
1229 |
-
$key.= pack('H*', $hash($keyBytes . $this->session_id . $key));
|
1230 |
-
}
|
1231 |
-
$this->hmac_check->setKey(substr($key, 0, $checkKeyLength));
|
1232 |
-
|
1233 |
-
for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_server_to_client); $i++);
|
1234 |
-
if ($i == count($compression_algorithms)) {
|
1235 |
-
user_error('No compatible server to client compression algorithms found', E_USER_NOTICE);
|
1236 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
1237 |
-
}
|
1238 |
-
$this->decompress = $compression_algorithms[$i] == 'zlib';
|
1239 |
-
|
1240 |
-
for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_client_to_server); $i++);
|
1241 |
-
if ($i == count($compression_algorithms)) {
|
1242 |
-
user_error('No compatible client to server compression algorithms found', E_USER_NOTICE);
|
1243 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
1244 |
-
}
|
1245 |
-
$this->compress = $compression_algorithms[$i] == 'zlib';
|
1246 |
-
|
1247 |
-
return true;
|
1248 |
-
}
|
1249 |
-
|
1250 |
-
/**
|
1251 |
-
* Login
|
1252 |
-
*
|
1253 |
-
* @param String $username
|
1254 |
-
* @param optional String $password
|
1255 |
-
* @return Boolean
|
1256 |
-
* @access public
|
1257 |
-
* @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis}
|
1258 |
-
* by sending dummy SSH_MSG_IGNORE messages.
|
1259 |
-
*/
|
1260 |
-
function login($username, $password = '')
|
1261 |
-
{
|
1262 |
-
if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) {
|
1263 |
-
return false;
|
1264 |
-
}
|
1265 |
-
|
1266 |
-
$packet = pack('CNa*',
|
1267 |
-
NET_SSH2_MSG_SERVICE_REQUEST, strlen('ssh-userauth'), 'ssh-userauth'
|
1268 |
-
);
|
1269 |
-
|
1270 |
-
if (!$this->_send_binary_packet($packet)) {
|
1271 |
-
return false;
|
1272 |
-
}
|
1273 |
-
|
1274 |
-
$response = $this->_get_binary_packet();
|
1275 |
-
if ($response === false) {
|
1276 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
1277 |
-
return false;
|
1278 |
-
}
|
1279 |
-
|
1280 |
-
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
1281 |
-
|
1282 |
-
if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
|
1283 |
-
user_error('Expected SSH_MSG_SERVICE_ACCEPT', E_USER_NOTICE);
|
1284 |
-
return false;
|
1285 |
-
}
|
1286 |
-
|
1287 |
-
// although PHP5's get_class() preserves the case, PHP4's does not
|
1288 |
-
if (is_object($password) && strtolower(get_class($password)) == 'crypt_rsa') {
|
1289 |
-
return $this->_privatekey_login($username, $password);
|
1290 |
-
}
|
1291 |
-
|
1292 |
-
$utf8_password = utf8_encode($password);
|
1293 |
-
$packet = pack('CNa*Na*Na*CNa*',
|
1294 |
-
NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
|
1295 |
-
strlen('password'), 'password', 0, strlen($utf8_password), $utf8_password
|
1296 |
-
);
|
1297 |
-
|
1298 |
-
if (!$this->_send_binary_packet($packet)) {
|
1299 |
-
return false;
|
1300 |
-
}
|
1301 |
-
|
1302 |
-
// remove the username and password from the last logged packet
|
1303 |
-
if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
|
1304 |
-
$packet = pack('CNa*Na*Na*CNa*',
|
1305 |
-
NET_SSH2_MSG_USERAUTH_REQUEST, strlen('username'), 'username', strlen('ssh-connection'), 'ssh-connection',
|
1306 |
-
strlen('password'), 'password', 0, strlen('password'), 'password'
|
1307 |
-
);
|
1308 |
-
$this->message_log[count($this->message_log) - 1] = $packet;
|
1309 |
-
}
|
1310 |
-
|
1311 |
-
$response = $this->_get_binary_packet();
|
1312 |
-
if ($response === false) {
|
1313 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
1314 |
-
return false;
|
1315 |
-
}
|
1316 |
-
|
1317 |
-
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
1318 |
-
|
1319 |
-
switch ($type) {
|
1320 |
-
case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed
|
1321 |
-
if (defined('NET_SSH2_LOGGING')) {
|
1322 |
-
$this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ';
|
1323 |
-
}
|
1324 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1325 |
-
$this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length));
|
1326 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
|
1327 |
-
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
1328 |
-
// either the login is bad or the server employees multi-factor authentication
|
1329 |
-
return false;
|
1330 |
-
case NET_SSH2_MSG_USERAUTH_SUCCESS:
|
1331 |
-
$this->bitmap |= NET_SSH2_MASK_LOGIN;
|
1332 |
-
return true;
|
1333 |
-
}
|
1334 |
-
|
1335 |
-
return false;
|
1336 |
-
}
|
1337 |
-
|
1338 |
-
/**
|
1339 |
-
* Login with an RSA private key
|
1340 |
-
*
|
1341 |
-
* @param String $username
|
1342 |
-
* @param Crypt_RSA $password
|
1343 |
-
* @return Boolean
|
1344 |
-
* @access private
|
1345 |
-
* @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis}
|
1346 |
-
* by sending dummy SSH_MSG_IGNORE messages.
|
1347 |
-
*/
|
1348 |
-
function _privatekey_login($username, $privatekey)
|
1349 |
-
{
|
1350 |
-
// see http://tools.ietf.org/html/rfc4253#page-15
|
1351 |
-
$publickey = $privatekey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_RAW);
|
1352 |
-
if ($publickey === false) {
|
1353 |
-
return false;
|
1354 |
-
}
|
1355 |
-
|
1356 |
-
$publickey = array(
|
1357 |
-
'e' => $publickey['e']->toBytes(true),
|
1358 |
-
'n' => $publickey['n']->toBytes(true)
|
1359 |
-
);
|
1360 |
-
$publickey = pack('Na*Na*Na*',
|
1361 |
-
strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey['e']), $publickey['e'], strlen($publickey['n']), $publickey['n']
|
1362 |
-
);
|
1363 |
-
|
1364 |
-
$part1 = pack('CNa*Na*Na*',
|
1365 |
-
NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
|
1366 |
-
strlen('publickey'), 'publickey'
|
1367 |
-
);
|
1368 |
-
$part2 = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey), $publickey);
|
1369 |
-
|
1370 |
-
$packet = $part1 . chr(0) . $part2;
|
1371 |
-
|
1372 |
-
if (!$this->_send_binary_packet($packet)) {
|
1373 |
-
return false;
|
1374 |
-
}
|
1375 |
-
|
1376 |
-
$response = $this->_get_binary_packet();
|
1377 |
-
if ($response === false) {
|
1378 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
1379 |
-
return false;
|
1380 |
-
}
|
1381 |
-
|
1382 |
-
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
1383 |
-
|
1384 |
-
switch ($type) {
|
1385 |
-
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
1386 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1387 |
-
$this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length);
|
1388 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
|
1389 |
-
case NET_SSH2_MSG_USERAUTH_PK_OK:
|
1390 |
-
// we'll just take it on faith that the public key blob and the public key algorithm name are as
|
1391 |
-
// they should be
|
1392 |
-
if (defined('NET_SSH2_LOGGING')) {
|
1393 |
-
$this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PK_OK';
|
1394 |
-
}
|
1395 |
-
}
|
1396 |
-
|
1397 |
-
$packet = $part1 . chr(1) . $part2;
|
1398 |
-
$privatekey->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
|
1399 |
-
$signature = $privatekey->sign(pack('Na*a*', strlen($this->session_id), $this->session_id, $packet));
|
1400 |
-
$signature = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($signature), $signature);
|
1401 |
-
$packet.= pack('Na*', strlen($signature), $signature);
|
1402 |
-
|
1403 |
-
if (!$this->_send_binary_packet($packet)) {
|
1404 |
-
return false;
|
1405 |
-
}
|
1406 |
-
|
1407 |
-
$response = $this->_get_binary_packet();
|
1408 |
-
if ($response === false) {
|
1409 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
1410 |
-
return false;
|
1411 |
-
}
|
1412 |
-
|
1413 |
-
extract(unpack('Ctype', $this->_string_shift($response, 1)));
|
1414 |
-
|
1415 |
-
switch ($type) {
|
1416 |
-
case NET_SSH2_MSG_USERAUTH_FAILURE:
|
1417 |
-
// either the login is bad or the server employees multi-factor authentication
|
1418 |
-
return false;
|
1419 |
-
case NET_SSH2_MSG_USERAUTH_SUCCESS:
|
1420 |
-
$this->bitmap |= NET_SSH2_MASK_LOGIN;
|
1421 |
-
return true;
|
1422 |
-
}
|
1423 |
-
|
1424 |
-
return false;
|
1425 |
-
}
|
1426 |
-
|
1427 |
-
/**
|
1428 |
-
* Execute Command
|
1429 |
-
*
|
1430 |
-
* @param String $command
|
1431 |
-
* @return String
|
1432 |
-
* @access public
|
1433 |
-
*/
|
1434 |
-
function exec($command)
|
1435 |
-
{
|
1436 |
-
if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1437 |
-
return false;
|
1438 |
-
}
|
1439 |
-
|
1440 |
-
// RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to
|
1441 |
-
// be adjusted". 0x7FFFFFFF is, at 4GB, the max size. technically, it should probably be decremented, but,
|
1442 |
-
// honestly, if you're transfering more than 4GB, you probably shouldn't be using phpseclib, anyway.
|
1443 |
-
// see http://tools.ietf.org/html/rfc4254#section-5.2 for more info
|
1444 |
-
$this->window_size_client_to_server[NET_SSH2_CHANNEL_EXEC] = 0x7FFFFFFF;
|
1445 |
-
// 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy
|
1446 |
-
// uses 0x4000, that's what will be used here, as well.
|
1447 |
-
$packet_size = 0x4000;
|
1448 |
-
|
1449 |
-
$packet = pack('CNa*N3',
|
1450 |
-
NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_EXEC, $this->window_size_client_to_server[NET_SSH2_CHANNEL_EXEC], $packet_size);
|
1451 |
-
|
1452 |
-
if (!$this->_send_binary_packet($packet)) {
|
1453 |
-
return false;
|
1454 |
-
}
|
1455 |
-
|
1456 |
-
$this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_OPEN;
|
1457 |
-
|
1458 |
-
$response = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC);
|
1459 |
-
if ($response === false) {
|
1460 |
-
return false;
|
1461 |
-
}
|
1462 |
-
|
1463 |
-
// sending a pty-req SSH_MSG_CHANNEL_REQUEST message is unnecessary and, in fact, in most cases, slows things
|
1464 |
-
// down. the one place where it might be desirable is if you're doing something like Net_SSH2::exec('ping localhost &').
|
1465 |
-
// with a pty-req SSH_MSG_cHANNEL_REQUEST, exec() will return immediately and the ping process will then
|
1466 |
-
// then immediately terminate. without such a request exec() will loop indefinitely. the ping process won't end but
|
1467 |
-
// neither will your script.
|
1468 |
-
|
1469 |
-
// although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by
|
1470 |
-
// SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the
|
1471 |
-
// "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates.
|
1472 |
-
$packet = pack('CNNa*CNa*',
|
1473 |
-
NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_EXEC], strlen('exec'), 'exec', 1, strlen($command), $command);
|
1474 |
-
if (!$this->_send_binary_packet($packet)) {
|
1475 |
-
return false;
|
1476 |
-
}
|
1477 |
-
|
1478 |
-
$this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST;
|
1479 |
-
|
1480 |
-
$response = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC);
|
1481 |
-
if ($response === false) {
|
1482 |
-
return false;
|
1483 |
-
}
|
1484 |
-
|
1485 |
-
$this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_DATA;
|
1486 |
-
|
1487 |
-
$output = '';
|
1488 |
-
while (true) {
|
1489 |
-
$temp = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC);
|
1490 |
-
switch (true) {
|
1491 |
-
case $temp === true:
|
1492 |
-
return $output;
|
1493 |
-
case $temp === false:
|
1494 |
-
return false;
|
1495 |
-
default:
|
1496 |
-
$output.= $temp;
|
1497 |
-
}
|
1498 |
-
}
|
1499 |
-
}
|
1500 |
-
|
1501 |
-
/**
|
1502 |
-
* Disconnect
|
1503 |
-
*
|
1504 |
-
* @access public
|
1505 |
-
*/
|
1506 |
-
function disconnect()
|
1507 |
-
{
|
1508 |
-
$this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
|
1509 |
-
}
|
1510 |
-
|
1511 |
-
/**
|
1512 |
-
* Destructor.
|
1513 |
-
*
|
1514 |
-
* Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
|
1515 |
-
* disconnect().
|
1516 |
-
*
|
1517 |
-
* @access public
|
1518 |
-
*/
|
1519 |
-
function __destruct()
|
1520 |
-
{
|
1521 |
-
$this->disconnect();
|
1522 |
-
}
|
1523 |
-
|
1524 |
-
/**
|
1525 |
-
* Gets Binary Packets
|
1526 |
-
*
|
1527 |
-
* See '6. Binary Packet Protocol' of rfc4253 for more info.
|
1528 |
-
*
|
1529 |
-
* @see Net_SSH2::_send_binary_packet()
|
1530 |
-
* @return String
|
1531 |
-
* @access private
|
1532 |
-
*/
|
1533 |
-
function _get_binary_packet()
|
1534 |
-
{
|
1535 |
-
if (feof($this->fsock)) {
|
1536 |
-
user_error('Connection closed prematurely', E_USER_NOTICE);
|
1537 |
-
return false;
|
1538 |
-
}
|
1539 |
-
|
1540 |
-
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
1541 |
-
$raw = fread($this->fsock, $this->decrypt_block_size);
|
1542 |
-
$stop = strtok(microtime(), ' ') + strtok('');
|
1543 |
-
|
1544 |
-
if ($this->decrypt !== false) {
|
1545 |
-
$raw = $this->decrypt->decrypt($raw);
|
1546 |
-
}
|
1547 |
-
|
1548 |
-
extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5)));
|
1549 |
-
|
1550 |
-
$remaining_length = $packet_length + 4 - $this->decrypt_block_size;
|
1551 |
-
$buffer = '';
|
1552 |
-
while ($remaining_length > 0) {
|
1553 |
-
$temp = fread($this->fsock, $remaining_length);
|
1554 |
-
$buffer.= $temp;
|
1555 |
-
$remaining_length-= strlen($temp);
|
1556 |
-
}
|
1557 |
-
if (!empty($buffer)) {
|
1558 |
-
$raw.= $this->decrypt !== false ? $this->decrypt->decrypt($buffer) : $buffer;
|
1559 |
-
$buffer = $temp = '';
|
1560 |
-
}
|
1561 |
-
|
1562 |
-
$payload = $this->_string_shift($raw, $packet_length - $padding_length - 1);
|
1563 |
-
$padding = $this->_string_shift($raw, $padding_length); // should leave $raw empty
|
1564 |
-
|
1565 |
-
if ($this->hmac_check !== false) {
|
1566 |
-
$hmac = fread($this->fsock, $this->hmac_size);
|
1567 |
-
if ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) {
|
1568 |
-
user_error('Invalid HMAC', E_USER_NOTICE);
|
1569 |
-
return false;
|
1570 |
-
}
|
1571 |
-
}
|
1572 |
-
|
1573 |
-
//if ($this->decompress) {
|
1574 |
-
// $payload = gzinflate(substr($payload, 2));
|
1575 |
-
//}
|
1576 |
-
|
1577 |
-
$this->get_seq_no++;
|
1578 |
-
|
1579 |
-
if (defined('NET_SSH2_LOGGING')) {
|
1580 |
-
$temp = isset($this->message_numbers[ord($payload[0])]) ? $this->message_numbers[ord($payload[0])] : 'UNKNOWN';
|
1581 |
-
$this->message_number_log[] = '<- ' . $temp .
|
1582 |
-
' (' . round($stop - $start, 4) . 's)';
|
1583 |
-
if (NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
|
1584 |
-
$this->message_log[] = substr($payload, 1);
|
1585 |
-
}
|
1586 |
-
}
|
1587 |
-
|
1588 |
-
return $this->_filter($payload);
|
1589 |
-
}
|
1590 |
-
|
1591 |
-
/**
|
1592 |
-
* Filter Binary Packets
|
1593 |
-
*
|
1594 |
-
* Because some binary packets need to be ignored...
|
1595 |
-
*
|
1596 |
-
* @see Net_SSH2::_get_binary_packet()
|
1597 |
-
* @return String
|
1598 |
-
* @access private
|
1599 |
-
*/
|
1600 |
-
function _filter($payload)
|
1601 |
-
{
|
1602 |
-
switch (ord($payload[0])) {
|
1603 |
-
case NET_SSH2_MSG_DISCONNECT:
|
1604 |
-
$this->_string_shift($payload, 1);
|
1605 |
-
extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8)));
|
1606 |
-
$this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length));
|
1607 |
-
$this->bitmask = 0;
|
1608 |
-
return false;
|
1609 |
-
case NET_SSH2_MSG_IGNORE:
|
1610 |
-
$payload = $this->_get_binary_packet();
|
1611 |
-
break;
|
1612 |
-
case NET_SSH2_MSG_DEBUG:
|
1613 |
-
$this->_string_shift($payload, 2);
|
1614 |
-
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
1615 |
-
$this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length));
|
1616 |
-
$payload = $this->_get_binary_packet();
|
1617 |
-
break;
|
1618 |
-
case NET_SSH2_MSG_UNIMPLEMENTED:
|
1619 |
-
return false;
|
1620 |
-
case NET_SSH2_MSG_KEXINIT:
|
1621 |
-
if ($this->session_id !== false) {
|
1622 |
-
if (!$this->_key_exchange($payload)) {
|
1623 |
-
$this->bitmask = 0;
|
1624 |
-
return false;
|
1625 |
-
}
|
1626 |
-
$payload = $this->_get_binary_packet();
|
1627 |
-
}
|
1628 |
-
}
|
1629 |
-
|
1630 |
-
// see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in
|
1631 |
-
if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
|
1632 |
-
$this->_string_shift($payload, 1);
|
1633 |
-
extract(unpack('Nlength', $this->_string_shift($payload, 4)));
|
1634 |
-
$this->errors[] = 'SSH_MSG_USERAUTH_BANNER: ' . utf8_decode($this->_string_shift($payload, $length));
|
1635 |
-
$payload = $this->_get_binary_packet();
|
1636 |
-
}
|
1637 |
-
|
1638 |
-
// only called when we've already logged in
|
1639 |
-
if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) {
|
1640 |
-
switch (ord($payload[0])) {
|
1641 |
-
case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4
|
1642 |
-
$this->_string_shift($payload, 1);
|
1643 |
-
extract(unpack('Nlength', $this->_string_shift($payload)));
|
1644 |
-
$this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . utf8_decode($this->_string_shift($payload, $length));
|
1645 |
-
|
1646 |
-
if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) {
|
1647 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
|
1648 |
-
}
|
1649 |
-
|
1650 |
-
$payload = $this->_get_binary_packet();
|
1651 |
-
break;
|
1652 |
-
case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1
|
1653 |
-
$this->_string_shift($payload, 1);
|
1654 |
-
extract(unpack('N', $this->_string_shift($payload, 4)));
|
1655 |
-
$this->errors[] = 'SSH_MSG_CHANNEL_OPEN: ' . utf8_decode($this->_string_shift($payload, $length));
|
1656 |
-
|
1657 |
-
$this->_string_shift($payload, 4); // skip over client channel
|
1658 |
-
extract(unpack('Nserver_channel', $this->_string_shift($payload, 4)));
|
1659 |
-
|
1660 |
-
$packet = pack('CN3a*Na*',
|
1661 |
-
NET_SSH2_MSG_REQUEST_FAILURE, $server_channel, NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, 0, '', 0, '');
|
1662 |
-
|
1663 |
-
if (!$this->_send_binary_packet($packet)) {
|
1664 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
|
1665 |
-
}
|
1666 |
-
|
1667 |
-
$payload = $this->_get_binary_packet();
|
1668 |
-
break;
|
1669 |
-
case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST:
|
1670 |
-
$payload = $this->_get_binary_packet();
|
1671 |
-
}
|
1672 |
-
}
|
1673 |
-
|
1674 |
-
return $payload;
|
1675 |
-
}
|
1676 |
-
|
1677 |
-
/**
|
1678 |
-
* Gets channel data
|
1679 |
-
*
|
1680 |
-
* Returns the data as a string if it's available and false if not.
|
1681 |
-
*
|
1682 |
-
* @param $client_channel
|
1683 |
-
* @return Mixed
|
1684 |
-
* @access private
|
1685 |
-
*/
|
1686 |
-
function _get_channel_packet($client_channel)
|
1687 |
-
{
|
1688 |
-
if (!empty($this->channel_buffers[$client_channel])) {
|
1689 |
-
return array_shift($this->channel_buffers[$client_channel]);
|
1690 |
-
}
|
1691 |
-
|
1692 |
-
while (true) {
|
1693 |
-
$response = $this->_get_binary_packet();
|
1694 |
-
if ($response === false) {
|
1695 |
-
user_error('Connection closed by server', E_USER_NOTICE);
|
1696 |
-
return false;
|
1697 |
-
}
|
1698 |
-
|
1699 |
-
extract(unpack('Ctype/Nchannel', $this->_string_shift($response, 5)));
|
1700 |
-
|
1701 |
-
switch ($this->channel_status[$channel]) {
|
1702 |
-
case NET_SSH2_MSG_CHANNEL_OPEN:
|
1703 |
-
switch ($type) {
|
1704 |
-
case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION:
|
1705 |
-
extract(unpack('Nserver_channel', $this->_string_shift($response, 4)));
|
1706 |
-
$this->server_channels[$client_channel] = $server_channel;
|
1707 |
-
$this->_string_shift($response, 4); // skip over (server) window size
|
1708 |
-
$temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4));
|
1709 |
-
$this->packet_size_client_to_server[$client_channel] = $temp['packet_size_client_to_server'];
|
1710 |
-
return true;
|
1711 |
-
//case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE:
|
1712 |
-
default:
|
1713 |
-
user_error('Unable to open channel', E_USER_NOTICE);
|
1714 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
|
1715 |
-
}
|
1716 |
-
break;
|
1717 |
-
case NET_SSH2_MSG_CHANNEL_REQUEST:
|
1718 |
-
switch ($type) {
|
1719 |
-
case NET_SSH2_MSG_CHANNEL_SUCCESS:
|
1720 |
-
return true;
|
1721 |
-
//case NET_SSH2_MSG_CHANNEL_FAILURE:
|
1722 |
-
default:
|
1723 |
-
user_error('Unable to request pseudo-terminal', E_USER_NOTICE);
|
1724 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
|
1725 |
-
}
|
1726 |
-
|
1727 |
-
}
|
1728 |
-
|
1729 |
-
switch ($type) {
|
1730 |
-
case NET_SSH2_MSG_CHANNEL_DATA:
|
1731 |
-
if ($client_channel == NET_SSH2_CHANNEL_EXEC) {
|
1732 |
-
// SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server
|
1733 |
-
// this actually seems to make things twice as fast. more to the point, the message right after
|
1734 |
-
// SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise.
|
1735 |
-
// in OpenSSH it slows things down but only by a couple thousandths of a second.
|
1736 |
-
$this->_send_channel_packet($client_channel, chr(0));
|
1737 |
-
}
|
1738 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1739 |
-
$data = $this->_string_shift($response, $length);
|
1740 |
-
if ($client_channel == $channel) {
|
1741 |
-
return $data;
|
1742 |
-
}
|
1743 |
-
if (!isset($this->channel_buffers[$client_channel])) {
|
1744 |
-
$this->channel_buffers[$client_channel] = array();
|
1745 |
-
}
|
1746 |
-
$this->channel_buffers[$client_channel][] = $data;
|
1747 |
-
break;
|
1748 |
-
case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA:
|
1749 |
-
if ($client_channel == NET_SSH2_CHANNEL_EXEC) {
|
1750 |
-
$this->_send_channel_packet($client_channel, chr(0));
|
1751 |
-
}
|
1752 |
-
// currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
|
1753 |
-
extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8)));
|
1754 |
-
$data = $this->_string_shift($response, $length);
|
1755 |
-
if ($client_channel == $channel) {
|
1756 |
-
return $data;
|
1757 |
-
}
|
1758 |
-
if (!isset($this->channel_buffers[$client_channel])) {
|
1759 |
-
$this->channel_buffers[$client_channel] = array();
|
1760 |
-
}
|
1761 |
-
$this->channel_buffers[$client_channel][] = $data;
|
1762 |
-
break;
|
1763 |
-
case NET_SSH2_MSG_CHANNEL_REQUEST:
|
1764 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1765 |
-
$value = $this->_string_shift($response, $length);
|
1766 |
-
switch ($value) {
|
1767 |
-
case 'exit-signal':
|
1768 |
-
$this->_string_shift($response, 1);
|
1769 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1770 |
-
$this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length);
|
1771 |
-
$this->_string_shift($response, 1);
|
1772 |
-
extract(unpack('Nlength', $this->_string_shift($response, 4)));
|
1773 |
-
if ($length) {
|
1774 |
-
$this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length);
|
1775 |
-
}
|
1776 |
-
//case 'exit-status':
|
1777 |
-
default:
|
1778 |
-
// "Some systems may not implement signals, in which case they SHOULD ignore this message."
|
1779 |
-
// -- http://tools.ietf.org/html/rfc4254#section-6.9
|
1780 |
-
break;
|
1781 |
-
}
|
1782 |
-
break;
|
1783 |
-
case NET_SSH2_MSG_CHANNEL_CLOSE:
|
1784 |
-
$this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel]));
|
1785 |
-
return true;
|
1786 |
-
case NET_SSH2_MSG_CHANNEL_EOF:
|
1787 |
-
break;
|
1788 |
-
default:
|
1789 |
-
user_error('Error reading channel data', E_USER_NOTICE);
|
1790 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
|
1791 |
-
}
|
1792 |
-
}
|
1793 |
-
}
|
1794 |
-
|
1795 |
-
/**
|
1796 |
-
* Sends Binary Packets
|
1797 |
-
*
|
1798 |
-
* See '6. Binary Packet Protocol' of rfc4253 for more info.
|
1799 |
-
*
|
1800 |
-
* @param String $data
|
1801 |
-
* @see Net_SSH2::_get_binary_packet()
|
1802 |
-
* @return Boolean
|
1803 |
-
* @access private
|
1804 |
-
*/
|
1805 |
-
function _send_binary_packet($data)
|
1806 |
-
{
|
1807 |
-
if (feof($this->fsock)) {
|
1808 |
-
user_error('Connection closed prematurely', E_USER_NOTICE);
|
1809 |
-
return false;
|
1810 |
-
}
|
1811 |
-
|
1812 |
-
//if ($this->compress) {
|
1813 |
-
// // the -4 removes the checksum:
|
1814 |
-
// // http://php.net/function.gzcompress#57710
|
1815 |
-
// $data = substr(gzcompress($data), 0, -4);
|
1816 |
-
//}
|
1817 |
-
|
1818 |
-
// 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9
|
1819 |
-
$packet_length = strlen($data) + 9;
|
1820 |
-
// round up to the nearest $this->encrypt_block_size
|
1821 |
-
$packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size;
|
1822 |
-
// subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length
|
1823 |
-
$padding_length = $packet_length - strlen($data) - 5;
|
1824 |
-
|
1825 |
-
$padding = '';
|
1826 |
-
for ($i = 0; $i < $padding_length; $i++) {
|
1827 |
-
$padding.= chr(crypt_random(0, 255));
|
1828 |
-
}
|
1829 |
-
|
1830 |
-
// we subtract 4 from packet_length because the packet_length field isn't supposed to include itself
|
1831 |
-
$packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding);
|
1832 |
-
|
1833 |
-
$hmac = $this->hmac_create !== false ? $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)) : '';
|
1834 |
-
$this->send_seq_no++;
|
1835 |
-
|
1836 |
-
if ($this->encrypt !== false) {
|
1837 |
-
$packet = $this->encrypt->encrypt($packet);
|
1838 |
-
}
|
1839 |
-
|
1840 |
-
$packet.= $hmac;
|
1841 |
-
|
1842 |
-
$start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
|
1843 |
-
$result = strlen($packet) == fputs($this->fsock, $packet);
|
1844 |
-
$stop = strtok(microtime(), ' ') + strtok('');
|
1845 |
-
|
1846 |
-
if (defined('NET_SSH2_LOGGING')) {
|
1847 |
-
$temp = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN';
|
1848 |
-
$this->message_number_log[] = '-> ' . $temp .
|
1849 |
-
' (' . round($stop - $start, 4) . 's)';
|
1850 |
-
if (NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
|
1851 |
-
$this->message_log[] = substr($data, 1);
|
1852 |
-
}
|
1853 |
-
}
|
1854 |
-
|
1855 |
-
return $result;
|
1856 |
-
}
|
1857 |
-
|
1858 |
-
/**
|
1859 |
-
* Sends channel data
|
1860 |
-
*
|
1861 |
-
* Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate
|
1862 |
-
*
|
1863 |
-
* @param Integer $client_channel
|
1864 |
-
* @param String $data
|
1865 |
-
* @return Boolean
|
1866 |
-
* @access private
|
1867 |
-
*/
|
1868 |
-
function _send_channel_packet($client_channel, $data)
|
1869 |
-
{
|
1870 |
-
while (strlen($data) > $this->packet_size_client_to_server[$client_channel]) {
|
1871 |
-
// resize the window, if appropriate
|
1872 |
-
$this->window_size_client_to_server[$client_channel]-= $this->packet_size_client_to_server[$client_channel];
|
1873 |
-
if ($this->window_size_client_to_server[$client_channel] < 0) {
|
1874 |
-
$packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$client_channel], $this->window_size);
|
1875 |
-
if (!$this->_send_binary_packet($packet)) {
|
1876 |
-
return false;
|
1877 |
-
}
|
1878 |
-
$this->window_size_client_to_server[$client_channel]+= $this->window_size;
|
1879 |
-
}
|
1880 |
-
|
1881 |
-
$packet = pack('CN2a*',
|
1882 |
-
NET_SSH2_MSG_CHANNEL_DATA,
|
1883 |
-
$this->server_channels[$client_channel],
|
1884 |
-
$this->packet_size_client_to_server[$client_channel],
|
1885 |
-
$this->_string_shift($data, $this->packet_size_client_to_server[$client_channel])
|
1886 |
-
);
|
1887 |
-
|
1888 |
-
if (!$this->_send_binary_packet($packet)) {
|
1889 |
-
return false;
|
1890 |
-
}
|
1891 |
-
}
|
1892 |
-
|
1893 |
-
// resize the window, if appropriate
|
1894 |
-
$this->window_size_client_to_server[$client_channel]-= strlen($data);
|
1895 |
-
if ($this->window_size_client_to_server[$client_channel] < 0) {
|
1896 |
-
$packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$client_channel], $this->window_size);
|
1897 |
-
if (!$this->_send_binary_packet($packet)) {
|
1898 |
-
return false;
|
1899 |
-
}
|
1900 |
-
$this->window_size_client_to_server[$client_channel]+= $this->window_size;
|
1901 |
-
}
|
1902 |
-
|
1903 |
-
return $this->_send_binary_packet(pack('CN2a*',
|
1904 |
-
NET_SSH2_MSG_CHANNEL_DATA,
|
1905 |
-
$this->server_channels[$client_channel],
|
1906 |
-
strlen($data),
|
1907 |
-
$data));
|
1908 |
-
}
|
1909 |
-
|
1910 |
-
/**
|
1911 |
-
* Disconnect
|
1912 |
-
*
|
1913 |
-
* @param Integer $reason
|
1914 |
-
* @return Boolean
|
1915 |
-
* @access private
|
1916 |
-
*/
|
1917 |
-
function _disconnect($reason)
|
1918 |
-
{
|
1919 |
-
if ($this->bitmap) {
|
1920 |
-
$data = pack('CNNa*Na*', NET_SSH2_MSG_DISCONNECT, $reason, 0, '', 0, '');
|
1921 |
-
$this->_send_binary_packet($data);
|
1922 |
-
$this->bitmap = 0;
|
1923 |
-
fclose($this->fsock);
|
1924 |
-
return false;
|
1925 |
-
}
|
1926 |
-
}
|
1927 |
-
|
1928 |
-
/**
|
1929 |
-
* String Shift
|
1930 |
-
*
|
1931 |
-
* Inspired by array_shift
|
1932 |
-
*
|
1933 |
-
* @param String $string
|
1934 |
-
* @param optional Integer $index
|
1935 |
-
* @return String
|
1936 |
-
* @access private
|
1937 |
-
*/
|
1938 |
-
function _string_shift(&$string, $index = 1)
|
1939 |
-
{
|
1940 |
-
$substr = substr($string, 0, $index);
|
1941 |
-
$string = substr($string, $index);
|
1942 |
-
return $substr;
|
1943 |
-
}
|
1944 |
-
|
1945 |
-
/**
|
1946 |
-
* Define Array
|
1947 |
-
*
|
1948 |
-
* Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of
|
1949 |
-
* named constants from it, using the value as the name of the constant and the index as the value of the constant.
|
1950 |
-
* If any of the constants that would be defined already exists, none of the constants will be defined.
|
1951 |
-
*
|
1952 |
-
* @param Array $array
|
1953 |
-
* @access private
|
1954 |
-
*/
|
1955 |
-
function _define_array()
|
1956 |
-
{
|
1957 |
-
$args = func_get_args();
|
1958 |
-
foreach ($args as $arg) {
|
1959 |
-
foreach ($arg as $key=>$value) {
|
1960 |
-
if (!defined($value)) {
|
1961 |
-
define($value, $key);
|
1962 |
-
} else {
|
1963 |
-
break 2;
|
1964 |
-
}
|
1965 |
-
}
|
1966 |
-
}
|
1967 |
-
}
|
1968 |
-
|
1969 |
-
/**
|
1970 |
-
* Returns a log of the packets that have been sent and received.
|
1971 |
-
*
|
1972 |
-
* Returns a string if NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX, an array if NET_SSH2_LOGGING == NET_SSH2_LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING')
|
1973 |
-
*
|
1974 |
-
* @access public
|
1975 |
-
* @return String or Array
|
1976 |
-
*/
|
1977 |
-
function getLog()
|
1978 |
-
{
|
1979 |
-
if (!defined('NET_SSH2_LOGGING')) {
|
1980 |
-
return false;
|
1981 |
-
}
|
1982 |
-
|
1983 |
-
switch (NET_SSH2_LOGGING) {
|
1984 |
-
case NET_SSH2_LOG_SIMPLE:
|
1985 |
-
return $this->message_number_log;
|
1986 |
-
break;
|
1987 |
-
case NET_SSH2_LOG_COMPLEX:
|
1988 |
-
return $this->_format_log($this->message_log, $this->message_number_log);
|
1989 |
-
break;
|
1990 |
-
default:
|
1991 |
-
return false;
|
1992 |
-
}
|
1993 |
-
}
|
1994 |
-
|
1995 |
-
/**
|
1996 |
-
* Formats a log for printing
|
1997 |
-
*
|
1998 |
-
* @param Array $message_log
|
1999 |
-
* @param Array $message_number_log
|
2000 |
-
* @access private
|
2001 |
-
* @return String
|
2002 |
-
*/
|
2003 |
-
function _format_log($message_log, $message_number_log)
|
2004 |
-
{
|
2005 |
-
static $boundary = ':', $long_width = 65, $short_width = 16;
|
2006 |
-
|
2007 |
-
$output = '';
|
2008 |
-
for ($i = 0; $i < count($message_log); $i++) {
|
2009 |
-
$output.= $message_number_log[$i] . "\r\n";
|
2010 |
-
$current_log = $message_log[$i];
|
2011 |
-
$j = 0;
|
2012 |
-
do {
|
2013 |
-
if (!empty($current_log)) {
|
2014 |
-
$output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 ';
|
2015 |
-
}
|
2016 |
-
$fragment = $this->_string_shift($current_log, $short_width);
|
2017 |
-
$hex = substr(
|
2018 |
-
preg_replace(
|
2019 |
-
'#(.)#es',
|
2020 |
-
'"' . $boundary . '" . str_pad(dechex(ord(substr("\\1", -1))), 2, "0", STR_PAD_LEFT)',
|
2021 |
-
$fragment),
|
2022 |
-
strlen($boundary)
|
2023 |
-
);
|
2024 |
-
// replace non ASCII printable characters with dots
|
2025 |
-
// http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters
|
2026 |
-
// also replace < with a . since < messes up the output on web browsers
|
2027 |
-
$raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment);
|
2028 |
-
$output.= str_pad($hex, $long_width - $short_width, ' ') . $raw . "\r\n";
|
2029 |
-
$j++;
|
2030 |
-
} while (!empty($current_log));
|
2031 |
-
$output.= "\r\n";
|
2032 |
-
}
|
2033 |
-
|
2034 |
-
return $output;
|
2035 |
-
}
|
2036 |
-
|
2037 |
-
/**
|
2038 |
-
* Returns all errors
|
2039 |
-
*
|
2040 |
-
* @return String
|
2041 |
-
* @access public
|
2042 |
-
*/
|
2043 |
-
function getErrors()
|
2044 |
-
{
|
2045 |
-
return $this->errors;
|
2046 |
-
}
|
2047 |
-
|
2048 |
-
/**
|
2049 |
-
* Returns the last error
|
2050 |
-
*
|
2051 |
-
* @return String
|
2052 |
-
* @access public
|
2053 |
-
*/
|
2054 |
-
function getLastError()
|
2055 |
-
{
|
2056 |
-
return $this->errors[count($this->errors) - 1];
|
2057 |
-
}
|
2058 |
-
|
2059 |
-
/**
|
2060 |
-
* Return the server identification.
|
2061 |
-
*
|
2062 |
-
* @return String
|
2063 |
-
* @access public
|
2064 |
-
*/
|
2065 |
-
function getServerIdentification()
|
2066 |
-
{
|
2067 |
-
return $this->server_identifier;
|
2068 |
-
}
|
2069 |
-
|
2070 |
-
/**
|
2071 |
-
* Return a list of the key exchange algorithms the server supports.
|
2072 |
-
*
|
2073 |
-
* @return Array
|
2074 |
-
* @access public
|
2075 |
-
*/
|
2076 |
-
function getKexAlgorithms()
|
2077 |
-
{
|
2078 |
-
return $this->kex_algorithms;
|
2079 |
-
}
|
2080 |
-
|
2081 |
-
/**
|
2082 |
-
* Return a list of the host key (public key) algorithms the server supports.
|
2083 |
-
*
|
2084 |
-
* @return Array
|
2085 |
-
* @access public
|
2086 |
-
*/
|
2087 |
-
function getServerHostKeyAlgorithms()
|
2088 |
-
{
|
2089 |
-
return $this->server_host_key_algorithms;
|
2090 |
-
}
|
2091 |
-
|
2092 |
-
/**
|
2093 |
-
* Return a list of the (symmetric key) encryption algorithms the server supports, when receiving stuff from the client.
|
2094 |
-
*
|
2095 |
-
* @return Array
|
2096 |
-
* @access public
|
2097 |
-
*/
|
2098 |
-
function getEncryptionAlgorithmsClient2Server()
|
2099 |
-
{
|
2100 |
-
return $this->encryption_algorithms_client_to_server;
|
2101 |
-
}
|
2102 |
-
|
2103 |
-
/**
|
2104 |
-
* Return a list of the (symmetric key) encryption algorithms the server supports, when sending stuff to the client.
|
2105 |
-
*
|
2106 |
-
* @return Array
|
2107 |
-
* @access public
|
2108 |
-
*/
|
2109 |
-
function getEncryptionAlgorithmsServer2Client()
|
2110 |
-
{
|
2111 |
-
return $this->encryption_algorithms_server_to_client;
|
2112 |
-
}
|
2113 |
-
|
2114 |
-
/**
|
2115 |
-
* Return a list of the MAC algorithms the server supports, when receiving stuff from the client.
|
2116 |
-
*
|
2117 |
-
* @return Array
|
2118 |
-
* @access public
|
2119 |
-
*/
|
2120 |
-
function getMACAlgorithmsClient2Server()
|
2121 |
-
{
|
2122 |
-
return $this->mac_algorithms_client_to_server;
|
2123 |
-
}
|
2124 |
-
|
2125 |
-
/**
|
2126 |
-
* Return a list of the MAC algorithms the server supports, when sending stuff to the client.
|
2127 |
-
*
|
2128 |
-
* @return Array
|
2129 |
-
* @access public
|
2130 |
-
*/
|
2131 |
-
function getMACAlgorithmsServer2Client()
|
2132 |
-
{
|
2133 |
-
return $this->mac_algorithms_server_to_client;
|
2134 |
-
}
|
2135 |
-
|
2136 |
-
/**
|
2137 |
-
* Return a list of the compression algorithms the server supports, when receiving stuff from the client.
|
2138 |
-
*
|
2139 |
-
* @return Array
|
2140 |
-
* @access public
|
2141 |
-
*/
|
2142 |
-
function getCompressionAlgorithmsClient2Server()
|
2143 |
-
{
|
2144 |
-
return $this->compression_algorithms_client_to_server;
|
2145 |
-
}
|
2146 |
-
|
2147 |
-
/**
|
2148 |
-
* Return a list of the compression algorithms the server supports, when sending stuff to the client.
|
2149 |
-
*
|
2150 |
-
* @return Array
|
2151 |
-
* @access public
|
2152 |
-
*/
|
2153 |
-
function getCompressionAlgorithmsServer2Client()
|
2154 |
-
{
|
2155 |
-
return $this->compression_algorithms_server_to_client;
|
2156 |
-
}
|
2157 |
-
|
2158 |
-
/**
|
2159 |
-
* Return a list of the languages the server supports, when sending stuff to the client.
|
2160 |
-
*
|
2161 |
-
* @return Array
|
2162 |
-
* @access public
|
2163 |
-
*/
|
2164 |
-
function getLanguagesServer2Client()
|
2165 |
-
{
|
2166 |
-
return $this->languages_server_to_client;
|
2167 |
-
}
|
2168 |
-
|
2169 |
-
/**
|
2170 |
-
* Return a list of the languages the server supports, when receiving stuff from the client.
|
2171 |
-
*
|
2172 |
-
* @return Array
|
2173 |
-
* @access public
|
2174 |
-
*/
|
2175 |
-
function getLanguagesClient2Server()
|
2176 |
-
{
|
2177 |
-
return $this->languages_client_to_server;
|
2178 |
-
}
|
2179 |
-
|
2180 |
-
/**
|
2181 |
-
* Returns the server public host key.
|
2182 |
-
*
|
2183 |
-
* Caching this the first time you connect to a server and checking the result on subsequent connections
|
2184 |
-
* is recommended. Returns false if the server signature is not signed correctly with the public host key.
|
2185 |
-
*
|
2186 |
-
* @return Mixed
|
2187 |
-
* @access public
|
2188 |
-
*/
|
2189 |
-
function getServerPublicHostKey()
|
2190 |
-
{
|
2191 |
-
$signature = $this->signature;
|
2192 |
-
$server_public_host_key = $this->server_public_host_key;
|
2193 |
-
|
2194 |
-
extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4)));
|
2195 |
-
$this->_string_shift($server_public_host_key, $length);
|
2196 |
-
|
2197 |
-
switch ($this->signature_format) {
|
2198 |
-
case 'ssh-dss':
|
2199 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
2200 |
-
$p = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
2201 |
-
|
2202 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
2203 |
-
$q = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
2204 |
-
|
2205 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
2206 |
-
$g = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
2207 |
-
|
2208 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
2209 |
-
$y = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
2210 |
-
|
2211 |
-
/* The value for 'dss_signature_blob' is encoded as a string containing
|
2212 |
-
r, followed by s (which are 160-bit integers, without lengths or
|
2213 |
-
padding, unsigned, and in network byte order). */
|
2214 |
-
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
2215 |
-
if ($temp['length'] != 40) {
|
2216 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
2217 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
2218 |
-
}
|
2219 |
-
|
2220 |
-
$r = new Math_BigInteger($this->_string_shift($signature, 20), 256);
|
2221 |
-
$s = new Math_BigInteger($this->_string_shift($signature, 20), 256);
|
2222 |
-
|
2223 |
-
if ($r->compare($q) >= 0 || $s->compare($q) >= 0) {
|
2224 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
2225 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
2226 |
-
}
|
2227 |
-
|
2228 |
-
$w = $s->modInverse($q);
|
2229 |
-
|
2230 |
-
$u1 = $w->multiply(new Math_BigInteger(sha1($this->session_id), 16));
|
2231 |
-
list(, $u1) = $u1->divide($q);
|
2232 |
-
|
2233 |
-
$u2 = $w->multiply($r);
|
2234 |
-
list(, $u2) = $u2->divide($q);
|
2235 |
-
|
2236 |
-
$g = $g->modPow($u1, $p);
|
2237 |
-
$y = $y->modPow($u2, $p);
|
2238 |
-
|
2239 |
-
$v = $g->multiply($y);
|
2240 |
-
list(, $v) = $v->divide($p);
|
2241 |
-
list(, $v) = $v->divide($q);
|
2242 |
-
|
2243 |
-
if (!$v->equals($r)) {
|
2244 |
-
user_error('Bad server signature', E_USER_NOTICE);
|
2245 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
|
2246 |
-
}
|
2247 |
-
|
2248 |
-
break;
|
2249 |
-
case 'ssh-rsa':
|
2250 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
2251 |
-
$e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
2252 |
-
|
2253 |
-
$temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
|
2254 |
-
$n = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
|
2255 |
-
$nLength = $temp['length'];
|
2256 |
-
|
2257 |
-
/*
|
2258 |
-
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
2259 |
-
$signature = $this->_string_shift($signature, $temp['length']);
|
2260 |
-
|
2261 |
-
if (!class_exists('Crypt_RSA')) {
|
2262 |
-
require_once('Crypt/RSA.php');
|
2263 |
-
}
|
2264 |
-
|
2265 |
-
$rsa = new Crypt_RSA();
|
2266 |
-
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
|
2267 |
-
$rsa->loadKey(array('e' => $e, 'n' => $n), CRYPT_RSA_PUBLIC_FORMAT_RAW);
|
2268 |
-
if (!$rsa->verify($this->session_id, $signature)) {
|
2269 |
-
user_error('Bad server signature', E_USER_NOTICE);
|
2270 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
|
2271 |
-
}
|
2272 |
-
*/
|
2273 |
-
|
2274 |
-
$temp = unpack('Nlength', $this->_string_shift($signature, 4));
|
2275 |
-
$s = new Math_BigInteger($this->_string_shift($signature, $temp['length']), 256);
|
2276 |
-
|
2277 |
-
// validate an RSA signature per "8.2 RSASSA-PKCS1-v1_5", "5.2.2 RSAVP1", and "9.1 EMSA-PSS" in the
|
2278 |
-
// following URL:
|
2279 |
-
// ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
|
2280 |
-
|
2281 |
-
// also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source.
|
2282 |
-
|
2283 |
-
if ($s->compare(new Math_BigInteger()) < 0 || $s->compare($n->subtract(new Math_BigInteger(1))) > 0) {
|
2284 |
-
user_error('Invalid signature', E_USER_NOTICE);
|
2285 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
|
2286 |
-
}
|
2287 |
-
|
2288 |
-
$s = $s->modPow($e, $n);
|
2289 |
-
$s = $s->toBytes();
|
2290 |
-
|
2291 |
-
$h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->session_id));
|
2292 |
-
$h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 3 - strlen($h)) . $h;
|
2293 |
-
|
2294 |
-
if ($s != $h) {
|
2295 |
-
user_error('Bad server signature', E_USER_NOTICE);
|
2296 |
-
return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
|
2297 |
-
}
|
2298 |
-
}
|
2299 |
-
|
2300 |
-
return $this->server_public_host_key;
|
2301 |
-
}
|
2302 |
-
}
|
1 |
+
<?php
|
2 |
+
/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
|
3 |
+
|
4 |
+
/**
|
5 |
+
* Pure-PHP implementation of SSHv2.
|
6 |
+
*
|
7 |
+
* PHP versions 4 and 5
|
8 |
+
*
|
9 |
+
* Here are some examples of how to use this library:
|
10 |
+
* <code>
|
11 |
+
* <?php
|
12 |
+
* include('Net/SSH2.php');
|
13 |
+
*
|
14 |
+
* $ssh = new Net_SSH2('www.domain.tld');
|
15 |
+
* if (!$ssh->login('username', 'password')) {
|
16 |
+
* exit('Login Failed');
|
17 |
+
* }
|
18 |
+
*
|
19 |
+
* echo $ssh->exec('pwd');
|
20 |
+
* echo $ssh->exec('ls -la');
|
21 |
+
* ?>
|
22 |
+
* </code>
|
23 |
+
*
|
24 |
+
* <code>
|
25 |
+
* <?php
|
26 |
+
* include('Crypt/RSA.php');
|
27 |
+
* include('Net/SSH2.php');
|
28 |
+
*
|
29 |
+
* $key = new Crypt_RSA();
|
30 |
+
* //$key->setPassword('whatever');
|
31 |
+
* $key->loadKey(file_get_contents('privatekey'));
|
32 |
+
*
|
33 |
+
* $ssh = new Net_SSH2('www.domain.tld');
|
34 |
+
* if (!$ssh->login('username', $key)) {
|
35 |
+
* exit('Login Failed');
|
36 |
+
* }
|
37 |
+
*
|
38 |
+
* echo $ssh->exec('pwd');
|
39 |
+
* echo $ssh->exec('ls -la');
|
40 |
+
* ?>
|
41 |
+
* </code>
|
42 |
+
*
|
43 |
+
* LICENSE: This library is free software; you can redistribute it and/or
|
44 |
+
* modify it under the terms of the GNU Lesser General Public
|
45 |
+
* License as published by the Free Software Foundation; either
|
46 |
+
* version 2.1 of the License, or (at your option) any later version.
|
47 |
+
*
|
48 |
+
* This library is distributed in the hope that it will be useful,
|
49 |
+
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
50 |
+
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
51 |
+
* Lesser General Public License for more details.
|
52 |
+
*
|
53 |
+
* You should have received a copy of the GNU Lesser General Public
|
54 |
+
* License along with this library; if not, write to the Free Software
|
55 |
+
* Foundation, Inc., 59 Temple Place, Suite 330, Boston,
|
56 |
+
* MA 02111-1307 USA
|
57 |
+
*
|
58 |
+
* @category Net
|
59 |
+
* @package Net_SSH2
|
60 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
61 |
+
* @copyright MMVII Jim Wigginton
|
62 |
+
* @license http://www.gnu.org/licenses/lgpl.txt
|
63 |
+
* @version $Id: SSH2.php,v 1.46 2010/04/27 21:29:36 terrafrost Exp $
|
64 |
+
* @link http://phpseclib.sourceforge.net
|
65 |
+
*/
|
66 |
+
|
67 |
+
/**
|
68 |
+
* Include Math_BigInteger
|
69 |
+
*
|
70 |
+
* Used to do Diffie-Hellman key exchange and DSA/RSA signature verification.
|
71 |
+
*/
|
72 |
+
require_once('phpseclib/Math/BigInteger.php');
|
73 |
+
|
74 |
+
/**
|
75 |
+
* Include Crypt_Random
|
76 |
+
*/
|
77 |
+
require_once('phpseclib/Crypt/Random.php');
|
78 |
+
|
79 |
+
/**
|
80 |
+
* Include Crypt_Hash
|
81 |
+
*/
|
82 |
+
require_once('phpseclib/Crypt/Hash.php');
|
83 |
+
|
84 |
+
/**
|
85 |
+
* Include Crypt_TripleDES
|
86 |
+
*/
|
87 |
+
require_once('phpseclib/Crypt/TripleDES.php');
|
88 |
+
|
89 |
+
/**
|
90 |
+
* Include Crypt_RC4
|
91 |
+
*/
|
92 |
+
require_once('phpseclib/Crypt/RC4.php');
|
93 |
+
|
94 |
+
/**
|
95 |
+
* Include Crypt_AES
|
96 |
+
*/
|
97 |
+
require_once('phpseclib/Crypt/AES.php');
|
98 |
+
|
99 |
+
/**#@+
|
100 |
+
* Execution Bitmap Masks
|
101 |
+
*
|
102 |
+
* @see Net_SSH2::bitmap
|
103 |
+
* @access private
|
104 |
+
*/
|
105 |
+
define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001);
|
106 |
+
define('NET_SSH2_MASK_LOGIN', 0x00000002);
|
107 |
+
/**#@-*/
|
108 |
+
|
109 |
+
/**#@+
|
110 |
+
* Channel constants
|
111 |
+
*
|
112 |
+
* RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer
|
113 |
+
* to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with
|
114 |
+
* a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a
|
115 |
+
* recepient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel
|
116 |
+
* would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snipet:
|
117 |
+
* The 'recipient channel' is the channel number given in the original
|
118 |
+
* open request, and 'sender channel' is the channel number allocated by
|
119 |
+
* the other side.
|
120 |
+
*
|
121 |
+
* @see Net_SSH2::_send_channel_packet()
|
122 |
+
* @see Net_SSH2::_get_channel_packet()
|
123 |
+
* @access private
|
124 |
+
*/
|
125 |
+
define('NET_SSH2_CHANNEL_EXEC', 0); // PuTTy uses 0x100
|
126 |
+
/**#@-*/
|
127 |
+
|
128 |
+
/**#@+
|
129 |
+
* @access public
|
130 |
+
* @see Net_SSH2::getLog()
|
131 |
+
*/
|
132 |
+
/**
|
133 |
+
* Returns the message numbers
|
134 |
+
*/
|
135 |
+
define('NET_SSH2_LOG_SIMPLE', 1);
|
136 |
+
/**
|
137 |
+
* Returns the message content
|
138 |
+
*/
|
139 |
+
define('NET_SSH2_LOG_COMPLEX', 2);
|
140 |
+
/**#@-*/
|
141 |
+
|
142 |
+
/**
|
143 |
+
* Pure-PHP implementation of SSHv2.
|
144 |
+
*
|
145 |
+
* @author Jim Wigginton <terrafrost@php.net>
|
146 |
+
* @version 0.1.0
|
147 |
+
* @access public
|
148 |
+
* @package Net_SSH2
|
149 |
+
*/
|
150 |
+
class Net_SSH2 {
|
151 |
+
/**
|
152 |
+
* The SSH identifier
|
153 |
+
*
|
154 |
+
* @var String
|
155 |
+
* @access private
|
156 |
+
*/
|
157 |
+
var $identifier = 'SSH-2.0-phpseclib_0.2';
|
158 |
+
|
159 |
+
/**
|
160 |
+
* The Socket Object
|
161 |
+
*
|
162 |
+
* @var Object
|
163 |
+
* @access private
|
164 |
+
*/
|
165 |
+
var $fsock;
|
166 |
+
|
167 |
+
/**
|
168 |
+
* Execution Bitmap
|
169 |
+
*
|
170 |
+
* The bits that are set reprsent functions that have been called already. This is used to determine
|
171 |
+
* if a requisite function has been successfully executed. If not, an error should be thrown.
|
172 |
+
*
|
173 |
+
* @var Integer
|
174 |
+
* @access private
|
175 |
+
*/
|
176 |
+
var $bitmap = 0;
|
177 |
+
|
178 |
+
/**
|
179 |
+
* Error information
|
180 |
+
*
|
181 |
+
* @see Net_SSH2::getErrors()
|
182 |
+
* @see Net_SSH2::getLastError()
|
183 |
+
* @var String
|
184 |
+
* @access private
|
185 |
+
*/
|
186 |
+
var $errors = array();
|
187 |
+
|
188 |
+
/**
|
189 |
+
* Server Identifier
|
190 |
+
*
|
191 |
+
* @see Net_SSH2::getServerIdentification()
|
192 |
+
* @var String
|
193 |
+
* @access private
|
194 |
+
*/
|
195 |
+
var $server_identifier = '';
|
196 |
+
|
197 |
+
/**
|
198 |
+
* Key Exchange Algorithms
|
199 |
+
*
|
200 |
+
* @see Net_SSH2::getKexAlgorithims()
|
201 |
+
* @var Array
|
202 |
+
* @access private
|
203 |
+
*/
|
204 |
+
var $kex_algorithms;
|
205 |
+
|
206 |
+
/**
|
207 |
+
* Server Host Key Algorithms
|
208 |
+
*
|
209 |
+
* @see Net_SSH2::getServerHostKeyAlgorithms()
|
210 |
+
* @var Array
|
211 |
+
* @access private
|
212 |
+
*/
|
213 |
+
var $server_host_key_algorithms;
|
214 |
+
|
215 |
+
/**
|
216 |
+
* Encryption Algorithms: Client to Server
|
217 |
+
*
|
218 |
+
* @see Net_SSH2::getEncryptionAlgorithmsClient2Server()
|
219 |
+
* @var Array
|
220 |
+
* @access private
|
221 |
+
*/
|
222 |
+
var $encryption_algorithms_client_to_server;
|
223 |
+
|
224 |
+
/**
|
225 |
+
* Encryption Algorithms: Server to Client
|
226 |
+
*
|
227 |
+
* @see Net_SSH2::getEncryptionAlgorithmsServer2Client()
|
228 |
+
* @var Array
|
229 |
+
* @access private
|
230 |
+
*/
|
231 |
+
var $encryption_algorithms_server_to_client;
|
232 |
+
|
233 |
+
/**
|
234 |
+
* MAC Algorithms: Client to Server
|
235 |
+
*
|
236 |
+
* @see Net_SSH2::getMACAlgorithmsClient2Server()
|
237 |
+
* @var Array
|
238 |
+
* @access private
|
239 |
+
*/
|
240 |
+
var $mac_algorithms_client_to_server;
|
241 |
+
|
242 |
+
/**
|
243 |
+
* MAC Algorithms: Server to Client
|
244 |
+
*
|
245 |
+
* @see Net_SSH2::getMACAlgorithmsServer2Client()
|
246 |
+
* @var Array
|
247 |
+
* @access private
|
248 |
+
*/
|
249 |
+
var $mac_algorithms_server_to_client;
|
250 |
+
|
251 |
+
/**
|
252 |
+
* Compression Algorithms: Client to Server
|
253 |
+
*
|
254 |
+
* @see Net_SSH2::getCompressionAlgorithmsClient2Server()
|
255 |
+
* @var Array
|
256 |
+
* @access private
|
257 |
+
*/
|
258 |
+
var $compression_algorithms_client_to_server;
|
259 |
+
|
260 |
+
/**
|
261 |
+
* Compression Algorithms: Server to Client
|
262 |
+
*
|
263 |
+
* @see Net_SSH2::getCompressionAlgorithmsServer2Client()
|
264 |
+
* @var Array
|
265 |
+
* @access private
|
266 |
+
*/
|
267 |
+
var $compression_algorithms_server_to_client;
|
268 |
+
|
269 |
+
/**
|
270 |
+
* Languages: Server to Client
|
271 |
+
*
|
272 |
+
* @see Net_SSH2::getLanguagesServer2Client()
|
273 |
+
* @var Array
|
274 |
+
* @access private
|
275 |
+
*/
|
276 |
+
var $languages_server_to_client;
|
277 |
+
|
278 |
+
/**
|
279 |
+
* Languages: Client to Server
|
280 |
+
*
|
281 |
+
* @see Net_SSH2::getLanguagesClient2Server()
|
282 |
+
* @var Array
|
283 |
+
* @access private
|
284 |
+
*/
|
285 |
+
var $languages_client_to_server;
|
286 |
+
|
287 |
+
/**
|
288 |
+
* Block Size for Server to Client Encryption
|
289 |
+
*
|
290 |
+
* "Note that the length of the concatenation of 'packet_length',
|
291 |
+
* 'padding_length', 'payload', and 'random padding' MUST be a multiple
|
292 |
+
* of the cipher block size or 8, whichever is larger. This constraint
|
293 |
+
* MUST be enforced, even when using stream ciphers."
|
294 |
+
*
|
295 |
+
* -- http://tools.ietf.org/html/rfc4253#section-6
|
296 |
+
*
|
297 |
+
* @see Net_SSH2::Net_SSH2()
|
298 |
+
* @see Net_SSH2::_send_binary_packet()
|
299 |
+
* @var Integer
|
300 |
+
* @access private
|
301 |
+
*/
|
302 |
+
var $encrypt_block_size = 8;
|
303 |
+
|
304 |
+
/**
|
305 |
+
* Block Size for Client to Server Encryption
|
306 |
+
*
|
307 |
+
* @see Net_SSH2::Net_SSH2()
|
308 |
+
* @see Net_SSH2::_get_binary_packet()
|
309 |
+
* @var Integer
|
310 |
+
* @access private
|
311 |
+
*/
|
312 |
+
var $decrypt_block_size = 8;
|
313 |
+
|
314 |
+
/**
|
315 |
+
* Server to Client Encryption Object
|
316 |
+
*
|
317 |
+
* @see Net_SSH2::_get_binary_packet()
|
318 |
+
* @var Object
|
319 |
+
* @access private
|
320 |
+
*/
|
321 |
+
var $decrypt = false;
|
322 |
+
|
323 |
+
/**
|
324 |
+
* Client to Server Encryption Object
|
325 |
+
*
|
326 |
+
* @see Net_SSH2::_send_binary_packet()
|
327 |
+
* @var Object
|
328 |
+
* @access private
|
329 |
+
*/
|
330 |
+
var $encrypt = false;
|
331 |
+
|
332 |
+
/**
|
333 |
+
* Client to Server HMAC Object
|
334 |
+
*
|
335 |
+
* @see Net_SSH2::_send_binary_packet()
|
336 |
+
* @var Object
|
337 |
+
* @access private
|
338 |
+
*/
|
339 |
+
var $hmac_create = false;
|
340 |
+
|
341 |
+
/**
|
342 |
+
* Server to Client HMAC Object
|
343 |
+
*
|
344 |
+
* @see Net_SSH2::_get_binary_packet()
|
345 |
+
* @var Object
|
346 |
+
* @access private
|
347 |
+
*/
|
348 |
+
var $hmac_check = false;
|
349 |
+
|
350 |
+
/**
|
351 |
+
* Size of server to client HMAC
|
352 |
+
*
|
353 |
+
* We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read.
|
354 |
+
* For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is
|
355 |
+
* append it.
|
356 |
+
*
|
357 |
+
* @see Net_SSH2::_get_binary_packet()
|
358 |
+
* @var Integer
|
359 |
+
* @access private
|
360 |
+
*/
|
361 |
+
var $hmac_size = false;
|
362 |
+
|
363 |
+
/**
|
364 |
+
* Server Public Host Key
|
365 |
+
*
|
366 |
+
* @see Net_SSH2::getServerPublicHostKey()
|
367 |
+
* @var String
|
368 |
+
* @access private
|
369 |
+
*/
|
370 |
+
var $server_public_host_key;
|
371 |
+
|
372 |
+
/**
|
373 |
+
* Session identifer
|
374 |
+
*
|
375 |
+
* "The exchange hash H from the first key exchange is additionally
|
376 |
+
* used as the session identifier, which is a unique identifier for
|
377 |
+
* this connection."
|
378 |
+
*
|
379 |
+
* -- http://tools.ietf.org/html/rfc4253#section-7.2
|
380 |
+
*
|
381 |
+
* @see Net_SSH2::_key_exchange()
|
382 |
+
* @var String
|
383 |
+
* @access private
|
384 |
+
*/
|
385 |
+
var $session_id = false;
|
386 |
+
|
387 |
+
/**
|
388 |
+
* Message Numbers
|
389 |
+
*
|
390 |
+
* @see Net_SSH2::Net_SSH2()
|
391 |
+
* @var Array
|
392 |
+
* @access private
|
393 |
+
*/
|
394 |
+
var $message_numbers = array();
|
395 |
+
|
396 |
+
/**
|
397 |
+
* Disconnection Message 'reason codes' defined in RFC4253
|
398 |
+
*
|
399 |
+
* @see Net_SSH2::Net_SSH2()
|
400 |
+
* @var Array
|
401 |
+
* @access private
|
402 |
+
*/
|
403 |
+
var $disconnect_reasons = array();
|
404 |
+
|
405 |
+
/**
|
406 |
+
* SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254
|
407 |
+
*
|
408 |
+
* @see Net_SSH2::Net_SSH2()
|
409 |
+
* @var Array
|
410 |
+
* @access private
|
411 |
+
*/
|
412 |
+
var $channel_open_failure_reasons = array();
|
413 |
+
|
414 |
+
/**
|
415 |
+
* Terminal Modes
|
416 |
+
*
|
417 |
+
* @link http://tools.ietf.org/html/rfc4254#section-8
|
418 |
+
* @see Net_SSH2::Net_SSH2()
|
419 |
+
* @var Array
|
420 |
+
* @access private
|
421 |
+
*/
|
422 |
+
var $terminal_modes = array();
|
423 |
+
|
424 |
+
/**
|
425 |
+
* SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes
|
426 |
+
*
|
427 |
+
* @link http://tools.ietf.org/html/rfc4254#section-5.2
|
428 |
+
* @see Net_SSH2::Net_SSH2()
|
429 |
+
* @var Array
|
430 |
+
* @access private
|
431 |
+
*/
|
432 |
+
var $channel_extended_data_type_codes = array();
|
433 |
+
|
434 |
+
/**
|
435 |
+
* Send Sequence Number
|
436 |
+
*
|
437 |
+
* See 'Section 6.4. Data Integrity' of rfc4253 for more info.
|
438 |
+
*
|
439 |
+
* @see Net_SSH2::_send_binary_packet()
|
440 |
+
* @var Integer
|
441 |
+
* @access private
|
442 |
+
*/
|
443 |
+
var $send_seq_no = 0;
|
444 |
+
|
445 |
+
/**
|
446 |
+
* Get Sequence Number
|
447 |
+
*
|
448 |
+
* See 'Section 6.4. Data Integrity' of rfc4253 for more info.
|
449 |
+
*
|
450 |
+
* @see Net_SSH2::_get_binary_packet()
|
451 |
+
* @var Integer
|
452 |
+
* @access private
|
453 |
+
*/
|
454 |
+
var $get_seq_no = 0;
|
455 |
+
|
456 |
+
/**
|
457 |
+
* Server Channels
|
458 |
+
*
|
459 |
+
* Maps client channels to server channels
|
460 |
+
*
|
461 |
+
* @see Net_SSH2::_get_channel_packet()
|
462 |
+
* @see Net_SSH2::exec()
|
463 |
+
* @var Array
|
464 |
+
* @access private
|
465 |
+
*/
|
466 |
+
var $server_channels = array();
|
467 |
+
|
468 |
+
/**
|
469 |
+
* Channel Buffers
|
470 |
+
*
|
471 |
+
* If a client requests a packet from one channel but receives two packets from another those packets should
|
472 |
+
* be placed in a buffer
|
473 |
+
*
|
474 |
+
* @see Net_SSH2::_get_channel_packet()
|
475 |
+
* @see Net_SSH2::exec()
|
476 |
+
* @var Array
|
477 |
+
* @access private
|
478 |
+
*/
|
479 |
+
var $channel_buffers = array();
|
480 |
+
|
481 |
+
/**
|
482 |
+
* Channel Status
|
483 |
+
*
|
484 |
+
* Contains the type of the last sent message
|
485 |
+
*
|
486 |
+
* @see Net_SSH2::_get_channel_packet()
|
487 |
+
* @var Array
|
488 |
+
* @access private
|
489 |
+
*/
|
490 |
+
var $channel_status = array();
|
491 |
+
|
492 |
+
/**
|
493 |
+
* Packet Size
|
494 |
+
*
|
495 |
+
* Maximum packet size indexed by channel
|
496 |
+
*
|
497 |
+
* @see Net_SSH2::_send_channel_packet()
|
498 |
+
* @var Array
|
499 |
+
* @access private
|
500 |
+
*/
|
501 |
+
var $packet_size_client_to_server = array();
|
502 |
+
|
503 |
+
/**
|
504 |
+
* Message Number Log
|
505 |
+
*
|
506 |
+
* @see Net_SSH2::getLog()
|
507 |
+
* @var Array
|
508 |
+
* @access private
|
509 |
+
*/
|
510 |
+
var $message_number_log = array();
|
511 |
+
|
512 |
+
/**
|
513 |
+
* Message Log
|
514 |
+
*
|
515 |
+
* @see Net_SSH2::getLog()
|
516 |
+
* @var Array
|
517 |
+
* @access private
|
518 |
+
*/
|
519 |
+
var $message_log = array();
|
520 |
+
|
521 |
+
/**
|
522 |
+
* The Window Size
|
523 |
+
*
|
524 |
+
* Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 4GB)
|
525 |
+
*
|
526 |
+
* @var Integer
|
527 |
+
* @see Net_SSH2::_send_channel_packet()
|
528 |
+
* @see Net_SSH2::exec()
|
529 |
+
* @access private
|
530 |
+
*/
|
531 |
+
var $window_size = 0x7FFFFFFF;
|
532 |
+
|
533 |
+
/**
|
534 |
+
* Window size
|
535 |
+
*
|
536 |
+
* Window size indexed by channel
|
537 |
+
*
|
538 |
+
* @see Net_SSH2::_send_channel_packet()
|
539 |
+
* @var Array
|
540 |
+
* @access private
|
541 |
+
*/
|
542 |
+
var $window_size_client_to_server = array();
|
543 |
+
|
544 |
+
/**
|
545 |
+
* Server signature
|
546 |
+
*
|
547 |
+
* Verified against $this->session_id
|
548 |
+
*
|
549 |
+
* @see Net_SSH2::getServerPublicHostKey()
|
550 |
+
* @var String
|
551 |
+
* @access private
|
552 |
+
*/
|
553 |
+
var $signature = '';
|
554 |
+
|
555 |
+
/**
|
556 |
+
* Server signature format
|
557 |
+
*
|
558 |
+
* ssh-rsa or ssh-dss.
|
559 |
+
*
|
560 |
+
* @see Net_SSH2::getServerPublicHostKey()
|
561 |
+
* @var String
|
562 |
+
* @access private
|
563 |
+
*/
|
564 |
+
var $signature_format = '';
|
565 |
+
|
566 |
+
/**
|
567 |
+
* Default Constructor.
|
568 |
+
*
|
569 |
+
* Connects to an SSHv2 server
|
570 |
+
*
|
571 |
+
* @param String $host
|
572 |
+
* @param optional Integer $port
|
573 |
+
* @param optional Integer $timeout
|
574 |
+
* @return Net_SSH2
|
575 |
+
* @access public
|
576 |
+
*/
|
577 |
+
function Net_SSH2($host, $port = 22, $timeout = 10)
|
578 |
+
{
|
579 |
+
$this->message_numbers = array(
|
580 |
+
1 => 'NET_SSH2_MSG_DISCONNECT',
|
581 |
+
2 => 'NET_SSH2_MSG_IGNORE',
|
582 |
+
3 => 'NET_SSH2_MSG_UNIMPLEMENTED',
|
583 |
+
4 => 'NET_SSH2_MSG_DEBUG',
|
584 |
+
5 => 'NET_SSH2_MSG_SERVICE_REQUEST',
|
585 |
+
6 => 'NET_SSH2_MSG_SERVICE_ACCEPT',
|
586 |
+
20 => 'NET_SSH2_MSG_KEXINIT',
|
587 |
+
21 => 'NET_SSH2_MSG_NEWKEYS',
|
588 |
+
30 => 'NET_SSH2_MSG_KEXDH_INIT',
|
589 |
+
31 => 'NET_SSH2_MSG_KEXDH_REPLY',
|
590 |
+
50 => 'NET_SSH2_MSG_USERAUTH_REQUEST',
|
591 |
+
51 => 'NET_SSH2_MSG_USERAUTH_FAILURE',
|
592 |
+
52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS',
|
593 |
+
53 => 'NET_SSH2_MSG_USERAUTH_BANNER',
|
594 |
+
|
595 |
+
80 => 'NET_SSH2_MSG_GLOBAL_REQUEST',
|
596 |
+
81 => 'NET_SSH2_MSG_REQUEST_SUCCESS',
|
597 |
+
82 => 'NET_SSH2_MSG_REQUEST_FAILURE',
|
598 |
+
90 => 'NET_SSH2_MSG_CHANNEL_OPEN',
|
599 |
+
91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION',
|
600 |
+
92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE',
|
601 |
+
93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST',
|
602 |
+
94 => 'NET_SSH2_MSG_CHANNEL_DATA',
|
603 |
+
95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA',
|
604 |
+
96 => 'NET_SSH2_MSG_CHANNEL_EOF',
|
605 |
+
97 => 'NET_SSH2_MSG_CHANNEL_CLOSE',
|
606 |
+
98 => 'NET_SSH2_MSG_CHANNEL_REQUEST',
|
607 |
+
99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS',
|
608 |
+
100 => 'NET_SSH2_MSG_CHANNEL_FAILURE'
|
609 |
+
);
|
610 |
+
$this->disconnect_reasons = array(
|
611 |
+
1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT',
|
612 |
+
2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR',
|
613 |
+
3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED',
|
614 |
+
4 => 'NET_SSH2_DISCONNECT_RESERVED',
|
615 |
+
5 => 'NET_SSH2_DISCONNECT_MAC_ERROR',
|
616 |
+
6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR',
|
617 |
+
7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE',
|
618 |
+
8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED',
|
619 |
+
9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE',
|
620 |
+
10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST',
|
621 |
+
11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION',
|
622 |
+
12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS',
|
623 |
+
13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER',
|
624 |
+
14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE',
|
625 |
+
15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME'
|
626 |
+
);
|
627 |
+
$this->channel_open_failure_reasons = array(
|
628 |
+
1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED'
|
629 |
+
);
|
630 |
+
$this->terminal_modes = array(
|
631 |
+
0 => 'NET_SSH2_TTY_OP_END'
|
632 |
+
);
|
633 |
+
$this->channel_extended_data_type_codes = array(
|
634 |
+
1 => 'NET_SSH2_EXTENDED_DATA_STDERR'
|
635 |
+
);
|
636 |
+
|
637 |
+
$this->_define_array(
|
638 |
+
$this->message_numbers,
|
639 |
+
$this->disconnect_reasons,
|
640 |
+
$this->channel_open_failure_reasons,
|
641 |
+
$this->terminal_modes,
|
642 |
+
$this->channel_extended_data_type_codes,
|
643 |
+
array(60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'),
|
644 |
+
array(60 => 'NET_SSH2_MSG_USERAUTH_PK_OK')
|
645 |
+
);
|
646 |
+
|
647 |
+
$this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
|
648 |
+
if (!$this->fsock) {
|
649 |
+
user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"), E_USER_NOTICE);
|
650 |
+
return;
|
651 |
+
}
|
652 |
+
|
653 |
+
/* According to the SSH2 specs,
|
654 |
+
|
655 |
+
"The server MAY send other lines of data before sending the version
|
656 |
+
string. Each line SHOULD be terminated by a Carriage Return and Line
|
657 |
+
Feed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|