UpdraftPlus WordPress Backup Plugin - Version 0.7.4

Version Description

  • 05/21/2012 =
  • Removed CloudFront method; I have no way of testing this
  • Backup all tables found in the database that have this site's table prefix
  • If encryption fails, then abort (don't revert to not encrypting)
  • Added ability to decrypt encrypted database backups
  • Added ability to opt out of backing up each file group
  • Now adds database character set, the lack of which before made database backups unusable without modifications
  • Version number bump to make sure that this is an improvement on the original Updraft, and is now tried and tested
Download this release

Release Info

Developer DavidAnderson
Plugin Icon 128x128 UpdraftPlus WordPress Backup Plugin
Version 0.7.4
Comparing to
See all releases

Version 0.7.4

example-decrypt.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /*
4
+
5
+ To dump the decrypted file using the given key on stdout, call:
6
+
7
+ rijndael_decrypt_file( '../path/to/file.crypt' , 'mykey' );
8
+
9
+ Thus, here are the easy instructions:
10
+
11
+ 1) Add a line like the above into this PHP file (not inside these comments, but outside)
12
+ e.g.
13
+ rijndael_decrypt_file( '/home/myself/myfile.crypt' , 'MYKEY' );
14
+
15
+ 2) Run this file (and make sure that includes/Rijndael.php is available, if you are moving this file around)
16
+ e.g.
17
+ php /home/myself/example-decrypt.php >output.sql.gz
18
+
19
+ 3) You may then want to gunzip the resulting file to have a standard SQL file.
20
+ e.g.
21
+ gunzip output.sql.gz
22
+
23
+ */
24
+
25
+ function rijndael_decrypt_file($file, $key) {
26
+
27
+ require_once(dirname(__FILE__).'/includes/Rijndael.php');
28
+
29
+ $rijndael = new Crypt_Rijndael();
30
+ $rijndael->setKey($key);
31
+ $in_handle = fopen($file,'r');
32
+ $ciphertext = "";
33
+ while (!feof ($in_handle)) {
34
+ $ciphertext .= fread($in_handle, 16384);
35
+ }
36
+ fclose ($in_handle);
37
+ print $rijndael->decrypt($ciphertext);
38
+
39
+ }
40
+
41
+ ?>
includes/Rijndael.php ADDED
@@ -0,0 +1,1424 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
3
+
4
+ /**
5
+ * Pure-PHP implementation of Rijndael.
6
+ *
7
+ * Does not use mcrypt, even when available, for reasons that are explained below.
8
+ *
9
+ * PHP versions 4 and 5
10
+ *
11
+ * If {@link Crypt_Rijndael::setBlockLength() setBlockLength()} isn't called, it'll be assumed to be 128 bits. If
12
+ * {@link Crypt_Rijndael::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
13
+ * {@link Crypt_Rijndael::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's
14
+ * 136-bits it'll be null-padded to 160-bits and 160 bits will be the key length until
15
+ * {@link Crypt_Rijndael::setKey() setKey()} is called, again, at which point, it'll be recalculated.
16
+ *
17
+ * Not all Rijndael implementations may support 160-bits or 224-bits as the block length / key length. mcrypt, for example,
18
+ * does not. AES, itself, only supports block lengths of 128 and key lengths of 128, 192, and 256.
19
+ * {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=10 Rijndael-ammended.pdf#page=10} defines the
20
+ * algorithm for block lengths of 192 and 256 but not for block lengths / key lengths of 160 and 224. Indeed, 160 and 224
21
+ * are first defined as valid key / block lengths in
22
+ * {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=44 Rijndael-ammended.pdf#page=44}:
23
+ * Extensions: Other block and Cipher Key lengths.
24
+ *
25
+ * {@internal The variable names are the same as those in
26
+ * {@link http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf#page=10 fips-197.pdf#page=10}.}}
27
+ *
28
+ * Here's a short example of how to use this library:
29
+ * <code>
30
+ * <?php
31
+ * include('Crypt/Rijndael.php');
32
+ *
33
+ * $rijndael = new Crypt_Rijndael();
34
+ *
35
+ * $rijndael->setKey('abcdefghijklmnop');
36
+ *
37
+ * $size = 10 * 1024;
38
+ * $plaintext = '';
39
+ * for ($i = 0; $i < $size; $i++) {
40
+ * $plaintext.= 'a';
41
+ * }
42
+ *
43
+ * echo $rijndael->decrypt($rijndael->encrypt($plaintext));
44
+ * ?>
45
+ * </code>
46
+ *
47
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
48
+ * of this software and associated documentation files (the "Software"), to deal
49
+ * in the Software without restriction, including without limitation the rights
50
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
51
+ * copies of the Software, and to permit persons to whom the Software is
52
+ * furnished to do so, subject to the following conditions:
53
+ *
54
+ * The above copyright notice and this permission notice shall be included in
55
+ * all copies or substantial portions of the Software.
56
+ *
57
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
58
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
59
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
60
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
61
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
62
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
63
+ * THE SOFTWARE.
64
+ *
65
+ * @category Crypt
66
+ * @package Crypt_Rijndael
67
+ * @author Jim Wigginton <terrafrost@php.net>
68
+ * @copyright MMVIII Jim Wigginton
69
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
70
+ * @version $Id: Rijndael.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
71
+ * @link http://phpseclib.sourceforge.net
72
+ */
73
+
74
+ /**#@+
75
+ * @access public
76
+ * @see Crypt_Rijndael::encrypt()
77
+ * @see Crypt_Rijndael::decrypt()
78
+ */
79
+ /**
80
+ * Encrypt / decrypt using the Counter mode.
81
+ *
82
+ * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
83
+ *
84
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
85
+ */
86
+ define('CRYPT_RIJNDAEL_MODE_CTR', -1);
87
+ /**
88
+ * Encrypt / decrypt using the Electronic Code Book mode.
89
+ *
90
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
91
+ */
92
+ define('CRYPT_RIJNDAEL_MODE_ECB', 1);
93
+ /**
94
+ * Encrypt / decrypt using the Code Book Chaining mode.
95
+ *
96
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
97
+ */
98
+ define('CRYPT_RIJNDAEL_MODE_CBC', 2);
99
+ /**
100
+ * Encrypt / decrypt using the Cipher Feedback mode.
101
+ *
102
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
103
+ */
104
+ define('CRYPT_RIJNDAEL_MODE_CFB', 3);
105
+ /**
106
+ * Encrypt / decrypt using the Cipher Feedback mode.
107
+ *
108
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
109
+ */
110
+ define('CRYPT_RIJNDAEL_MODE_OFB', 4);
111
+ /**#@-*/
112
+
113
+ /**#@+
114
+ * @access private
115
+ * @see Crypt_Rijndael::Crypt_Rijndael()
116
+ */
117
+ /**
118
+ * Toggles the internal implementation
119
+ */
120
+ define('CRYPT_RIJNDAEL_MODE_INTERNAL', 1);
121
+ /**
122
+ * Toggles the mcrypt implementation
123
+ */
124
+ define('CRYPT_RIJNDAEL_MODE_MCRYPT', 2);
125
+ /**#@-*/
126
+
127
+ /**
128
+ * Pure-PHP implementation of Rijndael.
129
+ *
130
+ * @author Jim Wigginton <terrafrost@php.net>
131
+ * @version 0.1.0
132
+ * @access public
133
+ * @package Crypt_Rijndael
134
+ */
135
+ class Crypt_Rijndael {
136
+ /**
137
+ * The Encryption Mode
138
+ *
139
+ * @see Crypt_Rijndael::Crypt_Rijndael()
140
+ * @var Integer
141
+ * @access private
142
+ */
143
+ var $mode;
144
+
145
+ /**
146
+ * The Key
147
+ *
148
+ * @see Crypt_Rijndael::setKey()
149
+ * @var String
150
+ * @access private
151
+ */
152
+ var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
153
+
154
+ /**
155
+ * The Initialization Vector
156
+ *
157
+ * @see Crypt_Rijndael::setIV()
158
+ * @var String
159
+ * @access private
160
+ */
161
+ var $iv = '';
162
+
163
+ /**
164
+ * A "sliding" Initialization Vector
165
+ *
166
+ * @see Crypt_Rijndael::enableContinuousBuffer()
167
+ * @var String
168
+ * @access private
169
+ */
170
+ var $encryptIV = '';
171
+
172
+ /**
173
+ * A "sliding" Initialization Vector
174
+ *
175
+ * @see Crypt_Rijndael::enableContinuousBuffer()
176
+ * @var String
177
+ * @access private
178
+ */
179
+ var $decryptIV = '';
180
+
181
+ /**
182
+ * Continuous Buffer status
183
+ *
184
+ * @see Crypt_Rijndael::enableContinuousBuffer()
185
+ * @var Boolean
186
+ * @access private
187
+ */
188
+ var $continuousBuffer = false;
189
+
190
+ /**
191
+ * Padding status
192
+ *
193
+ * @see Crypt_Rijndael::enablePadding()
194
+ * @var Boolean
195
+ * @access private
196
+ */
197
+ var $padding = true;
198
+
199
+ /**
200
+ * Does the key schedule need to be (re)calculated?
201
+ *
202
+ * @see setKey()
203
+ * @see setBlockLength()
204
+ * @see setKeyLength()
205
+ * @var Boolean
206
+ * @access private
207
+ */
208
+ var $changed = true;
209
+
210
+ /**
211
+ * Has the key length explicitly been set or should it be derived from the key, itself?
212
+ *
213
+ * @see setKeyLength()
214
+ * @var Boolean
215
+ * @access private
216
+ */
217
+ var $explicit_key_length = false;
218
+
219
+ /**
220
+ * The Key Schedule
221
+ *
222
+ * @see _setup()
223
+ * @var Array
224
+ * @access private
225
+ */
226
+ var $w;
227
+
228
+ /**
229
+ * The Inverse Key Schedule
230
+ *
231
+ * @see _setup()
232
+ * @var Array
233
+ * @access private
234
+ */
235
+ var $dw;
236
+
237
+ /**
238
+ * The Block Length
239
+ *
240
+ * @see setBlockLength()
241
+ * @var Integer
242
+ * @access private
243
+ * @internal The max value is 32, the min value is 16. All valid values are multiples of 4. Exists in conjunction with
244
+ * $Nb because we need this value and not $Nb to pad strings appropriately.
245
+ */
246
+ var $block_size = 16;
247
+
248
+ /**
249
+ * The Block Length divided by 32
250
+ *
251
+ * @see setBlockLength()
252
+ * @var Integer
253
+ * @access private
254
+ * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size
255
+ * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could
256
+ * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
257
+ * of that, we'll just precompute it once.
258
+ *
259
+ */
260
+ var $Nb = 4;
261
+
262
+ /**
263
+ * The Key Length
264
+ *
265
+ * @see setKeyLength()
266
+ * @var Integer
267
+ * @access private
268
+ * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $key_size
269
+ * because the encryption / decryption / key schedule creation requires this number and not $key_size. We could
270
+ * derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
271
+ * of that, we'll just precompute it once.
272
+ */
273
+ var $key_size = 16;
274
+
275
+ /**
276
+ * The Key Length divided by 32
277
+ *
278
+ * @see setKeyLength()
279
+ * @var Integer
280
+ * @access private
281
+ * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4
282
+ */
283
+ var $Nk = 4;
284
+
285
+ /**
286
+ * The Number of Rounds
287
+ *
288
+ * @var Integer
289
+ * @access private
290
+ * @internal The max value is 14, the min value is 10.
291
+ */
292
+ var $Nr;
293
+
294
+ /**
295
+ * Shift offsets
296
+ *
297
+ * @var Array
298
+ * @access private
299
+ */
300
+ var $c;
301
+
302
+ /**
303
+ * Precomputed mixColumns table
304
+ *
305
+ * @see Crypt_Rijndael()
306
+ * @var Array
307
+ * @access private
308
+ */
309
+ var $t0;
310
+
311
+ /**
312
+ * Precomputed mixColumns table
313
+ *
314
+ * @see Crypt_Rijndael()
315
+ * @var Array
316
+ * @access private
317
+ */
318
+ var $t1;
319
+
320
+ /**
321
+ * Precomputed mixColumns table
322
+ *
323
+ * @see Crypt_Rijndael()
324
+ * @var Array
325
+ * @access private
326
+ */
327
+ var $t2;
328
+
329
+ /**
330
+ * Precomputed mixColumns table
331
+ *
332
+ * @see Crypt_Rijndael()
333
+ * @var Array
334
+ * @access private
335
+ */
336
+ var $t3;
337
+
338
+ /**
339
+ * Precomputed invMixColumns table
340
+ *
341
+ * @see Crypt_Rijndael()
342
+ * @var Array
343
+ * @access private
344
+ */
345
+ var $dt0;
346
+
347
+ /**
348
+ * Precomputed invMixColumns table
349
+ *
350
+ * @see Crypt_Rijndael()
351
+ * @var Array
352
+ * @access private
353
+ */
354
+ var $dt1;
355
+
356
+ /**
357
+ * Precomputed invMixColumns table
358
+ *
359
+ * @see Crypt_Rijndael()
360
+ * @var Array
361
+ * @access private
362
+ */
363
+ var $dt2;
364
+
365
+ /**
366
+ * Precomputed invMixColumns table
367
+ *
368
+ * @see Crypt_Rijndael()
369
+ * @var Array
370
+ * @access private
371
+ */
372
+ var $dt3;
373
+
374
+ /**
375
+ * Is the mode one that is paddable?
376
+ *
377
+ * @see Crypt_Rijndael::Crypt_Rijndael()
378
+ * @var Boolean
379
+ * @access private
380
+ */
381
+ var $paddable = false;
382
+
383
+ /**
384
+ * Encryption buffer for CTR, OFB and CFB modes
385
+ *
386
+ * @see Crypt_Rijndael::encrypt()
387
+ * @var String
388
+ * @access private
389
+ */
390
+ var $enbuffer = array('encrypted' => '', 'xor' => '');
391
+
392
+ /**
393
+ * Decryption buffer for CTR, OFB and CFB modes
394
+ *
395
+ * @see Crypt_Rijndael::decrypt()
396
+ * @var String
397
+ * @access private
398
+ */
399
+ var $debuffer = array('ciphertext' => '');
400
+
401
+ /**
402
+ * Default Constructor.
403
+ *
404
+ * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
405
+ * CRYPT_RIJNDAEL_MODE_ECB or CRYPT_RIJNDAEL_MODE_CBC. If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used.
406
+ *
407
+ * @param optional Integer $mode
408
+ * @return Crypt_Rijndael
409
+ * @access public
410
+ */
411
+ function Crypt_Rijndael($mode = CRYPT_RIJNDAEL_MODE_CBC)
412
+ {
413
+ switch ($mode) {
414
+ case CRYPT_RIJNDAEL_MODE_ECB:
415
+ case CRYPT_RIJNDAEL_MODE_CBC:
416
+ $this->paddable = true;
417
+ $this->mode = $mode;
418
+ break;
419
+ case CRYPT_RIJNDAEL_MODE_CTR:
420
+ case CRYPT_RIJNDAEL_MODE_CFB:
421
+ case CRYPT_RIJNDAEL_MODE_OFB:
422
+ $this->mode = $mode;
423
+ break;
424
+ default:
425
+ $this->paddable = true;
426
+ $this->mode = CRYPT_RIJNDAEL_MODE_CBC;
427
+ }
428
+
429
+ $t3 = &$this->t3;
430
+ $t2 = &$this->t2;
431
+ $t1 = &$this->t1;
432
+ $t0 = &$this->t0;
433
+
434
+ $dt3 = &$this->dt3;
435
+ $dt2 = &$this->dt2;
436
+ $dt1 = &$this->dt1;
437
+ $dt0 = &$this->dt0;
438
+
439
+ // according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=19> (section 5.2.1),
440
+ // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so
441
+ // those are the names we'll use.
442
+ $t3 = array(
443
+ 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491,
444
+ 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC,
445
+ 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB,
446
+ 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B,
447
+ 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83,
448
+ 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A,
449
+ 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F,
450
+ 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA,
451
+ 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B,
452
+ 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713,
453
+ 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6,
454
+ 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85,
455
+ 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411,
456
+ 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B,
457
+ 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1,
458
+ 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF,
459
+ 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E,
460
+ 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6,
461
+ 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B,
462
+ 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD,
463
+ 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8,
464
+ 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2,
465
+ 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049,
466
+ 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810,
467
+ 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197,
468
+ 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F,
469
+ 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C,
470
+ 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927,
471
+ 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733,
472
+ 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5,
473
+ 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0,
474
+ 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C
475
+ );
476
+
477
+ $dt3 = array(
478
+ 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B,
479
+ 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5,
480
+ 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B,
481
+ 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E,
482
+ 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D,
483
+ 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9,
484
+ 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66,
485
+ 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED,
486
+ 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4,
487
+ 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD,
488
+ 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60,
489
+ 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79,
490
+ 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C,
491
+ 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24,
492
+ 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C,
493
+ 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814,
494
+ 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B,
495
+ 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084,
496
+ 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077,
497
+ 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22,
498
+ 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F,
499
+ 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582,
500
+ 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB,
501
+ 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF,
502
+ 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035,
503
+ 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17,
504
+ 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46,
505
+ 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D,
506
+ 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A,
507
+ 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678,
508
+ 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF,
509
+ 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0
510
+ );
511
+
512
+ for ($i = 0; $i < 256; $i++) {
513
+ $t2[$i << 8] = (($t3[$i] << 8) & 0xFFFFFF00) | (($t3[$i] >> 24) & 0x000000FF);
514
+ $t1[$i << 16] = (($t3[$i] << 16) & 0xFFFF0000) | (($t3[$i] >> 16) & 0x0000FFFF);
515
+ $t0[$i << 24] = (($t3[$i] << 24) & 0xFF000000) | (($t3[$i] >> 8) & 0x00FFFFFF);
516
+
517
+ $dt2[$i << 8] = (($this->dt3[$i] << 8) & 0xFFFFFF00) | (($dt3[$i] >> 24) & 0x000000FF);
518
+ $dt1[$i << 16] = (($this->dt3[$i] << 16) & 0xFFFF0000) | (($dt3[$i] >> 16) & 0x0000FFFF);
519
+ $dt0[$i << 24] = (($this->dt3[$i] << 24) & 0xFF000000) | (($dt3[$i] >> 8) & 0x00FFFFFF);
520
+ }
521
+ }
522
+
523
+ /**
524
+ * Sets the key.
525
+ *
526
+ * Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and
527
+ * whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length
528
+ * up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the
529
+ * excess bits.
530
+ *
531
+ * If the key is not explicitly set, it'll be assumed to be all null bytes.
532
+ *
533
+ * @access public
534
+ * @param String $key
535
+ */
536
+ function setKey($key)
537
+ {
538
+ $this->key = $key;
539
+ $this->changed = true;
540
+ }
541
+
542
+ /**
543
+ * Sets the initialization vector. (optional)
544
+ *
545
+ * SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed
546
+ * to be all zero's.
547
+ *
548
+ * @access public
549
+ * @param String $iv
550
+ */
551
+ function setIV($iv)
552
+ {
553
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, $this->block_size), $this->block_size, chr(0));;
554
+ }
555
+
556
+ /**
557
+ * Sets the key length
558
+ *
559
+ * Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
560
+ * 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
561
+ *
562
+ * @access public
563
+ * @param Integer $length
564
+ */
565
+ function setKeyLength($length)
566
+ {
567
+ $length >>= 5;
568
+ if ($length > 8) {
569
+ $length = 8;
570
+ } else if ($length < 4) {
571
+ $length = 4;
572
+ }
573
+ $this->Nk = $length;
574
+ $this->key_size = $length << 2;
575
+
576
+ $this->explicit_key_length = true;
577
+ $this->changed = true;
578
+ }
579
+
580
+ /**
581
+ * Sets the block length
582
+ *
583
+ * Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
584
+ * 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
585
+ *
586
+ * @access public
587
+ * @param Integer $length
588
+ */
589
+ function setBlockLength($length)
590
+ {
591
+ $length >>= 5;
592
+ if ($length > 8) {
593
+ $length = 8;
594
+ } else if ($length < 4) {
595
+ $length = 4;
596
+ }
597
+ $this->Nb = $length;
598
+ $this->block_size = $length << 2;
599
+ $this->changed = true;
600
+ }
601
+
602
+ /**
603
+ * Generate CTR XOR encryption key
604
+ *
605
+ * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
606
+ * plaintext / ciphertext in CTR mode.
607
+ *
608
+ * @see Crypt_Rijndael::decrypt()
609
+ * @see Crypt_Rijndael::encrypt()
610
+ * @access public
611
+ * @param Integer $length
612
+ * @param String $iv
613
+ */
614
+ function _generate_xor($length, &$iv)
615
+ {
616
+ $xor = '';
617
+ $block_size = $this->block_size;
618
+ $num_blocks = floor(($length + ($block_size - 1)) / $block_size);
619
+ for ($i = 0; $i < $num_blocks; $i++) {
620
+ $xor.= $iv;
621
+ for ($j = 4; $j <= $block_size; $j+=4) {
622
+ $temp = substr($iv, -$j, 4);
623
+ switch ($temp) {
624
+ case "\xFF\xFF\xFF\xFF":
625
+ $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
626
+ break;
627
+ case "\x7F\xFF\xFF\xFF":
628
+ $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
629
+ break 2;
630
+ default:
631
+ extract(unpack('Ncount', $temp));
632
+ $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
633
+ break 2;
634
+ }
635
+ }
636
+ }
637
+
638
+ return $xor;
639
+ }
640
+
641
+ /**
642
+ * Encrypts a message.
643
+ *
644
+ * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other Rjindael
645
+ * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's
646
+ * necessary are discussed in the following
647
+ * URL:
648
+ *
649
+ * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
650
+ *
651
+ * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
652
+ * strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
653
+ * length.
654
+ *
655
+ * @see Crypt_Rijndael::decrypt()
656
+ * @access public
657
+ * @param String $plaintext
658
+ */
659
+ function encrypt($plaintext)
660
+ {
661
+ $this->_setup();
662
+ if ($this->paddable) {
663
+ $plaintext = $this->_pad($plaintext);
664
+ }
665
+
666
+ $block_size = $this->block_size;
667
+ $buffer = &$this->enbuffer;
668
+ $continuousBuffer = $this->continuousBuffer;
669
+ $ciphertext = '';
670
+ switch ($this->mode) {
671
+ case CRYPT_RIJNDAEL_MODE_ECB:
672
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
673
+ $ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size));
674
+ }
675
+ break;
676
+ case CRYPT_RIJNDAEL_MODE_CBC:
677
+ $xor = $this->encryptIV;
678
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
679
+ $block = substr($plaintext, $i, $block_size);
680
+ $block = $this->_encryptBlock($block ^ $xor);
681
+ $xor = $block;
682
+ $ciphertext.= $block;
683
+ }
684
+ if ($this->continuousBuffer) {
685
+ $this->encryptIV = $xor;
686
+ }
687
+ break;
688
+ case CRYPT_RIJNDAEL_MODE_CTR:
689
+ $xor = $this->encryptIV;
690
+ if (!empty($buffer)) {
691
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
692
+ $block = substr($plaintext, $i, $block_size);
693
+ $buffer.= $this->_encryptBlock($this->_generate_xor($block_size, $xor));
694
+ $key = $this->_string_shift($buffer, $block_size);
695
+ $ciphertext.= $block ^ $key;
696
+ }
697
+ } else {
698
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
699
+ $block = substr($plaintext, $i, $block_size);
700
+ $key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
701
+ $ciphertext.= $block ^ $key;
702
+ }
703
+ }
704
+ if ($this->continuousBuffer) {
705
+ $this->encryptIV = $xor;
706
+ if ($start = strlen($plaintext) % $block_size) {
707
+ $buffer = substr($key, $start) . $buffer;
708
+ }
709
+ }
710
+ break;
711
+ case CRYPT_RIJNDAEL_MODE_CFB:
712
+ if (!empty($buffer['xor'])) {
713
+ $ciphertext = $plaintext ^ $buffer['xor'];
714
+ $iv = $buffer['encrypted'] . $ciphertext;
715
+ $start = strlen($ciphertext);
716
+ $buffer['encrypted'].= $ciphertext;
717
+ $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext));
718
+ } else {
719
+ $ciphertext = '';
720
+ $iv = $this->encryptIV;
721
+ $start = 0;
722
+ }
723
+
724
+ for ($i = $start; $i < strlen($plaintext); $i+=$block_size) {
725
+ $block = substr($plaintext, $i, $block_size);
726
+ $xor = $this->_encryptBlock($iv);
727
+ $iv = $block ^ $xor;
728
+ if ($continuousBuffer && strlen($iv) != $block_size) {
729
+ $buffer = array(
730
+ 'encrypted' => $iv,
731
+ 'xor' => substr($xor, strlen($iv))
732
+ );
733
+ }
734
+ $ciphertext.= $iv;
735
+ }
736
+
737
+ if ($this->continuousBuffer) {
738
+ $this->encryptIV = $iv;
739
+ }
740
+ break;
741
+ case CRYPT_RIJNDAEL_MODE_OFB:
742
+ $xor = $this->encryptIV;
743
+ if (strlen($buffer)) {
744
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
745
+ $xor = $this->_encryptBlock($xor);
746
+ $buffer.= $xor;
747
+ $key = $this->_string_shift($buffer, $block_size);
748
+ $ciphertext.= substr($plaintext, $i, $block_size) ^ $key;
749
+ }
750
+ } else {
751
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
752
+ $xor = $this->_encryptBlock($xor);
753
+ $ciphertext.= substr($plaintext, $i, $block_size) ^ $xor;
754
+ }
755
+ $key = $xor;
756
+ }
757
+ if ($this->continuousBuffer) {
758
+ $this->encryptIV = $xor;
759
+ if ($start = strlen($plaintext) % $block_size) {
760
+ $buffer = substr($key, $start) . $buffer;
761
+ }
762
+ }
763
+ }
764
+
765
+ return $ciphertext;
766
+ }
767
+
768
+ /**
769
+ * Decrypts a message.
770
+ *
771
+ * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until
772
+ * it is.
773
+ *
774
+ * @see Crypt_Rijndael::encrypt()
775
+ * @access public
776
+ * @param String $ciphertext
777
+ */
778
+ function decrypt($ciphertext)
779
+ {
780
+ $this->_setup();
781
+
782
+ if ($this->paddable) {
783
+ // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
784
+ // "The data is padded with "\0" to make sure the length of the data is n * blocksize."
785
+ $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($this->block_size - strlen($ciphertext) % $this->block_size) % $this->block_size, chr(0));
786
+ }
787
+
788
+ $block_size = $this->block_size;
789
+ $buffer = &$this->debuffer;
790
+ $continuousBuffer = $this->continuousBuffer;
791
+ $plaintext = '';
792
+ switch ($this->mode) {
793
+ case CRYPT_RIJNDAEL_MODE_ECB:
794
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
795
+ $plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size));
796
+ }
797
+ break;
798
+ case CRYPT_RIJNDAEL_MODE_CBC:
799
+ $xor = $this->decryptIV;
800
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
801
+ $block = substr($ciphertext, $i, $block_size);
802
+ $plaintext.= $this->_decryptBlock($block) ^ $xor;
803
+ $xor = $block;
804
+ }
805
+ if ($this->continuousBuffer) {
806
+ $this->decryptIV = $xor;
807
+ }
808
+ break;
809
+ case CRYPT_RIJNDAEL_MODE_CTR:
810
+ $xor = $this->decryptIV;
811
+ if (strlen($buffer)) {
812
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
813
+ $block = substr($ciphertext, $i, $block_size);
814
+ $buffer.= $this->_encryptBlock($this->_generate_xor($block_size, $xor));
815
+ $key = $this->_string_shift($buffer, $block_size);
816
+ $plaintext.= $block ^ $key;
817
+ }
818
+ } else {
819
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
820
+ $block = substr($ciphertext, $i, $block_size);
821
+ $key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
822
+ $plaintext.= $block ^ $key;
823
+ }
824
+ }
825
+ if ($this->continuousBuffer) {
826
+ $this->decryptIV = $xor;
827
+ if ($start = strlen($ciphertext) % $block_size) {
828
+ $buffer = substr($key, $start) . $buffer;
829
+ }
830
+ }
831
+ break;
832
+ case CRYPT_RIJNDAEL_MODE_CFB:
833
+ if (!empty($buffer['ciphertext'])) {
834
+ $plaintext = $ciphertext ^ substr($this->decryptIV, strlen($buffer['ciphertext']));
835
+ $buffer['ciphertext'].= substr($ciphertext, 0, strlen($plaintext));
836
+ if (strlen($buffer['ciphertext']) == $block_size) {
837
+ $xor = $this->_encryptBlock($buffer['ciphertext']);
838
+ $buffer['ciphertext'] = '';
839
+ }
840
+ $start = strlen($plaintext);
841
+ $block = $this->decryptIV;
842
+ } else {
843
+ $plaintext = '';
844
+ $xor = $this->_encryptBlock($this->decryptIV);
845
+ $start = 0;
846
+ }
847
+
848
+ for ($i = $start; $i < strlen($ciphertext); $i+=$block_size) {
849
+ $block = substr($ciphertext, $i, $block_size);
850
+ $plaintext.= $block ^ $xor;
851
+ if ($continuousBuffer && strlen($block) != $block_size) {
852
+ $buffer['ciphertext'].= $block;
853
+ $block = $xor;
854
+ } else if (strlen($block) == $block_size) {
855
+ $xor = $this->_encryptBlock($block);
856
+ }
857
+ }
858
+ if ($this->continuousBuffer) {
859
+ $this->decryptIV = $block;
860
+ }
861
+ break;
862
+ case CRYPT_RIJNDAEL_MODE_OFB:
863
+ $xor = $this->decryptIV;
864
+ if (strlen($buffer)) {
865
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
866
+ $xor = $this->_encryptBlock($xor);
867
+ $buffer.= $xor;
868
+ $key = $this->_string_shift($buffer, $block_size);
869
+ $plaintext.= substr($ciphertext, $i, $block_size) ^ $key;
870
+ }
871
+ } else {
872
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
873
+ $xor = $this->_encryptBlock($xor);
874
+ $plaintext.= substr($ciphertext, $i, $block_size) ^ $xor;
875
+ }
876
+ $key = $xor;
877
+ }
878
+ if ($this->continuousBuffer) {
879
+ $this->decryptIV = $xor;
880
+ if ($start = strlen($ciphertext) % $block_size) {
881
+ $buffer = substr($key, $start) . $buffer;
882
+ }
883
+ }
884
+ }
885
+
886
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
887
+ }
888
+
889
+ /**
890
+ * Encrypts a block
891
+ *
892
+ * @access private
893
+ * @param String $in
894
+ * @return String
895
+ */
896
+ function _encryptBlock($in)
897
+ {
898
+ $state = array();
899
+ $words = unpack('N*word', $in);
900
+
901
+ $w = $this->w;
902
+ $t0 = $this->t0;
903
+ $t1 = $this->t1;
904
+ $t2 = $this->t2;
905
+ $t3 = $this->t3;
906
+ $Nb = $this->Nb;
907
+ $Nr = $this->Nr;
908
+ $c = $this->c;
909
+
910
+ // addRoundKey
911
+ $i = 0;
912
+ foreach ($words as $word) {
913
+ $state[] = $word ^ $w[0][$i++];
914
+ }
915
+
916
+ // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components -
917
+ // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding
918
+ // Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf.
919
+ // Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization.
920
+ // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1],
921
+ // equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well.
922
+
923
+ // [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf
924
+ $temp = array();
925
+ for ($round = 1; $round < $Nr; $round++) {
926
+ $i = 0; // $c[0] == 0
927
+ $j = $c[1];
928
+ $k = $c[2];
929
+ $l = $c[3];
930
+
931
+ while ($i < $this->Nb) {
932
+ $temp[$i] = $t0[$state[$i] & 0xFF000000] ^
933
+ $t1[$state[$j] & 0x00FF0000] ^
934
+ $t2[$state[$k] & 0x0000FF00] ^
935
+ $t3[$state[$l] & 0x000000FF] ^
936
+ $w[$round][$i];
937
+ $i++;
938
+ $j = ($j + 1) % $Nb;
939
+ $k = ($k + 1) % $Nb;
940
+ $l = ($l + 1) % $Nb;
941
+ }
942
+
943
+ for ($i = 0; $i < $Nb; $i++) {
944
+ $state[$i] = $temp[$i];
945
+ }
946
+ }
947
+
948
+ // subWord
949
+ for ($i = 0; $i < $Nb; $i++) {
950
+ $state[$i] = $this->_subWord($state[$i]);
951
+ }
952
+
953
+ // shiftRows + addRoundKey
954
+ $i = 0; // $c[0] == 0
955
+ $j = $c[1];
956
+ $k = $c[2];
957
+ $l = $c[3];
958
+ while ($i < $this->Nb) {
959
+ $temp[$i] = ($state[$i] & 0xFF000000) ^
960
+ ($state[$j] & 0x00FF0000) ^
961
+ ($state[$k] & 0x0000FF00) ^
962
+ ($state[$l] & 0x000000FF) ^
963
+ $w[$Nr][$i];
964
+ $i++;
965
+ $j = ($j + 1) % $Nb;
966
+ $k = ($k + 1) % $Nb;
967
+ $l = ($l + 1) % $Nb;
968
+ }
969
+ $state = $temp;
970
+
971
+ array_unshift($state, 'N*');
972
+
973
+ return call_user_func_array('pack', $state);
974
+ }
975
+
976
+ /**
977
+ * Decrypts a block
978
+ *
979
+ * @access private
980
+ * @param String $in
981
+ * @return String
982
+ */
983
+ function _decryptBlock($in)
984
+ {
985
+ $state = array();
986
+ $words = unpack('N*word', $in);
987
+
988
+ $num_states = count($state);
989
+ $dw = $this->dw;
990
+ $dt0 = $this->dt0;
991
+ $dt1 = $this->dt1;
992
+ $dt2 = $this->dt2;
993
+ $dt3 = $this->dt3;
994
+ $Nb = $this->Nb;
995
+ $Nr = $this->Nr;
996
+ $c = $this->c;
997
+
998
+ // addRoundKey
999
+ $i = 0;
1000
+ foreach ($words as $word) {
1001
+ $state[] = $word ^ $dw[$Nr][$i++];
1002
+ }
1003
+
1004
+ $temp = array();
1005
+ for ($round = $Nr - 1; $round > 0; $round--) {
1006
+ $i = 0; // $c[0] == 0
1007
+ $j = $Nb - $c[1];
1008
+ $k = $Nb - $c[2];
1009
+ $l = $Nb - $c[3];
1010
+
1011
+ while ($i < $Nb) {
1012
+ $temp[$i] = $dt0[$state[$i] & 0xFF000000] ^
1013
+ $dt1[$state[$j] & 0x00FF0000] ^
1014
+ $dt2[$state[$k] & 0x0000FF00] ^
1015
+ $dt3[$state[$l] & 0x000000FF] ^
1016
+ $dw[$round][$i];
1017
+ $i++;
1018
+ $j = ($j + 1) % $Nb;
1019
+ $k = ($k + 1) % $Nb;
1020
+ $l = ($l + 1) % $Nb;
1021
+ }
1022
+
1023
+ for ($i = 0; $i < $Nb; $i++) {
1024
+ $state[$i] = $temp[$i];
1025
+ }
1026
+ }
1027
+
1028
+ // invShiftRows + invSubWord + addRoundKey
1029
+ $i = 0; // $c[0] == 0
1030
+ $j = $Nb - $c[1];
1031
+ $k = $Nb - $c[2];
1032
+ $l = $Nb - $c[3];
1033
+
1034
+ while ($i < $Nb) {
1035
+ $temp[$i] = $dw[0][$i] ^
1036
+ $this->_invSubWord(($state[$i] & 0xFF000000) |
1037
+ ($state[$j] & 0x00FF0000) |
1038
+ ($state[$k] & 0x0000FF00) |
1039
+ ($state[$l] & 0x000000FF));
1040
+ $i++;
1041
+ $j = ($j + 1) % $Nb;
1042
+ $k = ($k + 1) % $Nb;
1043
+ $l = ($l + 1) % $Nb;
1044
+ }
1045
+
1046
+ $state = $temp;
1047
+
1048
+ array_unshift($state, 'N*');
1049
+
1050
+ return call_user_func_array('pack', $state);
1051
+ }
1052
+
1053
+ /**
1054
+ * Setup Rijndael
1055
+ *
1056
+ * Validates all the variables and calculates $Nr - the number of rounds that need to be performed - and $w - the key
1057
+ * key schedule.
1058
+ *
1059
+ * @access private
1060
+ */
1061
+ function _setup()
1062
+ {
1063
+ // Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field.
1064
+ // See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse
1065
+ static $rcon = array(0,
1066
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
1067
+ 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000,
1068
+ 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000,
1069
+ 0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000,
1070
+ 0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000,
1071
+ 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000
1072
+ );
1073
+
1074
+ if (!$this->changed) {
1075
+ return;
1076
+ }
1077
+
1078
+ if (!$this->explicit_key_length) {
1079
+ // we do >> 2, here, and not >> 5, as we do above, since strlen($this->key) tells us the number of bytes - not bits
1080
+ $length = strlen($this->key) >> 2;
1081
+ if ($length > 8) {
1082
+ $length = 8;
1083
+ } else if ($length < 4) {
1084
+ $length = 4;
1085
+ }
1086
+ $this->Nk = $length;
1087
+ $this->key_size = $length << 2;
1088
+ }
1089
+
1090
+ $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0));
1091
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, chr(0));
1092
+
1093
+ // see Rijndael-ammended.pdf#page=44
1094
+ $this->Nr = max($this->Nk, $this->Nb) + 6;
1095
+
1096
+ // shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44,
1097
+ // "Table 8: Shift offsets in Shiftrow for the alternative block lengths"
1098
+ // shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14,
1099
+ // "Table 2: Shift offsets for different block lengths"
1100
+ switch ($this->Nb) {
1101
+ case 4:
1102
+ case 5:
1103
+ case 6:
1104
+ $this->c = array(0, 1, 2, 3);
1105
+ break;
1106
+ case 7:
1107
+ $this->c = array(0, 1, 2, 4);
1108
+ break;
1109
+ case 8:
1110
+ $this->c = array(0, 1, 3, 4);
1111
+ }
1112
+
1113
+ $key = $this->key;
1114
+
1115
+ $w = array_values(unpack('N*words', $key));
1116
+
1117
+ $length = $this->Nb * ($this->Nr + 1);
1118
+ for ($i = $this->Nk; $i < $length; $i++) {
1119
+ $temp = $w[$i - 1];
1120
+ if ($i % $this->Nk == 0) {
1121
+ // according to <http://php.net/language.types.integer>, "the size of an integer is platform-dependent".
1122
+ // on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine,
1123
+ // 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and'
1124
+ // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is.
1125
+ $temp = (($temp << 8) & 0xFFFFFF00) | (($temp >> 24) & 0x000000FF); // rotWord
1126
+ $temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk];
1127
+ } else if ($this->Nk > 6 && $i % $this->Nk == 4) {
1128
+ $temp = $this->_subWord($temp);
1129
+ }
1130
+ $w[$i] = $w[$i - $this->Nk] ^ $temp;
1131
+ }
1132
+
1133
+ // convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns
1134
+ // and generate the inverse key schedule. more specifically,
1135
+ // according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=23> (section 5.3.3),
1136
+ // "The key expansion for the Inverse Cipher is defined as follows:
1137
+ // 1. Apply the Key Expansion.
1138
+ // 2. Apply InvMixColumn to all Round Keys except the first and the last one."
1139
+ // also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher"
1140
+ $temp = array();
1141
+ for ($i = $row = $col = 0; $i < $length; $i++, $col++) {
1142
+ if ($col == $this->Nb) {
1143
+ if ($row == 0) {
1144
+ $this->dw[0] = $this->w[0];
1145
+ } else {
1146
+ // subWord + invMixColumn + invSubWord = invMixColumn
1147
+ $j = 0;
1148
+ while ($j < $this->Nb) {
1149
+ $dw = $this->_subWord($this->w[$row][$j]);
1150
+ $temp[$j] = $this->dt0[$dw & 0xFF000000] ^
1151
+ $this->dt1[$dw & 0x00FF0000] ^
1152
+ $this->dt2[$dw & 0x0000FF00] ^
1153
+ $this->dt3[$dw & 0x000000FF];
1154
+ $j++;
1155
+ }
1156
+ $this->dw[$row] = $temp;
1157
+ }
1158
+
1159
+ $col = 0;
1160
+ $row++;
1161
+ }
1162
+ $this->w[$row][$col] = $w[$i];
1163
+ }
1164
+
1165
+ $this->dw[$row] = $this->w[$row];
1166
+
1167
+ $this->changed = false;
1168
+ }
1169