Wordfence Security – Firewall & Malware Scan - Version 7.3.3

Version Description

  • June 11, 2019 =
  • Improvement: Added support for managing the login security settings to Wordfence Central.
  • Improvement: Updated the bundled root CA certificate store.
  • Improvement: Added a check and update flow for mod_php hosts with only the PHP5 directive set for the WAF's extended protection mode.
  • Improvement: Added additional values to Diagnostics for debugging time-related issues, the new fatal error handler settings, and updated the PHP version check to reflect the new 5.6.20 requirement of WordPress.
  • Change: Changed the autoloader for our copy of sodium_compat to always load after WordPress core does.
  • Fix: Fixed the "removed from wordpress.org" detection for plugin, which was broken due to an API change.
  • Fix: Fixed the bulk repair function in the scan results when it included core files.
Download this release

Release Info

Developer wfryan
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 7.3.3
Comparing to
See all releases

Code changes from version 7.3.2 to 7.3.3

Files changed (203) hide show
  1. crypto/vendor/autoload.php +9 -0
  2. crypto/vendor/composer/ClassLoader.php +445 -0
  3. crypto/vendor/composer/LICENSE +21 -0
  4. crypto/vendor/composer/autoload_classmap.php +9 -0
  5. {vendor → crypto/vendor}/composer/autoload_files.php +1 -0
  6. crypto/vendor/composer/autoload_namespaces.php +9 -0
  7. crypto/vendor/composer/autoload_psr4.php +9 -0
  8. crypto/vendor/composer/autoload_real.php +70 -0
  9. crypto/vendor/composer/autoload_static.php +20 -0
  10. crypto/vendor/composer/installed.json +137 -0
  11. {vendor → crypto/vendor}/paragonie/random_compat/LICENSE +0 -0
  12. {vendor → crypto/vendor}/paragonie/random_compat/dist/random_compat.phar.pubkey +0 -0
  13. {vendor → crypto/vendor}/paragonie/random_compat/dist/random_compat.phar.pubkey.asc +0 -0
  14. crypto/vendor/paragonie/random_compat/lib/byte_safe_strings.php +195 -0
  15. crypto/vendor/paragonie/random_compat/lib/cast_to_int.php +77 -0
  16. vendor/paragonie/random_compat/lib/random.php → crypto/vendor/paragonie/random_compat/lib/error_polyfill.php +23 -6
  17. crypto/vendor/paragonie/random_compat/lib/random.php +225 -0
  18. crypto/vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php +91 -0
  19. crypto/vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php +190 -0
  20. crypto/vendor/paragonie/random_compat/lib/random_bytes_libsodium.php +91 -0
  21. crypto/vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php +93 -0
  22. crypto/vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php +79 -0
  23. crypto/vendor/paragonie/random_compat/lib/random_int.php +204 -0
  24. {vendor → crypto/vendor}/paragonie/sodium_compat/LICENSE +0 -0
  25. {vendor → crypto/vendor}/paragonie/sodium_compat/autoload-fast.php +0 -0
  26. {vendor → crypto/vendor}/paragonie/sodium_compat/autoload-pedantic.php +0 -0
  27. {vendor → crypto/vendor}/paragonie/sodium_compat/autoload.php +0 -0
  28. {vendor → crypto/vendor}/paragonie/sodium_compat/lib/constants.php +0 -0
  29. {vendor → crypto/vendor}/paragonie/sodium_compat/lib/namespaced.php +0 -0
  30. {vendor → crypto/vendor}/paragonie/sodium_compat/lib/php72compat.php +0 -0
  31. {vendor → crypto/vendor}/paragonie/sodium_compat/lib/sodium_compat.php +0 -0
  32. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Compat.php +0 -0
  33. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/BLAKE2b.php +0 -0
  34. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/ChaCha20.php +0 -0
  35. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/ChaCha20/Ctx.php +0 -0
  36. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/ChaCha20/IetfCtx.php +0 -0
  37. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519.php +0 -0
  38. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/Fe.php +0 -0
  39. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/Ge/Cached.php +0 -0
  40. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/Ge/P1p1.php +0 -0
  41. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/Ge/P2.php +0 -0
  42. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/Ge/P3.php +0 -0
  43. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/Ge/Precomp.php +0 -0
  44. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Curve25519/H.php +0 -0
  45. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Ed25519.php +0 -0
  46. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/HChaCha20.php +0 -0
  47. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/HSalsa20.php +0 -0
  48. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Poly1305.php +0 -0
  49. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Poly1305/State.php +0 -0
  50. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Salsa20.php +0 -0
  51. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/SipHash.php +0 -0
  52. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Util.php +0 -0
  53. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/X25519.php +0 -0
  54. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/XChaCha20.php +0 -0
  55. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Core/Xsalsa20.php +0 -0
  56. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/Crypto.php +0 -0
  57. {vendor → crypto/vendor}/paragonie/sodium_compat/namespaced/File.php +0 -0
  58. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Compat.php +0 -0
  59. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/BLAKE2b.php +0 -0
  60. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/ChaCha20.php +0 -0
  61. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/ChaCha20/Ctx.php +0 -0
  62. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/ChaCha20/IetfCtx.php +0 -0
  63. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519.php +0 -0
  64. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/Fe.php +0 -0
  65. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/Ge/Cached.php +0 -0
  66. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/Ge/P1p1.php +0 -0
  67. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/Ge/P2.php +0 -0
  68. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/Ge/P3.php +0 -0
  69. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/Ge/Precomp.php +0 -0
  70. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Curve25519/H.php +0 -0
  71. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Ed25519.php +0 -0
  72. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/HChaCha20.php +0 -0
  73. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/HSalsa20.php +0 -0
  74. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Poly1305.php +0 -0
  75. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Poly1305/State.php +0 -0
  76. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Salsa20.php +0 -0
  77. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/SipHash.php +0 -0
  78. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/Util.php +0 -0
  79. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/X25519.php +0 -0
  80. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/XChaCha20.php +0 -0
  81. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core/XSalsa20.php +0 -0
  82. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/BLAKE2b.php +0 -0
  83. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/ChaCha20.php +0 -0
  84. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/ChaCha20/Ctx.php +0 -0
  85. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/ChaCha20/IetfCtx.php +0 -0
  86. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519.php +0 -0
  87. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/Fe.php +0 -0
  88. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/Ge/Cached.php +0 -0
  89. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/Ge/P1p1.php +0 -0
  90. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/Ge/P2.php +0 -0
  91. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/Ge/P3.php +0 -0
  92. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/Ge/Precomp.php +0 -0
  93. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Curve25519/H.php +0 -0
  94. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Ed25519.php +0 -0
  95. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/HChaCha20.php +0 -0
  96. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/HSalsa20.php +0 -0
  97. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Int32.php +0 -0
  98. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Int64.php +0 -0
  99. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Poly1305.php +0 -0
  100. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Poly1305/State.php +0 -0
  101. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Salsa20.php +0 -0
  102. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/SipHash.php +0 -0
  103. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/Util.php +0 -0
  104. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/X25519.php +0 -0
  105. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/XChaCha20.php +0 -0
  106. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Core32/XSalsa20.php +0 -0
  107. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Crypto.php +0 -0
  108. {vendor → crypto/vendor}/paragonie/sodium_compat/src/Crypto32.php +0 -0
  109. {vendor → crypto/vendor}/paragonie/sodium_compat/src/File.php +0 -0
  110. {vendor → crypto/vendor}/paragonie/sodium_compat/src/SodiumException.php +0 -0
  111. css/{activity-report-widget.1558031354.css → activity-report-widget.1560275180.css} +0 -0
  112. css/{diff.1558031354.css → diff.1560275180.css} +0 -0
  113. css/{dt_table.1558031354.css → dt_table.1560275180.css} +0 -0
  114. css/{fullLog.1558031354.css → fullLog.1560275180.css} +0 -0
  115. css/{iptraf.1558031354.css → iptraf.1560275180.css} +0 -0
  116. css/{jquery-ui-timepicker-addon.1558031354.css → jquery-ui-timepicker-addon.1560275180.css} +0 -0
  117. css/{jquery-ui.min.1558031354.css → jquery-ui.min.1560275180.css} +0 -0
  118. css/{jquery-ui.structure.min.1558031354.css → jquery-ui.structure.min.1560275180.css} +0 -0
  119. css/{jquery-ui.theme.min.1558031354.css → jquery-ui.theme.min.1560275180.css} +0 -0
  120. css/{main.1558031354.css → main.1560275180.css} +0 -0
  121. css/{phpinfo.1558031354.css → phpinfo.1560275180.css} +0 -0
  122. css/{wf-adminbar.1558031354.css → wf-adminbar.1560275180.css} +0 -0
  123. css/{wf-colorbox.1558031354.css → wf-colorbox.1560275180.css} +0 -0
  124. css/{wf-font-awesome.1558031354.css → wf-font-awesome.1560275180.css} +0 -0
  125. css/{wf-global.1558031354.css → wf-global.1560275180.css} +0 -0
  126. css/{wf-ionicons.1558031354.css → wf-ionicons.1560275180.css} +0 -0
  127. css/{wf-onboarding.1558031354.css → wf-onboarding.1560275180.css} +0 -0
  128. css/{wf-roboto-font.1558031354.css → wf-roboto-font.1560275180.css} +0 -0
  129. css/{wfselect2.min.1558031354.css → wfselect2.min.1560275180.css} +0 -0
  130. css/{wordfenceBox.1558031354.css → wordfenceBox.1560275180.css} +0 -0
  131. js/{Chart.bundle.min.1558031354.js → Chart.bundle.min.1560275180.js} +0 -0
  132. js/{admin.1558031354.js → admin.1560275180.js} +1 -1
  133. js/{admin.ajaxWatcher.1558031354.js → admin.ajaxWatcher.1560275180.js} +0 -0
  134. js/{admin.liveTraffic.1558031354.js → admin.liveTraffic.1560275180.js} +0 -0
  135. js/{date.1558031354.js → date.1560275180.js} +0 -0
  136. js/{jquery-ui-timepicker-addon.1558031354.js → jquery-ui-timepicker-addon.1560275180.js} +0 -0
  137. js/{jquery.colorbox-min.1558031354.js → jquery.colorbox-min.1560275180.js} +0 -0
  138. js/{jquery.colorbox.1558031354.js → jquery.colorbox.1560275180.js} +0 -0
  139. js/{jquery.dataTables.min.1558031354.js → jquery.dataTables.min.1560275180.js} +0 -0
  140. js/{jquery.qrcode.min.1558031354.js → jquery.qrcode.min.1560275180.js} +0 -0
  141. js/{jquery.tmpl.min.1558031354.js → jquery.tmpl.min.1560275180.js} +0 -0
  142. js/{jquery.tools.min.1558031354.js → jquery.tools.min.1560275180.js} +0 -0
  143. js/{knockout-3.3.0.1558031354.js → knockout-3.3.0.1560275180.js} +0 -0
  144. js/{wfdashboard.1558031354.js → wfdashboard.1560275180.js} +0 -0
  145. js/{wfdropdown.1558031354.js → wfdropdown.1560275180.js} +0 -0
  146. js/{wfglobal.1558031354.js → wfglobal.1560275180.js} +0 -0
  147. js/{wfpopover.1558031354.js → wfpopover.1560275180.js} +0 -0
  148. js/{wfselect2.min.1558031354.js → wfselect2.min.1560275180.js} +0 -0
  149. lib/WFLSPHP52Compatability.php +12 -0
  150. lib/menu_tools_diagnostic.php +22 -21
  151. lib/rest-api/wfRESTAuthenticationController.php +2 -2
  152. lib/rest-api/wfRESTConfigController.php +82 -1
  153. lib/wfCentralAPI.php +9 -3
  154. lib/wfDiagnostic.php +125 -2
  155. lib/wfScanEngine.php +30 -29
  156. lib/wfSupportController.php +2 -0
  157. lib/wfUtils.php +1 -1
  158. lib/wordfenceClass.php +189 -44
  159. modules/login-security/classes/controller/settings.php +5 -0
  160. modules/login-security/classes/controller/time.php +16 -2
  161. modules/login-security/classes/controller/wordfencels.php +46 -7
  162. modules/login-security/classes/model/crypto.php +7 -7
  163. modules/login-security/classes/model/crypto/base2n.php +7 -7
  164. modules/login-security/classes/model/settings/db.php +1 -0
  165. modules/login-security/classes/model/view/tab.php +1 -1
  166. modules/login-security/classes/model/view/title.php +1 -1
  167. modules/login-security/css/{admin-global.1558031354.css → admin-global.1560275180.css} +0 -0
  168. modules/login-security/css/{admin.1558031354.css → admin.1560275180.css} +1 -1
  169. modules/login-security/css/{colorbox.1558031354.css → colorbox.1560275180.css} +0 -0
  170. modules/login-security/css/{font-awesome.1558031354.css → font-awesome.1560275180.css} +0 -0
  171. modules/login-security/css/{ionicons.1558031354.css → ionicons.1560275180.css} +0 -0
  172. modules/login-security/css/{jquery-ui-timepicker-addon.1558031354.css → jquery-ui-timepicker-addon.1560275180.css} +0 -0
  173. modules/login-security/css/{jquery-ui.min.1558031354.css → jquery-ui.min.1560275180.css} +0 -0
  174. modules/login-security/css/{jquery-ui.structure.min.1558031354.css → jquery-ui.structure.min.1560275180.css} +0 -0
  175. modules/login-security/css/{jquery-ui.theme.min.1558031354.css → jquery-ui.theme.min.1560275180.css} +0 -0
  176. modules/login-security/css/{login.1558031354.css → login.1560275180.css} +0 -0
  177. modules/login-security/js/{admin-global.1558031354.js → admin-global.1560275180.js} +0 -0
  178. modules/login-security/js/{admin.1558031354.js → admin.1560275180.js} +10 -6
  179. modules/login-security/js/{jquery-ui-timepicker-addon.1558031354.js → jquery-ui-timepicker-addon.1560275180.js} +0 -0
  180. modules/login-security/js/{jquery.colorbox.1558031354.js → jquery.colorbox.1560275180.js} +0 -0
  181. modules/login-security/js/{jquery.colorbox.min.1558031354.js → jquery.colorbox.min.1560275180.js} +0 -0
  182. modules/login-security/js/{jquery.qrcode.min.1558031354.js → jquery.qrcode.min.1560275180.js} +0 -0
  183. modules/login-security/js/{jquery.tmpl.min.1558031354.js → jquery.tmpl.min.1560275180.js} +0 -0
  184. modules/login-security/js/{login.1558031354.js → login.1560275180.js} +0 -0
  185. modules/login-security/views/onboarding/standalone-header.php +32 -0
  186. modules/login-security/views/page/manage.php +17 -2
  187. modules/login-security/views/page/page.php +5 -0
  188. modules/login-security/{wordfence-ls.php → wordfence-login-security.php} +2 -2
  189. readme.txt +12 -3
  190. vendor/composer/ClassLoader.php +2 -2
  191. vendor/composer/autoload_real.php +0 -18
  192. vendor/composer/autoload_static.php +0 -4
  193. vendor/composer/ca-bundle/res/cacert.pem +440 -685
  194. vendor/composer/installed.json +28 -161
  195. vendor/geoip2/geoip2/src/WebService/Client.php +8 -8
  196. vendor/maxmind-db/reader/autoload.php +45 -0
  197. vendor/maxmind-db/reader/src/MaxMind/Db/Reader.php +12 -12
  198. vendor/maxmind-db/reader/src/MaxMind/Db/Reader/Decoder.php +135 -105
  199. vendor/maxmind/web-service-common/src/WebService/Client.php +7 -5
  200. vendor/paragonie/random_compat/psalm-autoload.php +0 -9
  201. vendor/paragonie/sodium_compat/phpstan.neon.dist +0 -18
  202. vendor/wordfence/wf-waf/src/cacert.pem +571 -1107
  203. wordfence.php +3 -3
crypto/vendor/autoload.php ADDED
@@ -0,0 +1,9 @@
1
+ <?php
2
+
3
+ // autoload.php @generated by Composer
4
+
5
+ if (!class_exists('ComposerAutoloaderInite213e65b2dafae4ad799b13fe0d36f8e')) {
6
+ require_once __DIR__ . '/composer/autoload_real.php';
7
+ }
8
+
9
+ return ComposerAutoloaderInite213e65b2dafae4ad799b13fe0d36f8e::getLoader();
crypto/vendor/composer/ClassLoader.php ADDED
@@ -0,0 +1,445 @@
1
+ <?php
2
+
3
+ /*
4
+ * This file is part of Composer.
5
+ *
6
+ * (c) Nils Adermann <naderman@naderman.de>
7
+ * Jordi Boggiano <j.boggiano@seld.be>
8
+ *
9
+ * For the full copyright and license information, please view the LICENSE
10
+ * file that was distributed with this source code.
11
+ */
12
+
13
+ namespace Composer\Autoload;
14
+
15
+ /**
16
+ * ClassLoader implements a PSR-0, PSR-4 and classmap class loader.
17
+ *
18
+ * $loader = new \Composer\Autoload\ClassLoader();
19
+ *
20
+ * // register classes with namespaces
21
+ * $loader->add('Symfony\Component', __DIR__.'/component');
22
+ * $loader->add('Symfony', __DIR__.'/framework');
23
+ *
24
+ * // activate the autoloader
25
+ * $loader->register();
26
+ *
27
+ * // to enable searching the include path (eg. for PEAR packages)
28
+ * $loader->setUseIncludePath(true);
29
+ *
30
+ * In this example, if you try to use a class in the Symfony\Component
31
+ * namespace or one of its children (Symfony\Component\Console for instance),
32
+ * the autoloader will first look for the class under the component/
33
+ * directory, and it will then fallback to the framework/ directory if not
34
+ * found before giving up.
35
+ *
36
+ * This class is loosely based on the Symfony UniversalClassLoader.
37
+ *
38
+ * @author Fabien Potencier <fabien@symfony.com>
39
+ * @author Jordi Boggiano <j.boggiano@seld.be>
40
+ * @see http://www.php-fig.org/psr/psr-0/
41
+ * @see http://www.php-fig.org/psr/psr-4/
42
+ */
43
+ class ClassLoader
44
+ {
45
+ // PSR-4
46
+ private $prefixLengthsPsr4 = array();
47
+ private $prefixDirsPsr4 = array();
48
+ private $fallbackDirsPsr4 = array();
49
+
50
+ // PSR-0
51
+ private $prefixesPsr0 = array();
52
+ private $fallbackDirsPsr0 = array();
53
+
54
+ private $useIncludePath = false;
55
+ private $classMap = array();
56
+ private $classMapAuthoritative = false;
57
+ private $missingClasses = array();
58
+ private $apcuPrefix;
59
+
60
+ public function getPrefixes()
61
+ {
62
+ if (!empty($this->prefixesPsr0)) {
63
+ return call_user_func_array('array_merge', $this->prefixesPsr0);
64
+ }
65
+
66
+ return array();
67
+ }
68
+
69
+ public function getPrefixesPsr4()
70
+ {
71
+ return $this->prefixDirsPsr4;
72
+ }
73
+
74
+ public function getFallbackDirs()
75
+ {
76
+ return $this->fallbackDirsPsr0;
77
+ }
78
+
79
+ public function getFallbackDirsPsr4()
80
+ {
81
+ return $this->fallbackDirsPsr4;
82
+ }
83
+
84
+ public function getClassMap()
85
+ {
86
+ return $this->classMap;
87
+ }
88
+
89
+ /**
90
+ * @param array $classMap Class to filename map
91
+ */
92
+ public function addClassMap(array $classMap)
93
+ {
94
+ if ($this->classMap) {
95
+ $this->classMap = array_merge($this->classMap, $classMap);
96
+ } else {
97
+ $this->classMap = $classMap;
98
+ }
99
+ }
100
+
101
+ /**
102
+ * Registers a set of PSR-0 directories for a given prefix, either
103
+ * appending or prepending to the ones previously set for this prefix.
104
+ *
105
+ * @param string $prefix The prefix
106
+ * @param array|string $paths The PSR-0 root directories
107
+ * @param bool $prepend Whether to prepend the directories
108
+ */
109
+ public function add($prefix, $paths, $prepend = false)
110
+ {
111
+ if (!$prefix) {
112
+ if ($prepend) {
113
+ $this->fallbackDirsPsr0 = array_merge(
114
+ (array) $paths,
115
+ $this->fallbackDirsPsr0
116
+ );
117
+ } else {
118
+ $this->fallbackDirsPsr0 = array_merge(
119
+ $this->fallbackDirsPsr0,
120
+ (array) $paths
121
+ );
122
+ }
123
+
124
+ return;
125
+ }
126
+
127
+ $first = $prefix[0];
128
+ if (!isset($this->prefixesPsr0[$first][$prefix])) {
129
+ $this->prefixesPsr0[$first][$prefix] = (array) $paths;
130
+
131
+ return;
132
+ }
133
+ if ($prepend) {
134
+ $this->prefixesPsr0[$first][$prefix] = array_merge(
135
+ (array) $paths,
136
+ $this->prefixesPsr0[$first][$prefix]
137
+ );
138
+ } else {
139
+ $this->prefixesPsr0[$first][$prefix] = array_merge(
140
+ $this->prefixesPsr0[$first][$prefix],
141
+ (array) $paths
142
+ );
143
+ }
144
+ }
145
+
146
+ /**
147
+ * Registers a set of PSR-4 directories for a given namespace, either
148
+ * appending or prepending to the ones previously set for this namespace.
149
+ *
150
+ * @param string $prefix The prefix/namespace, with trailing '\\'
151
+ * @param array|string $paths The PSR-4 base directories
152
+ * @param bool $prepend Whether to prepend the directories
153
+ *
154
+ * @throws \InvalidArgumentException
155
+ */
156
+ public function addPsr4($prefix, $paths, $prepend = false)
157
+ {
158
+ if (!$prefix) {
159
+ // Register directories for the root namespace.
160
+ if ($prepend) {
161
+ $this->fallbackDirsPsr4 = array_merge(
162
+ (array) $paths,
163
+ $this->fallbackDirsPsr4
164
+ );
165
+ } else {
166
+ $this->fallbackDirsPsr4 = array_merge(
167
+ $this->fallbackDirsPsr4,
168
+ (array) $paths
169
+ );
170
+ }
171
+ } elseif (!isset($this->prefixDirsPsr4[$prefix])) {
172
+ // Register directories for a new namespace.
173
+ $length = strlen($prefix);
174
+ if ('\\' !== $prefix[$length - 1]) {
175
+ throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator.");
176
+ }
177
+ $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length;
178
+ $this->prefixDirsPsr4[$prefix] = (array) $paths;
179
+ } elseif ($prepend) {
180
+ // Prepend directories for an already registered namespace.
181
+ $this->prefixDirsPsr4[$prefix] = array_merge(
182
+ (array) $paths,
183
+ $this->prefixDirsPsr4[$prefix]
184
+ );
185
+ } else {
186
+ // Append directories for an already registered namespace.
187
+ $this->prefixDirsPsr4[$prefix] = array_merge(
188
+ $this->prefixDirsPsr4[$prefix],
189
+ (array) $paths
190
+ );
191
+ }
192
+ }
193
+
194
+ /**
195
+ * Registers a set of PSR-0 directories for a given prefix,
196
+ * replacing any others previously set for this prefix.
197
+ *
198
+ * @param string $prefix The prefix
199
+ * @param array|string $paths The PSR-0 base directories
200
+ */
201
+ public function set($prefix, $paths)
202
+ {
203
+ if (!$prefix) {
204
+ $this->fallbackDirsPsr0 = (array) $paths;
205
+ } else {
206
+ $this->prefixesPsr0[$prefix[0]][$prefix] = (array) $paths;
207
+ }
208
+ }
209
+
210
+ /**
211
+ * Registers a set of PSR-4 directories for a given namespace,
212
+ * replacing any others previously set for this namespace.
213
+ *
214
+ * @param string $prefix The prefix/namespace, with trailing '\\'
215
+ * @param array|string $paths The PSR-4 base directories
216
+ *
217
+ * @throws \InvalidArgumentException
218
+ */
219
+ public function setPsr4($prefix, $paths)
220
+ {
221
+ if (!$prefix) {
222
+ $this->fallbackDirsPsr4 = (array) $paths;
223
+ } else {
224
+ $length = strlen($prefix);
225
+ if ('\\' !== $prefix[$length - 1]) {
226
+ throw new \InvalidArgumentException("A non-empty PSR-4 prefix must end with a namespace separator.");
227
+ }
228
+ $this->prefixLengthsPsr4[$prefix[0]][$prefix] = $length;
229
+ $this->prefixDirsPsr4[$prefix] = (array) $paths;
230
+ }
231
+ }
232
+
233
+ /**
234
+ * Turns on searching the include path for class files.
235
+ *
236
+ * @param bool $useIncludePath
237
+ */
238
+ public function setUseIncludePath($useIncludePath)
239
+ {
240
+ $this->useIncludePath = $useIncludePath;
241
+ }
242
+
243
+ /**
244
+ * Can be used to check if the autoloader uses the include path to check
245
+ * for classes.
246
+ *
247
+ * @return bool
248
+ */
249
+ public function getUseIncludePath()
250
+ {
251
+ return $this->useIncludePath;
252
+ }
253
+
254
+ /**
255
+ * Turns off searching the prefix and fallback directories for classes
256
+ * that have not been registered with the class map.
257
+ *
258
+ * @param bool $classMapAuthoritative
259
+ */
260
+ public function setClassMapAuthoritative($classMapAuthoritative)
261
+ {
262
+ $this->classMapAuthoritative = $classMapAuthoritative;
263
+ }
264
+
265
+ /**
266
+ * Should class lookup fail if not found in the current class map?
267
+ *
268
+ * @return bool
269
+ */
270
+ public function isClassMapAuthoritative()
271
+ {
272
+ return $this->classMapAuthoritative;
273
+ }
274
+
275
+ /**
276
+ * APCu prefix to use to cache found/not-found classes, if the extension is enabled.
277
+ *
278
+ * @param string|null $apcuPrefix
279
+ */
280
+ public function setApcuPrefix($apcuPrefix)
281
+ {
282
+ $this->apcuPrefix = function_exists('apcu_fetch') && filter_var(ini_get('apc.enabled'), FILTER_VALIDATE_BOOLEAN) ? $apcuPrefix : null;
283
+ }
284
+
285
+ /**
286
+ * The APCu prefix in use, or null if APCu caching is not enabled.
287
+ *
288
+ * @return string|null
289
+ */
290
+ public function getApcuPrefix()
291
+ {
292
+ return $this->apcuPrefix;
293
+ }
294
+
295
+ /**
296
+ * Registers this instance as an autoloader.
297
+ *
298
+ * @param bool $prepend Whether to prepend the autoloader or not
299
+ */
300
+ public function register($prepend = false)
301
+ {
302
+ spl_autoload_register(array($this, 'loadClass'), true, $prepend);
303
+ }
304
+
305
+ /**
306
+ * Unregisters this instance as an autoloader.
307
+ */
308
+ public function unregister()
309
+ {
310
+ spl_autoload_unregister(array($this, 'loadClass'));
311
+ }
312
+
313
+ /**
314
+ * Loads the given class or interface.
315
+ *
316
+ * @param string $class The name of the class
317
+ * @return bool|null True if loaded, null otherwise
318
+ */
319
+ public function loadClass($class)
320
+ {
321
+ if ($file = $this->findFile($class)) {
322
+ includeFile($file);
323
+
324
+ return true;
325
+ }
326
+ }
327
+
328
+ /**
329
+ * Finds the path to the file where the class is defined.
330
+ *
331
+ * @param string $class The name of the class
332
+ *
333
+ * @return string|false The path if found, false otherwise
334
+ */
335
+ public function findFile($class)
336
+ {
337
+ // class map lookup
338
+ if (isset($this->classMap[$class])) {
339
+ return $this->classMap[$class];
340
+ }
341
+ if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) {
342
+ return false;
343
+ }
344
+ if (null !== $this->apcuPrefix) {
345
+ $file = apcu_fetch($this->apcuPrefix.$class, $hit);
346
+ if ($hit) {
347
+ return $file;
348
+ }
349
+ }
350
+
351
+ $file = $this->findFileWithExtension($class, '.php');
352
+
353
+ // Search for Hack files if we are running on HHVM
354
+ if (false === $file && defined('HHVM_VERSION')) {
355
+ $file = $this->findFileWithExtension($class, '.hh');
356
+ }
357
+
358
+ if (null !== $this->apcuPrefix) {
359
+ apcu_add($this->apcuPrefix.$class, $file);
360
+ }
361
+
362
+ if (false === $file) {
363
+ // Remember that this class does not exist.
364
+ $this->missingClasses[$class] = true;
365
+ }
366
+
367
+ return $file;
368
+ }
369
+
370
+ private function findFileWithExtension($class, $ext)
371
+ {
372
+ // PSR-4 lookup
373
+ $logicalPathPsr4 = strtr($class, '\\', DIRECTORY_SEPARATOR) . $ext;
374
+
375
+ $first = $class[0];
376
+ if (isset($this->prefixLengthsPsr4[$first])) {
377
+ $subPath = $class;
378
+ while (false !== $lastPos = strrpos($subPath, '\\')) {
379
+ $subPath = substr($subPath, 0, $lastPos);
380
+ $search = $subPath . '\\';
381
+ if (isset($this->prefixDirsPsr4[$search])) {
382
+ $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1);
383
+ foreach ($this->prefixDirsPsr4[$search] as $dir) {
384
+ if (file_exists($file = $dir . $pathEnd)) {
385
+ return $file;
386
+ }
387
+ }
388
+ }
389
+ }
390
+ }
391
+
392
+ // PSR-4 fallback dirs
393
+ foreach ($this->fallbackDirsPsr4 as $dir) {
394
+ if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr4)) {
395
+ return $file;
396
+ }
397
+ }
398
+
399
+ // PSR-0 lookup
400
+ if (false !== $pos = strrpos($class, '\\')) {
401
+ // namespaced class name
402
+ $logicalPathPsr0 = substr($logicalPathPsr4, 0, $pos + 1)
403
+ . strtr(substr($logicalPathPsr4, $pos + 1), '_', DIRECTORY_SEPARATOR);
404
+ } else {
405
+ // PEAR-like class name
406
+ $logicalPathPsr0 = strtr($class, '_', DIRECTORY_SEPARATOR) . $ext;
407
+ }
408
+
409
+ if (isset($this->prefixesPsr0[$first])) {
410
+ foreach ($this->prefixesPsr0[$first] as $prefix => $dirs) {
411
+ if (0 === strpos($class, $prefix)) {
412
+ foreach ($dirs as $dir) {
413
+ if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) {
414
+ return $file;
415
+ }
416
+ }
417
+ }
418
+ }
419
+ }
420
+
421
+ // PSR-0 fallback dirs
422
+ foreach ($this->fallbackDirsPsr0 as $dir) {
423
+ if (file_exists($file = $dir . DIRECTORY_SEPARATOR . $logicalPathPsr0)) {
424
+ return $file;
425
+ }
426
+ }
427
+
428
+ // PSR-0 include paths.
429
+ if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) {
430
+ return $file;
431
+ }
432
+
433
+ return false;
434
+ }
435
+ }
436
+
437
+ /**
438
+ * Scope isolated include.
439
+ *
440
+ * Prevents access to $this/self from included files.
441
+ */
442
+ function includeFile($file)
443
+ {
444
+ include $file;
445
+ }
crypto/vendor/composer/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+
2
+ Copyright (c) Nils Adermann, Jordi Boggiano
3
+
4
+ Permission is hereby granted, free of charge, to any person obtaining a copy
5
+ of this software and associated documentation files (the "Software"), to deal
6
+ in the Software without restriction, including without limitation the rights
7
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8
+ copies of the Software, and to permit persons to whom the Software is furnished
9
+ to do so, subject to the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be included in all
12
+ copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
20
+ THE SOFTWARE.
21
+
crypto/vendor/composer/autoload_classmap.php ADDED
@@ -0,0 +1,9 @@
1
+ <?php
2
+
3
+ // autoload_classmap.php @generated by Composer
4
+
5
+ $vendorDir = dirname(dirname(__FILE__));
6
+ $baseDir = dirname($vendorDir);
7
+
8
+ return array(
9
+ );
{vendor → crypto/vendor}/composer/autoload_files.php RENAMED
@@ -6,5 +6,6 @@ $vendorDir = dirname(dirname(__FILE__));
6
$baseDir = dirname($vendorDir);
7
8
return array(
9
'3109cb1a231dcd04bee1f9f620d46975' => $vendorDir . '/paragonie/sodium_compat/autoload.php',
10
);
6
$baseDir = dirname($vendorDir);
7
8
return array(
9
+ '5255c38a0faeba867671b61dfda6d864' => $vendorDir . '/paragonie/random_compat/lib/random.php',
10
'3109cb1a231dcd04bee1f9f620d46975' => $vendorDir . '/paragonie/sodium_compat/autoload.php',
11
);
crypto/vendor/composer/autoload_namespaces.php ADDED
@@ -0,0 +1,9 @@
1
+ <?php
2
+
3
+ // autoload_namespaces.php @generated by Composer
4
+
5
+ $vendorDir = dirname(dirname(__FILE__));
6
+ $baseDir = dirname($vendorDir);
7
+
8
+ return array(
9
+ );
crypto/vendor/composer/autoload_psr4.php ADDED
@@ -0,0 +1,9 @@
1
+ <?php
2
+
3
+ // autoload_psr4.php @generated by Composer
4
+
5
+ $vendorDir = dirname(dirname(__FILE__));
6
+ $baseDir = dirname($vendorDir);
7
+
8
+ return array(
9
+ );
crypto/vendor/composer/autoload_real.php ADDED
@@ -0,0 +1,70 @@
1
+ <?php
2
+
3
+ // autoload_real.php @generated by Composer
4
+
5
+ class ComposerAutoloaderInite213e65b2dafae4ad799b13fe0d36f8e
6
+ {
7
+ private static $loader;
8
+
9
+ public static function loadClassLoader($class)
10
+ {
11
+ if ('Composer\Autoload\ClassLoader' === $class) {
12
+ require __DIR__ . '/ClassLoader.php';
13
+ }
14
+ }
15
+
16
+ public static function getLoader()
17
+ {
18
+ if (null !== self::$loader) {
19
+ return self::$loader;
20
+ }
21
+
22
+ spl_autoload_register(array('ComposerAutoloaderInite213e65b2dafae4ad799b13fe0d36f8e', 'loadClassLoader'), true, true);
23
+ self::$loader = $loader = new \Composer\Autoload\ClassLoader();
24
+ spl_autoload_unregister(array('ComposerAutoloaderInite213e65b2dafae4ad799b13fe0d36f8e', 'loadClassLoader'));
25
+
26
+ $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
27
+ if ($useStaticLoader) {
28
+ require_once __DIR__ . '/autoload_static.php';
29
+
30
+ call_user_func(\Composer\Autoload\ComposerStaticInite213e65b2dafae4ad799b13fe0d36f8e::getInitializer($loader));
31
+ } else {
32
+ $map = require __DIR__ . '/autoload_namespaces.php';
33
+ foreach ($map as $namespace => $path) {
34
+ $loader->set($namespace, $path);
35
+ }
36
+
37
+ $map = require __DIR__ . '/autoload_psr4.php';
38
+ foreach ($map as $namespace => $path) {
39
+ $loader->setPsr4($namespace, $path);
40
+ }
41
+
42
+ $classMap = require __DIR__ . '/autoload_classmap.php';
43
+ if ($classMap) {
44
+ $loader->addClassMap($classMap);
45
+ }
46
+ }
47
+
48
+ $loader->register(true);
49
+
50
+ if ($useStaticLoader) {
51
+ $includeFiles = Composer\Autoload\ComposerStaticInite213e65b2dafae4ad799b13fe0d36f8e::$files;
52
+ } else {
53
+ $includeFiles = require __DIR__ . '/autoload_files.php';
54
+ }
55
+ foreach ($includeFiles as $fileIdentifier => $file) {
56
+ composerRequiree213e65b2dafae4ad799b13fe0d36f8e($fileIdentifier, $file);
57
+ }
58
+
59
+ return $loader;
60
+ }
61
+ }
62
+
63
+ function composerRequiree213e65b2dafae4ad799b13fe0d36f8e($fileIdentifier, $file)
64
+ {
65
+ if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
66
+ require $file;
67
+
68
+ $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
69
+ }
70
+ }
crypto/vendor/composer/autoload_static.php ADDED
@@ -0,0 +1,20 @@
1
+ <?php
2
+
3
+ // autoload_static.php @generated by Composer
4
+
5
+ namespace Composer\Autoload;
6
+
7
+ class ComposerStaticInite213e65b2dafae4ad799b13fe0d36f8e
8
+ {
9
+ public static $files = array (
10
+ '5255c38a0faeba867671b61dfda6d864' => __DIR__ . '/..' . '/paragonie/random_compat/lib/random.php',
11
+ '3109cb1a231dcd04bee1f9f620d46975' => __DIR__ . '/..' . '/paragonie/sodium_compat/autoload.php',
12
+ );
13
+
14
+ public static function getInitializer(ClassLoader $loader)
15
+ {
16
+ return \Closure::bind(function () use ($loader) {
17
+
18
+ }, null, ClassLoader::class);
19
+ }
20
+ }
crypto/vendor/composer/installed.json ADDED
@@ -0,0 +1,137 @@
1
+ [
2
+ {
3
+ "name": "paragonie/random_compat",
4
+ "version": "v2.0.18",
5
+ "version_normalized": "2.0.18.0",
6
+ "source": {
7
+ "type": "git",
8
+ "url": "https://github.com/paragonie/random_compat.git",
9
+ "reference": "0a58ef6e3146256cc3dc7cc393927bcc7d1b72db"
10
+ },
11
+ "dist": {
12
+ "type": "zip",
13
+ "url": "https://api.github.com/repos/paragonie/random_compat/zipball/0a58ef6e3146256cc3dc7cc393927bcc7d1b72db",
14
+ "reference": "0a58ef6e3146256cc3dc7cc393927bcc7d1b72db",
15
+ "shasum": ""
16
+ },
17
+ "require": {
18
+ "php": ">=5.2.0"
19
+ },
20
+ "require-dev": {
21
+ "phpunit/phpunit": "4.*|5.*"
22
+ },
23
+ "suggest": {
24
+ "ext-libsodium": "Provides a modern crypto API that can be used to generate random bytes."
25
+ },
26
+ "time": "2019-01-03T20:59:08+00:00",
27
+ "type": "library",
28
+ "installation-source": "dist",
29
+ "autoload": {
30
+ "files": [
31
+ "lib/random.php"
32
+ ]
33
+ },
34
+ "notification-url": "https://packagist.org/downloads/",
35
+ "license": [
36
+ "MIT"
37
+ ],
38
+ "authors": [
39
+ {
40
+ "name": "Paragon Initiative Enterprises",
41
+ "email": "security@paragonie.com",
42
+ "homepage": "https://paragonie.com"
43
+ }
44
+ ],
45
+ "description": "PHP 5.x polyfill for random_bytes() and random_int() from PHP 7",
46
+ "keywords": [
47
+ "csprng",
48
+ "polyfill",
49
+ "pseudorandom",
50
+ "random"
51
+ ]
52
+ },
53
+ {
54
+ "name": "paragonie/sodium_compat",
55
+ "version": "v1.10.0",
56
+ "version_normalized": "1.10.0.0",
57
+ "source": {
58
+ "type": "git",
59
+ "url": "https://github.com/paragonie/sodium_compat.git",
60
+ "reference": "228a9fc64cf4ba84c7967c1076d94209db03e0ee"
61
+ },
62
+ "dist": {
63
+ "type": "zip",
64
+ "url": "https://api.github.com/repos/paragonie/sodium_compat/zipball/228a9fc64cf4ba84c7967c1076d94209db03e0ee",
65
+ "reference": "228a9fc64cf4ba84c7967c1076d94209db03e0ee",
66
+ "shasum": ""
67
+ },
68
+ "require": {
69
+ "paragonie/random_compat": ">=1",
70
+ "php": "^5.2.4|^5.3|^5.4|^5.5|^5.6|^7|^8"
71
+ },
72
+ "require-dev": {
73
+ "phpunit/phpunit": "^3|^4|^5"
74
+ },
75
+ "suggest": {
76
+ "ext-libsodium": "PHP < 7.0: Better performance, password hashing (Argon2i), secure memory management (memzero), and better security.",
77
+ "ext-sodium": "PHP >= 7.0: Better performance, password hashing (Argon2i), secure memory management (memzero), and better security."
78
+ },
79
+ "time": "2019-05-13T16:04:50+00:00",
80
+ "type": "library",
81
+ "installation-source": "dist",
82
+ "autoload": {
83
+ "files": [
84
+ "autoload.php"
85
+ ]
86
+ },
87
+ "notification-url": "https://packagist.org/downloads/",
88
+ "license": [
89
+ "ISC"
90
+ ],
91
+ "authors": [
92
+ {
93
+ "name": "Paragon Initiative Enterprises",
94
+ "email": "security@paragonie.com"
95
+ },
96
+ {
97
+ "name": "Frank Denis",
98
+ "email": "jedisct1@pureftpd.org"
99
+ }
100
+ ],
101
+ "description": "Pure PHP implementation of libsodium; uses the PHP extension if it exists",
102
+ "keywords": [
103
+ "Authentication",
104
+ "BLAKE2b",
105
+ "ChaCha20",
106
+ "ChaCha20-Poly1305",
107
+ "Chapoly",
108
+ "Curve25519",
109
+ "Ed25519",
110
+ "EdDSA",
111
+ "Edwards-curve Digital Signature Algorithm",
112
+ "Elliptic Curve Diffie-Hellman",
113
+ "Poly1305",
114
+ "Pure-PHP cryptography",
115
+ "RFC 7748",
116
+ "RFC 8032",
117
+ "Salpoly",
118
+ "Salsa20",
119
+ "X25519",
120
+ "XChaCha20-Poly1305",
121
+ "XSalsa20-Poly1305",
122
+ "Xchacha20",
123
+ "Xsalsa20",
124
+ "aead",
125
+ "cryptography",
126
+ "ecdh",
127
+ "elliptic curve",
128
+ "elliptic curve cryptography",
129
+ "encryption",
130
+ "libsodium",
131
+ "php",
132
+ "public-key cryptography",
133
+ "secret-key cryptography",
134
+ "side-channel resistant"
135
+ ]
136
+ }
137
+ ]
{vendor → crypto/vendor}/paragonie/random_compat/LICENSE RENAMED
File without changes
{vendor → crypto/vendor}/paragonie/random_compat/dist/random_compat.phar.pubkey RENAMED
File without changes
{vendor → crypto/vendor}/paragonie/random_compat/dist/random_compat.phar.pubkey.asc RENAMED
File without changes
crypto/vendor/paragonie/random_compat/lib/byte_safe_strings.php ADDED
@@ -0,0 +1,195 @@
1
+ <?php
2
+ /**
3
+ * Random_* Compatibility Library
4
+ * for using the new PHP 7 random_* API in PHP 5 projects
5
+ *
6
+ * The MIT License (MIT)
7
+ *
8
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
9
+ *
10
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ * of this software and associated documentation files (the "Software"), to deal
12
+ * in the Software without restriction, including without limitation the rights
13
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ * copies of the Software, and to permit persons to whom the Software is
15
+ * furnished to do so, subject to the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be included in
18
+ * all copies or substantial portions of the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ * SOFTWARE.
27
+ */
28
+
29
+ if (!is_callable('RandomCompat_strlen')) {
30
+ if (
31
+ defined('MB_OVERLOAD_STRING')
32
+ &&
33
+ ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
34
+ ) {
35
+ /**
36
+ * strlen() implementation that isn't brittle to mbstring.func_overload
37
+ *
38
+ * This version uses mb_strlen() in '8bit' mode to treat strings as raw
39
+ * binary rather than UTF-8, ISO-8859-1, etc
40
+ *
41
+ * @param string $binary_string
42
+ *
43
+ * @throws TypeError
44
+ *
45
+ * @return int
46
+ */
47
+ function RandomCompat_strlen($binary_string)
48
+ {
49
+ if (!is_string($binary_string)) {
50
+ throw new TypeError(
51
+ 'RandomCompat_strlen() expects a string'
52
+ );
53
+ }
54
+
55
+ return (int) mb_strlen($binary_string, '8bit');
56
+ }
57
+
58
+ } else {
59
+ /**
60
+ * strlen() implementation that isn't brittle to mbstring.func_overload
61
+ *
62
+ * This version just used the default strlen()
63
+ *
64
+ * @param string $binary_string
65
+ *
66
+ * @throws TypeError
67
+ *
68
+ * @return int
69
+ */
70
+ function RandomCompat_strlen($binary_string)
71
+ {
72
+ if (!is_string($binary_string)) {
73
+ throw new TypeError(
74
+ 'RandomCompat_strlen() expects a string'
75
+ );
76
+ }
77
+ return (int) strlen($binary_string);
78
+ }
79
+ }
80
+ }
81
+
82
+ if (!is_callable('RandomCompat_substr')) {
83
+
84
+ if (
85
+ defined('MB_OVERLOAD_STRING')
86
+ &&
87
+ ((int) ini_get('mbstring.func_overload')) & MB_OVERLOAD_STRING
88
+ ) {
89
+ /**
90
+ * substr() implementation that isn't brittle to mbstring.func_overload
91
+ *
92
+ * This version uses mb_substr() in '8bit' mode to treat strings as raw
93
+ * binary rather than UTF-8, ISO-8859-1, etc
94
+ *
95
+ * @param string $binary_string
96
+ * @param int $start
97
+ * @param int|null $length (optional)
98
+ *
99
+ * @throws TypeError
100
+ *
101
+ * @return string
102
+ */
103
+ function RandomCompat_substr($binary_string, $start, $length = null)
104
+ {
105
+ if (!is_string($binary_string)) {
106
+ throw new TypeError(
107
+ 'RandomCompat_substr(): First argument should be a string'
108
+ );
109
+ }
110
+
111
+ if (!is_int($start)) {
112
+ throw new TypeError(
113
+ 'RandomCompat_substr(): Second argument should be an integer'
114
+ );
115
+ }
116
+
117
+ if ($length === null) {
118
+ /**
119
+ * mb_substr($str, 0, NULL, '8bit') returns an empty string on
120
+ * PHP 5.3, so we have to find the length ourselves.
121
+ */
122
+ /** @var int $length */
123
+ $length = RandomCompat_strlen($binary_string) - $start;
124
+ } elseif (!is_int($length)) {
125
+ throw new TypeError(
126
+ 'RandomCompat_substr(): Third argument should be an integer, or omitted'
127
+ );
128
+ }
129
+
130
+ // Consistency with PHP's behavior
131
+ if ($start === RandomCompat_strlen($binary_string) && $length === 0) {
132
+ return '';
133
+ }
134
+ if ($start > RandomCompat_strlen($binary_string)) {
135
+ return '';
136
+ }
137
+
138
+ return (string) mb_substr(
139
+ (string) $binary_string,
140
+ (int) $start,
141
+ (int) $length,
142
+ '8bit'
143
+ );
144
+ }
145
+
146
+ } else {
147
+
148
+ /**
149
+ * substr() implementation that isn't brittle to mbstring.func_overload
150
+ *
151
+ * This version just uses the default substr()
152
+ *
153
+ * @param string $binary_string
154
+ * @param int $start
155
+ * @param int|null $length (optional)
156
+ *
157
+ * @throws TypeError
158
+ *
159
+ * @return string
160
+ */
161
+ function RandomCompat_substr($binary_string, $start, $length = null)
162
+ {
163
+ if (!is_string($binary_string)) {
164
+ throw new TypeError(
165
+ 'RandomCompat_substr(): First argument should be a string'
166
+ );
167
+ }
168
+
169
+ if (!is_int($start)) {
170
+ throw new TypeError(
171
+ 'RandomCompat_substr(): Second argument should be an integer'
172
+ );
173
+ }
174
+
175
+ if ($length !== null) {
176
+ if (!is_int($length)) {
177
+ throw new TypeError(
178
+ 'RandomCompat_substr(): Third argument should be an integer, or omitted'
179
+ );
180
+ }
181
+
182
+ return (string) substr(
183
+ (string )$binary_string,
184
+ (int) $start,
185
+ (int) $length
186
+ );
187
+ }
188
+
189
+ return (string) substr(
190
+ (string) $binary_string,
191
+ (int) $start
192
+ );
193
+ }
194
+ }
195
+ }
crypto/vendor/paragonie/random_compat/lib/cast_to_int.php ADDED
@@ -0,0 +1,77 @@
1
+ <?php
2
+ /**
3
+ * Random_* Compatibility Library
4
+ * for using the new PHP 7 random_* API in PHP 5 projects
5
+ *
6
+ * The MIT License (MIT)
7
+ *
8
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
9
+ *
10
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ * of this software and associated documentation files (the "Software"), to deal
12
+ * in the Software without restriction, including without limitation the rights
13
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ * copies of the Software, and to permit persons to whom the Software is
15
+ * furnished to do so, subject to the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be included in
18
+ * all copies or substantial portions of the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ * SOFTWARE.
27
+ */
28
+
29
+ if (!is_callable('RandomCompat_intval')) {
30
+
31
+ /**
32
+ * Cast to an integer if we can, safely.
33
+ *
34
+ * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX)
35
+ * (non-inclusive), it will sanely cast it to an int. If you it's equal to
36
+ * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats
37
+ * lose precision, so the <= and => operators might accidentally let a float
38
+ * through.
39
+ *
40
+ * @param int|float $number The number we want to convert to an int
41
+ * @param bool $fail_open Set to true to not throw an exception
42
+ *
43
+ * @return float|int
44
+ * @psalm-suppress InvalidReturnType
45
+ *
46
+ * @throws TypeError
47
+ */
48
+ function RandomCompat_intval($number, $fail_open = false)
49
+ {
50
+ if (is_int($number) || is_float($number)) {
51
+ $number += 0;
52
+ } elseif (is_numeric($number)) {
53
+ /** @psalm-suppress InvalidOperand */
54
+ $number += 0;
55
+ }
56
+ /** @var int|float $number */
57
+
58
+ if (
59
+ is_float($number)
60
+ &&
61
+ $number > ~PHP_INT_MAX
62
+ &&
63
+ $number < PHP_INT_MAX
64
+ ) {
65
+ $number = (int) $number;
66
+ }
67
+
68
+ if (is_int($number)) {
69
+ return (int) $number;
70
+ } elseif (!$fail_open) {
71
+ throw new TypeError(
72
+ 'Expected an integer.'
73
+ );
74
+ }
75
+ return $number;
76
+ }
77
+ }
vendor/paragonie/random_compat/lib/random.php → crypto/vendor/paragonie/random_compat/lib/error_polyfill.php RENAMED
@@ -3,9 +3,6 @@
3
* Random_* Compatibility Library
4
* for using the new PHP 7 random_* API in PHP 5 projects
5
*
6
- * @version 2.99.99
7
- * @released 2018-06-06
8
- *
9
* The MIT License (MIT)
10
*
11
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
@@ -16,10 +13,10 @@
16
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
17
* copies of the Software, and to permit persons to whom the Software is
18
* furnished to do so, subject to the following conditions:
19
- *
20
* The above copyright notice and this permission notice shall be included in
21
* all copies or substantial portions of the Software.
22
- *
23
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
24
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
25
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
@@ -29,4 +26,24 @@
29
* SOFTWARE.
30
*/
31
32
- // NOP
3
* Random_* Compatibility Library
4
* for using the new PHP 7 random_* API in PHP 5 projects
5
*
6
* The MIT License (MIT)
7
*
8
* Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
13
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
* copies of the Software, and to permit persons to whom the Software is
15
* furnished to do so, subject to the following conditions:
16
+ *
17
* The above copyright notice and this permission notice shall be included in
18
* all copies or substantial portions of the Software.
19
+ *
20
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
26
* SOFTWARE.
27
*/
28
29
+ if (!class_exists('Error', false)) {
30
+ // We can't really avoid making this extend Exception in PHP 5.
31
+ class Error extends Exception
32
+ {
33
+
34
+ }
35
+ }
36
+
37
+ if (!class_exists('TypeError', false)) {
38
+ if (is_subclass_of('Error', 'Exception')) {
39
+ class TypeError extends Error
40
+ {
41
+
42
+ }
43
+ } else {
44
+ class TypeError extends Exception
45
+ {
46
+
47
+ }
48
+ }
49
+ }
crypto/vendor/paragonie/random_compat/lib/random.php ADDED
@@ -0,0 +1,225 @@
1
+ <?php
2
+ /**
3
+ * Random_* Compatibility Library
4
+ * for using the new PHP 7 random_* API in PHP 5 projects
5
+ *
6
+ * @version 2.0.17
7
+ * @released 2018-07-04
8
+ *
9
+ * The MIT License (MIT)
10
+ *
11
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
12
+ *
13
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
14
+ * of this software and associated documentation files (the "Software"), to deal
15
+ * in the Software without restriction, including without limitation the rights
16
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
17
+ * copies of the Software, and to permit persons to whom the Software is
18
+ * furnished to do so, subject to the following conditions:
19
+ *
20
+ * The above copyright notice and this permission notice shall be included in
21
+ * all copies or substantial portions of the Software.
22
+ *
23
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
24
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
25
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
26
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
27
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
28
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
29
+ * SOFTWARE.
30
+ */
31
+
32
+ if (!defined('PHP_VERSION_ID')) {
33
+ // This constant was introduced in PHP 5.2.7
34
+ $RandomCompatversion = array_map('intval', explode('.', PHP_VERSION));
35
+ define(
36
+ 'PHP_VERSION_ID',
37
+ $RandomCompatversion[0] * 10000
38
+ + $RandomCompatversion[1] * 100
39
+ + $RandomCompatversion[2]
40
+ );
41
+ $RandomCompatversion = null;
42
+ }
43
+
44
+ /**
45
+ * PHP 7.0.0 and newer have these functions natively.
46
+ */
47
+ if (PHP_VERSION_ID >= 70000) {
48
+ return;
49
+ }
50
+
51
+ if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
52
+ define('RANDOM_COMPAT_READ_BUFFER', 8);
53
+ }
54
+
55
+ $RandomCompatDIR = dirname(__FILE__);
56
+
57
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'byte_safe_strings.php';
58
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'cast_to_int.php';
59
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'error_polyfill.php';
60
+
61
+ if (!is_callable('random_bytes')) {
62
+ /**
63
+ * PHP 5.2.0 - 5.6.x way to implement random_bytes()
64
+ *
65
+ * We use conditional statements here to define the function in accordance
66
+ * to the operating environment. It's a micro-optimization.
67
+ *
68
+ * In order of preference:
69
+ * 1. Use libsodium if available.
70
+ * 2. fread() /dev/urandom if available (never on Windows)
71
+ * 3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
72
+ * 4. COM('CAPICOM.Utilities.1')->GetRandom()
73
+ *
74
+ * See RATIONALE.md for our reasoning behind this particular order
75
+ */
76
+ if (extension_loaded('libsodium')) {
77
+ // See random_bytes_libsodium.php
78
+ if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
79
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_libsodium.php';
80
+ } elseif (method_exists('Sodium', 'randombytes_buf')) {
81
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_libsodium_legacy.php';
82
+ }
83
+ }
84
+
85
+ /**
86
+ * Reading directly from /dev/urandom:
87
+ */
88
+ if (DIRECTORY_SEPARATOR === '/') {
89
+ // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
90
+ // way to exclude Windows.
91
+ $RandomCompatUrandom = true;
92
+ $RandomCompat_basedir = ini_get('open_basedir');
93
+
94
+ if (!empty($RandomCompat_basedir)) {
95
+ $RandomCompat_open_basedir = explode(
96
+ PATH_SEPARATOR,
97
+ strtolower($RandomCompat_basedir)
98
+ );
99
+ $RandomCompatUrandom = (array() !== array_intersect(
100
+ array('/dev', '/dev/', '/dev/urandom'),
101
+ $RandomCompat_open_basedir
102
+ ));
103
+ $RandomCompat_open_basedir = null;
104
+ }
105
+
106
+ if (
107
+ !is_callable('random_bytes')
108
+ &&
109
+ $RandomCompatUrandom
110
+ &&
111
+ @is_readable('/dev/urandom')
112
+ ) {
113
+ // Error suppression on is_readable() in case of an open_basedir
114
+ // or safe_mode failure. All we care about is whether or not we
115
+ // can read it at this point. If the PHP environment is going to
116
+ // panic over trying to see if the file can be read in the first
117
+ // place, that is not helpful to us here.
118
+
119
+ // See random_bytes_dev_urandom.php
120
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_dev_urandom.php';
121
+ }
122
+ // Unset variables after use
123
+ $RandomCompat_basedir = null;
124
+ } else {
125
+ $RandomCompatUrandom = false;
126
+ }
127
+
128
+ /**
129
+ * mcrypt_create_iv()
130
+ *
131
+ * We only want to use mcypt_create_iv() if:
132
+ *
133
+ * - random_bytes() hasn't already been defined
134
+ * - the mcrypt extensions is loaded
135
+ * - One of these two conditions is true:
136
+ * - We're on Windows (DIRECTORY_SEPARATOR !== '/')
137
+ * - We're not on Windows and /dev/urandom is readabale
138
+ * (i.e. we're not in a chroot jail)
139
+ * - Special case:
140
+ * - If we're not on Windows, but the PHP version is between
141
+ * 5.6.10 and 5.6.12, we don't want to use mcrypt. It will
142
+ * hang indefinitely. This is bad.
143
+ * - If we're on Windows, we want to use PHP >= 5.3.7 or else
144
+ * we get insufficient entropy errors.
145
+ */
146
+ if (
147
+ !is_callable('random_bytes')
148
+ &&
149
+ // Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be.
150
+ (DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307)
151
+ &&
152
+ // Prevent this code from hanging indefinitely on non-Windows;
153
+ // see https://bugs.php.net/bug.php?id=69833
154
+ (
155
+ DIRECTORY_SEPARATOR !== '/' ||
156
+ (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
157
+ )
158
+ &&
159
+ extension_loaded('mcrypt')
160
+ ) {
161
+ // See random_bytes_mcrypt.php
162
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_mcrypt.php';
163
+ }
164
+ $RandomCompatUrandom = null;
165
+
166
+ /**
167
+ * This is a Windows-specific fallback, for when the mcrypt extension
168
+ * isn't loaded.
169
+ */
170
+ if (
171
+ !is_callable('random_bytes')
172
+ &&
173
+ extension_loaded('com_dotnet')
174
+ &&
175
+ class_exists('COM')
176
+ ) {
177
+ $RandomCompat_disabled_classes = preg_split(
178
+ '#\s*,\s*#',
179
+ strtolower(ini_get('disable_classes'))
180
+ );
181
+
182
+ if (!in_array('com', $RandomCompat_disabled_classes)) {
183
+ try {
184
+ $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
185
+ if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
186
+ // See random_bytes_com_dotnet.php
187
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_com_dotnet.php';
188
+ }
189
+ } catch (com_exception $e) {
190
+ // Don't try to use it.
191
+ }
192
+ }
193
+ $RandomCompat_disabled_classes = null;
194
+ $RandomCompatCOMtest = null;
195
+ }
196
+
197
+ /**
198
+ * throw new Exception
199
+ */
200
+ if (!is_callable('random_bytes')) {
201
+ /**
202
+ * We don't have any more options, so let's throw an exception right now
203
+ * and hope the developer won't let it fail silently.
204
+ *
205
+ * @param mixed $length
206
+ * @psalm-suppress InvalidReturnType
207
+ * @throws Exception
208
+ * @return string
209
+ */
210
+ function random_bytes($length)
211
+ {
212
+ unset($length); // Suppress "variable not used" warnings.
213
+ throw new Exception(
214
+ 'There is no suitable CSPRNG installed on your system'
215
+ );
216
+ return '';
217
+ }
218
+ }
219
+ }
220
+
221
+ if (!is_callable('random_int')) {
222
+ require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_int.php';
223
+ }
224
+
225
+ $RandomCompatDIR = null;
crypto/vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php ADDED
@@ -0,0 +1,91 @@
1
+ <?php
2
+ /**
3
+ * Random_* Compatibility Library
4
+ * for using the new PHP 7 random_* API in PHP 5 projects
5
+ *
6
+ * The MIT License (MIT)
7
+ *
8
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
9
+ *
10
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ * of this software and associated documentation files (the "Software"), to deal
12
+ * in the Software without restriction, including without limitation the rights
13
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ * copies of the Software, and to permit persons to whom the Software is
15
+ * furnished to do so, subject to the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be included in
18
+ * all copies or substantial portions of the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ * SOFTWARE.
27
+ */
28
+
29
+ if (!is_callable('random_bytes')) {
30
+ /**
31
+ * Windows with PHP < 5.3.0 will not have the function
32
+ * openssl_random_pseudo_bytes() available, so let's use
33
+ * CAPICOM to work around this deficiency.
34
+ *
35
+ * @param int $bytes
36
+ *
37
+ * @throws Exception
38
+ *
39
+ * @return string
40
+ */
41
+ function random_bytes($bytes)
42
+ {
43
+ try {
44
+ /** @var int $bytes */
45
+ $bytes = RandomCompat_intval($bytes);
46
+ } catch (TypeError $ex) {
47
+ throw new TypeError(
48
+ 'random_bytes(): $bytes must be an integer'
49
+ );
50
+ }
51
+
52
+ if ($bytes < 1) {
53
+ throw new Error(
54
+ 'Length must be greater than 0'
55
+ );
56
+ }
57
+
58
+ /** @var string $buf */
59
+ $buf = '';
60
+ if (!class_exists('COM')) {
61
+ throw new Error(
62
+ 'COM does not exist'
63
+ );
64
+ }
65
+ /** @var COM $util */
66
+ $util = new COM('CAPICOM.Utilities.1');
67
+ $execCount = 0;
68
+
69
+ /**
70
+ * Let's not let it loop forever. If we run N times and fail to
71
+ * get N bytes of random data, then CAPICOM has failed us.
72
+ */
73
+ do {
74
+ $buf .= base64_decode((string) $util->GetRandom($bytes, 0));
75
+ if (RandomCompat_strlen($buf) >= $bytes) {
76
+ /**
77
+ * Return our random entropy buffer here:
78
+ */
79
+ return (string) RandomCompat_substr($buf, 0, $bytes);
80
+ }
81
+ ++$execCount;
82
+ } while ($execCount < $bytes);
83
+
84
+ /**
85
+ * If we reach here, PHP has failed us.
86
+ */
87
+ throw new Exception(
88
+ 'Could not gather sufficient random data'
89
+ );
90
+ }
91
+ }
crypto/vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php ADDED
@@ -0,0 +1,190 @@
1
+ <?php
2
+ /**
3
+ * Random_* Compatibility Library
4
+ * for using the new PHP 7 random_* API in PHP 5 projects
5
+ *
6
+ * The MIT License (MIT)
7
+ *
8
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
9
+ *
10
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ * of this software and associated documentation files (the "Software"), to deal
12
+ * in the Software without restriction, including without limitation the rights
13
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ * copies of the Software, and to permit persons to whom the Software is
15
+ * furnished to do so, subject to the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be included in
18
+ * all copies or substantial portions of the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ * SOFTWARE.
27
+ */
28
+
29
+ if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
30
+ define('RANDOM_COMPAT_READ_BUFFER', 8);
31
+ }
32
+
33
+ if (!is_callable('random_bytes')) {
34
+ /**
35
+ * Unless open_basedir is enabled, use /dev/urandom for
36
+ * random numbers in accordance with best practices
37
+ *
38
+ * Why we use /dev/urandom and not /dev/random
39
+ * @ref https://www.2uo.de/myths-about-urandom
40
+ * @ref http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers
41
+ *
42
+ * @param int $bytes
43
+ *
44
+ * @throws Exception
45
+ *
46
+ * @return string
47
+ */
48
+ function random_bytes($bytes)
49
+ {
50
+ /** @var resource $fp */
51
+ static $fp = null;
52
+
53
+ /**
54
+ * This block should only be run once
55
+ */
56
+ if (empty($fp)) {
57
+ /**
58
+ * We don't want to ever read C:\dev\random, only /dev/urandom on
59
+ * Unix-like operating systems. While we guard against this
60
+ * condition in random.php, it doesn't hurt to be defensive in depth
61
+ * here.
62
+ *
63
+ * To that end, we only try to open /dev/urandom if we're on a Unix-
64
+ * like operating system (which means the directory separator is set
65
+ * to "/" not "\".
66
+ */
67
+ if (DIRECTORY_SEPARATOR === '/') {
68
+ if (!is_readable('/dev/urandom')) {
69
+ throw new Exception(
70
+ 'Environment misconfiguration: ' .
71
+ '/dev/urandom cannot be read.'
72
+ );
73
+ }
74
+ /**
75
+ * We use /dev/urandom if it is a char device.
76
+ * We never fall back to /dev/random
77
+ */
78
+ /** @var resource|bool $fp */
79
+ $fp = fopen('/dev/urandom', 'rb');
80
+ if (is_resource($fp)) {
81
+ /** @var array<string, int> $st */
82
+ $st = fstat($fp);
83
+ if (($st['mode'] & 0170000) !== 020000) {
84
+ fclose($fp);
85
+ $fp = false;
86
+ }
87
+ }
88
+ }
89
+
90
+ if (is_resource($fp)) {
91
+ /**
92
+ * stream_set_read_buffer() does not exist in HHVM
93
+ *
94
+ * If we don't set the stream's read buffer to 0, PHP will
95
+ * internally buffer 8192 bytes, which can waste entropy
96
+ *
97
+ * stream_set_read_buffer returns 0 on success
98
+ */
99
+ if (is_callable('stream_set_read_buffer')) {
100
+ stream_set_read_buffer($fp, RANDOM_COMPAT_READ_BUFFER);
101
+ }
102
+ if (is_callable('stream_set_chunk_size')) {
103
+ stream_set_chunk_size($fp, RANDOM_COMPAT_READ_BUFFER);
104
+ }
105
+ }
106
+ }
107
+
108
+ try {
109
+ /** @var int $bytes */
110
+ $bytes = RandomCompat_intval($bytes);
111
+ } catch (TypeError $ex) {
112
+ throw new TypeError(
113
+ 'random_bytes(): $bytes must be an integer'
114
+ );
115
+ }
116
+
117
+ if ($bytes < 1) {
118
+ throw new Error(
119
+ 'Length must be greater than 0'
120
+ );
121
+ }
122
+
123
+ /**
124
+ * This if() block only runs if we managed to open a file handle
125
+ *
126
+ * It does not belong in an else {} block, because the above
127
+ * if (empty($fp)) line is logic that should only be run once per
128
+ * page load.
129
+ */
130
+ if (is_resource($fp)) {
131
+ /**
132
+ * @var int
133
+ */
134
+ $remaining = $bytes;
135
+
136
+ /**
137
+ * @var string|bool
138
+ */
139
+ $buf = '';
140
+
141
+ /**
142
+ * We use fread() in a loop to protect against partial reads
143
+ */
144
+ do {
145
+ /**
146
+ * @var string|bool
147
+ */
148
+ $read = fread($fp, $remaining);
149
+ if (!is_string($read)) {
150
+ /**
151
+ * We cannot safely read from the file. Exit the
152
+ * do-while loop and trigger the exception condition
153
+ *
154
+ * @var string|bool
155
+ */
156
+ $buf = false;
157
+ break;
158
+ }
159
+ /**
160
+ * Decrease the number of bytes returned from remaining
161
+ */
162
+ $remaining -= RandomCompat_strlen($read);
163
+ /**
164
+ * @var string $buf
165
+ */
166
+ $buf .= $read;
167
+ } while ($remaining > 0);
168
+
169
+ /**
170
+ * Is our result valid?
171
+ * @var string|bool $buf
172
+ */
173
+ if (is_string($buf)) {
174
+ if (RandomCompat_strlen($buf) === $bytes) {
175
+ /**
176
+ * Return our random entropy buffer here:
177
+ */
178
+ return $buf;
179
+ }
180
+ }
181
+ }
182
+
183
+ /**
184
+ * If we reach here, PHP has failed us.
185
+ */
186
+ throw new Exception(
187
+ 'Error reading from source device'
188
+ );
189
+ }
190
+ }
crypto/vendor/paragonie/random_compat/lib/random_bytes_libsodium.php ADDED
@@ -0,0 +1,91 @@
1
+ <?php
2
+ /**
3
+ * Random_* Compatibility Library
4
+ * for using the new PHP 7 random_* API in PHP 5 projects
5
+ *
6
+ * The MIT License (MIT)
7
+ *
8
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
9
+ *
10
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ * of this software and associated documentation files (the "Software"), to deal
12
+ * in the Software without restriction, including without limitation the rights
13
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ * copies of the Software, and to permit persons to whom the Software is
15
+ * furnished to do so, subject to the following conditions:
16
+ *
17
+ * The above copyright notice and this permission notice shall be included in
18
+ * all copies or substantial portions of the Software.
19
+ *
20
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ * SOFTWARE.
27
+ */
28
+
29
+ if (!is_callable('random_bytes')) {
30
+ /**
31
+ * If the libsodium PHP extension is loaded, we'll use it above any other
32
+ * solution.
33
+ *
34
+ * libsodium-php project:
35
+ * @ref https://github.com/jedisct1/libsodium-php
36
+ *
37
+ * @param int $bytes
38
+ *
39
+ * @throws Exception
40
+ *
41
+ * @return string
42
+ */
43
+ function random_bytes($bytes)
44
+ {
45
+ try {
46
+ /** @var int $bytes */
47
+ $bytes = RandomCompat_intval($bytes);
48
+ } catch (TypeError $ex) {
49
+ throw new TypeError(
50
+ 'random_bytes(): $bytes must be an integer'
51
+ );
52
+ }
53
+
54
+ if ($bytes < 1) {
55
+ throw new Error(
56
+ 'Length must be greater than 0'
57
+ );
58
+ }
59
+
60
+ /**
61
+ * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be
62
+ * generated in one invocation.
63
+ */
64
+ /** @var string|bool $buf */
65
+ if ($bytes > 2147483647) {
66
+ $buf = '';
67
+ for ($i = 0; $i < $bytes; $i += 1073741824) {
68
+ $n = ($bytes - $i) > 1073741824
69
+ ? 1073741824
70
+ : $bytes - $i;
71
+ $buf .= \Sodium\randombytes_buf($n);
72
+ }
73
+ } else {
74
+ /** @var string|bool $buf */
75
+ $buf = \Sodium\randombytes_buf($bytes);
76
+ }
77
+
78
+ if (is_string($buf)) {
79
+ if (RandomCompat_strlen($buf) === $bytes) {
80
+ return $buf;
81
+ }
82
+ }
83
+
84
+ /**
85
+ * If we reach here, PHP has failed us.
86
+ */
87
+ throw new Exception(
88
+ 'Could not gather sufficient random data'
89
+ );
90
+ }
91
+ }
crypto/vendor/paragonie/random_c