Update phpseclib

This commit is contained in:
RainLoop Team 2019-03-28 01:51:23 +03:00
parent 909cd45769
commit 71ac99f517
26 changed files with 35671 additions and 32243 deletions

View file

@ -61,7 +61,10 @@ class Utils
if (!\class_exists('Crypt_RSA', false)) if (!\class_exists('Crypt_RSA', false))
{ {
include_once 'Crypt/RSA.php'; include_once 'Crypt/RSA.php';
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL); if (!\defined('CRYPT_RSA_MODE') && \defined('CRYPT_RSA_MODE_INTERNAL'))
{
\define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
}
} }
if (\class_exists('Crypt_RSA')) if (\class_exists('Crypt_RSA'))

404
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/AES.php Normal file → Executable file
View file

@ -1,207 +1,197 @@
<?php <?php
/** /**
* Pure-PHP implementation of AES. * Pure-PHP implementation of AES.
* *
* Uses mcrypt, if available/possible, and an internal implementation, otherwise. * Uses mcrypt, if available/possible, and an internal implementation, otherwise.
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* If {@link Crypt_AES::setKeyLength() setKeyLength()} isn't called, it'll be calculated from * NOTE: Since AES.php is (for compatibility and phpseclib-historical reasons) virtually
* {@link Crypt_AES::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits * just a wrapper to Rijndael.php you may consider using Rijndael.php instead of
* it'll be null-padded to 192-bits and 192 bits will be the key length until {@link Crypt_AES::setKey() setKey()} * to save one include_once().
* is called, again, at which point, it'll be recalculated. *
* * If {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't * {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
* make a whole lot of sense. {@link Crypt_AES::setBlockLength() setBlockLength()}, for instance. Calling that function, * it'll be null-padded to 192-bits and 192 bits will be the key length until {@link self::setKey() setKey()}
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one). * is called, again, at which point, it'll be recalculated.
* *
* Here's a short example of how to use this library: * Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
* <code> * make a whole lot of sense. {@link self::setBlockLength() setBlockLength()}, for instance. Calling that function,
* <?php * however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
* include 'Crypt/AES.php'; *
* * Here's a short example of how to use this library:
* $aes = new Crypt_AES(); * <code>
* * <?php
* $aes->setKey('abcdefghijklmnop'); * include 'Crypt/AES.php';
* *
* $size = 10 * 1024; * $aes = new Crypt_AES();
* $plaintext = ''; *
* for ($i = 0; $i < $size; $i++) { * $aes->setKey('abcdefghijklmnop');
* $plaintext.= 'a'; *
* } * $size = 10 * 1024;
* * $plaintext = '';
* echo $aes->decrypt($aes->encrypt($plaintext)); * for ($i = 0; $i < $size; $i++) {
* ?> * $plaintext.= 'a';
* </code> * }
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * echo $aes->decrypt($aes->encrypt($plaintext));
* of this software and associated documentation files (the "Software"), to deal * ?>
* in the Software without restriction, including without limitation the rights * </code>
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell *
* copies of the Software, and to permit persons to whom the Software is * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* furnished to do so, subject to the following conditions: * of this software and associated documentation files (the "Software"), to deal
* * in the Software without restriction, including without limitation the rights
* The above copyright notice and this permission notice shall be included in * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* all copies or substantial portions of the Software. * copies of the Software, and to permit persons to whom the Software is
* * furnished to do so, subject to the following conditions:
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR *
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * The above copyright notice and this permission notice shall be included in
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * all copies or substantial portions of the Software.
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER *
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* THE SOFTWARE. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* @category Crypt * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* @package Crypt_AES * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* @author Jim Wigginton <terrafrost@php.net> * THE SOFTWARE.
* @copyright 2008 Jim Wigginton *
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @category Crypt
* @link http://phpseclib.sourceforge.net * @package Crypt_AES
*/ * @author Jim Wigginton <terrafrost@php.net>
* @copyright 2008 Jim Wigginton
/** * @license http://www.opensource.org/licenses/mit-license.html MIT License
* Include Crypt_Rijndael * @link http://phpseclib.sourceforge.net
*/ */
if (!class_exists('Crypt_Rijndael')) {
include_once 'Rijndael.php'; /**
} * Include Crypt_Rijndael
*/
/**#@+ if (!class_exists('Crypt_Rijndael')) {
* @access public include_once 'Rijndael.php';
* @see Crypt_AES::encrypt() }
* @see Crypt_AES::decrypt()
*/ /**#@+
/** * @access public
* Encrypt / decrypt using the Counter mode. * @see self::encrypt()
* * @see self::decrypt()
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. */
* /**
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 * Encrypt / decrypt using the Counter mode.
*/ *
define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR); * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
/** *
* Encrypt / decrypt using the Electronic Code Book mode. * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
* */
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR);
*/ /**
define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB); * Encrypt / decrypt using the Electronic Code Book mode.
/** *
* Encrypt / decrypt using the Code Book Chaining mode. * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
* */
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB);
*/ /**
define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC); * Encrypt / decrypt using the Code Book Chaining mode.
/** *
* Encrypt / decrypt using the Cipher Feedback mode. * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
* */
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC);
*/ /**
define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB); * Encrypt / decrypt using the Cipher Feedback mode.
/** *
* Encrypt / decrypt using the Cipher Feedback mode. * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
* */
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB);
*/ /**
define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB); * Encrypt / decrypt using the Cipher Feedback mode.
/**#@-*/ *
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
/**#@+ */
* @access private define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB);
* @see Crypt_Base::Crypt_Base() /**#@-*/
*/
/** /**
* Toggles the internal implementation * Pure-PHP implementation of AES.
*/ *
define('CRYPT_AES_MODE_INTERNAL', CRYPT_MODE_INTERNAL); * @package Crypt_AES
/** * @author Jim Wigginton <terrafrost@php.net>
* Toggles the mcrypt implementation * @access public
*/ */
define('CRYPT_AES_MODE_MCRYPT', CRYPT_MODE_MCRYPT); class Crypt_AES extends Crypt_Rijndael
/**#@-*/ {
/**
/** * The namespace used by the cipher for its constants.
* Pure-PHP implementation of AES. *
* * @see Crypt_Base::const_namespace
* @package Crypt_AES * @var string
* @author Jim Wigginton <terrafrost@php.net> * @access private
* @access public */
*/ var $const_namespace = 'AES';
class Crypt_AES extends Crypt_Rijndael
{ /**
/** * Dummy function
* The namespace used by the cipher for its constants. *
* * Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
* @see Crypt_Base::const_namespace *
* @var String * @see Crypt_Rijndael::setBlockLength()
* @access private * @access public
*/ * @param int $length
var $const_namespace = 'AES'; */
function setBlockLength($length)
/** {
* Dummy function return;
* }
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
* /**
* @see Crypt_Rijndael::setBlockLength() * Sets the key length
* @access public *
* @param Integer $length * Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
*/ * 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
function setBlockLength($length) *
{ * @see Crypt_Rijndael:setKeyLength()
return; * @access public
} * @param int $length
*/
/** function setKeyLength($length)
* Sets the key length {
* switch ($length) {
* Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to case 160:
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount. $length = 192;
* break;
* @see Crypt_Rijndael:setKeyLength() case 224:
* @access public $length = 256;
* @param Integer $length }
*/ parent::setKeyLength($length);
function setKeyLength($length) }
{
switch ($length) { /**
case 160: * Sets the key.
$length = 192; *
break; * Rijndael supports five different key lengths, AES only supports three.
case 224: *
$length = 256; * @see Crypt_Rijndael:setKey()
} * @see setKeyLength()
parent::setKeyLength($length); * @access public
} * @param string $key
*/
/** function setKey($key)
* Sets the key. {
* parent::setKey($key);
* Rijndael supports five different key lengths, AES only supports three.
* if (!$this->explicit_key_length) {
* @see Crypt_Rijndael:setKey() $length = strlen($key);
* @see setKeyLength() switch (true) {
* @access public case $length <= 16:
* @param String $key $this->key_length = 16;
*/ break;
function setKey($key) case $length <= 24:
{ $this->key_length = 24;
parent::setKey($key); break;
default:
if (!$this->explicit_key_length) { $this->key_length = 32;
$length = strlen($key); }
switch (true) { $this->_setEngine();
case $length <= 16: }
$this->key_size = 16; }
break; }
case $length <= 24:
$this->key_size = 24;
break;
default:
$this->key_size = 32;
}
$this->_setupEngine();
}
}
}

4671
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Base.php Normal file → Executable file

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

3022
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/DES.php Normal file → Executable file

File diff suppressed because it is too large Load diff

1770
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Hash.php Normal file → Executable file

File diff suppressed because it is too large Load diff

1413
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC2.php Normal file → Executable file

File diff suppressed because it is too large Load diff

695
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC4.php Normal file → Executable file
View file

@ -1,329 +1,366 @@
<?php <?php
/** /**
* Pure-PHP implementation of RC4. * Pure-PHP implementation of RC4.
* *
* Uses mcrypt, if available, and an internal implementation, otherwise. * Uses mcrypt, if available, and an internal implementation, otherwise.
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* Useful resources are as follows: * Useful resources are as follows:
* *
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm} * - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4} * - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
* *
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not * RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification. * ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Crypt/RC4.php'; * include 'Crypt/RC4.php';
* *
* $rc4 = new Crypt_RC4(); * $rc4 = new Crypt_RC4();
* *
* $rc4->setKey('abcdefgh'); * $rc4->setKey('abcdefgh');
* *
* $size = 10 * 1024; * $size = 10 * 1024;
* $plaintext = ''; * $plaintext = '';
* for ($i = 0; $i < $size; $i++) { * for ($i = 0; $i < $size; $i++) {
* $plaintext.= 'a'; * $plaintext.= 'a';
* } * }
* *
* echo $rc4->decrypt($rc4->encrypt($plaintext)); * echo $rc4->decrypt($rc4->encrypt($plaintext));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights * in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in * The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. * all copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE. * THE SOFTWARE.
* *
* @category Crypt * @category Crypt
* @package Crypt_RC4 * @package Crypt_RC4
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @copyright 2007 Jim Wigginton * @copyright 2007 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
/** /**
* Include Crypt_Base * Include Crypt_Base
* *
* Base cipher class * Base cipher class
*/ */
if (!class_exists('Crypt_Base')) { if (!class_exists('Crypt_Base')) {
include_once 'Base.php'; include_once 'Base.php';
} }
/**#@+ /**#@+
* @access private * @access private
* @see Crypt_RC4::Crypt_RC4() * @see self::_crypt()
*/ */
/** define('CRYPT_RC4_ENCRYPT', 0);
* Toggles the internal implementation define('CRYPT_RC4_DECRYPT', 1);
*/ /**#@-*/
define('CRYPT_RC4_MODE_INTERNAL', CRYPT_MODE_INTERNAL);
/** /**
* Toggles the mcrypt implementation * Pure-PHP implementation of RC4.
*/ *
define('CRYPT_RC4_MODE_MCRYPT', CRYPT_MODE_MCRYPT); * @package Crypt_RC4
/**#@-*/ * @author Jim Wigginton <terrafrost@php.net>
* @access public
/**#@+ */
* @access private class Crypt_RC4 extends Crypt_Base
* @see Crypt_RC4::_crypt() {
*/ /**
define('CRYPT_RC4_ENCRYPT', 0); * Block Length of the cipher
define('CRYPT_RC4_DECRYPT', 1); *
/**#@-*/ * RC4 is a stream cipher
* so we the block_size to 0
/** *
* Pure-PHP implementation of RC4. * @see Crypt_Base::block_size
* * @var int
* @package Crypt_RC4 * @access private
* @author Jim Wigginton <terrafrost@php.net> */
* @access public var $block_size = 0;
*/
class Crypt_RC4 extends Crypt_Base /**
{ * Key Length (in bytes)
/** *
* Block Length of the cipher * @see Crypt_RC4::setKeyLength()
* * @var int
* RC4 is a stream cipher * @access private
* so we the block_size to 0 */
* var $key_length = 128; // = 1024 bits
* @see Crypt_Base::block_size
* @var Integer /**
* @access private * The namespace used by the cipher for its constants.
*/ *
var $block_size = 0; * @see Crypt_Base::const_namespace
* @var string
/** * @access private
* The default password key_size used by setPassword() */
* var $const_namespace = 'RC4';
* @see Crypt_Base::password_key_size
* @see Crypt_Base::setPassword() /**
* @var Integer * The mcrypt specific name of the cipher
* @access private *
*/ * @see Crypt_Base::cipher_name_mcrypt
var $password_key_size = 128; // = 1024 bits * @var string
* @access private
/** */
* The namespace used by the cipher for its constants. var $cipher_name_mcrypt = 'arcfour';
*
* @see Crypt_Base::const_namespace /**
* @var String * Holds whether performance-optimized $inline_crypt() can/should be used.
* @access private *
*/ * @see Crypt_Base::inline_crypt
var $const_namespace = 'RC4'; * @var mixed
* @access private
/** */
* The mcrypt specific name of the cipher var $use_inline_crypt = false; // currently not available
*
* @see Crypt_Base::cipher_name_mcrypt /**
* @var String * The Key
* @access private *
*/ * @see self::setKey()
var $cipher_name_mcrypt = 'arcfour'; * @var string
* @access private
/** */
* Holds whether performance-optimized $inline_crypt() can/should be used. var $key;
*
* @see Crypt_Base::inline_crypt /**
* @var mixed * The Key Stream for decryption and encryption
* @access private *
*/ * @see self::setKey()
var $use_inline_crypt = false; // currently not available * @var array
* @access private
/** */
* The Key var $stream;
*
* @see Crypt_RC4::setKey() /**
* @var String * Default Constructor.
* @access private *
*/ * Determines whether or not the mcrypt extension should be used.
var $key = "\0"; *
* @see Crypt_Base::Crypt_Base()
/** * @return Crypt_RC4
* The Key Stream for decryption and encryption * @access public
* */
* @see Crypt_RC4::setKey() function __construct()
* @var Array {
* @access private parent::__construct(CRYPT_MODE_STREAM);
*/ }
var $stream;
/**
/** * PHP4 compatible Default Constructor.
* Default Constructor. *
* * @see self::__construct()
* Determines whether or not the mcrypt extension should be used. * @access public
* */
* @see Crypt_Base::Crypt_Base() function Crypt_RC4()
* @return Crypt_RC4 {
* @access public $this->__construct();
*/ }
function Crypt_RC4()
{ /**
parent::Crypt_Base(CRYPT_MODE_STREAM); * Test for engine validity
} *
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine()
/** *
* Dummy function. * @see Crypt_Base::Crypt_Base()
* * @param int $engine
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1]. * @access public
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before * @return bool
* calling setKey(). */
* function isValidEngine($engine)
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol, {
* the IV's are relatively easy to predict, an attack described by if ($engine == CRYPT_ENGINE_OPENSSL) {
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir} if (version_compare(PHP_VERSION, '5.3.7') >= 0) {
* can be used to quickly guess at the rest of the key. The following links elaborate: $this->cipher_name_openssl = 'rc4-40';
* } else {
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009} switch (strlen($this->key)) {
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack} case 5:
* $this->cipher_name_openssl = 'rc4-40';
* @param String $iv break;
* @see Crypt_RC4::setKey() case 8:
* @access public $this->cipher_name_openssl = 'rc4-64';
*/ break;
function setIV($iv) case 16:
{ $this->cipher_name_openssl = 'rc4';
} break;
default:
/** return false;
* Sets the key. }
* }
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will }
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
* return parent::isValidEngine($engine);
* @access public }
* @see Crypt_Base::setKey()
* @param String $key /**
*/ * Dummy function.
function setKey($key) *
{ * Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
parent::setKey(substr($key, 0, 256)); * If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
} * calling setKey().
*
/** * [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
* Encrypts a message. * the IV's are relatively easy to predict, an attack described by
* * {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
* @see Crypt_Base::decrypt() * can be used to quickly guess at the rest of the key. The following links elaborate:
* @see Crypt_RC4::_crypt() *
* @access public * {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
* @param String $plaintext * {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
* @return String $ciphertext *
*/ * @param string $iv
function encrypt($plaintext) * @see self::setKey()
{ * @access public
if ($this->engine == CRYPT_MODE_MCRYPT) { */
return parent::encrypt($plaintext); function setIV($iv)
} {
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT); }
}
/**
/** * Sets the key length
* Decrypts a message. *
* * Keys can be between 1 and 256 bytes long.
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). *
* At least if the continuous buffer is disabled. * @access public
* * @param int $length
* @see Crypt_Base::encrypt() */
* @see Crypt_RC4::_crypt() function setKeyLength($length)
* @access public {
* @param String $ciphertext if ($length < 8) {
* @return String $plaintext $this->key_length = 1;
*/ } elseif ($length > 2048) {
function decrypt($ciphertext) $this->key_length = 256;
{ } else {
if ($this->engine == CRYPT_MODE_MCRYPT) { $this->key_length = $length >> 3;
return parent::decrypt($ciphertext); }
}
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT); parent::setKeyLength($length);
} }
/**
/** * Encrypts a message.
* Setup the key (expansion) *
* * @see Crypt_Base::decrypt()
* @see Crypt_Base::_setupKey() * @see self::_crypt()
* @access private * @access public
*/ * @param string $plaintext
function _setupKey() * @return string $ciphertext
{ */
$key = $this->key; function encrypt($plaintext)
$keyLength = strlen($key); {
$keyStream = range(0, 255); if ($this->engine != CRYPT_ENGINE_INTERNAL) {
$j = 0; return parent::encrypt($plaintext);
for ($i = 0; $i < 256; $i++) { }
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255; return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
$temp = $keyStream[$i]; }
$keyStream[$i] = $keyStream[$j];
$keyStream[$j] = $temp; /**
} * Decrypts a message.
*
$this->stream = array(); * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
$this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array( * At least if the continuous buffer is disabled.
0, // index $i *
0, // index $j * @see Crypt_Base::encrypt()
$keyStream * @see self::_crypt()
); * @access public
} * @param string $ciphertext
* @return string $plaintext
/** */
* Encrypts or decrypts a message. function decrypt($ciphertext)
* {
* @see Crypt_RC4::encrypt() if ($this->engine != CRYPT_ENGINE_INTERNAL) {
* @see Crypt_RC4::decrypt() return parent::decrypt($ciphertext);
* @access private }
* @param String $text return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
* @param Integer $mode }
* @return String $text
*/
function _crypt($text, $mode) /**
{ * Setup the key (expansion)
if ($this->changed) { *
$this->_setup(); * @see Crypt_Base::_setupKey()
$this->changed = false; * @access private
} */
function _setupKey()
$stream = &$this->stream[$mode]; {
if ($this->continuousBuffer) { $key = $this->key;
$i = &$stream[0]; $keyLength = strlen($key);
$j = &$stream[1]; $keyStream = range(0, 255);
$keyStream = &$stream[2]; $j = 0;
} else { for ($i = 0; $i < 256; $i++) {
$i = $stream[0]; $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
$j = $stream[1]; $temp = $keyStream[$i];
$keyStream = $stream[2]; $keyStream[$i] = $keyStream[$j];
} $keyStream[$j] = $temp;
}
$len = strlen($text);
for ($k = 0; $k < $len; ++$k) { $this->stream = array();
$i = ($i + 1) & 255; $this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array(
$ksi = $keyStream[$i]; 0, // index $i
$j = ($j + $ksi) & 255; 0, // index $j
$ksj = $keyStream[$j]; $keyStream
);
$keyStream[$i] = $ksj; }
$keyStream[$j] = $ksi;
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]); /**
} * Encrypts or decrypts a message.
*
return $text; * @see self::encrypt()
} * @see self::decrypt()
} * @access private
* @param string $text
* @param int $mode
* @return string $text
*/
function _crypt($text, $mode)
{
if ($this->changed) {
$this->_setup();
$this->changed = false;
}
$stream = &$this->stream[$mode];
if ($this->continuousBuffer) {
$i = &$stream[0];
$j = &$stream[1];
$keyStream = &$stream[2];
} else {
$i = $stream[0];
$j = $stream[1];
$keyStream = $stream[2];
}
$len = strlen($text);
for ($k = 0; $k < $len; ++$k) {
$i = ($i + 1) & 255;
$ksi = $keyStream[$i];
$j = ($j + $ksi) & 255;
$ksj = $keyStream[$j];
$keyStream[$i] = $ksj;
$keyStream[$j] = $ksi;
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
}
return $text;
}
}

6152
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RSA.php Normal file → Executable file

File diff suppressed because it is too large Load diff

638
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Random.php Normal file → Executable file
View file

@ -1,300 +1,338 @@
<?php <?php
/** /**
* Random Number Generator * Random Number Generator
* *
* The idea behind this function is that it can be easily replaced with your own crypt_random_string() * The idea behind this function is that it can be easily replaced with your own crypt_random_string()
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever. * function. eg. maybe you have a better source of entropy for creating the initial states or whatever.
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Crypt/Random.php'; * include 'Crypt/Random.php';
* *
* echo bin2hex(crypt_random_string(8)); * echo bin2hex(crypt_random_string(8));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights * in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in * The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. * all copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE. * THE SOFTWARE.
* *
* @category Crypt * @category Crypt
* @package Crypt_Random * @package Crypt_Random
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @copyright 2007 Jim Wigginton * @copyright 2007 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently, // laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently,
// have phpseclib as a requirement as well. if you're developing such a program you may encounter // have phpseclib as a requirement as well. if you're developing such a program you may encounter
// a "Cannot redeclare crypt_random_string()" error. // a "Cannot redeclare crypt_random_string()" error.
if (!function_exists('crypt_random_string')) { if (!function_exists('crypt_random_string')) {
/** /**
* "Is Windows" test * "Is Windows" test
* *
* @access private * @access private
*/ */
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN'); define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
/** /**
* Generate a random string. * Generate a random string.
* *
* Although microoptimizations are generally discouraged as they impair readability this function is ripe with * Although microoptimizations are generally discouraged as they impair readability this function is ripe with
* microoptimizations because this function has the potential of being called a huge number of times. * microoptimizations because this function has the potential of being called a huge number of times.
* eg. for RSA key generation. * eg. for RSA key generation.
* *
* @param Integer $length * @param int $length
* @return String * @return string
* @access public * @access public
*/ */
function crypt_random_string($length) function crypt_random_string($length)
{ {
if (CRYPT_RANDOM_IS_WINDOWS) { if (!$length) {
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call. return '';
// ie. class_alias is a function that was introduced in PHP 5.3 }
if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) {
return mcrypt_create_iv($length); if (CRYPT_RANDOM_IS_WINDOWS) {
} // method 1. prior to PHP 5.3, mcrypt_create_iv() would call rand() on windows
// method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was, if (extension_loaded('mcrypt') && version_compare(PHP_VERSION, '5.3.0', '>=')) {
// to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4 return @mcrypt_create_iv($length);
// openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both }
// call php_win32_get_random_bytes(): // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
// // to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008 // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392 // call php_win32_get_random_bytes():
// //
// php_win32_get_random_bytes() is defined thusly: // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
// // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80 //
// // php_win32_get_random_bytes() is defined thusly:
// we're calling it, all the same, in the off chance that the mcrypt extension is not available //
if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) { // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
return openssl_random_pseudo_bytes($length); //
} // we're calling it, all the same, in the off chance that the mcrypt extension is not available
} else { if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
// method 1. the fastest return openssl_random_pseudo_bytes($length);
if (function_exists('openssl_random_pseudo_bytes')) { }
return openssl_random_pseudo_bytes($length); } else {
} // method 1. the fastest
// method 2 if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.0', '>=')) {
static $fp = true; return openssl_random_pseudo_bytes($length);
if ($fp === true) { }
// warning's will be output unles the error suppression operator is used. errors such as // method 2
// "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc. static $fp = true;
$fp = @fopen('/dev/urandom', 'rb'); if ($fp === true) {
} // warning's will be output unles the error suppression operator is used. errors such as
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource() // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
return fread($fp, $length); $fp = @fopen('/dev/urandom', 'rb');
} }
// method 3. pretty much does the same thing as method 2 per the following url: if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391 return fread($fp, $length);
// surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're }
// not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir // method 3. pretty much does the same thing as method 2 per the following url:
// restrictions or some such // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
if (function_exists('mcrypt_create_iv')) { // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM); // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
} // restrictions or some such
} if (extension_loaded('mcrypt')) {
// at this point we have no choice but to use a pure-PHP CSPRNG return @mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
}
// cascade entropy across multiple PHP instances by fixing the session and collecting all }
// environmental variables, including the previous session data and the current session // at this point we have no choice but to use a pure-PHP CSPRNG
// data.
// // cascade entropy across multiple PHP instances by fixing the session and collecting all
// mt_rand seeds itself by looking at the PID and the time, both of which are (relatively) // environmental variables, including the previous session data and the current session
// easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but // data.
// PHP isn't low level to be able to use those as sources and on a web server there's not likely //
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
// however, a ton of people visiting the website. obviously you don't want to base your seeding // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled // PHP isn't low level to be able to use those as sources and on a web server there's not likely
// by the user and (2) this isn't just looking at the data sent by the current user - it's based // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
// on the data sent by all users. one user requests the page and a hash of their info is saved. // however, a ton of people visiting the website. obviously you don't want to base your seeding
// another user visits the page and the serialization of their data is utilized along with the // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
// server envirnment stuff and a hash of the previous http request data (which itself utilizes // by the user and (2) this isn't just looking at the data sent by the current user - it's based
// a hash of the session data before that). certainly an attacker should be assumed to have // on the data sent by all users. one user requests the page and a hash of their info is saved.
// full control over his own http requests. he, however, is not going to have control over // another user visits the page and the serialization of their data is utilized along with the
// everyone's http requests. // server envirnment stuff and a hash of the previous http request data (which itself utilizes
static $crypto = false, $v; // a hash of the session data before that). certainly an attacker should be assumed to have
if ($crypto === false) { // full control over his own http requests. he, however, is not going to have control over
// save old session data // everyone's http requests.
$old_session_id = session_id(); static $crypto = false, $v;
$old_use_cookies = ini_get('session.use_cookies'); if ($crypto === false) {
$old_session_cache_limiter = session_cache_limiter(); // save old session data
$_OLD_SESSION = isset($_SESSION) ? $_SESSION : false; $old_session_id = session_id();
if ($old_session_id != '') { $old_use_cookies = ini_get('session.use_cookies');
session_write_close(); $old_session_cache_limiter = session_cache_limiter();
} $_OLD_SESSION = isset($_SESSION) ? $_SESSION : false;
if ($old_session_id != '') {
session_id(1); session_write_close();
ini_set('session.use_cookies', 0); }
session_cache_limiter('');
session_start(); session_id(1);
ini_set('session.use_cookies', 0);
$v = $seed = $_SESSION['seed'] = pack('H*', sha1( session_cache_limiter('');
serialize($_SERVER) . session_start();
serialize($_POST) .
serialize($_GET) . $v = $seed = $_SESSION['seed'] = pack('H*', sha1(
serialize($_COOKIE) . (isset($_SERVER) ? phpseclib_safe_serialize($_SERVER) : '') .
serialize($GLOBALS) . (isset($_POST) ? phpseclib_safe_serialize($_POST) : '') .
serialize($_SESSION) . (isset($_GET) ? phpseclib_safe_serialize($_GET) : '') .
serialize($_OLD_SESSION) (isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') .
)); phpseclib_safe_serialize($GLOBALS) .
if (!isset($_SESSION['count'])) { phpseclib_safe_serialize($_SESSION) .
$_SESSION['count'] = 0; phpseclib_safe_serialize($_OLD_SESSION)
} ));
$_SESSION['count']++; if (!isset($_SESSION['count'])) {
$_SESSION['count'] = 0;
session_write_close(); }
$_SESSION['count']++;
// restore old session data
if ($old_session_id != '') { session_write_close();
session_id($old_session_id);
session_start(); // restore old session data
ini_set('session.use_cookies', $old_use_cookies); if ($old_session_id != '') {
session_cache_limiter($old_session_cache_limiter); session_id($old_session_id);
} else { session_start();
if ($_OLD_SESSION !== false) { ini_set('session.use_cookies', $old_use_cookies);
$_SESSION = $_OLD_SESSION; session_cache_limiter($old_session_cache_limiter);
unset($_OLD_SESSION); } else {
} else { if ($_OLD_SESSION !== false) {
unset($_SESSION); $_SESSION = $_OLD_SESSION;
} unset($_OLD_SESSION);
} } else {
unset($_SESSION);
// in SSH2 a shared secret and an exchange hash are generated through the key exchange process. }
// the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C. }
// if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
// original hash and the current hash. we'll be emulating that. for more info see the following URL: // in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
// // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
// http://tools.ietf.org/html/rfc4253#section-7.2 // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
// // original hash and the current hash. we'll be emulating that. for more info see the following URL:
// see the is_string($crypto) part for an example of how to expand the keys //
$key = pack('H*', sha1($seed . 'A')); // http://tools.ietf.org/html/rfc4253#section-7.2
$iv = pack('H*', sha1($seed . 'C')); //
// see the is_string($crypto) part for an example of how to expand the keys
// ciphers are used as per the nist.gov link below. also, see this link: $key = pack('H*', sha1($seed . 'A'));
// $iv = pack('H*', sha1($seed . 'C'));
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
switch (true) { // ciphers are used as per the nist.gov link below. also, see this link:
case phpseclib_resolve_include_path('Crypt/AES.php'): //
if (!class_exists('Crypt_AES')) { // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
include_once 'AES.php'; switch (true) {
} case phpseclib_resolve_include_path('Crypt/AES.php'):
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR); if (!class_exists('Crypt_AES')) {
break; include_once 'AES.php';
case phpseclib_resolve_include_path('Crypt/Twofish.php'): }
if (!class_exists('Crypt_Twofish')) { $crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
include_once 'Twofish.php'; break;
} case phpseclib_resolve_include_path('Crypt/Twofish.php'):
$crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR); if (!class_exists('Crypt_Twofish')) {
break; include_once 'Twofish.php';
case phpseclib_resolve_include_path('Crypt/Blowfish.php'): }
if (!class_exists('Crypt_Blowfish')) { $crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
include_once 'Blowfish.php'; break;
} case phpseclib_resolve_include_path('Crypt/Blowfish.php'):
$crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR); if (!class_exists('Crypt_Blowfish')) {
break; include_once 'Blowfish.php';
case phpseclib_resolve_include_path('Crypt/TripleDES.php'): }
if (!class_exists('Crypt_TripleDES')) { $crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
include_once 'TripleDES.php'; break;
} case phpseclib_resolve_include_path('Crypt/TripleDES.php'):
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR); if (!class_exists('Crypt_TripleDES')) {
break; include_once 'TripleDES.php';
case phpseclib_resolve_include_path('Crypt/DES.php'): }
if (!class_exists('Crypt_DES')) { $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
include_once 'DES.php'; break;
} case phpseclib_resolve_include_path('Crypt/DES.php'):
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR); if (!class_exists('Crypt_DES')) {
break; include_once 'DES.php';
case phpseclib_resolve_include_path('Crypt/RC4.php'): }
if (!class_exists('Crypt_RC4')) { $crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
include_once 'RC4.php'; break;
} case phpseclib_resolve_include_path('Crypt/RC4.php'):
$crypto = new Crypt_RC4(); if (!class_exists('Crypt_RC4')) {
break; include_once 'RC4.php';
default: }
user_error('crypt_random_string requires at least one symmetric cipher be loaded'); $crypto = new Crypt_RC4();
return false; break;
} default:
user_error('crypt_random_string requires at least one symmetric cipher be loaded');
$crypto->setKey($key); return false;
$crypto->setIV($iv); }
$crypto->enableContinuousBuffer();
} $crypto->setKey($key);
$crypto->setIV($iv);
//return $crypto->encrypt(str_repeat("\0", $length)); $crypto->enableContinuousBuffer();
}
// the following is based off of ANSI X9.31:
// //return $crypto->encrypt(str_repeat("\0", $length));
// http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
// // the following is based off of ANSI X9.31:
// OpenSSL uses that same standard for it's random numbers: //
// // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
// http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c //
// (do a search for "ANS X9.31 A.2.4") // OpenSSL uses that same standard for it's random numbers:
$result = ''; //
while (strlen($result) < $length) { // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
$i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21 // (do a search for "ANS X9.31 A.2.4")
$r = $crypto->encrypt($i ^ $v); // strlen($v) == 20 $result = '';
$v = $crypto->encrypt($r ^ $i); // strlen($r) == 20 while (strlen($result) < $length) {
$result.= $r; $i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21
} $r = $crypto->encrypt($i ^ $v); // strlen($v) == 20
return substr($result, 0, $length); $v = $crypto->encrypt($r ^ $i); // strlen($r) == 20
} $result.= $r;
} }
return substr($result, 0, $length);
if (!function_exists('phpseclib_resolve_include_path')) { }
/** }
* Resolve filename against the include path.
* if (!function_exists('phpseclib_safe_serialize')) {
* Wrapper around stream_resolve_include_path() (which was introduced in /**
* PHP 5.3.2) with fallback implementation for earlier PHP versions. * Safely serialize variables
* *
* @param string $filename * If a class has a private __sleep() method it'll give a fatal error on PHP 5.2 and earlier.
* @return mixed Filename (string) on success, false otherwise. * PHP 5.3 will emit a warning.
* @access public *
*/ * @param mixed $arr
function phpseclib_resolve_include_path($filename) * @access public
{ */
if (function_exists('stream_resolve_include_path')) { function phpseclib_safe_serialize(&$arr)
return stream_resolve_include_path($filename); {
} if (is_object($arr)) {
return '';
// handle non-relative paths }
if (file_exists($filename)) { if (!is_array($arr)) {
return realpath($filename); return serialize($arr);
} }
// prevent circular array recursion
$paths = PATH_SEPARATOR == ':' ? if (isset($arr['__phpseclib_marker'])) {
preg_split('#(?<!phar):#', get_include_path()) : return '';
explode(PATH_SEPARATOR, get_include_path()); }
foreach ($paths as $prefix) { $safearr = array();
// path's specified in include_path don't always end in / $arr['__phpseclib_marker'] = true;
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR; foreach (array_keys($arr) as $key) {
$file = $prefix . $ds . $filename; // do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage
if (file_exists($file)) { if ($key !== '__phpseclib_marker') {
return realpath($file); $safearr[$key] = phpseclib_safe_serialize($arr[$key]);
} }
} }
unset($arr['__phpseclib_marker']);
return false; return serialize($safearr);
} }
} }
if (!function_exists('phpseclib_resolve_include_path')) {
/**
* Resolve filename against the include path.
*
* Wrapper around stream_resolve_include_path() (which was introduced in
* PHP 5.3.2) with fallback implementation for earlier PHP versions.
*
* @param string $filename
* @return string|false
* @access public
*/
function phpseclib_resolve_include_path($filename)
{
if (function_exists('stream_resolve_include_path')) {
return stream_resolve_include_path($filename);
}
// handle non-relative paths
if (file_exists($filename)) {
return realpath($filename);
}
$paths = PATH_SEPARATOR == ':' ?
preg_split('#(?<!phar):#', get_include_path()) :
explode(PATH_SEPARATOR, get_include_path());
foreach ($paths as $prefix) {
// path's specified in include_path don't always end in /
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR;
$file = $prefix . $ds . $filename;
if (file_exists($file)) {
return realpath($file);
}
}
return false;
}
}

File diff suppressed because it is too large Load diff

View file

@ -1,428 +1,517 @@
<?php <?php
/** /**
* Pure-PHP implementation of Triple DES. * Pure-PHP implementation of Triple DES.
* *
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt). * Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Crypt/TripleDES.php'; * include 'Crypt/TripleDES.php';
* *
* $des = new Crypt_TripleDES(); * $des = new Crypt_TripleDES();
* *
* $des->setKey('abcdefghijklmnopqrstuvwx'); * $des->setKey('abcdefghijklmnopqrstuvwx');
* *
* $size = 10 * 1024; * $size = 10 * 1024;
* $plaintext = ''; * $plaintext = '';
* for ($i = 0; $i < $size; $i++) { * for ($i = 0; $i < $size; $i++) {
* $plaintext.= 'a'; * $plaintext.= 'a';
* } * }
* *
* echo $des->decrypt($des->encrypt($plaintext)); * echo $des->decrypt($des->encrypt($plaintext));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights * in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in * The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. * all copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE. * THE SOFTWARE.
* *
* @category Crypt * @category Crypt
* @package Crypt_TripleDES * @package Crypt_TripleDES
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @copyright 2007 Jim Wigginton * @copyright 2007 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
/** /**
* Include Crypt_DES * Include Crypt_DES
*/ */
if (!class_exists('Crypt_DES')) { if (!class_exists('Crypt_DES')) {
include_once 'DES.php'; include_once 'DES.php';
} }
/** /**#@+
* Encrypt / decrypt using inner chaining * @access public
* * @see self::Crypt_TripleDES()
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3). */
*/ /**
define('CRYPT_DES_MODE_3CBC', -2); * Encrypt / decrypt using inner chaining
*
/** * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
* Encrypt / decrypt using outer chaining */
* define('CRYPT_MODE_3CBC', -2);
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC. /**
*/ * BC version of the above.
define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC); */
define('CRYPT_DES_MODE_3CBC', -2);
/** /**
* Pure-PHP implementation of Triple DES. * Encrypt / decrypt using outer chaining
* *
* @package Crypt_TripleDES * Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
* @author Jim Wigginton <terrafrost@php.net> */
* @access public define('CRYPT_MODE_CBC3', CRYPT_MODE_CBC);
*/ /**
class Crypt_TripleDES extends Crypt_DES * BC version of the above.
{ */
/** define('CRYPT_DES_MODE_CBC3', CRYPT_MODE_CBC3);
* The default password key_size used by setPassword() /**#@-*/
*
* @see Crypt_DES::password_key_size /**
* @see Crypt_Base::password_key_size * Pure-PHP implementation of Triple DES.
* @see Crypt_Base::setPassword() *
* @var Integer * @package Crypt_TripleDES
* @access private * @author Jim Wigginton <terrafrost@php.net>
*/ * @access public
var $password_key_size = 24; */
class Crypt_TripleDES extends Crypt_DES
/** {
* The default salt used by setPassword() /**
* * Key Length (in bytes)
* @see Crypt_Base::password_default_salt *
* @see Crypt_Base::setPassword() * @see Crypt_TripleDES::setKeyLength()
* @var String * @var int
* @access private * @access private
*/ */
var $password_default_salt = 'phpseclib'; var $key_length = 24;
/** /**
* The namespace used by the cipher for its constants. * The default salt used by setPassword()
* *
* @see Crypt_DES::const_namespace * @see Crypt_Base::password_default_salt
* @see Crypt_Base::const_namespace * @see Crypt_Base::setPassword()
* @var String * @var string
* @access private * @access private
*/ */
var $const_namespace = 'DES'; var $password_default_salt = 'phpseclib';
/** /**
* The mcrypt specific name of the cipher * The namespace used by the cipher for its constants.
* *
* @see Crypt_DES::cipher_name_mcrypt * @see Crypt_DES::const_namespace
* @see Crypt_Base::cipher_name_mcrypt * @see Crypt_Base::const_namespace
* @var String * @var string
* @access private * @access private
*/ */
var $cipher_name_mcrypt = 'tripledes'; var $const_namespace = 'DES';
/** /**
* Optimizing value while CFB-encrypting * The mcrypt specific name of the cipher
* *
* @see Crypt_Base::cfb_init_len * @see Crypt_DES::cipher_name_mcrypt
* @var Integer * @see Crypt_Base::cipher_name_mcrypt
* @access private * @var string
*/ * @access private
var $cfb_init_len = 750; */
var $cipher_name_mcrypt = 'tripledes';
/**
* max possible size of $key /**
* * Optimizing value while CFB-encrypting
* @see Crypt_TripleDES::setKey() *
* @see Crypt_DES::setKey() * @see Crypt_Base::cfb_init_len
* @var String * @var int
* @access private * @access private
*/ */
var $key_size_max = 24; var $cfb_init_len = 750;
/** /**
* Internal flag whether using CRYPT_DES_MODE_3CBC or not * max possible size of $key
* *
* @var Boolean * @see self::setKey()
* @access private * @see Crypt_DES::setKey()
*/ * @var string
var $mode_3cbc; * @access private
*/
/** var $key_length_max = 24;
* The Crypt_DES objects
* /**
* Used only if $mode_3cbc === true * Internal flag whether using CRYPT_DES_MODE_3CBC or not
* *
* @var Array * @var bool
* @access private * @access private
*/ */
var $des; var $mode_3cbc;
/** /**
* Default Constructor. * The Crypt_DES objects
* *
* Determines whether or not the mcrypt extension should be used. * Used only if $mode_3cbc === true
* *
* $mode could be: * @var array
* * @access private
* - CRYPT_DES_MODE_ECB */
* var $des;
* - CRYPT_DES_MODE_CBC
* /**
* - CRYPT_DES_MODE_CTR * Default Constructor.
* *
* - CRYPT_DES_MODE_CFB * Determines whether or not the mcrypt extension should be used.
* *
* - CRYPT_DES_MODE_OFB * $mode could be:
* *
* - CRYPT_DES_MODE_3CBC * - CRYPT_DES_MODE_ECB
* *
* If not explicitly set, CRYPT_DES_MODE_CBC will be used. * - CRYPT_DES_MODE_CBC
* *
* @see Crypt_DES::Crypt_DES() * - CRYPT_DES_MODE_CTR
* @see Crypt_Base::Crypt_Base() *
* @param optional Integer $mode * - CRYPT_DES_MODE_CFB
* @access public *
*/ * - CRYPT_DES_MODE_OFB
function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC) *
{ * - CRYPT_DES_MODE_3CBC
switch ($mode) { *
// In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC * If not explicitly set, CRYPT_DES_MODE_CBC will be used.
// and additional flag us internally as 3CBC *
case CRYPT_DES_MODE_3CBC: * @see Crypt_DES::Crypt_DES()
parent::Crypt_Base(CRYPT_DES_MODE_CBC); * @see Crypt_Base::Crypt_Base()
$this->mode_3cbc = true; * @param int $mode
* @access public
// This three $des'es will do the 3CBC work (if $key > 64bits) */
$this->des = array( function __construct($mode = CRYPT_MODE_CBC)
new Crypt_DES(CRYPT_DES_MODE_CBC), {
new Crypt_DES(CRYPT_DES_MODE_CBC), switch ($mode) {
new Crypt_DES(CRYPT_DES_MODE_CBC), // In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC
); // and additional flag us internally as 3CBC
case CRYPT_DES_MODE_3CBC:
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects parent::Crypt_Base(CRYPT_MODE_CBC);
$this->des[0]->disablePadding(); $this->mode_3cbc = true;
$this->des[1]->disablePadding();
$this->des[2]->disablePadding(); // This three $des'es will do the 3CBC work (if $key > 64bits)
break; $this->des = array(
// If not 3CBC, we init as usual new Crypt_DES(CRYPT_MODE_CBC),
default: new Crypt_DES(CRYPT_MODE_CBC),
parent::Crypt_Base($mode); new Crypt_DES(CRYPT_MODE_CBC),
} );
}
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
/** $this->des[0]->disablePadding();
* Sets the initialization vector. (optional) $this->des[1]->disablePadding();
* $this->des[2]->disablePadding();
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed break;
* to be all zero's. // If not 3CBC, we init as usual
* default:
* @see Crypt_Base::setIV() parent::__construct($mode);
* @access public }
* @param String $iv }
*/
function setIV($iv) /**
{ * PHP4 compatible Default Constructor.
parent::setIV($iv); *
if ($this->mode_3cbc) { * @see self::__construct()
$this->des[0]->setIV($iv); * @param int $mode
$this->des[1]->setIV($iv); * @access public
$this->des[2]->setIV($iv); */
} function Crypt_TripleDES($mode = CRYPT_MODE_CBC)
} {
$this->__construct($mode);
/** }
* Sets the key.
* /**
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or * Test for engine validity
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate. *
* * This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine()
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that. *
* * @see Crypt_Base::Crypt_Base()
* If the key is not explicitly set, it'll be assumed to be all null bytes. * @param int $engine
* * @access public
* @access public * @return bool
* @see Crypt_DES::setKey() */
* @see Crypt_Base::setKey() function isValidEngine($engine)
* @param String $key {
*/ if ($engine == CRYPT_ENGINE_OPENSSL) {
function setKey($key) $this->cipher_name_openssl_ecb = 'des-ede3';
{ $mode = $this->_openssl_translate_mode();
$length = strlen($key); $this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode;
if ($length > 8) { }
$key = str_pad(substr($key, 0, 24), 24, chr(0));
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this: return parent::isValidEngine($engine);
// http://php.net/function.mcrypt-encrypt#47973 }
//$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
} else { /**
$key = str_pad($key, 8, chr(0)); * Sets the initialization vector. (optional)
} *
parent::setKey($key); * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed
* to be all zero's.
// And in case of CRYPT_DES_MODE_3CBC: *
// if key <= 64bits we not need the 3 $des to work, * @see Crypt_Base::setIV()
// because we will then act as regular DES-CBC with just a <= 64bit key. * @access public
// So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des. * @param string $iv
if ($this->mode_3cbc && $length > 8) { */
$this->des[0]->setKey(substr($key, 0, 8)); function setIV($iv)
$this->des[1]->setKey(substr($key, 8, 8)); {
$this->des[2]->setKey(substr($key, 16, 8)); parent::setIV($iv);
} if ($this->mode_3cbc) {
} $this->des[0]->setIV($iv);
$this->des[1]->setIV($iv);
/** $this->des[2]->setIV($iv);
* Encrypts a message. }
* }
* @see Crypt_Base::encrypt()
* @access public /**
* @param String $plaintext * Sets the key length.
* @return String $cipertext *
*/ * Valid key lengths are 64, 128 and 192
function encrypt($plaintext) *
{ * @see Crypt_Base:setKeyLength()
// parent::en/decrypt() is able to do all the work for all modes and keylengths, * @access public
// except for: CRYPT_DES_MODE_3CBC (inner chaining CBC) with a key > 64bits * @param int $length
*/
// if the key is smaller then 8, do what we'd normally do function setKeyLength($length)
if ($this->mode_3cbc && strlen($this->key) > 8) { {
return $this->des[2]->encrypt( $length >>= 3;
$this->des[1]->decrypt( switch (true) {
$this->des[0]->encrypt( case $length <= 8:
$this->_pad($plaintext) $this->key_length = 8;
) break;
) case $length <= 16:
); $this->key_length = 16;
} break;
default:
return parent::encrypt($plaintext); $this->key_length = 24;
} }
/** parent::setKeyLength($length);
* Decrypts a message. }
*
* @see Crypt_Base::decrypt() /**
* @access public * Sets the key.
* @param String $ciphertext *
* @return String $plaintext * Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
*/ * 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
function decrypt($ciphertext) *
{ * DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
if ($this->mode_3cbc && strlen($this->key) > 8) { *
return $this->_unpad( * If the key is not explicitly set, it'll be assumed to be all null bytes.
$this->des[0]->decrypt( *
$this->des[1]->encrypt( * @access public
$this->des[2]->decrypt( * @see Crypt_DES::setKey()
str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0") * @see Crypt_Base::setKey()
) * @param string $key
) */
) function setKey($key)
); {
} $length = $this->explicit_key_length ? $this->key_length : strlen($key);
if ($length > 8) {
return parent::decrypt($ciphertext); $key = str_pad(substr($key, 0, 24), 24, chr(0));
} // if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
// http://php.net/function.mcrypt-encrypt#47973
/** $key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
* Treat consecutive "packets" as if they are a continuous buffer. } else {
* $key = str_pad($key, 8, chr(0));
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets }
* will yield different outputs: parent::setKey($key);
*
* <code> // And in case of CRYPT_DES_MODE_3CBC:
* echo $des->encrypt(substr($plaintext, 0, 8)); // if key <= 64bits we not need the 3 $des to work,
* echo $des->encrypt(substr($plaintext, 8, 8)); // because we will then act as regular DES-CBC with just a <= 64bit key.
* </code> // So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des.
* <code> if ($this->mode_3cbc && $length > 8) {
* echo $des->encrypt($plaintext); $this->des[0]->setKey(substr($key, 0, 8));
* </code> $this->des[1]->setKey(substr($key, 8, 8));
* $this->des[2]->setKey(substr($key, 16, 8));
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates }
* another, as demonstrated with the following: }
*
* <code> /**
* $des->encrypt(substr($plaintext, 0, 8)); * Encrypts a message.
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); *
* </code> * @see Crypt_Base::encrypt()
* <code> * @access public
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8))); * @param string $plaintext
* </code> * @return string $cipertext
* */
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different function encrypt($plaintext)
* outputs. The reason is due to the fact that the initialization vector's change after every encryption / {
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant. // parent::en/decrypt() is able to do all the work for all modes and keylengths,
* // except for: CRYPT_MODE_3CBC (inner chaining CBC) with a key > 64bits
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that // if the key is smaller then 8, do what we'd normally do
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), if ($this->mode_3cbc && strlen($this->key) > 8) {
* however, they are also less intuitive and more likely to cause you problems. return $this->des[2]->encrypt(
* $this->des[1]->decrypt(
* @see Crypt_Base::enableContinuousBuffer() $this->des[0]->encrypt(
* @see Crypt_TripleDES::disableContinuousBuffer() $this->_pad($plaintext)
* @access public )
*/ )
function enableContinuousBuffer() );
{ }
parent::enableContinuousBuffer();
if ($this->mode_3cbc) { return parent::encrypt($plaintext);
$this->des[0]->enableContinuousBuffer(); }
$this->des[1]->enableContinuousBuffer();
$this->des[2]->enableContinuousBuffer(); /**
} * Decrypts a message.
} *
* @see Crypt_Base::decrypt()
/** * @access public
* Treat consecutive packets as if they are a discontinuous buffer. * @param string $ciphertext
* * @return string $plaintext
* The default behavior. */
* function decrypt($ciphertext)
* @see Crypt_Base::disableContinuousBuffer() {
* @see Crypt_TripleDES::enableContinuousBuffer() if ($this->mode_3cbc && strlen($this->key) > 8) {
* @access public return $this->_unpad(
*/ $this->des[0]->decrypt(
function disableContinuousBuffer() $this->des[1]->encrypt(
{ $this->des[2]->decrypt(
parent::disableContinuousBuffer(); str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0")
if ($this->mode_3cbc) { )
$this->des[0]->disableContinuousBuffer(); )
$this->des[1]->disableContinuousBuffer(); )
$this->des[2]->disableContinuousBuffer(); );
} }
}
return parent::decrypt($ciphertext);
/** }
* Creates the key schedule
* /**
* @see Crypt_DES::_setupKey() * Treat consecutive "packets" as if they are a continuous buffer.
* @see Crypt_Base::_setupKey() *
* @access private * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
*/ * will yield different outputs:
function _setupKey() *
{ * <code>
switch (true) { * echo $des->encrypt(substr($plaintext, 0, 8));
// if $key <= 64bits we configure our internal pure-php cipher engine * echo $des->encrypt(substr($plaintext, 8, 8));
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same. * </code>
case strlen($this->key) <= 8: * <code>
$this->des_rounds = 1; * echo $des->encrypt($plaintext);
break; * </code>
*
// otherwise, if $key > 64bits, we configure our engine to work as 3DES. * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
default: * another, as demonstrated with the following:
$this->des_rounds = 3; *
* <code>
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately. * $des->encrypt(substr($plaintext, 0, 8));
if ($this->mode_3cbc) { * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
$this->des[0]->_setupKey(); * </code>
$this->des[1]->_setupKey(); * <code>
$this->des[2]->_setupKey(); * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
* </code>
// because $des[0-2] will, now, do all the work we can return here *
// not need unnecessary stress parent::_setupKey() with our, now unused, $key. * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
return; * outputs. The reason is due to the fact that the initialization vector's change after every encryption /
} * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
} *
// setup our key * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
parent::_setupKey(); * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
} * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
} * however, they are also less intuitive and more likely to cause you problems.
*
* @see Crypt_Base::enableContinuousBuffer()
* @see self::disableContinuousBuffer()
* @access public
*/
function enableContinuousBuffer()
{
parent::enableContinuousBuffer();
if ($this->mode_3cbc) {
$this->des[0]->enableContinuousBuffer();
$this->des[1]->enableContinuousBuffer();
$this->des[2]->enableContinuousBuffer();
}
}
/**
* Treat consecutive packets as if they are a discontinuous buffer.
*
* The default behavior.
*
* @see Crypt_Base::disableContinuousBuffer()
* @see self::enableContinuousBuffer()
* @access public
*/
function disableContinuousBuffer()
{
parent::disableContinuousBuffer();
if ($this->mode_3cbc) {
$this->des[0]->disableContinuousBuffer();
$this->des[1]->disableContinuousBuffer();
$this->des[2]->disableContinuousBuffer();
}
}
/**
* Creates the key schedule
*
* @see Crypt_DES::_setupKey()
* @see Crypt_Base::_setupKey()
* @access private
*/
function _setupKey()
{
switch (true) {
// if $key <= 64bits we configure our internal pure-php cipher engine
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
case strlen($this->key) <= 8:
$this->des_rounds = 1;
break;
// otherwise, if $key > 64bits, we configure our engine to work as 3DES.
default:
$this->des_rounds = 3;
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
if ($this->mode_3cbc) {
$this->des[0]->_setupKey();
$this->des[1]->_setupKey();
$this->des[2]->_setupKey();
// because $des[0-2] will, now, do all the work we can return here
// not need unnecessary stress parent::_setupKey() with our, now unused, $key.
return;
}
}
// setup our key
parent::_setupKey();
}
/**
* Sets the internal crypt engine
*
* @see Crypt_Base::Crypt_Base()
* @see Crypt_Base::setPreferredEngine()
* @param int $engine
* @access public
* @return int
*/
function setPreferredEngine($engine)
{
if ($this->mode_3cbc) {
$this->des[0]->setPreferredEngine($engine);
$this->des[1]->setPreferredEngine($engine);
$this->des[2]->setPreferredEngine($engine);
}
return parent::setPreferredEngine($engine);
}
}

1784
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Twofish.php Normal file → Executable file

File diff suppressed because it is too large Load diff

1163
rainloop/v/0.0.0/app/libraries/phpseclib/File/ANSI.php Normal file → Executable file

File diff suppressed because it is too large Load diff

2843
rainloop/v/0.0.0/app/libraries/phpseclib/File/ASN1.php Normal file → Executable file

File diff suppressed because it is too large Load diff

9731
rainloop/v/0.0.0/app/libraries/phpseclib/File/X509.php Normal file → Executable file

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

738
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SCP.php Normal file → Executable file
View file

@ -1,360 +1,378 @@
<?php <?php
/** /**
* Pure-PHP implementation of SCP. * Pure-PHP implementation of SCP.
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}. * The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
* *
* Here's a short example of how to use this library: * Here's a short example of how to use this library:
* <code> * <code>
* <?php * <?php
* include 'Net/SCP.php'; * include 'Net/SCP.php';
* include 'Net/SSH2.php'; * include 'Net/SSH2.php';
* *
* $ssh = new Net_SSH2('www.domain.tld'); * $ssh = new Net_SSH2('www.domain.tld');
* if (!$ssh->login('username', 'password')) { * if (!$ssh->login('username', 'password')) {
* exit('bad login'); * exit('bad login');
* } * }
*
* $scp = new Net_SCP($ssh); * $scp = new Net_SCP($ssh);
* $scp->put('abcd', str_repeat('x', 1024*1024)); * $scp->put('abcd', str_repeat('x', 1024*1024));
* ?> * ?>
* </code> * </code>
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights * in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in * The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. * all copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE. * THE SOFTWARE.
* *
* @category Net * @category Net
* @package Net_SCP * @package Net_SCP
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @copyright 2010 Jim Wigginton * @copyright 2010 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
*/ */
/**#@+ /**#@+
* @access public * @access public
* @see Net_SCP::put() * @see self::put()
*/ */
/** /**
* Reads data from a local file. * Reads data from a local file.
*/ */
define('NET_SCP_LOCAL_FILE', 1); define('NET_SCP_LOCAL_FILE', 1);
/** /**
* Reads data from a string. * Reads data from a string.
*/ */
define('NET_SCP_STRING', 2); define('NET_SCP_STRING', 2);
/**#@-*/ /**#@-*/
/**#@+ /**#@+
* @access private * @access private
* @see Net_SCP::_send() * @see self::_send()
* @see Net_SCP::_receive() * @see self::_receive()
*/ */
/** /**
* SSH1 is being used. * SSH1 is being used.
*/ */
define('NET_SCP_SSH1', 1); define('NET_SCP_SSH1', 1);
/** /**
* SSH2 is being used. * SSH2 is being used.
*/ */
define('NET_SCP_SSH2', 2); define('NET_SCP_SSH2', 2);
/**#@-*/ /**#@-*/
/** /**
* Pure-PHP implementations of SCP. * Pure-PHP implementations of SCP.
* *
* @package Net_SCP * @package Net_SCP
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @access public * @access public
*/ */
class Net_SCP class Net_SCP
{ {
/** /**
* SSH Object * SSH Object
* *
* @var Object * @var object
* @access private * @access private
*/ */
var $ssh; var $ssh;
/** /**
* Packet Size * Packet Size
* *
* @var Integer * @var int
* @access private * @access private
*/ */
var $packet_size; var $packet_size;
/** /**
* Mode * Mode
* *
* @var Integer * @var int
* @access private * @access private
*/ */
var $mode; var $mode;
/** /**
* Default Constructor. * Default Constructor.
* *
* Connects to an SSH server * Connects to an SSH server
* *
* @param String $host * @param Net_SSH1|Net_SSH2 $ssh
* @param optional Integer $port * @return Net_SCP
* @param optional Integer $timeout * @access public
* @return Net_SCP */
* @access public function __construct($ssh)
*/ {
function Net_SCP($ssh) if (!is_object($ssh)) {
{ return;
if (!is_object($ssh)) { }
return;
} switch (strtolower(get_class($ssh))) {
case 'net_ssh2':
switch (strtolower(get_class($ssh))) { $this->mode = NET_SCP_SSH2;
case 'net_ssh2': break;
$this->mode = NET_SCP_SSH2; case 'net_ssh1':
break; $this->packet_size = 50000;
case 'net_ssh1': $this->mode = NET_SCP_SSH1;
$this->packet_size = 50000; break;
$this->mode = NET_SCP_SSH1; default:
break; return;
default: }
return;
} $this->ssh = $ssh;
}
$this->ssh = $ssh;
} /**
* PHP4 compatible Default Constructor.
/** *
* Uploads a file to the SCP server. * @see self::__construct()
* * @param Net_SSH1|Net_SSH2 $ssh
* By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. * @access public
* So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes */
* long, containing 'filename.ext' as its contents. function Net_SCP($ssh)
* {
* Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will $this->__construct($ssh);
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how }
* large $remote_file will be, as well.
* /**
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take * Uploads a file to the SCP server.
* care of that, yourself. *
* * By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
* @param String $remote_file * So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes
* @param String $data * long, containing 'filename.ext' as its contents.
* @param optional Integer $mode *
* @param optional Callable $callback * Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will
* @return Boolean * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
* @access public * large $remote_file will be, as well.
*/ *
function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null) * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
{ * care of that, yourself.
if (!isset($this->ssh)) { *
return false; * @param string $remote_file
} * @param string $data
* @param int $mode
if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to * @param callable $callback
return false; * @return bool
} * @access public
*/
$temp = $this->_receive(); function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null)
if ($temp !== chr(0)) { {
return false; if (!isset($this->ssh)) {
} return false;
}
if ($this->mode == NET_SCP_SSH2) {
$this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4; if (empty($remote_file)) {
} user_error('remote_file cannot be blank', E_USER_NOTICE);
return false;
$remote_file = basename($remote_file); }
if ($mode == NET_SCP_STRING) { if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to
$size = strlen($data); return false;
} else { }
if (!is_file($data)) {
user_error("$data is not a valid file", E_USER_NOTICE); $temp = $this->_receive();
return false; if ($temp !== chr(0)) {
} return false;
}
$fp = @fopen($data, 'rb');
if (!$fp) { if ($this->mode == NET_SCP_SSH2) {
return false; $this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4;
} }
$size = filesize($data);
} $remote_file = basename($remote_file);
$this->_send('C0644 ' . $size . ' ' . $remote_file . "\n"); if ($mode == NET_SCP_STRING) {
$size = strlen($data);
$temp = $this->_receive(); } else {
if ($temp !== chr(0)) { if (!is_file($data)) {
return false; user_error("$data is not a valid file", E_USER_NOTICE);
} return false;
}
$sent = 0;
while ($sent < $size) { $fp = @fopen($data, 'rb');
$temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size); if (!$fp) {
$this->_send($temp); return false;
$sent+= strlen($temp); }
$size = filesize($data);
if (is_callable($callback)) { }
call_user_func($callback, $sent);
} $this->_send('C0644 ' . $size . ' ' . $remote_file . "\n");
}
$this->_close(); $temp = $this->_receive();
if ($temp !== chr(0)) {
if ($mode != NET_SCP_STRING) { return false;
fclose($fp); }
}
$sent = 0;
return true; while ($sent < $size) {
} $temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size);
$this->_send($temp);
/** $sent+= strlen($temp);
* Downloads a file from the SCP server.
* if (is_callable($callback)) {
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if call_user_func($callback, $sent);
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the }
* operation }
* $this->_close();
* @param String $remote_file
* @param optional String $local_file if ($mode != NET_SCP_STRING) {
* @return Mixed fclose($fp);
* @access public }
*/
function get($remote_file, $local_file = false) return true;
{ }
if (!isset($this->ssh)) {
return false; /**
} * Downloads a file from the SCP server.
*
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
return false; * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
} * operation
*
$this->_send("\0"); * @param string $remote_file
* @param string $local_file
if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) { * @return mixed
return false; * @access public
} */
function get($remote_file, $local_file = false)
$this->_send("\0"); {
if (!isset($this->ssh)) {
$size = 0; return false;
}
if ($local_file !== false) {
$fp = @fopen($local_file, 'wb'); if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
if (!$fp) { return false;
return false; }
}
} $this->_send("\0");
$content = ''; if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) {
while ($size < $info['size']) { return false;
$data = $this->_receive(); }
// SCP usually seems to split stuff out into 16k chunks
$size+= strlen($data); $this->_send("\0");
if ($local_file === false) { $size = 0;
$content.= $data;
} else { if ($local_file !== false) {
fputs($fp, $data); $fp = @fopen($local_file, 'wb');
} if (!$fp) {
} return false;
}
$this->_close(); }
if ($local_file !== false) { $content = '';
fclose($fp); while ($size < $info['size']) {
return true; $data = $this->_receive();
} // SCP usually seems to split stuff out into 16k chunks
$size+= strlen($data);
return $content;
} if ($local_file === false) {
$content.= $data;
/** } else {
* Sends a packet to an SSH server fputs($fp, $data);
* }
* @param String $data }
* @access private
*/ $this->_close();
function _send($data)
{ if ($local_file !== false) {
switch ($this->mode) { fclose($fp);
case NET_SCP_SSH2: return true;
$this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data); }
break;
case NET_SCP_SSH1: return $content;
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data); }
$this->ssh->_send_binary_packet($data);
} /**
} * Sends a packet to an SSH server
*
/** * @param string $data
* Receives a packet from an SSH server * @access private
* */
* @return String function _send($data)
* @access private {
*/ switch ($this->mode) {
function _receive() case NET_SCP_SSH2:
{ $this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data);
switch ($this->mode) { break;
case NET_SCP_SSH2: case NET_SCP_SSH1:
return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true); $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data);
case NET_SCP_SSH1: $this->ssh->_send_binary_packet($data);
if (!$this->ssh->bitmap) { }
return false; }
}
while (true) { /**
$response = $this->ssh->_get_binary_packet(); * Receives a packet from an SSH server
switch ($response[NET_SSH1_RESPONSE_TYPE]) { *
case NET_SSH1_SMSG_STDOUT_DATA: * @return string
extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA])); * @access private
return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length); */
case NET_SSH1_SMSG_STDERR_DATA: function _receive()
break; {
case NET_SSH1_SMSG_EXITSTATUS: switch ($this->mode) {
$this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION)); case NET_SCP_SSH2:
fclose($this->ssh->fsock); return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true);
$this->ssh->bitmap = 0; case NET_SCP_SSH1:
return false; if (!$this->ssh->bitmap) {
default: return false;
user_error('Unknown packet received', E_USER_NOTICE); }
return false; while (true) {
} $response = $this->ssh->_get_binary_packet();
} switch ($response[NET_SSH1_RESPONSE_TYPE]) {
} case NET_SSH1_SMSG_STDOUT_DATA:
} if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) {
return false;
/** }
* Closes the connection to an SSH server extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA]));
* return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length);
* @access private case NET_SSH1_SMSG_STDERR_DATA:
*/ break;
function _close() case NET_SSH1_SMSG_EXITSTATUS:
{ $this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION));
switch ($this->mode) { fclose($this->ssh->fsock);
case NET_SCP_SSH2: $this->ssh->bitmap = 0;
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true); return false;
break; default:
case NET_SCP_SSH1: user_error('Unknown packet received', E_USER_NOTICE);
$this->ssh->disconnect(); return false;
} }
} }
} }
}
/**
* Closes the connection to an SSH server
*
* @access private
*/
function _close()
{
switch ($this->mode) {
case NET_SCP_SSH2:
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true);
break;
case NET_SCP_SSH1:
$this->ssh->disconnect();
}
}
}

5975
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP.php Normal file → Executable file

File diff suppressed because it is too large Load diff

File diff suppressed because it is too large Load diff

3342
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH1.php Normal file → Executable file

File diff suppressed because it is too large Load diff

8771
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH2.php Normal file → Executable file

File diff suppressed because it is too large Load diff

View file

@ -1,313 +1,561 @@
<?php <?php
/**
* Pure-PHP ssh-agent client. /**
* * Pure-PHP ssh-agent client.
* PHP versions 4 and 5 *
* * PHP versions 4 and 5
* Here are some examples of how to use this library: *
* <code> * Here are some examples of how to use this library:
* <?php * <code>
* include 'System/SSH/Agent.php'; * <?php
* include 'Net/SSH2.php'; * include 'System/SSH/Agent.php';
* * include 'Net/SSH2.php';
* $agent = new System_SSH_Agent(); *
* * $agent = new System_SSH_Agent();
* $ssh = new Net_SSH2('www.domain.tld'); *
* if (!$ssh->login('username', $agent)) { * $ssh = new Net_SSH2('www.domain.tld');
* exit('Login Failed'); * if (!$ssh->login('username', $agent)) {
* } * exit('Login Failed');
* * }
* echo $ssh->exec('pwd'); *
* echo $ssh->exec('ls -la'); * echo $ssh->exec('pwd');
* ?> * echo $ssh->exec('ls -la');
* </code> * ?>
* * </code>
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy *
* of this software and associated documentation files (the "Software"), to deal * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* in the Software without restriction, including without limitation the rights * of this software and associated documentation files (the "Software"), to deal
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * in the Software without restriction, including without limitation the rights
* copies of the Software, and to permit persons to whom the Software is * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* furnished to do so, subject to the following conditions: * copies of the Software, and to permit persons to whom the Software is
* * furnished to do so, subject to the following conditions:
* The above copyright notice and this permission notice shall be included in *
* all copies or substantial portions of the Software. * The above copyright notice and this permission notice shall be included in
* * all copies or substantial portions of the Software.
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR *
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* THE SOFTWARE. * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* * THE SOFTWARE.
* @category System *
* @package System_SSH_Agent * @category System
* @author Jim Wigginton <terrafrost@php.net> * @package System_SSH_Agent
* @copyright 2014 Jim Wigginton * @author Jim Wigginton <terrafrost@php.net>
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @copyright 2014 Jim Wigginton
* @link http://phpseclib.sourceforge.net * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent * @link http://phpseclib.sourceforge.net
*/ * @internal See http://api.libssh.org/rfc/PROTOCOL.agent
*/
/**#@+
* Message numbers /**#@+
* * Message numbers
* @access private *
*/ * @access private
// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1) */
define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11); // to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1)
// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2). define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11);
define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12); // this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2).
define('SYSTEM_SSH_AGENT_FAILURE', 5); define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12);
// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3) define('SYSTEM_SSH_AGENT_FAILURE', 5);
define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13); // the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3)
// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4) define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13);
define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14); // the SSH1 response is SSH_AGENT_RSA_RESPONSE (4)
/**#@-*/ define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14);
/**#@-*/
/**
* Pure-PHP ssh-agent client identity object /**@+
* * Agent forwarding status
* Instantiation should only be performed by System_SSH_Agent class. *
* This could be thought of as implementing an interface that Crypt_RSA * @access private
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something. */
* The methods in this interface would be getPublicKey, setSignatureMode // no forwarding requested and not active
* and sign since those are the methods phpseclib looks for to perform define('SYSTEM_SSH_AGENT_FORWARD_NONE', 0);
* public key authentication. // request agent forwarding when opportune
* define('SYSTEM_SSH_AGENT_FORWARD_REQUEST', 1);
* @package System_SSH_Agent // forwarding has been request and is active
* @author Jim Wigginton <terrafrost@php.net> define('SYSTEM_SSH_AGENT_FORWARD_ACTIVE', 2);
* @access internal /**#@-*/
*/
class System_SSH_Agent_Identity /**@+
{ * Signature Flags
/** *
* Key Object * See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3
* *
* @var Crypt_RSA * @access private
* @access private */
* @see System_SSH_Agent_Identity::getPublicKey() define('SYSTEM_SSH_AGENT_RSA2_256', 2);
*/ define('SYSTEM_SSH_AGENT_RSA2_512', 4);
var $key; /**#@-*/
/** /**
* Key Blob * Pure-PHP ssh-agent client identity object
* *
* @var String * Instantiation should only be performed by System_SSH_Agent class.
* @access private * This could be thought of as implementing an interface that Crypt_RSA
* @see System_SSH_Agent_Identity::sign() * implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
*/ * The methods in this interface would be getPublicKey, setSignatureMode
var $key_blob; * and sign since those are the methods phpseclib looks for to perform
* public key authentication.
/** *
* Socket Resource * @package System_SSH_Agent
* * @author Jim Wigginton <terrafrost@php.net>
* @var Resource * @access internal
* @access private */
* @see System_SSH_Agent_Identity::sign() class System_SSH_Agent_Identity
*/ {
var $fsock; /**
* Key Object
/** *
* Default Constructor. * @var Crypt_RSA
* * @access private
* @param Resource $fsock * @see self::getPublicKey()
* @return System_SSH_Agent_Identity */
* @access private var $key;
*/
function System_SSH_Agent_Identity($fsock) /**
{ * Key Blob
$this->fsock = $fsock; *
} * @var string
* @access private
/** * @see self::sign()
* Set Public Key */
* var $key_blob;
* Called by System_SSH_Agent::requestIdentities()
* /**
* @param Crypt_RSA $key * Socket Resource
* @access private *
*/ * @var resource
function setPublicKey($key) * @access private
{ * @see self::sign()
$this->key = $key; */
$this->key->setPublicKey(); var $fsock;
}
/**
/** * Signature flags
* Set Public Key *
* * @var int
* Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key * @access private
* but this saves a small amount of computation. * @see self::sign()
* * @see self::setHash()
* @param String $key_blob */
* @access private var $flags = 0;
*/
function setPublicKeyBlob($key_blob) /**
{ * Default Constructor.
$this->key_blob = $key_blob; *
} * @param resource $fsock
* @return System_SSH_Agent_Identity
/** * @access private
* Get Public Key */
* function __construct($fsock)
* Wrapper for $this->key->getPublicKey() {
* $this->fsock = $fsock;
* @param Integer $format optional }
* @return Mixed
* @access public /**
*/ * PHP4 compatible Default Constructor.
function getPublicKey($format = null) *
{ * @see self::__construct()
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format); * @param resource $fsock
} * @access public
*/
/** function System_SSH_Agent_Identity($fsock)
* Set Signature Mode {
* $this->__construct($fsock);
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie. }
* ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1
* /**
* @param Integer $mode * Set Public Key
* @access public *
*/ * Called by System_SSH_Agent::requestIdentities()
function setSignatureMode($mode) *
{ * @param Crypt_RSA $key
} * @access private
*/
/** function setPublicKey($key)
* Create a signature {
* $this->key = $key;
* See "2.6.2 Protocol 2 private key signature request" $this->key->setPublicKey();
* }
* @param String $message
* @return String /**
* @access public * Set Public Key
*/ *
function sign($message) * Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key
{ * but this saves a small amount of computation.
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE *
$packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0); * @param string $key_blob
$packet = pack('Na*', strlen($packet), $packet); * @access private
if (strlen($packet) != fputs($this->fsock, $packet)) { */
user_error('Connection closed during signing'); function setPublicKeyBlob($key_blob)
} {
$this->key_blob = $key_blob;
$length = current(unpack('N', fread($this->fsock, 4))); }
$type = ord(fread($this->fsock, 1));
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) { /**
user_error('Unable to retreive signature'); * Get Public Key
} *
* Wrapper for $this->key->getPublicKey()
$signature_blob = fread($this->fsock, $length - 1); *
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa * @param int $format optional
// the + 12 is for the other various SSH added length fields * @return mixed
return substr($signature_blob, strlen('ssh-rsa') + 12); * @access public
} */
} function getPublicKey($format = null)
{
/** return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
* Pure-PHP ssh-agent client identity factory }
*
* requestIdentities() method pumps out System_SSH_Agent_Identity objects /**
* * Set Signature Mode
* @package System_SSH_Agent *
* @author Jim Wigginton <terrafrost@php.net> * Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
* @access internal * ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1
*/ *
class System_SSH_Agent * @param int $mode
{ * @access public
/** */
* Socket Resource function setSignatureMode($mode)
* {
* @var Resource }
* @access private
*/ /**
var $fsock; * Set Hash
*
/** * ssh-agent doesn't support using hashes for RSA other than SHA1
* Default Constructor *
* * @param string $hash
* @return System_SSH_Agent * @access public
* @access public */
*/ function setHash($hash)
function System_SSH_Agent() {
{ $this->flags = 0;
switch (true) { switch ($hash) {
case isset($_SERVER['SSH_AUTH_SOCK']): case 'sha1':
$address = $_SERVER['SSH_AUTH_SOCK']; break;
break; case 'sha256':
case isset($_ENV['SSH_AUTH_SOCK']): $this->flags = SYSTEM_SSH_AGENT_RSA2_256;
$address = $_ENV['SSH_AUTH_SOCK']; break;
break; case 'sha512':
default: $this->flags = SYSTEM_SSH_AGENT_RSA2_512;
user_error('SSH_AUTH_SOCK not found'); break;
return false; default:
} user_error('The only supported hashes for RSA are sha1, sha256 and sha512');
}
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr); }
if (!$this->fsock) {
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)"); /**
} * Create a signature
} *
* See "2.6.2 Protocol 2 private key signature request"
/** *
* Request Identities * @param string $message
* * @return string
* See "2.5.2 Requesting a list of protocol 2 keys" * @access public
* Returns an array containing zero or more System_SSH_Agent_Identity objects */
* function sign($message)
* @return Array {
* @access public // the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
*/ $packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, $this->flags);
function requestIdentities() $packet = pack('Na*', strlen($packet), $packet);
{ if (strlen($packet) != fputs($this->fsock, $packet)) {
if (!$this->fsock) { user_error('Connection closed during signing');
return array(); }
}
$length = current(unpack('N', fread($this->fsock, 4)));
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES); $type = ord(fread($this->fsock, 1));
if (strlen($packet) != fputs($this->fsock, $packet)) { if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) {
user_error('Connection closed while requesting identities'); user_error('Unable to retreive signature');
} }
$length = current(unpack('N', fread($this->fsock, 4))); $signature_blob = fread($this->fsock, $length - 1);
$type = ord(fread($this->fsock, 1)); $length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) { if ($length != strlen($signature_blob)) {
user_error('Unable to request identities'); user_error('Malformed signature blob');
} }
$length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
$identities = array(); if ($length > strlen($signature_blob) + 4) {
$keyCount = current(unpack('N', fread($this->fsock, 4))); user_error('Malformed signature blob');
for ($i = 0; $i < $keyCount; $i++) { }
$length = current(unpack('N', fread($this->fsock, 4))); $type = $this->_string_shift($signature_blob, $length);
$key_blob = fread($this->fsock, $length); $this->_string_shift($signature_blob, 4);
$length = current(unpack('N', fread($this->fsock, 4)));
$key_comment = fread($this->fsock, $length); return $signature_blob;
$length = current(unpack('N', substr($key_blob, 0, 4))); }
$key_type = substr($key_blob, 4, $length);
switch ($key_type) { /**
case 'ssh-rsa': * String Shift
if (!class_exists('Crypt_RSA')) { *
include_once 'Crypt/RSA.php'; * Inspired by array_shift
} *
$key = new Crypt_RSA(); * @param string $string
$key->loadKey('ssh-rsa ' . base64_encode($key_blob) . ' ' . $key_comment); * @param int $index
break; * @return string
case 'ssh-dss': * @access private
// not currently supported */
break; function _string_shift(&$string, $index = 1)
} {
// resources are passed by reference by default $substr = substr($string, 0, $index);
if (isset($key)) { $string = substr($string, $index);
$identity = new System_SSH_Agent_Identity($this->fsock); return $substr;
$identity->setPublicKey($key); }
$identity->setPublicKeyBlob($key_blob); }
$identities[] = $identity;
unset($key); /**
} * Pure-PHP ssh-agent client identity factory
} *
* requestIdentities() method pumps out System_SSH_Agent_Identity objects
return $identities; *
} * @package System_SSH_Agent
} * @author Jim Wigginton <terrafrost@php.net>
* @access public
*/
class System_SSH_Agent
{
/**
* Socket Resource
*
* @var resource
* @access private
*/
var $fsock;
/**
* Agent forwarding status
*
* @access private
*/
var $forward_status = SYSTEM_SSH_AGENT_FORWARD_NONE;
/**
* Buffer for accumulating forwarded authentication
* agent data arriving on SSH data channel destined
* for agent unix socket
*
* @access private
*/
var $socket_buffer = '';
/**
* Tracking the number of bytes we are expecting
* to arrive for the agent socket on the SSH data
* channel
*/
var $expected_bytes = 0;
/**
* Default Constructor
*
* @return System_SSH_Agent
* @access public
*/
function __construct($address = null)
{
if (!$address) {
switch (true) {
case isset($_SERVER['SSH_AUTH_SOCK']):
$address = $_SERVER['SSH_AUTH_SOCK'];
break;
case isset($_ENV['SSH_AUTH_SOCK']):
$address = $_ENV['SSH_AUTH_SOCK'];
break;
default:
user_error('SSH_AUTH_SOCK not found');
return false;
}
}
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr);
if (!$this->fsock) {
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)");
}
}
/**
* PHP4 compatible Default Constructor.
*
* @see self::__construct()
* @access public
*/
function System_SSH_Agent($address = null)
{
$this->__construct($address);
}
/**
* Request Identities
*
* See "2.5.2 Requesting a list of protocol 2 keys"
* Returns an array containing zero or more System_SSH_Agent_Identity objects
*
* @return array
* @access public
*/
function requestIdentities()
{
if (!$this->fsock) {
return array();
}
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES);
if (strlen($packet) != fputs($this->fsock, $packet)) {
user_error('Connection closed while requesting identities');
return array();
}
$length = current(unpack('N', fread($this->fsock, 4)));
$type = ord(fread($this->fsock, 1));
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
user_error('Unable to request identities');
return array();
}
$identities = array();
$keyCount = current(unpack('N', fread($this->fsock, 4)));
for ($i = 0; $i < $keyCount; $i++) {
$length = current(unpack('N', fread($this->fsock, 4)));
$key_blob = fread($this->fsock, $length);
$key_str = 'ssh-rsa ' . base64_encode($key_blob);
$length = current(unpack('N', fread($this->fsock, 4)));
if ($length) {
$key_str.= ' ' . fread($this->fsock, $length);
}
$length = current(unpack('N', substr($key_blob, 0, 4)));
$key_type = substr($key_blob, 4, $length);
switch ($key_type) {
case 'ssh-rsa':
if (!class_exists('Crypt_RSA')) {
include_once 'Crypt/RSA.php';
}
$key = new Crypt_RSA();
$key->loadKey($key_str);
break;
case 'ssh-dss':
// not currently supported
break;
}
// resources are passed by reference by default
if (isset($key)) {
$identity = new System_SSH_Agent_Identity($this->fsock);
$identity->setPublicKey($key);
$identity->setPublicKeyBlob($key_blob);
$identities[] = $identity;
unset($key);
}
}
return $identities;
}
/**
* Signal that agent forwarding should
* be requested when a channel is opened
*
* @param Net_SSH2 $ssh
* @return bool
* @access public
*/
function startSSHForwarding($ssh)
{
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_NONE) {
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_REQUEST;
}
}
/**
* Request agent forwarding of remote server
*
* @param Net_SSH2 $ssh
* @return bool
* @access private
*/
function _request_forwarding($ssh)
{
$request_channel = $ssh->_get_open_channel();
if ($request_channel === false) {
return false;
}
$packet = pack(
'CNNa*C',
NET_SSH2_MSG_CHANNEL_REQUEST,
$ssh->server_channels[$request_channel],
strlen('auth-agent-req@openssh.com'),
'auth-agent-req@openssh.com',
1
);
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST;
if (!$ssh->_send_binary_packet($packet)) {
return false;
}
$response = $ssh->_get_channel_packet($request_channel);
if ($response === false) {
return false;
}
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN;
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_ACTIVE;
return true;
}
/**
* On successful channel open
*
* This method is called upon successful channel
* open to give the SSH Agent an opportunity
* to take further action. i.e. request agent forwarding
*
* @param Net_SSH2 $ssh
* @access private
*/
function _on_channel_open($ssh)
{
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_REQUEST) {
$this->_request_forwarding($ssh);
}
}
/**
* Forward data to SSH Agent and return data reply
*
* @param string $data
* @return data from SSH Agent
* @access private
*/
function _forward_data($data)
{
if ($this->expected_bytes > 0) {
$this->socket_buffer.= $data;
$this->expected_bytes -= strlen($data);
} else {
$agent_data_bytes = current(unpack('N', $data));
$current_data_bytes = strlen($data);
$this->socket_buffer = $data;
if ($current_data_bytes != $agent_data_bytes + 4) {
$this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes;
return false;
}
}
if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) {
user_error('Connection closed attempting to forward data to SSH agent');
}
$this->socket_buffer = '';
$this->expected_bytes = 0;
$agent_reply_bytes = current(unpack('N', fread($this->fsock, 4)));
$agent_reply_data = fread($this->fsock, $agent_reply_bytes);
$agent_reply_data = current(unpack('a*', $agent_reply_data));
return pack('Na*', $agent_reply_bytes, $agent_reply_data);
}
}

View file

@ -1,39 +1,39 @@
<?php <?php
/** /**
* Pure-PHP ssh-agent client wrapper * Pure-PHP ssh-agent client wrapper
* *
* PHP versions 4 and 5 * PHP versions 4 and 5
* *
* Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of * Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of
* System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders * System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders
* don't support that kind of directory layout hence the package being moved and * don't support that kind of directory layout hence the package being moved and
* this "alias" being created to maintain backwards compatibility. * this "alias" being created to maintain backwards compatibility.
* *
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal * of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights * in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is * copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions: * furnished to do so, subject to the following conditions:
* *
* The above copyright notice and this permission notice shall be included in * The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software. * all copies or substantial portions of the Software.
* *
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE. * THE SOFTWARE.
* *
* @category System * @category System
* @package System_SSH_Agent * @package System_SSH_Agent
* @author Jim Wigginton <terrafrost@php.net> * @author Jim Wigginton <terrafrost@php.net>
* @copyright 2014 Jim Wigginton * @copyright 2014 Jim Wigginton
* @license http://www.opensource.org/licenses/mit-license.html MIT License * @license http://www.opensource.org/licenses/mit-license.html MIT License
* @link http://phpseclib.sourceforge.net * @link http://phpseclib.sourceforge.net
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent * @internal See http://api.libssh.org/rfc/PROTOCOL.agent
*/ */
require_once 'SSH/Agent.php'; require_once 'SSH/Agent.php';

View file

@ -0,0 +1,16 @@
<?php
/**
* Bootstrapping File for phpseclib
*
* @license http://www.opensource.org/licenses/mit-license.html MIT License
*/
if (extension_loaded('mbstring')) {
// 2 - MB_OVERLOAD_STRING
if (ini_get('mbstring.func_overload') & 2) {
throw new \UnexpectedValueException(
'Overloading of string functions using mbstring.func_overload ' .
'is not supported by phpseclib.'
);
}
}

12
rainloop/v/0.0.0/app/libraries/phpseclib/openssl.cnf Normal file → Executable file
View file

@ -1,6 +1,6 @@
# minimalist openssl.cnf file for use with phpseclib # minimalist openssl.cnf file for use with phpseclib
HOME = . HOME = .
RANDFILE = $ENV::HOME/.rnd RANDFILE = $ENV::HOME/.rnd
[ v3_ca ] [ v3_ca ]