mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-13 03:27:39 +03:00
Update phpseclib
This commit is contained in:
parent
909cd45769
commit
71ac99f517
26 changed files with 35671 additions and 32243 deletions
|
|
@ -61,7 +61,10 @@ class Utils
|
||||||
if (!\class_exists('Crypt_RSA', false))
|
if (!\class_exists('Crypt_RSA', false))
|
||||||
{
|
{
|
||||||
include_once 'Crypt/RSA.php';
|
include_once 'Crypt/RSA.php';
|
||||||
\defined('CRYPT_RSA_MODE') || \define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
if (!\defined('CRYPT_RSA_MODE') && \defined('CRYPT_RSA_MODE_INTERNAL'))
|
||||||
|
{
|
||||||
|
\define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (\class_exists('Crypt_RSA'))
|
if (\class_exists('Crypt_RSA'))
|
||||||
|
|
|
||||||
404
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/AES.php
Normal file → Executable file
404
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/AES.php
Normal file → Executable file
|
|
@ -1,207 +1,197 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pure-PHP implementation of AES.
|
* Pure-PHP implementation of AES.
|
||||||
*
|
*
|
||||||
* Uses mcrypt, if available/possible, and an internal implementation, otherwise.
|
* Uses mcrypt, if available/possible, and an internal implementation, otherwise.
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP versions 4 and 5
|
||||||
*
|
*
|
||||||
* If {@link Crypt_AES::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
* NOTE: Since AES.php is (for compatibility and phpseclib-historical reasons) virtually
|
||||||
* {@link Crypt_AES::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
|
* just a wrapper to Rijndael.php you may consider using Rijndael.php instead of
|
||||||
* it'll be null-padded to 192-bits and 192 bits will be the key length until {@link Crypt_AES::setKey() setKey()}
|
* to save one include_once().
|
||||||
* is called, again, at which point, it'll be recalculated.
|
*
|
||||||
*
|
* If {@link self::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
|
||||||
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
|
* {@link self::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
|
||||||
* make a whole lot of sense. {@link Crypt_AES::setBlockLength() setBlockLength()}, for instance. Calling that function,
|
* it'll be null-padded to 192-bits and 192 bits will be the key length until {@link self::setKey() setKey()}
|
||||||
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
|
* is called, again, at which point, it'll be recalculated.
|
||||||
*
|
*
|
||||||
* Here's a short example of how to use this library:
|
* Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
|
||||||
* <code>
|
* make a whole lot of sense. {@link self::setBlockLength() setBlockLength()}, for instance. Calling that function,
|
||||||
* <?php
|
* however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
|
||||||
* include 'Crypt/AES.php';
|
*
|
||||||
*
|
* Here's a short example of how to use this library:
|
||||||
* $aes = new Crypt_AES();
|
* <code>
|
||||||
*
|
* <?php
|
||||||
* $aes->setKey('abcdefghijklmnop');
|
* include 'Crypt/AES.php';
|
||||||
*
|
*
|
||||||
* $size = 10 * 1024;
|
* $aes = new Crypt_AES();
|
||||||
* $plaintext = '';
|
*
|
||||||
* for ($i = 0; $i < $size; $i++) {
|
* $aes->setKey('abcdefghijklmnop');
|
||||||
* $plaintext.= 'a';
|
*
|
||||||
* }
|
* $size = 10 * 1024;
|
||||||
*
|
* $plaintext = '';
|
||||||
* echo $aes->decrypt($aes->encrypt($plaintext));
|
* for ($i = 0; $i < $size; $i++) {
|
||||||
* ?>
|
* $plaintext.= 'a';
|
||||||
* </code>
|
* }
|
||||||
*
|
*
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
* echo $aes->decrypt($aes->encrypt($plaintext));
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* ?>
|
||||||
* in the Software without restriction, including without limitation the rights
|
* </code>
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
*
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* furnished to do so, subject to the following conditions:
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
*
|
* in the Software without restriction, including without limitation the rights
|
||||||
* The above copyright notice and this permission notice shall be included in
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* all copies or substantial portions of the Software.
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
*
|
* furnished to do so, subject to the following conditions:
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
*
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* The above copyright notice and this permission notice shall be included in
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* all copies or substantial portions of the Software.
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
*
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* THE SOFTWARE.
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
*
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* @category Crypt
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* @package Crypt_AES
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* THE SOFTWARE.
|
||||||
* @copyright 2008 Jim Wigginton
|
*
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @category Crypt
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @package Crypt_AES
|
||||||
*/
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
|
* @copyright 2008 Jim Wigginton
|
||||||
/**
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* Include Crypt_Rijndael
|
* @link http://phpseclib.sourceforge.net
|
||||||
*/
|
*/
|
||||||
if (!class_exists('Crypt_Rijndael')) {
|
|
||||||
include_once 'Rijndael.php';
|
/**
|
||||||
}
|
* Include Crypt_Rijndael
|
||||||
|
*/
|
||||||
/**#@+
|
if (!class_exists('Crypt_Rijndael')) {
|
||||||
* @access public
|
include_once 'Rijndael.php';
|
||||||
* @see Crypt_AES::encrypt()
|
}
|
||||||
* @see Crypt_AES::decrypt()
|
|
||||||
*/
|
/**#@+
|
||||||
/**
|
* @access public
|
||||||
* Encrypt / decrypt using the Counter mode.
|
* @see self::encrypt()
|
||||||
*
|
* @see self::decrypt()
|
||||||
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
*/
|
||||||
*
|
/**
|
||||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
* Encrypt / decrypt using the Counter mode.
|
||||||
*/
|
*
|
||||||
define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR);
|
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
|
||||||
/**
|
*
|
||||||
* Encrypt / decrypt using the Electronic Code Book mode.
|
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
|
||||||
*
|
*/
|
||||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
define('CRYPT_AES_MODE_CTR', CRYPT_MODE_CTR);
|
||||||
*/
|
/**
|
||||||
define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB);
|
* Encrypt / decrypt using the Electronic Code Book mode.
|
||||||
/**
|
*
|
||||||
* Encrypt / decrypt using the Code Book Chaining mode.
|
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
|
||||||
*
|
*/
|
||||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
define('CRYPT_AES_MODE_ECB', CRYPT_MODE_ECB);
|
||||||
*/
|
/**
|
||||||
define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC);
|
* Encrypt / decrypt using the Code Book Chaining mode.
|
||||||
/**
|
*
|
||||||
* Encrypt / decrypt using the Cipher Feedback mode.
|
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
|
||||||
*
|
*/
|
||||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
|
define('CRYPT_AES_MODE_CBC', CRYPT_MODE_CBC);
|
||||||
*/
|
/**
|
||||||
define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB);
|
* Encrypt / decrypt using the Cipher Feedback mode.
|
||||||
/**
|
*
|
||||||
* Encrypt / decrypt using the Cipher Feedback mode.
|
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
|
||||||
*
|
*/
|
||||||
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
|
define('CRYPT_AES_MODE_CFB', CRYPT_MODE_CFB);
|
||||||
*/
|
/**
|
||||||
define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB);
|
* Encrypt / decrypt using the Cipher Feedback mode.
|
||||||
/**#@-*/
|
*
|
||||||
|
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
|
||||||
/**#@+
|
*/
|
||||||
* @access private
|
define('CRYPT_AES_MODE_OFB', CRYPT_MODE_OFB);
|
||||||
* @see Crypt_Base::Crypt_Base()
|
/**#@-*/
|
||||||
*/
|
|
||||||
/**
|
/**
|
||||||
* Toggles the internal implementation
|
* Pure-PHP implementation of AES.
|
||||||
*/
|
*
|
||||||
define('CRYPT_AES_MODE_INTERNAL', CRYPT_MODE_INTERNAL);
|
* @package Crypt_AES
|
||||||
/**
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* Toggles the mcrypt implementation
|
* @access public
|
||||||
*/
|
*/
|
||||||
define('CRYPT_AES_MODE_MCRYPT', CRYPT_MODE_MCRYPT);
|
class Crypt_AES extends Crypt_Rijndael
|
||||||
/**#@-*/
|
{
|
||||||
|
/**
|
||||||
/**
|
* The namespace used by the cipher for its constants.
|
||||||
* Pure-PHP implementation of AES.
|
*
|
||||||
*
|
* @see Crypt_Base::const_namespace
|
||||||
* @package Crypt_AES
|
* @var string
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @access private
|
||||||
* @access public
|
*/
|
||||||
*/
|
var $const_namespace = 'AES';
|
||||||
class Crypt_AES extends Crypt_Rijndael
|
|
||||||
{
|
/**
|
||||||
/**
|
* Dummy function
|
||||||
* The namespace used by the cipher for its constants.
|
*
|
||||||
*
|
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
|
||||||
* @see Crypt_Base::const_namespace
|
*
|
||||||
* @var String
|
* @see Crypt_Rijndael::setBlockLength()
|
||||||
* @access private
|
* @access public
|
||||||
*/
|
* @param int $length
|
||||||
var $const_namespace = 'AES';
|
*/
|
||||||
|
function setBlockLength($length)
|
||||||
/**
|
{
|
||||||
* Dummy function
|
return;
|
||||||
*
|
}
|
||||||
* Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
|
|
||||||
*
|
/**
|
||||||
* @see Crypt_Rijndael::setBlockLength()
|
* Sets the key length
|
||||||
* @access public
|
*
|
||||||
* @param Integer $length
|
* Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
|
||||||
*/
|
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
|
||||||
function setBlockLength($length)
|
*
|
||||||
{
|
* @see Crypt_Rijndael:setKeyLength()
|
||||||
return;
|
* @access public
|
||||||
}
|
* @param int $length
|
||||||
|
*/
|
||||||
/**
|
function setKeyLength($length)
|
||||||
* Sets the key length
|
{
|
||||||
*
|
switch ($length) {
|
||||||
* Valid key lengths are 128, 192, and 256. If the length is less than 128, it will be rounded up to
|
case 160:
|
||||||
* 128. If the length is greater than 128 and invalid, it will be rounded down to the closest valid amount.
|
$length = 192;
|
||||||
*
|
break;
|
||||||
* @see Crypt_Rijndael:setKeyLength()
|
case 224:
|
||||||
* @access public
|
$length = 256;
|
||||||
* @param Integer $length
|
}
|
||||||
*/
|
parent::setKeyLength($length);
|
||||||
function setKeyLength($length)
|
}
|
||||||
{
|
|
||||||
switch ($length) {
|
/**
|
||||||
case 160:
|
* Sets the key.
|
||||||
$length = 192;
|
*
|
||||||
break;
|
* Rijndael supports five different key lengths, AES only supports three.
|
||||||
case 224:
|
*
|
||||||
$length = 256;
|
* @see Crypt_Rijndael:setKey()
|
||||||
}
|
* @see setKeyLength()
|
||||||
parent::setKeyLength($length);
|
* @access public
|
||||||
}
|
* @param string $key
|
||||||
|
*/
|
||||||
/**
|
function setKey($key)
|
||||||
* Sets the key.
|
{
|
||||||
*
|
parent::setKey($key);
|
||||||
* Rijndael supports five different key lengths, AES only supports three.
|
|
||||||
*
|
if (!$this->explicit_key_length) {
|
||||||
* @see Crypt_Rijndael:setKey()
|
$length = strlen($key);
|
||||||
* @see setKeyLength()
|
switch (true) {
|
||||||
* @access public
|
case $length <= 16:
|
||||||
* @param String $key
|
$this->key_length = 16;
|
||||||
*/
|
break;
|
||||||
function setKey($key)
|
case $length <= 24:
|
||||||
{
|
$this->key_length = 24;
|
||||||
parent::setKey($key);
|
break;
|
||||||
|
default:
|
||||||
if (!$this->explicit_key_length) {
|
$this->key_length = 32;
|
||||||
$length = strlen($key);
|
}
|
||||||
switch (true) {
|
$this->_setEngine();
|
||||||
case $length <= 16:
|
}
|
||||||
$this->key_size = 16;
|
}
|
||||||
break;
|
}
|
||||||
case $length <= 24:
|
|
||||||
$this->key_size = 24;
|
|
||||||
break;
|
|
||||||
default:
|
|
||||||
$this->key_size = 32;
|
|
||||||
}
|
|
||||||
$this->_setupEngine();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
|
||||||
4671
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Base.php
Normal file → Executable file
4671
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Base.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1288
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Blowfish.php
Normal file → Executable file
1288
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Blowfish.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
3022
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/DES.php
Normal file → Executable file
3022
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/DES.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1770
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Hash.php
Normal file → Executable file
1770
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Hash.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1413
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC2.php
Normal file → Executable file
1413
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC2.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
695
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC4.php
Normal file → Executable file
695
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RC4.php
Normal file → Executable file
|
|
@ -1,329 +1,366 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pure-PHP implementation of RC4.
|
* Pure-PHP implementation of RC4.
|
||||||
*
|
*
|
||||||
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
* Uses mcrypt, if available, and an internal implementation, otherwise.
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP versions 4 and 5
|
||||||
*
|
*
|
||||||
* Useful resources are as follows:
|
* Useful resources are as follows:
|
||||||
*
|
*
|
||||||
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
|
* - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
|
||||||
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
|
* - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
|
||||||
*
|
*
|
||||||
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
|
* RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
|
||||||
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
|
* ARCFOUR or ARC4 because RC4 is how it is referred to in the SSH1 specification.
|
||||||
*
|
*
|
||||||
* Here's a short example of how to use this library:
|
* Here's a short example of how to use this library:
|
||||||
* <code>
|
* <code>
|
||||||
* <?php
|
* <?php
|
||||||
* include 'Crypt/RC4.php';
|
* include 'Crypt/RC4.php';
|
||||||
*
|
*
|
||||||
* $rc4 = new Crypt_RC4();
|
* $rc4 = new Crypt_RC4();
|
||||||
*
|
*
|
||||||
* $rc4->setKey('abcdefgh');
|
* $rc4->setKey('abcdefgh');
|
||||||
*
|
*
|
||||||
* $size = 10 * 1024;
|
* $size = 10 * 1024;
|
||||||
* $plaintext = '';
|
* $plaintext = '';
|
||||||
* for ($i = 0; $i < $size; $i++) {
|
* for ($i = 0; $i < $size; $i++) {
|
||||||
* $plaintext.= 'a';
|
* $plaintext.= 'a';
|
||||||
* }
|
* }
|
||||||
*
|
*
|
||||||
* echo $rc4->decrypt($rc4->encrypt($plaintext));
|
* echo $rc4->decrypt($rc4->encrypt($plaintext));
|
||||||
* ?>
|
* ?>
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
* in the Software without restriction, including without limitation the rights
|
* in the Software without restriction, including without limitation the rights
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
* furnished to do so, subject to the following conditions:
|
* furnished to do so, subject to the following conditions:
|
||||||
*
|
*
|
||||||
* The above copyright notice and this permission notice shall be included in
|
* The above copyright notice and this permission notice shall be included in
|
||||||
* all copies or substantial portions of the Software.
|
* all copies or substantial portions of the Software.
|
||||||
*
|
*
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
* THE SOFTWARE.
|
* THE SOFTWARE.
|
||||||
*
|
*
|
||||||
* @category Crypt
|
* @category Crypt
|
||||||
* @package Crypt_RC4
|
* @package Crypt_RC4
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @copyright 2007 Jim Wigginton
|
* @copyright 2007 Jim Wigginton
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @link http://phpseclib.sourceforge.net
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Include Crypt_Base
|
* Include Crypt_Base
|
||||||
*
|
*
|
||||||
* Base cipher class
|
* Base cipher class
|
||||||
*/
|
*/
|
||||||
if (!class_exists('Crypt_Base')) {
|
if (!class_exists('Crypt_Base')) {
|
||||||
include_once 'Base.php';
|
include_once 'Base.php';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**#@+
|
/**#@+
|
||||||
* @access private
|
* @access private
|
||||||
* @see Crypt_RC4::Crypt_RC4()
|
* @see self::_crypt()
|
||||||
*/
|
*/
|
||||||
/**
|
define('CRYPT_RC4_ENCRYPT', 0);
|
||||||
* Toggles the internal implementation
|
define('CRYPT_RC4_DECRYPT', 1);
|
||||||
*/
|
/**#@-*/
|
||||||
define('CRYPT_RC4_MODE_INTERNAL', CRYPT_MODE_INTERNAL);
|
|
||||||
/**
|
/**
|
||||||
* Toggles the mcrypt implementation
|
* Pure-PHP implementation of RC4.
|
||||||
*/
|
*
|
||||||
define('CRYPT_RC4_MODE_MCRYPT', CRYPT_MODE_MCRYPT);
|
* @package Crypt_RC4
|
||||||
/**#@-*/
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
|
* @access public
|
||||||
/**#@+
|
*/
|
||||||
* @access private
|
class Crypt_RC4 extends Crypt_Base
|
||||||
* @see Crypt_RC4::_crypt()
|
{
|
||||||
*/
|
/**
|
||||||
define('CRYPT_RC4_ENCRYPT', 0);
|
* Block Length of the cipher
|
||||||
define('CRYPT_RC4_DECRYPT', 1);
|
*
|
||||||
/**#@-*/
|
* RC4 is a stream cipher
|
||||||
|
* so we the block_size to 0
|
||||||
/**
|
*
|
||||||
* Pure-PHP implementation of RC4.
|
* @see Crypt_Base::block_size
|
||||||
*
|
* @var int
|
||||||
* @package Crypt_RC4
|
* @access private
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
*/
|
||||||
* @access public
|
var $block_size = 0;
|
||||||
*/
|
|
||||||
class Crypt_RC4 extends Crypt_Base
|
/**
|
||||||
{
|
* Key Length (in bytes)
|
||||||
/**
|
*
|
||||||
* Block Length of the cipher
|
* @see Crypt_RC4::setKeyLength()
|
||||||
*
|
* @var int
|
||||||
* RC4 is a stream cipher
|
* @access private
|
||||||
* so we the block_size to 0
|
*/
|
||||||
*
|
var $key_length = 128; // = 1024 bits
|
||||||
* @see Crypt_Base::block_size
|
|
||||||
* @var Integer
|
/**
|
||||||
* @access private
|
* The namespace used by the cipher for its constants.
|
||||||
*/
|
*
|
||||||
var $block_size = 0;
|
* @see Crypt_Base::const_namespace
|
||||||
|
* @var string
|
||||||
/**
|
* @access private
|
||||||
* The default password key_size used by setPassword()
|
*/
|
||||||
*
|
var $const_namespace = 'RC4';
|
||||||
* @see Crypt_Base::password_key_size
|
|
||||||
* @see Crypt_Base::setPassword()
|
/**
|
||||||
* @var Integer
|
* The mcrypt specific name of the cipher
|
||||||
* @access private
|
*
|
||||||
*/
|
* @see Crypt_Base::cipher_name_mcrypt
|
||||||
var $password_key_size = 128; // = 1024 bits
|
* @var string
|
||||||
|
* @access private
|
||||||
/**
|
*/
|
||||||
* The namespace used by the cipher for its constants.
|
var $cipher_name_mcrypt = 'arcfour';
|
||||||
*
|
|
||||||
* @see Crypt_Base::const_namespace
|
/**
|
||||||
* @var String
|
* Holds whether performance-optimized $inline_crypt() can/should be used.
|
||||||
* @access private
|
*
|
||||||
*/
|
* @see Crypt_Base::inline_crypt
|
||||||
var $const_namespace = 'RC4';
|
* @var mixed
|
||||||
|
* @access private
|
||||||
/**
|
*/
|
||||||
* The mcrypt specific name of the cipher
|
var $use_inline_crypt = false; // currently not available
|
||||||
*
|
|
||||||
* @see Crypt_Base::cipher_name_mcrypt
|
/**
|
||||||
* @var String
|
* The Key
|
||||||
* @access private
|
*
|
||||||
*/
|
* @see self::setKey()
|
||||||
var $cipher_name_mcrypt = 'arcfour';
|
* @var string
|
||||||
|
* @access private
|
||||||
/**
|
*/
|
||||||
* Holds whether performance-optimized $inline_crypt() can/should be used.
|
var $key;
|
||||||
*
|
|
||||||
* @see Crypt_Base::inline_crypt
|
/**
|
||||||
* @var mixed
|
* The Key Stream for decryption and encryption
|
||||||
* @access private
|
*
|
||||||
*/
|
* @see self::setKey()
|
||||||
var $use_inline_crypt = false; // currently not available
|
* @var array
|
||||||
|
* @access private
|
||||||
/**
|
*/
|
||||||
* The Key
|
var $stream;
|
||||||
*
|
|
||||||
* @see Crypt_RC4::setKey()
|
/**
|
||||||
* @var String
|
* Default Constructor.
|
||||||
* @access private
|
*
|
||||||
*/
|
* Determines whether or not the mcrypt extension should be used.
|
||||||
var $key = "\0";
|
*
|
||||||
|
* @see Crypt_Base::Crypt_Base()
|
||||||
/**
|
* @return Crypt_RC4
|
||||||
* The Key Stream for decryption and encryption
|
* @access public
|
||||||
*
|
*/
|
||||||
* @see Crypt_RC4::setKey()
|
function __construct()
|
||||||
* @var Array
|
{
|
||||||
* @access private
|
parent::__construct(CRYPT_MODE_STREAM);
|
||||||
*/
|
}
|
||||||
var $stream;
|
|
||||||
|
/**
|
||||||
/**
|
* PHP4 compatible Default Constructor.
|
||||||
* Default Constructor.
|
*
|
||||||
*
|
* @see self::__construct()
|
||||||
* Determines whether or not the mcrypt extension should be used.
|
* @access public
|
||||||
*
|
*/
|
||||||
* @see Crypt_Base::Crypt_Base()
|
function Crypt_RC4()
|
||||||
* @return Crypt_RC4
|
{
|
||||||
* @access public
|
$this->__construct();
|
||||||
*/
|
}
|
||||||
function Crypt_RC4()
|
|
||||||
{
|
/**
|
||||||
parent::Crypt_Base(CRYPT_MODE_STREAM);
|
* Test for engine validity
|
||||||
}
|
*
|
||||||
|
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine()
|
||||||
/**
|
*
|
||||||
* Dummy function.
|
* @see Crypt_Base::Crypt_Base()
|
||||||
*
|
* @param int $engine
|
||||||
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
* @access public
|
||||||
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
* @return bool
|
||||||
* calling setKey().
|
*/
|
||||||
*
|
function isValidEngine($engine)
|
||||||
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
{
|
||||||
* the IV's are relatively easy to predict, an attack described by
|
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
||||||
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
if (version_compare(PHP_VERSION, '5.3.7') >= 0) {
|
||||||
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
$this->cipher_name_openssl = 'rc4-40';
|
||||||
*
|
} else {
|
||||||
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
switch (strlen($this->key)) {
|
||||||
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
case 5:
|
||||||
*
|
$this->cipher_name_openssl = 'rc4-40';
|
||||||
* @param String $iv
|
break;
|
||||||
* @see Crypt_RC4::setKey()
|
case 8:
|
||||||
* @access public
|
$this->cipher_name_openssl = 'rc4-64';
|
||||||
*/
|
break;
|
||||||
function setIV($iv)
|
case 16:
|
||||||
{
|
$this->cipher_name_openssl = 'rc4';
|
||||||
}
|
break;
|
||||||
|
default:
|
||||||
/**
|
return false;
|
||||||
* Sets the key.
|
}
|
||||||
*
|
}
|
||||||
* Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
|
}
|
||||||
* be used. If no key is explicitly set, it'll be assumed to be a single null byte.
|
|
||||||
*
|
return parent::isValidEngine($engine);
|
||||||
* @access public
|
}
|
||||||
* @see Crypt_Base::setKey()
|
|
||||||
* @param String $key
|
/**
|
||||||
*/
|
* Dummy function.
|
||||||
function setKey($key)
|
*
|
||||||
{
|
* Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
|
||||||
parent::setKey(substr($key, 0, 256));
|
* If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
|
||||||
}
|
* calling setKey().
|
||||||
|
*
|
||||||
/**
|
* [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
|
||||||
* Encrypts a message.
|
* the IV's are relatively easy to predict, an attack described by
|
||||||
*
|
* {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
|
||||||
* @see Crypt_Base::decrypt()
|
* can be used to quickly guess at the rest of the key. The following links elaborate:
|
||||||
* @see Crypt_RC4::_crypt()
|
*
|
||||||
* @access public
|
* {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
|
||||||
* @param String $plaintext
|
* {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
|
||||||
* @return String $ciphertext
|
*
|
||||||
*/
|
* @param string $iv
|
||||||
function encrypt($plaintext)
|
* @see self::setKey()
|
||||||
{
|
* @access public
|
||||||
if ($this->engine == CRYPT_MODE_MCRYPT) {
|
*/
|
||||||
return parent::encrypt($plaintext);
|
function setIV($iv)
|
||||||
}
|
{
|
||||||
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
|
}
|
||||||
}
|
|
||||||
|
/**
|
||||||
/**
|
* Sets the key length
|
||||||
* Decrypts a message.
|
*
|
||||||
*
|
* Keys can be between 1 and 256 bytes long.
|
||||||
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
|
*
|
||||||
* At least if the continuous buffer is disabled.
|
* @access public
|
||||||
*
|
* @param int $length
|
||||||
* @see Crypt_Base::encrypt()
|
*/
|
||||||
* @see Crypt_RC4::_crypt()
|
function setKeyLength($length)
|
||||||
* @access public
|
{
|
||||||
* @param String $ciphertext
|
if ($length < 8) {
|
||||||
* @return String $plaintext
|
$this->key_length = 1;
|
||||||
*/
|
} elseif ($length > 2048) {
|
||||||
function decrypt($ciphertext)
|
$this->key_length = 256;
|
||||||
{
|
} else {
|
||||||
if ($this->engine == CRYPT_MODE_MCRYPT) {
|
$this->key_length = $length >> 3;
|
||||||
return parent::decrypt($ciphertext);
|
}
|
||||||
}
|
|
||||||
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
|
parent::setKeyLength($length);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
/**
|
* Encrypts a message.
|
||||||
* Setup the key (expansion)
|
*
|
||||||
*
|
* @see Crypt_Base::decrypt()
|
||||||
* @see Crypt_Base::_setupKey()
|
* @see self::_crypt()
|
||||||
* @access private
|
* @access public
|
||||||
*/
|
* @param string $plaintext
|
||||||
function _setupKey()
|
* @return string $ciphertext
|
||||||
{
|
*/
|
||||||
$key = $this->key;
|
function encrypt($plaintext)
|
||||||
$keyLength = strlen($key);
|
{
|
||||||
$keyStream = range(0, 255);
|
if ($this->engine != CRYPT_ENGINE_INTERNAL) {
|
||||||
$j = 0;
|
return parent::encrypt($plaintext);
|
||||||
for ($i = 0; $i < 256; $i++) {
|
}
|
||||||
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
|
return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
|
||||||
$temp = $keyStream[$i];
|
}
|
||||||
$keyStream[$i] = $keyStream[$j];
|
|
||||||
$keyStream[$j] = $temp;
|
/**
|
||||||
}
|
* Decrypts a message.
|
||||||
|
*
|
||||||
$this->stream = array();
|
* $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
|
||||||
$this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array(
|
* At least if the continuous buffer is disabled.
|
||||||
0, // index $i
|
*
|
||||||
0, // index $j
|
* @see Crypt_Base::encrypt()
|
||||||
$keyStream
|
* @see self::_crypt()
|
||||||
);
|
* @access public
|
||||||
}
|
* @param string $ciphertext
|
||||||
|
* @return string $plaintext
|
||||||
/**
|
*/
|
||||||
* Encrypts or decrypts a message.
|
function decrypt($ciphertext)
|
||||||
*
|
{
|
||||||
* @see Crypt_RC4::encrypt()
|
if ($this->engine != CRYPT_ENGINE_INTERNAL) {
|
||||||
* @see Crypt_RC4::decrypt()
|
return parent::decrypt($ciphertext);
|
||||||
* @access private
|
}
|
||||||
* @param String $text
|
return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
|
||||||
* @param Integer $mode
|
}
|
||||||
* @return String $text
|
|
||||||
*/
|
|
||||||
function _crypt($text, $mode)
|
/**
|
||||||
{
|
* Setup the key (expansion)
|
||||||
if ($this->changed) {
|
*
|
||||||
$this->_setup();
|
* @see Crypt_Base::_setupKey()
|
||||||
$this->changed = false;
|
* @access private
|
||||||
}
|
*/
|
||||||
|
function _setupKey()
|
||||||
$stream = &$this->stream[$mode];
|
{
|
||||||
if ($this->continuousBuffer) {
|
$key = $this->key;
|
||||||
$i = &$stream[0];
|
$keyLength = strlen($key);
|
||||||
$j = &$stream[1];
|
$keyStream = range(0, 255);
|
||||||
$keyStream = &$stream[2];
|
$j = 0;
|
||||||
} else {
|
for ($i = 0; $i < 256; $i++) {
|
||||||
$i = $stream[0];
|
$j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
|
||||||
$j = $stream[1];
|
$temp = $keyStream[$i];
|
||||||
$keyStream = $stream[2];
|
$keyStream[$i] = $keyStream[$j];
|
||||||
}
|
$keyStream[$j] = $temp;
|
||||||
|
}
|
||||||
$len = strlen($text);
|
|
||||||
for ($k = 0; $k < $len; ++$k) {
|
$this->stream = array();
|
||||||
$i = ($i + 1) & 255;
|
$this->stream[CRYPT_RC4_DECRYPT] = $this->stream[CRYPT_RC4_ENCRYPT] = array(
|
||||||
$ksi = $keyStream[$i];
|
0, // index $i
|
||||||
$j = ($j + $ksi) & 255;
|
0, // index $j
|
||||||
$ksj = $keyStream[$j];
|
$keyStream
|
||||||
|
);
|
||||||
$keyStream[$i] = $ksj;
|
}
|
||||||
$keyStream[$j] = $ksi;
|
|
||||||
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
|
/**
|
||||||
}
|
* Encrypts or decrypts a message.
|
||||||
|
*
|
||||||
return $text;
|
* @see self::encrypt()
|
||||||
}
|
* @see self::decrypt()
|
||||||
}
|
* @access private
|
||||||
|
* @param string $text
|
||||||
|
* @param int $mode
|
||||||
|
* @return string $text
|
||||||
|
*/
|
||||||
|
function _crypt($text, $mode)
|
||||||
|
{
|
||||||
|
if ($this->changed) {
|
||||||
|
$this->_setup();
|
||||||
|
$this->changed = false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$stream = &$this->stream[$mode];
|
||||||
|
if ($this->continuousBuffer) {
|
||||||
|
$i = &$stream[0];
|
||||||
|
$j = &$stream[1];
|
||||||
|
$keyStream = &$stream[2];
|
||||||
|
} else {
|
||||||
|
$i = $stream[0];
|
||||||
|
$j = $stream[1];
|
||||||
|
$keyStream = $stream[2];
|
||||||
|
}
|
||||||
|
|
||||||
|
$len = strlen($text);
|
||||||
|
for ($k = 0; $k < $len; ++$k) {
|
||||||
|
$i = ($i + 1) & 255;
|
||||||
|
$ksi = $keyStream[$i];
|
||||||
|
$j = ($j + $ksi) & 255;
|
||||||
|
$ksj = $keyStream[$j];
|
||||||
|
|
||||||
|
$keyStream[$i] = $ksj;
|
||||||
|
$keyStream[$j] = $ksi;
|
||||||
|
$text[$k] = $text[$k] ^ chr($keyStream[($ksj + $ksi) & 255]);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $text;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
6152
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RSA.php
Normal file → Executable file
6152
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/RSA.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
638
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Random.php
Normal file → Executable file
638
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Random.php
Normal file → Executable file
|
|
@ -1,300 +1,338 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Random Number Generator
|
* Random Number Generator
|
||||||
*
|
*
|
||||||
* The idea behind this function is that it can be easily replaced with your own crypt_random_string()
|
* The idea behind this function is that it can be easily replaced with your own crypt_random_string()
|
||||||
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever.
|
* function. eg. maybe you have a better source of entropy for creating the initial states or whatever.
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP versions 4 and 5
|
||||||
*
|
*
|
||||||
* Here's a short example of how to use this library:
|
* Here's a short example of how to use this library:
|
||||||
* <code>
|
* <code>
|
||||||
* <?php
|
* <?php
|
||||||
* include 'Crypt/Random.php';
|
* include 'Crypt/Random.php';
|
||||||
*
|
*
|
||||||
* echo bin2hex(crypt_random_string(8));
|
* echo bin2hex(crypt_random_string(8));
|
||||||
* ?>
|
* ?>
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
* in the Software without restriction, including without limitation the rights
|
* in the Software without restriction, including without limitation the rights
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
* furnished to do so, subject to the following conditions:
|
* furnished to do so, subject to the following conditions:
|
||||||
*
|
*
|
||||||
* The above copyright notice and this permission notice shall be included in
|
* The above copyright notice and this permission notice shall be included in
|
||||||
* all copies or substantial portions of the Software.
|
* all copies or substantial portions of the Software.
|
||||||
*
|
*
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
* THE SOFTWARE.
|
* THE SOFTWARE.
|
||||||
*
|
*
|
||||||
* @category Crypt
|
* @category Crypt
|
||||||
* @package Crypt_Random
|
* @package Crypt_Random
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @copyright 2007 Jim Wigginton
|
* @copyright 2007 Jim Wigginton
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @link http://phpseclib.sourceforge.net
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently,
|
// laravel is a PHP framework that utilizes phpseclib. laravel workbenches may, independently,
|
||||||
// have phpseclib as a requirement as well. if you're developing such a program you may encounter
|
// have phpseclib as a requirement as well. if you're developing such a program you may encounter
|
||||||
// a "Cannot redeclare crypt_random_string()" error.
|
// a "Cannot redeclare crypt_random_string()" error.
|
||||||
if (!function_exists('crypt_random_string')) {
|
if (!function_exists('crypt_random_string')) {
|
||||||
/**
|
/**
|
||||||
* "Is Windows" test
|
* "Is Windows" test
|
||||||
*
|
*
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
|
define('CRYPT_RANDOM_IS_WINDOWS', strtoupper(substr(PHP_OS, 0, 3)) === 'WIN');
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generate a random string.
|
* Generate a random string.
|
||||||
*
|
*
|
||||||
* Although microoptimizations are generally discouraged as they impair readability this function is ripe with
|
* Although microoptimizations are generally discouraged as they impair readability this function is ripe with
|
||||||
* microoptimizations because this function has the potential of being called a huge number of times.
|
* microoptimizations because this function has the potential of being called a huge number of times.
|
||||||
* eg. for RSA key generation.
|
* eg. for RSA key generation.
|
||||||
*
|
*
|
||||||
* @param Integer $length
|
* @param int $length
|
||||||
* @return String
|
* @return string
|
||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
function crypt_random_string($length)
|
function crypt_random_string($length)
|
||||||
{
|
{
|
||||||
if (CRYPT_RANDOM_IS_WINDOWS) {
|
if (!$length) {
|
||||||
// method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
|
return '';
|
||||||
// ie. class_alias is a function that was introduced in PHP 5.3
|
}
|
||||||
if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) {
|
|
||||||
return mcrypt_create_iv($length);
|
if (CRYPT_RANDOM_IS_WINDOWS) {
|
||||||
}
|
// method 1. prior to PHP 5.3, mcrypt_create_iv() would call rand() on windows
|
||||||
// method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
|
if (extension_loaded('mcrypt') && version_compare(PHP_VERSION, '5.3.0', '>=')) {
|
||||||
// to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
|
return @mcrypt_create_iv($length);
|
||||||
// openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
|
}
|
||||||
// call php_win32_get_random_bytes():
|
// method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
|
||||||
//
|
// to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
|
||||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
|
// openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
|
||||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
|
// call php_win32_get_random_bytes():
|
||||||
//
|
//
|
||||||
// php_win32_get_random_bytes() is defined thusly:
|
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
|
||||||
//
|
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
|
||||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
|
//
|
||||||
//
|
// php_win32_get_random_bytes() is defined thusly:
|
||||||
// we're calling it, all the same, in the off chance that the mcrypt extension is not available
|
//
|
||||||
if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
|
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
|
||||||
return openssl_random_pseudo_bytes($length);
|
//
|
||||||
}
|
// we're calling it, all the same, in the off chance that the mcrypt extension is not available
|
||||||
} else {
|
if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
|
||||||
// method 1. the fastest
|
return openssl_random_pseudo_bytes($length);
|
||||||
if (function_exists('openssl_random_pseudo_bytes')) {
|
}
|
||||||
return openssl_random_pseudo_bytes($length);
|
} else {
|
||||||
}
|
// method 1. the fastest
|
||||||
// method 2
|
if (extension_loaded('openssl') && version_compare(PHP_VERSION, '5.3.0', '>=')) {
|
||||||
static $fp = true;
|
return openssl_random_pseudo_bytes($length);
|
||||||
if ($fp === true) {
|
}
|
||||||
// warning's will be output unles the error suppression operator is used. errors such as
|
// method 2
|
||||||
// "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
|
static $fp = true;
|
||||||
$fp = @fopen('/dev/urandom', 'rb');
|
if ($fp === true) {
|
||||||
}
|
// warning's will be output unles the error suppression operator is used. errors such as
|
||||||
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
|
// "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
|
||||||
return fread($fp, $length);
|
$fp = @fopen('/dev/urandom', 'rb');
|
||||||
}
|
}
|
||||||
// method 3. pretty much does the same thing as method 2 per the following url:
|
if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
|
||||||
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
|
return fread($fp, $length);
|
||||||
// surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
|
}
|
||||||
// not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
|
// method 3. pretty much does the same thing as method 2 per the following url:
|
||||||
// restrictions or some such
|
// https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
|
||||||
if (function_exists('mcrypt_create_iv')) {
|
// surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
|
||||||
return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
|
// not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
|
||||||
}
|
// restrictions or some such
|
||||||
}
|
if (extension_loaded('mcrypt')) {
|
||||||
// at this point we have no choice but to use a pure-PHP CSPRNG
|
return @mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
|
||||||
|
}
|
||||||
// cascade entropy across multiple PHP instances by fixing the session and collecting all
|
}
|
||||||
// environmental variables, including the previous session data and the current session
|
// at this point we have no choice but to use a pure-PHP CSPRNG
|
||||||
// data.
|
|
||||||
//
|
// cascade entropy across multiple PHP instances by fixing the session and collecting all
|
||||||
// mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
|
// environmental variables, including the previous session data and the current session
|
||||||
// easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
|
// data.
|
||||||
// PHP isn't low level to be able to use those as sources and on a web server there's not likely
|
//
|
||||||
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
|
// mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
|
||||||
// however, a ton of people visiting the website. obviously you don't want to base your seeding
|
// easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
|
||||||
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
|
// PHP isn't low level to be able to use those as sources and on a web server there's not likely
|
||||||
// by the user and (2) this isn't just looking at the data sent by the current user - it's based
|
// going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
|
||||||
// on the data sent by all users. one user requests the page and a hash of their info is saved.
|
// however, a ton of people visiting the website. obviously you don't want to base your seeding
|
||||||
// another user visits the page and the serialization of their data is utilized along with the
|
// soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
|
||||||
// server envirnment stuff and a hash of the previous http request data (which itself utilizes
|
// by the user and (2) this isn't just looking at the data sent by the current user - it's based
|
||||||
// a hash of the session data before that). certainly an attacker should be assumed to have
|
// on the data sent by all users. one user requests the page and a hash of their info is saved.
|
||||||
// full control over his own http requests. he, however, is not going to have control over
|
// another user visits the page and the serialization of their data is utilized along with the
|
||||||
// everyone's http requests.
|
// server envirnment stuff and a hash of the previous http request data (which itself utilizes
|
||||||
static $crypto = false, $v;
|
// a hash of the session data before that). certainly an attacker should be assumed to have
|
||||||
if ($crypto === false) {
|
// full control over his own http requests. he, however, is not going to have control over
|
||||||
// save old session data
|
// everyone's http requests.
|
||||||
$old_session_id = session_id();
|
static $crypto = false, $v;
|
||||||
$old_use_cookies = ini_get('session.use_cookies');
|
if ($crypto === false) {
|
||||||
$old_session_cache_limiter = session_cache_limiter();
|
// save old session data
|
||||||
$_OLD_SESSION = isset($_SESSION) ? $_SESSION : false;
|
$old_session_id = session_id();
|
||||||
if ($old_session_id != '') {
|
$old_use_cookies = ini_get('session.use_cookies');
|
||||||
session_write_close();
|
$old_session_cache_limiter = session_cache_limiter();
|
||||||
}
|
$_OLD_SESSION = isset($_SESSION) ? $_SESSION : false;
|
||||||
|
if ($old_session_id != '') {
|
||||||
session_id(1);
|
session_write_close();
|
||||||
ini_set('session.use_cookies', 0);
|
}
|
||||||
session_cache_limiter('');
|
|
||||||
session_start();
|
session_id(1);
|
||||||
|
ini_set('session.use_cookies', 0);
|
||||||
$v = $seed = $_SESSION['seed'] = pack('H*', sha1(
|
session_cache_limiter('');
|
||||||
serialize($_SERVER) .
|
session_start();
|
||||||
serialize($_POST) .
|
|
||||||
serialize($_GET) .
|
$v = $seed = $_SESSION['seed'] = pack('H*', sha1(
|
||||||
serialize($_COOKIE) .
|
(isset($_SERVER) ? phpseclib_safe_serialize($_SERVER) : '') .
|
||||||
serialize($GLOBALS) .
|
(isset($_POST) ? phpseclib_safe_serialize($_POST) : '') .
|
||||||
serialize($_SESSION) .
|
(isset($_GET) ? phpseclib_safe_serialize($_GET) : '') .
|
||||||
serialize($_OLD_SESSION)
|
(isset($_COOKIE) ? phpseclib_safe_serialize($_COOKIE) : '') .
|
||||||
));
|
phpseclib_safe_serialize($GLOBALS) .
|
||||||
if (!isset($_SESSION['count'])) {
|
phpseclib_safe_serialize($_SESSION) .
|
||||||
$_SESSION['count'] = 0;
|
phpseclib_safe_serialize($_OLD_SESSION)
|
||||||
}
|
));
|
||||||
$_SESSION['count']++;
|
if (!isset($_SESSION['count'])) {
|
||||||
|
$_SESSION['count'] = 0;
|
||||||
session_write_close();
|
}
|
||||||
|
$_SESSION['count']++;
|
||||||
// restore old session data
|
|
||||||
if ($old_session_id != '') {
|
session_write_close();
|
||||||
session_id($old_session_id);
|
|
||||||
session_start();
|
// restore old session data
|
||||||
ini_set('session.use_cookies', $old_use_cookies);
|
if ($old_session_id != '') {
|
||||||
session_cache_limiter($old_session_cache_limiter);
|
session_id($old_session_id);
|
||||||
} else {
|
session_start();
|
||||||
if ($_OLD_SESSION !== false) {
|
ini_set('session.use_cookies', $old_use_cookies);
|
||||||
$_SESSION = $_OLD_SESSION;
|
session_cache_limiter($old_session_cache_limiter);
|
||||||
unset($_OLD_SESSION);
|
} else {
|
||||||
} else {
|
if ($_OLD_SESSION !== false) {
|
||||||
unset($_SESSION);
|
$_SESSION = $_OLD_SESSION;
|
||||||
}
|
unset($_OLD_SESSION);
|
||||||
}
|
} else {
|
||||||
|
unset($_SESSION);
|
||||||
// in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
|
}
|
||||||
// the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
|
}
|
||||||
// if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
|
|
||||||
// original hash and the current hash. we'll be emulating that. for more info see the following URL:
|
// in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
|
||||||
//
|
// the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
|
||||||
// http://tools.ietf.org/html/rfc4253#section-7.2
|
// if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
|
||||||
//
|
// original hash and the current hash. we'll be emulating that. for more info see the following URL:
|
||||||
// see the is_string($crypto) part for an example of how to expand the keys
|
//
|
||||||
$key = pack('H*', sha1($seed . 'A'));
|
// http://tools.ietf.org/html/rfc4253#section-7.2
|
||||||
$iv = pack('H*', sha1($seed . 'C'));
|
//
|
||||||
|
// see the is_string($crypto) part for an example of how to expand the keys
|
||||||
// ciphers are used as per the nist.gov link below. also, see this link:
|
$key = pack('H*', sha1($seed . 'A'));
|
||||||
//
|
$iv = pack('H*', sha1($seed . 'C'));
|
||||||
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
|
|
||||||
switch (true) {
|
// ciphers are used as per the nist.gov link below. also, see this link:
|
||||||
case phpseclib_resolve_include_path('Crypt/AES.php'):
|
//
|
||||||
if (!class_exists('Crypt_AES')) {
|
// http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
|
||||||
include_once 'AES.php';
|
switch (true) {
|
||||||
}
|
case phpseclib_resolve_include_path('Crypt/AES.php'):
|
||||||
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
if (!class_exists('Crypt_AES')) {
|
||||||
break;
|
include_once 'AES.php';
|
||||||
case phpseclib_resolve_include_path('Crypt/Twofish.php'):
|
}
|
||||||
if (!class_exists('Crypt_Twofish')) {
|
$crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
|
||||||
include_once 'Twofish.php';
|
break;
|
||||||
}
|
case phpseclib_resolve_include_path('Crypt/Twofish.php'):
|
||||||
$crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
|
if (!class_exists('Crypt_Twofish')) {
|
||||||
break;
|
include_once 'Twofish.php';
|
||||||
case phpseclib_resolve_include_path('Crypt/Blowfish.php'):
|
}
|
||||||
if (!class_exists('Crypt_Blowfish')) {
|
$crypto = new Crypt_Twofish(CRYPT_TWOFISH_MODE_CTR);
|
||||||
include_once 'Blowfish.php';
|
break;
|
||||||
}
|
case phpseclib_resolve_include_path('Crypt/Blowfish.php'):
|
||||||
$crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
|
if (!class_exists('Crypt_Blowfish')) {
|
||||||
break;
|
include_once 'Blowfish.php';
|
||||||
case phpseclib_resolve_include_path('Crypt/TripleDES.php'):
|
}
|
||||||
if (!class_exists('Crypt_TripleDES')) {
|
$crypto = new Crypt_Blowfish(CRYPT_BLOWFISH_MODE_CTR);
|
||||||
include_once 'TripleDES.php';
|
break;
|
||||||
}
|
case phpseclib_resolve_include_path('Crypt/TripleDES.php'):
|
||||||
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
if (!class_exists('Crypt_TripleDES')) {
|
||||||
break;
|
include_once 'TripleDES.php';
|
||||||
case phpseclib_resolve_include_path('Crypt/DES.php'):
|
}
|
||||||
if (!class_exists('Crypt_DES')) {
|
$crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
|
||||||
include_once 'DES.php';
|
break;
|
||||||
}
|
case phpseclib_resolve_include_path('Crypt/DES.php'):
|
||||||
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
|
if (!class_exists('Crypt_DES')) {
|
||||||
break;
|
include_once 'DES.php';
|
||||||
case phpseclib_resolve_include_path('Crypt/RC4.php'):
|
}
|
||||||
if (!class_exists('Crypt_RC4')) {
|
$crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
|
||||||
include_once 'RC4.php';
|
break;
|
||||||
}
|
case phpseclib_resolve_include_path('Crypt/RC4.php'):
|
||||||
$crypto = new Crypt_RC4();
|
if (!class_exists('Crypt_RC4')) {
|
||||||
break;
|
include_once 'RC4.php';
|
||||||
default:
|
}
|
||||||
user_error('crypt_random_string requires at least one symmetric cipher be loaded');
|
$crypto = new Crypt_RC4();
|
||||||
return false;
|
break;
|
||||||
}
|
default:
|
||||||
|
user_error('crypt_random_string requires at least one symmetric cipher be loaded');
|
||||||
$crypto->setKey($key);
|
return false;
|
||||||
$crypto->setIV($iv);
|
}
|
||||||
$crypto->enableContinuousBuffer();
|
|
||||||
}
|
$crypto->setKey($key);
|
||||||
|
$crypto->setIV($iv);
|
||||||
//return $crypto->encrypt(str_repeat("\0", $length));
|
$crypto->enableContinuousBuffer();
|
||||||
|
}
|
||||||
// the following is based off of ANSI X9.31:
|
|
||||||
//
|
//return $crypto->encrypt(str_repeat("\0", $length));
|
||||||
// http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
|
|
||||||
//
|
// the following is based off of ANSI X9.31:
|
||||||
// OpenSSL uses that same standard for it's random numbers:
|
//
|
||||||
//
|
// http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
|
||||||
// http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
|
//
|
||||||
// (do a search for "ANS X9.31 A.2.4")
|
// OpenSSL uses that same standard for it's random numbers:
|
||||||
$result = '';
|
//
|
||||||
while (strlen($result) < $length) {
|
// http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
|
||||||
$i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21
|
// (do a search for "ANS X9.31 A.2.4")
|
||||||
$r = $crypto->encrypt($i ^ $v); // strlen($v) == 20
|
$result = '';
|
||||||
$v = $crypto->encrypt($r ^ $i); // strlen($r) == 20
|
while (strlen($result) < $length) {
|
||||||
$result.= $r;
|
$i = $crypto->encrypt(microtime()); // strlen(microtime()) == 21
|
||||||
}
|
$r = $crypto->encrypt($i ^ $v); // strlen($v) == 20
|
||||||
return substr($result, 0, $length);
|
$v = $crypto->encrypt($r ^ $i); // strlen($r) == 20
|
||||||
}
|
$result.= $r;
|
||||||
}
|
}
|
||||||
|
return substr($result, 0, $length);
|
||||||
if (!function_exists('phpseclib_resolve_include_path')) {
|
}
|
||||||
/**
|
}
|
||||||
* Resolve filename against the include path.
|
|
||||||
*
|
if (!function_exists('phpseclib_safe_serialize')) {
|
||||||
* Wrapper around stream_resolve_include_path() (which was introduced in
|
/**
|
||||||
* PHP 5.3.2) with fallback implementation for earlier PHP versions.
|
* Safely serialize variables
|
||||||
*
|
*
|
||||||
* @param string $filename
|
* If a class has a private __sleep() method it'll give a fatal error on PHP 5.2 and earlier.
|
||||||
* @return mixed Filename (string) on success, false otherwise.
|
* PHP 5.3 will emit a warning.
|
||||||
* @access public
|
*
|
||||||
*/
|
* @param mixed $arr
|
||||||
function phpseclib_resolve_include_path($filename)
|
* @access public
|
||||||
{
|
*/
|
||||||
if (function_exists('stream_resolve_include_path')) {
|
function phpseclib_safe_serialize(&$arr)
|
||||||
return stream_resolve_include_path($filename);
|
{
|
||||||
}
|
if (is_object($arr)) {
|
||||||
|
return '';
|
||||||
// handle non-relative paths
|
}
|
||||||
if (file_exists($filename)) {
|
if (!is_array($arr)) {
|
||||||
return realpath($filename);
|
return serialize($arr);
|
||||||
}
|
}
|
||||||
|
// prevent circular array recursion
|
||||||
$paths = PATH_SEPARATOR == ':' ?
|
if (isset($arr['__phpseclib_marker'])) {
|
||||||
preg_split('#(?<!phar):#', get_include_path()) :
|
return '';
|
||||||
explode(PATH_SEPARATOR, get_include_path());
|
}
|
||||||
foreach ($paths as $prefix) {
|
$safearr = array();
|
||||||
// path's specified in include_path don't always end in /
|
$arr['__phpseclib_marker'] = true;
|
||||||
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR;
|
foreach (array_keys($arr) as $key) {
|
||||||
$file = $prefix . $ds . $filename;
|
// do not recurse on the '__phpseclib_marker' key itself, for smaller memory usage
|
||||||
if (file_exists($file)) {
|
if ($key !== '__phpseclib_marker') {
|
||||||
return realpath($file);
|
$safearr[$key] = phpseclib_safe_serialize($arr[$key]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
unset($arr['__phpseclib_marker']);
|
||||||
return false;
|
return serialize($safearr);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!function_exists('phpseclib_resolve_include_path')) {
|
||||||
|
/**
|
||||||
|
* Resolve filename against the include path.
|
||||||
|
*
|
||||||
|
* Wrapper around stream_resolve_include_path() (which was introduced in
|
||||||
|
* PHP 5.3.2) with fallback implementation for earlier PHP versions.
|
||||||
|
*
|
||||||
|
* @param string $filename
|
||||||
|
* @return string|false
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function phpseclib_resolve_include_path($filename)
|
||||||
|
{
|
||||||
|
if (function_exists('stream_resolve_include_path')) {
|
||||||
|
return stream_resolve_include_path($filename);
|
||||||
|
}
|
||||||
|
|
||||||
|
// handle non-relative paths
|
||||||
|
if (file_exists($filename)) {
|
||||||
|
return realpath($filename);
|
||||||
|
}
|
||||||
|
|
||||||
|
$paths = PATH_SEPARATOR == ':' ?
|
||||||
|
preg_split('#(?<!phar):#', get_include_path()) :
|
||||||
|
explode(PATH_SEPARATOR, get_include_path());
|
||||||
|
foreach ($paths as $prefix) {
|
||||||
|
// path's specified in include_path don't always end in /
|
||||||
|
$ds = substr($prefix, -1) == DIRECTORY_SEPARATOR ? '' : DIRECTORY_SEPARATOR;
|
||||||
|
$file = $prefix . $ds . $filename;
|
||||||
|
if (file_exists($file)) {
|
||||||
|
return realpath($file);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
2398
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Rijndael.php
Normal file → Executable file
2398
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Rijndael.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
945
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/TripleDES.php
Normal file → Executable file
945
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/TripleDES.php
Normal file → Executable file
|
|
@ -1,428 +1,517 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pure-PHP implementation of Triple DES.
|
* Pure-PHP implementation of Triple DES.
|
||||||
*
|
*
|
||||||
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
* Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP versions 4 and 5
|
||||||
*
|
*
|
||||||
* Here's a short example of how to use this library:
|
* Here's a short example of how to use this library:
|
||||||
* <code>
|
* <code>
|
||||||
* <?php
|
* <?php
|
||||||
* include 'Crypt/TripleDES.php';
|
* include 'Crypt/TripleDES.php';
|
||||||
*
|
*
|
||||||
* $des = new Crypt_TripleDES();
|
* $des = new Crypt_TripleDES();
|
||||||
*
|
*
|
||||||
* $des->setKey('abcdefghijklmnopqrstuvwx');
|
* $des->setKey('abcdefghijklmnopqrstuvwx');
|
||||||
*
|
*
|
||||||
* $size = 10 * 1024;
|
* $size = 10 * 1024;
|
||||||
* $plaintext = '';
|
* $plaintext = '';
|
||||||
* for ($i = 0; $i < $size; $i++) {
|
* for ($i = 0; $i < $size; $i++) {
|
||||||
* $plaintext.= 'a';
|
* $plaintext.= 'a';
|
||||||
* }
|
* }
|
||||||
*
|
*
|
||||||
* echo $des->decrypt($des->encrypt($plaintext));
|
* echo $des->decrypt($des->encrypt($plaintext));
|
||||||
* ?>
|
* ?>
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
* in the Software without restriction, including without limitation the rights
|
* in the Software without restriction, including without limitation the rights
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
* furnished to do so, subject to the following conditions:
|
* furnished to do so, subject to the following conditions:
|
||||||
*
|
*
|
||||||
* The above copyright notice and this permission notice shall be included in
|
* The above copyright notice and this permission notice shall be included in
|
||||||
* all copies or substantial portions of the Software.
|
* all copies or substantial portions of the Software.
|
||||||
*
|
*
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
* THE SOFTWARE.
|
* THE SOFTWARE.
|
||||||
*
|
*
|
||||||
* @category Crypt
|
* @category Crypt
|
||||||
* @package Crypt_TripleDES
|
* @package Crypt_TripleDES
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @copyright 2007 Jim Wigginton
|
* @copyright 2007 Jim Wigginton
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @link http://phpseclib.sourceforge.net
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Include Crypt_DES
|
* Include Crypt_DES
|
||||||
*/
|
*/
|
||||||
if (!class_exists('Crypt_DES')) {
|
if (!class_exists('Crypt_DES')) {
|
||||||
include_once 'DES.php';
|
include_once 'DES.php';
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**#@+
|
||||||
* Encrypt / decrypt using inner chaining
|
* @access public
|
||||||
*
|
* @see self::Crypt_TripleDES()
|
||||||
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
*/
|
||||||
*/
|
/**
|
||||||
define('CRYPT_DES_MODE_3CBC', -2);
|
* Encrypt / decrypt using inner chaining
|
||||||
|
*
|
||||||
/**
|
* Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
|
||||||
* Encrypt / decrypt using outer chaining
|
*/
|
||||||
*
|
define('CRYPT_MODE_3CBC', -2);
|
||||||
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
/**
|
||||||
*/
|
* BC version of the above.
|
||||||
define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC);
|
*/
|
||||||
|
define('CRYPT_DES_MODE_3CBC', -2);
|
||||||
/**
|
/**
|
||||||
* Pure-PHP implementation of Triple DES.
|
* Encrypt / decrypt using outer chaining
|
||||||
*
|
*
|
||||||
* @package Crypt_TripleDES
|
* Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
*/
|
||||||
* @access public
|
define('CRYPT_MODE_CBC3', CRYPT_MODE_CBC);
|
||||||
*/
|
/**
|
||||||
class Crypt_TripleDES extends Crypt_DES
|
* BC version of the above.
|
||||||
{
|
*/
|
||||||
/**
|
define('CRYPT_DES_MODE_CBC3', CRYPT_MODE_CBC3);
|
||||||
* The default password key_size used by setPassword()
|
/**#@-*/
|
||||||
*
|
|
||||||
* @see Crypt_DES::password_key_size
|
/**
|
||||||
* @see Crypt_Base::password_key_size
|
* Pure-PHP implementation of Triple DES.
|
||||||
* @see Crypt_Base::setPassword()
|
*
|
||||||
* @var Integer
|
* @package Crypt_TripleDES
|
||||||
* @access private
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
*/
|
* @access public
|
||||||
var $password_key_size = 24;
|
*/
|
||||||
|
class Crypt_TripleDES extends Crypt_DES
|
||||||
/**
|
{
|
||||||
* The default salt used by setPassword()
|
/**
|
||||||
*
|
* Key Length (in bytes)
|
||||||
* @see Crypt_Base::password_default_salt
|
*
|
||||||
* @see Crypt_Base::setPassword()
|
* @see Crypt_TripleDES::setKeyLength()
|
||||||
* @var String
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $password_default_salt = 'phpseclib';
|
var $key_length = 24;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The namespace used by the cipher for its constants.
|
* The default salt used by setPassword()
|
||||||
*
|
*
|
||||||
* @see Crypt_DES::const_namespace
|
* @see Crypt_Base::password_default_salt
|
||||||
* @see Crypt_Base::const_namespace
|
* @see Crypt_Base::setPassword()
|
||||||
* @var String
|
* @var string
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $const_namespace = 'DES';
|
var $password_default_salt = 'phpseclib';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The mcrypt specific name of the cipher
|
* The namespace used by the cipher for its constants.
|
||||||
*
|
*
|
||||||
* @see Crypt_DES::cipher_name_mcrypt
|
* @see Crypt_DES::const_namespace
|
||||||
* @see Crypt_Base::cipher_name_mcrypt
|
* @see Crypt_Base::const_namespace
|
||||||
* @var String
|
* @var string
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $cipher_name_mcrypt = 'tripledes';
|
var $const_namespace = 'DES';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Optimizing value while CFB-encrypting
|
* The mcrypt specific name of the cipher
|
||||||
*
|
*
|
||||||
* @see Crypt_Base::cfb_init_len
|
* @see Crypt_DES::cipher_name_mcrypt
|
||||||
* @var Integer
|
* @see Crypt_Base::cipher_name_mcrypt
|
||||||
* @access private
|
* @var string
|
||||||
*/
|
* @access private
|
||||||
var $cfb_init_len = 750;
|
*/
|
||||||
|
var $cipher_name_mcrypt = 'tripledes';
|
||||||
/**
|
|
||||||
* max possible size of $key
|
/**
|
||||||
*
|
* Optimizing value while CFB-encrypting
|
||||||
* @see Crypt_TripleDES::setKey()
|
*
|
||||||
* @see Crypt_DES::setKey()
|
* @see Crypt_Base::cfb_init_len
|
||||||
* @var String
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $key_size_max = 24;
|
var $cfb_init_len = 750;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Internal flag whether using CRYPT_DES_MODE_3CBC or not
|
* max possible size of $key
|
||||||
*
|
*
|
||||||
* @var Boolean
|
* @see self::setKey()
|
||||||
* @access private
|
* @see Crypt_DES::setKey()
|
||||||
*/
|
* @var string
|
||||||
var $mode_3cbc;
|
* @access private
|
||||||
|
*/
|
||||||
/**
|
var $key_length_max = 24;
|
||||||
* The Crypt_DES objects
|
|
||||||
*
|
/**
|
||||||
* Used only if $mode_3cbc === true
|
* Internal flag whether using CRYPT_DES_MODE_3CBC or not
|
||||||
*
|
*
|
||||||
* @var Array
|
* @var bool
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $des;
|
var $mode_3cbc;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default Constructor.
|
* The Crypt_DES objects
|
||||||
*
|
*
|
||||||
* Determines whether or not the mcrypt extension should be used.
|
* Used only if $mode_3cbc === true
|
||||||
*
|
*
|
||||||
* $mode could be:
|
* @var array
|
||||||
*
|
* @access private
|
||||||
* - CRYPT_DES_MODE_ECB
|
*/
|
||||||
*
|
var $des;
|
||||||
* - CRYPT_DES_MODE_CBC
|
|
||||||
*
|
/**
|
||||||
* - CRYPT_DES_MODE_CTR
|
* Default Constructor.
|
||||||
*
|
*
|
||||||
* - CRYPT_DES_MODE_CFB
|
* Determines whether or not the mcrypt extension should be used.
|
||||||
*
|
*
|
||||||
* - CRYPT_DES_MODE_OFB
|
* $mode could be:
|
||||||
*
|
*
|
||||||
* - CRYPT_DES_MODE_3CBC
|
* - CRYPT_DES_MODE_ECB
|
||||||
*
|
*
|
||||||
* If not explicitly set, CRYPT_DES_MODE_CBC will be used.
|
* - CRYPT_DES_MODE_CBC
|
||||||
*
|
*
|
||||||
* @see Crypt_DES::Crypt_DES()
|
* - CRYPT_DES_MODE_CTR
|
||||||
* @see Crypt_Base::Crypt_Base()
|
*
|
||||||
* @param optional Integer $mode
|
* - CRYPT_DES_MODE_CFB
|
||||||
* @access public
|
*
|
||||||
*/
|
* - CRYPT_DES_MODE_OFB
|
||||||
function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC)
|
*
|
||||||
{
|
* - CRYPT_DES_MODE_3CBC
|
||||||
switch ($mode) {
|
*
|
||||||
// In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC
|
* If not explicitly set, CRYPT_DES_MODE_CBC will be used.
|
||||||
// and additional flag us internally as 3CBC
|
*
|
||||||
case CRYPT_DES_MODE_3CBC:
|
* @see Crypt_DES::Crypt_DES()
|
||||||
parent::Crypt_Base(CRYPT_DES_MODE_CBC);
|
* @see Crypt_Base::Crypt_Base()
|
||||||
$this->mode_3cbc = true;
|
* @param int $mode
|
||||||
|
* @access public
|
||||||
// This three $des'es will do the 3CBC work (if $key > 64bits)
|
*/
|
||||||
$this->des = array(
|
function __construct($mode = CRYPT_MODE_CBC)
|
||||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
{
|
||||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
switch ($mode) {
|
||||||
new Crypt_DES(CRYPT_DES_MODE_CBC),
|
// In case of CRYPT_DES_MODE_3CBC, we init as CRYPT_DES_MODE_CBC
|
||||||
);
|
// and additional flag us internally as 3CBC
|
||||||
|
case CRYPT_DES_MODE_3CBC:
|
||||||
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
parent::Crypt_Base(CRYPT_MODE_CBC);
|
||||||
$this->des[0]->disablePadding();
|
$this->mode_3cbc = true;
|
||||||
$this->des[1]->disablePadding();
|
|
||||||
$this->des[2]->disablePadding();
|
// This three $des'es will do the 3CBC work (if $key > 64bits)
|
||||||
break;
|
$this->des = array(
|
||||||
// If not 3CBC, we init as usual
|
new Crypt_DES(CRYPT_MODE_CBC),
|
||||||
default:
|
new Crypt_DES(CRYPT_MODE_CBC),
|
||||||
parent::Crypt_Base($mode);
|
new Crypt_DES(CRYPT_MODE_CBC),
|
||||||
}
|
);
|
||||||
}
|
|
||||||
|
// we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
|
||||||
/**
|
$this->des[0]->disablePadding();
|
||||||
* Sets the initialization vector. (optional)
|
$this->des[1]->disablePadding();
|
||||||
*
|
$this->des[2]->disablePadding();
|
||||||
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed
|
break;
|
||||||
* to be all zero's.
|
// If not 3CBC, we init as usual
|
||||||
*
|
default:
|
||||||
* @see Crypt_Base::setIV()
|
parent::__construct($mode);
|
||||||
* @access public
|
}
|
||||||
* @param String $iv
|
}
|
||||||
*/
|
|
||||||
function setIV($iv)
|
/**
|
||||||
{
|
* PHP4 compatible Default Constructor.
|
||||||
parent::setIV($iv);
|
*
|
||||||
if ($this->mode_3cbc) {
|
* @see self::__construct()
|
||||||
$this->des[0]->setIV($iv);
|
* @param int $mode
|
||||||
$this->des[1]->setIV($iv);
|
* @access public
|
||||||
$this->des[2]->setIV($iv);
|
*/
|
||||||
}
|
function Crypt_TripleDES($mode = CRYPT_MODE_CBC)
|
||||||
}
|
{
|
||||||
|
$this->__construct($mode);
|
||||||
/**
|
}
|
||||||
* Sets the key.
|
|
||||||
*
|
/**
|
||||||
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
|
* Test for engine validity
|
||||||
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
|
*
|
||||||
*
|
* This is mainly just a wrapper to set things up for Crypt_Base::isValidEngine()
|
||||||
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
*
|
||||||
*
|
* @see Crypt_Base::Crypt_Base()
|
||||||
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
* @param int $engine
|
||||||
*
|
* @access public
|
||||||
* @access public
|
* @return bool
|
||||||
* @see Crypt_DES::setKey()
|
*/
|
||||||
* @see Crypt_Base::setKey()
|
function isValidEngine($engine)
|
||||||
* @param String $key
|
{
|
||||||
*/
|
if ($engine == CRYPT_ENGINE_OPENSSL) {
|
||||||
function setKey($key)
|
$this->cipher_name_openssl_ecb = 'des-ede3';
|
||||||
{
|
$mode = $this->_openssl_translate_mode();
|
||||||
$length = strlen($key);
|
$this->cipher_name_openssl = $mode == 'ecb' ? 'des-ede3' : 'des-ede3-' . $mode;
|
||||||
if ($length > 8) {
|
}
|
||||||
$key = str_pad(substr($key, 0, 24), 24, chr(0));
|
|
||||||
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
return parent::isValidEngine($engine);
|
||||||
// http://php.net/function.mcrypt-encrypt#47973
|
}
|
||||||
//$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
|
||||||
} else {
|
/**
|
||||||
$key = str_pad($key, 8, chr(0));
|
* Sets the initialization vector. (optional)
|
||||||
}
|
*
|
||||||
parent::setKey($key);
|
* SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explicitly set, it'll be assumed
|
||||||
|
* to be all zero's.
|
||||||
// And in case of CRYPT_DES_MODE_3CBC:
|
*
|
||||||
// if key <= 64bits we not need the 3 $des to work,
|
* @see Crypt_Base::setIV()
|
||||||
// because we will then act as regular DES-CBC with just a <= 64bit key.
|
* @access public
|
||||||
// So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des.
|
* @param string $iv
|
||||||
if ($this->mode_3cbc && $length > 8) {
|
*/
|
||||||
$this->des[0]->setKey(substr($key, 0, 8));
|
function setIV($iv)
|
||||||
$this->des[1]->setKey(substr($key, 8, 8));
|
{
|
||||||
$this->des[2]->setKey(substr($key, 16, 8));
|
parent::setIV($iv);
|
||||||
}
|
if ($this->mode_3cbc) {
|
||||||
}
|
$this->des[0]->setIV($iv);
|
||||||
|
$this->des[1]->setIV($iv);
|
||||||
/**
|
$this->des[2]->setIV($iv);
|
||||||
* Encrypts a message.
|
}
|
||||||
*
|
}
|
||||||
* @see Crypt_Base::encrypt()
|
|
||||||
* @access public
|
/**
|
||||||
* @param String $plaintext
|
* Sets the key length.
|
||||||
* @return String $cipertext
|
*
|
||||||
*/
|
* Valid key lengths are 64, 128 and 192
|
||||||
function encrypt($plaintext)
|
*
|
||||||
{
|
* @see Crypt_Base:setKeyLength()
|
||||||
// parent::en/decrypt() is able to do all the work for all modes and keylengths,
|
* @access public
|
||||||
// except for: CRYPT_DES_MODE_3CBC (inner chaining CBC) with a key > 64bits
|
* @param int $length
|
||||||
|
*/
|
||||||
// if the key is smaller then 8, do what we'd normally do
|
function setKeyLength($length)
|
||||||
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
{
|
||||||
return $this->des[2]->encrypt(
|
$length >>= 3;
|
||||||
$this->des[1]->decrypt(
|
switch (true) {
|
||||||
$this->des[0]->encrypt(
|
case $length <= 8:
|
||||||
$this->_pad($plaintext)
|
$this->key_length = 8;
|
||||||
)
|
break;
|
||||||
)
|
case $length <= 16:
|
||||||
);
|
$this->key_length = 16;
|
||||||
}
|
break;
|
||||||
|
default:
|
||||||
return parent::encrypt($plaintext);
|
$this->key_length = 24;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
parent::setKeyLength($length);
|
||||||
* Decrypts a message.
|
}
|
||||||
*
|
|
||||||
* @see Crypt_Base::decrypt()
|
/**
|
||||||
* @access public
|
* Sets the key.
|
||||||
* @param String $ciphertext
|
*
|
||||||
* @return String $plaintext
|
* Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
|
||||||
*/
|
* 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
|
||||||
function decrypt($ciphertext)
|
*
|
||||||
{
|
* DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
|
||||||
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
*
|
||||||
return $this->_unpad(
|
* If the key is not explicitly set, it'll be assumed to be all null bytes.
|
||||||
$this->des[0]->decrypt(
|
*
|
||||||
$this->des[1]->encrypt(
|
* @access public
|
||||||
$this->des[2]->decrypt(
|
* @see Crypt_DES::setKey()
|
||||||
str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0")
|
* @see Crypt_Base::setKey()
|
||||||
)
|
* @param string $key
|
||||||
)
|
*/
|
||||||
)
|
function setKey($key)
|
||||||
);
|
{
|
||||||
}
|
$length = $this->explicit_key_length ? $this->key_length : strlen($key);
|
||||||
|
if ($length > 8) {
|
||||||
return parent::decrypt($ciphertext);
|
$key = str_pad(substr($key, 0, 24), 24, chr(0));
|
||||||
}
|
// if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
|
||||||
|
// http://php.net/function.mcrypt-encrypt#47973
|
||||||
/**
|
$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
|
||||||
* Treat consecutive "packets" as if they are a continuous buffer.
|
} else {
|
||||||
*
|
$key = str_pad($key, 8, chr(0));
|
||||||
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
}
|
||||||
* will yield different outputs:
|
parent::setKey($key);
|
||||||
*
|
|
||||||
* <code>
|
// And in case of CRYPT_DES_MODE_3CBC:
|
||||||
* echo $des->encrypt(substr($plaintext, 0, 8));
|
// if key <= 64bits we not need the 3 $des to work,
|
||||||
* echo $des->encrypt(substr($plaintext, 8, 8));
|
// because we will then act as regular DES-CBC with just a <= 64bit key.
|
||||||
* </code>
|
// So only if the key > 64bits (> 8 bytes) we will call setKey() for the 3 $des.
|
||||||
* <code>
|
if ($this->mode_3cbc && $length > 8) {
|
||||||
* echo $des->encrypt($plaintext);
|
$this->des[0]->setKey(substr($key, 0, 8));
|
||||||
* </code>
|
$this->des[1]->setKey(substr($key, 8, 8));
|
||||||
*
|
$this->des[2]->setKey(substr($key, 16, 8));
|
||||||
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
}
|
||||||
* another, as demonstrated with the following:
|
}
|
||||||
*
|
|
||||||
* <code>
|
/**
|
||||||
* $des->encrypt(substr($plaintext, 0, 8));
|
* Encrypts a message.
|
||||||
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
*
|
||||||
* </code>
|
* @see Crypt_Base::encrypt()
|
||||||
* <code>
|
* @access public
|
||||||
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
* @param string $plaintext
|
||||||
* </code>
|
* @return string $cipertext
|
||||||
*
|
*/
|
||||||
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
function encrypt($plaintext)
|
||||||
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
{
|
||||||
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
// parent::en/decrypt() is able to do all the work for all modes and keylengths,
|
||||||
*
|
// except for: CRYPT_MODE_3CBC (inner chaining CBC) with a key > 64bits
|
||||||
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
|
||||||
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
// if the key is smaller then 8, do what we'd normally do
|
||||||
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
||||||
* however, they are also less intuitive and more likely to cause you problems.
|
return $this->des[2]->encrypt(
|
||||||
*
|
$this->des[1]->decrypt(
|
||||||
* @see Crypt_Base::enableContinuousBuffer()
|
$this->des[0]->encrypt(
|
||||||
* @see Crypt_TripleDES::disableContinuousBuffer()
|
$this->_pad($plaintext)
|
||||||
* @access public
|
)
|
||||||
*/
|
)
|
||||||
function enableContinuousBuffer()
|
);
|
||||||
{
|
}
|
||||||
parent::enableContinuousBuffer();
|
|
||||||
if ($this->mode_3cbc) {
|
return parent::encrypt($plaintext);
|
||||||
$this->des[0]->enableContinuousBuffer();
|
}
|
||||||
$this->des[1]->enableContinuousBuffer();
|
|
||||||
$this->des[2]->enableContinuousBuffer();
|
/**
|
||||||
}
|
* Decrypts a message.
|
||||||
}
|
*
|
||||||
|
* @see Crypt_Base::decrypt()
|
||||||
/**
|
* @access public
|
||||||
* Treat consecutive packets as if they are a discontinuous buffer.
|
* @param string $ciphertext
|
||||||
*
|
* @return string $plaintext
|
||||||
* The default behavior.
|
*/
|
||||||
*
|
function decrypt($ciphertext)
|
||||||
* @see Crypt_Base::disableContinuousBuffer()
|
{
|
||||||
* @see Crypt_TripleDES::enableContinuousBuffer()
|
if ($this->mode_3cbc && strlen($this->key) > 8) {
|
||||||
* @access public
|
return $this->_unpad(
|
||||||
*/
|
$this->des[0]->decrypt(
|
||||||
function disableContinuousBuffer()
|
$this->des[1]->encrypt(
|
||||||
{
|
$this->des[2]->decrypt(
|
||||||
parent::disableContinuousBuffer();
|
str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, "\0")
|
||||||
if ($this->mode_3cbc) {
|
)
|
||||||
$this->des[0]->disableContinuousBuffer();
|
)
|
||||||
$this->des[1]->disableContinuousBuffer();
|
)
|
||||||
$this->des[2]->disableContinuousBuffer();
|
);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
return parent::decrypt($ciphertext);
|
||||||
/**
|
}
|
||||||
* Creates the key schedule
|
|
||||||
*
|
/**
|
||||||
* @see Crypt_DES::_setupKey()
|
* Treat consecutive "packets" as if they are a continuous buffer.
|
||||||
* @see Crypt_Base::_setupKey()
|
*
|
||||||
* @access private
|
* Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
|
||||||
*/
|
* will yield different outputs:
|
||||||
function _setupKey()
|
*
|
||||||
{
|
* <code>
|
||||||
switch (true) {
|
* echo $des->encrypt(substr($plaintext, 0, 8));
|
||||||
// if $key <= 64bits we configure our internal pure-php cipher engine
|
* echo $des->encrypt(substr($plaintext, 8, 8));
|
||||||
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
|
* </code>
|
||||||
case strlen($this->key) <= 8:
|
* <code>
|
||||||
$this->des_rounds = 1;
|
* echo $des->encrypt($plaintext);
|
||||||
break;
|
* </code>
|
||||||
|
*
|
||||||
// otherwise, if $key > 64bits, we configure our engine to work as 3DES.
|
* The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
|
||||||
default:
|
* another, as demonstrated with the following:
|
||||||
$this->des_rounds = 3;
|
*
|
||||||
|
* <code>
|
||||||
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
|
* $des->encrypt(substr($plaintext, 0, 8));
|
||||||
if ($this->mode_3cbc) {
|
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
||||||
$this->des[0]->_setupKey();
|
* </code>
|
||||||
$this->des[1]->_setupKey();
|
* <code>
|
||||||
$this->des[2]->_setupKey();
|
* echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
|
||||||
|
* </code>
|
||||||
// because $des[0-2] will, now, do all the work we can return here
|
*
|
||||||
// not need unnecessary stress parent::_setupKey() with our, now unused, $key.
|
* With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
|
||||||
return;
|
* outputs. The reason is due to the fact that the initialization vector's change after every encryption /
|
||||||
}
|
* decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
|
||||||
}
|
*
|
||||||
// setup our key
|
* Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
|
||||||
parent::_setupKey();
|
* encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
|
||||||
}
|
* continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
|
||||||
}
|
* however, they are also less intuitive and more likely to cause you problems.
|
||||||
|
*
|
||||||
|
* @see Crypt_Base::enableContinuousBuffer()
|
||||||
|
* @see self::disableContinuousBuffer()
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function enableContinuousBuffer()
|
||||||
|
{
|
||||||
|
parent::enableContinuousBuffer();
|
||||||
|
if ($this->mode_3cbc) {
|
||||||
|
$this->des[0]->enableContinuousBuffer();
|
||||||
|
$this->des[1]->enableContinuousBuffer();
|
||||||
|
$this->des[2]->enableContinuousBuffer();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Treat consecutive packets as if they are a discontinuous buffer.
|
||||||
|
*
|
||||||
|
* The default behavior.
|
||||||
|
*
|
||||||
|
* @see Crypt_Base::disableContinuousBuffer()
|
||||||
|
* @see self::enableContinuousBuffer()
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function disableContinuousBuffer()
|
||||||
|
{
|
||||||
|
parent::disableContinuousBuffer();
|
||||||
|
if ($this->mode_3cbc) {
|
||||||
|
$this->des[0]->disableContinuousBuffer();
|
||||||
|
$this->des[1]->disableContinuousBuffer();
|
||||||
|
$this->des[2]->disableContinuousBuffer();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Creates the key schedule
|
||||||
|
*
|
||||||
|
* @see Crypt_DES::_setupKey()
|
||||||
|
* @see Crypt_Base::_setupKey()
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
function _setupKey()
|
||||||
|
{
|
||||||
|
switch (true) {
|
||||||
|
// if $key <= 64bits we configure our internal pure-php cipher engine
|
||||||
|
// to act as regular [1]DES, not as 3DES. mcrypt.so::tripledes does the same.
|
||||||
|
case strlen($this->key) <= 8:
|
||||||
|
$this->des_rounds = 1;
|
||||||
|
break;
|
||||||
|
|
||||||
|
// otherwise, if $key > 64bits, we configure our engine to work as 3DES.
|
||||||
|
default:
|
||||||
|
$this->des_rounds = 3;
|
||||||
|
|
||||||
|
// (only) if 3CBC is used we have, of course, to setup the $des[0-2] keys also separately.
|
||||||
|
if ($this->mode_3cbc) {
|
||||||
|
$this->des[0]->_setupKey();
|
||||||
|
$this->des[1]->_setupKey();
|
||||||
|
$this->des[2]->_setupKey();
|
||||||
|
|
||||||
|
// because $des[0-2] will, now, do all the work we can return here
|
||||||
|
// not need unnecessary stress parent::_setupKey() with our, now unused, $key.
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// setup our key
|
||||||
|
parent::_setupKey();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Sets the internal crypt engine
|
||||||
|
*
|
||||||
|
* @see Crypt_Base::Crypt_Base()
|
||||||
|
* @see Crypt_Base::setPreferredEngine()
|
||||||
|
* @param int $engine
|
||||||
|
* @access public
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
function setPreferredEngine($engine)
|
||||||
|
{
|
||||||
|
if ($this->mode_3cbc) {
|
||||||
|
$this->des[0]->setPreferredEngine($engine);
|
||||||
|
$this->des[1]->setPreferredEngine($engine);
|
||||||
|
$this->des[2]->setPreferredEngine($engine);
|
||||||
|
}
|
||||||
|
|
||||||
|
return parent::setPreferredEngine($engine);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
1784
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Twofish.php
Normal file → Executable file
1784
rainloop/v/0.0.0/app/libraries/phpseclib/Crypt/Twofish.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1163
rainloop/v/0.0.0/app/libraries/phpseclib/File/ANSI.php
Normal file → Executable file
1163
rainloop/v/0.0.0/app/libraries/phpseclib/File/ANSI.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
2843
rainloop/v/0.0.0/app/libraries/phpseclib/File/ASN1.php
Normal file → Executable file
2843
rainloop/v/0.0.0/app/libraries/phpseclib/File/ASN1.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
9731
rainloop/v/0.0.0/app/libraries/phpseclib/File/X509.php
Normal file → Executable file
9731
rainloop/v/0.0.0/app/libraries/phpseclib/File/X509.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
7570
rainloop/v/0.0.0/app/libraries/phpseclib/Math/BigInteger.php
Normal file → Executable file
7570
rainloop/v/0.0.0/app/libraries/phpseclib/Math/BigInteger.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
738
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SCP.php
Normal file → Executable file
738
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SCP.php
Normal file → Executable file
|
|
@ -1,360 +1,378 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pure-PHP implementation of SCP.
|
* Pure-PHP implementation of SCP.
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP versions 4 and 5
|
||||||
*
|
*
|
||||||
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
|
* The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
|
||||||
*
|
*
|
||||||
* Here's a short example of how to use this library:
|
* Here's a short example of how to use this library:
|
||||||
* <code>
|
* <code>
|
||||||
* <?php
|
* <?php
|
||||||
* include 'Net/SCP.php';
|
* include 'Net/SCP.php';
|
||||||
* include 'Net/SSH2.php';
|
* include 'Net/SSH2.php';
|
||||||
*
|
*
|
||||||
* $ssh = new Net_SSH2('www.domain.tld');
|
* $ssh = new Net_SSH2('www.domain.tld');
|
||||||
* if (!$ssh->login('username', 'password')) {
|
* if (!$ssh->login('username', 'password')) {
|
||||||
* exit('bad login');
|
* exit('bad login');
|
||||||
* }
|
* }
|
||||||
|
*
|
||||||
* $scp = new Net_SCP($ssh);
|
* $scp = new Net_SCP($ssh);
|
||||||
* $scp->put('abcd', str_repeat('x', 1024*1024));
|
* $scp->put('abcd', str_repeat('x', 1024*1024));
|
||||||
* ?>
|
* ?>
|
||||||
* </code>
|
* </code>
|
||||||
*
|
*
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
* in the Software without restriction, including without limitation the rights
|
* in the Software without restriction, including without limitation the rights
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
* furnished to do so, subject to the following conditions:
|
* furnished to do so, subject to the following conditions:
|
||||||
*
|
*
|
||||||
* The above copyright notice and this permission notice shall be included in
|
* The above copyright notice and this permission notice shall be included in
|
||||||
* all copies or substantial portions of the Software.
|
* all copies or substantial portions of the Software.
|
||||||
*
|
*
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
* THE SOFTWARE.
|
* THE SOFTWARE.
|
||||||
*
|
*
|
||||||
* @category Net
|
* @category Net
|
||||||
* @package Net_SCP
|
* @package Net_SCP
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @copyright 2010 Jim Wigginton
|
* @copyright 2010 Jim Wigginton
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @link http://phpseclib.sourceforge.net
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/**#@+
|
/**#@+
|
||||||
* @access public
|
* @access public
|
||||||
* @see Net_SCP::put()
|
* @see self::put()
|
||||||
*/
|
*/
|
||||||
/**
|
/**
|
||||||
* Reads data from a local file.
|
* Reads data from a local file.
|
||||||
*/
|
*/
|
||||||
define('NET_SCP_LOCAL_FILE', 1);
|
define('NET_SCP_LOCAL_FILE', 1);
|
||||||
/**
|
/**
|
||||||
* Reads data from a string.
|
* Reads data from a string.
|
||||||
*/
|
*/
|
||||||
define('NET_SCP_STRING', 2);
|
define('NET_SCP_STRING', 2);
|
||||||
/**#@-*/
|
/**#@-*/
|
||||||
|
|
||||||
/**#@+
|
/**#@+
|
||||||
* @access private
|
* @access private
|
||||||
* @see Net_SCP::_send()
|
* @see self::_send()
|
||||||
* @see Net_SCP::_receive()
|
* @see self::_receive()
|
||||||
*/
|
*/
|
||||||
/**
|
/**
|
||||||
* SSH1 is being used.
|
* SSH1 is being used.
|
||||||
*/
|
*/
|
||||||
define('NET_SCP_SSH1', 1);
|
define('NET_SCP_SSH1', 1);
|
||||||
/**
|
/**
|
||||||
* SSH2 is being used.
|
* SSH2 is being used.
|
||||||
*/
|
*/
|
||||||
define('NET_SCP_SSH2', 2);
|
define('NET_SCP_SSH2', 2);
|
||||||
/**#@-*/
|
/**#@-*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pure-PHP implementations of SCP.
|
* Pure-PHP implementations of SCP.
|
||||||
*
|
*
|
||||||
* @package Net_SCP
|
* @package Net_SCP
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
class Net_SCP
|
class Net_SCP
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* SSH Object
|
* SSH Object
|
||||||
*
|
*
|
||||||
* @var Object
|
* @var object
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $ssh;
|
var $ssh;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Packet Size
|
* Packet Size
|
||||||
*
|
*
|
||||||
* @var Integer
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $packet_size;
|
var $packet_size;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Mode
|
* Mode
|
||||||
*
|
*
|
||||||
* @var Integer
|
* @var int
|
||||||
* @access private
|
* @access private
|
||||||
*/
|
*/
|
||||||
var $mode;
|
var $mode;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default Constructor.
|
* Default Constructor.
|
||||||
*
|
*
|
||||||
* Connects to an SSH server
|
* Connects to an SSH server
|
||||||
*
|
*
|
||||||
* @param String $host
|
* @param Net_SSH1|Net_SSH2 $ssh
|
||||||
* @param optional Integer $port
|
* @return Net_SCP
|
||||||
* @param optional Integer $timeout
|
* @access public
|
||||||
* @return Net_SCP
|
*/
|
||||||
* @access public
|
function __construct($ssh)
|
||||||
*/
|
{
|
||||||
function Net_SCP($ssh)
|
if (!is_object($ssh)) {
|
||||||
{
|
return;
|
||||||
if (!is_object($ssh)) {
|
}
|
||||||
return;
|
|
||||||
}
|
switch (strtolower(get_class($ssh))) {
|
||||||
|
case 'net_ssh2':
|
||||||
switch (strtolower(get_class($ssh))) {
|
$this->mode = NET_SCP_SSH2;
|
||||||
case 'net_ssh2':
|
break;
|
||||||
$this->mode = NET_SCP_SSH2;
|
case 'net_ssh1':
|
||||||
break;
|
$this->packet_size = 50000;
|
||||||
case 'net_ssh1':
|
$this->mode = NET_SCP_SSH1;
|
||||||
$this->packet_size = 50000;
|
break;
|
||||||
$this->mode = NET_SCP_SSH1;
|
default:
|
||||||
break;
|
return;
|
||||||
default:
|
}
|
||||||
return;
|
|
||||||
}
|
$this->ssh = $ssh;
|
||||||
|
}
|
||||||
$this->ssh = $ssh;
|
|
||||||
}
|
/**
|
||||||
|
* PHP4 compatible Default Constructor.
|
||||||
/**
|
*
|
||||||
* Uploads a file to the SCP server.
|
* @see self::__construct()
|
||||||
*
|
* @param Net_SSH1|Net_SSH2 $ssh
|
||||||
* By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
|
* @access public
|
||||||
* So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes
|
*/
|
||||||
* long, containing 'filename.ext' as its contents.
|
function Net_SCP($ssh)
|
||||||
*
|
{
|
||||||
* Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will
|
$this->__construct($ssh);
|
||||||
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
|
}
|
||||||
* large $remote_file will be, as well.
|
|
||||||
*
|
/**
|
||||||
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
|
* Uploads a file to the SCP server.
|
||||||
* care of that, yourself.
|
*
|
||||||
*
|
* By default, Net_SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
|
||||||
* @param String $remote_file
|
* So, for example, if you set $data to 'filename.ext' and then do Net_SCP::get(), you will get a file, twelve bytes
|
||||||
* @param String $data
|
* long, containing 'filename.ext' as its contents.
|
||||||
* @param optional Integer $mode
|
*
|
||||||
* @param optional Callable $callback
|
* Setting $mode to NET_SCP_LOCAL_FILE will change the above behavior. With NET_SCP_LOCAL_FILE, $remote_file will
|
||||||
* @return Boolean
|
* contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
|
||||||
* @access public
|
* large $remote_file will be, as well.
|
||||||
*/
|
*
|
||||||
function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null)
|
* Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
|
||||||
{
|
* care of that, yourself.
|
||||||
if (!isset($this->ssh)) {
|
*
|
||||||
return false;
|
* @param string $remote_file
|
||||||
}
|
* @param string $data
|
||||||
|
* @param int $mode
|
||||||
if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to
|
* @param callable $callback
|
||||||
return false;
|
* @return bool
|
||||||
}
|
* @access public
|
||||||
|
*/
|
||||||
$temp = $this->_receive();
|
function put($remote_file, $data, $mode = NET_SCP_STRING, $callback = null)
|
||||||
if ($temp !== chr(0)) {
|
{
|
||||||
return false;
|
if (!isset($this->ssh)) {
|
||||||
}
|
return false;
|
||||||
|
}
|
||||||
if ($this->mode == NET_SCP_SSH2) {
|
|
||||||
$this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4;
|
if (empty($remote_file)) {
|
||||||
}
|
user_error('remote_file cannot be blank', E_USER_NOTICE);
|
||||||
|
return false;
|
||||||
$remote_file = basename($remote_file);
|
}
|
||||||
|
|
||||||
if ($mode == NET_SCP_STRING) {
|
if (!$this->ssh->exec('scp -t ' . escapeshellarg($remote_file), false)) { // -t = to
|
||||||
$size = strlen($data);
|
return false;
|
||||||
} else {
|
}
|
||||||
if (!is_file($data)) {
|
|
||||||
user_error("$data is not a valid file", E_USER_NOTICE);
|
$temp = $this->_receive();
|
||||||
return false;
|
if ($temp !== chr(0)) {
|
||||||
}
|
return false;
|
||||||
|
}
|
||||||
$fp = @fopen($data, 'rb');
|
|
||||||
if (!$fp) {
|
if ($this->mode == NET_SCP_SSH2) {
|
||||||
return false;
|
$this->packet_size = $this->ssh->packet_size_client_to_server[NET_SSH2_CHANNEL_EXEC] - 4;
|
||||||
}
|
}
|
||||||
$size = filesize($data);
|
|
||||||
}
|
$remote_file = basename($remote_file);
|
||||||
|
|
||||||
$this->_send('C0644 ' . $size . ' ' . $remote_file . "\n");
|
if ($mode == NET_SCP_STRING) {
|
||||||
|
$size = strlen($data);
|
||||||
$temp = $this->_receive();
|
} else {
|
||||||
if ($temp !== chr(0)) {
|
if (!is_file($data)) {
|
||||||
return false;
|
user_error("$data is not a valid file", E_USER_NOTICE);
|
||||||
}
|
return false;
|
||||||
|
}
|
||||||
$sent = 0;
|
|
||||||
while ($sent < $size) {
|
$fp = @fopen($data, 'rb');
|
||||||
$temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size);
|
if (!$fp) {
|
||||||
$this->_send($temp);
|
return false;
|
||||||
$sent+= strlen($temp);
|
}
|
||||||
|
$size = filesize($data);
|
||||||
if (is_callable($callback)) {
|
}
|
||||||
call_user_func($callback, $sent);
|
|
||||||
}
|
$this->_send('C0644 ' . $size . ' ' . $remote_file . "\n");
|
||||||
}
|
|
||||||
$this->_close();
|
$temp = $this->_receive();
|
||||||
|
if ($temp !== chr(0)) {
|
||||||
if ($mode != NET_SCP_STRING) {
|
return false;
|
||||||
fclose($fp);
|
}
|
||||||
}
|
|
||||||
|
$sent = 0;
|
||||||
return true;
|
while ($sent < $size) {
|
||||||
}
|
$temp = $mode & NET_SCP_STRING ? substr($data, $sent, $this->packet_size) : fread($fp, $this->packet_size);
|
||||||
|
$this->_send($temp);
|
||||||
/**
|
$sent+= strlen($temp);
|
||||||
* Downloads a file from the SCP server.
|
|
||||||
*
|
if (is_callable($callback)) {
|
||||||
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
|
call_user_func($callback, $sent);
|
||||||
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
|
}
|
||||||
* operation
|
}
|
||||||
*
|
$this->_close();
|
||||||
* @param String $remote_file
|
|
||||||
* @param optional String $local_file
|
if ($mode != NET_SCP_STRING) {
|
||||||
* @return Mixed
|
fclose($fp);
|
||||||
* @access public
|
}
|
||||||
*/
|
|
||||||
function get($remote_file, $local_file = false)
|
return true;
|
||||||
{
|
}
|
||||||
if (!isset($this->ssh)) {
|
|
||||||
return false;
|
/**
|
||||||
}
|
* Downloads a file from the SCP server.
|
||||||
|
*
|
||||||
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
|
* Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
|
||||||
return false;
|
* the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
|
||||||
}
|
* operation
|
||||||
|
*
|
||||||
$this->_send("\0");
|
* @param string $remote_file
|
||||||
|
* @param string $local_file
|
||||||
if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) {
|
* @return mixed
|
||||||
return false;
|
* @access public
|
||||||
}
|
*/
|
||||||
|
function get($remote_file, $local_file = false)
|
||||||
$this->_send("\0");
|
{
|
||||||
|
if (!isset($this->ssh)) {
|
||||||
$size = 0;
|
return false;
|
||||||
|
}
|
||||||
if ($local_file !== false) {
|
|
||||||
$fp = @fopen($local_file, 'wb');
|
if (!$this->ssh->exec('scp -f ' . escapeshellarg($remote_file), false)) { // -f = from
|
||||||
if (!$fp) {
|
return false;
|
||||||
return false;
|
}
|
||||||
}
|
|
||||||
}
|
$this->_send("\0");
|
||||||
|
|
||||||
$content = '';
|
if (!preg_match('#(?<perms>[^ ]+) (?<size>\d+) (?<name>.+)#', rtrim($this->_receive()), $info)) {
|
||||||
while ($size < $info['size']) {
|
return false;
|
||||||
$data = $this->_receive();
|
}
|
||||||
// SCP usually seems to split stuff out into 16k chunks
|
|
||||||
$size+= strlen($data);
|
$this->_send("\0");
|
||||||
|
|
||||||
if ($local_file === false) {
|
$size = 0;
|
||||||
$content.= $data;
|
|
||||||
} else {
|
if ($local_file !== false) {
|
||||||
fputs($fp, $data);
|
$fp = @fopen($local_file, 'wb');
|
||||||
}
|
if (!$fp) {
|
||||||
}
|
return false;
|
||||||
|
}
|
||||||
$this->_close();
|
}
|
||||||
|
|
||||||
if ($local_file !== false) {
|
$content = '';
|
||||||
fclose($fp);
|
while ($size < $info['size']) {
|
||||||
return true;
|
$data = $this->_receive();
|
||||||
}
|
// SCP usually seems to split stuff out into 16k chunks
|
||||||
|
$size+= strlen($data);
|
||||||
return $content;
|
|
||||||
}
|
if ($local_file === false) {
|
||||||
|
$content.= $data;
|
||||||
/**
|
} else {
|
||||||
* Sends a packet to an SSH server
|
fputs($fp, $data);
|
||||||
*
|
}
|
||||||
* @param String $data
|
}
|
||||||
* @access private
|
|
||||||
*/
|
$this->_close();
|
||||||
function _send($data)
|
|
||||||
{
|
if ($local_file !== false) {
|
||||||
switch ($this->mode) {
|
fclose($fp);
|
||||||
case NET_SCP_SSH2:
|
return true;
|
||||||
$this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data);
|
}
|
||||||
break;
|
|
||||||
case NET_SCP_SSH1:
|
return $content;
|
||||||
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data);
|
}
|
||||||
$this->ssh->_send_binary_packet($data);
|
|
||||||
}
|
/**
|
||||||
}
|
* Sends a packet to an SSH server
|
||||||
|
*
|
||||||
/**
|
* @param string $data
|
||||||
* Receives a packet from an SSH server
|
* @access private
|
||||||
*
|
*/
|
||||||
* @return String
|
function _send($data)
|
||||||
* @access private
|
{
|
||||||
*/
|
switch ($this->mode) {
|
||||||
function _receive()
|
case NET_SCP_SSH2:
|
||||||
{
|
$this->ssh->_send_channel_packet(NET_SSH2_CHANNEL_EXEC, $data);
|
||||||
switch ($this->mode) {
|
break;
|
||||||
case NET_SCP_SSH2:
|
case NET_SCP_SSH1:
|
||||||
return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true);
|
$data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($data), $data);
|
||||||
case NET_SCP_SSH1:
|
$this->ssh->_send_binary_packet($data);
|
||||||
if (!$this->ssh->bitmap) {
|
}
|
||||||
return false;
|
}
|
||||||
}
|
|
||||||
while (true) {
|
/**
|
||||||
$response = $this->ssh->_get_binary_packet();
|
* Receives a packet from an SSH server
|
||||||
switch ($response[NET_SSH1_RESPONSE_TYPE]) {
|
*
|
||||||
case NET_SSH1_SMSG_STDOUT_DATA:
|
* @return string
|
||||||
extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA]));
|
* @access private
|
||||||
return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length);
|
*/
|
||||||
case NET_SSH1_SMSG_STDERR_DATA:
|
function _receive()
|
||||||
break;
|
{
|
||||||
case NET_SSH1_SMSG_EXITSTATUS:
|
switch ($this->mode) {
|
||||||
$this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION));
|
case NET_SCP_SSH2:
|
||||||
fclose($this->ssh->fsock);
|
return $this->ssh->_get_channel_packet(NET_SSH2_CHANNEL_EXEC, true);
|
||||||
$this->ssh->bitmap = 0;
|
case NET_SCP_SSH1:
|
||||||
return false;
|
if (!$this->ssh->bitmap) {
|
||||||
default:
|
return false;
|
||||||
user_error('Unknown packet received', E_USER_NOTICE);
|
}
|
||||||
return false;
|
while (true) {
|
||||||
}
|
$response = $this->ssh->_get_binary_packet();
|
||||||
}
|
switch ($response[NET_SSH1_RESPONSE_TYPE]) {
|
||||||
}
|
case NET_SSH1_SMSG_STDOUT_DATA:
|
||||||
}
|
if (strlen($response[NET_SSH1_RESPONSE_DATA]) < 4) {
|
||||||
|
return false;
|
||||||
/**
|
}
|
||||||
* Closes the connection to an SSH server
|
extract(unpack('Nlength', $response[NET_SSH1_RESPONSE_DATA]));
|
||||||
*
|
return $this->ssh->_string_shift($response[NET_SSH1_RESPONSE_DATA], $length);
|
||||||
* @access private
|
case NET_SSH1_SMSG_STDERR_DATA:
|
||||||
*/
|
break;
|
||||||
function _close()
|
case NET_SSH1_SMSG_EXITSTATUS:
|
||||||
{
|
$this->ssh->_send_binary_packet(chr(NET_SSH1_CMSG_EXIT_CONFIRMATION));
|
||||||
switch ($this->mode) {
|
fclose($this->ssh->fsock);
|
||||||
case NET_SCP_SSH2:
|
$this->ssh->bitmap = 0;
|
||||||
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true);
|
return false;
|
||||||
break;
|
default:
|
||||||
case NET_SCP_SSH1:
|
user_error('Unknown packet received', E_USER_NOTICE);
|
||||||
$this->ssh->disconnect();
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Closes the connection to an SSH server
|
||||||
|
*
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
function _close()
|
||||||
|
{
|
||||||
|
switch ($this->mode) {
|
||||||
|
case NET_SCP_SSH2:
|
||||||
|
$this->ssh->_close_channel(NET_SSH2_CHANNEL_EXEC, true);
|
||||||
|
break;
|
||||||
|
case NET_SCP_SSH1:
|
||||||
|
$this->ssh->disconnect();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
5975
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP.php
Normal file → Executable file
5975
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
1616
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP/Stream.php
Normal file → Executable file
1616
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SFTP/Stream.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
3342
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH1.php
Normal file → Executable file
3342
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH1.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
8771
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH2.php
Normal file → Executable file
8771
rainloop/v/0.0.0/app/libraries/phpseclib/Net/SSH2.php
Normal file → Executable file
File diff suppressed because it is too large
Load diff
874
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH/Agent.php
Normal file → Executable file
874
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH/Agent.php
Normal file → Executable file
|
|
@ -1,313 +1,561 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
|
||||||
* Pure-PHP ssh-agent client.
|
/**
|
||||||
*
|
* Pure-PHP ssh-agent client.
|
||||||
* PHP versions 4 and 5
|
*
|
||||||
*
|
* PHP versions 4 and 5
|
||||||
* Here are some examples of how to use this library:
|
*
|
||||||
* <code>
|
* Here are some examples of how to use this library:
|
||||||
* <?php
|
* <code>
|
||||||
* include 'System/SSH/Agent.php';
|
* <?php
|
||||||
* include 'Net/SSH2.php';
|
* include 'System/SSH/Agent.php';
|
||||||
*
|
* include 'Net/SSH2.php';
|
||||||
* $agent = new System_SSH_Agent();
|
*
|
||||||
*
|
* $agent = new System_SSH_Agent();
|
||||||
* $ssh = new Net_SSH2('www.domain.tld');
|
*
|
||||||
* if (!$ssh->login('username', $agent)) {
|
* $ssh = new Net_SSH2('www.domain.tld');
|
||||||
* exit('Login Failed');
|
* if (!$ssh->login('username', $agent)) {
|
||||||
* }
|
* exit('Login Failed');
|
||||||
*
|
* }
|
||||||
* echo $ssh->exec('pwd');
|
*
|
||||||
* echo $ssh->exec('ls -la');
|
* echo $ssh->exec('pwd');
|
||||||
* ?>
|
* echo $ssh->exec('ls -la');
|
||||||
* </code>
|
* ?>
|
||||||
*
|
* </code>
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
*
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* in the Software without restriction, including without limitation the rights
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
* in the Software without restriction, including without limitation the rights
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* furnished to do so, subject to the following conditions:
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
*
|
* furnished to do so, subject to the following conditions:
|
||||||
* The above copyright notice and this permission notice shall be included in
|
*
|
||||||
* all copies or substantial portions of the Software.
|
* The above copyright notice and this permission notice shall be included in
|
||||||
*
|
* all copies or substantial portions of the Software.
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
*
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* THE SOFTWARE.
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
*
|
* THE SOFTWARE.
|
||||||
* @category System
|
*
|
||||||
* @package System_SSH_Agent
|
* @category System
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @package System_SSH_Agent
|
||||||
* @copyright 2014 Jim Wigginton
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @copyright 2014 Jim Wigginton
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
* @link http://phpseclib.sourceforge.net
|
||||||
*/
|
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
||||||
|
*/
|
||||||
/**#@+
|
|
||||||
* Message numbers
|
/**#@+
|
||||||
*
|
* Message numbers
|
||||||
* @access private
|
*
|
||||||
*/
|
* @access private
|
||||||
// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1)
|
*/
|
||||||
define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11);
|
// to request SSH1 keys you have to use SSH_AGENTC_REQUEST_RSA_IDENTITIES (1)
|
||||||
// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2).
|
define('SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES', 11);
|
||||||
define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12);
|
// this is the SSH2 response; the SSH1 response is SSH_AGENT_RSA_IDENTITIES_ANSWER (2).
|
||||||
define('SYSTEM_SSH_AGENT_FAILURE', 5);
|
define('SYSTEM_SSH_AGENT_IDENTITIES_ANSWER', 12);
|
||||||
// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3)
|
define('SYSTEM_SSH_AGENT_FAILURE', 5);
|
||||||
define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13);
|
// the SSH1 request is SSH_AGENTC_RSA_CHALLENGE (3)
|
||||||
// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4)
|
define('SYSTEM_SSH_AGENTC_SIGN_REQUEST', 13);
|
||||||
define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14);
|
// the SSH1 response is SSH_AGENT_RSA_RESPONSE (4)
|
||||||
/**#@-*/
|
define('SYSTEM_SSH_AGENT_SIGN_RESPONSE', 14);
|
||||||
|
/**#@-*/
|
||||||
/**
|
|
||||||
* Pure-PHP ssh-agent client identity object
|
/**@+
|
||||||
*
|
* Agent forwarding status
|
||||||
* Instantiation should only be performed by System_SSH_Agent class.
|
*
|
||||||
* This could be thought of as implementing an interface that Crypt_RSA
|
* @access private
|
||||||
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
|
*/
|
||||||
* The methods in this interface would be getPublicKey, setSignatureMode
|
// no forwarding requested and not active
|
||||||
* and sign since those are the methods phpseclib looks for to perform
|
define('SYSTEM_SSH_AGENT_FORWARD_NONE', 0);
|
||||||
* public key authentication.
|
// request agent forwarding when opportune
|
||||||
*
|
define('SYSTEM_SSH_AGENT_FORWARD_REQUEST', 1);
|
||||||
* @package System_SSH_Agent
|
// forwarding has been request and is active
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
define('SYSTEM_SSH_AGENT_FORWARD_ACTIVE', 2);
|
||||||
* @access internal
|
/**#@-*/
|
||||||
*/
|
|
||||||
class System_SSH_Agent_Identity
|
/**@+
|
||||||
{
|
* Signature Flags
|
||||||
/**
|
*
|
||||||
* Key Object
|
* See https://tools.ietf.org/html/draft-miller-ssh-agent-00#section-5.3
|
||||||
*
|
*
|
||||||
* @var Crypt_RSA
|
* @access private
|
||||||
* @access private
|
*/
|
||||||
* @see System_SSH_Agent_Identity::getPublicKey()
|
define('SYSTEM_SSH_AGENT_RSA2_256', 2);
|
||||||
*/
|
define('SYSTEM_SSH_AGENT_RSA2_512', 4);
|
||||||
var $key;
|
/**#@-*/
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Key Blob
|
* Pure-PHP ssh-agent client identity object
|
||||||
*
|
*
|
||||||
* @var String
|
* Instantiation should only be performed by System_SSH_Agent class.
|
||||||
* @access private
|
* This could be thought of as implementing an interface that Crypt_RSA
|
||||||
* @see System_SSH_Agent_Identity::sign()
|
* implements. ie. maybe a Net_SSH_Auth_PublicKey interface or something.
|
||||||
*/
|
* The methods in this interface would be getPublicKey, setSignatureMode
|
||||||
var $key_blob;
|
* and sign since those are the methods phpseclib looks for to perform
|
||||||
|
* public key authentication.
|
||||||
/**
|
*
|
||||||
* Socket Resource
|
* @package System_SSH_Agent
|
||||||
*
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @var Resource
|
* @access internal
|
||||||
* @access private
|
*/
|
||||||
* @see System_SSH_Agent_Identity::sign()
|
class System_SSH_Agent_Identity
|
||||||
*/
|
{
|
||||||
var $fsock;
|
/**
|
||||||
|
* Key Object
|
||||||
/**
|
*
|
||||||
* Default Constructor.
|
* @var Crypt_RSA
|
||||||
*
|
* @access private
|
||||||
* @param Resource $fsock
|
* @see self::getPublicKey()
|
||||||
* @return System_SSH_Agent_Identity
|
*/
|
||||||
* @access private
|
var $key;
|
||||||
*/
|
|
||||||
function System_SSH_Agent_Identity($fsock)
|
/**
|
||||||
{
|
* Key Blob
|
||||||
$this->fsock = $fsock;
|
*
|
||||||
}
|
* @var string
|
||||||
|
* @access private
|
||||||
/**
|
* @see self::sign()
|
||||||
* Set Public Key
|
*/
|
||||||
*
|
var $key_blob;
|
||||||
* Called by System_SSH_Agent::requestIdentities()
|
|
||||||
*
|
/**
|
||||||
* @param Crypt_RSA $key
|
* Socket Resource
|
||||||
* @access private
|
*
|
||||||
*/
|
* @var resource
|
||||||
function setPublicKey($key)
|
* @access private
|
||||||
{
|
* @see self::sign()
|
||||||
$this->key = $key;
|
*/
|
||||||
$this->key->setPublicKey();
|
var $fsock;
|
||||||
}
|
|
||||||
|
/**
|
||||||
/**
|
* Signature flags
|
||||||
* Set Public Key
|
*
|
||||||
*
|
* @var int
|
||||||
* Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key
|
* @access private
|
||||||
* but this saves a small amount of computation.
|
* @see self::sign()
|
||||||
*
|
* @see self::setHash()
|
||||||
* @param String $key_blob
|
*/
|
||||||
* @access private
|
var $flags = 0;
|
||||||
*/
|
|
||||||
function setPublicKeyBlob($key_blob)
|
/**
|
||||||
{
|
* Default Constructor.
|
||||||
$this->key_blob = $key_blob;
|
*
|
||||||
}
|
* @param resource $fsock
|
||||||
|
* @return System_SSH_Agent_Identity
|
||||||
/**
|
* @access private
|
||||||
* Get Public Key
|
*/
|
||||||
*
|
function __construct($fsock)
|
||||||
* Wrapper for $this->key->getPublicKey()
|
{
|
||||||
*
|
$this->fsock = $fsock;
|
||||||
* @param Integer $format optional
|
}
|
||||||
* @return Mixed
|
|
||||||
* @access public
|
/**
|
||||||
*/
|
* PHP4 compatible Default Constructor.
|
||||||
function getPublicKey($format = null)
|
*
|
||||||
{
|
* @see self::__construct()
|
||||||
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
|
* @param resource $fsock
|
||||||
}
|
* @access public
|
||||||
|
*/
|
||||||
/**
|
function System_SSH_Agent_Identity($fsock)
|
||||||
* Set Signature Mode
|
{
|
||||||
*
|
$this->__construct($fsock);
|
||||||
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
|
}
|
||||||
* ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1
|
|
||||||
*
|
/**
|
||||||
* @param Integer $mode
|
* Set Public Key
|
||||||
* @access public
|
*
|
||||||
*/
|
* Called by System_SSH_Agent::requestIdentities()
|
||||||
function setSignatureMode($mode)
|
*
|
||||||
{
|
* @param Crypt_RSA $key
|
||||||
}
|
* @access private
|
||||||
|
*/
|
||||||
/**
|
function setPublicKey($key)
|
||||||
* Create a signature
|
{
|
||||||
*
|
$this->key = $key;
|
||||||
* See "2.6.2 Protocol 2 private key signature request"
|
$this->key->setPublicKey();
|
||||||
*
|
}
|
||||||
* @param String $message
|
|
||||||
* @return String
|
/**
|
||||||
* @access public
|
* Set Public Key
|
||||||
*/
|
*
|
||||||
function sign($message)
|
* Called by System_SSH_Agent::requestIdentities(). The key blob could be extracted from $this->key
|
||||||
{
|
* but this saves a small amount of computation.
|
||||||
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
|
*
|
||||||
$packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, 0);
|
* @param string $key_blob
|
||||||
$packet = pack('Na*', strlen($packet), $packet);
|
* @access private
|
||||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
*/
|
||||||
user_error('Connection closed during signing');
|
function setPublicKeyBlob($key_blob)
|
||||||
}
|
{
|
||||||
|
$this->key_blob = $key_blob;
|
||||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
}
|
||||||
$type = ord(fread($this->fsock, 1));
|
|
||||||
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) {
|
/**
|
||||||
user_error('Unable to retreive signature');
|
* Get Public Key
|
||||||
}
|
*
|
||||||
|
* Wrapper for $this->key->getPublicKey()
|
||||||
$signature_blob = fread($this->fsock, $length - 1);
|
*
|
||||||
// the only other signature format defined - ssh-dss - is the same length as ssh-rsa
|
* @param int $format optional
|
||||||
// the + 12 is for the other various SSH added length fields
|
* @return mixed
|
||||||
return substr($signature_blob, strlen('ssh-rsa') + 12);
|
* @access public
|
||||||
}
|
*/
|
||||||
}
|
function getPublicKey($format = null)
|
||||||
|
{
|
||||||
/**
|
return !isset($format) ? $this->key->getPublicKey() : $this->key->getPublicKey($format);
|
||||||
* Pure-PHP ssh-agent client identity factory
|
}
|
||||||
*
|
|
||||||
* requestIdentities() method pumps out System_SSH_Agent_Identity objects
|
/**
|
||||||
*
|
* Set Signature Mode
|
||||||
* @package System_SSH_Agent
|
*
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* Doesn't do anything as ssh-agent doesn't let you pick and choose the signature mode. ie.
|
||||||
* @access internal
|
* ssh-agent's only supported mode is CRYPT_RSA_SIGNATURE_PKCS1
|
||||||
*/
|
*
|
||||||
class System_SSH_Agent
|
* @param int $mode
|
||||||
{
|
* @access public
|
||||||
/**
|
*/
|
||||||
* Socket Resource
|
function setSignatureMode($mode)
|
||||||
*
|
{
|
||||||
* @var Resource
|
}
|
||||||
* @access private
|
|
||||||
*/
|
/**
|
||||||
var $fsock;
|
* Set Hash
|
||||||
|
*
|
||||||
/**
|
* ssh-agent doesn't support using hashes for RSA other than SHA1
|
||||||
* Default Constructor
|
*
|
||||||
*
|
* @param string $hash
|
||||||
* @return System_SSH_Agent
|
* @access public
|
||||||
* @access public
|
*/
|
||||||
*/
|
function setHash($hash)
|
||||||
function System_SSH_Agent()
|
{
|
||||||
{
|
$this->flags = 0;
|
||||||
switch (true) {
|
switch ($hash) {
|
||||||
case isset($_SERVER['SSH_AUTH_SOCK']):
|
case 'sha1':
|
||||||
$address = $_SERVER['SSH_AUTH_SOCK'];
|
break;
|
||||||
break;
|
case 'sha256':
|
||||||
case isset($_ENV['SSH_AUTH_SOCK']):
|
$this->flags = SYSTEM_SSH_AGENT_RSA2_256;
|
||||||
$address = $_ENV['SSH_AUTH_SOCK'];
|
break;
|
||||||
break;
|
case 'sha512':
|
||||||
default:
|
$this->flags = SYSTEM_SSH_AGENT_RSA2_512;
|
||||||
user_error('SSH_AUTH_SOCK not found');
|
break;
|
||||||
return false;
|
default:
|
||||||
}
|
user_error('The only supported hashes for RSA are sha1, sha256 and sha512');
|
||||||
|
}
|
||||||
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr);
|
}
|
||||||
if (!$this->fsock) {
|
|
||||||
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)");
|
/**
|
||||||
}
|
* Create a signature
|
||||||
}
|
*
|
||||||
|
* See "2.6.2 Protocol 2 private key signature request"
|
||||||
/**
|
*
|
||||||
* Request Identities
|
* @param string $message
|
||||||
*
|
* @return string
|
||||||
* See "2.5.2 Requesting a list of protocol 2 keys"
|
* @access public
|
||||||
* Returns an array containing zero or more System_SSH_Agent_Identity objects
|
*/
|
||||||
*
|
function sign($message)
|
||||||
* @return Array
|
{
|
||||||
* @access public
|
// the last parameter (currently 0) is for flags and ssh-agent only defines one flag (for ssh-dss): SSH_AGENT_OLD_SIGNATURE
|
||||||
*/
|
$packet = pack('CNa*Na*N', SYSTEM_SSH_AGENTC_SIGN_REQUEST, strlen($this->key_blob), $this->key_blob, strlen($message), $message, $this->flags);
|
||||||
function requestIdentities()
|
$packet = pack('Na*', strlen($packet), $packet);
|
||||||
{
|
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||||
if (!$this->fsock) {
|
user_error('Connection closed during signing');
|
||||||
return array();
|
}
|
||||||
}
|
|
||||||
|
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||||
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES);
|
$type = ord(fread($this->fsock, 1));
|
||||||
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
if ($type != SYSTEM_SSH_AGENT_SIGN_RESPONSE) {
|
||||||
user_error('Connection closed while requesting identities');
|
user_error('Unable to retreive signature');
|
||||||
}
|
}
|
||||||
|
|
||||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
$signature_blob = fread($this->fsock, $length - 1);
|
||||||
$type = ord(fread($this->fsock, 1));
|
$length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
|
||||||
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
|
if ($length != strlen($signature_blob)) {
|
||||||
user_error('Unable to request identities');
|
user_error('Malformed signature blob');
|
||||||
}
|
}
|
||||||
|
$length = current(unpack('N', $this->_string_shift($signature_blob, 4)));
|
||||||
$identities = array();
|
if ($length > strlen($signature_blob) + 4) {
|
||||||
$keyCount = current(unpack('N', fread($this->fsock, 4)));
|
user_error('Malformed signature blob');
|
||||||
for ($i = 0; $i < $keyCount; $i++) {
|
}
|
||||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
$type = $this->_string_shift($signature_blob, $length);
|
||||||
$key_blob = fread($this->fsock, $length);
|
$this->_string_shift($signature_blob, 4);
|
||||||
$length = current(unpack('N', fread($this->fsock, 4)));
|
|
||||||
$key_comment = fread($this->fsock, $length);
|
return $signature_blob;
|
||||||
$length = current(unpack('N', substr($key_blob, 0, 4)));
|
}
|
||||||
$key_type = substr($key_blob, 4, $length);
|
|
||||||
switch ($key_type) {
|
/**
|
||||||
case 'ssh-rsa':
|
* String Shift
|
||||||
if (!class_exists('Crypt_RSA')) {
|
*
|
||||||
include_once 'Crypt/RSA.php';
|
* Inspired by array_shift
|
||||||
}
|
*
|
||||||
$key = new Crypt_RSA();
|
* @param string $string
|
||||||
$key->loadKey('ssh-rsa ' . base64_encode($key_blob) . ' ' . $key_comment);
|
* @param int $index
|
||||||
break;
|
* @return string
|
||||||
case 'ssh-dss':
|
* @access private
|
||||||
// not currently supported
|
*/
|
||||||
break;
|
function _string_shift(&$string, $index = 1)
|
||||||
}
|
{
|
||||||
// resources are passed by reference by default
|
$substr = substr($string, 0, $index);
|
||||||
if (isset($key)) {
|
$string = substr($string, $index);
|
||||||
$identity = new System_SSH_Agent_Identity($this->fsock);
|
return $substr;
|
||||||
$identity->setPublicKey($key);
|
}
|
||||||
$identity->setPublicKeyBlob($key_blob);
|
}
|
||||||
$identities[] = $identity;
|
|
||||||
unset($key);
|
/**
|
||||||
}
|
* Pure-PHP ssh-agent client identity factory
|
||||||
}
|
*
|
||||||
|
* requestIdentities() method pumps out System_SSH_Agent_Identity objects
|
||||||
return $identities;
|
*
|
||||||
}
|
* @package System_SSH_Agent
|
||||||
}
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
class System_SSH_Agent
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Socket Resource
|
||||||
|
*
|
||||||
|
* @var resource
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
var $fsock;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Agent forwarding status
|
||||||
|
*
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
var $forward_status = SYSTEM_SSH_AGENT_FORWARD_NONE;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Buffer for accumulating forwarded authentication
|
||||||
|
* agent data arriving on SSH data channel destined
|
||||||
|
* for agent unix socket
|
||||||
|
*
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
var $socket_buffer = '';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Tracking the number of bytes we are expecting
|
||||||
|
* to arrive for the agent socket on the SSH data
|
||||||
|
* channel
|
||||||
|
*/
|
||||||
|
var $expected_bytes = 0;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Default Constructor
|
||||||
|
*
|
||||||
|
* @return System_SSH_Agent
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function __construct($address = null)
|
||||||
|
{
|
||||||
|
if (!$address) {
|
||||||
|
switch (true) {
|
||||||
|
case isset($_SERVER['SSH_AUTH_SOCK']):
|
||||||
|
$address = $_SERVER['SSH_AUTH_SOCK'];
|
||||||
|
break;
|
||||||
|
case isset($_ENV['SSH_AUTH_SOCK']):
|
||||||
|
$address = $_ENV['SSH_AUTH_SOCK'];
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
user_error('SSH_AUTH_SOCK not found');
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->fsock = fsockopen('unix://' . $address, 0, $errno, $errstr);
|
||||||
|
if (!$this->fsock) {
|
||||||
|
user_error("Unable to connect to ssh-agent (Error $errno: $errstr)");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* PHP4 compatible Default Constructor.
|
||||||
|
*
|
||||||
|
* @see self::__construct()
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function System_SSH_Agent($address = null)
|
||||||
|
{
|
||||||
|
$this->__construct($address);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Request Identities
|
||||||
|
*
|
||||||
|
* See "2.5.2 Requesting a list of protocol 2 keys"
|
||||||
|
* Returns an array containing zero or more System_SSH_Agent_Identity objects
|
||||||
|
*
|
||||||
|
* @return array
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function requestIdentities()
|
||||||
|
{
|
||||||
|
if (!$this->fsock) {
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
$packet = pack('NC', 1, SYSTEM_SSH_AGENTC_REQUEST_IDENTITIES);
|
||||||
|
if (strlen($packet) != fputs($this->fsock, $packet)) {
|
||||||
|
user_error('Connection closed while requesting identities');
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||||
|
$type = ord(fread($this->fsock, 1));
|
||||||
|
if ($type != SYSTEM_SSH_AGENT_IDENTITIES_ANSWER) {
|
||||||
|
user_error('Unable to request identities');
|
||||||
|
return array();
|
||||||
|
}
|
||||||
|
|
||||||
|
$identities = array();
|
||||||
|
$keyCount = current(unpack('N', fread($this->fsock, 4)));
|
||||||
|
for ($i = 0; $i < $keyCount; $i++) {
|
||||||
|
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||||
|
$key_blob = fread($this->fsock, $length);
|
||||||
|
$key_str = 'ssh-rsa ' . base64_encode($key_blob);
|
||||||
|
$length = current(unpack('N', fread($this->fsock, 4)));
|
||||||
|
if ($length) {
|
||||||
|
$key_str.= ' ' . fread($this->fsock, $length);
|
||||||
|
}
|
||||||
|
$length = current(unpack('N', substr($key_blob, 0, 4)));
|
||||||
|
$key_type = substr($key_blob, 4, $length);
|
||||||
|
switch ($key_type) {
|
||||||
|
case 'ssh-rsa':
|
||||||
|
if (!class_exists('Crypt_RSA')) {
|
||||||
|
include_once 'Crypt/RSA.php';
|
||||||
|
}
|
||||||
|
$key = new Crypt_RSA();
|
||||||
|
$key->loadKey($key_str);
|
||||||
|
break;
|
||||||
|
case 'ssh-dss':
|
||||||
|
// not currently supported
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
// resources are passed by reference by default
|
||||||
|
if (isset($key)) {
|
||||||
|
$identity = new System_SSH_Agent_Identity($this->fsock);
|
||||||
|
$identity->setPublicKey($key);
|
||||||
|
$identity->setPublicKeyBlob($key_blob);
|
||||||
|
$identities[] = $identity;
|
||||||
|
unset($key);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $identities;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Signal that agent forwarding should
|
||||||
|
* be requested when a channel is opened
|
||||||
|
*
|
||||||
|
* @param Net_SSH2 $ssh
|
||||||
|
* @return bool
|
||||||
|
* @access public
|
||||||
|
*/
|
||||||
|
function startSSHForwarding($ssh)
|
||||||
|
{
|
||||||
|
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_NONE) {
|
||||||
|
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_REQUEST;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Request agent forwarding of remote server
|
||||||
|
*
|
||||||
|
* @param Net_SSH2 $ssh
|
||||||
|
* @return bool
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
function _request_forwarding($ssh)
|
||||||
|
{
|
||||||
|
$request_channel = $ssh->_get_open_channel();
|
||||||
|
if ($request_channel === false) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$packet = pack(
|
||||||
|
'CNNa*C',
|
||||||
|
NET_SSH2_MSG_CHANNEL_REQUEST,
|
||||||
|
$ssh->server_channels[$request_channel],
|
||||||
|
strlen('auth-agent-req@openssh.com'),
|
||||||
|
'auth-agent-req@openssh.com',
|
||||||
|
1
|
||||||
|
);
|
||||||
|
|
||||||
|
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_REQUEST;
|
||||||
|
|
||||||
|
if (!$ssh->_send_binary_packet($packet)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$response = $ssh->_get_channel_packet($request_channel);
|
||||||
|
if ($response === false) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
$ssh->channel_status[$request_channel] = NET_SSH2_MSG_CHANNEL_OPEN;
|
||||||
|
$this->forward_status = SYSTEM_SSH_AGENT_FORWARD_ACTIVE;
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* On successful channel open
|
||||||
|
*
|
||||||
|
* This method is called upon successful channel
|
||||||
|
* open to give the SSH Agent an opportunity
|
||||||
|
* to take further action. i.e. request agent forwarding
|
||||||
|
*
|
||||||
|
* @param Net_SSH2 $ssh
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
function _on_channel_open($ssh)
|
||||||
|
{
|
||||||
|
if ($this->forward_status == SYSTEM_SSH_AGENT_FORWARD_REQUEST) {
|
||||||
|
$this->_request_forwarding($ssh);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Forward data to SSH Agent and return data reply
|
||||||
|
*
|
||||||
|
* @param string $data
|
||||||
|
* @return data from SSH Agent
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
function _forward_data($data)
|
||||||
|
{
|
||||||
|
if ($this->expected_bytes > 0) {
|
||||||
|
$this->socket_buffer.= $data;
|
||||||
|
$this->expected_bytes -= strlen($data);
|
||||||
|
} else {
|
||||||
|
$agent_data_bytes = current(unpack('N', $data));
|
||||||
|
$current_data_bytes = strlen($data);
|
||||||
|
$this->socket_buffer = $data;
|
||||||
|
if ($current_data_bytes != $agent_data_bytes + 4) {
|
||||||
|
$this->expected_bytes = ($agent_data_bytes + 4) - $current_data_bytes;
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (strlen($this->socket_buffer) != fwrite($this->fsock, $this->socket_buffer)) {
|
||||||
|
user_error('Connection closed attempting to forward data to SSH agent');
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->socket_buffer = '';
|
||||||
|
$this->expected_bytes = 0;
|
||||||
|
|
||||||
|
$agent_reply_bytes = current(unpack('N', fread($this->fsock, 4)));
|
||||||
|
|
||||||
|
$agent_reply_data = fread($this->fsock, $agent_reply_bytes);
|
||||||
|
$agent_reply_data = current(unpack('a*', $agent_reply_data));
|
||||||
|
|
||||||
|
return pack('Na*', $agent_reply_bytes, $agent_reply_data);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
||||||
78
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH_Agent.php
Normal file → Executable file
78
rainloop/v/0.0.0/app/libraries/phpseclib/System/SSH_Agent.php
Normal file → Executable file
|
|
@ -1,39 +1,39 @@
|
||||||
<?php
|
<?php
|
||||||
/**
|
/**
|
||||||
* Pure-PHP ssh-agent client wrapper
|
* Pure-PHP ssh-agent client wrapper
|
||||||
*
|
*
|
||||||
* PHP versions 4 and 5
|
* PHP versions 4 and 5
|
||||||
*
|
*
|
||||||
* Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of
|
* Originally System_SSH_Agent was accessed as System/SSH_Agent.php instead of
|
||||||
* System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders
|
* System/SSH/Agent.php. The problem with this is that PSR0 compatible autoloaders
|
||||||
* don't support that kind of directory layout hence the package being moved and
|
* don't support that kind of directory layout hence the package being moved and
|
||||||
* this "alias" being created to maintain backwards compatibility.
|
* this "alias" being created to maintain backwards compatibility.
|
||||||
*
|
*
|
||||||
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
* LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||||
* of this software and associated documentation files (the "Software"), to deal
|
* of this software and associated documentation files (the "Software"), to deal
|
||||||
* in the Software without restriction, including without limitation the rights
|
* in the Software without restriction, including without limitation the rights
|
||||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||||
* copies of the Software, and to permit persons to whom the Software is
|
* copies of the Software, and to permit persons to whom the Software is
|
||||||
* furnished to do so, subject to the following conditions:
|
* furnished to do so, subject to the following conditions:
|
||||||
*
|
*
|
||||||
* The above copyright notice and this permission notice shall be included in
|
* The above copyright notice and this permission notice shall be included in
|
||||||
* all copies or substantial portions of the Software.
|
* all copies or substantial portions of the Software.
|
||||||
*
|
*
|
||||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||||
* THE SOFTWARE.
|
* THE SOFTWARE.
|
||||||
*
|
*
|
||||||
* @category System
|
* @category System
|
||||||
* @package System_SSH_Agent
|
* @package System_SSH_Agent
|
||||||
* @author Jim Wigginton <terrafrost@php.net>
|
* @author Jim Wigginton <terrafrost@php.net>
|
||||||
* @copyright 2014 Jim Wigginton
|
* @copyright 2014 Jim Wigginton
|
||||||
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
* @link http://phpseclib.sourceforge.net
|
* @link http://phpseclib.sourceforge.net
|
||||||
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
* @internal See http://api.libssh.org/rfc/PROTOCOL.agent
|
||||||
*/
|
*/
|
||||||
|
|
||||||
require_once 'SSH/Agent.php';
|
require_once 'SSH/Agent.php';
|
||||||
|
|
|
||||||
16
rainloop/v/0.0.0/app/libraries/phpseclib/bootstrap.php
Executable file
16
rainloop/v/0.0.0/app/libraries/phpseclib/bootstrap.php
Executable file
|
|
@ -0,0 +1,16 @@
|
||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Bootstrapping File for phpseclib
|
||||||
|
*
|
||||||
|
* @license http://www.opensource.org/licenses/mit-license.html MIT License
|
||||||
|
*/
|
||||||
|
|
||||||
|
if (extension_loaded('mbstring')) {
|
||||||
|
// 2 - MB_OVERLOAD_STRING
|
||||||
|
if (ini_get('mbstring.func_overload') & 2) {
|
||||||
|
throw new \UnexpectedValueException(
|
||||||
|
'Overloading of string functions using mbstring.func_overload ' .
|
||||||
|
'is not supported by phpseclib.'
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
12
rainloop/v/0.0.0/app/libraries/phpseclib/openssl.cnf
Normal file → Executable file
12
rainloop/v/0.0.0/app/libraries/phpseclib/openssl.cnf
Normal file → Executable file
|
|
@ -1,6 +1,6 @@
|
||||||
# minimalist openssl.cnf file for use with phpseclib
|
# minimalist openssl.cnf file for use with phpseclib
|
||||||
|
|
||||||
HOME = .
|
HOME = .
|
||||||
RANDFILE = $ENV::HOME/.rnd
|
RANDFILE = $ENV::HOME/.rnd
|
||||||
|
|
||||||
[ v3_ca ]
|
[ v3_ca ]
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue