From 755fcf43b709b49e122212277e2a25df05bb311c Mon Sep 17 00:00:00 2001 From: djmaze Date: Wed, 2 Dec 2020 11:25:11 +0100 Subject: [PATCH] Cleanup encryption methods Removed asymmetric decryption/encryption because it is limited to key size. openssl_seal/openssl_open would the choice when needed. --- .../0.0.0/app/libraries/MailSo/Base/Crypt.php | 140 ++---------------- .../0.0.0/app/libraries/MailSo/Base/Xxtea.php | 139 +++++++++++++++++ .../v/0.0.0/app/libraries/RainLoop/Utils.php | 122 ++------------- 3 files changed, 159 insertions(+), 242 deletions(-) create mode 100644 snappymail/v/0.0.0/app/libraries/MailSo/Base/Xxtea.php diff --git a/snappymail/v/0.0.0/app/libraries/MailSo/Base/Crypt.php b/snappymail/v/0.0.0/app/libraries/MailSo/Base/Crypt.php index fca5ad739..e79e06317 100644 --- a/snappymail/v/0.0.0/app/libraries/MailSo/Base/Crypt.php +++ b/snappymail/v/0.0.0/app/libraries/MailSo/Base/Crypt.php @@ -24,10 +24,13 @@ class Crypt return ''; } if ($sCipher && \is_callable('openssl_encrypt')) { - $iv = str_pad('', openssl_cipher_iv_length($sCipher), sha1($sKey)); - return openssl_encrypt($sString, $sCipher, $sKey, OPENSSL_RAW_DATA, $iv); + $iv = \str_pad('', \openssl_cipher_iv_length($sCipher), \sha1($sKey)); + return \openssl_encrypt($sString, $sCipher, $sKey, OPENSSL_RAW_DATA, $iv); } - return static::XxteaEncrypt($sString, $sKey); + if (\is_callable('xxtea_encrypt')) { + return \xxtea_encrypt($sString, $sKey); + } + return Xxtea::encrypt($sString, $sKey); } public static function Decrypt(string $sString, string $sKey, string $sCipher = '') : string @@ -36,136 +39,13 @@ class Crypt return ''; } if ($sCipher && \is_callable('openssl_encrypt')) { - $iv = str_pad('', openssl_cipher_iv_length($sCipher), sha1($sKey)); - return openssl_decrypt($sString, $sCipher, $sKey, OPENSSL_RAW_DATA, $iv); + $iv = \str_pad('', \openssl_cipher_iv_length($sCipher), \sha1($sKey)); + return \openssl_decrypt($sString, $sCipher, $sKey, OPENSSL_RAW_DATA, $iv); } - return static::XxteaDecrypt($sString, $sKey); - } - - private static function XxteaEncrypt(string $sString, string $sKey) : string - { - if (\is_callable('xxtea_encrypt')) { - return xxtea_encrypt($sString, $sKey); - } - - $aV = self::str2long($sString, true); - $aK = self::str2long($sKey, false); - if (\count($aK) < 4) - { - for ($iIndex = \count($aK); $iIndex < 4; $iIndex++) - { - $aK[$iIndex] = 0; - } - } - $iN = \count($aV) - 1; - - $iZ = $aV[$iN]; - $iY = $aV[0]; - $iDelta = 0x9E3779B9; - $iQ = \floor(6 + 52 / ($iN + 1)); - $iSum = 0; - while (0 < $iQ--) - { - $iSum = self::int32($iSum + $iDelta); - $iE = $iSum >> 2 & 3; - for ($iPIndex = 0; $iPIndex < $iN; $iPIndex++) - { - $iY = $aV[$iPIndex + 1]; - $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + - (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); - $iZ = $aV[$iPIndex] = self::int32($aV[$iPIndex] + $iMx); - } - $iY = $aV[0]; - $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + - (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); - $iZ = $aV[$iN] = self::int32($aV[$iN] + $iMx); - } - - return self::long2str($aV, false); - } - - private static function XxteaDecrypt(string $sEncryptedString, string $sKey) : string - { if (\is_callable('xxtea_decrypt')) { - return xxtea_decrypt($sEncryptedString, $sKey); + return \xxtea_decrypt($sEncryptedString, $sKey); } - - $aV = self::str2long($sEncryptedString, false); - $aK = self::str2long($sKey, false); - - if (\count($aK) < 4) - { - for ($iIndex = \count($aK); $iIndex < 4; $iIndex++) - { - $aK[$iIndex] = 0; - } - } - - $iN = \count($aV) - 1; - - $iZ = $aV[$iN]; - $iY = $aV[0]; - $iDelta = 0x9E3779B9; - $iQ = \floor(6 + 52 / ($iN + 1)); - $iSum = self::int32($iQ * $iDelta); - while ($iSum != 0) - { - $iE = $iSum >> 2 & 3; - for ($iPIndex = $iN; $iPIndex > 0; $iPIndex--) - { - $iZ = $aV[$iPIndex - 1]; - $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + - (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); - $iY = $aV[$iPIndex] = self::int32($aV[$iPIndex] - $iMx); - } - $iZ = $aV[$iN]; - $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + - (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); - $iY = $aV[0] = self::int32($aV[0] - $iMx); - $iSum = self::int32($iSum - $iDelta); - } - - return self::long2str($aV, true); + return Xxtea::decrypt($sEncryptedString, $sKey); } - private static function long2str(array $aV, bool $aW) : string - { - $iLen = \count($aV); - $iN = ($iLen - 1) << 2; - if ($aW) - { - $iM = $aV[$iLen - 1]; - if (($iM < $iN - 3) || ($iM > $iN)) - { - return false; - } - $iN = $iM; - } - $aS = array(); - for ($iIndex = 0; $iIndex < $iLen; $iIndex++) - { - $aS[$iIndex] = \pack('V', $aV[$iIndex]); - } - if ($aW) - { - return \substr(\join('', $aS), 0, $iN); - } - return \join('', $aS); - } - - private static function str2long(string $sS, string $sW) : array - { - $aV = \unpack('V*', $sS . \str_repeat("\0", (4 - \strlen($sS) % 4) & 3)); - $aV = \array_values($aV); - if ($sW) - { - $aV[\count($aV)] = \strlen($sS); - } - return $aV; - } - - private static function int32(int $iN) : int - { - return $iN & 0xffffffff; - } } diff --git a/snappymail/v/0.0.0/app/libraries/MailSo/Base/Xxtea.php b/snappymail/v/0.0.0/app/libraries/MailSo/Base/Xxtea.php new file mode 100644 index 000000000..ffd929839 --- /dev/null +++ b/snappymail/v/0.0.0/app/libraries/MailSo/Base/Xxtea.php @@ -0,0 +1,139 @@ +> 2 & 3; + for ($iPIndex = 0; $iPIndex < $iN; $iPIndex++) + { + $iY = $aV[$iPIndex + 1]; + $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + + (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); + $iZ = $aV[$iPIndex] = self::int32($aV[$iPIndex] + $iMx); + } + $iY = $aV[0]; + $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + + (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); + $iZ = $aV[$iN] = self::int32($aV[$iN] + $iMx); + } + + return self::long2str($aV, false); + } + + public static function Decrypt(string $sEncryptedString, string $sKey) : string + { + $aV = self::str2long($sEncryptedString, false); + $aK = self::str2long($sKey, false); + + if (\count($aK) < 4) + { + for ($iIndex = \count($aK); $iIndex < 4; $iIndex++) + { + $aK[$iIndex] = 0; + } + } + + $iN = \count($aV) - 1; + + $iZ = $aV[$iN]; + $iY = $aV[0]; + $iDelta = 0x9E3779B9; + $iQ = \floor(6 + 52 / ($iN + 1)); + $iSum = self::int32($iQ * $iDelta); + while ($iSum != 0) + { + $iE = $iSum >> 2 & 3; + for ($iPIndex = $iN; $iPIndex > 0; $iPIndex--) + { + $iZ = $aV[$iPIndex - 1]; + $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + + (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); + $iY = $aV[$iPIndex] = self::int32($aV[$iPIndex] - $iMx); + } + $iZ = $aV[$iN]; + $iMx = self::int32((($iZ >> 5 & 0x07ffffff) ^ $iY << 2) + + (($iY >> 3 & 0x1fffffff) ^ $iZ << 4)) ^ self::int32(($iSum ^ $iY) + ($aK[$iPIndex & 3 ^ $iE] ^ $iZ)); + $iY = $aV[0] = self::int32($aV[0] - $iMx); + $iSum = self::int32($iSum - $iDelta); + } + + return self::long2str($aV, true); + } + + private static function long2str(array $aV, bool $aW) : string + { + $iLen = \count($aV); + $iN = ($iLen - 1) << 2; + if ($aW) + { + $iM = $aV[$iLen - 1]; + if (($iM < $iN - 3) || ($iM > $iN)) + { + return false; + } + $iN = $iM; + } + $aS = array(); + for ($iIndex = 0; $iIndex < $iLen; $iIndex++) + { + $aS[$iIndex] = \pack('V', $aV[$iIndex]); + } + if ($aW) + { + return \substr(\join('', $aS), 0, $iN); + } + return \join('', $aS); + } + + private static function str2long(string $sS, string $sW) : array + { + $aV = \unpack('V*', $sS . \str_repeat("\0", (4 - \strlen($sS) % 4) & 3)); + $aV = \array_values($aV); + if ($sW) + { + $aV[\count($aV)] = \strlen($sS); + } + return $aV; + } + + private static function int32(int $iN) : int + { + return $iN & 0xffffffff; + } +} diff --git a/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php b/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php index c05c572e5..15bd234e2 100644 --- a/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php +++ b/snappymail/v/0.0.0/app/libraries/RainLoop/Utils.php @@ -16,90 +16,6 @@ class Utils static $Cookies = null; - static $RsaKey = null; - - public static function RsaPrivateKey() : string - { - if (!empty(static::$RsaKey)) - { - return static::$RsaKey; - } - - static::$RsaKey = \file_exists(APP_PRIVATE_DATA.'rsa/private') ? - \file_get_contents(APP_PRIVATE_DATA.'rsa/private') : ''; - - static::$RsaKey = \is_string(static::$RsaKey) ? static::$RsaKey : ''; - } - - public static function EncryptStringRSA(string $sString, string $sKey = '') : string - { - $sResult = ''; - $sKey = \md5($sKey); - - $sPrivateKey = static::RsaPrivateKey(); - if (!empty($sPrivateKey)) - { - $oPrivKey = \openssl_pkey_get_private($sPrivateKey); - $oKeyDetails = \openssl_pkey_get_details($oPrivKey); - - if (!empty($oKeyDetails['key']) && !empty($oKeyDetails['bits'])) - { - $oPubKey = \openssl_pkey_get_public($oKeyDetails['key']); - - $iC = (($oKeyDetails['bits'] / 8) - 15); - $aString = \str_split($sString, $iC); - - foreach ($aString as $iIndex => $sLine) - { - $sEncrypted = ''; - \openssl_public_encrypt($sLine, $sEncrypted, $oPubKey); - $aString[$iIndex] = $sEncrypted; - } - - $aString[] = $sKey; - $sResult = \serialize($aString); - - \openssl_free_key($oPubKey); - } - - \openssl_free_key($oPrivKey); - } - - return $sResult; - } - - public static function DecryptStringRSA(string $sString, string $sKey = '') : string - { - $sResult = ''; - $sKey = \md5($sKey); - - $sPrivateKey = static::RsaPrivateKey(); - if (!empty($sPrivateKey) && !empty($sString)) - { - $oPrivKey = \openssl_pkey_get_private($sPrivateKey); - - $aString = \unserialize($sString); - if (\is_array($aString)) - { - if ($sKey === \array_pop($aString)) - { - foreach ($aString as $iIndex => $sLine) - { - $sDecrypted = ''; - \openssl_private_decrypt($sLine, $sDecrypted, $oPrivKey); - $aString[$iIndex] = $sDecrypted; - } - - $sResult = \implode('', $aString); - } - } - - \openssl_free_key($oPrivKey); - } - - return $sResult; - } - public static function EncryptString(string $sString, string $sKey) : string { return \MailSo\Base\Crypt::Encrypt($sString, $sKey); @@ -112,26 +28,12 @@ class Utils public static function EncryptStringQ(string $sString, string $sKey) : string { -// if (\MailSo\Base\Utils::FunctionExistsAndEnabled('openssl_pkey_get_private')) -// { -// return static::EncryptStringRSA($sString, -// $sKey.'Q'.static::GetShortToken()); -// } - - return \MailSo\Base\Crypt::Encrypt($sString, - $sKey.'Q'.static::GetShortToken()); + return \MailSo\Base\Crypt::Encrypt($sString, $sKey.'Q'.static::GetShortToken()); } public static function DecryptStringQ(string $sEncryptedString, string $sKey) : string { -// if (\MailSo\Base\Utils::FunctionExistsAndEnabled('openssl_pkey_get_private')) -// { -// return static::DecryptStringRSA($sEncryptedString, -// $sKey.'Q'.static::GetShortToken()); -// } - - return \MailSo\Base\Crypt::Decrypt($sEncryptedString, - $sKey.'Q'.static::GetShortToken()); + return \MailSo\Base\Crypt::Decrypt($sEncryptedString, $sKey.'Q'.static::GetShortToken()); } public static function EncodeKeyValues(array $aValues, string $sCustomKey = '') : string @@ -235,14 +137,14 @@ class Utils { if (\file_exists($sFileName)) { - if ('.yml' === substr($sFileName, -4)) + if ('.yml' === \substr($sFileName, -4)) { $aLang = \yaml_parse_file($sFileName); if (\is_array($aLang)) { \reset($aLang); - $sLangKey = key($aLang); - if (isset($aLang[$sLangKey]) && is_array($aLang[$sLangKey])) + $sLangKey = \key($aLang); + if (isset($aLang[$sLangKey]) && \is_array($aLang[$sLangKey])) { $aLang = $aLang[$sLangKey]; } @@ -336,7 +238,7 @@ class Utils { if (null === static::$Cookies) { - static::$Cookies = is_array($_COOKIE) ? $_COOKIE : array(); + static::$Cookies = \is_array($_COOKIE) ? $_COOKIE : array(); } return isset(static::$Cookies[$sName]) ? static::$Cookies[$sName] : $mDefault; @@ -346,7 +248,7 @@ class Utils { if (null === static::$Cookies) { - static::$Cookies = is_array($_COOKIE) ? $_COOKIE : array(); + static::$Cookies = \is_array($_COOKIE) ? $_COOKIE : array(); } if (null === $sPath) @@ -375,7 +277,7 @@ class Utils { if (null === static::$Cookies) { - static::$Cookies = is_array($_COOKIE) ? $_COOKIE : array(); + static::$Cookies = \is_array($_COOKIE) ? $_COOKIE : array(); } $sPath = static::$CookieDefaultPath; @@ -430,11 +332,7 @@ class Utils public static function CustomParseIniFile(string $sFileName, bool $bProcessSections = false) : array { -// if (\MailSo\Base\Utils::FunctionExistsAndEnabled('parse_ini_file')) -// { -// return \parse_ini_file($sFileName, !!$bProcessSections); -// } - - return @\parse_ini_string(\file_get_contents($sFileName), $bProcessSections) ?: array(); + return @\parse_ini_file($sFileName, !!$bProcessSections) ?: array(); +// return @\parse_ini_string(\file_get_contents($sFileName), $bProcessSections) ?: array(); } }