25,8 → 25,6 |
* |
* - Please read all the other comments/notes/hints here also for each class var/method |
* |
* @category Crypt |
* @package Base |
* @author Jim Wigginton <terrafrost@php.net> |
* @author Hans-Juergen Petrich <petrich@tronic-media.com> |
* @copyright 2007 Jim Wigginton |
37,6 → 35,7 |
namespace phpseclib3\Crypt\Common; |
|
use phpseclib3\Common\Functions\Strings; |
use phpseclib3\Crypt\Blowfish; |
use phpseclib3\Crypt\Hash; |
use phpseclib3\Exception\BadDecryptionException; |
use phpseclib3\Exception\BadModeException; |
50,7 → 49,6 |
/** |
* Base Class for all \phpseclib3\Crypt\* cipher classes |
* |
* @package Base |
* @author Jim Wigginton <terrafrost@php.net> |
* @author Hans-Juergen Petrich <petrich@tronic-media.com> |
*/ |
62,7 → 60,6 |
* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. |
* |
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
71,7 → 68,6 |
* Encrypt / decrypt using the Electronic Code Book mode. |
* |
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
80,7 → 76,6 |
* Encrypt / decrypt using the Code Book Chaining mode. |
* |
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
89,7 → 84,6 |
* Encrypt / decrypt using the Cipher Feedback mode. |
* |
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
97,7 → 91,6 |
/** |
* Encrypt / decrypt using the Cipher Feedback mode (8bit) |
* |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
105,7 → 98,6 |
/** |
* Encrypt / decrypt using the Output Feedback mode (8bit) |
* |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
114,7 → 106,6 |
* Encrypt / decrypt using the Output Feedback mode. |
* |
* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
123,7 → 114,6 |
* Encrypt / decrypt using Galois/Counter mode. |
* |
* @link https://en.wikipedia.org/wiki/Galois/Counter_Mode |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
131,7 → 121,6 |
/** |
* Encrypt / decrypt using streaming mode. |
* |
* @access public |
* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
*/ |
140,7 → 129,6 |
/** |
* Mode Map |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const MODE_MAP = [ |
158,7 → 146,6 |
/** |
* Base value for the internal implementation $engine switch |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const ENGINE_INTERNAL = 1; |
165,7 → 152,6 |
/** |
* Base value for the eval() implementation $engine switch |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const ENGINE_EVAL = 2; |
172,7 → 158,6 |
/** |
* Base value for the mcrypt implementation $engine switch |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const ENGINE_MCRYPT = 3; |
179,7 → 164,6 |
/** |
* Base value for the openssl implementation $engine switch |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const ENGINE_OPENSSL = 4; |
186,7 → 170,6 |
/** |
* Base value for the libsodium implementation $engine switch |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const ENGINE_LIBSODIUM = 5; |
193,7 → 176,6 |
/** |
* Base value for the openssl / gcm implementation $engine switch |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
*/ |
const ENGINE_OPENSSL_GCM = 6; |
201,7 → 183,6 |
/** |
* Engine Reverse Map |
* |
* @access private |
* @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine() |
*/ |
const ENGINE_MAP = [ |
218,7 → 199,6 |
* |
* @see self::__construct() |
* @var int |
* @access private |
*/ |
protected $mode; |
|
226,7 → 206,6 |
* The Block Length of the block cipher |
* |
* @var int |
* @access private |
*/ |
protected $block_size = 16; |
|
235,16 → 214,22 |
* |
* @see self::setKey() |
* @var string |
* @access private |
*/ |
protected $key = false; |
|
/** |
* HMAC Key |
* |
* @see self::setupGCM() |
* @var ?string |
*/ |
protected $hKey = false; |
|
/** |
* The Initialization Vector |
* |
* @see self::setIV() |
* @var string |
* @access private |
*/ |
protected $iv = false; |
|
254,7 → 239,6 |
* @see self::enableContinuousBuffer() |
* @see self::clearBuffers() |
* @var string |
* @access private |
*/ |
protected $encryptIV; |
|
264,7 → 248,6 |
* @see self::enableContinuousBuffer() |
* @see self::clearBuffers() |
* @var string |
* @access private |
*/ |
protected $decryptIV; |
|
273,7 → 256,6 |
* |
* @see self::enableContinuousBuffer() |
* @var bool |
* @access private |
*/ |
protected $continuousBuffer = false; |
|
283,7 → 265,6 |
* @see self::encrypt() |
* @see self::clearBuffers() |
* @var array |
* @access private |
*/ |
protected $enbuffer; |
|
293,7 → 274,6 |
* @see self::decrypt() |
* @see self::clearBuffers() |
* @var array |
* @access private |
*/ |
protected $debuffer; |
|
305,7 → 285,6 |
* |
* @see self::encrypt() |
* @var resource |
* @access private |
*/ |
private $enmcrypt; |
|
317,7 → 296,6 |
* |
* @see self::decrypt() |
* @var resource |
* @access private |
*/ |
private $demcrypt; |
|
327,7 → 305,6 |
* @see \phpseclib3\Crypt\Twofish::setKey() |
* @see \phpseclib3\Crypt\Twofish::setIV() |
* @var bool |
* @access private |
*/ |
private $enchanged = true; |
|
337,7 → 314,6 |
* @see \phpseclib3\Crypt\Twofish::setKey() |
* @see \phpseclib3\Crypt\Twofish::setIV() |
* @var bool |
* @access private |
*/ |
private $dechanged = true; |
|
356,7 → 332,6 |
* @see self::decrypt() |
* @see self::setupMcrypt() |
* @var resource |
* @access private |
*/ |
private $ecb; |
|
378,7 → 353,6 |
* |
* @see self::encrypt() |
* @var int |
* @access private |
*/ |
protected $cfb_init_len = 600; |
|
389,7 → 363,6 |
* @see self::setIV() |
* @see self::disableContinuousBuffer() |
* @var bool |
* @access private |
*/ |
protected $changed = true; |
|
398,7 → 371,6 |
* |
* @see self::setup() |
* @var bool |
* @access private |
*/ |
protected $nonIVChanged = true; |
|
407,7 → 379,6 |
* |
* @see self::enablePadding() |
* @var bool |
* @access private |
*/ |
private $padding = true; |
|
416,7 → 387,6 |
* |
* @see self::__construct() |
* @var bool |
* @access private |
*/ |
private $paddable = false; |
|
436,7 → 406,6 |
* @see self::encrypt() |
* @see self::decrypt() |
* @var int |
* @access private |
*/ |
protected $engine; |
|
446,7 → 415,6 |
* @see self::setEngine() |
* @see self::setPreferredEngine() |
* @var int |
* @access private |
*/ |
private $preferredEngine; |
|
459,7 → 427,6 |
* @link http://www.php.net/mcrypt_list_algorithms |
* @see self::setupMcrypt() |
* @var string |
* @access private |
*/ |
protected $cipher_name_mcrypt; |
|
470,7 → 437,6 |
* |
* @link http://www.php.net/openssl-get-cipher-methods |
* @var string |
* @access private |
*/ |
protected $cipher_name_openssl; |
|
482,7 → 448,6 |
* |
* @link http://www.php.net/openssl-get-cipher-methods |
* @var string |
* @access private |
*/ |
protected $cipher_name_openssl_ecb; |
|
491,7 → 456,6 |
* |
* @see self::setPassword() |
* @var string |
* @access private |
*/ |
private $password_default_salt = 'phpseclib/salt'; |
|
505,7 → 469,6 |
* @see self::decrypt() |
* @see self::setupInlineCrypt() |
* @var Callback |
* @access private |
*/ |
protected $inline_crypt; |
|
514,7 → 477,6 |
* |
* @see self::openssl_ctr_process() |
* @var bool |
* @access private |
*/ |
private $openssl_emulate_ctr = false; |
|
523,7 → 485,6 |
* |
* @see self::clearBuffers() |
* @var bool |
* @access private |
*/ |
private $skip_key_adjustment = false; |
|
532,7 → 493,6 |
* |
* @see self::setKeyLength() |
* @var bool |
* @access private |
*/ |
protected $explicit_key_length = false; |
|
542,7 → 502,6 |
* @see self::setupGCM() |
* @see self::ghash() |
* @var BinaryField\Integer |
* @access private |
*/ |
private $h; |
|
550,7 → 509,6 |
* Additional authenticated data |
* |
* @var string |
* @access private |
*/ |
protected $aad = ''; |
|
558,7 → 516,6 |
* Authentication Tag produced after a round of encryption |
* |
* @var string |
* @access private |
*/ |
protected $newtag = false; |
|
566,7 → 523,6 |
* Authentication Tag to be verified during decryption |
* |
* @var string |
* @access private |
*/ |
protected $oldtag = false; |
|
576,7 → 532,6 |
* @see self::__construct() |
* @see self::ghash() |
* @var BinaryField |
* @access private |
*/ |
private static $gcmField; |
|
586,17 → 541,23 |
* @see self::enablePoly1305() |
* @see self::poly1305() |
* @var PrimeField |
* @access private |
*/ |
private static $poly1305Field; |
|
/** |
* Flag for using regular vs "safe" intval |
* |
* @see self::initialize_static_variables() |
* @var boolean |
*/ |
protected static $use_reg_intval; |
|
/** |
* Poly1305 Key |
* |
* @see self::setPoly1305Key() |
* @see self::poly1305() |
* @var string |
* @access private |
*/ |
protected $poly1305Key; |
|
606,7 → 567,6 |
* @see self::setPoly1305Key() |
* @see self::enablePoly1305() |
* @var boolean |
* @access private |
*/ |
protected $usePoly1305 = false; |
|
618,7 → 578,6 |
* |
* @see self::setIV() |
* @var string |
* @access private |
*/ |
private $origIV = false; |
|
630,7 → 589,6 |
* |
* @see self::setNonce() |
* @var string |
* @access private |
*/ |
protected $nonce = false; |
|
656,7 → 614,6 |
* - gcm |
* |
* @param string $mode |
* @access public |
* @throws BadModeException if an invalid / unsupported mode is provided |
*/ |
public function __construct($mode) |
698,9 → 655,46 |
} |
|
$this->mode = $mode; |
|
static::initialize_static_variables(); |
} |
|
/** |
* Initialize static variables |
*/ |
protected static function initialize_static_variables() |
{ |
if (!isset(self::$use_reg_intval)) { |
switch (true) { |
// PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster |
case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': |
case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': |
case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: |
self::$use_reg_intval = true; |
break; |
case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': |
switch (true) { |
/* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors: |
|
https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd |
|
altho the changelogs make no mention of it, this bug was fixed with this commit: |
|
https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8 |
|
affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */ |
case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: |
case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: |
self::$use_reg_intval = false; |
break; |
default: |
self::$use_reg_intval = true; |
} |
} |
} |
} |
|
/** |
* Sets the initialization vector. |
* |
* setIV() is not required when ecb or gcm modes are being used. |
707,7 → 701,6 |
* |
* {@internal Can be overwritten by a sub class, but does not have to be} |
* |
* @access public |
* @param string $iv |
* @throws \LengthException if the IV length isn't equal to the block size |
* @throws \BadMethodCallException if an IV is provided when one shouldn't be |
739,7 → 732,6 |
* |
* Once enabled Poly1305 cannot be disabled. |
* |
* @access public |
* @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode |
*/ |
public function enablePoly1305() |
757,7 → 749,6 |
* Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key |
* will be made. |
* |
* @access public |
* @param string $key optional |
* @throws \LengthException if the key isn't long enough |
* @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode |
786,7 → 777,6 |
* |
* setNonce() is only required when gcm is used |
* |
* @access public |
* @param string $nonce |
* @throws \BadMethodCallException if an nonce is provided when one shouldn't be |
*/ |
805,7 → 795,6 |
* |
* setAAD() is only used by gcm or in poly1305 mode |
* |
* @access public |
* @param string $aad |
* @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized |
*/ |
821,7 → 810,6 |
/** |
* Returns whether or not the algorithm uses an IV |
* |
* @access public |
* @return bool |
*/ |
public function usesIV() |
832,7 → 820,6 |
/** |
* Returns whether or not the algorithm uses a nonce |
* |
* @access public |
* @return bool |
*/ |
public function usesNonce() |
843,7 → 830,6 |
/** |
* Returns the current key length in bits |
* |
* @access public |
* @return int |
*/ |
public function getKeyLength() |
854,7 → 840,6 |
/** |
* Returns the current block length in bits |
* |
* @access public |
* @return int |
*/ |
public function getBlockLength() |
865,7 → 850,6 |
/** |
* Returns the current block length in bytes |
* |
* @access public |
* @return int |
*/ |
public function getBlockLengthInBytes() |
878,7 → 862,6 |
* |
* Keys with explicitly set lengths need to be treated accordingly |
* |
* @access public |
* @param int $length |
*/ |
public function setKeyLength($length) |
903,7 → 886,6 |
* |
* {@internal Could, but not must, extend by the child Crypt_* class} |
* |
* @access public |
* @param string $key |
*/ |
public function setKey($key) |
925,7 → 907,11 |
* $hash, $salt, $count, $dkLen |
* |
* Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php |
* {@link https://en.wikipedia.org/wiki/Bcrypt bcypt}: |
* $salt, $rounds, $keylen |
* |
* This is a modified version of bcrypt used by OpenSSH. |
* |
* {@internal Could, but not must, extend by the child Crypt_* class} |
* |
* @see Crypt/Hash.php |
933,8 → 919,8 |
* @param string $method |
* @param string[] ...$func_args |
* @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length |
* @throws \RuntimeException if bcrypt is being used and a salt isn't provided |
* @return bool |
* @access public |
*/ |
public function setPassword($password, $method = 'pbkdf2', ...$func_args) |
{ |
942,6 → 928,22 |
|
$method = strtolower($method); |
switch ($method) { |
case 'bcrypt': |
if (!isset($func_args[2])) { |
throw new \RuntimeException('A salt must be provided for bcrypt to work'); |
} |
|
$salt = $func_args[0]; |
|
$rounds = isset($func_args[1]) ? $func_args[1] : 16; |
$keylen = isset($func_args[2]) ? $func_args[2] : $this->key_length; |
|
$key = Blowfish::bcrypt_pbkdf($password, $salt, $keylen + $this->block_size, $rounds); |
|
$this->setKey(substr($key, 0, $keylen)); |
$this->setIV(substr($key, $keylen)); |
|
return true; |
case 'pkcs12': // from https://tools.ietf.org/html/rfc7292#appendix-B.2 |
case 'pbkdf1': |
case 'pbkdf2': |
1074,7 → 1076,6 |
* {@link https://tools.ietf.org/html/rfc7292#appendix-B} |
* |
* @see self::setPassword() |
* @access private |
* @param int $n |
* @param \phpseclib3\Crypt\Hash $hashObj |
* @param string $i |
1137,7 → 1138,6 |
* {@internal Could, but not must, extend by the child Crypt_* class} |
* |
* @see self::decrypt() |
* @access public |
* @param string $plaintext |
* @return string $ciphertext |
*/ |
1517,7 → 1517,6 |
* {@internal Could, but not must, extend by the child Crypt_* class} |
* |
* @see self::encrypt() |
* @access public |
* @param string $ciphertext |
* @return string $plaintext |
* @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size |
1589,7 → 1588,7 |
$plaintext = ''; |
if ($this->continuousBuffer) { |
$iv = &$this->decryptIV; |
$pos = &$this->buffer['pos']; |
$pos = &$this->debuffer['pos']; |
} else { |
$iv = $this->decryptIV; |
$pos = 0; |
1888,7 → 1887,6 |
* @see self::encrypt() |
* @param int $length optional |
* @return string |
* @access public |
* @throws \LengthException if $length isn't of a sufficient length |
* @throws \RuntimeException if GCM mode isn't being used |
*/ |
1923,7 → 1921,6 |
* |
* @see self::decrypt() |
* @param string $tag |
* @access public |
* @throws \LengthException if $length isn't of a sufficient length |
* @throws \RuntimeException if GCM mode isn't being used |
*/ |
1953,7 → 1950,6 |
* @see self::decrypt() |
* @param string $iv |
* @return string |
* @access private |
*/ |
protected function getIV($iv) |
{ |
1974,7 → 1970,6 |
* @param string $encryptIV |
* @param array $buffer |
* @return string |
* @access private |
*/ |
private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer) |
{ |
2062,7 → 2057,6 |
* @param string $encryptIV |
* @param array $buffer |
* @return string |
* @access private |
*/ |
private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer) |
{ |
2108,7 → 2102,6 |
* May need to be overwritten by classes extending this one in some cases |
* |
* @return string |
* @access private |
*/ |
protected function openssl_translate_mode() |
{ |
2142,7 → 2135,6 |
* transmitted separately) |
* |
* @see self::disablePadding() |
* @access public |
*/ |
public function enablePadding() |
{ |
2153,7 → 2145,6 |
* Do not pad packets. |
* |
* @see self::enablePadding() |
* @access public |
*/ |
public function disablePadding() |
{ |
2197,7 → 2188,6 |
* {@internal Could, but not must, extend by the child Crypt_* class} |
* |
* @see self::disableContinuousBuffer() |
* @access public |
*/ |
public function enableContinuousBuffer() |
{ |
2222,7 → 2212,6 |
* {@internal Could, but not must, extend by the child Crypt_* class} |
* |
* @see self::enableContinuousBuffer() |
* @access public |
*/ |
public function disableContinuousBuffer() |
{ |
2243,7 → 2232,6 |
* |
* @see self::__construct() |
* @param int $engine |
* @access private |
* @return bool |
*/ |
protected function isValidEngineHelper($engine) |
2293,7 → 2281,6 |
* |
* @see self::__construct() |
* @param string $engine |
* @access public |
* @return bool |
*/ |
public function isValidEngine($engine) |
2330,7 → 2317,6 |
* |
* @see self::__construct() |
* @param string $engine |
* @access public |
*/ |
public function setPreferredEngine($engine) |
{ |
2339,7 → 2325,7 |
$reverseMap = array_map('strtolower', self::ENGINE_MAP); |
$reverseMap = array_flip($reverseMap); |
} |
$engine = strtolower($engine); |
$engine = is_string($engine) ? strtolower($engine) : ''; |
$this->preferredEngine = isset($reverseMap[$engine]) ? $reverseMap[$engine] : self::ENGINE_LIBSODIUM; |
|
$this->setEngine(); |
2349,7 → 2335,6 |
* Returns the engine currently being utilized |
* |
* @see self::setEngine() |
* @access public |
*/ |
public function getEngine() |
{ |
2360,7 → 2345,6 |
* Sets the engine as appropriate |
* |
* @see self::__construct() |
* @access private |
*/ |
protected function setEngine() |
{ |
2415,7 → 2399,6 |
* |
* Note: Must be extended by the child \phpseclib3\Crypt\* class |
* |
* @access private |
* @param string $in |
* @return string |
*/ |
2426,7 → 2409,6 |
* |
* Note: Must be extended by the child \phpseclib3\Crypt\* class |
* |
* @access private |
* @param string $in |
* @return string |
*/ |
2440,7 → 2422,6 |
* Note: Must extend by the child \phpseclib3\Crypt\* class |
* |
* @see self::setup() |
* @access private |
*/ |
abstract protected function setupKey(); |
|
2468,7 → 2449,6 |
* @see self::setKey() |
* @see self::setIV() |
* @see self::disableContinuousBuffer() |
* @access private |
*/ |
protected function setup() |
{ |
2571,7 → 2551,6 |
* @see self::unpad() |
* @param string $text |
* @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size |
* @access private |
* @return string |
*/ |
protected function pad($text) |
2600,7 → 2579,6 |
* @see self::pad() |
* @param string $text |
* @throws \LengthException if the ciphertext's length is not a multiple of the block size |
* @access private |
* @return string |
*/ |
protected function unpad($text) |
2674,7 → 2652,6 |
* @see self::createInlineCryptFunction() |
* @see self::encrypt() |
* @see self::decrypt() |
* @access private |
*/ |
//protected function setupInlineCrypt(); |
|
2786,7 → 2763,6 |
* @see self::encrypt() |
* @see self::decrypt() |
* @param array $cipher_code |
* @access private |
* @return string (the name of the created callback function) |
*/ |
protected function createInlineCryptFunction($cipher_code) |
3234,18 → 3210,19 |
* |
* On ARM CPUs converting floats to ints doesn't always work |
* |
* @access private |
* @param string $x |
* @return int |
*/ |
protected static function safe_intval($x) |
{ |
switch (true) { |
case is_int($x): |
// PHP 5.3, per http://php.net/releases/5_3_0.php, introduced "more consistent float rounding" |
case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': |
if (is_int($x)) { |
return $x; |
} |
|
if (self::$use_reg_intval) { |
return PHP_INT_SIZE == 4 && PHP_VERSION_ID >= 80100 ? intval($x) : $x; |
} |
|
return (fmod($x, 0x80000000) & 0x7FFFFFFF) | |
((fmod(floor($x / 0x80000000), 2) & 1) << 31); |
} |
3253,21 → 3230,17 |
/** |
* eval()'able string for in-line float to int |
* |
* @access private |
* @return string |
*/ |
protected static function safe_intval_inline() |
{ |
switch (true) { |
case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: |
case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': |
return '%s'; |
break; |
default: |
if (self::$use_reg_intval) { |
return PHP_INT_SIZE == 4 && PHP_VERSION_ID >= 80100 ? 'intval(%s)' : '%s'; |
} |
|
$safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; |
return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; |
} |
} |
|
/** |
* Sets up GCM parameters |
3275,12 → 3248,11 |
* See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23 |
* for more info |
* |
* @access private |
*/ |
private function setupGCM() |
{ |
// don't keep on re-calculating $this->h |
if (!$this->h || $this->h->key != $this->key) { |
if (!$this->h || $this->hKey != $this->key) { |
$cipher = new static('ecb'); |
$cipher->setKey($this->key); |
$cipher->disablePadding(); |
3288,7 → 3260,7 |
$this->h = self::$gcmField->newInteger( |
Strings::switchEndianness($cipher->encrypt("\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0")) |
); |
$this->h->key = $this->key; |
$this->hKey = $this->key; |
} |
|
if (strlen($this->nonce) == 12) { |
3308,7 → 3280,6 |
* |
* @see self::decrypt() |
* @see self::encrypt() |
* @access private |
* @param string $x |
* @return string |
*/ |
3343,7 → 3314,6 |
* @see self::decrypt() |
* @see self::encrypt() |
* @see self::setupGCM() |
* @access private |
* @param string $str |
* @return string |
*/ |
3358,7 → 3328,6 |
* @see self::decrypt() |
* @see self::encrypt() |
* @see self::setupGCM() |
* @access private |
* @param string $str |
* @return string |
*/ |
3376,7 → 3345,6 |
* |
* @see self::decrypt() |
* @see self::encrypt() |
* @access private |
* @param string $text |
* @return string |
*/ |
3409,7 → 3377,6 |
* |
* You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode |
* |
* @access public |
* @return string |
*/ |
public function getMode() |
3416,4 → 3383,14 |
{ |
return array_flip(self::MODE_MAP)[$this->mode]; |
} |
|
/** |
* Is the continuous buffer enabled? |
* |
* @return boolean |
*/ |
public function continuousBufferEnabled() |
{ |
return $this->continuousBuffer; |
} |
} |