WebSVN – oidplus – Diff – /trunk/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php



 *  - Look at the source code of the current ciphers how they extend \phpseclib3\Crypt\Common\SymmetricKey
 *    and take one of them as a start up for the new cipher class.
 *
 *  - Please read all the other comments/notes/hints here also for each class var/method
 *
 * @category  Crypt
 * @package   Base
 * @author    Jim Wigginton <terrafrost@php.net>
 * @author    Hans-Juergen Petrich <petrich@tronic-media.com>
 * @copyright 2007 Jim Wigginton
 * @license   http://www.opensource.org/licenses/mit-license.html  MIT License
 * @link      http://phpseclib.sourceforge.net

use phpseclib3\Math\PrimeField;
 
/**
 * Base Class for all \phpseclib3\Crypt\* cipher classes
 *
 * @package Base
 * @author  Jim Wigginton <terrafrost@php.net>
 * @author  Hans-Juergen Petrich <petrich@tronic-media.com>
 */
abstract class SymmetricKey
{

     * Encrypt / decrypt using the Counter mode.
     *
     * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
     *
     * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_CTR = -1;
    /**
     * Encrypt / decrypt using the Electronic Code Book mode.
     *
     * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_ECB = 1;
    /**
     * Encrypt / decrypt using the Code Book Chaining mode.
     *
     * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_CBC = 2;
    /**
     * Encrypt / decrypt using the Cipher Feedback mode.
     *
     * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_CFB = 3;
    /**
     * Encrypt / decrypt using the Cipher Feedback mode (8bit)
     *
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_CFB8 = 7;
    /**
     * Encrypt / decrypt using the Output Feedback mode (8bit)
     *
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_OFB8 = 8;
    /**
     * Encrypt / decrypt using the Output Feedback mode.
     *
     * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_OFB = 4;
    /**
     * Encrypt / decrypt using Galois/Counter mode.
     *
     * @link https://en.wikipedia.org/wiki/Galois/Counter_Mode
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_GCM = 5;
    /**
     * Encrypt / decrypt using streaming mode.
     *
     * @access public
     * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
     * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
     */
    const MODE_STREAM = 6;
 
    /**
     * Mode Map
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const MODE_MAP = [
        'ctr'    => self::MODE_CTR,
        'ecb'    => self::MODE_ECB,

    ];
 
    /**
     * Base value for the internal implementation $engine switch
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const ENGINE_INTERNAL = 1;
    /**
     * Base value for the eval() implementation $engine switch
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const ENGINE_EVAL = 2;
    /**
     * Base value for the mcrypt implementation $engine switch
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const ENGINE_MCRYPT = 3;
    /**
     * Base value for the openssl implementation $engine switch
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const ENGINE_OPENSSL = 4;
    /**
     * Base value for the libsodium implementation $engine switch
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const ENGINE_LIBSODIUM = 5;
    /**
     * Base value for the openssl / gcm implementation $engine switch
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
     */
    const ENGINE_OPENSSL_GCM = 6;
 
    /**
     * Engine Reverse Map
     *
     * @access private
     * @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine()
     */
    const ENGINE_MAP = [
        self::ENGINE_INTERNAL    => 'PHP',
        self::ENGINE_EVAL        => 'Eval',

    /**
     * The Encryption Mode
     *
     * @see self::__construct()
     * @var int
     * @access private
     */
    protected $mode;
 
    /**
     * The Block Length of the block cipher
     *
     * @var int
     * @access private
     */
    protected $block_size = 16;
 
    /**
     * The Key
     *
     * @see self::setKey()
     * @var string
     * @access private
     */
    protected $key = false;
 
    /**
     * The Initialization Vector
     *
     * @see self::setIV()
     * @var string
     * @access private
     */
    protected $iv = false;
 
    /**
     * A "sliding" Initialization Vector
     *
     * @see self::enableContinuousBuffer()
     * @see self::clearBuffers()
     * @var string
     * @access private
     */
    protected $encryptIV;
 
    /**
     * A "sliding" Initialization Vector
     *
     * @see self::enableContinuousBuffer()
     * @see self::clearBuffers()
     * @var string
     * @access private
     */
    protected $decryptIV;
 
    /**
     * Continuous Buffer status
     *
     * @see self::enableContinuousBuffer()
     * @var bool
     * @access private
     */
    protected $continuousBuffer = false;
 
    /**
     * Encryption buffer for CTR, OFB and CFB modes
     *
     * @see self::encrypt()
     * @see self::clearBuffers()
     * @var array
     * @access private
     */
    protected $enbuffer;
 
    /**
     * Decryption buffer for CTR, OFB and CFB modes
     *
     * @see self::decrypt()
     * @see self::clearBuffers()
     * @var array
     * @access private
     */
    protected $debuffer;
 
    /**
     * mcrypt resource for encryption

     * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
     * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
     *
     * @see self::encrypt()
     * @var resource
     * @access private
     */
    private $enmcrypt;
 
    /**
     * mcrypt resource for decryption

     * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
     * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
     *
     * @see self::decrypt()
     * @var resource
     * @access private
     */
    private $demcrypt;
 
    /**
     * Does the enmcrypt resource need to be (re)initialized?
     *
     * @see \phpseclib3\Crypt\Twofish::setKey()
     * @see \phpseclib3\Crypt\Twofish::setIV()
     * @var bool
     * @access private
     */
    private $enchanged = true;
 
    /**
     * Does the demcrypt resource need to be (re)initialized?
     *
     * @see \phpseclib3\Crypt\Twofish::setKey()
     * @see \phpseclib3\Crypt\Twofish::setIV()
     * @var bool
     * @access private
     */
    private $dechanged = true;
 
    /**
     * mcrypt resource for CFB mode

     * @link http://phpseclib.sourceforge.net/cfb-demo.phps
     * @see self::encrypt()
     * @see self::decrypt()
     * @see self::setupMcrypt()
     * @var resource
     * @access private
     */
    private $ecb;
 
    /**
     * Optimizing value while CFB-encrypting

     * which, typically, depends on the complexity
     * on its internaly Key-expanding algorithm.
     *
     * @see self::encrypt()
     * @var int
     * @access private
     */
    protected $cfb_init_len = 600;
 
    /**
     * Does internal cipher state need to be (re)initialized?
     *
     * @see self::setKey()
     * @see self::setIV()
     * @see self::disableContinuousBuffer()
     * @var bool
     * @access private
     */
    protected $changed = true;
 
    /**
     * Does Eval engie need to be (re)initialized?
     *
     * @see self::setup()
     * @var bool
     * @access private
     */
    protected $nonIVChanged = true;
 
    /**
     * Padding status
     *
     * @see self::enablePadding()
     * @var bool
     * @access private
     */
    private $padding = true;
 
    /**
     * Is the mode one that is paddable?
     *
     * @see self::__construct()
     * @var bool
     * @access private
     */
    private $paddable = false;
 
    /**
     * Holds which crypt engine internaly should be use,

     *
     * @see self::setEngine()
     * @see self::encrypt()
     * @see self::decrypt()
     * @var int
     * @access private
     */
    protected $engine;
 
    /**
     * Holds the preferred crypt engine
     *
     * @see self::setEngine()
     * @see self::setPreferredEngine()
     * @var int
     * @access private
     */
    private $preferredEngine;
 
    /**
     * The mcrypt specific name of the cipher

     *
     * @link http://www.php.net/mcrypt_module_open
     * @link http://www.php.net/mcrypt_list_algorithms
     * @see self::setupMcrypt()
     * @var string
     * @access private
     */
    protected $cipher_name_mcrypt;
 
    /**
     * The openssl specific name of the cipher
     *
     * Only used if $engine == self::ENGINE_OPENSSL
     *
     * @link http://www.php.net/openssl-get-cipher-methods
     * @var string
     * @access private
     */
    protected $cipher_name_openssl;
 
    /**
     * The openssl specific name of the cipher in ECB mode

     * If OpenSSL does not support the mode we're trying to use (CTR)
     * it can still be emulated with ECB mode.
     *
     * @link http://www.php.net/openssl-get-cipher-methods
     * @var string
     * @access private
     */
    protected $cipher_name_openssl_ecb;
 
    /**
     * The default salt used by setPassword()
     *
     * @see self::setPassword()
     * @var string
     * @access private
     */
    private $password_default_salt = 'phpseclib/salt';
 
    /**
     * The name of the performance-optimized callback function

     *
     * @see self::encrypt()
     * @see self::decrypt()
     * @see self::setupInlineCrypt()
     * @var Callback
     * @access private
     */
    protected $inline_crypt;
 
    /**
     * If OpenSSL can be used in ECB but not in CTR we can emulate CTR
     *
     * @see self::openssl_ctr_process()
     * @var bool
     * @access private
     */
    private $openssl_emulate_ctr = false;
 
    /**
     * Don't truncate / null pad key
     *
     * @see self::clearBuffers()
     * @var bool
     * @access private
     */
    private $skip_key_adjustment = false;
 
    /**
     * Has the key length explicitly been set or should it be derived from the key, itself?
     *
     * @see self::setKeyLength()
     * @var bool
     * @access private
     */
    protected $explicit_key_length = false;
 
    /**
     * Hash subkey for GHASH
     *
     * @see self::setupGCM()
     * @see self::ghash()
     * @var BinaryField\Integer
     * @access private
     */
    private $h;
 
    /**
     * Additional authenticated data
     *
     * @var string
     * @access private
     */
    protected $aad = '';
 
    /**
     * Authentication Tag produced after a round of encryption
     *
     * @var string
     * @access private
     */
    protected $newtag = false;
 
    /**
     * Authentication Tag to be verified during decryption
     *
     * @var string
     * @access private
     */
    protected $oldtag = false;
 
    /**
     * GCM Binary Field
     *
     * @see self::__construct()
     * @see self::ghash()
     * @var BinaryField
     * @access private
     */
    private static $gcmField;
 
    /**
     * Poly1305 Prime Field
     *
     * @see self::enablePoly1305()
     * @see self::poly1305()
     * @var PrimeField
     * @access private
     */
    private static $poly1305Field;
 
    /**
     * Poly1305 Key
     *
     * @see self::setPoly1305Key()
     * @see self::poly1305()
     * @var string
     * @access private
     */
    protected $poly1305Key;
 
    /**
     * Poly1305 Flag
     *
     * @see self::setPoly1305Key()
     * @see self::enablePoly1305()
     * @var boolean
     * @access private
     */
    protected $usePoly1305 = false;
 
    /**
     * The Original Initialization Vector

     * GCM uses the nonce to build the IV but we want to be able to distinguish between nonce-derived
     * IV's and user-set IV's
     *
     * @see self::setIV()
     * @var string
     * @access private
     */
    private $origIV = false;
 
    /**
     * Nonce

     * Only used with GCM. We could re-use setIV() but nonce's can be of a different length and
     * toggling between GCM and other modes could be more complicated if we re-used setIV()
     *
     * @see self::setNonce()
     * @var string
     * @access private
     */
    protected $nonce = false;
 
    /**
     * Default Constructor.

     * - ofb8
     *
     * - gcm
     *
     * @param string $mode
     * @access public
     * @throws BadModeException if an invalid / unsupported mode is provided
     */
    public function __construct($mode)
    {
        $mode = strtolower($mode);

     *
     * setIV() is not required when ecb or gcm modes are being used.
     *
     * {@internal Can be overwritten by a sub class, but does not have to be}
     *
     * @access public
     * @param string $iv
     * @throws \LengthException if the IV length isn't equal to the block size
     * @throws \BadMethodCallException if an IV is provided when one shouldn't be
     */
    public function setIV($iv)

    /**
     * Enables Poly1305 mode.
     *
     * Once enabled Poly1305 cannot be disabled.
     *
     * @access public
     * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode
     */
    public function enablePoly1305()
    {
        if ($this->mode == self::MODE_GCM) {

     * Enables Poly1305 mode.
     *
     * Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key
     * will be made.
     *
     * @access public
     * @param string $key optional
     * @throws \LengthException if the key isn't long enough
     * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode
     */
    public function setPoly1305Key($key = null)

    /**
     * Sets the nonce.
     *
     * setNonce() is only required when gcm is used
     *
     * @access public
     * @param string $nonce
     * @throws \BadMethodCallException if an nonce is provided when one shouldn't be
     */
    public function setNonce($nonce)
    {

    /**
     * Sets additional authenticated data
     *
     * setAAD() is only used by gcm or in poly1305 mode
     *
     * @access public
     * @param string $aad
     * @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized
     */
    public function setAAD($aad)
    {

    }
 
    /**
     * Returns whether or not the algorithm uses an IV
     *
     * @access public
     * @return bool
     */
    public function usesIV()
    {
        return $this->mode != self::MODE_GCM && $this->mode != self::MODE_ECB;
    }
 
    /**
     * Returns whether or not the algorithm uses a nonce
     *
     * @access public
     * @return bool
     */
    public function usesNonce()
    {
        return $this->mode == self::MODE_GCM;
    }
 
    /**
     * Returns the current key length in bits
     *
     * @access public
     * @return int
     */
    public function getKeyLength()
    {
        return $this->key_length << 3;
    }
 
    /**
     * Returns the current block length in bits
     *
     * @access public
     * @return int
     */
    public function getBlockLength()
    {
        return $this->block_size << 3;
    }
 
    /**
     * Returns the current block length in bytes
     *
     * @access public
     * @return int
     */
    public function getBlockLengthInBytes()
    {
        return $this->block_size;

    /**
     * Sets the key length.
     *
     * Keys with explicitly set lengths need to be treated accordingly
     *
     * @access public
     * @param int $length
     */
    public function setKeyLength($length)
    {
        $this->explicit_key_length = $length >> 3;

     *
     * If the key is not explicitly set, it'll be assumed to be all null bytes.
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @access public
     * @param string $key
     */
    public function setKey($key)
    {
        if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) {

     * @param string $password
     * @param string $method
     * @param string[] ...$func_args
     * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length
     * @return bool
     * @access public
     */
    public function setPassword($password, $method = 'pbkdf2', ...$func_args)
    {
        $key = '';
 

     * As discussed here:
     *
     * {@link https://tools.ietf.org/html/rfc7292#appendix-B}
     *
     * @see self::setPassword()
     * @access private
     * @param int $n
     * @param \phpseclib3\Crypt\Hash $hashObj
     * @param string $i
     * @param string $d
     * @param int $count

     * length.
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::decrypt()
     * @access public
     * @param string $plaintext
     * @return string $ciphertext
     */
    public function encrypt($plaintext)
    {

     * it is.
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::encrypt()
     * @access public
     * @param string $ciphertext
     * @return string $plaintext
     * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size
     */
    public function decrypt($ciphertext)

     * Only used in GCM or Poly1305 mode
     *
     * @see self::encrypt()
     * @param int $length optional
     * @return string
     * @access public
     * @throws \LengthException if $length isn't of a sufficient length
     * @throws \RuntimeException if GCM mode isn't being used
     */
    public function getTag($length = 16)
    {

     *
     * Only used in GCM mode
     *
     * @see self::decrypt()
     * @param string $tag
     * @access public
     * @throws \LengthException if $length isn't of a sufficient length
     * @throws \RuntimeException if GCM mode isn't being used
     */
    public function setTag($tag)
    {

     *
     * @see self::encrypt()
     * @see self::decrypt()
     * @param string $iv
     * @return string
     * @access private
     */
    protected function getIV($iv)
    {
        return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv;
    }

     * @see self::decrypt()
     * @param string $plaintext
     * @param string $encryptIV
     * @param array $buffer
     * @return string
     * @access private
     */
    private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer)
    {
        $ciphertext = '';
 

     * @see self::decrypt()
     * @param string $plaintext
     * @param string $encryptIV
     * @param array $buffer
     * @return string
     * @access private
     */
    private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer)
    {
        if (strlen($buffer['xor'])) {
            $ciphertext = $plaintext ^ $buffer['xor'];

     * phpseclib <-> OpenSSL Mode Mapper
     *
     * May need to be overwritten by classes extending this one in some cases
     *
     * @return string
     * @access private
     */
    protected function openssl_translate_mode()
    {
        switch ($this->mode) {
            case self::MODE_ECB:

     * where "packets" are padded with random bytes before being encrypted.  Unpad these packets and you risk stripping
     * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
     * transmitted separately)
     *
     * @see self::disablePadding()
     * @access public
     */
    public function enablePadding()
    {
        $this->padding = true;
    }
 
    /**
     * Do not pad packets.
     *
     * @see self::enablePadding()
     * @access public
     */
    public function disablePadding()
    {
        $this->padding = false;
    }

     * however, they are also less intuitive and more likely to cause you problems.
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::disableContinuousBuffer()
     * @access public
     */
    public function enableContinuousBuffer()
    {
        if ($this->mode == self::MODE_ECB) {
            return;

     * The default behavior.
     *
     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::enableContinuousBuffer()
     * @access public
     */
    public function disableContinuousBuffer()
    {
        if ($this->mode == self::MODE_ECB) {
            return;

    /**
     * Test for engine validity
     *
     * @see self::__construct()
     * @param int $engine
     * @access private
     * @return bool
     */
    protected function isValidEngineHelper($engine)
    {
        switch ($engine) {

    /**
     * Test for engine validity
     *
     * @see self::__construct()
     * @param string $engine
     * @access public
     * @return bool
     */
    public function isValidEngine($engine)
    {
        static $reverseMap;

     *
     * If the preferred crypt engine is not available the fastest available one will be used
     *
     * @see self::__construct()
     * @param string $engine
     * @access public
     */
    public function setPreferredEngine($engine)
    {
        static $reverseMap;
        if (!isset($reverseMap)) {

 
    /**
     * Returns the engine currently being utilized
     *
     * @see self::setEngine()
     * @access public
     */
    public function getEngine()
    {
        return self::ENGINE_MAP[$this->engine];
    }
 
    /**
     * Sets the engine as appropriate
     *
     * @see self::__construct()
     * @access private
     */
    protected function setEngine()
    {
        $this->engine = null;
 

    /**
     * Encrypts a block
     *
     * Note: Must be extended by the child \phpseclib3\Crypt\* class
     *
     * @access private
     * @param string $in
     * @return string
     */
    abstract protected function encryptBlock($in);
 
    /**
     * Decrypts a block
     *
     * Note: Must be extended by the child \phpseclib3\Crypt\* class
     *
     * @access private
     * @param string $in
     * @return string
     */
    abstract protected function decryptBlock($in);
 

     * Only used if $engine == self::ENGINE_INTERNAL
     *
     * Note: Must extend by the child \phpseclib3\Crypt\* class
     *
     * @see self::setup()
     * @access private
     */
    abstract protected function setupKey();
 
    /**
     * Setup the self::ENGINE_INTERNAL $engine

     * {@internal Could, but not must, extend by the child Crypt_* class}
     *
     * @see self::setKey()
     * @see self::setIV()
     * @see self::disableContinuousBuffer()
     * @access private
     */
    protected function setup()
    {
        if (!$this->changed) {
            return;

     * and padding will, hence forth, be enabled.
     *
     * @see self::unpad()
     * @param string $text
     * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size
     * @access private
     * @return string
     */
    protected function pad($text)
    {
        $length = strlen($text);

     * and false will be returned.
     *
     * @see self::pad()
     * @param string $text
     * @throws \LengthException if the ciphertext's length is not a multiple of the block size
     * @access private
     * @return string
     */
    protected function unpad($text)
    {
        if (!$this->padding) {

     *
     * @see self::setup()
     * @see self::createInlineCryptFunction()
     * @see self::encrypt()
     * @see self::decrypt()
     * @access private
     */
    //protected function setupInlineCrypt();
 
    /**
     * Creates the performance-optimized function for en/decrypt()

     *
     * @see self::setupInlineCrypt()
     * @see self::encrypt()
     * @see self::decrypt()
     * @param array $cipher_code
     * @access private
     * @return string (the name of the created callback function)
     */
    protected function createInlineCryptFunction($cipher_code)
    {
        $block_size = $this->block_size;

    /**
     * Convert float to int
     *
     * On ARM CPUs converting floats to ints doesn't always work
     *
     * @access private
     * @param string $x
     * @return int
     */
    protected static function safe_intval($x)
    {

    }
 
    /**
     * eval()'able string for in-line float to int
     *
     * @access private
     * @return string
     */
    protected static function safe_intval_inline()
    {
        switch (true) {

     * Sets up GCM parameters
     *
     * See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23
     * for more info
     *
     * @access private
     */
    private function setupGCM()
    {
        // don't keep on re-calculating $this->h
        if (!$this->h || $this->h->key != $this->key) {

     * See https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=20
     * for more info
     *
     * @see self::decrypt()
     * @see self::encrypt()
     * @access private
     * @param string $x
     * @return string
     */
    private function ghash($x)
    {

     * Returns the bit length of a string in a packed format
     *
     * @see self::decrypt()
     * @see self::encrypt()
     * @see self::setupGCM()
     * @access private
     * @param string $str
     * @return string
     */
    private static function len64($str)
    {

     * NULL pads a string to be a multiple of 128
     *
     * @see self::decrypt()
     * @see self::encrypt()
     * @see self::setupGCM()
     * @access private
     * @param string $str
     * @return string
     */
    protected static function nullPad128($str)
    {

     * On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation
     * it takes 1.2s.
     *
     * @see self::decrypt()
     * @see self::encrypt()
     * @access private
     * @param string $text
     * @return string
     */
    protected function poly1305($text)
    {

    /**
     * Return the mode
     *
     * You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode
     *
     * @access public
     * @return string
     */
    public function getMode()
    {
        return array_flip(self::MODE_MAP)[$this->mode];

Rev 846	Rev 874
Line 23...	Line 23...
23	* - Look at the source code of the current ciphers how they extend \phpseclib3\Crypt\Common\SymmetricKey	23	* - Look at the source code of the current ciphers how they extend \phpseclib3\Crypt\Common\SymmetricKey
24	* and take one of them as a start up for the new cipher class.	24	* and take one of them as a start up for the new cipher class.
25	*	25	*
26	* - Please read all the other comments/notes/hints here also for each class var/method	26	* - Please read all the other comments/notes/hints here also for each class var/method
27	*	27	*
-		28	* @category Crypt
-		29	* @package Base
28	* @author Jim Wigginton <terrafrost@php.net>	30	* @author Jim Wigginton <terrafrost@php.net>
29	* @author Hans-Juergen Petrich <petrich@tronic-media.com>	31	* @author Hans-Juergen Petrich <petrich@tronic-media.com>
30	* @copyright 2007 Jim Wigginton	32	* @copyright 2007 Jim Wigginton
31	* @license http://www.opensource.org/licenses/mit-license.html MIT License	33	* @license http://www.opensource.org/licenses/mit-license.html MIT License
32	* @link http://phpseclib.sourceforge.net	34	* @link http://phpseclib.sourceforge.net
Line 46...	Line 48...
46	use phpseclib3\Math\PrimeField;	48	use phpseclib3\Math\PrimeField;
47		49
48	/**	50	/**
49	* Base Class for all \phpseclib3\Crypt\* cipher classes	51	* Base Class for all \phpseclib3\Crypt\* cipher classes
50	*	52	*
-		53	* @package Base
51	* @author Jim Wigginton <terrafrost@php.net>	54	* @author Jim Wigginton <terrafrost@php.net>
52	* @author Hans-Juergen Petrich <petrich@tronic-media.com>	55	* @author Hans-Juergen Petrich <petrich@tronic-media.com>
53	*/	56	*/
54	abstract class SymmetricKey	57	abstract class SymmetricKey
55	{	58	{
Line 57...	Line 60...
57	* Encrypt / decrypt using the Counter mode.	60	* Encrypt / decrypt using the Counter mode.
58	*	61	*
59	* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.	62	* Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
60	*	63	*
61	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29	64	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
-		65	* @access public
62	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	66	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
63	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	67	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
64	*/	68	*/
65	const MODE_CTR = -1;	69	const MODE_CTR = -1;
66	/**	70	/**
67	* Encrypt / decrypt using the Electronic Code Book mode.	71	* Encrypt / decrypt using the Electronic Code Book mode.
68	*	72	*
69	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29	73	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
-		74	* @access public
70	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	75	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
71	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	76	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
72	*/	77	*/
73	const MODE_ECB = 1;	78	const MODE_ECB = 1;
74	/**	79	/**
75	* Encrypt / decrypt using the Code Book Chaining mode.	80	* Encrypt / decrypt using the Code Book Chaining mode.
76	*	81	*
77	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29	82	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
-		83	* @access public
78	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	84	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
79	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	85	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
80	*/	86	*/
81	const MODE_CBC = 2;	87	const MODE_CBC = 2;
82	/**	88	/**
83	* Encrypt / decrypt using the Cipher Feedback mode.	89	* Encrypt / decrypt using the Cipher Feedback mode.
84	*	90	*
85	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29	91	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
-		92	* @access public
86	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	93	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
87	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	94	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
88	*/	95	*/
89	const MODE_CFB = 3;	96	const MODE_CFB = 3;
90	/**	97	/**
91	* Encrypt / decrypt using the Cipher Feedback mode (8bit)	98	* Encrypt / decrypt using the Cipher Feedback mode (8bit)
92	*	99	*
-		100	* @access public
93	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	101	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
94	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	102	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
95	*/	103	*/
96	const MODE_CFB8 = 7;	104	const MODE_CFB8 = 7;
97	/**	105	/**
98	* Encrypt / decrypt using the Output Feedback mode (8bit)	106	* Encrypt / decrypt using the Output Feedback mode (8bit)
99	*	107	*
-		108	* @access public
100	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	109	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
101	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	110	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
102	*/	111	*/
103	const MODE_OFB8 = 8;	112	const MODE_OFB8 = 8;
104	/**	113	/**
105	* Encrypt / decrypt using the Output Feedback mode.	114	* Encrypt / decrypt using the Output Feedback mode.
106	*	115	*
107	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29	116	* @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
-		117	* @access public
108	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	118	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
109	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	119	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
110	*/	120	*/
111	const MODE_OFB = 4;	121	const MODE_OFB = 4;
112	/**	122	/**
113	* Encrypt / decrypt using Galois/Counter mode.	123	* Encrypt / decrypt using Galois/Counter mode.
114	*	124	*
115	* @link https://en.wikipedia.org/wiki/Galois/Counter_Mode	125	* @link https://en.wikipedia.org/wiki/Galois/Counter_Mode
-		126	* @access public
116	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	127	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
117	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	128	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
118	*/	129	*/
119	const MODE_GCM = 5;	130	const MODE_GCM = 5;
120	/**	131	/**
121	* Encrypt / decrypt using streaming mode.	132	* Encrypt / decrypt using streaming mode.
122	*	133	*
-		134	* @access public
123	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()	135	* @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
124	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()	136	* @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
125	*/	137	*/
126	const MODE_STREAM = 6;	138	const MODE_STREAM = 6;
127		139
128	/**	140	/**
129	* Mode Map	141	* Mode Map
130	*	142	*
-		143	* @access private
131	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	144	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
132	*/	145	*/
133	const MODE_MAP = [	146	const MODE_MAP = [
134	'ctr' => self::MODE_CTR,	147	'ctr' => self::MODE_CTR,
135	'ecb' => self::MODE_ECB,	148	'ecb' => self::MODE_ECB,
Line 143...	Line 156...
143	];	156	];
144		157
145	/**	158	/**
146	* Base value for the internal implementation $engine switch	159	* Base value for the internal implementation $engine switch
147	*	160	*
-		161	* @access private
148	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	162	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
149	*/	163	*/
150	const ENGINE_INTERNAL = 1;	164	const ENGINE_INTERNAL = 1;
151	/**	165	/**
152	* Base value for the eval() implementation $engine switch	166	* Base value for the eval() implementation $engine switch
153	*	167	*
-		168	* @access private
154	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	169	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
155	*/	170	*/
156	const ENGINE_EVAL = 2;	171	const ENGINE_EVAL = 2;
157	/**	172	/**
158	* Base value for the mcrypt implementation $engine switch	173	* Base value for the mcrypt implementation $engine switch
159	*	174	*
-		175	* @access private
160	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	176	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
161	*/	177	*/
162	const ENGINE_MCRYPT = 3;	178	const ENGINE_MCRYPT = 3;
163	/**	179	/**
164	* Base value for the openssl implementation $engine switch	180	* Base value for the openssl implementation $engine switch
165	*	181	*
-		182	* @access private
166	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	183	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
167	*/	184	*/
168	const ENGINE_OPENSSL = 4;	185	const ENGINE_OPENSSL = 4;
169	/**	186	/**
170	* Base value for the libsodium implementation $engine switch	187	* Base value for the libsodium implementation $engine switch
171	*	188	*
-		189	* @access private
172	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	190	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
173	*/	191	*/
174	const ENGINE_LIBSODIUM = 5;	192	const ENGINE_LIBSODIUM = 5;
175	/**	193	/**
176	* Base value for the openssl / gcm implementation $engine switch	194	* Base value for the openssl / gcm implementation $engine switch
177	*	195	*
-		196	* @access private
178	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()	197	* @see \phpseclib3\Crypt\Common\SymmetricKey::__construct()
179	*/	198	*/
180	const ENGINE_OPENSSL_GCM = 6;	199	const ENGINE_OPENSSL_GCM = 6;
181		200
182	/**	201	/**
183	* Engine Reverse Map	202	* Engine Reverse Map
184	*	203	*
-		204	* @access private
185	* @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine()	205	* @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine()
186	*/	206	*/
187	const ENGINE_MAP = [	207	const ENGINE_MAP = [
188	self::ENGINE_INTERNAL => 'PHP',	208	self::ENGINE_INTERNAL => 'PHP',
189	self::ENGINE_EVAL => 'Eval',	209	self::ENGINE_EVAL => 'Eval',
Line 196...	Line 216...
196	/**	216	/**
197	* The Encryption Mode	217	* The Encryption Mode
198	*	218	*
199	* @see self::__construct()	219	* @see self::__construct()
200	* @var int	220	* @var int
-		221	* @access private
201	*/	222	*/
202	protected $mode;	223	protected $mode;
203		224
204	/**	225	/**
205	* The Block Length of the block cipher	226	* The Block Length of the block cipher
206	*	227	*
207	* @var int	228	* @var int
-		229	* @access private
208	*/	230	*/
209	protected $block_size = 16;	231	protected $block_size = 16;
210		232
211	/**	233	/**
212	* The Key	234	* The Key
213	*	235	*
214	* @see self::setKey()	236	* @see self::setKey()
215	* @var string	237	* @var string
-		238	* @access private
216	*/	239	*/
217	protected $key = false;	240	protected $key = false;
218		241
219	/**	242	/**
220	* The Initialization Vector	243	* The Initialization Vector
221	*	244	*
222	* @see self::setIV()	245	* @see self::setIV()
223	* @var string	246	* @var string
-		247	* @access private
224	*/	248	*/
225	protected $iv = false;	249	protected $iv = false;
226		250
227	/**	251	/**
228	* A "sliding" Initialization Vector	252	* A "sliding" Initialization Vector
229	*	253	*
230	* @see self::enableContinuousBuffer()	254	* @see self::enableContinuousBuffer()
231	* @see self::clearBuffers()	255	* @see self::clearBuffers()
232	* @var string	256	* @var string
-		257	* @access private
233	*/	258	*/
234	protected $encryptIV;	259	protected $encryptIV;
235		260
236	/**	261	/**
237	* A "sliding" Initialization Vector	262	* A "sliding" Initialization Vector
238	*	263	*
239	* @see self::enableContinuousBuffer()	264	* @see self::enableContinuousBuffer()
240	* @see self::clearBuffers()	265	* @see self::clearBuffers()
241	* @var string	266	* @var string
-		267	* @access private
242	*/	268	*/
243	protected $decryptIV;	269	protected $decryptIV;
244		270
245	/**	271	/**
246	* Continuous Buffer status	272	* Continuous Buffer status
247	*	273	*
248	* @see self::enableContinuousBuffer()	274	* @see self::enableContinuousBuffer()
249	* @var bool	275	* @var bool
-		276	* @access private
250	*/	277	*/
251	protected $continuousBuffer = false;	278	protected $continuousBuffer = false;
252		279
253	/**	280	/**
254	* Encryption buffer for CTR, OFB and CFB modes	281	* Encryption buffer for CTR, OFB and CFB modes
255	*	282	*
256	* @see self::encrypt()	283	* @see self::encrypt()
257	* @see self::clearBuffers()	284	* @see self::clearBuffers()
258	* @var array	285	* @var array
-		286	* @access private
259	*/	287	*/
260	protected $enbuffer;	288	protected $enbuffer;
261		289
262	/**	290	/**
263	* Decryption buffer for CTR, OFB and CFB modes	291	* Decryption buffer for CTR, OFB and CFB modes
264	*	292	*
265	* @see self::decrypt()	293	* @see self::decrypt()
266	* @see self::clearBuffers()	294	* @see self::clearBuffers()
267	* @var array	295	* @var array
-		296	* @access private
268	*/	297	*/
269	protected $debuffer;	298	protected $debuffer;
270		299
271	/**	300	/**
272	* mcrypt resource for encryption	301	* mcrypt resource for encryption
Line 274...	Line 303...
274	* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.	303	* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
275	* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.	304	* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
276	*	305	*
277	* @see self::encrypt()	306	* @see self::encrypt()
278	* @var resource	307	* @var resource
-		308	* @access private
279	*/	309	*/
280	private $enmcrypt;	310	private $enmcrypt;
281		311
282	/**	312	/**
283	* mcrypt resource for decryption	313	* mcrypt resource for decryption
Line 285...	Line 315...
285	* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.	315	* The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
286	* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.	316	* Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
287	*	317	*
288	* @see self::decrypt()	318	* @see self::decrypt()
289	* @var resource	319	* @var resource
-		320	* @access private
290	*/	321	*/
291	private $demcrypt;	322	private $demcrypt;
292		323
293	/**	324	/**
294	* Does the enmcrypt resource need to be (re)initialized?	325	* Does the enmcrypt resource need to be (re)initialized?
295	*	326	*
296	* @see \phpseclib3\Crypt\Twofish::setKey()	327	* @see \phpseclib3\Crypt\Twofish::setKey()
297	* @see \phpseclib3\Crypt\Twofish::setIV()	328	* @see \phpseclib3\Crypt\Twofish::setIV()
298	* @var bool	329	* @var bool
-		330	* @access private
299	*/	331	*/
300	private $enchanged = true;	332	private $enchanged = true;
301		333
302	/**	334	/**
303	* Does the demcrypt resource need to be (re)initialized?	335	* Does the demcrypt resource need to be (re)initialized?
304	*	336	*
305	* @see \phpseclib3\Crypt\Twofish::setKey()	337	* @see \phpseclib3\Crypt\Twofish::setKey()
306	* @see \phpseclib3\Crypt\Twofish::setIV()	338	* @see \phpseclib3\Crypt\Twofish::setIV()
307	* @var bool	339	* @var bool
-		340	* @access private
308	*/	341	*/
309	private $dechanged = true;	342	private $dechanged = true;
310		343
311	/**	344	/**
312	* mcrypt resource for CFB mode	345	* mcrypt resource for CFB mode
Line 321...	Line 354...
321	* @link http://phpseclib.sourceforge.net/cfb-demo.phps	354	* @link http://phpseclib.sourceforge.net/cfb-demo.phps
322	* @see self::encrypt()	355	* @see self::encrypt()
323	* @see self::decrypt()	356	* @see self::decrypt()
324	* @see self::setupMcrypt()	357	* @see self::setupMcrypt()
325	* @var resource	358	* @var resource
-		359	* @access private
326	*/	360	*/
327	private $ecb;	361	private $ecb;
328		362
329	/**	363	/**
330	* Optimizing value while CFB-encrypting	364	* Optimizing value while CFB-encrypting
Line 342...	Line 376...
342	* which, typically, depends on the complexity	376	* which, typically, depends on the complexity
343	* on its internaly Key-expanding algorithm.	377	* on its internaly Key-expanding algorithm.
344	*	378	*
345	* @see self::encrypt()	379	* @see self::encrypt()
346	* @var int	380	* @var int
-		381	* @access private
347	*/	382	*/
348	protected $cfb_init_len = 600;	383	protected $cfb_init_len = 600;
349		384
350	/**	385	/**
351	* Does internal cipher state need to be (re)initialized?	386	* Does internal cipher state need to be (re)initialized?
352	*	387	*
353	* @see self::setKey()	388	* @see self::setKey()
354	* @see self::setIV()	389	* @see self::setIV()
355	* @see self::disableContinuousBuffer()	390	* @see self::disableContinuousBuffer()
356	* @var bool	391	* @var bool
-		392	* @access private
357	*/	393	*/
358	protected $changed = true;	394	protected $changed = true;
359		395
360	/**	396	/**
361	* Does Eval engie need to be (re)initialized?	397	* Does Eval engie need to be (re)initialized?
362	*	398	*
363	* @see self::setup()	399	* @see self::setup()
364	* @var bool	400	* @var bool
-		401	* @access private
365	*/	402	*/
366	protected $nonIVChanged = true;	403	protected $nonIVChanged = true;
367		404
368	/**	405	/**
369	* Padding status	406	* Padding status
370	*	407	*
371	* @see self::enablePadding()	408	* @see self::enablePadding()
372	* @var bool	409	* @var bool
-		410	* @access private
373	*/	411	*/
374	private $padding = true;	412	private $padding = true;
375		413
376	/**	414	/**
377	* Is the mode one that is paddable?	415	* Is the mode one that is paddable?
378	*	416	*
379	* @see self::__construct()	417	* @see self::__construct()
380	* @var bool	418	* @var bool
-		419	* @access private
381	*/	420	*/
382	private $paddable = false;	421	private $paddable = false;
383		422
384	/**	423	/**
385	* Holds which crypt engine internaly should be use,	424	* Holds which crypt engine internaly should be use,
Line 395...	Line 434...
395	*	434	*
396	* @see self::setEngine()	435	* @see self::setEngine()
397	* @see self::encrypt()	436	* @see self::encrypt()
398	* @see self::decrypt()	437	* @see self::decrypt()
399	* @var int	438	* @var int
-		439	* @access private
400	*/	440	*/
401	protected $engine;	441	protected $engine;
402		442
403	/**	443	/**
404	* Holds the preferred crypt engine	444	* Holds the preferred crypt engine
405	*	445	*
406	* @see self::setEngine()	446	* @see self::setEngine()
407	* @see self::setPreferredEngine()	447	* @see self::setPreferredEngine()
408	* @var int	448	* @var int
-		449	* @access private
409	*/	450	*/
410	private $preferredEngine;	451	private $preferredEngine;
411		452
412	/**	453	/**
413	* The mcrypt specific name of the cipher	454	* The mcrypt specific name of the cipher
Line 416...	Line 457...
416	*	457	*
417	* @link http://www.php.net/mcrypt_module_open	458	* @link http://www.php.net/mcrypt_module_open
418	* @link http://www.php.net/mcrypt_list_algorithms	459	* @link http://www.php.net/mcrypt_list_algorithms
419	* @see self::setupMcrypt()	460	* @see self::setupMcrypt()
420	* @var string	461	* @var string
-		462	* @access private
421	*/	463	*/
422	protected $cipher_name_mcrypt;	464	protected $cipher_name_mcrypt;
423		465
424	/**	466	/**
425	* The openssl specific name of the cipher	467	* The openssl specific name of the cipher
426	*	468	*
427	* Only used if $engine == self::ENGINE_OPENSSL	469	* Only used if $engine == self::ENGINE_OPENSSL
428	*	470	*
429	* @link http://www.php.net/openssl-get-cipher-methods	471	* @link http://www.php.net/openssl-get-cipher-methods
430	* @var string	472	* @var string
-		473	* @access private
431	*/	474	*/
432	protected $cipher_name_openssl;	475	protected $cipher_name_openssl;
433		476
434	/**	477	/**
435	* The openssl specific name of the cipher in ECB mode	478	* The openssl specific name of the cipher in ECB mode
Line 437...	Line 480...
437	* If OpenSSL does not support the mode we're trying to use (CTR)	480	* If OpenSSL does not support the mode we're trying to use (CTR)
438	* it can still be emulated with ECB mode.	481	* it can still be emulated with ECB mode.
439	*	482	*
440	* @link http://www.php.net/openssl-get-cipher-methods	483	* @link http://www.php.net/openssl-get-cipher-methods
441	* @var string	484	* @var string
-		485	* @access private
442	*/	486	*/
443	protected $cipher_name_openssl_ecb;	487	protected $cipher_name_openssl_ecb;
444		488
445	/**	489	/**
446	* The default salt used by setPassword()	490	* The default salt used by setPassword()
447	*	491	*
448	* @see self::setPassword()	492	* @see self::setPassword()
449	* @var string	493	* @var string
-		494	* @access private
450	*/	495	*/
451	private $password_default_salt = 'phpseclib/salt';	496	private $password_default_salt = 'phpseclib/salt';
452		497
453	/**	498	/**
454	* The name of the performance-optimized callback function	499	* The name of the performance-optimized callback function
Line 458...	Line 503...
458	*	503	*
459	* @see self::encrypt()	504	* @see self::encrypt()
460	* @see self::decrypt()	505	* @see self::decrypt()
461	* @see self::setupInlineCrypt()	506	* @see self::setupInlineCrypt()
462	* @var Callback	507	* @var Callback
-		508	* @access private
463	*/	509	*/
464	protected $inline_crypt;	510	protected $inline_crypt;
465		511
466	/**	512	/**
467	* If OpenSSL can be used in ECB but not in CTR we can emulate CTR	513	* If OpenSSL can be used in ECB but not in CTR we can emulate CTR
468	*	514	*
469	* @see self::openssl_ctr_process()	515	* @see self::openssl_ctr_process()
470	* @var bool	516	* @var bool
-		517	* @access private
471	*/	518	*/
472	private $openssl_emulate_ctr = false;	519	private $openssl_emulate_ctr = false;
473		520
474	/**	521	/**
475	* Don't truncate / null pad key	522	* Don't truncate / null pad key
476	*	523	*
477	* @see self::clearBuffers()	524	* @see self::clearBuffers()
478	* @var bool	525	* @var bool
-		526	* @access private
479	*/	527	*/
480	private $skip_key_adjustment = false;	528	private $skip_key_adjustment = false;
481		529
482	/**	530	/**
483	* Has the key length explicitly been set or should it be derived from the key, itself?	531	* Has the key length explicitly been set or should it be derived from the key, itself?
484	*	532	*
485	* @see self::setKeyLength()	533	* @see self::setKeyLength()
486	* @var bool	534	* @var bool
-		535	* @access private
487	*/	536	*/
488	protected $explicit_key_length = false;	537	protected $explicit_key_length = false;
489		538
490	/**	539	/**
491	* Hash subkey for GHASH	540	* Hash subkey for GHASH
492	*	541	*
493	* @see self::setupGCM()	542	* @see self::setupGCM()
494	* @see self::ghash()	543	* @see self::ghash()
495	* @var BinaryField\Integer	544	* @var BinaryField\Integer
-		545	* @access private
496	*/	546	*/
497	private $h;	547	private $h;
498		548
499	/**	549	/**
500	* Additional authenticated data	550	* Additional authenticated data
501	*	551	*
502	* @var string	552	* @var string
-		553	* @access private
503	*/	554	*/
504	protected $aad = '';	555	protected $aad = '';
505		556
506	/**	557	/**
507	* Authentication Tag produced after a round of encryption	558	* Authentication Tag produced after a round of encryption
508	*	559	*
509	* @var string	560	* @var string
-		561	* @access private
510	*/	562	*/
511	protected $newtag = false;	563	protected $newtag = false;
512		564
513	/**	565	/**
514	* Authentication Tag to be verified during decryption	566	* Authentication Tag to be verified during decryption
515	*	567	*
516	* @var string	568	* @var string
-		569	* @access private
517	*/	570	*/
518	protected $oldtag = false;	571	protected $oldtag = false;
519		572

Subversion Repositories oidplus

oidplus/trunk/vendor/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php – Rev 846 → 874