Rev 846 | Rev 1042 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 846 | Rev 874 | ||
---|---|---|---|
Line 23... | Line 23... | ||
23 | * - Look at the source code of the current ciphers how they extend \phpseclib3\Crypt\Common\SymmetricKey |
23 | * - Look at the source code of the current ciphers how they extend \phpseclib3\Crypt\Common\SymmetricKey |
24 | * and take one of them as a start up for the new cipher class. |
24 | * and take one of them as a start up for the new cipher class. |
25 | * |
25 | * |
26 | * - Please read all the other comments/notes/hints here also for each class var/method |
26 | * - Please read all the other comments/notes/hints here also for each class var/method |
27 | * |
27 | * |
- | 28 | * @category Crypt |
|
- | 29 | * @package Base |
|
28 | * @author Jim Wigginton <terrafrost@php.net> |
30 | * @author Jim Wigginton <terrafrost@php.net> |
29 | * @author Hans-Juergen Petrich <petrich@tronic-media.com> |
31 | * @author Hans-Juergen Petrich <petrich@tronic-media.com> |
30 | * @copyright 2007 Jim Wigginton |
32 | * @copyright 2007 Jim Wigginton |
31 | * @license http://www.opensource.org/licenses/mit-license.html MIT License |
33 | * @license http://www.opensource.org/licenses/mit-license.html MIT License |
32 | * @link http://phpseclib.sourceforge.net |
34 | * @link http://phpseclib.sourceforge.net |
Line 46... | Line 48... | ||
46 | use phpseclib3\Math\PrimeField; |
48 | use phpseclib3\Math\PrimeField; |
47 | 49 | ||
48 | /** |
50 | /** |
49 | * Base Class for all \phpseclib3\Crypt\* cipher classes |
51 | * Base Class for all \phpseclib3\Crypt\* cipher classes |
50 | * |
52 | * |
- | 53 | * @package Base |
|
51 | * @author Jim Wigginton <terrafrost@php.net> |
54 | * @author Jim Wigginton <terrafrost@php.net> |
52 | * @author Hans-Juergen Petrich <petrich@tronic-media.com> |
55 | * @author Hans-Juergen Petrich <petrich@tronic-media.com> |
53 | */ |
56 | */ |
54 | abstract class SymmetricKey |
57 | abstract class SymmetricKey |
55 | { |
58 | { |
Line 57... | Line 60... | ||
57 | * Encrypt / decrypt using the Counter mode. |
60 | * Encrypt / decrypt using the Counter mode. |
58 | * |
61 | * |
59 | * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. |
62 | * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode. |
60 | * |
63 | * |
61 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 |
64 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29 |
- | 65 | * @access public |
|
62 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
66 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
63 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
67 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
64 | */ |
68 | */ |
65 | const MODE_CTR = -1; |
69 | const MODE_CTR = -1; |
66 | /** |
70 | /** |
67 | * Encrypt / decrypt using the Electronic Code Book mode. |
71 | * Encrypt / decrypt using the Electronic Code Book mode. |
68 | * |
72 | * |
69 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 |
73 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29 |
- | 74 | * @access public |
|
70 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
75 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
71 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
76 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
72 | */ |
77 | */ |
73 | const MODE_ECB = 1; |
78 | const MODE_ECB = 1; |
74 | /** |
79 | /** |
75 | * Encrypt / decrypt using the Code Book Chaining mode. |
80 | * Encrypt / decrypt using the Code Book Chaining mode. |
76 | * |
81 | * |
77 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 |
82 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29 |
- | 83 | * @access public |
|
78 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
84 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
79 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
85 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
80 | */ |
86 | */ |
81 | const MODE_CBC = 2; |
87 | const MODE_CBC = 2; |
82 | /** |
88 | /** |
83 | * Encrypt / decrypt using the Cipher Feedback mode. |
89 | * Encrypt / decrypt using the Cipher Feedback mode. |
84 | * |
90 | * |
85 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 |
91 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29 |
- | 92 | * @access public |
|
86 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
93 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
87 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
94 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
88 | */ |
95 | */ |
89 | const MODE_CFB = 3; |
96 | const MODE_CFB = 3; |
90 | /** |
97 | /** |
91 | * Encrypt / decrypt using the Cipher Feedback mode (8bit) |
98 | * Encrypt / decrypt using the Cipher Feedback mode (8bit) |
92 | * |
99 | * |
- | 100 | * @access public |
|
93 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
101 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
94 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
102 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
95 | */ |
103 | */ |
96 | const MODE_CFB8 = 7; |
104 | const MODE_CFB8 = 7; |
97 | /** |
105 | /** |
98 | * Encrypt / decrypt using the Output Feedback mode (8bit) |
106 | * Encrypt / decrypt using the Output Feedback mode (8bit) |
99 | * |
107 | * |
- | 108 | * @access public |
|
100 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
109 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
101 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
110 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
102 | */ |
111 | */ |
103 | const MODE_OFB8 = 8; |
112 | const MODE_OFB8 = 8; |
104 | /** |
113 | /** |
105 | * Encrypt / decrypt using the Output Feedback mode. |
114 | * Encrypt / decrypt using the Output Feedback mode. |
106 | * |
115 | * |
107 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 |
116 | * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29 |
- | 117 | * @access public |
|
108 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
118 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
109 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
119 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
110 | */ |
120 | */ |
111 | const MODE_OFB = 4; |
121 | const MODE_OFB = 4; |
112 | /** |
122 | /** |
113 | * Encrypt / decrypt using Galois/Counter mode. |
123 | * Encrypt / decrypt using Galois/Counter mode. |
114 | * |
124 | * |
115 | * @link https://en.wikipedia.org/wiki/Galois/Counter_Mode |
125 | * @link https://en.wikipedia.org/wiki/Galois/Counter_Mode |
- | 126 | * @access public |
|
116 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
127 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
117 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
128 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
118 | */ |
129 | */ |
119 | const MODE_GCM = 5; |
130 | const MODE_GCM = 5; |
120 | /** |
131 | /** |
121 | * Encrypt / decrypt using streaming mode. |
132 | * Encrypt / decrypt using streaming mode. |
122 | * |
133 | * |
- | 134 | * @access public |
|
123 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
135 | * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() |
124 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
136 | * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() |
125 | */ |
137 | */ |
126 | const MODE_STREAM = 6; |
138 | const MODE_STREAM = 6; |
127 | 139 | ||
128 | /** |
140 | /** |
129 | * Mode Map |
141 | * Mode Map |
130 | * |
142 | * |
- | 143 | * @access private |
|
131 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
144 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
132 | */ |
145 | */ |
133 | const MODE_MAP = [ |
146 | const MODE_MAP = [ |
134 | 'ctr' => self::MODE_CTR, |
147 | 'ctr' => self::MODE_CTR, |
135 | 'ecb' => self::MODE_ECB, |
148 | 'ecb' => self::MODE_ECB, |
Line 143... | Line 156... | ||
143 | ]; |
156 | ]; |
144 | 157 | ||
145 | /** |
158 | /** |
146 | * Base value for the internal implementation $engine switch |
159 | * Base value for the internal implementation $engine switch |
147 | * |
160 | * |
- | 161 | * @access private |
|
148 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
162 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
149 | */ |
163 | */ |
150 | const ENGINE_INTERNAL = 1; |
164 | const ENGINE_INTERNAL = 1; |
151 | /** |
165 | /** |
152 | * Base value for the eval() implementation $engine switch |
166 | * Base value for the eval() implementation $engine switch |
153 | * |
167 | * |
- | 168 | * @access private |
|
154 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
169 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
155 | */ |
170 | */ |
156 | const ENGINE_EVAL = 2; |
171 | const ENGINE_EVAL = 2; |
157 | /** |
172 | /** |
158 | * Base value for the mcrypt implementation $engine switch |
173 | * Base value for the mcrypt implementation $engine switch |
159 | * |
174 | * |
- | 175 | * @access private |
|
160 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
176 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
161 | */ |
177 | */ |
162 | const ENGINE_MCRYPT = 3; |
178 | const ENGINE_MCRYPT = 3; |
163 | /** |
179 | /** |
164 | * Base value for the openssl implementation $engine switch |
180 | * Base value for the openssl implementation $engine switch |
165 | * |
181 | * |
- | 182 | * @access private |
|
166 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
183 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
167 | */ |
184 | */ |
168 | const ENGINE_OPENSSL = 4; |
185 | const ENGINE_OPENSSL = 4; |
169 | /** |
186 | /** |
170 | * Base value for the libsodium implementation $engine switch |
187 | * Base value for the libsodium implementation $engine switch |
171 | * |
188 | * |
- | 189 | * @access private |
|
172 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
190 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
173 | */ |
191 | */ |
174 | const ENGINE_LIBSODIUM = 5; |
192 | const ENGINE_LIBSODIUM = 5; |
175 | /** |
193 | /** |
176 | * Base value for the openssl / gcm implementation $engine switch |
194 | * Base value for the openssl / gcm implementation $engine switch |
177 | * |
195 | * |
- | 196 | * @access private |
|
178 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
197 | * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() |
179 | */ |
198 | */ |
180 | const ENGINE_OPENSSL_GCM = 6; |
199 | const ENGINE_OPENSSL_GCM = 6; |
181 | 200 | ||
182 | /** |
201 | /** |
183 | * Engine Reverse Map |
202 | * Engine Reverse Map |
184 | * |
203 | * |
- | 204 | * @access private |
|
185 | * @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine() |
205 | * @see \phpseclib3\Crypt\Common\SymmetricKey::getEngine() |
186 | */ |
206 | */ |
187 | const ENGINE_MAP = [ |
207 | const ENGINE_MAP = [ |
188 | self::ENGINE_INTERNAL => 'PHP', |
208 | self::ENGINE_INTERNAL => 'PHP', |
189 | self::ENGINE_EVAL => 'Eval', |
209 | self::ENGINE_EVAL => 'Eval', |
Line 196... | Line 216... | ||
196 | /** |
216 | /** |
197 | * The Encryption Mode |
217 | * The Encryption Mode |
198 | * |
218 | * |
199 | * @see self::__construct() |
219 | * @see self::__construct() |
200 | * @var int |
220 | * @var int |
- | 221 | * @access private |
|
201 | */ |
222 | */ |
202 | protected $mode; |
223 | protected $mode; |
203 | 224 | ||
204 | /** |
225 | /** |
205 | * The Block Length of the block cipher |
226 | * The Block Length of the block cipher |
206 | * |
227 | * |
207 | * @var int |
228 | * @var int |
- | 229 | * @access private |
|
208 | */ |
230 | */ |
209 | protected $block_size = 16; |
231 | protected $block_size = 16; |
210 | 232 | ||
211 | /** |
233 | /** |
212 | * The Key |
234 | * The Key |
213 | * |
235 | * |
214 | * @see self::setKey() |
236 | * @see self::setKey() |
215 | * @var string |
237 | * @var string |
- | 238 | * @access private |
|
216 | */ |
239 | */ |
217 | protected $key = false; |
240 | protected $key = false; |
218 | 241 | ||
219 | /** |
242 | /** |
220 | * The Initialization Vector |
243 | * The Initialization Vector |
221 | * |
244 | * |
222 | * @see self::setIV() |
245 | * @see self::setIV() |
223 | * @var string |
246 | * @var string |
- | 247 | * @access private |
|
224 | */ |
248 | */ |
225 | protected $iv = false; |
249 | protected $iv = false; |
226 | 250 | ||
227 | /** |
251 | /** |
228 | * A "sliding" Initialization Vector |
252 | * A "sliding" Initialization Vector |
229 | * |
253 | * |
230 | * @see self::enableContinuousBuffer() |
254 | * @see self::enableContinuousBuffer() |
231 | * @see self::clearBuffers() |
255 | * @see self::clearBuffers() |
232 | * @var string |
256 | * @var string |
- | 257 | * @access private |
|
233 | */ |
258 | */ |
234 | protected $encryptIV; |
259 | protected $encryptIV; |
235 | 260 | ||
236 | /** |
261 | /** |
237 | * A "sliding" Initialization Vector |
262 | * A "sliding" Initialization Vector |
238 | * |
263 | * |
239 | * @see self::enableContinuousBuffer() |
264 | * @see self::enableContinuousBuffer() |
240 | * @see self::clearBuffers() |
265 | * @see self::clearBuffers() |
241 | * @var string |
266 | * @var string |
- | 267 | * @access private |
|
242 | */ |
268 | */ |
243 | protected $decryptIV; |
269 | protected $decryptIV; |
244 | 270 | ||
245 | /** |
271 | /** |
246 | * Continuous Buffer status |
272 | * Continuous Buffer status |
247 | * |
273 | * |
248 | * @see self::enableContinuousBuffer() |
274 | * @see self::enableContinuousBuffer() |
249 | * @var bool |
275 | * @var bool |
- | 276 | * @access private |
|
250 | */ |
277 | */ |
251 | protected $continuousBuffer = false; |
278 | protected $continuousBuffer = false; |
252 | 279 | ||
253 | /** |
280 | /** |
254 | * Encryption buffer for CTR, OFB and CFB modes |
281 | * Encryption buffer for CTR, OFB and CFB modes |
255 | * |
282 | * |
256 | * @see self::encrypt() |
283 | * @see self::encrypt() |
257 | * @see self::clearBuffers() |
284 | * @see self::clearBuffers() |
258 | * @var array |
285 | * @var array |
- | 286 | * @access private |
|
259 | */ |
287 | */ |
260 | protected $enbuffer; |
288 | protected $enbuffer; |
261 | 289 | ||
262 | /** |
290 | /** |
263 | * Decryption buffer for CTR, OFB and CFB modes |
291 | * Decryption buffer for CTR, OFB and CFB modes |
264 | * |
292 | * |
265 | * @see self::decrypt() |
293 | * @see self::decrypt() |
266 | * @see self::clearBuffers() |
294 | * @see self::clearBuffers() |
267 | * @var array |
295 | * @var array |
- | 296 | * @access private |
|
268 | */ |
297 | */ |
269 | protected $debuffer; |
298 | protected $debuffer; |
270 | 299 | ||
271 | /** |
300 | /** |
272 | * mcrypt resource for encryption |
301 | * mcrypt resource for encryption |
Line 274... | Line 303... | ||
274 | * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. |
303 | * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. |
275 | * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. |
304 | * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. |
276 | * |
305 | * |
277 | * @see self::encrypt() |
306 | * @see self::encrypt() |
278 | * @var resource |
307 | * @var resource |
- | 308 | * @access private |
|
279 | */ |
309 | */ |
280 | private $enmcrypt; |
310 | private $enmcrypt; |
281 | 311 | ||
282 | /** |
312 | /** |
283 | * mcrypt resource for decryption |
313 | * mcrypt resource for decryption |
Line 285... | Line 315... | ||
285 | * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. |
315 | * The mcrypt resource can be recreated every time something needs to be created or it can be created just once. |
286 | * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. |
316 | * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode. |
287 | * |
317 | * |
288 | * @see self::decrypt() |
318 | * @see self::decrypt() |
289 | * @var resource |
319 | * @var resource |
- | 320 | * @access private |
|
290 | */ |
321 | */ |
291 | private $demcrypt; |
322 | private $demcrypt; |
292 | 323 | ||
293 | /** |
324 | /** |
294 | * Does the enmcrypt resource need to be (re)initialized? |
325 | * Does the enmcrypt resource need to be (re)initialized? |
295 | * |
326 | * |
296 | * @see \phpseclib3\Crypt\Twofish::setKey() |
327 | * @see \phpseclib3\Crypt\Twofish::setKey() |
297 | * @see \phpseclib3\Crypt\Twofish::setIV() |
328 | * @see \phpseclib3\Crypt\Twofish::setIV() |
298 | * @var bool |
329 | * @var bool |
- | 330 | * @access private |
|
299 | */ |
331 | */ |
300 | private $enchanged = true; |
332 | private $enchanged = true; |
301 | 333 | ||
302 | /** |
334 | /** |
303 | * Does the demcrypt resource need to be (re)initialized? |
335 | * Does the demcrypt resource need to be (re)initialized? |
304 | * |
336 | * |
305 | * @see \phpseclib3\Crypt\Twofish::setKey() |
337 | * @see \phpseclib3\Crypt\Twofish::setKey() |
306 | * @see \phpseclib3\Crypt\Twofish::setIV() |
338 | * @see \phpseclib3\Crypt\Twofish::setIV() |
307 | * @var bool |
339 | * @var bool |
- | 340 | * @access private |
|
308 | */ |
341 | */ |
309 | private $dechanged = true; |
342 | private $dechanged = true; |
310 | 343 | ||
311 | /** |
344 | /** |
312 | * mcrypt resource for CFB mode |
345 | * mcrypt resource for CFB mode |
Line 321... | Line 354... | ||
321 | * @link http://phpseclib.sourceforge.net/cfb-demo.phps |
354 | * @link http://phpseclib.sourceforge.net/cfb-demo.phps |
322 | * @see self::encrypt() |
355 | * @see self::encrypt() |
323 | * @see self::decrypt() |
356 | * @see self::decrypt() |
324 | * @see self::setupMcrypt() |
357 | * @see self::setupMcrypt() |
325 | * @var resource |
358 | * @var resource |
- | 359 | * @access private |
|
326 | */ |
360 | */ |
327 | private $ecb; |
361 | private $ecb; |
328 | 362 | ||
329 | /** |
363 | /** |
330 | * Optimizing value while CFB-encrypting |
364 | * Optimizing value while CFB-encrypting |
Line 342... | Line 376... | ||
342 | * which, typically, depends on the complexity |
376 | * which, typically, depends on the complexity |
343 | * on its internaly Key-expanding algorithm. |
377 | * on its internaly Key-expanding algorithm. |
344 | * |
378 | * |
345 | * @see self::encrypt() |
379 | * @see self::encrypt() |
346 | * @var int |
380 | * @var int |
- | 381 | * @access private |
|
347 | */ |
382 | */ |
348 | protected $cfb_init_len = 600; |
383 | protected $cfb_init_len = 600; |
349 | 384 | ||
350 | /** |
385 | /** |
351 | * Does internal cipher state need to be (re)initialized? |
386 | * Does internal cipher state need to be (re)initialized? |
352 | * |
387 | * |
353 | * @see self::setKey() |
388 | * @see self::setKey() |
354 | * @see self::setIV() |
389 | * @see self::setIV() |
355 | * @see self::disableContinuousBuffer() |
390 | * @see self::disableContinuousBuffer() |
356 | * @var bool |
391 | * @var bool |
- | 392 | * @access private |
|
357 | */ |
393 | */ |
358 | protected $changed = true; |
394 | protected $changed = true; |
359 | 395 | ||
360 | /** |
396 | /** |
361 | * Does Eval engie need to be (re)initialized? |
397 | * Does Eval engie need to be (re)initialized? |
362 | * |
398 | * |
363 | * @see self::setup() |
399 | * @see self::setup() |
364 | * @var bool |
400 | * @var bool |
- | 401 | * @access private |
|
365 | */ |
402 | */ |
366 | protected $nonIVChanged = true; |
403 | protected $nonIVChanged = true; |
367 | 404 | ||
368 | /** |
405 | /** |
369 | * Padding status |
406 | * Padding status |
370 | * |
407 | * |
371 | * @see self::enablePadding() |
408 | * @see self::enablePadding() |
372 | * @var bool |
409 | * @var bool |
- | 410 | * @access private |
|
373 | */ |
411 | */ |
374 | private $padding = true; |
412 | private $padding = true; |
375 | 413 | ||
376 | /** |
414 | /** |
377 | * Is the mode one that is paddable? |
415 | * Is the mode one that is paddable? |
378 | * |
416 | * |
379 | * @see self::__construct() |
417 | * @see self::__construct() |
380 | * @var bool |
418 | * @var bool |
- | 419 | * @access private |
|
381 | */ |
420 | */ |
382 | private $paddable = false; |
421 | private $paddable = false; |
383 | 422 | ||
384 | /** |
423 | /** |
385 | * Holds which crypt engine internaly should be use, |
424 | * Holds which crypt engine internaly should be use, |
Line 395... | Line 434... | ||
395 | * |
434 | * |
396 | * @see self::setEngine() |
435 | * @see self::setEngine() |
397 | * @see self::encrypt() |
436 | * @see self::encrypt() |
398 | * @see self::decrypt() |
437 | * @see self::decrypt() |
399 | * @var int |
438 | * @var int |
- | 439 | * @access private |
|
400 | */ |
440 | */ |
401 | protected $engine; |
441 | protected $engine; |
402 | 442 | ||
403 | /** |
443 | /** |
404 | * Holds the preferred crypt engine |
444 | * Holds the preferred crypt engine |
405 | * |
445 | * |
406 | * @see self::setEngine() |
446 | * @see self::setEngine() |
407 | * @see self::setPreferredEngine() |
447 | * @see self::setPreferredEngine() |
408 | * @var int |
448 | * @var int |
- | 449 | * @access private |
|
409 | */ |
450 | */ |
410 | private $preferredEngine; |
451 | private $preferredEngine; |
411 | 452 | ||
412 | /** |
453 | /** |
413 | * The mcrypt specific name of the cipher |
454 | * The mcrypt specific name of the cipher |
Line 416... | Line 457... | ||
416 | * |
457 | * |
417 | * @link http://www.php.net/mcrypt_module_open |
458 | * @link http://www.php.net/mcrypt_module_open |
418 | * @link http://www.php.net/mcrypt_list_algorithms |
459 | * @link http://www.php.net/mcrypt_list_algorithms |
419 | * @see self::setupMcrypt() |
460 | * @see self::setupMcrypt() |
420 | * @var string |
461 | * @var string |
- | 462 | * @access private |
|
421 | */ |
463 | */ |
422 | protected $cipher_name_mcrypt; |
464 | protected $cipher_name_mcrypt; |
423 | 465 | ||
424 | /** |
466 | /** |
425 | * The openssl specific name of the cipher |
467 | * The openssl specific name of the cipher |
426 | * |
468 | * |
427 | * Only used if $engine == self::ENGINE_OPENSSL |
469 | * Only used if $engine == self::ENGINE_OPENSSL |
428 | * |
470 | * |
429 | * @link http://www.php.net/openssl-get-cipher-methods |
471 | * @link http://www.php.net/openssl-get-cipher-methods |
430 | * @var string |
472 | * @var string |
- | 473 | * @access private |
|
431 | */ |
474 | */ |
432 | protected $cipher_name_openssl; |
475 | protected $cipher_name_openssl; |
433 | 476 | ||
434 | /** |
477 | /** |
435 | * The openssl specific name of the cipher in ECB mode |
478 | * The openssl specific name of the cipher in ECB mode |
Line 437... | Line 480... | ||
437 | * If OpenSSL does not support the mode we're trying to use (CTR) |
480 | * If OpenSSL does not support the mode we're trying to use (CTR) |
438 | * it can still be emulated with ECB mode. |
481 | * it can still be emulated with ECB mode. |
439 | * |
482 | * |
440 | * @link http://www.php.net/openssl-get-cipher-methods |
483 | * @link http://www.php.net/openssl-get-cipher-methods |
441 | * @var string |
484 | * @var string |
- | 485 | * @access private |
|
442 | */ |
486 | */ |
443 | protected $cipher_name_openssl_ecb; |
487 | protected $cipher_name_openssl_ecb; |
444 | 488 | ||
445 | /** |
489 | /** |
446 | * The default salt used by setPassword() |
490 | * The default salt used by setPassword() |
447 | * |
491 | * |
448 | * @see self::setPassword() |
492 | * @see self::setPassword() |
449 | * @var string |
493 | * @var string |
- | 494 | * @access private |
|
450 | */ |
495 | */ |
451 | private $password_default_salt = 'phpseclib/salt'; |
496 | private $password_default_salt = 'phpseclib/salt'; |
452 | 497 | ||
453 | /** |
498 | /** |
454 | * The name of the performance-optimized callback function |
499 | * The name of the performance-optimized callback function |
Line 458... | Line 503... | ||
458 | * |
503 | * |
459 | * @see self::encrypt() |
504 | * @see self::encrypt() |
460 | * @see self::decrypt() |
505 | * @see self::decrypt() |
461 | * @see self::setupInlineCrypt() |
506 | * @see self::setupInlineCrypt() |
462 | * @var Callback |
507 | * @var Callback |
- | 508 | * @access private |
|
463 | */ |
509 | */ |
464 | protected $inline_crypt; |
510 | protected $inline_crypt; |
465 | 511 | ||
466 | /** |
512 | /** |
467 | * If OpenSSL can be used in ECB but not in CTR we can emulate CTR |
513 | * If OpenSSL can be used in ECB but not in CTR we can emulate CTR |
468 | * |
514 | * |
469 | * @see self::openssl_ctr_process() |
515 | * @see self::openssl_ctr_process() |
470 | * @var bool |
516 | * @var bool |
- | 517 | * @access private |
|
471 | */ |
518 | */ |
472 | private $openssl_emulate_ctr = false; |
519 | private $openssl_emulate_ctr = false; |
473 | 520 | ||
474 | /** |
521 | /** |
475 | * Don't truncate / null pad key |
522 | * Don't truncate / null pad key |
476 | * |
523 | * |
477 | * @see self::clearBuffers() |
524 | * @see self::clearBuffers() |
478 | * @var bool |
525 | * @var bool |
- | 526 | * @access private |
|
479 | */ |
527 | */ |
480 | private $skip_key_adjustment = false; |
528 | private $skip_key_adjustment = false; |
481 | 529 | ||
482 | /** |
530 | /** |
483 | * Has the key length explicitly been set or should it be derived from the key, itself? |
531 | * Has the key length explicitly been set or should it be derived from the key, itself? |
484 | * |
532 | * |
485 | * @see self::setKeyLength() |
533 | * @see self::setKeyLength() |
486 | * @var bool |
534 | * @var bool |
- | 535 | * @access private |
|
487 | */ |
536 | */ |
488 | protected $explicit_key_length = false; |
537 | protected $explicit_key_length = false; |
489 | 538 | ||
490 | /** |
539 | /** |
491 | * Hash subkey for GHASH |
540 | * Hash subkey for GHASH |
492 | * |
541 | * |
493 | * @see self::setupGCM() |
542 | * @see self::setupGCM() |
494 | * @see self::ghash() |
543 | * @see self::ghash() |
495 | * @var BinaryField\Integer |
544 | * @var BinaryField\Integer |
- | 545 | * @access private |
|
496 | */ |
546 | */ |
497 | private $h; |
547 | private $h; |
498 | 548 | ||
499 | /** |
549 | /** |
500 | * Additional authenticated data |
550 | * Additional authenticated data |
501 | * |
551 | * |
502 | * @var string |
552 | * @var string |
- | 553 | * @access private |
|
503 | */ |
554 | */ |
504 | protected $aad = ''; |
555 | protected $aad = ''; |
505 | 556 | ||
506 | /** |
557 | /** |
507 | * Authentication Tag produced after a round of encryption |
558 | * Authentication Tag produced after a round of encryption |
508 | * |
559 | * |
509 | * @var string |
560 | * @var string |
- | 561 | * @access private |
|
510 | */ |
562 | */ |
511 | protected $newtag = false; |
563 | protected $newtag = false; |
512 | 564 | ||
513 | /** |
565 | /** |
514 | * Authentication Tag to be verified during decryption |
566 | * Authentication Tag to be verified during decryption |
515 | * |
567 | * |
516 | * @var string |
568 | * @var string |
- | 569 | * @access private |
|
517 | */ |
570 | */ |
518 | protected $oldtag = false; |
571 | protected $oldtag = false; |
519 | 572 | ||
520 | /** |
573 | /** |
521 | * GCM Binary Field |
574 | * GCM Binary Field |
522 | * |
575 | * |
523 | * @see self::__construct() |
576 | * @see self::__construct() |
524 | * @see self::ghash() |
577 | * @see self::ghash() |
525 | * @var BinaryField |
578 | * @var BinaryField |
- | 579 | * @access private |
|
526 | */ |
580 | */ |
527 | private static $gcmField; |
581 | private static $gcmField; |
528 | 582 | ||
529 | /** |
583 | /** |
530 | * Poly1305 Prime Field |
584 | * Poly1305 Prime Field |
531 | * |
585 | * |
532 | * @see self::enablePoly1305() |
586 | * @see self::enablePoly1305() |
533 | * @see self::poly1305() |
587 | * @see self::poly1305() |
534 | * @var PrimeField |
588 | * @var PrimeField |
- | 589 | * @access private |
|
535 | */ |
590 | */ |
536 | private static $poly1305Field; |
591 | private static $poly1305Field; |
537 | 592 | ||
538 | /** |
593 | /** |
539 | * Poly1305 Key |
594 | * Poly1305 Key |
540 | * |
595 | * |
541 | * @see self::setPoly1305Key() |
596 | * @see self::setPoly1305Key() |
542 | * @see self::poly1305() |
597 | * @see self::poly1305() |
543 | * @var string |
598 | * @var string |
- | 599 | * @access private |
|
544 | */ |
600 | */ |
545 | protected $poly1305Key; |
601 | protected $poly1305Key; |
546 | 602 | ||
547 | /** |
603 | /** |
548 | * Poly1305 Flag |
604 | * Poly1305 Flag |
549 | * |
605 | * |
550 | * @see self::setPoly1305Key() |
606 | * @see self::setPoly1305Key() |
551 | * @see self::enablePoly1305() |
607 | * @see self::enablePoly1305() |
552 | * @var boolean |
608 | * @var boolean |
- | 609 | * @access private |
|
553 | */ |
610 | */ |
554 | protected $usePoly1305 = false; |
611 | protected $usePoly1305 = false; |
555 | 612 | ||
556 | /** |
613 | /** |
557 | * The Original Initialization Vector |
614 | * The Original Initialization Vector |
Line 559... | Line 616... | ||
559 | * GCM uses the nonce to build the IV but we want to be able to distinguish between nonce-derived |
616 | * GCM uses the nonce to build the IV but we want to be able to distinguish between nonce-derived |
560 | * IV's and user-set IV's |
617 | * IV's and user-set IV's |
561 | * |
618 | * |
562 | * @see self::setIV() |
619 | * @see self::setIV() |
563 | * @var string |
620 | * @var string |
- | 621 | * @access private |
|
564 | */ |
622 | */ |
565 | private $origIV = false; |
623 | private $origIV = false; |
566 | 624 | ||
567 | /** |
625 | /** |
568 | * Nonce |
626 | * Nonce |
Line 570... | Line 628... | ||
570 | * Only used with GCM. We could re-use setIV() but nonce's can be of a different length and |
628 | * Only used with GCM. We could re-use setIV() but nonce's can be of a different length and |
571 | * toggling between GCM and other modes could be more complicated if we re-used setIV() |
629 | * toggling between GCM and other modes could be more complicated if we re-used setIV() |
572 | * |
630 | * |
573 | * @see self::setNonce() |
631 | * @see self::setNonce() |
574 | * @var string |
632 | * @var string |
- | 633 | * @access private |
|
575 | */ |
634 | */ |
576 | protected $nonce = false; |
635 | protected $nonce = false; |
577 | 636 | ||
578 | /** |
637 | /** |
579 | * Default Constructor. |
638 | * Default Constructor. |
Line 595... | Line 654... | ||
595 | * - ofb8 |
654 | * - ofb8 |
596 | * |
655 | * |
597 | * - gcm |
656 | * - gcm |
598 | * |
657 | * |
599 | * @param string $mode |
658 | * @param string $mode |
- | 659 | * @access public |
|
600 | * @throws BadModeException if an invalid / unsupported mode is provided |
660 | * @throws BadModeException if an invalid / unsupported mode is provided |
601 | */ |
661 | */ |
602 | public function __construct($mode) |
662 | public function __construct($mode) |
603 | { |
663 | { |
604 | $mode = strtolower($mode); |
664 | $mode = strtolower($mode); |
Line 645... | Line 705... | ||
645 | * |
705 | * |
646 | * setIV() is not required when ecb or gcm modes are being used. |
706 | * setIV() is not required when ecb or gcm modes are being used. |
647 | * |
707 | * |
648 | * {@internal Can be overwritten by a sub class, but does not have to be} |
708 | * {@internal Can be overwritten by a sub class, but does not have to be} |
649 | * |
709 | * |
- | 710 | * @access public |
|
650 | * @param string $iv |
711 | * @param string $iv |
651 | * @throws \LengthException if the IV length isn't equal to the block size |
712 | * @throws \LengthException if the IV length isn't equal to the block size |
652 | * @throws \BadMethodCallException if an IV is provided when one shouldn't be |
713 | * @throws \BadMethodCallException if an IV is provided when one shouldn't be |
653 | */ |
714 | */ |
654 | public function setIV($iv) |
715 | public function setIV($iv) |
Line 676... | Line 737... | ||
676 | /** |
737 | /** |
677 | * Enables Poly1305 mode. |
738 | * Enables Poly1305 mode. |
678 | * |
739 | * |
679 | * Once enabled Poly1305 cannot be disabled. |
740 | * Once enabled Poly1305 cannot be disabled. |
680 | * |
741 | * |
- | 742 | * @access public |
|
681 | * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode |
743 | * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode |
682 | */ |
744 | */ |
683 | public function enablePoly1305() |
745 | public function enablePoly1305() |
684 | { |
746 | { |
685 | if ($this->mode == self::MODE_GCM) { |
747 | if ($this->mode == self::MODE_GCM) { |
Line 693... | Line 755... | ||
693 | * Enables Poly1305 mode. |
755 | * Enables Poly1305 mode. |
694 | * |
756 | * |
695 | * Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key |
757 | * Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key |
696 | * will be made. |
758 | * will be made. |
697 | * |
759 | * |
- | 760 | * @access public |
|
698 | * @param string $key optional |
761 | * @param string $key optional |
699 | * @throws \LengthException if the key isn't long enough |
762 | * @throws \LengthException if the key isn't long enough |
700 | * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode |
763 | * @throws \BadMethodCallException if Poly1305 is enabled whilst in GCM mode |
701 | */ |
764 | */ |
702 | public function setPoly1305Key($key = null) |
765 | public function setPoly1305Key($key = null) |
Line 721... | Line 784... | ||
721 | /** |
784 | /** |
722 | * Sets the nonce. |
785 | * Sets the nonce. |
723 | * |
786 | * |
724 | * setNonce() is only required when gcm is used |
787 | * setNonce() is only required when gcm is used |
725 | * |
788 | * |
- | 789 | * @access public |
|
726 | * @param string $nonce |
790 | * @param string $nonce |
727 | * @throws \BadMethodCallException if an nonce is provided when one shouldn't be |
791 | * @throws \BadMethodCallException if an nonce is provided when one shouldn't be |
728 | */ |
792 | */ |
729 | public function setNonce($nonce) |
793 | public function setNonce($nonce) |
730 | { |
794 | { |
Line 739... | Line 803... | ||
739 | /** |
803 | /** |
740 | * Sets additional authenticated data |
804 | * Sets additional authenticated data |
741 | * |
805 | * |
742 | * setAAD() is only used by gcm or in poly1305 mode |
806 | * setAAD() is only used by gcm or in poly1305 mode |
743 | * |
807 | * |
- | 808 | * @access public |
|
744 | * @param string $aad |
809 | * @param string $aad |
745 | * @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized |
810 | * @throws \BadMethodCallException if mode isn't GCM or if poly1305 isn't being utilized |
746 | */ |
811 | */ |
747 | public function setAAD($aad) |
812 | public function setAAD($aad) |
748 | { |
813 | { |
Line 754... | Line 819... | ||
754 | } |
819 | } |
755 | 820 | ||
756 | /** |
821 | /** |
757 | * Returns whether or not the algorithm uses an IV |
822 | * Returns whether or not the algorithm uses an IV |
758 | * |
823 | * |
- | 824 | * @access public |
|
759 | * @return bool |
825 | * @return bool |
760 | */ |
826 | */ |
761 | public function usesIV() |
827 | public function usesIV() |
762 | { |
828 | { |
763 | return $this->mode != self::MODE_GCM && $this->mode != self::MODE_ECB; |
829 | return $this->mode != self::MODE_GCM && $this->mode != self::MODE_ECB; |
764 | } |
830 | } |
765 | 831 | ||
766 | /** |
832 | /** |
767 | * Returns whether or not the algorithm uses a nonce |
833 | * Returns whether or not the algorithm uses a nonce |
768 | * |
834 | * |
- | 835 | * @access public |
|
769 | * @return bool |
836 | * @return bool |
770 | */ |
837 | */ |
771 | public function usesNonce() |
838 | public function usesNonce() |
772 | { |
839 | { |
773 | return $this->mode == self::MODE_GCM; |
840 | return $this->mode == self::MODE_GCM; |
774 | } |
841 | } |
775 | 842 | ||
776 | /** |
843 | /** |
777 | * Returns the current key length in bits |
844 | * Returns the current key length in bits |
778 | * |
845 | * |
- | 846 | * @access public |
|
779 | * @return int |
847 | * @return int |
780 | */ |
848 | */ |
781 | public function getKeyLength() |
849 | public function getKeyLength() |
782 | { |
850 | { |
783 | return $this->key_length << 3; |
851 | return $this->key_length << 3; |
784 | } |
852 | } |
785 | 853 | ||
786 | /** |
854 | /** |
787 | * Returns the current block length in bits |
855 | * Returns the current block length in bits |
788 | * |
856 | * |
- | 857 | * @access public |
|
789 | * @return int |
858 | * @return int |
790 | */ |
859 | */ |
791 | public function getBlockLength() |
860 | public function getBlockLength() |
792 | { |
861 | { |
793 | return $this->block_size << 3; |
862 | return $this->block_size << 3; |
794 | } |
863 | } |
795 | 864 | ||
796 | /** |
865 | /** |
797 | * Returns the current block length in bytes |
866 | * Returns the current block length in bytes |
798 | * |
867 | * |
- | 868 | * @access public |
|
799 | * @return int |
869 | * @return int |
800 | */ |
870 | */ |
801 | public function getBlockLengthInBytes() |
871 | public function getBlockLengthInBytes() |
802 | { |
872 | { |
803 | return $this->block_size; |
873 | return $this->block_size; |
Line 806... | Line 876... | ||
806 | /** |
876 | /** |
807 | * Sets the key length. |
877 | * Sets the key length. |
808 | * |
878 | * |
809 | * Keys with explicitly set lengths need to be treated accordingly |
879 | * Keys with explicitly set lengths need to be treated accordingly |
810 | * |
880 | * |
- | 881 | * @access public |
|
811 | * @param int $length |
882 | * @param int $length |
812 | */ |
883 | */ |
813 | public function setKeyLength($length) |
884 | public function setKeyLength($length) |
814 | { |
885 | { |
815 | $this->explicit_key_length = $length >> 3; |
886 | $this->explicit_key_length = $length >> 3; |
Line 830... | Line 901... | ||
830 | * |
901 | * |
831 | * If the key is not explicitly set, it'll be assumed to be all null bytes. |
902 | * If the key is not explicitly set, it'll be assumed to be all null bytes. |
832 | * |
903 | * |
833 | * {@internal Could, but not must, extend by the child Crypt_* class} |
904 | * {@internal Could, but not must, extend by the child Crypt_* class} |
834 | * |
905 | * |
- | 906 | * @access public |
|
835 | * @param string $key |
907 | * @param string $key |
836 | */ |
908 | */ |
837 | public function setKey($key) |
909 | public function setKey($key) |
838 | { |
910 | { |
839 | if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { |
911 | if ($this->explicit_key_length !== false && strlen($key) != $this->explicit_key_length) { |
Line 860... | Line 932... | ||
860 | * @param string $password |
932 | * @param string $password |
861 | * @param string $method |
933 | * @param string $method |
862 | * @param string[] ...$func_args |
934 | * @param string[] ...$func_args |
863 | * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length |
935 | * @throws \LengthException if pbkdf1 is being used and the derived key length exceeds the hash length |
864 | * @return bool |
936 | * @return bool |
- | 937 | * @access public |
|
865 | */ |
938 | */ |
866 | public function setPassword($password, $method = 'pbkdf2', ...$func_args) |
939 | public function setPassword($password, $method = 'pbkdf2', ...$func_args) |
867 | { |
940 | { |
868 | $key = ''; |
941 | $key = ''; |
869 | 942 | ||
Line 999... | Line 1072... | ||
999 | * As discussed here: |
1072 | * As discussed here: |
1000 | * |
1073 | * |
1001 | * {@link https://tools.ietf.org/html/rfc7292#appendix-B} |
1074 | * {@link https://tools.ietf.org/html/rfc7292#appendix-B} |
1002 | * |
1075 | * |
1003 | * @see self::setPassword() |
1076 | * @see self::setPassword() |
- | 1077 | * @access private |
|
1004 | * @param int $n |
1078 | * @param int $n |
1005 | * @param \phpseclib3\Crypt\Hash $hashObj |
1079 | * @param \phpseclib3\Crypt\Hash $hashObj |
1006 | * @param string $i |
1080 | * @param string $i |
1007 | * @param string $d |
1081 | * @param string $d |
1008 | * @param int $count |
1082 | * @param int $count |
Line 1061... | Line 1135... | ||
1061 | * length. |
1135 | * length. |
1062 | * |
1136 | * |
1063 | * {@internal Could, but not must, extend by the child Crypt_* class} |
1137 | * {@internal Could, but not must, extend by the child Crypt_* class} |
1064 | * |
1138 | * |
1065 | * @see self::decrypt() |
1139 | * @see self::decrypt() |
- | 1140 | * @access public |
|
1066 | * @param string $plaintext |
1141 | * @param string $plaintext |
1067 | * @return string $ciphertext |
1142 | * @return string $ciphertext |
1068 | */ |
1143 | */ |
1069 | public function encrypt($plaintext) |
1144 | public function encrypt($plaintext) |
1070 | { |
1145 | { |
Line 1440... | Line 1515... | ||
1440 | * it is. |
1515 | * it is. |
1441 | * |
1516 | * |
1442 | * {@internal Could, but not must, extend by the child Crypt_* class} |
1517 | * {@internal Could, but not must, extend by the child Crypt_* class} |
1443 | * |
1518 | * |
1444 | * @see self::encrypt() |
1519 | * @see self::encrypt() |
- | 1520 | * @access public |
|
1445 | * @param string $ciphertext |
1521 | * @param string $ciphertext |
1446 | * @return string $plaintext |
1522 | * @return string $plaintext |
1447 | * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size |
1523 | * @throws \LengthException if we're inside a block cipher and the ciphertext length is not a multiple of the block size |
1448 | */ |
1524 | */ |
1449 | public function decrypt($ciphertext) |
1525 | public function decrypt($ciphertext) |
Line 1810... | Line 1886... | ||
1810 | * Only used in GCM or Poly1305 mode |
1886 | * Only used in GCM or Poly1305 mode |
1811 | * |
1887 | * |
1812 | * @see self::encrypt() |
1888 | * @see self::encrypt() |
1813 | * @param int $length optional |
1889 | * @param int $length optional |
1814 | * @return string |
1890 | * @return string |
- | 1891 | * @access public |
|
1815 | * @throws \LengthException if $length isn't of a sufficient length |
1892 | * @throws \LengthException if $length isn't of a sufficient length |
1816 | * @throws \RuntimeException if GCM mode isn't being used |
1893 | * @throws \RuntimeException if GCM mode isn't being used |
1817 | */ |
1894 | */ |
1818 | public function getTag($length = 16) |
1895 | public function getTag($length = 16) |
1819 | { |
1896 | { |
Line 1844... | Line 1921... | ||
1844 | * |
1921 | * |
1845 | * Only used in GCM mode |
1922 | * Only used in GCM mode |
1846 | * |
1923 | * |
1847 | * @see self::decrypt() |
1924 | * @see self::decrypt() |
1848 | * @param string $tag |
1925 | * @param string $tag |
- | 1926 | * @access public |
|
1849 | * @throws \LengthException if $length isn't of a sufficient length |
1927 | * @throws \LengthException if $length isn't of a sufficient length |
1850 | * @throws \RuntimeException if GCM mode isn't being used |
1928 | * @throws \RuntimeException if GCM mode isn't being used |
1851 | */ |
1929 | */ |
1852 | public function setTag($tag) |
1930 | public function setTag($tag) |
1853 | { |
1931 | { |
Line 1873... | Line 1951... | ||
1873 | * |
1951 | * |
1874 | * @see self::encrypt() |
1952 | * @see self::encrypt() |
1875 | * @see self::decrypt() |
1953 | * @see self::decrypt() |
1876 | * @param string $iv |
1954 | * @param string $iv |
1877 | * @return string |
1955 | * @return string |
- | 1956 | * @access private |
|
1878 | */ |
1957 | */ |
1879 | protected function getIV($iv) |
1958 | protected function getIV($iv) |
1880 | { |
1959 | { |
1881 | return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv; |
1960 | return $this->mode == self::MODE_ECB ? str_repeat("\0", $this->block_size) : $iv; |
1882 | } |
1961 | } |
Line 1893... | Line 1972... | ||
1893 | * @see self::decrypt() |
1972 | * @see self::decrypt() |
1894 | * @param string $plaintext |
1973 | * @param string $plaintext |
1895 | * @param string $encryptIV |
1974 | * @param string $encryptIV |
1896 | * @param array $buffer |
1975 | * @param array $buffer |
1897 | * @return string |
1976 | * @return string |
- | 1977 | * @access private |
|
1898 | */ |
1978 | */ |
1899 | private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer) |
1979 | private function openssl_ctr_process($plaintext, &$encryptIV, &$buffer) |
1900 | { |
1980 | { |
1901 | $ciphertext = ''; |
1981 | $ciphertext = ''; |
1902 | 1982 | ||
Line 1980... | Line 2060... | ||
1980 | * @see self::decrypt() |
2060 | * @see self::decrypt() |
1981 | * @param string $plaintext |
2061 | * @param string $plaintext |
1982 | * @param string $encryptIV |
2062 | * @param string $encryptIV |
1983 | * @param array $buffer |
2063 | * @param array $buffer |
1984 | * @return string |
2064 | * @return string |
- | 2065 | * @access private |
|
1985 | */ |
2066 | */ |
1986 | private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer) |
2067 | private function openssl_ofb_process($plaintext, &$encryptIV, &$buffer) |
1987 | { |
2068 | { |
1988 | if (strlen($buffer['xor'])) { |
2069 | if (strlen($buffer['xor'])) { |
1989 | $ciphertext = $plaintext ^ $buffer['xor']; |
2070 | $ciphertext = $plaintext ^ $buffer['xor']; |
Line 2025... | Line 2106... | ||
2025 | * phpseclib <-> OpenSSL Mode Mapper |
2106 | * phpseclib <-> OpenSSL Mode Mapper |
2026 | * |
2107 | * |
2027 | * May need to be overwritten by classes extending this one in some cases |
2108 | * May need to be overwritten by classes extending this one in some cases |
2028 | * |
2109 | * |
2029 | * @return string |
2110 | * @return string |
- | 2111 | * @access private |
|
2030 | */ |
2112 | */ |
2031 | protected function openssl_translate_mode() |
2113 | protected function openssl_translate_mode() |
2032 | { |
2114 | { |
2033 | switch ($this->mode) { |
2115 | switch ($this->mode) { |
2034 | case self::MODE_ECB: |
2116 | case self::MODE_ECB: |
Line 2058... | Line 2140... | ||
2058 | * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping |
2140 | * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping |
2059 | * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is |
2141 | * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is |
2060 | * transmitted separately) |
2142 | * transmitted separately) |
2061 | * |
2143 | * |
2062 | * @see self::disablePadding() |
2144 | * @see self::disablePadding() |
- | 2145 | * @access public |
|
2063 | */ |
2146 | */ |
2064 | public function enablePadding() |
2147 | public function enablePadding() |
2065 | { |
2148 | { |
2066 | $this->padding = true; |
2149 | $this->padding = true; |
2067 | } |
2150 | } |
2068 | 2151 | ||
2069 | /** |
2152 | /** |
2070 | * Do not pad packets. |
2153 | * Do not pad packets. |
2071 | * |
2154 | * |
2072 | * @see self::enablePadding() |
2155 | * @see self::enablePadding() |
- | 2156 | * @access public |
|
2073 | */ |
2157 | */ |
2074 | public function disablePadding() |
2158 | public function disablePadding() |
2075 | { |
2159 | { |
2076 | $this->padding = false; |
2160 | $this->padding = false; |
2077 | } |
2161 | } |
Line 2111... | Line 2195... | ||
2111 | * however, they are also less intuitive and more likely to cause you problems. |
2195 | * however, they are also less intuitive and more likely to cause you problems. |
2112 | * |
2196 | * |
2113 | * {@internal Could, but not must, extend by the child Crypt_* class} |
2197 | * {@internal Could, but not must, extend by the child Crypt_* class} |
2114 | * |
2198 | * |
2115 | * @see self::disableContinuousBuffer() |
2199 | * @see self::disableContinuousBuffer() |
- | 2200 | * @access public |
|
2116 | */ |
2201 | */ |
2117 | public function enableContinuousBuffer() |
2202 | public function enableContinuousBuffer() |
2118 | { |
2203 | { |
2119 | if ($this->mode == self::MODE_ECB) { |
2204 | if ($this->mode == self::MODE_ECB) { |
2120 | return; |
2205 | return; |
Line 2135... | Line 2220... | ||
2135 | * The default behavior. |
2220 | * The default behavior. |
2136 | * |
2221 | * |
2137 | * {@internal Could, but not must, extend by the child Crypt_* class} |
2222 | * {@internal Could, but not must, extend by the child Crypt_* class} |
2138 | * |
2223 | * |
2139 | * @see self::enableContinuousBuffer() |
2224 | * @see self::enableContinuousBuffer() |
- | 2225 | * @access public |
|
2140 | */ |
2226 | */ |
2141 | public function disableContinuousBuffer() |
2227 | public function disableContinuousBuffer() |
2142 | { |
2228 | { |
2143 | if ($this->mode == self::MODE_ECB) { |
2229 | if ($this->mode == self::MODE_ECB) { |
2144 | return; |
2230 | return; |
Line 2155... | Line 2241... | ||
2155 | /** |
2241 | /** |
2156 | * Test for engine validity |
2242 | * Test for engine validity |
2157 | * |
2243 | * |
2158 | * @see self::__construct() |
2244 | * @see self::__construct() |
2159 | * @param int $engine |
2245 | * @param int $engine |
- | 2246 | * @access private |
|
2160 | * @return bool |
2247 | * @return bool |
2161 | */ |
2248 | */ |
2162 | protected function isValidEngineHelper($engine) |
2249 | protected function isValidEngineHelper($engine) |
2163 | { |
2250 | { |
2164 | switch ($engine) { |
2251 | switch ($engine) { |
Line 2204... | Line 2291... | ||
2204 | /** |
2291 | /** |
2205 | * Test for engine validity |
2292 | * Test for engine validity |
2206 | * |
2293 | * |
2207 | * @see self::__construct() |
2294 | * @see self::__construct() |
2208 | * @param string $engine |
2295 | * @param string $engine |
- | 2296 | * @access public |
|
2209 | * @return bool |
2297 | * @return bool |
2210 | */ |
2298 | */ |
2211 | public function isValidEngine($engine) |
2299 | public function isValidEngine($engine) |
2212 | { |
2300 | { |
2213 | static $reverseMap; |
2301 | static $reverseMap; |
Line 2240... | Line 2328... | ||
2240 | * |
2328 | * |
2241 | * If the preferred crypt engine is not available the fastest available one will be used |
2329 | * If the preferred crypt engine is not available the fastest available one will be used |
2242 | * |
2330 | * |
2243 | * @see self::__construct() |
2331 | * @see self::__construct() |
2244 | * @param string $engine |
2332 | * @param string $engine |
- | 2333 | * @access public |
|
2245 | */ |
2334 | */ |
2246 | public function setPreferredEngine($engine) |
2335 | public function setPreferredEngine($engine) |
2247 | { |
2336 | { |
2248 | static $reverseMap; |
2337 | static $reverseMap; |
2249 | if (!isset($reverseMap)) { |
2338 | if (!isset($reverseMap)) { |
Line 2258... | Line 2347... | ||
2258 | 2347 | ||
2259 | /** |
2348 | /** |
2260 | * Returns the engine currently being utilized |
2349 | * Returns the engine currently being utilized |
2261 | * |
2350 | * |
2262 | * @see self::setEngine() |
2351 | * @see self::setEngine() |
- | 2352 | * @access public |
|
2263 | */ |
2353 | */ |
2264 | public function getEngine() |
2354 | public function getEngine() |
2265 | { |
2355 | { |
2266 | return self::ENGINE_MAP[$this->engine]; |
2356 | return self::ENGINE_MAP[$this->engine]; |
2267 | } |
2357 | } |
2268 | 2358 | ||
2269 | /** |
2359 | /** |
2270 | * Sets the engine as appropriate |
2360 | * Sets the engine as appropriate |
2271 | * |
2361 | * |
2272 | * @see self::__construct() |
2362 | * @see self::__construct() |
- | 2363 | * @access private |
|
2273 | */ |
2364 | */ |
2274 | protected function setEngine() |
2365 | protected function setEngine() |
2275 | { |
2366 | { |
2276 | $this->engine = null; |
2367 | $this->engine = null; |
2277 | 2368 | ||
Line 2322... | Line 2413... | ||
2322 | /** |
2413 | /** |
2323 | * Encrypts a block |
2414 | * Encrypts a block |
2324 | * |
2415 | * |
2325 | * Note: Must be extended by the child \phpseclib3\Crypt\* class |
2416 | * Note: Must be extended by the child \phpseclib3\Crypt\* class |
2326 | * |
2417 | * |
- | 2418 | * @access private |
|
2327 | * @param string $in |
2419 | * @param string $in |
2328 | * @return string |
2420 | * @return string |
2329 | */ |
2421 | */ |
2330 | abstract protected function encryptBlock($in); |
2422 | abstract protected function encryptBlock($in); |
2331 | 2423 | ||
2332 | /** |
2424 | /** |
2333 | * Decrypts a block |
2425 | * Decrypts a block |
2334 | * |
2426 | * |
2335 | * Note: Must be extended by the child \phpseclib3\Crypt\* class |
2427 | * Note: Must be extended by the child \phpseclib3\Crypt\* class |
2336 | * |
2428 | * |
- | 2429 | * @access private |
|
2337 | * @param string $in |
2430 | * @param string $in |
2338 | * @return string |
2431 | * @return string |
2339 | */ |
2432 | */ |
2340 | abstract protected function decryptBlock($in); |
2433 | abstract protected function decryptBlock($in); |
2341 | 2434 | ||
Line 2345... | Line 2438... | ||
2345 | * Only used if $engine == self::ENGINE_INTERNAL |
2438 | * Only used if $engine == self::ENGINE_INTERNAL |
2346 | * |
2439 | * |
2347 | * Note: Must extend by the child \phpseclib3\Crypt\* class |
2440 | * Note: Must extend by the child \phpseclib3\Crypt\* class |
2348 | * |
2441 | * |
2349 | * @see self::setup() |
2442 | * @see self::setup() |
- | 2443 | * @access private |
|
2350 | */ |
2444 | */ |
2351 | abstract protected function setupKey(); |
2445 | abstract protected function setupKey(); |
2352 | 2446 | ||
2353 | /** |
2447 | /** |
2354 | * Setup the self::ENGINE_INTERNAL $engine |
2448 | * Setup the self::ENGINE_INTERNAL $engine |
Line 2372... | Line 2466... | ||
2372 | * {@internal Could, but not must, extend by the child Crypt_* class} |
2466 | * {@internal Could, but not must, extend by the child Crypt_* class} |
2373 | * |
2467 | * |
2374 | * @see self::setKey() |
2468 | * @see self::setKey() |
2375 | * @see self::setIV() |
2469 | * @see self::setIV() |
2376 | * @see self::disableContinuousBuffer() |
2470 | * @see self::disableContinuousBuffer() |
- | 2471 | * @access private |
|
2377 | */ |
2472 | */ |
2378 | protected function setup() |
2473 | protected function setup() |
2379 | { |
2474 | { |
2380 | if (!$this->changed) { |
2475 | if (!$this->changed) { |
2381 | return; |
2476 | return; |
Line 2474... | Line 2569... | ||
2474 | * and padding will, hence forth, be enabled. |
2569 | * and padding will, hence forth, be enabled. |
2475 | * |
2570 | * |
2476 | * @see self::unpad() |
2571 | * @see self::unpad() |
2477 | * @param string $text |
2572 | * @param string $text |
2478 | * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size |
2573 | * @throws \LengthException if padding is disabled and the plaintext's length is not a multiple of the block size |
- | 2574 | * @access private |
|
2479 | * @return string |
2575 | * @return string |
2480 | */ |
2576 | */ |
2481 | protected function pad($text) |
2577 | protected function pad($text) |
2482 | { |
2578 | { |
2483 | $length = strlen($text); |
2579 | $length = strlen($text); |
Line 2502... | Line 2598... | ||
2502 | * and false will be returned. |
2598 | * and false will be returned. |
2503 | * |
2599 | * |
2504 | * @see self::pad() |
2600 | * @see self::pad() |
2505 | * @param string $text |
2601 | * @param string $text |
2506 | * @throws \LengthException if the ciphertext's length is not a multiple of the block size |
2602 | * @throws \LengthException if the ciphertext's length is not a multiple of the block size |
- | 2603 | * @access private |
|
2507 | * @return string |
2604 | * @return string |
2508 | */ |
2605 | */ |
2509 | protected function unpad($text) |
2606 | protected function unpad($text) |
2510 | { |
2607 | { |
2511 | if (!$this->padding) { |
2608 | if (!$this->padding) { |
Line 2575... | Line 2672... | ||
2575 | * |
2672 | * |
2576 | * @see self::setup() |
2673 | * @see self::setup() |
2577 | * @see self::createInlineCryptFunction() |
2674 | * @see self::createInlineCryptFunction() |
2578 | * @see self::encrypt() |
2675 | * @see self::encrypt() |
2579 | * @see self::decrypt() |
2676 | * @see self::decrypt() |
- | 2677 | * @access private |
|
2580 | */ |
2678 | */ |
2581 | //protected function setupInlineCrypt(); |
2679 | //protected function setupInlineCrypt(); |
2582 | 2680 | ||
2583 | /** |
2681 | /** |
2584 | * Creates the performance-optimized function for en/decrypt() |
2682 | * Creates the performance-optimized function for en/decrypt() |
Line 2686... | Line 2784... | ||
2686 | * |
2784 | * |
2687 | * @see self::setupInlineCrypt() |
2785 | * @see self::setupInlineCrypt() |
2688 | * @see self::encrypt() |
2786 | * @see self::encrypt() |
2689 | * @see self::decrypt() |
2787 | * @see self::decrypt() |
2690 | * @param array $cipher_code |
2788 | * @param array $cipher_code |
- | 2789 | * @access private |
|
2691 | * @return string (the name of the created callback function) |
2790 | * @return string (the name of the created callback function) |
2692 | */ |
2791 | */ |
2693 | protected function createInlineCryptFunction($cipher_code) |
2792 | protected function createInlineCryptFunction($cipher_code) |
2694 | { |
2793 | { |
2695 | $block_size = $this->block_size; |
2794 | $block_size = $this->block_size; |
Line 3133... | Line 3232... | ||
3133 | /** |
3232 | /** |
3134 | * Convert float to int |
3233 | * Convert float to int |
3135 | * |
3234 | * |
3136 | * On ARM CPUs converting floats to ints doesn't always work |
3235 | * On ARM CPUs converting floats to ints doesn't always work |
3137 | * |
3236 | * |
- | 3237 | * @access private |
|
3138 | * @param string $x |
3238 | * @param string $x |
3139 | * @return int |
3239 | * @return int |
3140 | */ |
3240 | */ |
3141 | protected static function safe_intval($x) |
3241 | protected static function safe_intval($x) |
3142 | { |
3242 | { |
Line 3151... | Line 3251... | ||
3151 | } |
3251 | } |
3152 | 3252 | ||
3153 | /** |
3253 | /** |
3154 | * eval()'able string for in-line float to int |
3254 | * eval()'able string for in-line float to int |
3155 | * |
3255 | * |
- | 3256 | * @access private |
|
3156 | * @return string |
3257 | * @return string |
3157 | */ |
3258 | */ |
3158 | protected static function safe_intval_inline() |
3259 | protected static function safe_intval_inline() |
3159 | { |
3260 | { |
3160 | switch (true) { |
3261 | switch (true) { |
Line 3172... | Line 3273... | ||
3172 | * Sets up GCM parameters |
3273 | * Sets up GCM parameters |
3173 | * |
3274 | * |
3174 | * See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23 |
3275 | * See steps 1-2 of https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=23 |
3175 | * for more info |
3276 | * for more info |
3176 | * |
3277 | * |
- | 3278 | * @access private |
|
3177 | */ |
3279 | */ |
3178 | private function setupGCM() |
3280 | private function setupGCM() |
3179 | { |
3281 | { |
3180 | // don't keep on re-calculating $this->h |
3282 | // don't keep on re-calculating $this->h |
3181 | if (!$this->h || $this->h->key != $this->key) { |
3283 | if (!$this->h || $this->h->key != $this->key) { |
Line 3204... | Line 3306... | ||
3204 | * See https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=20 |
3306 | * See https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf#page=20 |
3205 | * for more info |
3307 | * for more info |
3206 | * |
3308 | * |
3207 | * @see self::decrypt() |
3309 | * @see self::decrypt() |
3208 | * @see self::encrypt() |
3310 | * @see self::encrypt() |
- | 3311 | * @access private |
|
3209 | * @param string $x |
3312 | * @param string $x |
3210 | * @return string |
3313 | * @return string |
3211 | */ |
3314 | */ |
3212 | private function ghash($x) |
3315 | private function ghash($x) |
3213 | { |
3316 | { |
Line 3238... | Line 3341... | ||
3238 | * Returns the bit length of a string in a packed format |
3341 | * Returns the bit length of a string in a packed format |
3239 | * |
3342 | * |
3240 | * @see self::decrypt() |
3343 | * @see self::decrypt() |
3241 | * @see self::encrypt() |
3344 | * @see self::encrypt() |
3242 | * @see self::setupGCM() |
3345 | * @see self::setupGCM() |
- | 3346 | * @access private |
|
3243 | * @param string $str |
3347 | * @param string $str |
3244 | * @return string |
3348 | * @return string |
3245 | */ |
3349 | */ |
3246 | private static function len64($str) |
3350 | private static function len64($str) |
3247 | { |
3351 | { |
Line 3252... | Line 3356... | ||
3252 | * NULL pads a string to be a multiple of 128 |
3356 | * NULL pads a string to be a multiple of 128 |
3253 | * |
3357 | * |
3254 | * @see self::decrypt() |
3358 | * @see self::decrypt() |
3255 | * @see self::encrypt() |
3359 | * @see self::encrypt() |
3256 | * @see self::setupGCM() |
3360 | * @see self::setupGCM() |
- | 3361 | * @access private |
|
3257 | * @param string $str |
3362 | * @param string $str |
3258 | * @return string |
3363 | * @return string |
3259 | */ |
3364 | */ |
3260 | protected static function nullPad128($str) |
3365 | protected static function nullPad128($str) |
3261 | { |
3366 | { |
Line 3269... | Line 3374... | ||
3269 | * On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation |
3374 | * On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation |
3270 | * it takes 1.2s. |
3375 | * it takes 1.2s. |
3271 | * |
3376 | * |
3272 | * @see self::decrypt() |
3377 | * @see self::decrypt() |
3273 | * @see self::encrypt() |
3378 | * @see self::encrypt() |
- | 3379 | * @access private |
|
3274 | * @param string $text |
3380 | * @param string $text |
3275 | * @return string |
3381 | * @return string |
3276 | */ |
3382 | */ |
3277 | protected function poly1305($text) |
3383 | protected function poly1305($text) |
3278 | { |
3384 | { |
Line 3301... | Line 3407... | ||
3301 | /** |
3407 | /** |
3302 | * Return the mode |
3408 | * Return the mode |
3303 | * |
3409 | * |
3304 | * You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode |
3410 | * You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode |
3305 | * |
3411 | * |
- | 3412 | * @access public |
|
3306 | * @return string |
3413 | * @return string |
3307 | */ |
3414 | */ |
3308 | public function getMode() |
3415 | public function getMode() |
3309 | { |
3416 | { |
3310 | return array_flip(self::MODE_MAP)[$this->mode]; |
3417 | return array_flip(self::MODE_MAP)[$this->mode]; |