diff options
Diffstat (limited to 'vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php')
-rw-r--r-- | vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php | 99 |
1 files changed, 85 insertions, 14 deletions
diff --git a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php index 2c143940b..ab5944cde 100644 --- a/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php +++ b/vendor/phpseclib/phpseclib/phpseclib/Crypt/Base.php @@ -500,6 +500,46 @@ abstract class Base } $this->_setEngine(); + + // Determining whether inline crypting can be used by the cipher + if ($this->use_inline_crypt !== false) { + $this->use_inline_crypt = version_compare(PHP_VERSION, '5.3.0') >= 0 || function_exists('create_function'); + } + + if (!defined('PHP_INT_SIZE')) { + define('PHP_INT_SIZE', 4); + } + + if (!defined('CRYPT_BASE_USE_REG_INTVAL')) { + switch (true) { + // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster + case (PHP_OS & "\xDF\xDF\xDF") === 'WIN': + case !function_exists('php_uname'): + case !is_string(php_uname('m')): + case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': + case PHP_INT_SIZE == 8: + define('CRYPT_BASE_USE_REG_INTVAL', true); + break; + case (php_uname('m') & "\xDF\xDF\xDF") == 'ARM': + switch (true) { + /* PHP 7.0.0 introduced a bug that affected 32-bit ARM processors: + + https://github.com/php/php-src/commit/716da71446ebbd40fa6cf2cea8a4b70f504cc3cd + + altho the changelogs make no mention of it, this bug was fixed with this commit: + + https://github.com/php/php-src/commit/c1729272b17a1fe893d1a54e423d3b71470f3ee8 + + affected versions of PHP are: 7.0.x, 7.1.0 - 7.1.23 and 7.2.0 - 7.2.11 */ + case PHP_VERSION_ID >= 70000 && PHP_VERSION_ID <= 70123: + case PHP_VERSION_ID >= 70200 && PHP_VERSION_ID <= 70211: + define('CRYPT_BASE_USE_REG_INTVAL', false); + break; + default: + define('CRYPT_BASE_USE_REG_INTVAL', true); + } + } + } } /** @@ -593,6 +633,10 @@ abstract class Base * $hash, $salt, $count, $dkLen * * Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php + * {@link https://en.wikipedia.org/wiki/Bcrypt bcypt}: + * $salt, $rounds, $keylen + * + * This is a modified version of bcrypt used by OpenSSH. * * @see Crypt/Hash.php * @param string $password @@ -606,6 +650,28 @@ abstract class Base $key = ''; switch ($method) { + case 'bcrypt': + $func_args = func_get_args(); + + if (!isset($func_args[2])) { + return false; + } + + $salt = $func_args[2]; + + $rounds = isset($func_args[3]) ? $func_args[3] : 16; + $keylen = isset($func_args[4]) ? $func_args[4] : $this->key_length; + + $bf = new Blowfish(); + $key = $bf->bcrypt_pbkdf($password, $salt, $keylen + $this->block_size, $rounds); + if (!$key) { + return false; + } + + $this->setKey(substr($key, 0, $keylen)); + $this->setIV(substr($key, $keylen)); + + return true; default: // 'pbkdf2' or 'pbkdf1' $func_args = func_get_args(); @@ -1105,7 +1171,7 @@ abstract class Base $plaintext = ''; if ($this->continuousBuffer) { $iv = &$this->decryptIV; - $pos = &$this->buffer['pos']; + $pos = &$this->debuffer['pos']; } else { $iv = $this->decryptIV; $pos = 0; @@ -2798,11 +2864,8 @@ abstract class Base */ function safe_intval($x) { - switch (true) { - case is_int($x): - // PHP 5.3, per http://php.net/releases/5_3_0.php, introduced "more consistent float rounding" - case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': - return $x; + if (is_int($x)) { + return $x; } return (fmod($x, 0x80000000) & 0x7FFFFFFF) | ((fmod(floor($x / 0x80000000), 2) & 1) << 31); @@ -2816,15 +2879,12 @@ abstract class Base */ function safe_intval_inline() { - switch (true) { - case defined('PHP_INT_SIZE') && PHP_INT_SIZE == 8: - case (php_uname('m') & "\xDF\xDF\xDF") != 'ARM': - return '%s'; - break; - default: - $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; - return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; + if (CRYPT_BASE_USE_REG_INTVAL) { + return PHP_INT_SIZE == 4 ? 'intval(%s)' : '%s'; } + + $safeint = '(is_int($temp = %s) ? $temp : (fmod($temp, 0x80000000) & 0x7FFFFFFF) | '; + return $safeint . '((fmod(floor($temp / 0x80000000), 2) & 1) << 31))'; } /** @@ -2835,4 +2895,15 @@ abstract class Base function do_nothing() { } + + /** + * Is the continuous buffer enabled? + * + * @access public + * @return boolean + */ + function continuousBufferEnabled() + { + return $this->continuousBuffer; + } } |