diff --git a/CHANGELOG.md b/CHANGELOG.md index 7dbea2068..3303376dd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,8 @@ ## Changelog +# 5.1.6 - 2026-03-30 +- Upgraded phpseclib package to 3.0.50 + # 5.1.5 - 2025-09-29 - Upgraded grpc package to 1.74.0 diff --git a/composer.json b/composer.json index 476203ec0..947bdd0db 100644 --- a/composer.json +++ b/composer.json @@ -6,7 +6,8 @@ "guzzlehttp/guzzle": "^7.0", "guzzlehttp/psr7": "^2.5.1", "guzzlehttp/promises": "^2.0.0", - "phpseclib/phpseclib": "3.0.36", + "paragonie/constant_time_encoding": "2.5.0", + "phpseclib/phpseclib": "3.0.50", "phpseclib/bcmath_compat": "^2.0", "google/analytics-admin": "^0.22.2", "google/analytics-data": "^0.17.1" diff --git a/composer.lock b/composer.lock index 175f756c2..2497008df 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "2b6170c2789d576a42ce67995f1e6789", + "content-hash": "fa7e66e6d19f1b898ffbfb50743b5557", "packages": [ { "name": "brick/math", @@ -1132,16 +1132,16 @@ }, { "name": "phpseclib/bcmath_compat", - "version": "2.0.2", + "version": "2.0.3", "source": { "type": "git", "url": "https://github.com/phpseclib/bcmath_compat.git", - "reference": "29bbf07a7039ff65ce7daa44502ba34baf1512ec" + "reference": "ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/bcmath_compat/zipball/29bbf07a7039ff65ce7daa44502ba34baf1512ec", - "reference": "29bbf07a7039ff65ce7daa44502ba34baf1512ec", + "url": "https://api.github.com/repos/phpseclib/bcmath_compat/zipball/ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a", + "reference": "ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a", "shasum": "" }, "require": { @@ -1190,24 +1190,24 @@ "issues": "https://github.com/phpseclib/bcmath_compat/issues", "source": "https://github.com/phpseclib/bcmath_compat" }, - "time": "2024-02-21T10:30:36+00:00" + "time": "2024-06-06T14:17:54+00:00" }, { "name": "phpseclib/phpseclib", - "version": "3.0.36", + "version": "3.0.50", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "c2fb5136162d4be18fdd4da9980696f3aee96d7b" + "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/c2fb5136162d4be18fdd4da9980696f3aee96d7b", - "reference": "c2fb5136162d4be18fdd4da9980696f3aee96d7b", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", + "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", "shasum": "" }, "require": { - "paragonie/constant_time_encoding": "^1|^2", + "paragonie/constant_time_encoding": "^1|^2|^3", "paragonie/random_compat": "^1.4|^2.0|^9.99.99", "php": ">=5.6.1" }, @@ -1284,7 +1284,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.36" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.50" }, "funding": [ { @@ -1300,7 +1300,7 @@ "type": "tidelift" } ], - "time": "2024-02-26T05:13:14+00:00" + "time": "2026-03-19T02:57:58+00:00" }, { "name": "psr/cache", @@ -1814,5 +1814,5 @@ "php": ">=7.2.5" }, "platform-dev": [], - "plugin-api-version": "2.2.0" + "plugin-api-version": "2.6.0" } diff --git a/plugin.json b/plugin.json index b1c3ef093..a3303ff8b 100644 --- a/plugin.json +++ b/plugin.json @@ -1,7 +1,7 @@ { "name": "GoogleAnalyticsImporter", "description": "Import reports from a Google Analytics account into Matomo.", - "version": "5.1.5", + "version": "5.1.6", "theme": false, "require": { "matomo": ">=5.0.0-rc5,<6.0.0-b1" diff --git a/vendor/autoload_original.php b/vendor/autoload_original.php index aa5e86722..48f454953 100644 --- a/vendor/autoload_original.php +++ b/vendor/autoload_original.php @@ -4,4 +4,4 @@ require_once __DIR__ . '/composer/autoload_real.php'; -return ComposerAutoloaderInit07578f5997f6343c198794f8b18aabc1::getLoader(); +return ComposerAutoloaderInitfa7e66e6d19f1b898ffbfb50743b5557::getLoader(); diff --git a/vendor/composer/InstalledVersions.php b/vendor/composer/InstalledVersions.php index d50e0c9fc..51e734a77 100644 --- a/vendor/composer/InstalledVersions.php +++ b/vendor/composer/InstalledVersions.php @@ -21,12 +21,14 @@ * See also https://getcomposer.org/doc/07-runtime.md#installed-versions * * To require its presence, you can require `composer-runtime-api ^2.0` + * + * @final */ class InstalledVersions { /** * @var mixed[]|null - * @psalm-var array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array}|array{}|null + * @psalm-var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array}|array{}|null */ private static $installed; @@ -37,7 +39,7 @@ class InstalledVersions /** * @var array[] - * @psalm-var array}> + * @psalm-var array}> */ private static $installedByVendor = array(); @@ -96,7 +98,7 @@ public static function isInstalled($packageName, $includeDevRequirements = true) { foreach (self::getInstalled() as $installed) { if (isset($installed['versions'][$packageName])) { - return $includeDevRequirements || empty($installed['versions'][$packageName]['dev_requirement']); + return $includeDevRequirements || !isset($installed['versions'][$packageName]['dev_requirement']) || $installed['versions'][$packageName]['dev_requirement'] === false; } } @@ -117,7 +119,7 @@ public static function isInstalled($packageName, $includeDevRequirements = true) */ public static function satisfies(VersionParser $parser, $packageName, $constraint) { - $constraint = $parser->parseConstraints($constraint); + $constraint = $parser->parseConstraints((string) $constraint); $provided = $parser->parseConstraints(self::getVersionRanges($packageName)); return $provided->matches($constraint); @@ -241,7 +243,7 @@ public static function getInstallPath($packageName) /** * @return array - * @psalm-return array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string} + * @psalm-return array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool} */ public static function getRootPackage() { @@ -255,7 +257,7 @@ public static function getRootPackage() * * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect. * @return array[] - * @psalm-return array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array} + * @psalm-return array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} */ public static function getRawData() { @@ -278,7 +280,7 @@ public static function getRawData() * Returns the raw data of all installed.php which are currently loaded for custom implementations * * @return array[] - * @psalm-return list}> + * @psalm-return list}> */ public static function getAllRawData() { @@ -301,7 +303,7 @@ public static function getAllRawData() * @param array[] $data A vendor/composer/installed.php data set * @return void * - * @psalm-param array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array} $data + * @psalm-param array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $data */ public static function reload($data) { @@ -311,7 +313,7 @@ public static function reload($data) /** * @return array[] - * @psalm-return list}> + * @psalm-return list}> */ private static function getInstalled() { @@ -326,7 +328,9 @@ private static function getInstalled() if (isset(self::$installedByVendor[$vendorDir])) { $installed[] = self::$installedByVendor[$vendorDir]; } elseif (is_file($vendorDir.'/composer/installed.php')) { - $installed[] = self::$installedByVendor[$vendorDir] = require $vendorDir.'/composer/installed.php'; + /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ + $required = require $vendorDir.'/composer/installed.php'; + $installed[] = self::$installedByVendor[$vendorDir] = $required; if (null === self::$installed && strtr($vendorDir.'/composer', '\\', '/') === strtr(__DIR__, '\\', '/')) { self::$installed = $installed[count($installed) - 1]; } @@ -338,12 +342,17 @@ private static function getInstalled() // only require the installed.php file if this file is loaded from its dumped location, // and not from its source location in the composer/composer package, see https://github.com/composer/composer/issues/9937 if (substr(__DIR__, -8, 1) !== 'C') { - self::$installed = require __DIR__ . '/installed.php'; + /** @var array{root: array{name: string, pretty_version: string, version: string, reference: string|null, type: string, install_path: string, aliases: string[], dev: bool}, versions: array} $required */ + $required = require __DIR__ . '/installed.php'; + self::$installed = $required; } else { self::$installed = array(); } } - $installed[] = self::$installed; + + if (self::$installed !== array()) { + $installed[] = self::$installed; + } return $installed; } diff --git a/vendor/composer/LICENSE b/vendor/composer/LICENSE index 62ecfd8d0..f27399a04 100644 --- a/vendor/composer/LICENSE +++ b/vendor/composer/LICENSE @@ -1,3 +1,4 @@ + Copyright (c) Nils Adermann, Jordi Boggiano Permission is hereby granted, free of charge, to any person obtaining a copy @@ -17,3 +18,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/vendor/composer/autoload_files.php b/vendor/composer/autoload_files.php index be9ffe33c..dd0abd5e1 100644 --- a/vendor/composer/autoload_files.php +++ b/vendor/composer/autoload_files.php @@ -9,8 +9,8 @@ '7b11c4dc42b3b3023073cb14e519683c' => $vendorDir . '/ralouphie/getallheaders/src/getallheaders.php', '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php', '37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php', - 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', 'e39a8b23c42d4e1452234d762b03835a' => $vendorDir . '/ramsey/uuid/src/functions.php', + 'decc78cc4436b1292c6c0d151b19445c' => $vendorDir . '/phpseclib/phpseclib/phpseclib/bootstrap.php', '1f87db08236948d07391152dccb70f04' => $vendorDir . '/google/apiclient-services/autoload.php', 'a8d3953fd9959404dd22d3dfcd0a79f0' => $vendorDir . '/google/apiclient/src/aliases.php', '56823cacd97af379eceaf82ad00b928f' => $vendorDir . '/phpseclib/bcmath_compat/lib/bcmath.php', diff --git a/vendor/composer/autoload_real.php b/vendor/composer/autoload_real.php index 8a8bff2c5..1582a9d2b 100644 --- a/vendor/composer/autoload_real.php +++ b/vendor/composer/autoload_real.php @@ -2,7 +2,7 @@ // autoload_real.php @generated by Composer -class ComposerAutoloaderInit07578f5997f6343c198794f8b18aabc1 +class ComposerAutoloaderInitfa7e66e6d19f1b898ffbfb50743b5557 { private static $loader; @@ -22,15 +22,15 @@ public static function getLoader() return self::$loader; } - spl_autoload_register(array('ComposerAutoloaderInit07578f5997f6343c198794f8b18aabc1', 'loadClassLoader'), true, true); + spl_autoload_register(array('ComposerAutoloaderInitfa7e66e6d19f1b898ffbfb50743b5557', 'loadClassLoader'), true, true); self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__))); - spl_autoload_unregister(array('ComposerAutoloaderInit07578f5997f6343c198794f8b18aabc1', 'loadClassLoader')); + spl_autoload_unregister(array('ComposerAutoloaderInitfa7e66e6d19f1b898ffbfb50743b5557', 'loadClassLoader')); $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); if ($useStaticLoader) { require __DIR__ . '/autoload_static.php'; - call_user_func(\Composer\Autoload\ComposerStaticInit07578f5997f6343c198794f8b18aabc1::getInitializer($loader)); + call_user_func(\Composer\Autoload\ComposerStaticInitfa7e66e6d19f1b898ffbfb50743b5557::getInitializer($loader)); } else { $map = require __DIR__ . '/autoload_namespaces.php'; foreach ($map as $namespace => $path) { @@ -51,12 +51,12 @@ public static function getLoader() $loader->register(true); if ($useStaticLoader) { - $includeFiles = Composer\Autoload\ComposerStaticInit07578f5997f6343c198794f8b18aabc1::$files; + $includeFiles = Composer\Autoload\ComposerStaticInitfa7e66e6d19f1b898ffbfb50743b5557::$files; } else { $includeFiles = require __DIR__ . '/autoload_files.php'; } foreach ($includeFiles as $fileIdentifier => $file) { - composerRequire07578f5997f6343c198794f8b18aabc1($fileIdentifier, $file); + composerRequirefa7e66e6d19f1b898ffbfb50743b5557($fileIdentifier, $file); } return $loader; @@ -68,7 +68,7 @@ public static function getLoader() * @param string $file * @return void */ -function composerRequire07578f5997f6343c198794f8b18aabc1($fileIdentifier, $file) +function composerRequirefa7e66e6d19f1b898ffbfb50743b5557($fileIdentifier, $file) { if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index 4c2e77603..927c0f52e 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -4,7 +4,7 @@ namespace Composer\Autoload; -class ComposerStaticInit07578f5997f6343c198794f8b18aabc1 +class ComposerStaticInitfa7e66e6d19f1b898ffbfb50743b5557 { public static $files = array( ); @@ -245,9 +245,9 @@ class ComposerStaticInit07578f5997f6343c198794f8b18aabc1 public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->prefixLengthsPsr4 = ComposerStaticInit07578f5997f6343c198794f8b18aabc1::$prefixLengthsPsr4; - $loader->prefixDirsPsr4 = ComposerStaticInit07578f5997f6343c198794f8b18aabc1::$prefixDirsPsr4; - $loader->classMap = ComposerStaticInit07578f5997f6343c198794f8b18aabc1::$classMap; + $loader->prefixLengthsPsr4 = ComposerStaticInitfa7e66e6d19f1b898ffbfb50743b5557::$prefixLengthsPsr4; + $loader->prefixDirsPsr4 = ComposerStaticInitfa7e66e6d19f1b898ffbfb50743b5557::$prefixDirsPsr4; + $loader->classMap = ComposerStaticInitfa7e66e6d19f1b898ffbfb50743b5557::$classMap; }, null, ClassLoader::class); } diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index 2e0f59ed8..4fa59ade4 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -1180,17 +1180,17 @@ }, { "name": "phpseclib/bcmath_compat", - "version": "2.0.2", - "version_normalized": "2.0.2.0", + "version": "2.0.3", + "version_normalized": "2.0.3.0", "source": { "type": "git", "url": "https://github.com/phpseclib/bcmath_compat.git", - "reference": "29bbf07a7039ff65ce7daa44502ba34baf1512ec" + "reference": "ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/bcmath_compat/zipball/29bbf07a7039ff65ce7daa44502ba34baf1512ec", - "reference": "29bbf07a7039ff65ce7daa44502ba34baf1512ec", + "url": "https://api.github.com/repos/phpseclib/bcmath_compat/zipball/ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a", + "reference": "ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a", "shasum": "" }, "require": { @@ -1206,7 +1206,7 @@ "suggest": { "ext-gmp": "Will enable faster math operations" }, - "time": "2024-02-21T10:30:36+00:00", + "time": "2024-06-06T14:17:54+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1245,21 +1245,21 @@ }, { "name": "phpseclib/phpseclib", - "version": "3.0.36", - "version_normalized": "3.0.36.0", + "version": "3.0.50", + "version_normalized": "3.0.50.0", "source": { "type": "git", "url": "https://github.com/phpseclib/phpseclib.git", - "reference": "c2fb5136162d4be18fdd4da9980696f3aee96d7b" + "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/c2fb5136162d4be18fdd4da9980696f3aee96d7b", - "reference": "c2fb5136162d4be18fdd4da9980696f3aee96d7b", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", + "reference": "aa6ad8321ed103dc3624fb600a25b66ebf78ec7b", "shasum": "" }, "require": { - "paragonie/constant_time_encoding": "^1|^2", + "paragonie/constant_time_encoding": "^1|^2|^3", "paragonie/random_compat": "^1.4|^2.0|^9.99.99", "php": ">=5.6.1" }, @@ -1273,7 +1273,7 @@ "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." }, - "time": "2024-02-26T05:13:14+00:00", + "time": "2026-03-19T02:57:58+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -1338,7 +1338,7 @@ ], "support": { "issues": "https://github.com/phpseclib/phpseclib/issues", - "source": "https://github.com/phpseclib/phpseclib/tree/3.0.36" + "source": "https://github.com/phpseclib/phpseclib/tree/3.0.50" }, "funding": [ { diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php index 7f754b2ac..45cfadd82 100644 --- a/vendor/composer/installed.php +++ b/vendor/composer/installed.php @@ -1,166 +1,166 @@ array( + 'name' => '__root__', 'pretty_version' => 'dev-5.x-dev', 'version' => 'dev-5.x-dev', + 'reference' => '1d9833c2212f051bc024e55ad57f6f30e33971a4', 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), - 'reference' => '616311f9677bdd35910e10b81c6f651c21d0a8e5', - 'name' => '__root__', 'dev' => true, ), 'versions' => array( '__root__' => array( 'pretty_version' => 'dev-5.x-dev', 'version' => 'dev-5.x-dev', + 'reference' => '1d9833c2212f051bc024e55ad57f6f30e33971a4', 'type' => 'library', 'install_path' => __DIR__ . '/../../', 'aliases' => array(), - 'reference' => '616311f9677bdd35910e10b81c6f651c21d0a8e5', 'dev_requirement' => false, ), 'brick/math' => array( 'pretty_version' => '0.12.1', 'version' => '0.12.1.0', + 'reference' => 'f510c0a40911935b77b86859eb5223d58d660df1', 'type' => 'library', 'install_path' => __DIR__ . '/../brick/math', 'aliases' => array(), - 'reference' => 'f510c0a40911935b77b86859eb5223d58d660df1', 'dev_requirement' => false, ), 'firebase/php-jwt' => array( 'pretty_version' => 'v6.10.1', 'version' => '6.10.1.0', + 'reference' => '500501c2ce893c824c801da135d02661199f60c5', 'type' => 'library', 'install_path' => __DIR__ . '/../firebase/php-jwt', 'aliases' => array(), - 'reference' => '500501c2ce893c824c801da135d02661199f60c5', 'dev_requirement' => false, ), 'google/analytics-admin' => array( 'pretty_version' => 'v0.22.5', 'version' => '0.22.5.0', + 'reference' => 'c28dce5b3158381a755d4a4443aa4e2b8d1a2809', 'type' => 'library', 'install_path' => __DIR__ . '/../google/analytics-admin', 'aliases' => array(), - 'reference' => 'c28dce5b3158381a755d4a4443aa4e2b8d1a2809', 'dev_requirement' => false, ), 'google/analytics-data' => array( 'pretty_version' => 'v0.17.1', 'version' => '0.17.1.0', + 'reference' => '0a7b129fd483179d16780d548be4fe16cd8bdc1a', 'type' => 'library', 'install_path' => __DIR__ . '/../google/analytics-data', 'aliases' => array(), - 'reference' => '0a7b129fd483179d16780d548be4fe16cd8bdc1a', 'dev_requirement' => false, ), 'google/apiclient' => array( 'pretty_version' => 'v2.15.4', 'version' => '2.15.4.0', + 'reference' => '73fa9cf8d8886db7269bcda0457d0a251a02cfd9', 'type' => 'library', 'install_path' => __DIR__ . '/../google/apiclient', 'aliases' => array(), - 'reference' => '73fa9cf8d8886db7269bcda0457d0a251a02cfd9', 'dev_requirement' => false, ), 'google/apiclient-services' => array( 'pretty_version' => 'v0.224.1', 'version' => '0.224.1.0', + 'reference' => '06e515176ebf32c3dcf7c01b3f377af6bfca6ae3', 'type' => 'library', 'install_path' => __DIR__ . '/../google/apiclient-services', 'aliases' => array(), - 'reference' => '06e515176ebf32c3dcf7c01b3f377af6bfca6ae3', 'dev_requirement' => false, ), 'google/auth' => array( 'pretty_version' => 'v1.41.0', 'version' => '1.41.0.0', + 'reference' => '1043ea18fe7f5dfbf5b208ce3ee6d6b6ab8cb038', 'type' => 'library', 'install_path' => __DIR__ . '/../google/auth', 'aliases' => array(), - 'reference' => '1043ea18fe7f5dfbf5b208ce3ee6d6b6ab8cb038', 'dev_requirement' => false, ), 'google/common-protos' => array( 'pretty_version' => 'v4.7.0', 'version' => '4.7.0.0', + 'reference' => 'e58068776f57605c336e32c7db373f0a81da17b8', 'type' => 'library', 'install_path' => __DIR__ . '/../google/common-protos', 'aliases' => array(), - 'reference' => 'e58068776f57605c336e32c7db373f0a81da17b8', 'dev_requirement' => false, ), 'google/gax' => array( 'pretty_version' => 'v1.34.0', 'version' => '1.34.0.0', + 'reference' => '28aa3e95969a75b278606a88448992a6396a119e', 'type' => 'library', 'install_path' => __DIR__ . '/../google/gax', 'aliases' => array(), - 'reference' => '28aa3e95969a75b278606a88448992a6396a119e', 'dev_requirement' => false, ), 'google/grpc-gcp' => array( 'pretty_version' => 'v0.4.0', 'version' => '0.4.0.0', + 'reference' => '2a80dbf690922aa52bb6bb79b9a32a9637a5c2d9', 'type' => 'library', 'install_path' => __DIR__ . '/../google/grpc-gcp', 'aliases' => array(), - 'reference' => '2a80dbf690922aa52bb6bb79b9a32a9637a5c2d9', 'dev_requirement' => false, ), 'google/longrunning' => array( 'pretty_version' => '0.4.3', 'version' => '0.4.3.0', + 'reference' => 'ed718a735e407826c3332b7197a44602eb03e608', 'type' => 'library', 'install_path' => __DIR__ . '/../google/longrunning', 'aliases' => array(), - 'reference' => 'ed718a735e407826c3332b7197a44602eb03e608', 'dev_requirement' => false, ), 'google/protobuf' => array( 'pretty_version' => 'v4.27.3', 'version' => '4.27.3.0', + 'reference' => 'ff079fe467bf86ac8f3359e2eb77a1613ebd204d', 'type' => 'library', 'install_path' => __DIR__ . '/../google/protobuf', 'aliases' => array(), - 'reference' => 'ff079fe467bf86ac8f3359e2eb77a1613ebd204d', 'dev_requirement' => false, ), 'grpc/grpc' => array( 'pretty_version' => '1.74.0', 'version' => '1.74.0.0', + 'reference' => '32bf4dba256d60d395582fb6e4e8d3936bcdb713', 'type' => 'library', 'install_path' => __DIR__ . '/../grpc/grpc', 'aliases' => array(), - 'reference' => '32bf4dba256d60d395582fb6e4e8d3936bcdb713', 'dev_requirement' => false, ), 'guzzlehttp/guzzle' => array( 'pretty_version' => '7.9.2', 'version' => '7.9.2.0', + 'reference' => 'd281ed313b989f213357e3be1a179f02196ac99b', 'type' => 'library', 'install_path' => __DIR__ . '/../guzzlehttp/guzzle', 'aliases' => array(), - 'reference' => 'd281ed313b989f213357e3be1a179f02196ac99b', 'dev_requirement' => false, ), 'guzzlehttp/promises' => array( 'pretty_version' => '2.0.3', 'version' => '2.0.3.0', + 'reference' => '6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8', 'type' => 'library', 'install_path' => __DIR__ . '/../guzzlehttp/promises', 'aliases' => array(), - 'reference' => '6ea8dd08867a2a42619d65c3deb2c0fcbf81c8f8', 'dev_requirement' => false, ), 'guzzlehttp/psr7' => array( 'pretty_version' => '2.7.0', 'version' => '2.7.0.0', + 'reference' => 'a70f5c95fb43bc83f07c9c948baa0dc1829bf201', 'type' => 'library', 'install_path' => __DIR__ . '/../guzzlehttp/psr7', 'aliases' => array(), - 'reference' => 'a70f5c95fb43bc83f07c9c948baa0dc1829bf201', 'dev_requirement' => false, ), 'monolog/monolog' => array( @@ -172,55 +172,55 @@ 'paragonie/constant_time_encoding' => array( 'pretty_version' => 'v2.5.0', 'version' => '2.5.0.0', + 'reference' => '9229e15f2e6ba772f0c55dd6986c563b937170a8', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/constant_time_encoding', 'aliases' => array(), - 'reference' => '9229e15f2e6ba772f0c55dd6986c563b937170a8', 'dev_requirement' => false, ), 'paragonie/random_compat' => array( 'pretty_version' => 'v9.99.100', 'version' => '9.99.100.0', + 'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a', 'type' => 'library', 'install_path' => __DIR__ . '/../paragonie/random_compat', 'aliases' => array(), - 'reference' => '996434e5492cb4c3edcb9168db6fbb1359ef965a', 'dev_requirement' => false, ), 'phpseclib/bcmath_compat' => array( - 'pretty_version' => '2.0.2', - 'version' => '2.0.2.0', + 'pretty_version' => '2.0.3', + 'version' => '2.0.3.0', + 'reference' => 'ae8f87ea0c96b2ef08ecf0d291d45372d0f7bc5a', 'type' => 'library', 'install_path' => __DIR__ . '/../phpseclib/bcmath_compat', 'aliases' => array(), - 'reference' => '29bbf07a7039ff65ce7daa44502ba34baf1512ec', 'dev_requirement' => false, ), 'phpseclib/phpseclib' => array( - 'pretty_version' => '3.0.36', - 'version' => '3.0.36.0', + 'pretty_version' => '3.0.50', + 'version' => '3.0.50.0', + 'reference' => 'aa6ad8321ed103dc3624fb600a25b66ebf78ec7b', 'type' => 'library', 'install_path' => __DIR__ . '/../phpseclib/phpseclib', 'aliases' => array(), - 'reference' => 'c2fb5136162d4be18fdd4da9980696f3aee96d7b', 'dev_requirement' => false, ), 'psr/cache' => array( 'pretty_version' => '3.0.0', 'version' => '3.0.0.0', + 'reference' => 'aa5030cfa5405eccfdcb1083ce040c2cb8d253bf', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/cache', 'aliases' => array(), - 'reference' => 'aa5030cfa5405eccfdcb1083ce040c2cb8d253bf', 'dev_requirement' => false, ), 'psr/http-client' => array( 'pretty_version' => '1.0.1', 'version' => '1.0.1.0', + 'reference' => '2dfb5f6c5eff0e91e20e913f8c5452ed95b86621', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/http-client', 'aliases' => array(), - 'reference' => '2dfb5f6c5eff0e91e20e913f8c5452ed95b86621', 'dev_requirement' => false, ), 'psr/http-client-implementation' => array( @@ -232,10 +232,10 @@ 'psr/http-factory' => array( 'pretty_version' => '1.0.1', 'version' => '1.0.1.0', + 'reference' => '12ac7fcd07e5b077433f5f2bee95b3a771bf61be', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/http-factory', 'aliases' => array(), - 'reference' => '12ac7fcd07e5b077433f5f2bee95b3a771bf61be', 'dev_requirement' => false, ), 'psr/http-factory-implementation' => array( @@ -247,10 +247,10 @@ 'psr/http-message' => array( 'pretty_version' => '1.1', 'version' => '1.1.0.0', + 'reference' => 'cb6ce4845ce34a8ad9e68117c10ee90a29919eba', 'type' => 'library', 'install_path' => __DIR__ . '/../psr/http-message', 'aliases' => array(), - 'reference' => 'cb6ce4845ce34a8ad9e68117c10ee90a29919eba', 'dev_requirement' => false, ), 'psr/http-message-implementation' => array( @@ -262,28 +262,28 @@ 'ralouphie/getallheaders' => array( 'pretty_version' => '3.0.3', 'version' => '3.0.3.0', + 'reference' => '120b605dfeb996808c31b6477290a714d356e822', 'type' => 'library', 'install_path' => __DIR__ . '/../ralouphie/getallheaders', 'aliases' => array(), - 'reference' => '120b605dfeb996808c31b6477290a714d356e822', 'dev_requirement' => false, ), 'ramsey/collection' => array( 'pretty_version' => '2.0.0', 'version' => '2.0.0.0', + 'reference' => 'a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5', 'type' => 'library', 'install_path' => __DIR__ . '/../ramsey/collection', 'aliases' => array(), - 'reference' => 'a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5', 'dev_requirement' => false, ), 'ramsey/uuid' => array( 'pretty_version' => '4.7.6', 'version' => '4.7.6.0', + 'reference' => '91039bc1faa45ba123c4328958e620d382ec7088', 'type' => 'library', 'install_path' => __DIR__ . '/../ramsey/uuid', 'aliases' => array(), - 'reference' => '91039bc1faa45ba123c4328958e620d382ec7088', 'dev_requirement' => false, ), 'rhumsaa/uuid' => array( @@ -295,10 +295,10 @@ 'symfony/deprecation-contracts' => array( 'pretty_version' => 'v2.5.2', 'version' => '2.5.2.0', + 'reference' => 'e8b495ea28c1d97b5e0c121748d6f9b53d075c66', 'type' => 'library', 'install_path' => __DIR__ . '/../symfony/deprecation-contracts', 'aliases' => array(), - 'reference' => 'e8b495ea28c1d97b5e0c121748d6f9b53d075c66', 'dev_requirement' => false, ), ), diff --git a/vendor/prefixed/phpseclib/bcmath_compat/src/BCMath.php b/vendor/prefixed/phpseclib/bcmath_compat/src/BCMath.php index 4d5dc868b..42b0b6622 100644 --- a/vendor/prefixed/phpseclib/bcmath_compat/src/BCMath.php +++ b/vendor/prefixed/phpseclib/bcmath_compat/src/BCMath.php @@ -313,12 +313,13 @@ private static function sqrt($n, $scale, $pad) public static function __callStatic($name, $arguments) { static $params = ['add' => 3, 'comp' => 3, 'div' => 3, 'mod' => 3, 'mul' => 3, 'pow' => 3, 'powmod' => 4, 'scale' => 1, 'sqrt' => 2, 'sub' => 3]; - if (count($arguments) < $params[$name] - 1) { + $cnt = count($arguments); + if ($cnt < $params[$name] - 1) { $min = $params[$name] - 1; - throw new \ArgumentCountError("bc{$name}() expects at least {$min} parameters, " . func_num_args() . " given"); + throw new \ArgumentCountError("bc{$name}() expects at least {$min} parameters, " . $cnt . " given"); } - if (count($arguments) > $params[$name]) { - $str = "bc{$name}() expects at most {$params[$name]} parameters, " . func_num_args() . " given"; + if ($cnt > $params[$name]) { + $str = "bc{$name}() expects at most {$params[$name]} parameters, " . $cnt . " given"; throw new \ArgumentCountError($str); } $numbers = array_slice($arguments, 0, $params[$name] - 1); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php index 84f5b15d9..1cf17d1de 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Common/Functions/Strings.php @@ -121,7 +121,9 @@ public static function unpackSSH2($format, &$data) // 64-bit floats can be used to get larger numbers then 32-bit signed ints would allow // for. sure, you're not gonna get the full precision of 64-bit numbers but just because // you need > 32-bit precision doesn't mean you need the full 64-bit precision - extract(unpack('Nupper/Nlower', self::shift($data, 8))); + $unpacked = unpack('Nupper/Nlower', self::shift($data, 8)); + $upper = $unpacked['upper']; + $lower = $unpacked['lower']; $temp = $upper ? 4294967296 * $upper : 0; $temp += $lower < 0 ? ($lower & 0x7ffffffff) + 0x80000000 : $lower; // $temp = hexdec(bin2hex(self::shift($data, 8))); @@ -332,7 +334,11 @@ public static function switchEndianness($x) // from http://graphics.stanford.edu/~seander/bithacks.html#ReverseByteWith32Bits $p1 = $b * 0x802 & 0x22110; $p2 = $b * 0x8020 & 0x88440; - $r .= chr(($p1 | $p2) * 0x10101 >> 16); + $temp = ($p1 | $p2) * 0x10101; + if (is_float($temp)) { + $temp = (int) fmod($temp, 0x7fffffff); + } + $r .= chr($temp >> 16 & 0xff); } } return $r; @@ -429,7 +435,7 @@ public static function base64_encode($data) public static function base64url_encode($data) { // return str_replace(['+', '/'], ['-', '_'], self::base64_encode($data)); - return function_exists('sodium_bin2base64') ? sodium_bin2base64($data, \SODIUM_BASE64_VARIANT_URLSAFE) : Base64UrlSafe::encode($data); + return function_exists('sodium_bin2base64') ? sodium_bin2base64($data, \SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING) : Base64UrlSafe::encode($data); } /** * Constant Time Hex Decoder diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php index db7d85fc1..53ef12b46 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Blowfish.php @@ -127,50 +127,32 @@ class Blowfish extends BlockCipher /** * Block Length of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @see Common\SymmetricKey::block_size * @var int */ protected $block_size = 8; /** * The mcrypt specific name of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see Common\SymmetricKey::cipher_name_mcrypt * @var string */ protected $cipher_name_mcrypt = 'blowfish'; /** * Optimizing value while CFB-encrypting * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @see Common\SymmetricKey::cfb_init_len * @var int */ protected $cfb_init_len = 500; /** - * The fixed subkeys boxes ($sbox0 - $sbox3) with 256 entries each + * The fixed subkeys boxes * - * S-Box 0 + * S-Box * * @var array */ - private static $sbox0 = [0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0x801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0xd95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0xf6d6ff3, 0x83f44239, 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 0x75372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x4c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x2e5b9c5, 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x8ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 0x53b02d5d, 0xa99f8fa1, 0x8ba4799, 0x6e85076a]; - /** - * S-Box 1 - * - * @var array - */ - private static $sbox1 = [0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x21ecc5e, 0x9686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, 0xa9446146, 0xfd0030e, 0xecc8c73e, 0xa4751e41, 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x43556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x18cff28, 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96, 0x334fe1e, 0xaa0363cf, 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, 0xe358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, 0x95bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0xc55f5ea, 0x1dadf43e, 0x233f7061, 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 0x9e447a2e, 0xc3453484, 0xfdd56705, 0xe1e9ec9, 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7]; - /** - * S-Box 2 - * - * @var array - */ - private static $sbox2 = [0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x3bd9785, 0x7fac6dd0, 0x31cb8504, 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4, 0xa2c86da, 0xe9b66dfb, 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, 0xfdf8e802, 0x4272f70, 0x80bb155c, 0x5282ce3, 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, 0x7f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 0xe12b4c2, 0x2e1329e, 0xaf664fd1, 0xcad18115, 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 0xa476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, 0x6a124237, 0xb79251e7, 0x6a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, 0x44421659, 0xa121386, 0xd90cec6e, 0xd5abea2a, 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, 0xe85a1f02, 0x9f0be8c, 0x4a99a025, 0x1d6efe10, 0x1ab93d1d, 0xba5a4df, 0xa186f20f, 0x2868f169, 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0xde6d027, 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0, 0x6058aa, 0x30dc7d62, 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 0xed545578, 0x8fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0]; - /** - * S-Box 3 - * - * @var array - */ - private static $sbox3 = [0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x22b8b51, 0x96d5ac3a, 0x17da67d, 0xd1cf3ed6, 0x7c7d2d28, 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba, 0x3a16125, 0x564f0bd, 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 0x7533d928, 0xb155fdf5, 0x3563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x9072166, 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x115af84, 0xe1b00428, 0x95983a1d, 0x6b89fb4, 0xce6ea048, 0x6f3f3b82, 0x3520ab82, 0x11a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 0x339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a, 0xf91fc71, 0x9b941525, 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0xfe3f11d, 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x2fb8a8c, 0x1c36ae4, 0xd6ebe1f9, 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6]; + private static $sbox = [0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, 0xb8e1afed, 0x6a267e96, 0xba7c9045, 0xf12c7f99, 0x24a19947, 0xb3916cf7, 0x801f2e2, 0x858efc16, 0x636920d8, 0x71574e69, 0xa458fea3, 0xf4933d7e, 0xd95748f, 0x728eb658, 0x718bcd58, 0x82154aee, 0x7b54a41d, 0xc25a59b5, 0x9c30d539, 0x2af26013, 0xc5d1b023, 0x286085f0, 0xca417918, 0xb8db38ef, 0x8e79dcb0, 0x603a180e, 0x6c9e0e8b, 0xb01e8a3e, 0xd71577c1, 0xbd314b27, 0x78af2fda, 0x55605c60, 0xe65525f3, 0xaa55ab94, 0x57489862, 0x63e81440, 0x55ca396a, 0x2aab10b6, 0xb4cc5c34, 0x1141e8ce, 0xa15486af, 0x7c72e993, 0xb3ee1411, 0x636fbc2a, 0x2ba9c55d, 0x741831f6, 0xce5c3e16, 0x9b87931e, 0xafd6ba33, 0x6c24cf5c, 0x7a325381, 0x28958677, 0x3b8f4898, 0x6b4bb9af, 0xc4bfe81b, 0x66282193, 0x61d809cc, 0xfb21a991, 0x487cac60, 0x5dec8032, 0xef845d5d, 0xe98575b1, 0xdc262302, 0xeb651b88, 0x23893e81, 0xd396acc5, 0xf6d6ff3, 0x83f44239, 0x2e0b4482, 0xa4842004, 0x69c8f04a, 0x9e1f9b5e, 0x21c66842, 0xf6e96c9a, 0x670c9c61, 0xabd388f0, 0x6a51a0d2, 0xd8542f68, 0x960fa728, 0xab5133a3, 0x6eef0b6c, 0x137a3be4, 0xba3bf050, 0x7efb2a98, 0xa1f1651d, 0x39af0176, 0x66ca593e, 0x82430e88, 0x8cee8619, 0x456f9fb4, 0x7d84a5c3, 0x3b8b5ebe, 0xe06f75d8, 0x85c12073, 0x401a449f, 0x56c16aa6, 0x4ed3aa62, 0x363f7706, 0x1bfedf72, 0x429b023d, 0x37d0d724, 0xd00a1248, 0xdb0fead3, 0x49f1c09b, 0x75372c9, 0x80991b7b, 0x25d479d8, 0xf6e8def7, 0xe3fe501a, 0xb6794c3b, 0x976ce0bd, 0x4c006ba, 0xc1a94fb6, 0x409f60c4, 0x5e5c9ec2, 0x196a2463, 0x68fb6faf, 0x3e6c53b5, 0x1339b2eb, 0x3b52ec6f, 0x6dfc511f, 0x9b30952c, 0xcc814544, 0xaf5ebd09, 0xbee3d004, 0xde334afd, 0x660f2807, 0x192e4bb3, 0xc0cba857, 0x45c8740f, 0xd20b5f39, 0xb9d3fbdb, 0x5579c0bd, 0x1a60320a, 0xd6a100c6, 0x402c7279, 0x679f25fe, 0xfb1fa3cc, 0x8ea5e9f8, 0xdb3222f8, 0x3c7516df, 0xfd616b15, 0x2f501ec8, 0xad0552ab, 0x323db5fa, 0xfd238760, 0x53317b48, 0x3e00df82, 0x9e5c57bb, 0xca6f8ca0, 0x1a87562e, 0xdf1769db, 0xd542a8f6, 0x287effc3, 0xac6732c6, 0x8c4f5573, 0x695b27b0, 0xbbca58c8, 0xe1ffa35d, 0xb8f011a0, 0x10fa3d98, 0xfd2183b8, 0x4afcb56c, 0x2dd1d35b, 0x9a53e479, 0xb6f84565, 0xd28e49bc, 0x4bfb9790, 0xe1ddf2da, 0xa4cb7e33, 0x62fb1341, 0xcee4c6e8, 0xef20cada, 0x36774c01, 0xd07e9efe, 0x2bf11fb4, 0x95dbda4d, 0xae909198, 0xeaad8e71, 0x6b93d5a0, 0xd08ed1d0, 0xafc725e0, 0x8e3c5b2f, 0x8e7594b7, 0x8ff6e2fb, 0xf2122b64, 0x8888b812, 0x900df01c, 0x4fad5ea0, 0x688fc31c, 0xd1cff191, 0xb3a8c1ad, 0x2f2f2218, 0xbe0e1777, 0xea752dfe, 0x8b021fa1, 0xe5a0cc0f, 0xb56f74e8, 0x18acf3d6, 0xce89e299, 0xb4a84fe0, 0xfd13e0b7, 0x7cc43b81, 0xd2ada8d9, 0x165fa266, 0x80957705, 0x93cc7314, 0x211a1477, 0xe6ad2065, 0x77b5fa86, 0xc75442f5, 0xfb9d35cf, 0xebcdaf0c, 0x7b3e89a0, 0xd6411bd3, 0xae1e7e49, 0x250e2d, 0x2071b35e, 0x226800bb, 0x57b8e0af, 0x2464369b, 0xf009b91e, 0x5563911d, 0x59dfa6aa, 0x78c14389, 0xd95a537f, 0x207d5ba2, 0x2e5b9c5, 0x83260376, 0x6295cfa9, 0x11c81968, 0x4e734a41, 0xb3472dca, 0x7b14a94a, 0x1b510052, 0x9a532915, 0xd60f573f, 0xbc9bc6e4, 0x2b60a476, 0x81e67400, 0x8ba6fb5, 0x571be91f, 0xf296ec6b, 0x2a0dd915, 0xb6636521, 0xe7b9f9b6, 0xff34052e, 0xc5855664, 0x53b02d5d, 0xa99f8fa1, 0x8ba4799, 0x6e85076a, 0x4b7a70e9, 0xb5b32944, 0xdb75092e, 0xc4192623, 0xad6ea6b0, 0x49a7df7d, 0x9cee60b8, 0x8fedb266, 0xecaa8c71, 0x699a17ff, 0x5664526c, 0xc2b19ee1, 0x193602a5, 0x75094c29, 0xa0591340, 0xe4183a3e, 0x3f54989a, 0x5b429d65, 0x6b8fe4d6, 0x99f73fd6, 0xa1d29c07, 0xefe830f5, 0x4d2d38e6, 0xf0255dc1, 0x4cdd2086, 0x8470eb26, 0x6382e9c6, 0x21ecc5e, 0x9686b3f, 0x3ebaefc9, 0x3c971814, 0x6b6a70a1, 0x687f3584, 0x52a0e286, 0xb79c5305, 0xaa500737, 0x3e07841c, 0x7fdeae5c, 0x8e7d44ec, 0x5716f2b8, 0xb03ada37, 0xf0500c0d, 0xf01c1f04, 0x200b3ff, 0xae0cf51a, 0x3cb574b2, 0x25837a58, 0xdc0921bd, 0xd19113f9, 0x7ca92ff6, 0x94324773, 0x22f54701, 0x3ae5e581, 0x37c2dadc, 0xc8b57634, 0x9af3dda7, 0xa9446146, 0xfd0030e, 0xecc8c73e, 0xa4751e41, 0xe238cd99, 0x3bea0e2f, 0x3280bba1, 0x183eb331, 0x4e548b38, 0x4f6db908, 0x6f420d03, 0xf60a04bf, 0x2cb81290, 0x24977c79, 0x5679b072, 0xbcaf89af, 0xde9a771f, 0xd9930810, 0xb38bae12, 0xdccf3f2e, 0x5512721f, 0x2e6b7124, 0x501adde6, 0x9f84cd87, 0x7a584718, 0x7408da17, 0xbc9f9abc, 0xe94b7d8c, 0xec7aec3a, 0xdb851dfa, 0x63094366, 0xc464c3d2, 0xef1c1847, 0x3215d908, 0xdd433b37, 0x24c2ba16, 0x12a14d43, 0x2a65c451, 0x50940002, 0x133ae4dd, 0x71dff89e, 0x10314e55, 0x81ac77d6, 0x5f11199b, 0x43556f1, 0xd7a3c76b, 0x3c11183b, 0x5924a509, 0xf28fe6ed, 0x97f1fbfa, 0x9ebabf2c, 0x1e153c6e, 0x86e34570, 0xeae96fb1, 0x860e5e0a, 0x5a3e2ab3, 0x771fe71c, 0x4e3d06fa, 0x2965dcb9, 0x99e71d0f, 0x803e89d6, 0x5266c825, 0x2e4cc978, 0x9c10b36a, 0xc6150eba, 0x94e2ea78, 0xa5fc3c53, 0x1e0a2df4, 0xf2f74ea7, 0x361d2b3d, 0x1939260f, 0x19c27960, 0x5223a708, 0xf71312b6, 0xebadfe6e, 0xeac31f66, 0xe3bc4595, 0xa67bc883, 0xb17f37d1, 0x18cff28, 0xc332ddef, 0xbe6c5aa5, 0x65582185, 0x68ab9802, 0xeecea50f, 0xdb2f953b, 0x2aef7dad, 0x5b6e2f84, 0x1521b628, 0x29076170, 0xecdd4775, 0x619f1510, 0x13cca830, 0xeb61bd96, 0x334fe1e, 0xaa0363cf, 0xb5735c90, 0x4c70a239, 0xd59e9e0b, 0xcbaade14, 0xeecc86bc, 0x60622ca7, 0x9cab5cab, 0xb2f3846e, 0x648b1eaf, 0x19bdf0ca, 0xa02369b9, 0x655abb50, 0x40685a32, 0x3c2ab4b3, 0x319ee9d5, 0xc021b8f7, 0x9b540b19, 0x875fa099, 0x95f7997e, 0x623d7da8, 0xf837889a, 0x97e32d77, 0x11ed935f, 0x16681281, 0xe358829, 0xc7e61fd6, 0x96dedfa1, 0x7858ba99, 0x57f584a5, 0x1b227263, 0x9b83c3ff, 0x1ac24696, 0xcdb30aeb, 0x532e3054, 0x8fd948e4, 0x6dbc3128, 0x58ebf2ef, 0x34c6ffea, 0xfe28ed61, 0xee7c3c73, 0x5d4a14d9, 0xe864b7e3, 0x42105d14, 0x203e13e0, 0x45eee2b6, 0xa3aaabea, 0xdb6c4f15, 0xfacb4fd0, 0xc742f442, 0xef6abbb5, 0x654f3b1d, 0x41cd2105, 0xd81e799e, 0x86854dc7, 0xe44b476a, 0x3d816250, 0xcf62a1f2, 0x5b8d2646, 0xfc8883a0, 0xc1c7b6a3, 0x7f1524c3, 0x69cb7492, 0x47848a0b, 0x5692b285, 0x95bbf00, 0xad19489d, 0x1462b174, 0x23820e00, 0x58428d2a, 0xc55f5ea, 0x1dadf43e, 0x233f7061, 0x3372f092, 0x8d937e41, 0xd65fecf1, 0x6c223bdb, 0x7cde3759, 0xcbee7460, 0x4085f2a7, 0xce77326e, 0xa6078084, 0x19f8509e, 0xe8efd855, 0x61d99735, 0xa969a7aa, 0xc50c06c2, 0x5a04abfc, 0x800bcadc, 0x9e447a2e, 0xc3453484, 0xfdd56705, 0xe1e9ec9, 0xdb73dbd3, 0x105588cd, 0x675fda79, 0xe3674340, 0xc5c43465, 0x713e38d8, 0x3d28f89e, 0xf16dff20, 0x153e21e7, 0x8fb03d4a, 0xe6e39f2b, 0xdb83adf7, 0xe93d5a68, 0x948140f7, 0xf64c261c, 0x94692934, 0x411520f7, 0x7602d4f7, 0xbcf46b2e, 0xd4a20068, 0xd4082471, 0x3320f46a, 0x43b7d4b7, 0x500061af, 0x1e39f62e, 0x97244546, 0x14214f74, 0xbf8b8840, 0x4d95fc1d, 0x96b591af, 0x70f4ddd3, 0x66a02f45, 0xbfbc09ec, 0x3bd9785, 0x7fac6dd0, 0x31cb8504, 0x96eb27b3, 0x55fd3941, 0xda2547e6, 0xabca0a9a, 0x28507825, 0x530429f4, 0xa2c86da, 0xe9b66dfb, 0x68dc1462, 0xd7486900, 0x680ec0a4, 0x27a18dee, 0x4f3ffea2, 0xe887ad8c, 0xb58ce006, 0x7af4d6b6, 0xaace1e7c, 0xd3375fec, 0xce78a399, 0x406b2a42, 0x20fe9e35, 0xd9f385b9, 0xee39d7ab, 0x3b124e8b, 0x1dc9faf7, 0x4b6d1856, 0x26a36631, 0xeae397b2, 0x3a6efa74, 0xdd5b4332, 0x6841e7f7, 0xca7820fb, 0xfb0af54e, 0xd8feb397, 0x454056ac, 0xba489527, 0x55533a3a, 0x20838d87, 0xfe6ba9b7, 0xd096954b, 0x55a867bc, 0xa1159a58, 0xcca92963, 0x99e1db33, 0xa62a4a56, 0x3f3125f9, 0x5ef47e1c, 0x9029317c, 0xfdf8e802, 0x4272f70, 0x80bb155c, 0x5282ce3, 0x95c11548, 0xe4c66d22, 0x48c1133f, 0xc70f86dc, 0x7f9c9ee, 0x41041f0f, 0x404779a4, 0x5d886e17, 0x325f51eb, 0xd59bc0d1, 0xf2bcc18f, 0x41113564, 0x257b7834, 0x602a9c60, 0xdff8e8a3, 0x1f636c1b, 0xe12b4c2, 0x2e1329e, 0xaf664fd1, 0xcad18115, 0x6b2395e0, 0x333e92e1, 0x3b240b62, 0xeebeb922, 0x85b2a20e, 0xe6ba0d99, 0xde720c8c, 0x2da2f728, 0xd0127845, 0x95b794fd, 0x647d0862, 0xe7ccf5f0, 0x5449a36f, 0x877d48fa, 0xc39dfd27, 0xf33e8d1e, 0xa476341, 0x992eff74, 0x3a6f6eab, 0xf4f8fd37, 0xa812dc60, 0xa1ebddf8, 0x991be14c, 0xdb6e6b0d, 0xc67b5510, 0x6d672c37, 0x2765d43b, 0xdcd0e804, 0xf1290dc7, 0xcc00ffa3, 0xb5390f92, 0x690fed0b, 0x667b9ffb, 0xcedb7d9c, 0xa091cf0b, 0xd9155ea3, 0xbb132f88, 0x515bad24, 0x7b9479bf, 0x763bd6eb, 0x37392eb3, 0xcc115979, 0x8026e297, 0xf42e312d, 0x6842ada7, 0xc66a2b3b, 0x12754ccc, 0x782ef11c, 0x6a124237, 0xb79251e7, 0x6a1bbe6, 0x4bfb6350, 0x1a6b1018, 0x11caedfa, 0x3d25bdd8, 0xe2e1c3c9, 0x44421659, 0xa121386, 0xd90cec6e, 0xd5abea2a, 0x64af674e, 0xda86a85f, 0xbebfe988, 0x64e4c3fe, 0x9dbc8057, 0xf0f7c086, 0x60787bf8, 0x6003604d, 0xd1fd8346, 0xf6381fb0, 0x7745ae04, 0xd736fccc, 0x83426b33, 0xf01eab71, 0xb0804187, 0x3c005e5f, 0x77a057be, 0xbde8ae24, 0x55464299, 0xbf582e61, 0x4e58f48f, 0xf2ddfda2, 0xf474ef38, 0x8789bdc2, 0x5366f9c3, 0xc8b38e74, 0xb475f255, 0x46fcd9b9, 0x7aeb2661, 0x8b1ddf84, 0x846a0e79, 0x915f95e2, 0x466e598e, 0x20b45770, 0x8cd55591, 0xc902de4c, 0xb90bace1, 0xbb8205d0, 0x11a86248, 0x7574a99e, 0xb77f19b6, 0xe0a9dc09, 0x662d09a1, 0xc4324633, 0xe85a1f02, 0x9f0be8c, 0x4a99a025, 0x1d6efe10, 0x1ab93d1d, 0xba5a4df, 0xa186f20f, 0x2868f169, 0xdcb7da83, 0x573906fe, 0xa1e2ce9b, 0x4fcd7f52, 0x50115e01, 0xa70683fa, 0xa002b5c4, 0xde6d027, 0x9af88c27, 0x773f8641, 0xc3604c06, 0x61a806b5, 0xf0177a28, 0xc0f586e0, 0x6058aa, 0x30dc7d62, 0x11e69ed7, 0x2338ea63, 0x53c2dd94, 0xc2c21634, 0xbbcbee56, 0x90bcb6de, 0xebfc7da1, 0xce591d76, 0x6f05e409, 0x4b7c0188, 0x39720a3d, 0x7c927c24, 0x86e3725f, 0x724d9db9, 0x1ac15bb4, 0xd39eb8fc, 0xed545578, 0x8fca5b5, 0xd83d7cd3, 0x4dad0fc4, 0x1e50ef5e, 0xb161e6f8, 0xa28514d9, 0x6c51133c, 0x6fd5c7e7, 0x56e14ec4, 0x362abfce, 0xddc6c837, 0xd79a3234, 0x92638212, 0x670efa8e, 0x406000e0, 0x3a39ce37, 0xd3faf5cf, 0xabc27737, 0x5ac52d1b, 0x5cb0679e, 0x4fa33742, 0xd3822740, 0x99bc9bbe, 0xd5118e9d, 0xbf0f7315, 0xd62d1c7e, 0xc700c47b, 0xb78c1b6b, 0x21a19045, 0xb26eb1be, 0x6a366eb4, 0x5748ab2f, 0xbc946e79, 0xc6a376d2, 0x6549c2c8, 0x530ff8ee, 0x468dde7d, 0xd5730a1d, 0x4cd04dc6, 0x2939bbdb, 0xa9ba4650, 0xac9526e8, 0xbe5ee304, 0xa1fad5f0, 0x6a2d519a, 0x63ef8ce2, 0x9a86ee22, 0xc089c2b8, 0x43242ef6, 0xa51e03aa, 0x9cf2d0a4, 0x83c061ba, 0x9be96a4d, 0x8fe51550, 0xba645bd6, 0x2826a2f9, 0xa73a3ae1, 0x4ba99586, 0xef5562e9, 0xc72fefd3, 0xf752f7da, 0x3f046f69, 0x77fa0a59, 0x80e4a915, 0x87b08601, 0x9b09e6ad, 0x3b3ee593, 0xe990fd5a, 0x9e34d797, 0x2cf0b7d9, 0x22b8b51, 0x96d5ac3a, 0x17da67d, 0xd1cf3ed6, 0x7c7d2d28, 0x1f9f25cf, 0xadf2b89b, 0x5ad6b472, 0x5a88f54c, 0xe029ac71, 0xe019a5e6, 0x47b0acfd, 0xed93fa9b, 0xe8d3c48d, 0x283b57cc, 0xf8d56629, 0x79132e28, 0x785f0191, 0xed756055, 0xf7960e44, 0xe3d35e8c, 0x15056dd4, 0x88f46dba, 0x3a16125, 0x564f0bd, 0xc3eb9e15, 0x3c9057a2, 0x97271aec, 0xa93a072a, 0x1b3f6d9b, 0x1e6321f5, 0xf59c66fb, 0x26dcf319, 0x7533d928, 0xb155fdf5, 0x3563482, 0x8aba3cbb, 0x28517711, 0xc20ad9f8, 0xabcc5167, 0xccad925f, 0x4de81751, 0x3830dc8e, 0x379d5862, 0x9320f991, 0xea7a90c2, 0xfb3e7bce, 0x5121ce64, 0x774fbe32, 0xa8b6e37e, 0xc3293d46, 0x48de5369, 0x6413e680, 0xa2ae0810, 0xdd6db224, 0x69852dfd, 0x9072166, 0xb39a460a, 0x6445c0dd, 0x586cdecf, 0x1c20c8ae, 0x5bbef7dd, 0x1b588d40, 0xccd2017f, 0x6bb4e3bb, 0xdda26a7e, 0x3a59ff45, 0x3e350a44, 0xbcb4cdd5, 0x72eacea8, 0xfa6484bb, 0x8d6612ae, 0xbf3c6f47, 0xd29be463, 0x542f5d9e, 0xaec2771b, 0xf64e6370, 0x740e0d8d, 0xe75b1357, 0xf8721671, 0xaf537d5d, 0x4040cb08, 0x4eb4e2cc, 0x34d2466a, 0x115af84, 0xe1b00428, 0x95983a1d, 0x6b89fb4, 0xce6ea048, 0x6f3f3b82, 0x3520ab82, 0x11a1d4b, 0x277227f8, 0x611560b1, 0xe7933fdc, 0xbb3a792b, 0x344525bd, 0xa08839e1, 0x51ce794b, 0x2f32c9b7, 0xa01fbac9, 0xe01cc87e, 0xbcc7d1f6, 0xcf0111c3, 0xa1e8aac7, 0x1a908749, 0xd44fbd9a, 0xd0dadecb, 0xd50ada38, 0x339c32a, 0xc6913667, 0x8df9317c, 0xe0b12b4f, 0xf79e59b7, 0x43f5bb3a, 0xf2d519ff, 0x27d9459c, 0xbf97222c, 0x15e6fc2a, 0xf91fc71, 0x9b941525, 0xfae59361, 0xceb69ceb, 0xc2a86459, 0x12baa8d1, 0xb6c1075e, 0xe3056a0c, 0x10d25065, 0xcb03a442, 0xe0ec6e0e, 0x1698db3b, 0x4c98a0be, 0x3278e964, 0x9f1f9532, 0xe0d392df, 0xd3a0342b, 0x8971f21e, 0x1b0a7441, 0x4ba3348c, 0xc5be7120, 0xc37632d8, 0xdf359f8d, 0x9b992f2e, 0xe60b6f47, 0xfe3f11d, 0xe54cda54, 0x1edad891, 0xce6279cf, 0xcd3e7e6f, 0x1618b166, 0xfd2c1d05, 0x848fd2c5, 0xf6fb2299, 0xf523f357, 0xa6327623, 0x93a83531, 0x56cccd02, 0xacf08162, 0x5a75ebb5, 0x6e163697, 0x88d273cc, 0xde966292, 0x81b949d0, 0x4c50901b, 0x71c65614, 0xe6c6c7bd, 0x327a140a, 0x45e1d006, 0xc3f27b9a, 0xc9aa53fd, 0x62a80f00, 0xbb25bfe2, 0x35bdd2f6, 0x71126905, 0xb2040222, 0xb6cbcf7c, 0xcd769c2b, 0x53113ec0, 0x1640e3d3, 0x38abbd60, 0x2547adf0, 0xba38209c, 0xf746ce76, 0x77afa1c5, 0x20756060, 0x85cbfe4e, 0x8ae88dd8, 0x7aaaf9b0, 0x4cf9aa7e, 0x1948c25c, 0x2fb8a8c, 0x1c36ae4, 0xd6ebe1f9, 0x90d4f869, 0xa65cdea0, 0x3f09252d, 0xc208e69f, 0xb74e6132, 0xce77e25b, 0x578fdfe3, 0x3ac372e6]; /** * P-Array consists of 18 32-bit subkeys * @@ -198,7 +180,7 @@ class Blowfish extends BlockCipher * derive this from $key_length or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu * of that, we'll just precompute it once.} * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKeyLength() + * @see Common\SymmetricKey::setKeyLength() * @var int */ protected $key_length = 16; @@ -235,7 +217,7 @@ public function setKeyLength($length) * * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * @see Common\SymmetricKey::isValidEngine() * @param int $engine * @return bool */ @@ -259,7 +241,7 @@ protected function isValidEngineHelper($engine) /** * Setup the key (expansion) * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() + * @see Common\SymmetricKey::_setupKey() */ protected function setupKey() { @@ -269,7 +251,7 @@ protected function setupKey() } $this->kl = ['key' => $this->key]; /* key-expanding p[] and S-Box building sb[] */ - $this->bctx = ['p' => [], 'sb' => [self::$sbox0, self::$sbox1, self::$sbox2, self::$sbox3]]; + $this->bctx = ['p' => [], 'sb' => self::$sbox]; // unpack binary string in unsigned chars $key = array_values(unpack('C*', $this->key)); $keyl = count($key); @@ -292,11 +274,11 @@ protected function setupKey() $this->bctx['p'][$i] = $l; $this->bctx['p'][$i + 1] = $r; } - for ($i = 0; $i < 4; ++$i) { + for ($i = 0; $i < 0x400; $i += 0x100) { for ($j = 0; $j < 256; $j += 2) { list($l, $r) = array_values(unpack('N*', $data = $this->encryptBlock($data))); - $this->bctx['sb'][$i][$j] = $l; - $this->bctx['sb'][$i][$j + 1] = $r; + $this->bctx['sb'][$i | $j] = $l; + $this->bctx['sb'][$i | $j + 1] = $r; } } } @@ -305,12 +287,9 @@ protected function setupKey() */ protected static function initialize_static_variables() { - if (is_float(self::$sbox2[0])) { - self::$sbox0 = array_map('intval', self::$sbox0); - self::$sbox1 = array_map('intval', self::$sbox1); - self::$sbox2 = array_map('intval', self::$sbox2); - self::$sbox3 = array_map('intval', self::$sbox3); - self::$parray = array_map('intval', self::$parray); + if (is_float(self::$sbox[0x200])) { + self::$sbox = array_map([self::class, 'safe_intval'], self::$sbox); + self::$parray = array_map([self::class, 'safe_intval'], self::$parray); } parent::initialize_static_variables(); } @@ -325,25 +304,22 @@ protected static function initialize_static_variables() private static function bcrypt_hash($sha2pass, $sha2salt) { $p = self::$parray; - $sbox0 = self::$sbox0; - $sbox1 = self::$sbox1; - $sbox2 = self::$sbox2; - $sbox3 = self::$sbox3; + $sbox = self::$sbox; $cdata = array_values(unpack('N*', 'OxychromaticBlowfishSwatDynamite')); $sha2pass = array_values(unpack('N*', $sha2pass)); $sha2salt = array_values(unpack('N*', $sha2salt)); - self::expandstate($sha2salt, $sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p); + self::expandstate($sha2salt, $sha2pass, $sbox, $p); for ($i = 0; $i < 64; $i++) { - self::expand0state($sha2salt, $sbox0, $sbox1, $sbox2, $sbox3, $p); - self::expand0state($sha2pass, $sbox0, $sbox1, $sbox2, $sbox3, $p); + self::expand0state($sha2salt, $sbox, $p); + self::expand0state($sha2pass, $sbox, $p); } for ($i = 0; $i < 64; $i++) { for ($j = 0; $j < 8; $j += 2) { // count($cdata) == 8 - list($cdata[$j], $cdata[$j + 1]) = self::encryptBlockHelperFast($cdata[$j], $cdata[$j + 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($cdata[$j], $cdata[$j + 1]) = self::encryptBlockHelperFast($cdata[$j], $cdata[$j + 1], $sbox, $p); } } - return pack('L*', ...$cdata); + return pack('V*', ...$cdata); } /** * Performs OpenSSH-style bcrypt @@ -388,45 +364,30 @@ public static function bcrypt_pbkdf($pass, $salt, $keylen, $rounds) * * @access private * @param int[] $key - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 + * @param int[] $sbox * @param int[] $p * @see self::_bcrypt_hash() */ - private static function expand0state(array $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p) + private static function expand0state(array $key, array &$sbox, array &$p) { // expand0state is basically the same thing as this: //return self::expandstate(array_fill(0, 16, 0), $key); // but this separate function eliminates a bunch of XORs and array lookups $p = [$p[0] ^ $key[0], $p[1] ^ $key[1], $p[2] ^ $key[2], $p[3] ^ $key[3], $p[4] ^ $key[4], $p[5] ^ $key[5], $p[6] ^ $key[6], $p[7] ^ $key[7], $p[8] ^ $key[8], $p[9] ^ $key[9], $p[10] ^ $key[10], $p[11] ^ $key[11], $p[12] ^ $key[12], $p[13] ^ $key[13], $p[14] ^ $key[14], $p[15] ^ $key[15], $p[16] ^ $key[0], $p[17] ^ $key[1]]; // @codingStandardsIgnoreStart - list($p[0], $p[1]) = self::encryptBlockHelperFast(0, 0, $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[2], $p[3]) = self::encryptBlockHelperFast($p[0], $p[1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[4], $p[5]) = self::encryptBlockHelperFast($p[2], $p[3], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[6], $p[7]) = self::encryptBlockHelperFast($p[4], $p[5], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[8], $p[9]) = self::encryptBlockHelperFast($p[6], $p[7], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[10], $p[11]) = self::encryptBlockHelperFast($p[8], $p[9], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[12], $p[13]) = self::encryptBlockHelperFast($p[10], $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[14], $p[15]) = self::encryptBlockHelperFast($p[12], $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[16], $p[17]) = self::encryptBlockHelperFast($p[14], $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[0], $p[1]) = self::encryptBlockHelperFast(0, 0, $sbox, $p); + list($p[2], $p[3]) = self::encryptBlockHelperFast($p[0], $p[1], $sbox, $p); + list($p[4], $p[5]) = self::encryptBlockHelperFast($p[2], $p[3], $sbox, $p); + list($p[6], $p[7]) = self::encryptBlockHelperFast($p[4], $p[5], $sbox, $p); + list($p[8], $p[9]) = self::encryptBlockHelperFast($p[6], $p[7], $sbox, $p); + list($p[10], $p[11]) = self::encryptBlockHelperFast($p[8], $p[9], $sbox, $p); + list($p[12], $p[13]) = self::encryptBlockHelperFast($p[10], $p[11], $sbox, $p); + list($p[14], $p[15]) = self::encryptBlockHelperFast($p[12], $p[13], $sbox, $p); + list($p[16], $p[17]) = self::encryptBlockHelperFast($p[14], $p[15], $sbox, $p); // @codingStandardsIgnoreEnd - list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($p[16], $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($sbox0[$i - 2], $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($sbox0[254], $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($sbox1[$i - 2], $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($sbox1[254], $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($sbox2[$i - 2], $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($sbox2[254], $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2; $i < 256; $i += 2) { - list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($sbox3[$i - 2], $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($sbox[0], $sbox[1]) = self::encryptBlockHelperFast($p[16], $p[17], $sbox, $p); + for ($i = 2; $i < 1024; $i += 2) { + list($sbox[$i], $sbox[$i + 1]) = self::encryptBlockHelperFast($sbox[$i - 2], $sbox[$i - 1], $sbox, $p); } } /** @@ -435,43 +396,28 @@ private static function expand0state(array $key, array &$sbox0, array &$sbox1, a * @access private * @param int[] $data * @param int[] $key - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 + * @param int[] $sbox * @param int[] $p * @see self::_bcrypt_hash() */ - private static function expandstate(array $data, array $key, array &$sbox0, array &$sbox1, array &$sbox2, array &$sbox3, array &$p) + private static function expandstate(array $data, array $key, array &$sbox, array &$p) { $p = [$p[0] ^ $key[0], $p[1] ^ $key[1], $p[2] ^ $key[2], $p[3] ^ $key[3], $p[4] ^ $key[4], $p[5] ^ $key[5], $p[6] ^ $key[6], $p[7] ^ $key[7], $p[8] ^ $key[8], $p[9] ^ $key[9], $p[10] ^ $key[10], $p[11] ^ $key[11], $p[12] ^ $key[12], $p[13] ^ $key[13], $p[14] ^ $key[14], $p[15] ^ $key[15], $p[16] ^ $key[0], $p[17] ^ $key[1]]; // @codingStandardsIgnoreStart - list($p[0], $p[1]) = self::encryptBlockHelperFast($data[0], $data[1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[2], $p[3]) = self::encryptBlockHelperFast($data[2] ^ $p[0], $data[3] ^ $p[1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[4], $p[5]) = self::encryptBlockHelperFast($data[4] ^ $p[2], $data[5] ^ $p[3], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[6], $p[7]) = self::encryptBlockHelperFast($data[6] ^ $p[4], $data[7] ^ $p[5], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[8], $p[9]) = self::encryptBlockHelperFast($data[8] ^ $p[6], $data[9] ^ $p[7], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[10], $p[11]) = self::encryptBlockHelperFast($data[10] ^ $p[8], $data[11] ^ $p[9], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[12], $p[13]) = self::encryptBlockHelperFast($data[12] ^ $p[10], $data[13] ^ $p[11], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[14], $p[15]) = self::encryptBlockHelperFast($data[14] ^ $p[12], $data[15] ^ $p[13], $sbox0, $sbox1, $sbox2, $sbox3, $p); - list($p[16], $p[17]) = self::encryptBlockHelperFast($data[0] ^ $p[14], $data[1] ^ $p[15], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($p[0], $p[1]) = self::encryptBlockHelperFast($data[0], $data[1], $sbox, $p); + list($p[2], $p[3]) = self::encryptBlockHelperFast($data[2] ^ $p[0], $data[3] ^ $p[1], $sbox, $p); + list($p[4], $p[5]) = self::encryptBlockHelperFast($data[4] ^ $p[2], $data[5] ^ $p[3], $sbox, $p); + list($p[6], $p[7]) = self::encryptBlockHelperFast($data[6] ^ $p[4], $data[7] ^ $p[5], $sbox, $p); + list($p[8], $p[9]) = self::encryptBlockHelperFast($data[8] ^ $p[6], $data[9] ^ $p[7], $sbox, $p); + list($p[10], $p[11]) = self::encryptBlockHelperFast($data[10] ^ $p[8], $data[11] ^ $p[9], $sbox, $p); + list($p[12], $p[13]) = self::encryptBlockHelperFast($data[12] ^ $p[10], $data[13] ^ $p[11], $sbox, $p); + list($p[14], $p[15]) = self::encryptBlockHelperFast($data[14] ^ $p[12], $data[15] ^ $p[13], $sbox, $p); + list($p[16], $p[17]) = self::encryptBlockHelperFast($data[0] ^ $p[14], $data[1] ^ $p[15], $sbox, $p); // @codingStandardsIgnoreEnd - list($sbox0[0], $sbox0[1]) = self::encryptBlockHelperFast($data[2] ^ $p[16], $data[3] ^ $p[17], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { + list($sbox[0], $sbox[1]) = self::encryptBlockHelperFast($data[2] ^ $p[16], $data[3] ^ $p[17], $sbox, $p); + for ($i = 2, $j = 4; $i < 1024; $i += 2, $j = ($j + 2) % 16) { // instead of 16 maybe count($data) would be better? - list($sbox0[$i], $sbox0[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox0[$i - 2], $data[$j + 1] ^ $sbox0[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - list($sbox1[0], $sbox1[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox0[254], $data[3] ^ $sbox0[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { - list($sbox1[$i], $sbox1[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox1[$i - 2], $data[$j + 1] ^ $sbox1[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - list($sbox2[0], $sbox2[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox1[254], $data[3] ^ $sbox1[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { - list($sbox2[$i], $sbox2[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox2[$i - 2], $data[$j + 1] ^ $sbox2[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); - } - list($sbox3[0], $sbox3[1]) = self::encryptBlockHelperFast($data[2] ^ $sbox2[254], $data[3] ^ $sbox2[255], $sbox0, $sbox1, $sbox2, $sbox3, $p); - for ($i = 2, $j = 4; $i < 256; $i += 2, $j = ($j + 2) % 16) { - list($sbox3[$i], $sbox3[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox3[$i - 2], $data[$j + 1] ^ $sbox3[$i - 1], $sbox0, $sbox1, $sbox2, $sbox3, $p); + list($sbox[$i], $sbox[$i + 1]) = self::encryptBlockHelperFast($data[$j] ^ $sbox[$i - 2], $data[$j + 1] ^ $sbox[$i - 1], $sbox, $p); } } /** @@ -484,14 +430,11 @@ protected function encryptBlock($in) { $p = $this->bctx['p']; // extract($this->bctx['sb'], EXTR_PREFIX_ALL, 'sb'); // slower - $sb_0 = $this->bctx['sb'][0]; - $sb_1 = $this->bctx['sb'][1]; - $sb_2 = $this->bctx['sb'][2]; - $sb_3 = $this->bctx['sb'][3]; + $sb = $this->bctx['sb']; $in = unpack('N*', $in); $l = $in[1]; $r = $in[2]; - list($r, $l) = \PHP_INT_SIZE == 4 ? self::encryptBlockHelperSlow($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p) : self::encryptBlockHelperFast($l, $r, $sb_0, $sb_1, $sb_2, $sb_3, $p); + list($r, $l) = \PHP_INT_SIZE == 4 ? self::encryptBlockHelperSlow($l, $r, $sb, $p) : self::encryptBlockHelperFast($l, $r, $sb, $p); return pack("N*", $r, $l); } /** @@ -500,32 +443,29 @@ protected function encryptBlock($in) * @access private * @param int $x0 * @param int $x1 - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 + * @param int[] $sbox * @param int[] $p * @return int[] */ - private static function encryptBlockHelperFast($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p) + private static function encryptBlockHelperFast($x0, $x1, array $sbox, array $p) { $x0 ^= $p[0]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[1]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[2]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[3]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[4]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[5]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[6]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[7]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[8]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[9]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[10]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[11]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[12]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[13]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[14]; - $x1 ^= ($sbox0[($x0 & 0xff000000) >> 24] + $sbox1[($x0 & 0xff0000) >> 16] ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff] ^ $p[15]; - $x0 ^= ($sbox0[($x1 & 0xff000000) >> 24] + $sbox1[($x1 & 0xff0000) >> 16] ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff] ^ $p[16]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[1]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[2]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[3]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[4]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[5]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[6]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[7]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[8]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[9]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[10]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[11]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[12]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[13]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[14]; + $x1 ^= ($sbox[($x0 & 0xff000000) >> 24] + $sbox[0x100 | ($x0 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff] ^ $p[15]; + $x0 ^= ($sbox[($x1 & 0xff000000) >> 24] + $sbox[0x100 | ($x1 & 0xff0000) >> 16] ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff] ^ $p[16]; return [$x1 & 0xffffffff ^ $p[17], $x0 & 0xffffffff]; } /** @@ -534,33 +474,30 @@ private static function encryptBlockHelperFast($x0, $x1, array $sbox0, array $sb * @access private * @param int $x0 * @param int $x1 - * @param int[] $sbox0 - * @param int[] $sbox1 - * @param int[] $sbox2 - * @param int[] $sbox3 + * @param int[] $sbox * @param int[] $p * @return int[] */ - private static function encryptBlockHelperSlow($x0, $x1, array $sbox0, array $sbox1, array $sbox2, array $sbox3, array $p) + private static function encryptBlockHelperSlow($x0, $x1, array $sbox, array $p) { // -16777216 == intval(0xFF000000) on 32-bit PHP installs $x0 ^= $p[0]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[1]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[2]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[3]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[4]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[5]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[6]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[7]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[8]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[9]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[10]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[11]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[12]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[13]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[14]; - $x1 ^= self::safe_intval((self::safe_intval($sbox0[($x0 & -16777216) >> 24 & 0xff] + $sbox1[($x0 & 0xff0000) >> 16]) ^ $sbox2[($x0 & 0xff00) >> 8]) + $sbox3[$x0 & 0xff]) ^ $p[15]; - $x0 ^= self::safe_intval((self::safe_intval($sbox0[($x1 & -16777216) >> 24 & 0xff] + $sbox1[($x1 & 0xff0000) >> 16]) ^ $sbox2[($x1 & 0xff00) >> 8]) + $sbox3[$x1 & 0xff]) ^ $p[16]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[1]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[2]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[3]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[4]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[5]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[6]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[7]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[8]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[9]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[10]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[11]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[12]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[13]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[14]; + $x1 ^= self::safe_intval((self::safe_intval($sbox[($x0 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x0 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x0 & 0xff00) >> 8]) + $sbox[0x300 | $x0 & 0xff]) ^ $p[15]; + $x0 ^= self::safe_intval((self::safe_intval($sbox[($x1 & -16777216) >> 24 & 0xff] + $sbox[0x100 | ($x1 & 0xff0000) >> 16]) ^ $sbox[0x200 | ($x1 & 0xff00) >> 8]) + $sbox[0x300 | $x1 & 0xff]) ^ $p[16]; return [$x1 ^ $p[17], $x0]; } /** @@ -572,36 +509,30 @@ private static function encryptBlockHelperSlow($x0, $x1, array $sbox0, array $sb protected function decryptBlock($in) { $p = $this->bctx['p']; - $sb_0 = $this->bctx['sb'][0]; - $sb_1 = $this->bctx['sb'][1]; - $sb_2 = $this->bctx['sb'][2]; - $sb_3 = $this->bctx['sb'][3]; + $sb = $this->bctx['sb']; $in = unpack('N*', $in); $l = $in[1]; $r = $in[2]; for ($i = 17; $i > 2; $i -= 2) { $l ^= $p[$i]; - $r ^= self::safe_intval((self::safe_intval($sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]) ^ $sb_2[$l >> 8 & 0xff]) + $sb_3[$l & 0xff]); + $r ^= self::safe_intval((self::safe_intval($sb[$l >> 24 & 0xff] + $sb[0x100 + ($l >> 16 & 0xff)]) ^ $sb[0x200 + ($l >> 8 & 0xff)]) + $sb[0x300 + ($l & 0xff)]); $r ^= $p[$i - 1]; - $l ^= self::safe_intval((self::safe_intval($sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]) ^ $sb_2[$r >> 8 & 0xff]) + $sb_3[$r & 0xff]); + $l ^= self::safe_intval((self::safe_intval($sb[$r >> 24 & 0xff] + $sb[0x100 + ($r >> 16 & 0xff)]) ^ $sb[0x200 + ($r >> 8 & 0xff)]) + $sb[0x300 + ($r & 0xff)]); } return pack('N*', $r ^ $p[0], $l ^ $p[1]); } /** * Setup the performance-optimized function for de/encrypt() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt() + * @see Common\SymmetricKey::_setupInlineCrypt() */ protected function setupInlineCrypt() { $p = $this->bctx['p']; $init_crypt = ' - static $sb_0, $sb_1, $sb_2, $sb_3; - if (!$sb_0) { - $sb_0 = $this->bctx["sb"][0]; - $sb_1 = $this->bctx["sb"][1]; - $sb_2 = $this->bctx["sb"][2]; - $sb_3 = $this->bctx["sb"][3]; + static $sb; + if (!$sb) { + $sb = $this->bctx["sb"]; } '; $safeint = self::safe_intval_inline(); @@ -614,14 +545,14 @@ protected function setupInlineCrypt() for ($i = 0; $i < 16; $i += 2) { $encrypt_block .= ' $l^= ' . $p[$i] . '; - $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ - $sb_2[$l >> 8 & 0xff]) + - $sb_3[$l & 0xff]') . '; + $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb[$l >> 24 & 0xff] + $sb[0x100 + ($l >> 16 & 0xff)]') . ' ^ + $sb[0x200 + ($l >> 8 & 0xff)]) + + $sb[0x300 + ($l & 0xff)]') . '; $r^= ' . $p[$i + 1] . '; - $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ - $sb_2[$r >> 8 & 0xff]) + - $sb_3[$r & 0xff]') . '; + $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb[$r >> 24 & 0xff] + $sb[0x100 + ($r >> 16 & 0xff)]') . ' ^ + $sb[0x200 + ($r >> 8 & 0xff)]) + + $sb[0x300 + ($r & 0xff)]') . '; '; } $encrypt_block .= ' @@ -639,14 +570,14 @@ protected function setupInlineCrypt() for ($i = 17; $i > 2; $i -= 2) { $decrypt_block .= ' $l^= ' . $p[$i] . '; - $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$l >> 24 & 0xff] + $sb_1[$l >> 16 & 0xff]') . ' ^ - $sb_2[$l >> 8 & 0xff]) + - $sb_3[$l & 0xff]') . '; + $r^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb[$l >> 24 & 0xff] + $sb[0x100 + ($l >> 16 & 0xff)]') . ' ^ + $sb[0x200 + ($l >> 8 & 0xff)]) + + $sb[0x300 + ($l & 0xff)]') . '; $r^= ' . $p[$i - 1] . '; - $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb_0[$r >> 24 & 0xff] + $sb_1[$r >> 16 & 0xff]') . ' ^ - $sb_2[$r >> 8 & 0xff]) + - $sb_3[$r & 0xff]') . '; + $l^= ' . sprintf($safeint, '(' . sprintf($safeint, '$sb[$r >> 24 & 0xff] + $sb[0x100 + ($r >> 16 & 0xff)]') . ' ^ + $sb[0x200 + ($r >> 8 & 0xff)]) + + $sb[0x300 + ($r & 0xff)]') . '; '; } $decrypt_block .= ' diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php index 84eb83b17..a597f15f9 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/ChaCha20.php @@ -240,13 +240,13 @@ protected static function quarterRound(&$a, &$b, &$c, &$d) // line here as well // @codingStandardsIgnoreStart $a += $b; - $d = self::leftRotate(intval($d) ^ intval($a), 16); + $d = self::leftRotate(self::safe_intval($d) ^ self::safe_intval($a), 16); $c += $d; - $b = self::leftRotate(intval($b) ^ intval($c), 12); + $b = self::leftRotate(self::safe_intval($b) ^ self::safe_intval($c), 12); $a += $b; - $d = self::leftRotate(intval($d) ^ intval($a), 8); + $d = self::leftRotate(self::safe_intval($d) ^ self::safe_intval($a), 8); $c += $d; - $b = self::leftRotate(intval($b) ^ intval($c), 7); + $b = self::leftRotate(self::safe_intval($b) ^ self::safe_intval($c), 7); // @codingStandardsIgnoreEnd } /** @@ -319,664 +319,664 @@ protected static function salsa20($x) // @codingStandardsIgnoreStart // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // columnRound $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 16); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 12); $x0 += $x4; - $x12 = self::leftRotate(intval($x12) ^ intval($x0), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x0), 8); $x8 += $x12; - $x4 = self::leftRotate(intval($x4) ^ intval($x8), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x8), 7); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 16); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 12); $x1 += $x5; - $x13 = self::leftRotate(intval($x13) ^ intval($x1), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x1), 8); $x9 += $x13; - $x5 = self::leftRotate(intval($x5) ^ intval($x9), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x9), 7); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 16); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 12); $x2 += $x6; - $x14 = self::leftRotate(intval($x14) ^ intval($x2), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x2), 8); $x10 += $x14; - $x6 = self::leftRotate(intval($x6) ^ intval($x10), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x10), 7); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 16); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 12); $x3 += $x7; - $x15 = self::leftRotate(intval($x15) ^ intval($x3), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x3), 8); $x11 += $x15; - $x7 = self::leftRotate(intval($x7) ^ intval($x11), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x11), 7); // rowRound $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 16); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 16); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 12); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 12); $x0 += $x5; - $x15 = self::leftRotate(intval($x15) ^ intval($x0), 8); + $x15 = self::leftRotate(self::safe_intval($x15) ^ self::safe_intval($x0), 8); $x10 += $x15; - $x5 = self::leftRotate(intval($x5) ^ intval($x10), 7); + $x5 = self::leftRotate(self::safe_intval($x5) ^ self::safe_intval($x10), 7); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 16); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 16); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 12); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 12); $x1 += $x6; - $x12 = self::leftRotate(intval($x12) ^ intval($x1), 8); + $x12 = self::leftRotate(self::safe_intval($x12) ^ self::safe_intval($x1), 8); $x11 += $x12; - $x6 = self::leftRotate(intval($x6) ^ intval($x11), 7); + $x6 = self::leftRotate(self::safe_intval($x6) ^ self::safe_intval($x11), 7); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 16); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 16); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 12); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 12); $x2 += $x7; - $x13 = self::leftRotate(intval($x13) ^ intval($x2), 8); + $x13 = self::leftRotate(self::safe_intval($x13) ^ self::safe_intval($x2), 8); $x8 += $x13; - $x7 = self::leftRotate(intval($x7) ^ intval($x8), 7); + $x7 = self::leftRotate(self::safe_intval($x7) ^ self::safe_intval($x8), 7); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 16); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 16); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 12); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 12); $x3 += $x4; - $x14 = self::leftRotate(intval($x14) ^ intval($x3), 8); + $x14 = self::leftRotate(self::safe_intval($x14) ^ self::safe_intval($x3), 8); $x9 += $x14; - $x4 = self::leftRotate(intval($x4) ^ intval($x9), 7); + $x4 = self::leftRotate(self::safe_intval($x4) ^ self::safe_intval($x9), 7); // @codingStandardsIgnoreEnd $x0 += $z0; $x1 += $z1; @@ -994,6 +994,6 @@ protected static function salsa20($x) $x13 += $z13; $x14 += $z14; $x15 += $z15; - return pack('V*', $x0, $x1, $x2, $x3, $x4, $x5, $x6, $x7, $x8, $x9, $x10, $x11, $x12, $x13, $x14, $x15); + return pack('V*', self::safe_intval($x0), self::safe_intval($x1), self::safe_intval($x2), self::safe_intval($x3), self::safe_intval($x4), self::safe_intval($x5), self::safe_intval($x6), self::safe_intval($x7), self::safe_intval($x8), self::safe_intval($x9), self::safe_intval($x10), self::safe_intval($x11), self::safe_intval($x12), self::safe_intval($x13), self::safe_intval($x14), self::safe_intval($x15)); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php index 9cf01619c..a1f646758 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/AsymmetricKey.php @@ -28,13 +28,13 @@ abstract class AsymmetricKey /** * Precomputed Zero * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected static $zero; /** * Precomputed One * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected static $one; /** @@ -46,13 +46,13 @@ abstract class AsymmetricKey /** * Hash function * - * @var \phpseclib3\Crypt\Hash + * @var Hash */ protected $hash; /** * HMAC function * - * @var \phpseclib3\Crypt\Hash + * @var Hash */ private $hmac; /** @@ -114,7 +114,7 @@ protected static function initialize_static_variables() * * @param string $key * @param string $password optional - * @return \phpseclib3\Crypt\Common\PublicKey|\phpseclib3\Crypt\Common\PrivateKey + * @return PublicKey|PrivateKey */ public static function load($key, $password = \false) { @@ -465,7 +465,7 @@ protected function computek($h1) /** * Integer to Octet String * - * @param \phpseclib3\Math\BigInteger $v + * @param BigInteger $v * @return string */ private function int2octets($v) @@ -484,7 +484,7 @@ private function int2octets($v) * Bit String to Integer * * @param string $in - * @return \phpseclib3\Math\BigInteger + * @return BigInteger */ protected function bits2int($in) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php index c1bb037c2..085649773 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/JWK.php @@ -45,6 +45,12 @@ public static function load($key, $password = '') if (isset($key->kty)) { return $key; } + if (!is_object($key)) { + throw new \RuntimeException('invalid JWK: not an object'); + } + if (!isset($key->keys)) { + throw new \RuntimeException('invalid JWK: object has no property "keys"'); + } if (count($key->keys) != 1) { throw new \RuntimeException('Although the JWK key format supports multiple keys phpseclib does not'); } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php index a7760fcdf..c8311ec92 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/OpenSSH.php @@ -17,6 +17,7 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Common\Functions\Strings; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\AES; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Random; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadDecryptionException; /** * OpenSSH Formatted RSA Key Handler * @@ -89,7 +90,7 @@ public static function load($key, $password = '') $crypto->setPassword($password, 'bcrypt', $salt, $rounds, 32); break; default: - throw new \RuntimeException('The only supported cipherse are: none, aes256-ctr (' . $ciphername . ' is being used)'); + throw new \RuntimeException('The only supported ciphers are: none, aes256-ctr (' . $ciphername . ' is being used)'); } list($publicKey, $paddedKey) = Strings::unpackSSH2('ss', $key); list($type) = Strings::unpackSSH2('s', $publicKey); @@ -99,12 +100,15 @@ public static function load($key, $password = '') list($checkint1, $checkint2) = Strings::unpackSSH2('NN', $paddedKey); // any leftover bytes in $paddedKey are for padding? but they should be sequential bytes. eg. 1, 2, 3, etc. if ($checkint1 != $checkint2) { - throw new \RuntimeException('The two checkints do not match'); + if (isset($crypto)) { + throw new BadDecryptionException('Unable to decrypt key - please verify the password you are using'); + } + throw new \RuntimeException("The two checkints do not match ({$checkint1} vs. {$checkint2})"); } self::checkType($type); return compact('type', 'publicKey', 'paddedKey'); } - $parts = explode(' ', $key, 3); + $parts = preg_split("#[\t ]+#", $key); if (!isset($parts[1])) { $key = base64_decode($parts[0]); $comment = \false; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php index 14cc15e6c..dc07e431f 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PKCS8.php @@ -76,6 +76,12 @@ abstract class PKCS8 extends PKCS * @var bool */ private static $oidsLoaded = \false; + /** + * Binary key flag + * + * @var bool + */ + private static $binary = \false; /** * Sets the default encryption algorithm * @@ -318,7 +324,9 @@ protected static function load($key, $password = '') if (!$temp) { throw new \RuntimeException('Unable to decode BER'); } - extract(ASN1::asn1map($temp[0], Maps\PBEParameter::MAP)); + $map = ASN1::asn1map($temp[0], Maps\PBEParameter::MAP); + $salt = $map['salt']; + $iterationCount = $map['iterationCount']; $iterationCount = (int) $iterationCount->toString(); $cipher->setPassword($password, $kdf, $hash, $salt, $iterationCount); $key = $cipher->decrypt($decrypted['encryptedData']); @@ -334,7 +342,8 @@ protected static function load($key, $password = '') throw new \RuntimeException('Unable to decode BER'); } $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); - extract($temp); + $keyDerivationFunc = $temp['keyDerivationFunc']; + $encryptionScheme = $temp['encryptionScheme']; $cipher = self::getPBES2EncryptionObject($encryptionScheme['algorithm']); $meta['meta']['cipher'] = $encryptionScheme['algorithm']; $temp = ASN1::decodeBER($decrypted['encryptionAlgorithm']['parameters']); @@ -342,7 +351,8 @@ protected static function load($key, $password = '') throw new \RuntimeException('Unable to decode BER'); } $temp = ASN1::asn1map($temp[0], Maps\PBES2params::MAP); - extract($temp); + $keyDerivationFunc = $temp['keyDerivationFunc']; + $encryptionScheme = $temp['encryptionScheme']; if (!$cipher instanceof RC2) { $cipher->setIV($encryptionScheme['parameters']['octetString']); } else { @@ -350,7 +360,9 @@ protected static function load($key, $password = '') if (!$temp) { throw new \RuntimeException('Unable to decode BER'); } - extract(ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP)); + $map = ASN1::asn1map($temp[0], Maps\RC2CBCParameter::MAP); + $rc2ParametersVersion = $map['rc2ParametersVersion']; + $iv = $map['iv']; $effectiveKeyLength = (int) $rc2ParametersVersion->toString(); switch ($effectiveKeyLength) { case 160: @@ -373,9 +385,13 @@ protected static function load($key, $password = '') if (!$temp) { throw new \RuntimeException('Unable to decode BER'); } - $prf = ['algorithm' => 'id-hmacWithSHA1']; $params = ASN1::asn1map($temp[0], Maps\PBKDF2params::MAP); - extract($params); + if (empty($params['prf'])) { + $params['prf'] = ['algorithm' => 'id-hmacWithSHA1']; + } + $salt = $params['salt']; + $iterationCount = $params['iterationCount']; + $prf = $params['prf']; $meta['meta']['prf'] = $prf['algorithm']; $hash = str_replace('-', '/', substr($prf['algorithm'], 11)); $params = [$password, 'pbkdf2', $hash, $salt, (int) $iterationCount->toString()]; @@ -456,6 +472,17 @@ protected static function load($key, $password = '') } throw new \RuntimeException('Unable to parse using either OneAsymmetricKey or PublicKeyInfo ASN1 maps'); } + /** + * Toggle between binary (DER) and printable (PEM) keys + * + * Printable keys are what are generated by default. + * + * @param bool $enabled + */ + public static function setBinaryOutput($enabled) + { + self::$binary = $enabled; + } /** * Wrap a private key appropriately * @@ -517,8 +544,14 @@ protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = $key = $crypto->encrypt($key); $key = ['encryptionAlgorithm' => ['algorithm' => $encryptionAlgorithm, 'parameters' => new ASN1\Element($params)], 'encryptedData' => $key]; $key = ASN1::encodeDER($key, Maps\EncryptedPrivateKeyInfo::MAP); + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $key; + } return "-----BEGIN ENCRYPTED PRIVATE KEY-----\r\n" . chunk_split(Strings::base64_encode($key), 64) . "-----END ENCRYPTED PRIVATE KEY-----"; } + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $key; + } return "-----BEGIN PRIVATE KEY-----\r\n" . chunk_split(Strings::base64_encode($key), 64) . "-----END PRIVATE KEY-----"; } /** @@ -529,7 +562,7 @@ protected static function wrapPrivateKey($key, $attr, $params, $password, $oid = * @param string $oid * @return string */ - protected static function wrapPublicKey($key, $params, $oid = null) + protected static function wrapPublicKey($key, $params, $oid = null, array $options = []) { self::initialize_static_variables(); $key = ['publicKeyAlgorithm' => ['algorithm' => is_string(static::OID_NAME) ? static::OID_NAME : $oid], 'publicKey' => "\x00" . $key]; @@ -537,6 +570,9 @@ protected static function wrapPublicKey($key, $params, $oid = null) $key['publicKeyAlgorithm']['parameters'] = $params; } $key = ASN1::encodeDER($key, Maps\PublicKeyInfo::MAP); + if (isset($options['binary']) ? $options['binary'] : self::$binary) { + return $key; + } return "-----BEGIN PUBLIC KEY-----\r\n" . chunk_split(Strings::base64_encode($key), 64) . "-----END PUBLIC KEY-----"; } /** @@ -574,7 +610,7 @@ public static function extractEncryptionAlgorithm($key) throw new \UnexpectedValueException('Key should be a string - not a ' . gettype($key)); } $decoded = self::preParse($key); - $r = ASN1::asn1map($decoded[0], ASN1\Maps\EncryptedPrivateKeyInfo::MAP); + $r = ASN1::asn1map($decoded[0], Maps\EncryptedPrivateKeyInfo::MAP); if (!is_array($r)) { throw new \RuntimeException('Unable to parse using EncryptedPrivateKeyInfo map'); } @@ -583,7 +619,7 @@ public static function extractEncryptionAlgorithm($key) if (!$decoded) { throw new \RuntimeException('Unable to decode BER'); } - $r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], ASN1\Maps\PBES2params::MAP); + $r['encryptionAlgorithm']['parameters'] = ASN1::asn1map($decoded[0], Maps\PBES2params::MAP); $kdf =& $r['encryptionAlgorithm']['parameters']['keyDerivationFunc']; switch ($kdf['algorithm']) { case 'id-PBKDF2': diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php index 9eefe8979..aef2a03b7 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Keys/PuTTY.php @@ -179,7 +179,7 @@ public static function load($key, $password) $publicLength = trim(preg_replace('#Public-Lines: (\\d+)#', '$1', $key[3])); $public = Strings::base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength)))); $source = Strings::packSSH2('ssss', $type, $encryption, $components['comment'], $public); - extract(unpack('Nlength', Strings::shift($public, 4))); + $length = unpack('Nlength', Strings::shift($public, 4))['length']; $newtype = Strings::shift($public, $length); if ($newtype != $type) { throw new \RuntimeException('The binary type does not match the human readable type field'); @@ -203,7 +203,10 @@ public static function load($key, $password) $passes = trim(preg_replace('#Argon2-Passes: (\\d+)#', '$1', $key[$offset++])); $parallelism = trim(preg_replace('#Argon2-Parallelism: (\\d+)#', '$1', $key[$offset++])); $salt = Strings::hex2bin(trim(preg_replace('#Argon2-Salt: ([0-9a-f]+)#', '$1', $key[$offset++]))); - extract(self::generateV3Key($password, $flavour, $memory, $passes, $salt)); + $v3key = self::generateV3Key($password, $flavour, $memory, $passes, $salt); + $symkey = $v3key['symkey']; + $symiv = $v3key['symiv']; + $hashkey = $v3key['hashkey']; break; case 2: $symkey = self::generateV2Key($password, 32); @@ -283,7 +286,10 @@ protected static function wrapPrivateKey($public, $private, $type, $password, ar $key .= "Argon2-Passes: 13\r\n"; $key .= "Argon2-Parallelism: 1\r\n"; $key .= "Argon2-Salt: " . Strings::bin2hex($salt) . "\r\n"; - extract(self::generateV3Key($password, 'Argon2id', 8192, 13, $salt)); + $v3key = self::generateV3Key($password, 'Argon2id', 8192, 13, $salt); + $symkey = $v3key['symkey']; + $symiv = $v3key['symiv']; + $hashkey = $v3key['hashkey']; $hash = new Hash('sha256'); $hash->setKey($hashkey); break; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php index 6a48d7177..c4043bd17 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/Formats/Signature/Raw.php @@ -42,8 +42,8 @@ public static function load($sig) /** * Returns a signature in the appropriate format * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s + * @param BigInteger $r + * @param BigInteger $s * @return string */ public static function save(BigInteger $r, BigInteger $s) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php index 06219dda7..abb0ec11d 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/StreamCipher.php @@ -25,7 +25,7 @@ abstract class StreamCipher extends SymmetricKey * * Stream ciphers do not have a block size * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @see SymmetricKey::block_size * @var int */ protected $block_size = 0; @@ -33,7 +33,7 @@ abstract class StreamCipher extends SymmetricKey * Default Constructor. * * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @return \phpseclib3\Crypt\Common\StreamCipher + * @return StreamCipher */ public function __construct() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php index b5761ef8e..123af2330 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Common/SymmetricKey.php @@ -597,6 +597,11 @@ protected static function initialize_static_variables() { if (!isset(self::$use_reg_intval)) { switch (\true) { + // PHP 8.5, per https://www.php.net/manual/en/migration85.incompatible.php, now emits a warning + // "when casting floats (or strings that look like floats) to int if they cannot be represented as one" + case \PHP_VERSION_ID >= 80500 && \PHP_INT_SIZE == 4: + self::$use_reg_intval = \false; + break; // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster case (\PHP_OS & "\xdf\xdf\xdf") === 'WIN': case !function_exists('php_uname'): @@ -966,7 +971,7 @@ public function setPassword($password, $method = 'pbkdf2', ...$func_args) * * @see self::setPassword() * @param int $n - * @param \phpseclib3\Crypt\Hash $hashObj + * @param Hash $hashObj * @param string $i * @param string $d * @param int $count @@ -2322,7 +2327,7 @@ protected function unpad($text) return $text; } $length = ord($text[strlen($text) - 1]); - if (!$length || $length > $this->block_size) { + if (!$length | $length > $this->block_size) { throw new BadDecryptionException("The ciphertext has an invalid padding length ({$length}) compared to the block size ({$this->block_size})"); } return substr($text, 0, -$length); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DES.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DES.php index a429c87c9..adba027f9 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DES.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DES.php @@ -65,35 +65,35 @@ class DES extends BlockCipher /** * Block Length of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @see Common\SymmetricKey::block_size * @var int */ protected $block_size = 8; /** * Key Length (in bytes) * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKeyLength() + * @see Common\SymmetricKey::setKeyLength() * @var int */ protected $key_length = 8; /** * The mcrypt specific name of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see Common\SymmetricKey::cipher_name_mcrypt * @var string */ protected $cipher_name_mcrypt = 'des'; /** * The OpenSSL names of the cipher / modes * - * @see \phpseclib3\Crypt\Common\SymmetricKey::openssl_mode_names + * @see Common\SymmetricKey::openssl_mode_names * @var array */ protected $openssl_mode_names = [self::MODE_ECB => 'des-ecb', self::MODE_CBC => 'des-cbc', self::MODE_CFB => 'des-cfb', self::MODE_OFB => 'des-ofb']; /** * Optimizing value while CFB-encrypting * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @see Common\SymmetricKey::cfb_init_len * @var int */ protected $cfb_init_len = 500; @@ -224,7 +224,7 @@ public function __construct($mode) * * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() + * @see Common\SymmetricKey::isValidEngine() * @param int $engine * @return bool */ @@ -251,7 +251,7 @@ protected function isValidEngineHelper($engine) * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() + * @see Common\SymmetricKey::setKey() * @param string $key */ public function setKey($key) @@ -265,8 +265,8 @@ public function setKey($key) /** * Encrypts a block * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see Common\SymmetricKey::encryptBlock() + * @see Common\SymmetricKey::encrypt() * @see self::encrypt() * @param string $in * @return string @@ -278,8 +278,8 @@ protected function encryptBlock($in) /** * Decrypts a block * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see Common\SymmetricKey::decryptBlock() + * @see Common\SymmetricKey::decrypt() * @see self::decrypt() * @param string $in * @return string @@ -305,14 +305,14 @@ private function processBlock($block, $mode) { static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; if (!$sbox1) { - $sbox1 = array_map('intval', self::$sbox1); - $sbox2 = array_map('intval', self::$sbox2); - $sbox3 = array_map('intval', self::$sbox3); - $sbox4 = array_map('intval', self::$sbox4); - $sbox5 = array_map('intval', self::$sbox5); - $sbox6 = array_map('intval', self::$sbox6); - $sbox7 = array_map('intval', self::$sbox7); - $sbox8 = array_map('intval', self::$sbox8); + $sbox1 = array_map([self::class, 'safe_intval'], self::$sbox1); + $sbox2 = array_map([self::class, 'safe_intval'], self::$sbox2); + $sbox3 = array_map([self::class, 'safe_intval'], self::$sbox3); + $sbox4 = array_map([self::class, 'safe_intval'], self::$sbox4); + $sbox5 = array_map([self::class, 'safe_intval'], self::$sbox5); + $sbox6 = array_map([self::class, 'safe_intval'], self::$sbox6); + $sbox7 = array_map([self::class, 'safe_intval'], self::$sbox7); + $sbox8 = array_map([self::class, 'safe_intval'], self::$sbox8); /* Merge $shuffle with $[inv]ipmap */ for ($i = 0; $i < 256; ++$i) { $shuffleip[] = self::$shuffle[self::$ipmap[$i]]; @@ -353,7 +353,7 @@ private function processBlock($block, $mode) /** * Creates the key schedule * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + * @see Common\SymmetricKey::setupKey() */ protected function setupKey() { @@ -412,8 +412,8 @@ protected function setupKey() $cp = $pc2mapc1[$c >> 24] | $pc2mapc2[$c >> 16 & 0xff] | $pc2mapc3[$c >> 8 & 0xff] | $pc2mapc4[$c & 0xff]; $dp = $pc2mapd1[$d >> 24] | $pc2mapd2[$d >> 16 & 0xff] | $pc2mapd3[$d >> 8 & 0xff] | $pc2mapd4[$d & 0xff]; // Reorder: odd bytes/even bytes. Push the result in key schedule. - $val1 = $cp & intval(0xff000000) | $cp << 8 & 0xff0000 | $dp >> 16 & 0xff00 | $dp >> 8 & 0xff; - $val2 = $cp << 8 & intval(0xff000000) | $cp << 16 & 0xff0000 | $dp >> 8 & 0xff00 | $dp & 0xff; + $val1 = $cp & self::safe_intval(0xff000000) | $cp << 8 & 0xff0000 | $dp >> 16 & 0xff00 | $dp >> 8 & 0xff; + $val2 = $cp << 8 & self::safe_intval(0xff000000) | $cp << 16 & 0xff0000 | $dp >> 8 & 0xff00 | $dp & 0xff; $keys[$des_round][self::ENCRYPT][] = $val1; $keys[$des_round][self::DECRYPT][$ki - 1] = $val1; $keys[$des_round][self::ENCRYPT][] = $val2; @@ -433,7 +433,7 @@ protected function setupKey() /** * Setup the performance-optimized function for de/encrypt() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() + * @see Common\SymmetricKey::setupInlineCrypt() */ protected function setupInlineCrypt() { @@ -443,14 +443,14 @@ protected function setupInlineCrypt() $des_rounds = $this->des_rounds; $init_crypt = 'static $sbox1, $sbox2, $sbox3, $sbox4, $sbox5, $sbox6, $sbox7, $sbox8, $shuffleip, $shuffleinvip; if (!$sbox1) { - $sbox1 = array_map("intval", self::$sbox1); - $sbox2 = array_map("intval", self::$sbox2); - $sbox3 = array_map("intval", self::$sbox3); - $sbox4 = array_map("intval", self::$sbox4); - $sbox5 = array_map("intval", self::$sbox5); - $sbox6 = array_map("intval", self::$sbox6); - $sbox7 = array_map("intval", self::$sbox7); - $sbox8 = array_map("intval", self::$sbox8);' . ' + $sbox1 = array_map("self::safe_intval", self::$sbox1); + $sbox2 = array_map("self::safe_intval", self::$sbox2); + $sbox3 = array_map("self::safe_intval", self::$sbox3); + $sbox4 = array_map("self::safe_intval", self::$sbox4); + $sbox5 = array_map("self::safe_intval", self::$sbox5); + $sbox6 = array_map("self::safe_intval", self::$sbox6); + $sbox7 = array_map("self::safe_intval", self::$sbox7); + $sbox8 = array_map("self::safe_intval", self::$sbox8);' . ' for ($i = 0; $i < 256; ++$i) { $shuffleip[] = self::$shuffle[self::$ipmap[$i]]; $shuffleinvip[] = self::$shuffle[self::$invipmap[$i]]; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php index 808796224..e655f4069 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH.php @@ -46,7 +46,7 @@ abstract class DH extends AsymmetricKey /** * DH prime * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $prime; /** @@ -54,13 +54,13 @@ abstract class DH extends AsymmetricKey * * Prime divisor of p-1 * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $base; /** * Public Key * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $publicKey; /** @@ -148,7 +148,7 @@ public static function createParameters(...$args) * * @param Parameters $params * @param int $length optional - * @return DH\PrivateKey + * @return PrivateKey */ public static function createKey(Parameters $params, $length = 0) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php index a9577021a..01e4ab9bd 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/Formats/Keys/PKCS8.php @@ -79,10 +79,10 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $prime - * @param \phpseclib3\Math\BigInteger $base - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Math\BigInteger $publicKey + * @param BigInteger $prime + * @param BigInteger $base + * @param BigInteger $privateKey + * @param BigInteger $publicKey * @param string $password optional * @param array $options optional * @return string @@ -98,9 +98,9 @@ public static function savePrivateKey(BigInteger $prime, BigInteger $base, BigIn /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $prime - * @param \phpseclib3\Math\BigInteger $base - * @param \phpseclib3\Math\BigInteger $publicKey + * @param BigInteger $prime + * @param BigInteger $base + * @param BigInteger $publicKey * @param array $options optional * @return string */ @@ -110,6 +110,6 @@ public static function savePublicKey(BigInteger $prime, BigInteger $base, BigInt $params = ASN1::encodeDER($params, Maps\DHParameter::MAP); $params = new ASN1\Element($params); $key = ASN1::encodeDER($publicKey, ['type' => ASN1::TYPE_INTEGER]); - return self::wrapPublicKey($key, $params); + return self::wrapPublicKey($key, $params, null, $options); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php index f9810ce7d..7f523c73a 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DH/PrivateKey.php @@ -35,7 +35,7 @@ final class PrivateKey extends DH /** * Returns the public key * - * @return DH\PublicKey + * @return PublicKey */ public function getPublicKey() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php index 015e3ff1e..8f9647a03 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA.php @@ -50,7 +50,7 @@ abstract class DSA extends AsymmetricKey /** * DSA Prime P * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $p; /** @@ -58,19 +58,19 @@ abstract class DSA extends AsymmetricKey * * Prime divisor of p-1 * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $q; /** * DSA Group Generator G * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $g; /** * DSA public key value y * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $y; /** @@ -90,7 +90,7 @@ abstract class DSA extends AsymmetricKey * * @param int $L * @param int $N - * @return \phpseclib3\Crypt\DSA|bool + * @return DSA|bool */ public static function createParameters($L = 2048, $N = 224) { @@ -159,7 +159,7 @@ public static function createParameters($L = 2048, $N = 224) * Returns the private key, from which the publickey can be extracted * * @param int[] ...$args - * @return DSA\PrivateKey + * @return PrivateKey */ public static function createKey(...$args) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php index f021af71c..bdb8c7838 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/OpenSSH.php @@ -55,10 +55,10 @@ public static function load($key, $password = '') /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y * @param array $options optional * @return string */ @@ -84,11 +84,11 @@ public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y + * @param BigInteger $x * @param string $password optional * @param array $options optional * @return string diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php index 8b1f4d777..7cfffe66c 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS1.php @@ -60,18 +60,29 @@ public static function load($key, $password = '') if (is_array($key)) { return $key; } - $key = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP); - if (is_array($key)) { - return $key; - } + // PKCS1 DSA public keys are not supported by phpseclib since they can't be used to do + // anything on their own. in order to verify a signature with DSA you need p, q, g and y. + // a PKCS1 DSA public key only has y. to verify a signature with a PKCS1 DSA public key + // you'd also need to load a PKCS1 DSA parameters file separately. like you'd need to + // load two files instead of just one. there's no other key format that phpseclib supports + // that has that requirement so building it in for PKCS1 DSA public keys seems excessive. + // + // the whole thing would be rather like an RSA public key having the modulo live in + // a separate file than the exponent. + // + // this isn't an issue for PKCS8 DSA public keys because those keys have the parameters + // included. eg. \phpseclib3\File\ASN1\Maps\SubjectPublicKeyInfo has "algorithm" and + // "subjectPublicKey" and "algorithm", in turn, has "algorithm" and "parameters". y + // is saved as "subjectPublicKey" and p, q and g are saved as "parameters". + //$key = ASN1::asn1map($decoded[0], Maps\DSAPublicKey::MAP); throw new \RuntimeException('Unable to perform ASN1 mapping'); } /** * Convert DSA parameters to the appropriate format * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g * @return string */ public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $g) @@ -83,11 +94,11 @@ public static function saveParameters(BigInteger $p, BigInteger $q, BigInteger $ /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y + * @param BigInteger $x * @param string $password optional * @param array $options optional * @return string @@ -101,10 +112,10 @@ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y * @return string */ public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php index d31d8055e..e32c467ee 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PKCS8.php @@ -87,11 +87,11 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y + * @param BigInteger $x * @param string $password optional * @param array $options optional * @return string @@ -107,10 +107,10 @@ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y * @param array $options optional * @return string */ @@ -120,6 +120,6 @@ public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g $params = ASN1::encodeDER($params, Maps\DSAParams::MAP); $params = new ASN1\Element($params); $key = ASN1::encodeDER($y, Maps\DSAPublicKey::MAP); - return self::wrapPublicKey($key, $params); + return self::wrapPublicKey($key, $params, null, $options); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php index e7ec27990..4d3a80c34 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/PuTTY.php @@ -52,7 +52,10 @@ public static function load($key, $password = '') if (!isset($components['private'])) { return $components; } - extract($components); + $type = $components['type']; + $comment = $components['comment']; + $public = $components['public']; + $private = $components['private']; unset($components['public'], $components['private']); list($p, $q, $g, $y) = Strings::unpackSSH2('iiii', $public); list($x) = Strings::unpackSSH2('i', $private); @@ -61,11 +64,11 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y + * @param BigInteger $x * @param string $password optional * @param array $options optional * @return string @@ -82,10 +85,10 @@ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y * @return string */ public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php index 1ab7f0149..de24265ab 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/Raw.php @@ -50,11 +50,11 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y - * @param \phpseclib3\Math\BigInteger $x + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y + * @param BigInteger $x * @param string $password optional * @return string */ @@ -65,10 +65,10 @@ public static function savePrivateKey(BigInteger $p, BigInteger $q, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y * @return string */ public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php index 2a3f76df9..ebb685d8b 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Keys/XML.php @@ -110,10 +110,10 @@ public static function load($key, $password = '') * * See https://www.w3.org/TR/xmldsig-core/#sec-DSAKeyValue * - * @param \phpseclib3\Math\BigInteger $p - * @param \phpseclib3\Math\BigInteger $q - * @param \phpseclib3\Math\BigInteger $g - * @param \phpseclib3\Math\BigInteger $y + * @param BigInteger $p + * @param BigInteger $q + * @param BigInteger $g + * @param BigInteger $y * @return string */ public static function savePublicKey(BigInteger $p, BigInteger $q, BigInteger $g, BigInteger $y) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php index 561e4a5a6..0982cad6e 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/ASN1.php @@ -46,8 +46,8 @@ public static function load($sig) /** * Returns a signature in the appropriate format * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s + * @param BigInteger $r + * @param BigInteger $s * @return string */ public static function save(BigInteger $r, BigInteger $s) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php index c9ad42548..bc0dfee68 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/Formats/Signature/SSH2.php @@ -47,8 +47,8 @@ public static function load($sig) /** * Returns a signature in the appropriate format * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s + * @param BigInteger $r + * @param BigInteger $s * @return string */ public static function save(BigInteger $r, BigInteger $s) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php index 624043ae8..3f5e591fb 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PrivateKey.php @@ -25,7 +25,7 @@ final class PrivateKey extends DSA implements Common\PrivateKey /** * DSA secret exponent x * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $x; /** @@ -75,7 +75,9 @@ public function sign($message) if ($this->shortFormat == 'ASN1') { return $signature; } - extract(ASN1Signature::load($signature)); + $loaded = ASN1Signature::load($signature); + $r = $loaded['r']; + $s = $loaded['s']; return $format::save($r, $s); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php index afe2d1b5c..e1a2622bd 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/DSA/PublicKey.php @@ -36,7 +36,8 @@ public function verify($message, $signature) if ($params === \false || count($params) != 2) { return \false; } - extract($params); + $r = $params['r']; + $s = $params['s']; if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; $result = openssl_verify($message, $sig, $this->toString('PKCS8'), $this->hash->getHash()); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php index bf49a7cc0..daa8eba8f 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC.php @@ -66,7 +66,7 @@ abstract class EC extends AsymmetricKey /** * Curve * - * @var \phpseclib3\Crypt\EC\BaseCurves\Base + * @var EC\BaseCurves\Base */ protected $curve; /** @@ -92,7 +92,7 @@ abstract class EC extends AsymmetricKey * * Used for deterministic ECDSA * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $q; /** @@ -103,7 +103,7 @@ abstract class EC extends AsymmetricKey * public key. But the x is different depending on which side of the equal sign * you're on. It's less ambiguous if you do dA * base point = (x, y)-coordinate. * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $x; /** @@ -122,7 +122,7 @@ abstract class EC extends AsymmetricKey * Create public / private key pair. * * @param string $curve - * @return \phpseclib3\Crypt\EC\PrivateKey + * @return PrivateKey */ public static function createKey($curve) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php index a125c87b9..1759f11b2 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Base.php @@ -29,7 +29,7 @@ abstract class Base /** * Finite Field Integer factory * - * @var \phpseclib3\Math\FiniteField\Integer + * @var FiniteField\Integer */ protected $factory; /** @@ -42,7 +42,7 @@ public function randomInteger() return $this->factory->randomInteger(); } /** - * Converts a BigInteger to a \phpseclib3\Math\FiniteField\Integer integer + * Converts a BigInteger to a FiniteField\Integer integer * * @return object */ @@ -129,7 +129,7 @@ public function setOrder(BigInteger $order) /** * Returns the Order * - * @return \phpseclib3\Math\BigInteger + * @return BigInteger */ public function getOrder() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php index 50082e208..5191c77d1 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php @@ -33,7 +33,7 @@ class Binary extends Base /** * Binary Field Integer factory * - * @var \phpseclib3\Math\BinaryField + * @var BinaryField */ protected $factory; /** @@ -264,7 +264,7 @@ public function verifyPoint(array $p) /** * Returns the modulo * - * @return \phpseclib3\Math\BigInteger + * @return BigInteger */ public function getModulo() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php index 35ca9dde4..5461454dd 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Montgomery.php @@ -37,7 +37,7 @@ class Montgomery extends Base /** * Prime Field Integer factory * - * @var \phpseclib3\Math\PrimeField + * @var PrimeField */ protected $factory; /** @@ -193,7 +193,7 @@ private function doubleAndAddPoint(array $p, array $q, PrimeInteger $x1) public function multiplyPoint(array $p, BigInteger $d) { $p1 = [$this->one, $this->zero]; - $alreadyInternal = isset($x[1]); + $alreadyInternal = isset($p[1]); $p2 = $this->convertToInternal($p); $x = $p[0]; $b = $d->toBits(); @@ -217,7 +217,7 @@ public function multiplyPoint(array $p, BigInteger $d) * * x=X/Z * - * @return \phpseclib3\Math\PrimeField\Integer[] + * @return PrimeInteger[] */ public function convertToInternal(array $p) { @@ -233,7 +233,7 @@ public function convertToInternal(array $p) /** * Returns the affine point * - * @return \phpseclib3\Math\PrimeField\Integer[] + * @return PrimeInteger[] */ public function convertToAffine(array $p) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php index 6061cc0eb..7a4e0c461 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Prime.php @@ -422,7 +422,7 @@ public function verifyPoint(array $p) /** * Returns the modulo * - * @return \phpseclib3\Math\BigInteger + * @return BigInteger */ public function getModulo() { @@ -431,7 +431,7 @@ public function getModulo() /** * Returns the a coefficient * - * @return \phpseclib3\Math\PrimeField\Integer + * @return PrimeInteger */ public function getA() { @@ -440,7 +440,7 @@ public function getA() /** * Returns the a coefficient * - * @return \phpseclib3\Math\PrimeField\Integer + * @return PrimeInteger */ public function getB() { @@ -666,7 +666,7 @@ private static function getJSFPoints(Integer $k1, Integer $k2) * To convert a Jacobian Coordinate to an Affine Point * you do (x / z^2, y / z^3) * - * @return \phpseclib3\Math\PrimeField\Integer[] + * @return PrimeInteger[] */ public function convertToAffine(array $p) { @@ -681,7 +681,7 @@ public function convertToAffine(array $p) /** * Converts an affine point to a jacobian coordinate * - * @return \phpseclib3\Math\PrimeField\Integer[] + * @return PrimeInteger[] */ public function convertToInternal(array $p) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php index 685787fa9..046402b6f 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/TwistedEdwards.php @@ -118,7 +118,7 @@ public function setBasePoint($x, $y) /** * Returns the a coefficient * - * @return \phpseclib3\Math\PrimeField\Integer + * @return PrimeInteger */ public function getA() { @@ -127,7 +127,7 @@ public function getA() /** * Returns the a coefficient * - * @return \phpseclib3\Math\PrimeField\Integer + * @return PrimeInteger */ public function getD() { @@ -153,7 +153,7 @@ public function getBasePoint() /** * Returns the affine point * - * @return \phpseclib3\Math\PrimeField\Integer[] + * @return PrimeInteger[] */ public function convertToAffine(array $p) { @@ -167,7 +167,7 @@ public function convertToAffine(array $p) /** * Returns the modulo * - * @return \phpseclib3\Math\BigInteger + * @return BigInteger */ public function getModulo() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php index 06aaaf148..1073b7d84 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/Common.php @@ -194,7 +194,7 @@ private static function initialize_static_variables() * If the key contains an implicit curve phpseclib needs the curve * to be explicitly provided * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve */ public static function setImplicitCurve(BaseCurve $curve) { @@ -205,7 +205,7 @@ public static function setImplicitCurve(BaseCurve $curve) * on the curve parameters * * @param array $params - * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false + * @return BaseCurve|false */ protected static function loadCurveByParam(array $params) { @@ -272,7 +272,7 @@ protected static function loadCurveByParam(array $params) * Supports both compressed and uncompressed points * * @param string $str - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @return object[] */ public static function extractPoint($str, BaseCurve $curve) @@ -328,7 +328,7 @@ public static function extractPoint($str, BaseCurve $curve) * Encode Parameters * * @todo Maybe at some point this could be moved to __toString() for each of the curves? - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param bool $returnArray optional * @param array $options optional * @return string|false diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php index 38123a9a0..9cd934a11 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/JWK.php @@ -110,7 +110,7 @@ private static function getAlias(BaseCurve $curve) /** * Return the array superstructure for an EC public key * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @return array */ @@ -124,7 +124,7 @@ private static function savePublicKeyHelper(BaseCurve $curve, array $publicKey) /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param array $options optional * @return string @@ -137,8 +137,8 @@ public static function savePublicKey(BaseCurve $curve, array $publicKey, array $ /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param BigInteger $privateKey + * @param Ed25519 $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php index b26142602..c97529511 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPrivate.php @@ -65,7 +65,7 @@ public static function load($key, $password = '') /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve + * @param MontgomeryCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @return string */ @@ -76,8 +76,8 @@ public static function savePublicKey(MontgomeryCurve $curve, array $publicKey) /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve + * @param BigInteger $privateKey + * @param MontgomeryCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php index c3f13e6e3..83218f809 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/MontgomeryPublic.php @@ -54,7 +54,7 @@ public static function load($key, $password = '') /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Montgomery $curve + * @param MontgomeryCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @return string */ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php index 576b54c5f..cf6d7a2a4 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/OpenSSH.php @@ -104,7 +104,7 @@ private static function getAlias(BaseCurve $curve) /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param array $options optional * @return string @@ -132,8 +132,8 @@ public static function savePublicKey(BaseCurve $curve, array $publicKey, array $ /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param BigInteger $privateKey + * @param Ed25519 $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php index c82689d66..9c2cce8fa 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS1.php @@ -132,8 +132,8 @@ public static function saveParameters(BaseCurve $curve, array $options = []) /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BigInteger $privateKey + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php index fd26d6bf4..9260bbf0a 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PKCS8.php @@ -111,10 +111,9 @@ private static function loadEdDSA(array $key) $components = []; if (isset($key['privateKey'])) { $components['curve'] = $key['privateKeyAlgorithm']['algorithm'] == 'id-Ed25519' ? new Ed25519() : new Ed448(); - // 0x04 == octet string - // 0x20 == length (32 bytes) - if (substr($key['privateKey'], 0, 2) != "\x04 ") { - throw new \RuntimeException('The first two bytes of the private key field should be 0x0420'); + $expected = chr(ASN1::TYPE_OCTET_STRING) . ASN1::encodeLength($components['curve']::SIZE); + if (substr($key['privateKey'], 0, 2) != $expected) { + throw new \RuntimeException('The first two bytes of the ' . $key['privateKeyAlgorithm']['algorithm'] . ' private key field should be 0x' . bin2hex($expected)); } $arr = $components['curve']->extractSecret(substr($key['privateKey'], 2)); $components['dA'] = $arr['dA']; @@ -134,7 +133,7 @@ private static function loadEdDSA(array $key) /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param array $options optional * @return string @@ -146,17 +145,17 @@ public static function savePublicKey(BaseCurve $curve, array $publicKey, array $ throw new UnsupportedCurveException('Montgomery Curves are not supported'); } if ($curve instanceof TwistedEdwardsCurve) { - return self::wrapPublicKey($curve->encodePoint($publicKey), null, $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'); + return self::wrapPublicKey($curve->encodePoint($publicKey), null, $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448', $options); } $params = new ASN1\Element(self::encodeParameters($curve, \false, $options)); $key = "\x04" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); - return self::wrapPublicKey($key, $params, 'id-ecPublicKey'); + return self::wrapPublicKey($key, $params, 'id-ecPublicKey', $options); } /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BigInteger $privateKey + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional @@ -170,7 +169,7 @@ public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, throw new UnsupportedCurveException('Montgomery Curves are not supported'); } if ($curve instanceof TwistedEdwardsCurve) { - return self::wrapPrivateKey("\x04 " . $secret, [], null, $password, $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'); + return self::wrapPrivateKey(chr(ASN1::TYPE_OCTET_STRING) . ASN1::encodeLength($curve::SIZE) . $secret, [], null, $password, $curve instanceof Ed25519 ? 'id-Ed25519' : 'id-Ed448'); } $publicKey = "\x04" . $publicKey[0]->toBytes() . $publicKey[1]->toBytes(); $params = new ASN1\Element(self::encodeParameters($curve, \false, $options)); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php index 83c6b8bd1..0eb3cedb6 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/PuTTY.php @@ -69,8 +69,8 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BigInteger $privateKey + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional @@ -99,7 +99,7 @@ public static function savePrivateKey(BigInteger $privateKey, BaseCurve $curve, /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField[] $publicKey * @return string */ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php index 2d678fc1f..d4b60f14e 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/XML.php @@ -62,6 +62,9 @@ public static function load($key, $password = '') throw new BadConfigurationException('The dom extension is not setup correctly on this system'); } $use_errors = libxml_use_internal_errors(\true); + if (substr($key, 0, 5) != '' . $key . ''; + } $temp = self::isolateNamespace($key, 'http://www.w3.org/2009/xmldsig11#'); if ($temp) { $key = $temp; @@ -71,9 +74,6 @@ public static function load($key, $password = '') $key = $temp; } $dom = new \DOMDocument(); - if (substr($key, 0, 5) != '' . $key . ''; - } if (!$dom->loadXML($key)) { libxml_use_internal_errors($use_errors); throw new \UnexpectedValueException('Key does not appear to contain XML'); @@ -148,7 +148,7 @@ private static function decodeValue($value) * Extract points from an XML document * * @param \DOMXPath $xpath - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @return object[] */ private static function extractPointRFC4050(\DOMXPath $xpath, BaseCurve $curve) @@ -172,7 +172,7 @@ private static function extractPointRFC4050(\DOMXPath $xpath, BaseCurve $curve) * on the curve parameters * * @param \DomXPath $xpath - * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false + * @return BaseCurve|false */ private static function loadCurveByParam(\DOMXPath $xpath) { @@ -235,7 +235,7 @@ private static function loadCurveByParam(\DOMXPath $xpath) * on the curve parameters * * @param \DomXPath $xpath - * @return \phpseclib3\Crypt\EC\BaseCurves\Base|false + * @return BaseCurve|false */ private static function loadCurveByParamRFC4050(\DOMXPath $xpath) { @@ -302,7 +302,7 @@ public static function disableRFC4050Syntax() /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param array $options optional * @return string @@ -328,7 +328,7 @@ public static function savePublicKey(BaseCurve $curve, array $publicKey, array $ /** * Encode Parameters * - * @param \phpseclib3\Crypt\EC\BaseCurves\Base $curve + * @param BaseCurve $curve * @param string $pre * @param array $options optional * @return string|false diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php index ded7b0135..199c75221 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Keys/libsodium.php @@ -72,7 +72,7 @@ public static function load($key, $password = '') /** * Convert an EC public key to the appropriate format * - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param Ed25519 $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @return string */ @@ -83,8 +83,8 @@ public static function savePublicKey(Ed25519 $curve, array $publicKey) /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $privateKey - * @param \phpseclib3\Crypt\EC\Curves\Ed25519 $curve + * @param BigInteger $privateKey + * @param Ed25519 $curve * @param \phpseclib3\Math\Common\FiniteField\Integer[] $publicKey * @param string $secret optional * @param string $password optional diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php index ae76295a2..a88b747c5 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/ASN1.php @@ -46,8 +46,8 @@ public static function load($sig) /** * Returns a signature in the appropriate format * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s + * @param BigInteger $r + * @param BigInteger $s * @return string */ public static function save(BigInteger $r, BigInteger $s) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php index 94ee8a143..31011c245 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/IEEE.php @@ -46,15 +46,17 @@ public static function load($sig) /** * Returns a signature in the appropriate format * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s + * @param BigInteger $r + * @param BigInteger $s + * @param string $curve + * @param int $length * @return string */ - public static function save(BigInteger $r, BigInteger $s) + public static function save(BigInteger $r, BigInteger $s, $curve, $length) { $r = $r->toBytes(); $s = $s->toBytes(); - $len = max(strlen($r), strlen($s)); - return str_pad($r, $len, "\x00", \STR_PAD_LEFT) . str_pad($s, $len, "\x00", \STR_PAD_LEFT); + $length = (int) ceil($length / 8); + return str_pad($r, $length, "\x00", \STR_PAD_LEFT) . str_pad($s, $length, "\x00", \STR_PAD_LEFT); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php index 319b17f04..1ced435d1 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/Formats/Signature/SSH2.php @@ -57,8 +57,8 @@ public static function load($sig) /** * Returns a signature in the appropriate format * - * @param \phpseclib3\Math\BigInteger $r - * @param \phpseclib3\Math\BigInteger $s + * @param BigInteger $r + * @param BigInteger $s * @param string $curve * @return string */ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php index 16e18aa11..d5892f976 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PrivateKey.php @@ -140,8 +140,10 @@ public function sign($message) if ($shortFormat == 'ASN1') { return $signature; } - extract(ASN1Signature::load($signature)); - return $shortFormat == 'SSH2' ? $format::save($r, $s, $this->getCurve()) : $format::save($r, $s); + $loaded = ASN1Signature::load($signature); + $r = $loaded['r']; + $s = $loaded['s']; + return $this->formatSignature($r, $s); } } $e = $this->hash->hash($message); @@ -185,7 +187,7 @@ public function sign($message) $temp = $kinv->multiply($temp); list(, $s) = $temp->divide($this->q); */ - return $shortFormat == 'SSH2' ? $format::save($r, $s, $this->getCurve()) : $format::save($r, $s); + return $this->formatSignature($r, $s); } /** * Returns the private key @@ -223,4 +225,27 @@ public function getPublicKey() } return $key; } + /** + * Returns a signature in the appropriate format + * + * @return string + */ + private function formatSignature(BigInteger $r, BigInteger $s) + { + $format = $this->sigFormat; + $temp = new \ReflectionMethod($format, 'save'); + $paramCount = $temp->getNumberOfRequiredParameters(); + // @codingStandardsIgnoreStart + switch ($paramCount) { + case 2: + return $format::save($r, $s); + case 3: + return $format::save($r, $s, $this->getCurve()); + case 4: + return $format::save($r, $s, $this->getCurve(), $this->getLength()); + } + // @codingStandardsIgnoreEnd + // presumably the only way you could get to this is if you were using a custom plugin + throw new UnsupportedOperationException("{$format}::save() has {$paramCount} parameters - the only valid parameter counts are 2 or 3"); + } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php index f666ed638..5ac11365c 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/EC/PublicKey.php @@ -95,7 +95,8 @@ public function verify($message, $signature) if ($params === \false || count($params) != 2) { return \false; } - extract($params); + $r = $params['r']; + $s = $params['s']; if (self::$engines['OpenSSL'] && in_array($this->hash->getHash(), openssl_get_md_methods())) { $sig = $format != 'ASN1' ? ASN1Signature::save($r, $s) : $signature; $result = openssl_verify($message, $sig, $this->toString('PKCS8', ['namedCurve' => \false]), $this->hash->getHash()); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php index c64c1a4b0..37fcc4c76 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Hash.php @@ -115,7 +115,7 @@ class Hash /** * Outer XOR (Internal HMAC) * - * Used only for sha512/* + * Used only for sha512 * * @see self::hash() * @var string @@ -124,7 +124,7 @@ class Hash /** * Inner XOR (Internal HMAC) * - * Used only for sha512/* + * Used only for sha512 * * @see self::hash() * @var string @@ -143,7 +143,7 @@ class Hash * umac cipher object * * @see self::hash() - * @var \phpseclib3\Crypt\AES + * @var AES */ private $c; /** @@ -174,6 +174,14 @@ class Hash private static $maxwordrange64; private static $maxwordrange128; /**#@-*/ + /**#@+ + * AES_CMAC variables + * + * @var string + */ + private $k1; + private $k2; + /**#@-*/ /** * Default Constructor. * @@ -255,16 +263,28 @@ public function getHash() */ public function setHash($hash) { + $oldHash = $this->hashParam; $this->hashParam = $hash = strtolower($hash); switch ($hash) { case 'umac-32': case 'umac-64': case 'umac-96': case 'umac-128': + if ($oldHash != $this->hashParam) { + $this->recomputeAESKey = \true; + } $this->blockSize = 128; $this->length = abs(substr($hash, -3)) >> 3; $this->algo = 'umac'; return; + case 'aes_cmac': + if ($oldHash != $this->hashParam) { + $this->recomputeAESKey = \true; + } + $this->blockSize = 128; + $this->length = 16; + $this->algo = 'aes_cmac'; + return; case 'md2-96': case 'md5-96': case 'sha1-96': @@ -376,11 +396,15 @@ public function setHash($hash) // from http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#page=24 $initial = $hash == 'sha512/256' ? ['22312194FC2BF72C', '9F555FA3C84C64C2', '2393B86B6F53B151', '963877195940EABD', '96283EE2A88EFFE3', 'BE5E1E2553863992', '2B0199FC2C85B8AA', '0EB72DDC81C52CA2'] : ['8C3D37C819544DA2', '73E1996689DCD4D6', '1DFAB7AE32FF9C82', '679DD514582F9FCF', '0F6D2B697BD44DA8', '77E36F7304C48942', '3F9D85A86A1D36C8', '1112E6AD91D692A1']; for ($i = 0; $i < 8; $i++) { - $initial[$i] = new BigInteger($initial[$i], 16); - $initial[$i]->setPrecision(64); + if (\PHP_INT_SIZE == 8) { + list(, $initial[$i]) = unpack('J', pack('H*', $initial[$i])); + } else { + $initial[$i] = new BigInteger($initial[$i], 16); + $initial[$i]->setPrecision(64); + } } $this->parameters = compact('initial'); - $hash = ['Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Crypt\\Hash', 'sha512']; + $hash = ['Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Crypt\\Hash', \PHP_INT_SIZE == 8 ? 'sha512_64' : 'sha512']; } } if (is_array($hash)) { @@ -501,12 +525,12 @@ private static function L1Hash($k, $m) // For each chunk, except the last: endian-adjust, NH hash // and add bit-length. Use results to build Y. // - $length = new BigInteger(1024 * 8); + $length = 1024 * 8; $y = ''; for ($i = 0; $i < count($m) - 1; $i++) { $m[$i] = pack('N*', ...unpack('V*', $m[$i])); // ENDIAN-SWAP - $y .= static::nh($k, $m[$i], $length); + $y .= \PHP_INT_SIZE == 8 ? static::nh64($k, $m[$i], $length) : static::nh32($k, $m[$i], $length); } // // For the last chunk: pad to 32-byte boundary, endian-adjust, @@ -519,60 +543,221 @@ private static function L1Hash($k, $m) // zeropad $m[$i] = pack('N*', ...unpack('V*', $m[$i])); // ENDIAN-SWAP - $y .= static::nh($k, $m[$i], new BigInteger($length * 8)); + $y .= \PHP_INT_SIZE == 8 ? static::nh64($k, $m[$i], $length * 8) : static::nh32($k, $m[$i], $length * 8); return $y; } /** - * NH Algorithm + * 32-bit safe 64-bit Multiply with 2x 32-bit ints + * + * @param int $x + * @param int $y + * @return string $x * $y + */ + private static function mul32_64($x, $y) + { + // see mul64() for a more detailed explanation of how this works + $x1 = $x >> 16 & 0xffff; + $x0 = $x & 0xffff; + $y1 = $y >> 16 & 0xffff; + $y0 = $y & 0xffff; + // the following 3x lines will possibly yield floats + $z2 = $x1 * $y1; + $z0 = $x0 * $y0; + $z1 = $x1 * $y0 + $x0 * $y1; + $a = intval(fmod($z0, 65536)); + $b = intval($z0 / 65536) + intval(fmod($z1, 65536)); + $c = intval($z1 / 65536) + intval(fmod($z2, 65536)) + intval($b / 65536); + $b = intval(fmod($b, 65536)); + $d = intval($z2 / 65536) + intval($c / 65536); + $c = intval(fmod($c, 65536)); + $d = intval(fmod($d, 65536)); + return pack('n4', $d, $c, $b, $a); + } + /** + * 32-bit safe 64-bit Addition with 2x 64-bit strings + * + * @param int $x + * @param int $y + * @return int $x * $y + */ + private static function add32_64($x, $y) + { + list(, $x1, $x2, $x3, $x4) = unpack('n4', $x); + list(, $y1, $y2, $y3, $y4) = unpack('n4', $y); + $a = $x4 + $y4; + $b = $x3 + $y3 + ($a >> 16); + $c = $x2 + $y2 + ($b >> 16); + $d = $x1 + $y1 + ($c >> 16); + return pack('n4', $d, $c, $b, $a); + } + /** + * 32-bit safe 32-bit Addition with 2x 32-bit strings + * + * @param int $x + * @param int $y + * @return int $x * $y + */ + private static function add32($x, $y) + { + // see add64() for a more detailed explanation of how this works + $x1 = $x & 0xffff; + $x2 = $x >> 16 & 0xffff; + $y1 = $y & 0xffff; + $y2 = $y >> 16 & 0xffff; + $a = $x1 + $y1; + $b = $x2 + $y2 + ($a >> 16) << 16; + $a &= 0xffff; + return $a | $b; + } + /** + * NH Algorithm / 32-bit safe * * @param string $k string of length 1024 bytes. * @param string $m string with length divisible by 32 bytes. * @return string string of length 8 bytes. */ - private static function nh($k, $m, $length) + private static function nh32($k, $m, $length) { - $toUInt32 = function ($x) { - $x = new BigInteger($x, 256); - $x->setPrecision(32); - return $x; - }; // // Break M and K into 4-byte chunks // - //$t = strlen($m) >> 2; - $m = str_split($m, 4); + $k = unpack('N*', $k); + $m = unpack('N*', $m); $t = count($m); - $k = str_split($k, 4); - $k = array_pad(array_slice($k, 0, $t), $t, 0); - $m = array_map($toUInt32, $m); - $k = array_map($toUInt32, $k); // // Perform NH hash on the chunks, pairing words for multiplication // which are 4 apart to accommodate vector-parallelism. // - $y = new BigInteger(); - $y->setPrecision(64); - $i = 0; - while ($i < $t) { - $temp = $m[$i]->add($k[$i]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 4]->add($k[$i + 4])); - $y = $y->add($temp); - $temp = $m[$i + 1]->add($k[$i + 1]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 5]->add($k[$i + 5])); - $y = $y->add($temp); - $temp = $m[$i + 2]->add($k[$i + 2]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 6]->add($k[$i + 6])); - $y = $y->add($temp); - $temp = $m[$i + 3]->add($k[$i + 3]); - $temp->setPrecision(64); - $temp = $temp->multiply($m[$i + 7]->add($k[$i + 7])); - $y = $y->add($temp); + $i = 1; + $y = "\x00\x00\x00\x00\x00\x00\x00\x00"; + while ($i <= $t) { + $temp = self::add32($m[$i], $k[$i]); + $temp2 = self::add32($m[$i + 4], $k[$i + 4]); + $y = self::add32_64($y, self::mul32_64($temp, $temp2)); + $temp = self::add32($m[$i + 1], $k[$i + 1]); + $temp2 = self::add32($m[$i + 5], $k[$i + 5]); + $y = self::add32_64($y, self::mul32_64($temp, $temp2)); + $temp = self::add32($m[$i + 2], $k[$i + 2]); + $temp2 = self::add32($m[$i + 6], $k[$i + 6]); + $y = self::add32_64($y, self::mul32_64($temp, $temp2)); + $temp = self::add32($m[$i + 3], $k[$i + 3]); + $temp2 = self::add32($m[$i + 7], $k[$i + 7]); + $y = self::add32_64($y, self::mul32_64($temp, $temp2)); $i += 8; } - return $y->add($length)->toBytes(); + return self::add32_64($y, pack('N2', 0, $length)); + } + /** + * 64-bit Multiply with 2x 32-bit ints + * + * @param int $x + * @param int $y + * @return int $x * $y + */ + private static function mul64($x, $y) + { + // since PHP doesn't implement unsigned integers we'll implement them with signed integers + // to do this we'll use karatsuba multiplication + $x1 = $x >> 16; + $x0 = $x & 0xffff; + $y1 = $y >> 16; + $y0 = $y & 0xffff; + $z2 = $x1 * $y1; + // up to 32 bits long + $z0 = $x0 * $y0; + // up to 32 bits long + $z1 = $x1 * $y0 + $x0 * $y1; + // up to 33 bit long + // normally karatsuba multiplication calculates $z1 thusly: + //$z1 = ($x1 + $x0) * ($y0 + $y1) - $z2 - $z0; + // the idea being to eliminate one extra multiplication. for arbitrary precision math that makes sense + // but not for this purpose + // at this point karatsuba would normally return this: + //return ($z2 << 64) + ($z1 << 32) + $z0; + // the problem is that the output could be out of range for signed 64-bit ints, + // which would cause PHP to switch to floats, which would risk losing the lower few bits + // as such we'll OR 4x 16-bit blocks together like so: + /* + ........ | ........ | ........ | ........ + upper $z2 | lower $z2 | lower $z1 | lower $z0 + | +upper $z1 | +upper $z0 | + + $carry | + $carry | | + */ + // technically upper $z1 is 17 bit - not 16 - but the most significant digit of that will + // just get added to $carry + $a = $z0 & 0xffff; + $b = ($z0 >> 16) + ($z1 & 0xffff); + $c = ($z1 >> 16) + ($z2 & 0xffff) + ($b >> 16); + $b = ($b & 0xffff) << 16; + $d = ($z2 >> 16) + ($c >> 16); + $c = ($c & 0xffff) << 32; + $d = ($d & 0xffff) << 48; + return $a | $b | $c | $d; + } + /** + * 64-bit Addition with 2x 64-bit ints + * + * @param int $x + * @param int $y + * @return int $x + $y + */ + private static function add64($x, $y) + { + // doing $x + $y risks returning a result that's out of range for signed 64-bit ints + // in that event PHP would convert the result to a float and precision would be lost + // so we'll just add 2x 32-bit ints together like so: + /* + ........ | ........ + upper $x | lower $x + +upper $y |+lower $y + + $carry | + */ + $x1 = $x & 0xffffffff; + $x2 = $x >> 32 & 0xffffffff; + $y1 = $y & 0xffffffff; + $y2 = $y >> 32 & 0xffffffff; + $a = $x1 + $y1; + $b = $x2 + $y2 + ($a >> 32) << 32; + $a &= 0xffffffff; + return $a | $b; + } + /** + * NH Algorithm / 64-bit safe + * + * @param string $k string of length 1024 bytes. + * @param string $m string with length divisible by 32 bytes. + * @return string string of length 8 bytes. + */ + private static function nh64($k, $m, $length) + { + // + // Break M and K into 4-byte chunks + // + $k = unpack('N*', $k); + $m = unpack('N*', $m); + $t = count($m); + // + // Perform NH hash on the chunks, pairing words for multiplication + // which are 4 apart to accommodate vector-parallelism. + // + $i = 1; + $y = 0; + while ($i <= $t) { + $temp = $m[$i] + $k[$i] & 0xffffffff; + $temp2 = $m[$i + 4] + $k[$i + 4] & 0xffffffff; + $y = self::add64($y, self::mul64($temp, $temp2)); + $temp = $m[$i + 1] + $k[$i + 1] & 0xffffffff; + $temp2 = $m[$i + 5] + $k[$i + 5] & 0xffffffff; + $y = self::add64($y, self::mul64($temp, $temp2)); + $temp = $m[$i + 2] + $k[$i + 2] & 0xffffffff; + $temp2 = $m[$i + 6] + $k[$i + 6] & 0xffffffff; + $y = self::add64($y, self::mul64($temp, $temp2)); + $temp = $m[$i + 3] + $k[$i + 3] & 0xffffffff; + $temp2 = $m[$i + 7] + $k[$i + 7] & 0xffffffff; + $y = self::add64($y, self::mul64($temp, $temp2)); + $i += 8; + } + return pack('J', self::add64($y, $length)); } /** * L2-HASH: Second-Layer Hash @@ -699,6 +884,63 @@ private static function L3Hash($k1, $k2, $m) public function hash($text) { $algo = $this->algo; + // https://www.rfc-editor.org/rfc/rfc4493.html + // https://en.wikipedia.org/wiki/One-key_MAC + if ($algo == 'aes_cmac') { + $constZero = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + if ($this->recomputeAESKey) { + if (!is_string($this->key)) { + throw new InsufficientSetupException('No key has been set'); + } + if (strlen($this->key) != 16) { + throw new \LengthException('Key must be 16 bytes long'); + } + // Algorithm Generate_Subkey + $constRb = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x87"; + $this->c = new AES('ecb'); + $this->c->setKey($this->key); + $this->c->disablePadding(); + $l = $this->c->encrypt($constZero); + $msb = ($l & "\x80") == "\x80"; + $l = new BigInteger($l, 256); + $l->setPrecision(128); + $l = $l->bitwise_leftShift(1)->toBytes(); + // make it constant time + $k1 = $msb ? $l ^ $constRb : $l | $constZero; + $msb = ($k1 & "\x80") == "\x80"; + $k2 = new BigInteger($k1, 256); + $k2->setPrecision(128); + $k2 = $k2->bitwise_leftShift(1)->toBytes(); + // make it constant time + $k2 = $msb ? $k2 ^ $constRb : $k2 | $constZero; + $this->k1 = $k1; + $this->k2 = $k2; + } + $len = strlen($text); + $const_Bsize = 16; + $M = strlen($text) ? str_split($text, $const_Bsize) : ['']; + // Step 2 + $n = ceil($len / $const_Bsize); + // Step 3 + if ($n == 0) { + $n = 1; + $flag = \false; + } else { + $flag = $len % $const_Bsize == 0; + } + // Step 4 + $M_last = $flag ? $M[$n - 1] ^ $k1 : self::OMAC_padding($M[$n - 1], $const_Bsize) ^ $k2; + // Step 5 + $x = $constZero; + // Step 6 + $c =& $this->c; + for ($i = 0; $i < $n - 1; $i++) { + $y = $x ^ $M[$i]; + $x = $c->encrypt($y); + } + $y = $M_last ^ $x; + return $c->encrypt($y); + } if ($algo == 'umac') { if ($this->recomputeAESKey) { if (!is_string($this->nonce)) { @@ -939,7 +1181,8 @@ private static function rotateLeft32($x, $shift) $shift -= 32; list($lo, $hi) = $x; } - return [$hi << $shift | $lo >> 32 - $shift & (1 << $shift) - 1, $lo << $shift | $hi >> 32 - $shift & (1 << $shift) - 1]; + $mask = -1 ^ -1 << $shift; + return [$hi << $shift | $lo >> 32 - $shift & $mask, $lo << $shift | $hi >> 32 - $shift & $mask]; } /** * Pure-PHP 64-bit implementation of SHA3 @@ -1024,14 +1267,26 @@ private static function processSHA3Block64(&$s) } } /** - * Rotate 64-bit int + * Left rotate 64-bit int * * @param int $x * @param int $shift */ private static function rotateLeft64($x, $shift) { - return $x << $shift | $x >> 64 - $shift & (1 << $shift) - 1; + $mask = -1 ^ -1 << $shift; + return $x << $shift | $x >> 64 - $shift & $mask; + } + /** + * Right rotate 64-bit int + * + * @param int $x + * @param int $shift + */ + private static function rotateRight64($x, $shift) + { + $mask = -1 ^ -1 << 64 - $shift; + return $x >> $shift & $mask | $x << 64 - $shift; } /** * Pure-PHP implementation of SHA512 @@ -1124,6 +1379,91 @@ private static function sha512($m, $hash) $temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() . $hash[4]->toBytes() . $hash[5]->toBytes() . $hash[6]->toBytes() . $hash[7]->toBytes(); return $temp; } + /** + * Pure-PHP implementation of SHA512 + * + * @param string $m + * @param array $hash + * @return string + */ + private static function sha512_64($m, $hash) + { + static $k; + if (!isset($k)) { + // Initialize table of round constants + // (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409) + $k = ['428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc', '3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118', 'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2', '72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694', 'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65', '2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5', '983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4', 'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70', '27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df', '650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b', 'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30', 'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8', '19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8', '391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3', '748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec', '90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b', 'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178', '06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b', '28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c', '4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817']; + for ($i = 0; $i < 80; $i++) { + list(, $k[$i]) = unpack('J', pack('H*', $k[$i])); + } + } + // Pre-processing + $length = strlen($m); + // to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128 + $m .= str_repeat(chr(0), 128 - ($length + 16 & 0x7f)); + $m[$length] = chr(0x80); + // we don't support hashing strings 512MB long + $m .= pack('N4', 0, 0, 0, $length << 3); + // Process the message in successive 1024-bit chunks + $chunks = str_split($m, 128); + foreach ($chunks as $chunk) { + $w = []; + for ($i = 0; $i < 16; $i++) { + list(, $w[]) = unpack('J', Strings::shift($chunk, 8)); + } + // Extend the sixteen 32-bit words into eighty 32-bit words + for ($i = 16; $i < 80; $i++) { + $temp = [self::rotateRight64($w[$i - 15], 1), self::rotateRight64($w[$i - 15], 8), $w[$i - 15] >> 7 & 0x1ffffffffffffff]; + $s0 = $temp[0] ^ $temp[1] ^ $temp[2]; + $temp = [self::rotateRight64($w[$i - 2], 19), self::rotateRight64($w[$i - 2], 61), $w[$i - 2] >> 6 & 0x3ffffffffffffff]; + $s1 = $temp[0] ^ $temp[1] ^ $temp[2]; + $w[$i] = $w[$i - 16]; + $w[$i] = self::add64($w[$i], $s0); + $w[$i] = self::add64($w[$i], $w[$i - 7]); + $w[$i] = self::add64($w[$i], $s1); + } + // Initialize hash value for this chunk + list($a, $b, $c, $d, $e, $f, $g, $h) = $hash; + // Main loop + for ($i = 0; $i < 80; $i++) { + $temp = [self::rotateRight64($a, 28), self::rotateRight64($a, 34), self::rotateRight64($a, 39)]; + $s0 = $temp[0] ^ $temp[1] ^ $temp[2]; + $temp = [$a & $b, $a & $c, $b & $c]; + $maj = $temp[0] ^ $temp[1] ^ $temp[2]; + $t2 = self::add64($s0, $maj); + $temp = [self::rotateRight64($e, 14), self::rotateRight64($e, 18), self::rotateRight64($e, 41)]; + $s1 = $temp[0] ^ $temp[1] ^ $temp[2]; + $ch = $e & $f ^ $g & ~$e; + $t1 = self::add64($h, $s1); + $t1 = self::add64($t1, $ch); + $t1 = self::add64($t1, $k[$i]); + $t1 = self::add64($t1, $w[$i]); + $h = $g; + $g = $f; + $f = $e; + $e = self::add64($d, $t1); + $d = $c; + $c = $b; + $b = $a; + $a = self::add64($t1, $t2); + } + // Add this chunk's hash to result so far + $hash = [self::add64($hash[0], $a), self::add64($hash[1], $b), self::add64($hash[2], $c), self::add64($hash[3], $d), self::add64($hash[4], $e), self::add64($hash[5], $f), self::add64($hash[6], $g), self::add64($hash[7], $h)]; + } + // Produce the final hash value (big-endian) + // (\phpseclib3\Crypt\Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here) + return pack('J*', ...$hash); + } + /** + * OMAC Padding + * + * @link https://www.rfc-editor.org/rfc/rfc4493.html#section-2.4 + */ + private static function OMAC_padding($m, $length) + { + $count = $length - strlen($m) - 1; + return "{$m}\x80" . str_repeat("\x00", $count); + } /** * __toString() magic method */ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php index 70be4d77b..9eda78802 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/PublicKeyLoader.php @@ -30,6 +30,7 @@ abstract class PublicKeyLoader * @return AsymmetricKey * @param string|array $key * @param string $password optional + * @throws NoKeyLoadedException if key is not valid */ public static function load($key, $password = \false) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC2.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC2.php index 16ed15ee5..b184c2f89 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC2.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC2.php @@ -43,14 +43,14 @@ class RC2 extends BlockCipher /** * Block Length of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::block_size + * @see Common\SymmetricKey::block_size * @var int */ protected $block_size = 8; /** * The Key * - * @see \phpseclib3\Crypt\Common\SymmetricKey::key + * @see Common\SymmetricKey::key * @see self::setKey() * @var string */ @@ -58,7 +58,7 @@ class RC2 extends BlockCipher /** * The Original (unpadded) Key * - * @see \phpseclib3\Crypt\Common\SymmetricKey::key + * @see Common\SymmetricKey::key * @see self::setKey() * @see self::encrypt() * @see self::decrypt() @@ -76,14 +76,14 @@ class RC2 extends BlockCipher /** * The mcrypt specific name of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see Common\SymmetricKey::cipher_name_mcrypt * @var string */ protected $cipher_name_mcrypt = 'rc2'; /** * Optimizing value while CFB-encrypting * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @see Common\SymmetricKey::cfb_init_len * @var int */ protected $cfb_init_len = 500; @@ -149,7 +149,7 @@ public function __construct($mode) * * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @see Common\SymmetricKey::__construct() * @param int $engine * @return bool */ @@ -206,7 +206,7 @@ public function getKeyLength() * has more then 128 bytes in it, and set $key to a single null byte if * it is empty. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() + * @see Common\SymmetricKey::setKey() * @param string $key * @param int|boolean $t1 optional Effective key length in bits. * @throws \LengthException if the key length isn't supported @@ -295,8 +295,8 @@ public function decrypt($ciphertext) /** * Encrypts a block * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see Common\SymmetricKey::encryptBlock() + * @see Common\SymmetricKey::encrypt() * @param string $in * @return string */ @@ -334,8 +334,8 @@ protected function encryptBlock($in) /** * Decrypts a block * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decryptBlock() - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see Common\SymmetricKey::decryptBlock() + * @see Common\SymmetricKey::decrypt() * @param string $in * @return string */ @@ -373,7 +373,7 @@ protected function decryptBlock($in) /** * Creates the key schedule * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + * @see Common\SymmetricKey::setupKey() */ protected function setupKey() { @@ -391,7 +391,7 @@ protected function setupKey() /** * Setup the performance-optimized function for de/encrypt() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupInlineCrypt() + * @see Common\SymmetricKey::setupInlineCrypt() */ protected function setupInlineCrypt() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC4.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC4.php index b08a14c4c..f8304f4e0 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC4.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RC4.php @@ -68,7 +68,7 @@ class RC4 extends StreamCipher /** * The mcrypt specific name of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see Common\SymmetricKey::cipher_name_mcrypt * @var string */ protected $cipher_name_mcrypt = 'arcfour'; @@ -91,7 +91,7 @@ class RC4 extends StreamCipher * * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @see Common\SymmetricKey::__construct() * @param int $engine * @return bool */ @@ -145,7 +145,7 @@ public function setKey($key) /** * Encrypts a message. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see Common\SymmetricKey::decrypt() * @see self::crypt() * @param string $plaintext * @return string $ciphertext @@ -163,7 +163,7 @@ public function encrypt($plaintext) * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)). * At least if the continuous buffer is disabled. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see Common\SymmetricKey::encrypt() * @see self::crypt() * @param string $ciphertext * @return string $plaintext @@ -196,7 +196,7 @@ protected function decryptBlock($in) /** * Setup the key (expansion) * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() + * @see Common\SymmetricKey::_setupKey() */ protected function setupKey() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php index 8d93d9315..1e818be20 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA.php @@ -10,7 +10,7 @@ * getPublicKey(); * * $plaintext = 'terrafrost'; @@ -26,7 +26,7 @@ * getPublicKey(); * * $plaintext = 'terrafrost'; @@ -166,7 +166,7 @@ abstract class RSA extends AsymmetricKey /** * Hash function for the Mask Generation Function * - * @var \phpseclib3\Crypt\Hash + * @var Hash */ protected $mgfHash; /** @@ -178,19 +178,19 @@ abstract class RSA extends AsymmetricKey /** * Modulus (ie. n) * - * @var \phpseclib3\Math\BigInteger + * @var Math\BigInteger */ protected $modulus; /** * Modulus length * - * @var \phpseclib3\Math\BigInteger + * @var Math\BigInteger */ protected $k; /** * Exponent (ie. e or d) * - * @var \phpseclib3\Math\BigInteger + * @var Math\BigInteger */ protected $exponent; /** @@ -229,7 +229,7 @@ abstract class RSA extends AsymmetricKey /** * Public Exponent * - * @var \phpseclib3\Math\BigInteger + * @var Math\BigInteger */ protected $publicExponent; /** @@ -270,7 +270,7 @@ public static function setOpenSSLConfigPath($val) * * The public key can be extracted from the private key * - * @return RSA\PrivateKey + * @return PrivateKey * @param int $bits */ public static function createKey($bits = 2048) @@ -319,10 +319,9 @@ public static function createKey($bits = 2048) if ($i != $num_primes) { $primes[$i] = BigInteger::randomPrime($regSize); } else { - extract(BigInteger::minMaxBits($bits)); - /** @var BigInteger $min - * @var BigInteger $max - */ + $minMax = BigInteger::minMaxBits($bits); + $min = $minMax['min']; + $max = $minMax['max']; list($min) = $min->divide($n); $min = $min->add(self::$one); list($max) = $max->divide($n); @@ -449,7 +448,7 @@ protected function __construct() * * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}. * - * @param bool|\phpseclib3\Math\BigInteger $x + * @param bool|Math\BigInteger $x * @param int $xLen * @return bool|string */ @@ -470,7 +469,7 @@ protected function i2osp($x, $xLen) * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}. * * @param string $x - * @return \phpseclib3\Math\BigInteger + * @return Math\BigInteger */ protected function os2ip($x) { @@ -623,7 +622,7 @@ public function getLength() public function withHash($hash) { $new = clone $this; - // \phpseclib3\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. + // Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch (strtolower($hash)) { case 'md2': case 'md5': @@ -653,7 +652,7 @@ public function withHash($hash) public function withMGFHash($hash) { $new = clone $this; - // \phpseclib3\Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. + // Crypt\Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example. switch (strtolower($hash)) { case 'md2': case 'md5': diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php index a7567cb72..100bf53e1 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/JWK.php @@ -82,9 +82,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -103,8 +103,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @param array $options optional * @return string */ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php index f1e6df633..7f72f99fa 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/MSBLOB.php @@ -82,13 +82,11 @@ public static function load($key, $password = '') } // PUBLICKEYSTRUC publickeystruc // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387453(v=vs.85).aspx - extract(unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8))); - /** - * @var string $type - * @var string $version - * @var integer $reserved - * @var integer $algo - */ + $unpacked = unpack('atype/aversion/vreserved/Valgo', Strings::shift($key, 8)); + $type = $unpacked['type']; + $version = $unpacked['version']; + $reserved = $unpacked['reserved']; + $algo = $unpacked['algo']; switch (ord($type)) { case self::PUBLICKEYBLOB: case self::PUBLICKEYBLOBEX: @@ -112,12 +110,10 @@ public static function load($key, $password = '') // RSAPUBKEY rsapubkey // https://msdn.microsoft.com/en-us/library/windows/desktop/aa387685(v=vs.85).aspx // could do V for pubexp but that's unsigned 32-bit whereas some PHP installs only do signed 32-bit - extract(unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12))); - /** - * @var integer $magic - * @var integer $bitlen - * @var string $pubexp - */ + $unpacked = unpack('Vmagic/Vbitlen/a4pubexp', Strings::shift($key, 12)); + $magic = $unpacked['magic']; + $bitlen = $unpacked['bitlen']; + $pubexp = $unpacked['pubexp']; switch ($magic) { case self::RSA2: $components['isPublicKey'] = \false; @@ -158,9 +154,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -191,8 +187,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @return string */ public static function savePublicKey(BigInteger $n, BigInteger $e) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php index 8d0affe33..147ba14ff 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/OpenSSH.php @@ -64,8 +64,8 @@ public static function load($key, $password = '') /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @param array $options optional * @return string */ @@ -82,9 +82,9 @@ public static function savePublicKey(BigInteger $n, BigInteger $e, array $option /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php index e674ea9e2..877a10f45 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS1.php @@ -79,14 +79,27 @@ public static function load($key, $password = '') if (!isset($components['isPublicKey'])) { $components['isPublicKey'] = \true; } + $components = $components + $key; + foreach ($components as &$val) { + if ($val instanceof BigInteger) { + $val = self::makePositive($val); + } + if (is_array($val)) { + foreach ($val as &$subval) { + if ($subval instanceof BigInteger) { + $subval = self::makePositive($subval); + } + } + } + } return $components + $key; } /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -107,8 +120,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @return string */ public static function savePublicKey(BigInteger $n, BigInteger $e) @@ -117,4 +130,14 @@ public static function savePublicKey(BigInteger $n, BigInteger $e) $key = ASN1::encodeDER($key, Maps\RSAPublicKey::MAP); return self::wrapPublicKey($key, 'RSA'); } + /** + * Negative numbers make no sense in RSA so convert them to positive + * + * @param BigInteger $x + * @return string + */ + private static function makePositive(BigInteger $x) + { + return $x->isNegative() ? new BigInteger($x->toBytes(\true), 256) : $x; + } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php index db85e048c..744c5c0c3 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PKCS8.php @@ -78,9 +78,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -97,8 +97,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @param array $options optional * @return string */ @@ -106,6 +106,6 @@ public static function savePublicKey(BigInteger $n, BigInteger $e, array $option { $key = PKCS1::savePublicKey($n, $e); $key = ASN1::extractBER($key); - return self::wrapPublicKey($key, null); + return self::wrapPublicKey($key, null, null, $options); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php index 87dc57238..54761d7f2 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PSS.php @@ -109,7 +109,7 @@ public static function load($key, $password = '') $result['hash'] = str_replace('id-', '', $params['hashAlgorithm']['algorithm']); $result['MGFHash'] = str_replace('id-', '', $params['maskGenAlgorithm']['parameters']['algorithm']); if (isset($params['saltLength'])) { - $result['saltLength'] = (int) $params['saltLength']->toString(); + $result['saltLength'] = (int) "{$params['saltLength']}"; } if (isset($key['meta'])) { $result['meta'] = $key['meta']; @@ -119,9 +119,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -140,8 +140,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @param array $options optional * @return string */ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php index 2d4c7daff..7f6651507 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/PuTTY.php @@ -51,7 +51,10 @@ public static function load($key, $password = '') if (!isset($components['private'])) { return $components; } - extract($components); + $type = $components['type']; + $comment = $components['comment']; + $public = $components['public']; + $private = $components['private']; unset($components['public'], $components['private']); $isPublicKey = \false; $result = Strings::unpackSSH2('ii', $public); @@ -74,9 +77,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -96,8 +99,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @return string */ public static function savePublicKey(BigInteger $n, BigInteger $e) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php index 1e201366b..65ee9aa35 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/Raw.php @@ -116,9 +116,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -142,8 +142,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @return array */ public static function savePublicKey(BigInteger $n, BigInteger $e) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php index 6ad4d8eb2..fa2c46756 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/Formats/Keys/XML.php @@ -107,9 +107,9 @@ public static function load($key, $password = '') /** * Convert a private key to the appropriate format. * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e - * @param \phpseclib3\Math\BigInteger $d + * @param BigInteger $n + * @param BigInteger $e + * @param BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients @@ -129,8 +129,8 @@ public static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $ /** * Convert a public key to the appropriate format * - * @param \phpseclib3\Math\BigInteger $n - * @param \phpseclib3\Math\BigInteger $e + * @param BigInteger $n + * @param BigInteger $e * @return string */ public static function savePublicKey(BigInteger $n, BigInteger $e) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php index 2c5ff41c7..7e0969028 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PrivateKey.php @@ -45,7 +45,7 @@ final class PrivateKey extends RSA implements Common\PrivateKey /** * Private Exponent * - * @var \phpseclib3\Math\BigInteger + * @var BigInteger */ protected $privateExponent; /** @@ -53,7 +53,7 @@ final class PrivateKey extends RSA implements Common\PrivateKey * * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}. * - * @return bool|\phpseclib3\Math\BigInteger + * @return bool|BigInteger */ private function rsadp(BigInteger $c) { @@ -67,7 +67,7 @@ private function rsadp(BigInteger $c) * * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}. * - * @return bool|\phpseclib3\Math\BigInteger + * @return bool|BigInteger */ private function rsasp1(BigInteger $m) { @@ -79,8 +79,8 @@ private function rsasp1(BigInteger $m) /** * Exponentiate * - * @param \phpseclib3\Math\BigInteger $x - * @return \phpseclib3\Math\BigInteger + * @param BigInteger $x + * @return BigInteger */ protected function exponentiate(BigInteger $x) { @@ -140,10 +140,10 @@ protected function exponentiate(BigInteger $x) * Protects against timing attacks by employing RSA Blinding. * Returns $x->modPow($this->exponents[$i], $this->primes[$i]) * - * @param \phpseclib3\Math\BigInteger $x - * @param \phpseclib3\Math\BigInteger $r + * @param BigInteger $x + * @param BigInteger $r * @param int $i - * @return \phpseclib3\Math\BigInteger + * @return BigInteger */ private function blind(BigInteger $x, BigInteger $r, $i) { @@ -183,7 +183,7 @@ private function emsa_pss_encode($m, $emBits) $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); // ie. stlren($db) $maskedDB = $db ^ $dbMask; - $maskedDB[0] = ~chr(0xff << ($emBits & 7)) & $maskedDB[0]; + $maskedDB[0] = ~chr(256 - (1 << ($emBits & 7))) & $maskedDB[0]; $em = $maskedDB . $h . chr(0xbc); return $em; } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php index be8150eb6..b3ac22189 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/RSA/PublicKey.php @@ -32,8 +32,8 @@ final class PublicKey extends RSA implements Common\PublicKey /** * Exponentiate * - * @param \phpseclib3\Math\BigInteger $x - * @return \phpseclib3\Math\BigInteger + * @param BigInteger $x + * @return BigInteger */ private function exponentiate(BigInteger $x) { @@ -44,8 +44,8 @@ private function exponentiate(BigInteger $x) * * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}. * - * @param \phpseclib3\Math\BigInteger $s - * @return bool|\phpseclib3\Math\BigInteger + * @param BigInteger $s + * @return bool|BigInteger */ private function rsavp1($s) { @@ -209,13 +209,13 @@ private function emsa_pss_verify($m, $em, $emBits) } $maskedDB = substr($em, 0, -$this->hLen - 1); $h = substr($em, -$this->hLen - 1, $this->hLen); - $temp = chr(0xff << ($emBits & 7)); + $temp = chr(256 - (1 << ($emBits & 7))); if ((~$maskedDB[0] & $temp) != $temp) { return \false; } $dbMask = $this->mgf1($h, $emLen - $this->hLen - 1); $db = $maskedDB ^ $dbMask; - $db[0] = ~chr(0xff << ($emBits & 7)) & $db[0]; + $db[0] = ~chr(256 - (1 << ($emBits & 7))) & $db[0]; $temp = $emLen - $this->hLen - $sLen - 2; if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) { return \false; @@ -347,8 +347,8 @@ private function rsaes_oaep_encrypt($m) * * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}. * - * @param \phpseclib3\Math\BigInteger $m - * @return bool|\phpseclib3\Math\BigInteger + * @param BigInteger $m + * @return bool|BigInteger */ private function rsaep($m) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php index be4e66de7..facb54907 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Rijndael.php @@ -72,8 +72,8 @@ class Rijndael extends BlockCipher * or not for the current $block_size/$key_length. * In case of, $cipher_name_mcrypt will be set dynamically at run time accordingly. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt - * @see \phpseclib3\Crypt\Common\SymmetricKey::engine + * @see Common\SymmetricKey::cipher_name_mcrypt + * @see Common\SymmetricKey::engine * @see self::isValidEngine() * @var string */ @@ -337,7 +337,7 @@ protected function encryptBlock($in) $k = $c[2]; $l = $c[3]; while ($i < $Nb) { - $temp[$i] = $state[$i] & intval(0xff000000) ^ $state[$j] & 0xff0000 ^ $state[$k] & 0xff00 ^ $state[$l] & 0xff ^ $w[$i]; + $temp[$i] = $state[$i] & (\PHP_INT_SIZE == 8 ? 0xff000000 : -16777216) ^ $state[$j] & 0xff0000 ^ $state[$k] & 0xff00 ^ $state[$l] & 0xff ^ $w[$i]; ++$i; $j = ($j + 1) % $Nb; $k = ($k + 1) % $Nb; @@ -396,7 +396,7 @@ protected function decryptBlock($in) $k = $Nb - $c[2]; $l = $Nb - $c[3]; while ($i < $Nb) { - $word = $state[$i] & intval(0xff000000) | $state[$j] & 0xff0000 | $state[$k] & 0xff00 | $state[$l] & 0xff; + $word = $state[$i] & (\PHP_INT_SIZE == 8 ? 0xff000000 : -16777216) | $state[$j] & 0xff0000 | $state[$k] & 0xff00 | $state[$l] & 0xff; $temp[$i] = $dw[$i] ^ ($isbox[$word & 0xff] | $isbox[$word >> 8 & 0xff] << 8 | $isbox[$word >> 16 & 0xff] << 16 | $isbox[$word >> 24 & 0xff] << 24); ++$i; $j = ($j + 1) % $Nb; @@ -452,7 +452,7 @@ protected function setupKey() static $rcon; if (!isset($rcon)) { $rcon = [0, 0x1000000, 0x2000000, 0x4000000, 0x8000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1b000000, 0x36000000, 0x6c000000, 0xd8000000, 0xab000000, 0x4d000000, 0x9a000000, 0x2f000000, 0x5e000000, 0xbc000000, 0x63000000, 0xc6000000, 0x97000000, 0x35000000, 0x6a000000, 0xd4000000, 0xb3000000, 0x7d000000, 0xfa000000, 0xef000000, 0xc5000000, 0x91000000]; - $rcon = array_map('intval', $rcon); + $rcon = array_map([self::class, 'safe_intval'], $rcon); } if (isset($this->kl['key']) && $this->key === $this->kl['key'] && $this->key_length === $this->kl['key_length'] && $this->block_size === $this->kl['block_size']) { // already expanded @@ -487,8 +487,7 @@ protected function setupKey() // on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine, // 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and' // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is. - $temp = $temp << 8 & intval(0xffffff00) | $temp >> 24 & 0xff; - // rotWord + $temp = \PHP_INT_SIZE == 8 ? $temp << 8 & 0xffffff00 | $temp >> 24 & 0xff : $temp << 8 | $temp >> 24 & 0xff; $temp = $this->subWord($temp) ^ $rcon[$i / $this->Nk]; } elseif ($this->Nk > 6 && $i % $this->Nk == 4) { $temp = $this->subWord($temp); @@ -566,7 +565,7 @@ protected function &getTables() // according to (section 5.2.1), // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so // those are the names we'll use. - $t3 = array_map('intval', [ + $t3 = array_map([self::class, 'safe_intval'], [ // with array_map('intval', ...) we ensure we have only int's and not // some slower floats converted by php automatically on high values 0x6363a5c6, @@ -827,9 +826,9 @@ protected function &getTables() 0x16163a2c, ]); foreach ($t3 as $t3i) { - $t0[] = $t3i << 24 & intval(0xff000000) | $t3i >> 8 & 0xffffff; - $t1[] = $t3i << 16 & intval(0xffff0000) | $t3i >> 16 & 0xffff; - $t2[] = $t3i << 8 & intval(0xffffff00) | $t3i >> 24 & 0xff; + $t0[] = $t3i << 24 & self::safe_intval(0xff000000) | $t3i >> 8 & 0xffffff; + $t1[] = $t3i << 16 & self::safe_intval(0xffff0000) | $t3i >> 16 & 0xffff; + $t2[] = $t3i << 8 & self::safe_intval(0xffffff00) | $t3i >> 24 & 0xff; } $tables = [ // The Precomputed mixColumns tables t0 - t3 @@ -855,11 +854,19 @@ protected function &getInvTables() { static $tables; if (empty($tables)) { - $dt3 = array_map('intval', [0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x24c25f5, 0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b, 0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27, 0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x82b94f9, 0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3, 0x2887f230, 0xbfa5b223, 0x36aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7, 0x7f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x5bed506, 0x34621fd1, 0xa6fe8ac4, 0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d, 0x548db591, 0xc45d0571, 0x6d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79, 0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x0, 0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c, 0xefffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736, 0xfd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0xa67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c, 0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x90d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3, 0x1269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084, 0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247, 0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f, 0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf, 0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef, 0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533, 0x4984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46, 0x5eea049d, 0x8c355d01, 0x877473fa, 0xb412efb, 0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb, 0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678, 0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc, 0x3c498b28, 0xd9541ff, 0xa8017139, 0xcb3de08, 0xb4e49cd8, 0x56c19064, 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0]); - foreach ($dt3 as $dt3i) { - $dt0[] = $dt3i << 24 & intval(0xff000000) | $dt3i >> 8 & 0xffffff; - $dt1[] = $dt3i << 16 & intval(0xffff0000) | $dt3i >> 16 & 0xffff; - $dt2[] = $dt3i << 8 & intval(0xffffff00) | $dt3i >> 24 & 0xff; + $dt3 = array_map([self::class, 'safe_intval'], [0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b, 0x30fa5520, 0x766df6ad, 0xcc769188, 0x24c25f5, 0xe5d7fc4f, 0x2acbd7c5, 0x35448026, 0x62a38fb5, 0xb15a49de, 0xba1b6725, 0xea0e9845, 0xfec0e15d, 0x2f7502c3, 0x4cf01281, 0x4697a38d, 0xd3f9c66b, 0x8f5fe703, 0x929c9515, 0x6d7aebbf, 0x5259da95, 0xbe832dd4, 0x7421d358, 0xe0692949, 0xc9c8448e, 0xc2896a75, 0x8e7978f4, 0x583e6b99, 0xb971dd27, 0xe14fb6be, 0x88ad17f0, 0x20ac66c9, 0xce3ab47d, 0xdf4a1863, 0x1a3182e5, 0x51336097, 0x537f4562, 0x6477e0b1, 0x6bae84bb, 0x81a01cfe, 0x82b94f9, 0x48685870, 0x45fd198f, 0xde6c8794, 0x7bf8b752, 0x73d323ab, 0x4b02e272, 0x1f8f57e3, 0x55ab2a66, 0xeb2807b2, 0xb5c2032f, 0xc57b9a86, 0x3708a5d3, 0x2887f230, 0xbfa5b223, 0x36aba02, 0x16825ced, 0xcf1c2b8a, 0x79b492a7, 0x7f2f0f3, 0x69e2a14e, 0xdaf4cd65, 0x5bed506, 0x34621fd1, 0xa6fe8ac4, 0x2e539d34, 0xf355a0a2, 0x8ae13205, 0xf6eb75a4, 0x83ec390b, 0x60efaa40, 0x719f065e, 0x6e1051bd, 0x218af93e, 0xdd063d96, 0x3e05aedd, 0xe6bd464d, 0x548db591, 0xc45d0571, 0x6d46f04, 0x5015ff60, 0x98fb2419, 0xbde997d6, 0x4043cc89, 0xd99e7767, 0xe842bdb0, 0x898b8807, 0x195b38e7, 0xc8eedb79, 0x7c0a47a1, 0x420fe97c, 0x841ec9f8, 0x0, 0x80868309, 0x2bed4832, 0x1170ac1e, 0x5a724e6c, 0xefffbfd, 0x8538560f, 0xaed51e3d, 0x2d392736, 0xfd9640a, 0x5ca62168, 0x5b54d19b, 0x362e3a24, 0xa67b10c, 0x57e70f93, 0xee96d2b4, 0x9b919e1b, 0xc0c54f80, 0xdc20a261, 0x774b695a, 0x121a161c, 0x93ba0ae2, 0xa02ae5c0, 0x22e0433c, 0x1b171d12, 0x90d0b0e, 0x8bc7adf2, 0xb6a8b92d, 0x1ea9c814, 0xf1198557, 0x75074caf, 0x99ddbbee, 0x7f60fda3, 0x1269ff7, 0x72f5bc5c, 0x663bc544, 0xfb7e345b, 0x4329768b, 0x23c6dccb, 0xedfc68b6, 0xe4f163b8, 0x31dccad7, 0x63851042, 0x97224013, 0xc6112084, 0x4a247d85, 0xbb3df8d2, 0xf93211ae, 0x29a16dc7, 0x9e2f4b1d, 0xb230f3dc, 0x8652ec0d, 0xc1e3d077, 0xb3166c2b, 0x70b999a9, 0x9448fa11, 0xe9642247, 0xfc8cc4a8, 0xf03f1aa0, 0x7d2cd856, 0x3390ef22, 0x494ec787, 0x38d1c1d9, 0xcaa2fe8c, 0xd40b3698, 0xf581cfa6, 0x7ade28a5, 0xb78e26da, 0xadbfa43f, 0x3a9de42c, 0x78920d50, 0x5fcc9b6a, 0x7e466254, 0x8d13c2f6, 0xd8b8e890, 0x39f75e2e, 0xc3aff582, 0x5d80be9f, 0xd0937c69, 0xd52da96f, 0x2512b3cf, 0xac993bc8, 0x187da710, 0x9c636ee8, 0x3bbb7bdb, 0x267809cd, 0x5918f46e, 0x9ab701ec, 0x4f9aa883, 0x956e65e6, 0xffe67eaa, 0xbccf0821, 0x15e8e6ef, 0xe79bd9ba, 0x6f36ce4a, 0x9f09d4ea, 0xb07cd629, 0xa4b2af31, 0x3f23312a, 0xa59430c6, 0xa266c035, 0x4ebc3774, 0x82caa6fc, 0x90d0b0e0, 0xa7d81533, 0x4984af1, 0xecdaf741, 0xcd500e7f, 0x91f62f17, 0x4dd68d76, 0xefb04d43, 0xaa4d54cc, 0x9604dfe4, 0xd1b5e39e, 0x6a881b4c, 0x2c1fb8c1, 0x65517f46, 0x5eea049d, 0x8c355d01, 0x877473fa, 0xb412efb, 0x671d5ab3, 0xdbd25292, 0x105633e9, 0xd647136d, 0xd7618c9a, 0xa10c7a37, 0xf8148e59, 0x133c89eb, 0xa927eece, 0x61c935b7, 0x1ce5ede1, 0x47b13c7a, 0xd2df599c, 0xf2733f55, 0x14ce7918, 0xc737bf73, 0xf7cdea53, 0xfdaa5b5f, 0x3d6f14df, 0x44db8678, 0xaff381ca, 0x68c43eb9, 0x24342c38, 0xa3405fc2, 0x1dc37216, 0xe2250cbc, 0x3c498b28, 0xd9541ff, 0xa8017139, 0xcb3de08, 0xb4e49cd8, 0x56c19064, 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0]); + if (\PHP_INT_SIZE === 8) { + foreach ($dt3 as $dt3i) { + $dt0[] = $dt3i << 24 & 0xff000000 | $dt3i >> 8 & 0xffffff; + $dt1[] = $dt3i << 16 & 0xffff0000 | $dt3i >> 16 & 0xffff; + $dt2[] = $dt3i << 8 & 0xffffff00 | $dt3i >> 24 & 0xff; + } + } else { + foreach ($dt3 as $dt3i) { + $dt0[] = $dt3i << 24 | $dt3i >> 8 & 0xffffff; + $dt1[] = $dt3i << 16 | $dt3i >> 16 & 0xffff; + $dt2[] = $dt3i << 8 | $dt3i >> 24 & 0xff; + } } $tables = [ // The Precomputed inverse mixColumns tables dt0 - dt3 @@ -929,7 +936,7 @@ protected function setupInlineCrypt() $encrypt_block .= '$in = pack("N*"' . "\n"; for ($i = 0; $i < $Nb; ++$i) { $encrypt_block .= ', - ($' . $e . $i . ' & ' . (int) 0xff000000 . ') ^ + ($' . $e . $i . ' & ' . (\PHP_INT_SIZE == 8 ? 0xff000000 : -16777216) . ') ^ ($' . $e . ($i + $c[1]) % $Nb . ' & 0x00FF0000 ) ^ ($' . $e . ($i + $c[2]) % $Nb . ' & 0x0000FF00 ) ^ ($' . $e . ($i + $c[3]) % $Nb . ' & 0x000000FF ) ^ @@ -978,7 +985,7 @@ protected function setupInlineCrypt() $decrypt_block .= '$in = pack("N*"' . "\n"; for ($i = 0; $i < $Nb; ++$i) { $decrypt_block .= ', - ($' . $e . $i . ' & ' . (int) 0xff000000 . ') ^ + ($' . $e . $i . ' & ' . (\PHP_INT_SIZE == 8 ? 0xff000000 : -16777216) . ') ^ ($' . $e . ($Nb + $i - $c[1]) % $Nb . ' & 0x00FF0000 ) ^ ($' . $e . ($Nb + $i - $c[2]) % $Nb . ' & 0x0000FF00 ) ^ ($' . $e . ($Nb + $i - $c[3]) % $Nb . ' & 0x000000FF ) ^ diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php index 388535da8..7bd5e2e3e 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Salsa20.php @@ -280,6 +280,7 @@ private function crypt($text, $mode) foreach ($blocks as &$block) { $block ^= static::salsa20($this->p1 . pack('V', $i++) . $this->p2); } + unset($block); return implode('', $blocks); } if ($mode == self::ENCRYPT) { @@ -313,6 +314,7 @@ private function crypt($text, $mode) foreach ($blocks as &$block) { $block ^= static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); } + unset($block); } $encrypted = implode('', $blocks); $temp = static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); @@ -329,6 +331,7 @@ private function crypt($text, $mode) foreach ($blocks as &$block) { $block ^= static::salsa20($this->p1 . pack('V', $buffer['counter']++) . $this->p2); } + unset($block); $ciphertext .= implode('', $blocks); } } @@ -348,7 +351,7 @@ protected static function leftRotate($x, $n) $r1 &= 0xffffffff; $r2 = ($x & 0xffffffff) >> 32 - $n; } else { - $x = (int) $x; + $x = self::safe_intval($x); $r1 = $x << $n; $r2 = $x >> 32 - $n; $r2 &= (1 << $n) - 1; @@ -415,7 +418,7 @@ protected static function salsa20($x) static::doubleRound($z[1], $z[2], $z[3], $z[4], $z[5], $z[6], $z[7], $z[8], $z[9], $z[10], $z[11], $z[12], $z[13], $z[14], $z[15], $z[16]); } for ($i = 1; $i <= 16; $i++) { - $x[$i] += $z[$i]; + $x[$i] = self::safe_intval($x[$i] + $z[$i]); } return pack('V*', ...$x); } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php index 88b66086f..a7e05f87c 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/TripleDES.php @@ -62,15 +62,15 @@ class TripleDES extends DES /** * The mcrypt specific name of the cipher * - * @see \phpseclib3\Crypt\DES::cipher_name_mcrypt - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see DES::cipher_name_mcrypt + * @see Common\SymmetricKey::cipher_name_mcrypt * @var string */ protected $cipher_name_mcrypt = 'tripledes'; /** * Optimizing value while CFB-encrypting * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @see Common\SymmetricKey::cfb_init_len * @var int */ protected $cfb_init_len = 750; @@ -78,7 +78,7 @@ class TripleDES extends DES * max possible size of $key * * @see self::setKey() - * @see \phpseclib3\Crypt\DES::setKey() + * @see DES::setKey() * @var string */ protected $key_length_max = 24; @@ -117,8 +117,8 @@ class TripleDES extends DES * * - cbc3 (same as cbc) * - * @see \phpseclib3\Crypt\DES::__construct() - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @see Crypt\DES::__construct() + * @see Common\SymmetricKey::__construct() * @param string $mode */ public function __construct($mode) @@ -152,7 +152,7 @@ public function __construct($mode) * * This is mainly just a wrapper to set things up for \phpseclib3\Crypt\Common\SymmetricKey::isValidEngine() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() + * @see Common\SymmetricKey::__construct() * @param int $engine * @return bool */ @@ -170,7 +170,7 @@ protected function isValidEngineHelper($engine) * * SetIV is not required when \phpseclib3\Crypt\Common\SymmetricKey::MODE_ECB is being used. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::setIV() + * @see Common\SymmetricKey::setIV() * @param string $iv */ public function setIV($iv) @@ -189,7 +189,7 @@ public function setIV($iv) * * If you want to use a 64-bit key use DES.php * - * @see \phpseclib3\Crypt\Common\SymmetricKey:setKeyLength() + * @see Common\SymmetricKey:setKeyLength() * @throws \LengthException if the key length is invalid * @param int $length */ @@ -211,8 +211,8 @@ public function setKeyLength($length) * * DES also requires that every eighth bit be a parity bit, however, we'll ignore that. * - * @see \phpseclib3\Crypt\DES::setKey() - * @see \phpseclib3\Crypt\Common\SymmetricKey::setKey() + * @see DES::setKey() + * @see Common\SymmetricKey::setKey() * @throws \LengthException if the key length is invalid * @param string $key */ @@ -244,7 +244,7 @@ public function setKey($key) /** * Encrypts a message. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::encrypt() + * @see Common\SymmetricKey::encrypt() * @param string $plaintext * @return string $cipertext */ @@ -261,7 +261,7 @@ public function encrypt($plaintext) /** * Decrypts a message. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::decrypt() + * @see Common\SymmetricKey::decrypt() * @param string $ciphertext * @return string $plaintext */ @@ -306,7 +306,7 @@ public function decrypt($ciphertext) * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), * however, they are also less intuitive and more likely to cause you problems. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::enableContinuousBuffer() + * @see Common\SymmetricKey::enableContinuousBuffer() * @see self::disableContinuousBuffer() */ public function enableContinuousBuffer() @@ -323,7 +323,7 @@ public function enableContinuousBuffer() * * The default behavior. * - * @see \phpseclib3\Crypt\Common\SymmetricKey::disableContinuousBuffer() + * @see Common\SymmetricKey::disableContinuousBuffer() * @see self::enableContinuousBuffer() */ public function disableContinuousBuffer() @@ -338,8 +338,8 @@ public function disableContinuousBuffer() /** * Creates the key schedule * - * @see \phpseclib3\Crypt\DES::setupKey() - * @see \phpseclib3\Crypt\Common\SymmetricKey::setupKey() + * @see DES::setupKey() + * @see Common\SymmetricKey::setupKey() */ protected function setupKey() { @@ -368,8 +368,8 @@ protected function setupKey() /** * Sets the internal crypt engine * - * @see \phpseclib3\Crypt\Common\SymmetricKey::__construct() - * @see \phpseclib3\Crypt\Common\SymmetricKey::setPreferredEngine() + * @see Common\SymmetricKey::__construct() + * @see Common\SymmetricKey::setPreferredEngine() * @param int $engine */ public function setPreferredEngine($engine) diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php index 359825495..561590392 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Crypt/Twofish.php @@ -47,14 +47,14 @@ class Twofish extends BlockCipher /** * The mcrypt specific name of the cipher * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cipher_name_mcrypt + * @see Common\SymmetricKey::cipher_name_mcrypt * @var string */ protected $cipher_name_mcrypt = 'twofish'; /** * Optimizing value while CFB-encrypting * - * @see \phpseclib3\Crypt\Common\SymmetricKey::cfb_init_len + * @see Common\SymmetricKey::cfb_init_len * @var int */ protected $cfb_init_len = 800; @@ -156,12 +156,12 @@ public function __construct($mode) protected static function initialize_static_variables() { if (is_float(self::$m3[0])) { - self::$m0 = array_map('intval', self::$m0); - self::$m1 = array_map('intval', self::$m1); - self::$m2 = array_map('intval', self::$m2); - self::$m3 = array_map('intval', self::$m3); - self::$q0 = array_map('intval', self::$q0); - self::$q1 = array_map('intval', self::$q1); + self::$m0 = array_map([self::class, 'safe_intval'], self::$m0); + self::$m1 = array_map([self::class, 'safe_intval'], self::$m1); + self::$m2 = array_map([self::class, 'safe_intval'], self::$m2); + self::$m3 = array_map([self::class, 'safe_intval'], self::$m3); + self::$q0 = array_map([self::class, 'safe_intval'], self::$q0); + self::$q1 = array_map([self::class, 'safe_intval'], self::$q1); } parent::initialize_static_variables(); } @@ -208,7 +208,7 @@ public function setKey($key) /** * Setup the key (expansion) * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupKey() + * @see Common\SymmetricKey::_setupKey() */ protected function setupKey() { @@ -402,7 +402,7 @@ protected function decryptBlock($in) /** * Setup the performance-optimized function for de/encrypt() * - * @see \phpseclib3\Crypt\Common\SymmetricKey::_setupInlineCrypt() + * @see Common\SymmetricKey::_setupInlineCrypt() */ protected function setupInlineCrypt() { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Exception/InvalidPacketLengthException.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Exception/InvalidPacketLengthException.php new file mode 100644 index 000000000..fefbf1bb4 --- /dev/null +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Exception/InvalidPacketLengthException.php @@ -0,0 +1,10 @@ + $length + 2]; $start += $length; - extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), \STR_PAD_LEFT), -4))); - /** @var integer $length */ + $length = unpack('Nlength', substr(str_pad($temp, 4, chr(0), \STR_PAD_LEFT), -4))['length']; } else { $current += ['headerlength' => 2]; } @@ -734,10 +733,17 @@ public static function asn1map(array $decoded, $mapping, $special = []) case self::TYPE_ENUMERATED: $temp = $decoded['content']; if (isset($mapping['implicit'])) { - $temp = new BigInteger($decoded['content'], -256); + $temp = new BigInteger($temp, -256); + } + if (!$temp instanceof BigInteger) { + return \false; } if (isset($mapping['mapping'])) { - $temp = (int) $temp->toString(); + $temp = $temp->toString(); + if (strlen($temp) > 1) { + return \false; + } + $temp = (int) $temp; return isset($mapping['mapping'][$temp]) ? $mapping['mapping'][$temp] : \false; } return $temp; @@ -863,7 +869,19 @@ private static function encode_der($source, array $mapping, $idx = null, array $ an untagged "DummyReference" (see ITU-T Rec. X.683 | ISO/IEC 8824-4, 8.3)." */ if (isset($child['explicit']) || $child['type'] == self::TYPE_CHOICE) { - $subtag = chr(self::CLASS_CONTEXT_SPECIFIC << 6 | 0x20 | $child['constant']); + if ($child['constant'] <= 30) { + $subtag = chr(self::CLASS_CONTEXT_SPECIFIC << 6 | 0x20 | $child['constant']); + } else { + $constant = $child['constant']; + $subtag = ''; + while ($constant > 0) { + $subtagvalue = $constant & 0x7f; + $subtag = chr(0x80 | $subtagvalue) . $subtag; + $constant = $constant >> 7; + } + $subtag[strlen($subtag) - 1] = $subtag[strlen($subtag) - 1] & chr(0x7f); + $subtag = chr(self::CLASS_CONTEXT_SPECIFIC << 6 | 0x20 | 0x1f) . $subtag; + } $temp = $subtag . self::encodeLength(strlen($temp)) . $temp; } else { $subtag = chr(self::CLASS_CONTEXT_SPECIFIC << 6 | ord($temp[0]) & 0x20 | $child['constant']); @@ -1052,6 +1070,8 @@ private static function encode_der($source, array $mapping, $idx = null, array $ */ public static function decodeOID($content) { + // BigInteger's are used because of OIDs like 2.25.329800735698586629295641978511506172918 + // https://healthcaresecprivacy.blogspot.com/2011/02/creating-and-using-unique-id-uuid-oid.html elaborates. static $eighty; if (!$eighty) { $eighty = new BigInteger(80); diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php index a7c148540..a069f81fa 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Element.php @@ -32,7 +32,7 @@ class Element * Constructor * * @param string $encoded - * @return \phpseclib3\File\ASN1\Element + * @return Element */ public function __construct($encoded) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php index bba3b158f..6e1efac18 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/ASN1/Maps/TBSCertList.php @@ -20,5 +20,5 @@ */ abstract class TBSCertList { - const MAP = ['type' => ASN1::TYPE_SEQUENCE, 'children' => ['version' => ['type' => ASN1::TYPE_INTEGER, 'mapping' => ['v1', 'v2', 'v3'], 'optional' => \true, 'default' => 'v2'], 'signature' => AlgorithmIdentifier::MAP, 'issuer' => Name::MAP, 'thisUpdate' => Time::MAP, 'nextUpdate' => ['optional' => \true] + Time::MAP, 'revokedCertificates' => ['type' => ASN1::TYPE_SEQUENCE, 'optional' => \true, 'min' => 0, 'max' => -1, 'children' => RevokedCertificate::MAP], 'crlExtensions' => ['constant' => 0, 'optional' => \true, 'explicit' => \true] + Extensions::MAP]]; + const MAP = ['type' => ASN1::TYPE_SEQUENCE, 'children' => ['version' => ['type' => ASN1::TYPE_INTEGER, 'mapping' => ['v1', 'v2'], 'optional' => \true, 'default' => 'v1'], 'signature' => AlgorithmIdentifier::MAP, 'issuer' => Name::MAP, 'thisUpdate' => Time::MAP, 'nextUpdate' => ['optional' => \true] + Time::MAP, 'revokedCertificates' => ['type' => ASN1::TYPE_SEQUENCE, 'optional' => \true, 'min' => 0, 'max' => -1, 'children' => RevokedCertificate::MAP], 'crlExtensions' => ['constant' => 0, 'optional' => \true, 'explicit' => \true] + Extensions::MAP]]; } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/X509.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/X509.php index 29f7f5ff6..1b998bc74 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/X509.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/File/X509.php @@ -250,7 +250,7 @@ class X509 /** * Default Constructor. * - * @return \phpseclib3\File\X509 + * @return X509 */ public function __construct() { @@ -292,6 +292,7 @@ public function __construct() 'id-at-uniqueIdentifier' => '2.5.4.45', 'id-at-role' => '2.5.4.72', 'id-at-postalAddress' => '2.5.4.16', + 'id-at-organizationIdentifier' => '2.5.4.97', 'jurisdictionOfIncorporationCountryName' => '1.3.6.1.4.1.311.60.2.1.3', 'jurisdictionOfIncorporationStateOrProvinceName' => '1.3.6.1.4.1.311.60.2.1.2', 'jurisdictionLocalityName' => '1.3.6.1.4.1.311.60.2.1.1', @@ -467,10 +468,6 @@ public function saveX509(array $cert, $format = self::FORMAT_PEM) default: $cert['tbsCertificate']['subjectPublicKeyInfo'] = new Element(base64_decode(preg_replace('#-.+-|[\\r\\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']))); } - if ($algorithm == 'rsaEncryption') { - $cert['signatureAlgorithm']['parameters'] = null; - $cert['tbsCertificate']['signature']['parameters'] = null; - } $filters = []; $type_utf8_string = ['type' => ASN1::TYPE_UTF8_STRING]; $filters['tbsCertificate']['signature']['parameters'] = $type_utf8_string; @@ -564,7 +561,9 @@ private function mapOutExtensions(array &$root, $path) { $extensions =& $this->subArray($root, $path, !empty($this->extensionValues)); foreach ($this->extensionValues as $id => $data) { - extract($data); + $critical = $data['critical']; + $replace = $data['replace']; + $value = $data['value']; $newext = ['extnId' => $id, 'extnValue' => $value, 'critical' => $critical]; if ($replace) { foreach ($extensions as $key => $value) { @@ -1239,7 +1238,7 @@ private function validateSignatureCountable($caonly, $count) * @param string $signatureAlgorithm * @param string $signature * @param string $signatureSubject - * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @throws UnsupportedAlgorithmException if the algorithm is unsupported * @return bool */ private function validateSignatureHelper($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject) @@ -1450,6 +1449,9 @@ private function translateDNProp($propName) case 'organizationalunitname': case 'ou': return 'id-at-organizationalUnitName'; + case 'id-at-organizationidentifier': + case 'organizationIdentifier': + return 'id-at-organizationIdentifier'; case 'id-at-pseudonym': case 'pseudonym': return 'id-at-pseudonym'; @@ -1531,7 +1533,7 @@ public function removeDNProp($propName) * @param bool $withType optional * @return mixed */ - public function getDNProp($propName, array $dn = null, $withType = \false) + public function getDNProp($propName, $dn = null, $withType = \false) { if (!isset($dn)) { $dn = $this->dn; @@ -1628,7 +1630,7 @@ public function setDN($dn, $merge = \false, $type = 'utf8String') * @param array $dn optional * @return array|bool|string */ - public function getDN($format = self::DN_ARRAY, array $dn = null) + public function getDN($format = self::DN_ARRAY, $dn = null) { if (!isset($dn)) { $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn; @@ -1675,7 +1677,7 @@ public function getDN($format = self::DN_ARRAY, array $dn = null) $dn = $this->getDN(self::DN_CANON, $dn); $hash = new Hash('sha1'); $hash = $hash->hash($dn); - extract(unpack('Vhash', $hash)); + $hash = unpack('Vhash', $hash)['hash']; return strtolower(Strings::bin2hex(pack('N', $hash))); } // Default is to return a string. @@ -2418,7 +2420,7 @@ public function signCSR() } $this->currentCert['certificationRequestInfo']['subjectPKInfo'] = $publicKey; } else { - $this->currentCert = ['certificationRequestInfo' => ['version' => 'v1', 'subject' => $this->dn, 'subjectPKInfo' => $publicKey], 'signatureAlgorithm' => $signatureAlgorithm, 'signature' => \false]; + $this->currentCert = ['certificationRequestInfo' => ['version' => 'v1', 'subject' => $this->dn, 'subjectPKInfo' => $publicKey, 'attributes' => []], 'signatureAlgorithm' => $signatureAlgorithm, 'signature' => \false]; } // resync $this->signatureSubject // save $certificationRequestInfo in case there are any \phpseclib3\File\ASN1\Element objects in it @@ -2534,12 +2536,12 @@ public function signCRL(X509 $issuer, X509 $crl) $version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0; if (!$version) { if (!empty($tbsCertList['crlExtensions'])) { - $version = 1; + $version = 'v2'; // v2. } elseif (!empty($tbsCertList['revokedCertificates'])) { foreach ($tbsCertList['revokedCertificates'] as $cert) { if (!empty($cert['crlEntryExtensions'])) { - $version = 1; + $version = 'v2'; // v2. } } @@ -2593,7 +2595,7 @@ public function signCRL(X509 $issuer, X509 $crl) * Identify signature algorithm from key settings * * @param PrivateKey $key - * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @throws UnsupportedAlgorithmException if the algorithm is unsupported * @return array */ private static function identifySignatureAlgorithm(PrivateKey $key) @@ -2611,7 +2613,7 @@ private static function identifySignatureAlgorithm(PrivateKey $key) case 'sha256': case 'sha384': case 'sha512': - return ['algorithm' => $key->getHash() . 'WithRSAEncryption']; + return ['algorithm' => $key->getHash() . 'WithRSAEncryption', 'parameters' => null]; } throw new UnsupportedAlgorithmException('The only supported hash algorithms for RSA are: md2, md5, sha1, sha224, sha256, sha384, sha512'); } @@ -2761,7 +2763,7 @@ private function &subArrayUnchecked(array &$root, $path, $create = \false) * @param bool $create optional * @return array|false */ - private function &subArray(array &$root = null, $path, $create = \false) + private function &subArray(&$root, $path, $create = \false) { $false = \false; if (!is_array($root)) { @@ -2789,7 +2791,7 @@ private function &subArray(array &$root = null, $path, $create = \false) * @param bool $create optional * @return array|false */ - private function &extensions(array &$root = null, $path = null, $create = \false) + private function &extensions(&$root, $path = null, $create = \false) { if (!isset($root)) { $root = $this->currentCert; @@ -2866,7 +2868,7 @@ private function removeExtensionHelper($id, $path = null) * @param string $path optional * @return mixed */ - private function getExtensionHelper($id, array $cert = null, $path = null) + private function getExtensionHelper($id, $cert = null, $path = null) { $extensions = $this->extensions($cert, $path); if (!is_array($extensions)) { @@ -2886,7 +2888,7 @@ private function getExtensionHelper($id, array $cert = null, $path = null) * @param string $path optional * @return array */ - private function getExtensionsHelper(array $cert = null, $path = null) + private function getExtensionsHelper($cert = null, $path = null) { $exts = $this->extensions($cert, $path); $extensions = []; @@ -2946,7 +2948,7 @@ public function removeExtension($id) * @param string $path * @return mixed */ - public function getExtension($id, array $cert = null, $path = null) + public function getExtension($id, $cert = null, $path = null) { return $this->getExtensionHelper($id, $cert, $path); } @@ -2957,7 +2959,7 @@ public function getExtension($id, array $cert = null, $path = null) * @param string $path optional * @return array */ - public function getExtensions(array $cert = null, $path = null) + public function getExtensions($cert = null, $path = null) { return $this->getExtensionsHelper($cert, $path); } @@ -3027,7 +3029,7 @@ public function removeAttribute($id, $disposition = self::ATTR_ALL) * @param array $csr optional * @return mixed */ - public function getAttribute($id, $disposition = self::ATTR_ALL, array $csr = null) + public function getAttribute($id, $disposition = self::ATTR_ALL, $csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -3055,13 +3057,32 @@ public function getAttribute($id, $disposition = self::ATTR_ALL, array $csr = nu } return \false; } + /** + * Get all requested CSR extensions + * + * Returns the list of extensions if there are any and false if not + * + * @param array $csr optional + * @return mixed + */ + public function getRequestedCertificateExtensions($csr = null) + { + if (empty($csr)) { + $csr = $this->currentCert; + } + $requestedExtensions = $this->getAttribute('pkcs-9-at-extensionRequest'); + if ($requestedExtensions === \false) { + return \false; + } + return $this->getAttribute('pkcs-9-at-extensionRequest')[0]; + } /** * Returns a list of all CSR attributes in use * * @param array $csr optional * @return array */ - public function getAttributes(array $csr = null) + public function getAttributes($csr = null) { if (empty($csr)) { $csr = $this->currentCert; @@ -3372,7 +3393,7 @@ public function getRevoked($serial) * @param array $crl optional * @return array|bool */ - public function listRevoked(array $crl = null) + public function listRevoked($crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -3414,7 +3435,7 @@ public function removeRevokedCertificateExtension($serial, $id) * @param array $crl optional * @return mixed */ - public function getRevokedCertificateExtension($serial, $id, array $crl = null) + public function getRevokedCertificateExtension($serial, $id, $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; @@ -3433,7 +3454,7 @@ public function getRevokedCertificateExtension($serial, $id, array $crl = null) * @param array $crl optional * @return array|bool */ - public function getRevokedCertificateExtensions($serial, array $crl = null) + public function getRevokedCertificateExtensions($serial, $crl = null) { if (!isset($crl)) { $crl = $this->currentCert; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger.php index 8209bb325..fd39699af 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger.php @@ -122,6 +122,11 @@ private static function initialize_static_variables() { if (!isset(self::$mainEngine)) { $engines = [['GMP', ['DefaultEngine']], ['PHP64', ['OpenSSL']], ['BCMath', ['OpenSSL']], ['PHP32', ['OpenSSL']], ['PHP64', ['DefaultEngine']], ['PHP32', ['DefaultEngine']]]; + // per https://phpseclib.com/docs/speed PHP 8.4.0+ _significantly_ sped up BCMath + if (version_compare(\PHP_VERSION, '8.4.0') >= 0) { + $engines[1][0] = 'BCMath'; + $engines[2][0] = 'PHP64'; + } foreach ($engines as $engine) { try { self::setEngine($engine[0], $engine[1]); @@ -138,7 +143,7 @@ private static function initialize_static_variables() * If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using * two's compliment. The sole exception to this is -10, which is treated the same as 10 is. * - * @param string|int|BigInteger\Engines\Engine $x Base-10 number or base-$base number if $base set. + * @param string|int|Engine $x Base-10 number or base-$base number if $base set. * @param int $base */ public function __construct($x = 0, $base = 10) @@ -146,7 +151,7 @@ public function __construct($x = 0, $base = 10) self::initialize_static_variables(); if ($x instanceof self::$mainEngine) { $this->value = clone $x; - } elseif ($x instanceof BigInteger\Engines\Engine) { + } elseif ($x instanceof Engine) { $this->value = new static("{$x}"); $this->value->setPrecision($x->getPrecision()); } else { @@ -293,12 +298,10 @@ public function modInverse(BigInteger $n) */ public function extendedGCD(BigInteger $n) { - extract($this->value->extendedGCD($n->value)); - /** - * @var BigInteger $gcd - * @var BigInteger $x - * @var BigInteger $y - */ + $extended = $this->value->extendedGCD($n->value); + $gcd = $extended['gcd']; + $x = $extended['x']; + $y = $extended['y']; return ['gcd' => new static($gcd), 'x' => new static($x), 'y' => new static($y)]; } /** @@ -350,7 +353,7 @@ public function getPrecision() * * Will be called, automatically, when serialize() is called on a BigInteger object. * - * __sleep() / __wakeup() have been around since PHP 4.0 + * __sleep() / __wakeup() have been around since PHP 4.0 but were deprecated in PHP 8.5 * * \Serializable was introduced in PHP 5.1 and deprecated in PHP 8.1: * https://wiki.php.net/rfc/phase_out_serializable @@ -383,6 +386,36 @@ public function __wakeup() $this->setPrecision($this->precision); } } + /** + * __serialize() magic method + * + * @see self::__unserialize() + * @return array + * @access public + */ + public function __serialize() + { + $result = ['hex' => $this->toHex(\true)]; + if ($this->getPrecision() > 0) { + $result['precision'] = $this->getPrecision(); + } + return $result; + } + /** + * __unserialize() magic method + * + * @see self::__serialize() + * @access public + */ + public function __unserialize(array $data) + { + $temp = new static($data['hex'], -16); + $this->value = $temp->value; + if (isset($data['precision']) && $data['precision'] > 0) { + // recalculate $this->bitmask + $this->setPrecision($data['precision']); + } + } /** * JSON Serialize * @@ -552,10 +585,9 @@ public static function minMaxBits($bits) { self::initialize_static_variables(); $class = self::$mainEngine; - extract($class::minMaxBits($bits)); - /** @var BigInteger $min - * @var BigInteger $max - */ + $minMax = $class::minMaxBits($bits); + $min = $minMax['min']; + $max = $minMax['max']; return ['min' => new static($min), 'max' => new static($max)]; } /** diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php index fd354e262..f21ffbafa 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath.php @@ -34,6 +34,10 @@ class BCMath extends Engine * @see parent::setModExpEngine */ const ENGINE_DIR = 'BCMath'; + /** + * Test to see if bcmod() accepts 2 or 3 parameters + */ + const BCMOD_THREE_PARAMS = \PHP_VERSION_ID >= 72000; /** * Test for engine validity * @@ -126,8 +130,8 @@ public function toBytes($twos_compliment = \false) $current = substr($current, 1); } while (bccomp($current, '0', 0) > 0) { - $temp = bcmod($current, '16777216'); - $value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value; + $temp = self::BCMOD_THREE_PARAMS ? bcmod($current, '16777216', 0) : bcmod($current, '16777216'); + $value = chr($temp >> 16) . chr($temp >> 8 & 0xff) . chr($temp & 0xff) . $value; $current = bcdiv($current, '16777216', 0); } return $this->precision > 0 ? substr(str_pad($value, $this->precision >> 3, chr(0), \STR_PAD_LEFT), -($this->precision >> 3)) : ltrim($value, chr(0)); @@ -141,7 +145,7 @@ public function toBytes($twos_compliment = \false) public function add(BCMath $y) { $temp = new self(); - $temp->value = bcadd($this->value, $y->value); + $temp->value = bcadd($this->value, $y->value, 0); return $this->normalize($temp); } /** @@ -153,7 +157,7 @@ public function add(BCMath $y) public function subtract(BCMath $y) { $temp = new self(); - $temp->value = bcsub($this->value, $y->value); + $temp->value = bcsub($this->value, $y->value, 0); return $this->normalize($temp); } /** @@ -165,7 +169,7 @@ public function subtract(BCMath $y) public function multiply(BCMath $x) { $temp = new self(); - $temp->value = bcmul($this->value, $x->value); + $temp->value = bcmul($this->value, $x->value, 0); return $this->normalize($temp); } /** @@ -184,7 +188,7 @@ public function divide(BCMath $y) $quotient = new self(); $remainder = new self(); $quotient->value = bcdiv($this->value, $y->value, 0); - $remainder->value = bcmod($this->value, $y->value); + $remainder->value = self::BCMOD_THREE_PARAMS ? bcmod($this->value, $y->value, 0) : bcmod($this->value, $y->value); if ($remainder->value[0] == '-') { $remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0); } @@ -248,8 +252,7 @@ public function extendedGCD(BCMath $n) */ public function gcd(BCMath $n) { - extract($this->extendedGCD($n)); - /** @var BCMath $gcd */ + $gcd = $this->extendedGCD($n)['gcd']; return $gcd; } /** @@ -281,7 +284,7 @@ public function bitwise_and(BCMath $x) */ public function bitwise_or(BCMath $x) { - return $this->bitwiseXorHelper($x); + return $this->bitwiseOrHelper($x); } /** * Logical Exclusive Or @@ -408,7 +411,7 @@ protected function normalize(BCMath $result) $result->precision = $this->precision; $result->bitmask = $this->bitmask; if ($result->bitmask !== \false) { - $result->value = bcmod($result->value, $result->bitmask->value); + $result->value = self::BCMOD_THREE_PARAMS ? bcmod($result->value, $result->bitmask->value, 0) : bcmod($result->value, $result->bitmask->value); } return $result; } @@ -452,7 +455,7 @@ public static function randomRange(BCMath $min, BCMath $max) protected function make_odd() { if (!$this->isOdd()) { - $this->value = bcadd($this->value, '1'); + $this->value = bcadd($this->value, '1', 0); } } /** @@ -473,7 +476,7 @@ protected function testSmallPrimes() } $value = $this->value; foreach (self::PRIMES as $prime) { - $r = bcmod($this->value, $prime); + $r = self::BCMOD_THREE_PARAMS ? bcmod($this->value, $prime, 0) : bcmod($this->value, $prime); if ($r == '0') { return $this->value == $prime; } @@ -509,7 +512,7 @@ public static function scan1divide(BCMath $r) public function pow(BCMath $n) { $temp = new self(); - $temp->value = bcpow($this->value, $n->value); + $temp->value = bcpow($this->value, $n->value, 0); return $this->normalize($temp); } /** @@ -571,7 +574,8 @@ public function isOdd() */ public function testBit($x) { - return bccomp(bcmod($this->value, bcpow('2', $x + 1, 0)), bcpow('2', $x, 0), 0) >= 0; + $divisor = bcpow('2', $x + 1, 0); + return bccomp(self::BCMOD_THREE_PARAMS ? bcmod($this->value, $divisor, 0) : bcmod($this->value, $divisor), bcpow('2', $x, 0), 0) >= 0; } /** * Is Negative? diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php index 6183dc4c7..23334505a 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Base.php @@ -84,7 +84,7 @@ protected static function prepareReduce($x, $n, $class) */ protected static function multiplyReduce($x, $y, $n, $class) { - return static::reduce(bcmul($x, $y), $n); + return static::reduce(bcmul($x, $y, 0), $n); } /** * Modular square @@ -97,6 +97,6 @@ protected static function multiplyReduce($x, $y, $n, $class) */ protected static function squareReduce($x, $n, $class) { - return static::reduce(bcmul($x, $x), $n); + return static::reduce(bcmul($x, $x, 0), $n); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php index e82d83458..92f1aa043 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/BuiltIn.php @@ -31,7 +31,7 @@ abstract class BuiltIn extends BCMath protected static function powModHelper(BCMath $x, BCMath $e, BCMath $n) { $temp = new BCMath(); - $temp->value = bcpowmod($x->value, $e->value, $n->value); + $temp->value = bcpowmod($x->value, $e->value, $n->value, 0); return $x->normalize($temp); } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php index 6b9ec6801..a0d122d81 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/Barrett.php @@ -59,33 +59,42 @@ protected static function reduce($n, $m) static $cache = [self::VARIABLE => [], self::DATA => []]; $m_length = strlen($m); if (strlen($n) > 2 * $m_length) { - return bcmod($n, $m); + return self::BCMOD_THREE_PARAMS ? bcmod($n, $m, 0) : bcmod($n, $m); } // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced if ($m_length < 5) { return self::regularBarrett($n, $m); } // n = 2 * m.length + $correctionNeeded = \false; + if ($m_length & 1) { + $correctionNeeded = \true; + $n .= '0'; + $m .= '0'; + $m_length++; + } if (($key = array_search($m, $cache[self::VARIABLE])) === \false) { $key = count($cache[self::VARIABLE]); $cache[self::VARIABLE][] = $m; $lhs = '1' . str_repeat('0', $m_length + ($m_length >> 1)); $u = bcdiv($lhs, $m, 0); - $m1 = bcsub($lhs, bcmul($u, $m)); + $m1 = bcsub($lhs, bcmul($u, $m, 0), 0); $cache[self::DATA][] = [ 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1) 'm1' => $m1, ]; } else { - extract($cache[self::DATA][$key]); + $cacheValues = $cache[self::DATA][$key]; + $u = $cacheValues['u']; + $m1 = $cacheValues['m1']; } $cutoff = $m_length + ($m_length >> 1); $lsd = substr($n, -$cutoff); $msd = substr($n, 0, -$cutoff); - $temp = bcmul($msd, $m1); + $temp = bcmul($msd, $m1, 0); // m.length + (m.length >> 1) - $n = bcadd($lsd, $temp); + $n = bcadd($lsd, $temp, 0); // m.length + (m.length >> 1) + 1 (so basically we're adding two same length numbers) //if ($m_length & 1) { // return self::regularBarrett($n, $m); @@ -94,26 +103,26 @@ protected static function reduce($n, $m) $temp = substr($n, 0, -$m_length + 1); // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 - $temp = bcmul($temp, $u); + $temp = bcmul($temp, $u, 0); // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) $temp = substr($temp, 0, -($m_length >> 1) - 1); // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) - $temp = bcmul($temp, $m); + $temp = bcmul($temp, $m, 0); // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). - $result = bcsub($n, $temp); + $result = bcsub($n, $temp, 0); //if (bccomp($result, '0') < 0) { if ($result[0] == '-') { $temp = '1' . str_repeat('0', $m_length + 1); - $result = bcadd($result, $temp); + $result = bcadd($result, $temp, 0); } - while (bccomp($result, $m) >= 0) { - $result = bcsub($result, $m); + while (bccomp($result, $m, 0) >= 0) { + $result = bcsub($result, $m, 0); } - return $result; + return $correctionNeeded && $result != '0' ? substr($result, 0, -1) : $result; } /** * (Regular) Barrett Modular Reduction @@ -130,7 +139,7 @@ private static function regularBarrett($x, $n) static $cache = [self::VARIABLE => [], self::DATA => []]; $n_length = strlen($n); if (strlen($x) > 2 * $n_length) { - return bcmod($x, $n); + return self::BCMOD_THREE_PARAMS ? bcmod($x, $n, 0) : bcmod($x, $n); } if (($key = array_search($n, $cache[self::VARIABLE])) === \false) { $key = count($cache[self::VARIABLE]); @@ -139,18 +148,18 @@ private static function regularBarrett($x, $n) $cache[self::DATA][] = bcdiv($lhs, $n, 0); } $temp = substr($x, 0, -$n_length + 1); - $temp = bcmul($temp, $cache[self::DATA][$key]); + $temp = bcmul($temp, $cache[self::DATA][$key], 0); $temp = substr($temp, 0, -$n_length - 1); $r1 = substr($x, -$n_length - 1); - $r2 = substr(bcmul($temp, $n), -$n_length - 1); + $r2 = substr(bcmul($temp, $n, 0), -$n_length - 1); $result = bcsub($r1, $r2); //if (bccomp($result, '0') < 0) { if ($result[0] == '-') { $q = '1' . str_repeat('0', $n_length + 1); - $result = bcadd($result, $q); + $result = bcadd($result, $q, 0); } - while (bccomp($result, $n) >= 0) { - $result = bcsub($result, $n); + while (bccomp($result, $n, 0) >= 0) { + $result = bcsub($result, $n, 0); } return $result; } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php index 67459e07a..ef0d56b7d 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/BCMath/Reductions/EvalBarrett.php @@ -53,14 +53,14 @@ protected static function generateCustomReduction(BCMath $m, $class) { $m_length = strlen($m); if ($m_length < 5) { - $code = 'return bcmod($x, $n);'; + $code = 'return self::BCMOD_THREE_PARAMS ? bcmod($x, $n, 0) : bcmod($x, $n);'; eval('$func = function ($n) { ' . $code . '};'); self::$custom_reduction = $func; return; } $lhs = '1' . str_repeat('0', $m_length + ($m_length >> 1)); $u = bcdiv($lhs, $m, 0); - $m1 = bcsub($lhs, bcmul($u, $m)); + $m1 = bcsub($lhs, bcmul($u, $m, 0), 0); $cutoff = $m_length + ($m_length >> 1); $m = "'{$m}'"; $u = "'{$u}'"; @@ -69,23 +69,23 @@ protected static function generateCustomReduction(BCMath $m, $class) $lsd = substr($n, -' . $cutoff . '); $msd = substr($n, 0, -' . $cutoff . '); - $temp = bcmul($msd, ' . $m1 . '); - $n = bcadd($lsd, $temp); + $temp = bcmul($msd, ' . $m1 . ', 0); + $n = bcadd($lsd, $temp, 0); $temp = substr($n, 0, ' . (-$m_length + 1) . '); - $temp = bcmul($temp, ' . $u . '); + $temp = bcmul($temp, ' . $u . ', 0); $temp = substr($temp, 0, ' . (-($m_length >> 1) - 1) . '); - $temp = bcmul($temp, ' . $m . '); + $temp = bcmul($temp, ' . $m . ', 0); - $result = bcsub($n, $temp); + $result = bcsub($n, $temp, 0); if ($result[0] == \'-\') { $temp = \'1' . str_repeat('0', $m_length + 1) . '\'; - $result = bcadd($result, $temp); + $result = bcadd($result, $temp, 0); } while (bccomp($result, ' . $m . ') >= 0) { - $result = bcsub($result, ' . $m . '); + $result = bcsub($result, ' . $m . ', 0); } return $result;'; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php index 5b52f6645..cc489d815 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/Engine.php @@ -268,11 +268,9 @@ protected function modInverseHelper(Engine $n) $temp = $temp->modInverse($n); return $this->normalize($n->subtract($temp)); } - extract($this->extendedGCD($n)); - /** - * @var Engine $gcd - * @var Engine $x - */ + $extended = $this->extendedGCD($n); + $gcd = $extended['gcd']; + $x = $extended['x']; if (!$gcd->equals(static::$one[static::class])) { return \false; } @@ -312,6 +310,42 @@ public function __wakeup() $this->setPrecision($this->precision); } } + /** + * __serialize() magic method + * + * __sleep / __wakeup were depreciated in PHP 8.5 + * Will be called, automatically, when serialize() is called on a Math_BigInteger object. + * + * @see self::__unserialize() + * @access public + */ + public function __serialize() + { + $result = ['hex' => $this->toHex(\true)]; + if ($this->precision > 0) { + $result['precision'] = $this->precision; + } + return $result; + } + /** + * __unserialize() magic method + * + * __sleep / __wakeup were depreciated in PHP 8.5 + * Will be called, automatically, when unserialize() is called on a Math_BigInteger object. + * + * @see self::__serialize() + * @access public + */ + public function __unserialize(array $data) + { + $temp = new static($data['hex'], -16); + $this->value = $temp->value; + $this->is_negative = $temp->is_negative; + if (isset($data['precision']) && $data['precision'] > 0) { + // recalculate $this->bitmask + $this->setPrecision($data['precision']); + } + } /** * JSON Serialize * @@ -443,7 +477,7 @@ protected static function base256_lshift(&$x, $shift) $carry = 0; for ($i = strlen($x) - 1; $i >= 0; --$i) { $temp = ord($x[$i]) << $shift | $carry; - $x[$i] = chr($temp); + $x[$i] = chr($temp & 0xff); $carry = $temp >> 8; } $carry = $carry != 0 ? chr($carry) : ''; @@ -556,7 +590,7 @@ protected function powModOuter(Engine $e, Engine $n) } return $this->normalize($temp->powModInner($e, $n)); } - if ($this->compare($n) > 0) { + if ($this->compare($n) > 0 || $this->isNegative()) { list(, $temp) = $this->divide($n); return $temp->powModInner($e, $n); } @@ -637,11 +671,9 @@ protected static function slidingWindow(Engine $x, Engine $e, Engine $n, $class) */ public static function random($size) { - extract(static::minMaxBits($size)); - /** - * @var BigInteger $min - * @var BigInteger $max - */ + $minMax = static::minMaxBits($size); + $min = $minMax['min']; + $max = $minMax['max']; return static::randomRange($min, $max); } /** @@ -654,11 +686,9 @@ public static function random($size) */ public static function randomPrime($size) { - extract(static::minMaxBits($size)); - /** - * @var static $min - * @var static $max - */ + $minMax = static::minMaxBits($size); + $min = $minMax['min']; + $max = $minMax['max']; return static::randomRangePrime($min, $max); } /** diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php index cd9d46583..1f2445007 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/GMP.php @@ -260,7 +260,10 @@ public function modInverse(GMP $n) */ public function extendedGCD(GMP $n) { - extract(gmp_gcdext($this->value, $n->value)); + $extended = gmp_gcdext($this->value, $n->value); + $g = $extended['g']; + $s = $extended['s']; + $t = $extended['t']; return ['gcd' => $this->normalize(new self($g)), 'x' => $this->normalize(new self($s)), 'y' => $this->normalize(new self($t))]; } /** diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php index 38600c3f4..52928dfa3 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP.php @@ -416,6 +416,9 @@ protected function divideHelper(PHP $y) $quotient = new static(); $remainder = new static(); $quotient->value = $q; + if ($this->is_negative) { + $r = $y->value[0] - $r; + } $remainder->value = [$r]; $quotient->is_negative = $this->is_negative != $y->is_negative; return [$this->normalize($quotient), $this->normalize($remainder)]; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php index ef9598c76..8c706310d 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/Barrett.php @@ -62,6 +62,13 @@ protected static function reduce(array $n, array $m, $class) return self::regularBarrett($n, $m, $class); } // n = 2 * m.length + $correctionNeeded = \false; + if ($m_length & 1) { + $correctionNeeded = \true; + array_unshift($n, 0); + array_unshift($m, 0); + $m_length++; + } if (($key = array_search($m, $cache[self::VARIABLE])) === \false) { $key = count($cache[self::VARIABLE]); $cache[self::VARIABLE][] = $m; @@ -80,7 +87,9 @@ protected static function reduce(array $n, array $m, $class) 'm1' => $m1, ]; } else { - extract($cache[self::DATA][$key]); + $cacheValues = $cache[self::DATA][$key]; + $u = $cacheValues['u']; + $m1 = $cacheValues['m1']; } $cutoff = $m_length + ($m_length >> 1); $lsd = array_slice($n, 0, $cutoff); @@ -99,6 +108,10 @@ protected static function reduce(array $n, array $m, $class) $temp = array_slice($n[self::VALUE], $m_length - 1); // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2 // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1 + // note that these are upper bounds. let's say m.length is 2. then you'd be multiplying a + // 3 digit number by a 1 digit number. if you're doing 999 * 9 (in base 10) the result will + // be a 4 digit number. but if you're multiplying 111 * 1 then the result will be a 3 digit + // number. $temp = $class::multiplyHelper($temp, \false, $u, \false); // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1 // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) @@ -106,13 +119,16 @@ protected static function reduce(array $n, array $m, $class) // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1 // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1) $temp = $class::multiplyHelper($temp, \false, $m, \false); - // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit - // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop + // at this point, if m had an odd number of digits, we'd (probably) be subtracting a 2 * m.length - (m.length >> 1) + // digit number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop // following this comment would loop a lot (hence our calling _regularBarrett() in that situation). $result = $class::subtractHelper($n[self::VALUE], \false, $temp[self::VALUE], \false); while (self::compareHelper($result[self::VALUE], $result[self::SIGN], $m, \false) >= 0) { $result = $class::subtractHelper($result[self::VALUE], $result[self::SIGN], $m, \false); } + if ($correctionNeeded) { + array_shift($result[self::VALUE]); + } return $result[self::VALUE]; } /** diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php index b21cf02d9..adf0c9368 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/BigInteger/Engines/PHP/Reductions/EvalBarrett.php @@ -67,6 +67,13 @@ protected static function generateCustomReduction(PHP $m, $class) //self::$custom_reduction = \Closure::bind($func, $m, $class); return $func; } + $correctionNeeded = \false; + if ($m_length & 1) { + $correctionNeeded = \true; + $m = clone $m; + array_unshift($m->value, 0); + $m_length++; + } $lhs = new $class(); $lhs_value =& $lhs->value; $lhs_value = self::array_repeat(0, $m_length + ($m_length >> 1)); @@ -85,7 +92,8 @@ protected static function generateCustomReduction(PHP $m, $class) $m = $m->value; $m1 = $m1->value; $cutoff = count($m) + (count($m) >> 1); - $code = ' + $code = $correctionNeeded ? 'array_unshift($n, 0);' : ''; + $code .= ' if (count($n) > ' . 2 * count($m) . ') { $lhs = new ' . $class . '(); $rhs = new ' . $class . '(); @@ -116,6 +124,9 @@ protected static function generateCustomReduction(PHP $m, $class) $subcode = self::generateInlineSubtract1('temp', $m, 'temp2', $class); $subcode .= '$temp = $temp2;'; $code .= self::generateInlineCompare($m, 'temp', $subcode); + if ($correctionNeeded) { + $code .= 'array_shift($temp);'; + } $code .= 'return $temp;'; eval('$func = function ($n) { ' . $code . '};'); self::$custom_reduction = $func; diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php index dd88da9b2..0ae79f711 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php @@ -48,19 +48,32 @@ class Integer extends Base /** * Zero * - * @var BigInteger + * @var BigInteger[] */ protected static $zero; + /** + * One + * + * @var BigInteger[] + */ + protected static $one; + /** + * Two + * + * @var BigInteger[] + */ + protected static $two; /** * Default constructor * * @param int $instanceID + * @param BigInteger $num */ - public function __construct($instanceID, BigInteger $num = null) + public function __construct($instanceID, $num = null) { $this->instanceID = $instanceID; if (!isset($num)) { - $this->value = clone static::$zero[static::class]; + $this->value = clone static::$zero[$instanceID]; } else { $reduce = static::$reduce[$instanceID]; $this->value = $reduce($num); @@ -85,8 +98,8 @@ public static function setModulo($instanceID, BigInteger $modulo) public static function setRecurringModuloFunction($instanceID, callable $function) { static::$reduce[$instanceID] = $function; - if (!isset(static::$zero[static::class])) { - static::$zero[static::class] = new BigInteger(); + if (!isset(static::$zero[$instanceID])) { + static::$zero[$instanceID] = new BigInteger(); } } /** @@ -96,6 +109,9 @@ public static function cleanupCache($instanceID) { unset(static::$modulo[$instanceID]); unset(static::$reduce[$instanceID]); + unset(static::$zero[$instanceID]); + unset(static::$one[$instanceID]); + unset(static::$two[$instanceID]); } /** * Returns the modulo @@ -210,37 +226,39 @@ public function pow(BigInteger $x) */ public function squareRoot() { - static $one, $two; - if (!isset($one)) { - $one = new BigInteger(1); - $two = new BigInteger(2); + if (!isset(static::$one[$this->instanceID])) { + static::$one[$this->instanceID] = new BigInteger(1); + static::$two[$this->instanceID] = new BigInteger(2); } - $reduce = static::$reduce[$this->instanceID]; - $p_1 = static::$modulo[$this->instanceID]->subtract($one); + $one =& static::$one[$this->instanceID]; + $two =& static::$two[$this->instanceID]; + $modulo =& static::$modulo[$this->instanceID]; + $reduce =& static::$reduce[$this->instanceID]; + $p_1 = $modulo->subtract($one); $q = clone $p_1; $s = BigInteger::scan1divide($q); list($pow) = $p_1->divide($two); - for ($z = $one; !$z->equals(static::$modulo[$this->instanceID]); $z = $z->add($one)) { - $temp = $z->powMod($pow, static::$modulo[$this->instanceID]); + for ($z = $one; !$z->equals($modulo); $z = $z->add($one)) { + $temp = $z->powMod($pow, $modulo); if ($temp->equals($p_1)) { break; } } $m = new BigInteger($s); - $c = $z->powMod($q, static::$modulo[$this->instanceID]); - $t = $this->value->powMod($q, static::$modulo[$this->instanceID]); + $c = $z->powMod($q, $modulo); + $t = $this->value->powMod($q, $modulo); list($temp) = $q->add($one)->divide($two); - $r = $this->value->powMod($temp, static::$modulo[$this->instanceID]); + $r = $this->value->powMod($temp, $modulo); while (!$t->equals($one)) { for ($i = clone $one; $i->compare($m) < 0; $i = $i->add($one)) { - if ($t->powMod($two->pow($i), static::$modulo[$this->instanceID])->equals($one)) { + if ($t->powMod($two->pow($i), $modulo)->equals($one)) { break; } } if ($i->compare($m) == 0) { return \false; } - $b = $c->powMod($two->pow($m->subtract($i)->subtract($one)), static::$modulo[$this->instanceID]); + $b = $c->powMod($two->pow($m->subtract($i)->subtract($one)), $modulo); $m = $i; $c = $reduce($b->multiply($b)); $t = $reduce($t->multiply($c)); @@ -314,13 +332,14 @@ public function toBits() public function getNAF($w = 1) { $w++; + $zero =& static::$zero[$this->instanceID]; $mask = new BigInteger((1 << $w) - 1); $sub = new BigInteger(1 << $w); //$sub = new BigInteger(1 << ($w - 1)); $d = $this->toBigInteger(); $d_i = []; $i = 0; - while ($d->compare(static::$zero[static::class]) > 0) { + while ($d->compare($zero) > 0) { if ($d->isOdd()) { // start mods $bigInteger = $d->testBit($w - 1) ? $d->bitwise_and($mask)->subtract($sub) : $d->bitwise_and($mask); @@ -330,7 +349,7 @@ public function getNAF($w = 1) } else { $d_i[$i] = 0; } - $shift = !$d->equals(static::$zero[static::class]) && $d->bitwise_and($mask)->equals(static::$zero[static::class]) ? $w : 1; + $shift = !$d->equals($zero) && $d->bitwise_and($mask)->equals($zero) ? $w : 1; // $w or $w + 1? $d = $d->bitwise_rightShift($shift); while (--$shift > 0) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SCP.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SCP.php new file mode 100644 index 000000000..bf144b059 --- /dev/null +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SCP.php @@ -0,0 +1,271 @@ + + * login('username', 'password')) { + * exit('Login Failed'); + * } + * + * echo $scp->exec('pwd') . "\r\n"; + * $scp->put('filename.ext', 'hello, world!'); + * echo $scp->exec('ls -latr'); + * ?> + * + * + * @author Jim Wigginton + * @copyright 2009 Jim Wigginton + * @license http://www.opensource.org/licenses/mit-license.html MIT License + * @link http://phpseclib.sourceforge.net + */ +namespace Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Net; + +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Common\Functions\Strings; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\FileNotFoundException; +/** + * Pure-PHP implementations of SCP. + * + * @author Jim Wigginton + */ +class SCP extends SSH2 +{ + /** + * Reads data from a local file. + * + * @see \phpseclib3\Net\SCP::put() + */ + const SOURCE_LOCAL_FILE = 1; + /** + * Reads data from a string. + * + * @see \phpseclib3\Net\SCP::put() + */ + // this value isn't really used anymore but i'm keeping it reserved for historical reasons + const SOURCE_STRING = 2; + /** + * SCP.php doesn't support SOURCE_CALLBACK because, with that one, we don't know the size, in advance + */ + //const SOURCE_CALLBACK = 16; + /** + * Error information + * + * @see self::getSCPErrors() + * @see self::getLastSCPError() + * @var array + */ + private $scp_errors = []; + /** + * Uploads a file to the SCP server. + * + * By default, \phpseclib\Net\SCP::put() does not read from the local filesystem. $data is dumped directly into $remote_file. + * So, for example, if you set $data to 'filename.ext' and then do \phpseclib\Net\SCP::get(), you will get a file, twelve bytes + * long, containing 'filename.ext' as its contents. + * + * Setting $mode to self::SOURCE_LOCAL_FILE will change the above behavior. With self::SOURCE_LOCAL_FILE, $remote_file will + * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how + * large $remote_file will be, as well. + * + * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take + * care of that, yourself. + * + * @param string $remote_file + * @param string $data + * @param int $mode + * @param callable $callback + * @return bool + * @access public + */ + public function put($remote_file, $data, $mode = self::SOURCE_STRING, $callback = null) + { + if (!($this->bitmap & self::MASK_LOGIN)) { + return \false; + } + if (empty($remote_file)) { + // remote file cannot be blank + return \false; + } + if (!$this->exec('scp -t ' . escapeshellarg($remote_file), \false)) { + // -t = to + return \false; + } + $temp = $this->get_channel_packet(self::CHANNEL_EXEC, \true); + if ($temp !== chr(0)) { + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + $packet_size = $this->packet_size_client_to_server[self::CHANNEL_EXEC] - 4; + $remote_file = basename($remote_file); + $dataCallback = \false; + switch (\true) { + case is_resource($data): + $mode = $mode & ~self::SOURCE_LOCAL_FILE; + $info = stream_get_meta_data($data); + if (isset($info['wrapper_type']) && $info['wrapper_type'] == 'PHP' && $info['stream_type'] == 'Input') { + $fp = fopen('php://memory', 'w+'); + stream_copy_to_stream($data, $fp); + rewind($fp); + } else { + $fp = $data; + } + break; + case $mode & self::SOURCE_LOCAL_FILE: + if (!is_file($data)) { + throw new FileNotFoundException("{$data} is not a valid file"); + } + $fp = @fopen($data, 'rb'); + if (!$fp) { + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + } + if (isset($fp)) { + $stat = fstat($fp); + $size = !empty($stat) ? $stat['size'] : 0; + } else { + $size = strlen($data); + } + $sent = 0; + $size = $size < 0 ? ($size & 0x7fffffff) + 0x80000000 : $size; + $temp = 'C0644 ' . $size . ' ' . $remote_file . "\n"; + $this->send_channel_packet(self::CHANNEL_EXEC, $temp); + $temp = $this->get_channel_packet(self::CHANNEL_EXEC, \true); + if ($temp !== chr(0)) { + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + $sent = 0; + while ($sent < $size) { + $temp = $mode & self::SOURCE_STRING ? substr($data, $sent, $packet_size) : fread($fp, $packet_size); + $this->send_channel_packet(self::CHANNEL_EXEC, $temp); + $sent += strlen($temp); + if (is_callable($callback)) { + call_user_func($callback, $sent); + } + } + $this->close_channel(self::CHANNEL_EXEC, \true); + if ($mode != self::SOURCE_STRING) { + fclose($fp); + } + return \true; + } + /** + * Downloads a file from the SCP server. + * + * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if + * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the + * operation + * + * @param string $remote_file + * @param string $local_file + * @return mixed + * @access public + */ + public function get($remote_file, $local_file = null, $progressCallback = null) + { + if (!($this->bitmap & self::MASK_LOGIN)) { + return \false; + } + if (!$this->exec('scp -f ' . escapeshellarg($remote_file), \false)) { + // -f = from + return \false; + } + $this->send_channel_packet(self::CHANNEL_EXEC, chr(0)); + $info = $this->get_channel_packet(self::CHANNEL_EXEC, \true); + // per https://goteleport.com/blog/scp-familiar-simple-insecure-slow/ non-zero responses mean there are errors + if ($info[0] === chr(1) || $info[0] == chr(2)) { + $type = $info[0] === chr(1) ? 'warning' : 'error'; + $this->scp_errors[] = "{$type}: " . substr($info, 1); + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + $this->send_channel_packet(self::CHANNEL_EXEC, chr(0)); + if (!preg_match('#(?[^ ]+) (?\\d+) (?.+)#', rtrim($info), $info)) { + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + $fclose_check = \false; + if (is_resource($local_file)) { + $fp = $local_file; + } elseif (!is_null($local_file)) { + $fp = @fopen($local_file, 'wb'); + if (!$fp) { + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + $fclose_check = \true; + } else { + $content = ''; + } + $size = 0; + while (\true) { + $data = $this->get_channel_packet(self::CHANNEL_EXEC, \true); + // Terminate the loop in case the server repeatedly sends an empty response + if ($data === \false) { + $this->close_channel(self::CHANNEL_EXEC, \true); + // no data received from server + return \false; + } + // SCP usually seems to split stuff out into 16k chunks + $length = strlen($data); + $size += $length; + $end = $size > $info['size']; + if ($end) { + $diff = $size - $info['size']; + $offset = $length - $diff; + if ($data[$offset] === chr(0)) { + $data = substr($data, 0, -$diff); + } else { + $type = $data[$offset] === chr(1) ? 'warning' : 'error'; + $this->scp_errors[] = "{$type}: " . substr($data, 1); + $this->close_channel(self::CHANNEL_EXEC, \true); + return \false; + } + } + if (is_null($local_file)) { + $content .= $data; + } else { + fputs($fp, $data); + } + if (is_callable($progressCallback)) { + call_user_func($progressCallback, $size); + } + if ($end) { + break; + } + } + $this->close_channel(self::CHANNEL_EXEC, \true); + if ($fclose_check) { + fclose($fp); + } + // if $content isn't set that means a file was written to + return isset($content) ? $content : \true; + } + /** + * Returns all errors on the SCP layer + * + * @return array + */ + public function getSCPErrors() + { + return $this->scp_errors; + } + /** + * Returns the last error on the SCP layer + * + * @return string + */ + public function getLastSCPError() + { + return count($this->scp_errors) ? $this->scp_errors[count($this->scp_errors) - 1] : ''; + } +} diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP.php index 8d8eee691..ac392d13c 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP.php @@ -326,7 +326,7 @@ public function __construct($host, $port = 22, $timeout = 10) parent::__construct($host, $port, $timeout); $this->max_sftp_packet = 1 << 15; if (empty(self::$packet_types)) { - self::$packet_types = [1 => 'NET_SFTP_INIT', 2 => 'NET_SFTP_VERSION', 3 => 'NET_SFTP_OPEN', 4 => 'NET_SFTP_CLOSE', 5 => 'NET_SFTP_READ', 6 => 'NET_SFTP_WRITE', 7 => 'NET_SFTP_LSTAT', 9 => 'NET_SFTP_SETSTAT', 10 => 'NET_SFTP_FSETSTAT', 11 => 'NET_SFTP_OPENDIR', 12 => 'NET_SFTP_READDIR', 13 => 'NET_SFTP_REMOVE', 14 => 'NET_SFTP_MKDIR', 15 => 'NET_SFTP_RMDIR', 16 => 'NET_SFTP_REALPATH', 17 => 'NET_SFTP_STAT', 18 => 'NET_SFTP_RENAME', 19 => 'NET_SFTP_READLINK', 20 => 'NET_SFTP_SYMLINK', 21 => 'NET_SFTP_LINK', 101 => 'NET_SFTP_STATUS', 102 => 'NET_SFTP_HANDLE', 103 => 'NET_SFTP_DATA', 104 => 'NET_SFTP_NAME', 105 => 'NET_SFTP_ATTRS', 200 => 'NET_SFTP_EXTENDED']; + self::$packet_types = [1 => 'NET_SFTP_INIT', 2 => 'NET_SFTP_VERSION', 3 => 'NET_SFTP_OPEN', 4 => 'NET_SFTP_CLOSE', 5 => 'NET_SFTP_READ', 6 => 'NET_SFTP_WRITE', 7 => 'NET_SFTP_LSTAT', 9 => 'NET_SFTP_SETSTAT', 10 => 'NET_SFTP_FSETSTAT', 11 => 'NET_SFTP_OPENDIR', 12 => 'NET_SFTP_READDIR', 13 => 'NET_SFTP_REMOVE', 14 => 'NET_SFTP_MKDIR', 15 => 'NET_SFTP_RMDIR', 16 => 'NET_SFTP_REALPATH', 17 => 'NET_SFTP_STAT', 18 => 'NET_SFTP_RENAME', 19 => 'NET_SFTP_READLINK', 20 => 'NET_SFTP_SYMLINK', 21 => 'NET_SFTP_LINK', 101 => 'NET_SFTP_STATUS', 102 => 'NET_SFTP_HANDLE', 103 => 'NET_SFTP_DATA', 104 => 'NET_SFTP_NAME', 105 => 'NET_SFTP_ATTRS', 200 => 'NET_SFTP_EXTENDED', 201 => 'NET_SFTP_EXTENDED_REPLY']; self::$status_codes = [0 => 'NET_SFTP_STATUS_OK', 1 => 'NET_SFTP_STATUS_EOF', 2 => 'NET_SFTP_STATUS_NO_SUCH_FILE', 3 => 'NET_SFTP_STATUS_PERMISSION_DENIED', 4 => 'NET_SFTP_STATUS_FAILURE', 5 => 'NET_SFTP_STATUS_BAD_MESSAGE', 6 => 'NET_SFTP_STATUS_NO_CONNECTION', 7 => 'NET_SFTP_STATUS_CONNECTION_LOST', 8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED', 9 => 'NET_SFTP_STATUS_INVALID_HANDLE', 10 => 'NET_SFTP_STATUS_NO_SUCH_PATH', 11 => 'NET_SFTP_STATUS_FILE_ALREADY_EXISTS', 12 => 'NET_SFTP_STATUS_WRITE_PROTECT', 13 => 'NET_SFTP_STATUS_NO_MEDIA', 14 => 'NET_SFTP_STATUS_NO_SPACE_ON_FILESYSTEM', 15 => 'NET_SFTP_STATUS_QUOTA_EXCEEDED', 16 => 'NET_SFTP_STATUS_UNKNOWN_PRINCIPAL', 17 => 'NET_SFTP_STATUS_LOCK_CONFLICT', 18 => 'NET_SFTP_STATUS_DIR_NOT_EMPTY', 19 => 'NET_SFTP_STATUS_NOT_A_DIRECTORY', 20 => 'NET_SFTP_STATUS_INVALID_FILENAME', 21 => 'NET_SFTP_STATUS_LINK_LOOP', 22 => 'NET_SFTP_STATUS_CANNOT_DELETE', 23 => 'NET_SFTP_STATUS_INVALID_PARAMETER', 24 => 'NET_SFTP_STATUS_FILE_IS_A_DIRECTORY', 25 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_CONFLICT', 26 => 'NET_SFTP_STATUS_BYTE_RANGE_LOCK_REFUSED', 27 => 'NET_SFTP_STATUS_DELETE_PENDING', 28 => 'NET_SFTP_STATUS_FILE_CORRUPT', 29 => 'NET_SFTP_STATUS_OWNER_INVALID', 30 => 'NET_SFTP_STATUS_GROUP_INVALID', 31 => 'NET_SFTP_STATUS_NO_MATCHING_BYTE_RANGE_LOCK']; // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1 // the order, in this case, matters quite a lot - see \phpseclib3\Net\SFTP::_parseAttributes() to understand why @@ -434,7 +434,7 @@ private function precheck() */ private function partial_init_sftp_connection() { - $response = $this->openChannel(self::CHANNEL, \true); + $response = $this->open_channel(self::CHANNEL, \true); if ($response === \true && $this->isTimeout()) { return \false; } @@ -558,7 +558,8 @@ private function init_sftp_connection() throw $e; } $this->canonicalize_paths = \false; - $this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); + $this->reset_sftp(); + return $this->init_sftp_connection(); } $this->update_stat_cache($this->pwd, []); return \true; @@ -671,6 +672,7 @@ public function realpath($path) if ($this->precheck() === \false) { return \false; } + $path = (string) $path; if (!$this->canonicalize_paths) { if ($this->pwd === \true) { return '.'; @@ -750,6 +752,7 @@ public function chdir($dir) if (!$this->precheck()) { return \false; } + $dir = (string) $dir; // assume current dir if $dir is empty if ($dir === '') { $dir = './'; @@ -758,6 +761,9 @@ public function chdir($dir) $dir .= '/'; } $dir = $this->realpath($dir); + if ($dir === \false) { + return \false; + } // confirm that $dir is, in fact, a valid directory if ($this->use_stat_cache && is_array($this->query_stat_cache($dir))) { $this->pwd = $dir; @@ -1763,7 +1769,7 @@ public function rmdir($dir) * @param callable|null $progressCallback * @throws \UnexpectedValueException on receipt of unexpected packets * @throws \BadFunctionCallException if you're uploading via a callback and the callback function is invalid - * @throws \phpseclib3\Exception\FileNotFoundException if you're uploading via a file and the file doesn't exist + * @throws FileNotFoundException if you're uploading via a file and the file doesn't exist * @return bool */ public function put($remote_file, $data, $mode = self::SOURCE_STRING, $start = -1, $local_start = -1, $progressCallback = null) @@ -2580,6 +2586,7 @@ private function parseTime($key, $flags, &$response) */ protected function parseAttributes(&$response) { + $attr = []; if ($this->version >= 4) { list($flags, $attr['type']) = Strings::unpackSSH2('NC', $response); } else { @@ -2826,6 +2833,7 @@ private function send_sftp_packet($type, $data, $request_id = 1) // in SSH2.php the timeout is cumulative per function call. eg. exec() will // timeout after 10s. but for SFTP.php it's cumulative per packet $this->curTimeout = $this->timeout; + $this->is_timeout = \false; $packet = $this->use_request_id ? pack('NCNa*', strlen($data) + 5, $type, $request_id, $data) : pack('NCa*', strlen($data) + 1, $type, $data); $start = microtime(\true); $this->send_channel_packet(self::CHANNEL, $packet); @@ -2836,18 +2844,23 @@ private function send_sftp_packet($type, $data, $request_id = 1) } } /** - * Resets a connection for re-use - * - * @param int $reason + * Resets the SFTP channel for re-use */ - protected function reset_connection($reason) + private function reset_sftp() { - parent::reset_connection($reason); $this->use_request_id = \false; $this->pwd = \false; $this->requestBuffer = []; $this->partial_init = \false; } + /** + * Resets a connection for re-use + */ + protected function reset_connection() + { + parent::reset_connection(); + $this->reset_sftp(); + } /** * Receives SFTP Packets * @@ -2872,6 +2885,7 @@ private function get_sftp_packet($request_id = null) // in SSH2.php the timeout is cumulative per function call. eg. exec() will // timeout after 10s. but for SFTP.php it's cumulative per packet $this->curTimeout = $this->timeout; + $this->is_timeout = \false; $start = microtime(\true); // SFTP packet length while (strlen($this->packet_buffer) < 4) { @@ -2889,8 +2903,7 @@ private function get_sftp_packet($request_id = null) if (strlen($this->packet_buffer) < 4) { throw new \RuntimeException('Packet is too small'); } - extract(unpack('Nlength', Strings::shift($this->packet_buffer, 4))); - /** @var integer $length */ + $length = unpack('Nlength', Strings::shift($this->packet_buffer, 4))['length']; $tempLength = $length; $tempLength -= strlen($this->packet_buffer); // 256 * 1024 is what SFTP_MAX_MSG_LENGTH is set to in OpenSSH's sftp-common.h @@ -2914,7 +2927,7 @@ private function get_sftp_packet($request_id = null) $stop = microtime(\true); $this->packet_type = ord(Strings::shift($this->packet_buffer)); if ($this->use_request_id) { - extract(unpack('Npacket_id', Strings::shift($this->packet_buffer, 4))); + $packet_id = unpack('Npacket_id', Strings::shift($this->packet_buffer, 4))['packet_id']; // remove the request id $length -= 5; // account for the request id and the packet type @@ -3003,6 +3016,21 @@ public function getSupportedVersions() } return $temp; } + /** + * Get supported SFTP extensions + * + * @return array + */ + public function getSupportedExtensions() + { + if (!($this->bitmap & SSH2::MASK_LOGIN)) { + return \false; + } + if (!$this->partial_init) { + $this->partial_init_sftp_connection(); + } + return $this->extensions; + } /** * Get supported SFTP versions * @@ -3041,7 +3069,6 @@ protected function disconnect_helper($reason) } /** * Enable Date Preservation - * */ public function enableDatePreservation() { @@ -3049,10 +3076,171 @@ public function enableDatePreservation() } /** * Disable Date Preservation - * */ public function disableDatePreservation() { $this->preserveTime = \false; } + /** + * Copy + * + * This method (currently) only works if the copy-data extension is available + * + * @param string $oldname + * @param string $newname + * @return bool + */ + public function copy($oldname, $newname) + { + if (!$this->precheck()) { + return \false; + } + $oldname = $this->realpath($oldname); + $newname = $this->realpath($newname); + if ($oldname === \false || $newname === \false) { + return \false; + } + if (!isset($this->extensions['copy-data']) || $this->extensions['copy-data'] !== '1') { + throw new \RuntimeException("Extension 'copy-data' is not supported by the server. " . "Call getSupportedVersions() to see a list of supported extension"); + } + $size = $this->filesize($oldname); + $packet = Strings::packSSH2('s', $oldname); + $packet .= $this->version >= 5 ? pack('N3', 0, NET_SFTP_OPEN_OPEN_EXISTING, 0) : pack('N2', NET_SFTP_OPEN_READ, 0); + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $oldhandle = substr($response, 4); + break; + case NET_SFTP_STATUS: + // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + $this->logError($response); + return \false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' . 'Got packet type: ' . $this->packet_type); + } + if ($this->version >= 5) { + $flags = NET_SFTP_OPEN_OPEN_OR_CREATE; + } else { + $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE; + } + $packet = Strings::packSSH2('s', $newname); + $packet .= $this->version >= 5 ? pack('N3', 0, $flags, 0) : pack('N2', $flags, 0); + $this->send_sftp_packet(NET_SFTP_OPEN, $packet); + $response = $this->get_sftp_packet(); + switch ($this->packet_type) { + case NET_SFTP_HANDLE: + $newhandle = substr($response, 4); + break; + case NET_SFTP_STATUS: + $this->logError($response); + return \false; + default: + throw new \UnexpectedValueException('Expected NET_SFTP_HANDLE or NET_SFTP_STATUS. ' . 'Got packet type: ' . $this->packet_type); + } + $packet = Strings::packSSH2('ssQQsQ', 'copy-data', $oldhandle, 0, $size, $newhandle, 0); + $this->send_sftp_packet(NET_SFTP_EXTENDED, $packet); + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' . 'Got packet type: ' . $this->packet_type); + } + $this->close_handle($oldhandle); + $this->close_handle($newhandle); + return \true; + } + /** + * POSIX Rename + * + * Where rename() fails "if there already exists a file with the name specified by newpath" + * (draft-ietf-secsh-filexfer-02#section-6.5), posix_rename() overwrites the existing file in an atomic fashion. + * ie. "there is no observable instant in time where the name does not refer to either the old or the new file" + * (draft-ietf-secsh-filexfer-13#page-39). + * + * @param string $oldname + * @param string $newname + * @return bool + */ + public function posix_rename($oldname, $newname) + { + if (!$this->precheck()) { + return \false; + } + $oldname = $this->realpath($oldname); + $newname = $this->realpath($newname); + if ($oldname === \false || $newname === \false) { + return \false; + } + if ($this->version >= 5) { + $packet = Strings::packSSH2('ssN', $oldname, $newname, 2); + // 2 = SSH_FXP_RENAME_ATOMIC + $this->send_sftp_packet(NET_SFTP_RENAME, $packet); + } elseif (isset($this->extensions['posix-rename@openssh.com']) && $this->extensions['posix-rename@openssh.com'] === '1') { + $packet = Strings::packSSH2('sss', 'posix-rename@openssh.com', $oldname, $newname); + $this->send_sftp_packet(NET_SFTP_EXTENDED, $packet); + } else { + throw new \RuntimeException("Extension 'posix-rename@openssh.com' is not supported by the server. " . "Call getSupportedVersions() to see a list of supported extension"); + } + $response = $this->get_sftp_packet(); + if ($this->packet_type != NET_SFTP_STATUS) { + throw new \UnexpectedValueException('Expected NET_SFTP_STATUS. ' . 'Got packet type: ' . $this->packet_type); + } + // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED + list($status) = Strings::unpackSSH2('N', $response); + if ($status != NET_SFTP_STATUS_OK) { + $this->logError($response, $status); + return \false; + } + // don't move the stat cache entry over since this operation could very well change the + // atime and mtime attributes + //$this->update_stat_cache($newname, $this->query_stat_cache($oldname)); + $this->remove_from_stat_cache($oldname); + $this->remove_from_stat_cache($newname); + return \true; + } + /** + * Returns general information about a file system. + * + * The function statvfs() returns information about a mounted filesystem. + * @see https://man7.org/linux/man-pages/man3/statvfs.3.html + * + * @param string $path + * @return false|array{bsize: int, frsize: int, blocks: int, bfree: int, bavail: int, files: int, ffree: int, favail: int, fsid: int, flag: int, namemax: int} + */ + public function statvfs($path) + { + if (!$this->precheck()) { + return \false; + } + if (!isset($this->extensions['statvfs@openssh.com']) || $this->extensions['statvfs@openssh.com'] !== '2') { + throw new \RuntimeException("Extension 'statvfs@openssh.com' is not supported by the server. " . "Call getSupportedVersions() to see a list of supported extension"); + } + $realpath = $this->realpath($path); + if ($realpath === \false) { + return \false; + } + $packet = Strings::packSSH2('ss', 'statvfs@openssh.com', $realpath); + $this->send_sftp_packet(NET_SFTP_EXTENDED, $packet); + $response = $this->get_sftp_packet(); + if ($this->packet_type !== NET_SFTP_EXTENDED_REPLY) { + throw new \UnexpectedValueException('Expected SSH_FXP_EXTENDED_REPLY. ' . 'Got packet type: ' . $this->packet_type); + } + /** + * These requests return a SSH_FXP_STATUS reply on failure. On success they + * return the following SSH_FXP_EXTENDED_REPLY reply: + * + * uint32 id + * uint64 f_bsize file system block size + * uint64 f_frsize fundamental fs block size + * uint64 f_blocks number of blocks (unit f_frsize) + * uint64 f_bfree free blocks in file system + * uint64 f_bavail free blocks for non-root + * uint64 f_files total file inodes + * uint64 f_ffree free file inodes + * uint64 f_favail free file inodes for to non-root + * uint64 f_fsid file system id + * uint64 f_flag bit mask of f_flag values + * uint64 f_namemax maximum filename length + */ + return array_combine(['bsize', 'frsize', 'blocks', 'bfree', 'bavail', 'files', 'ffree', 'favail', 'fsid', 'flag', 'namemax'], Strings::unpackSSH2('QQQQQQQQQQQ', $response)); + } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php index 6495a3a2b..086900867 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php @@ -125,7 +125,13 @@ public function __construct() protected function parse_path($path) { $orig = $path; - extract(parse_url($path) + ['port' => 22]); + $url = parse_url($path) + ['port' => 22]; + $keys = ['scheme', 'host', 'port', 'user', 'pass', 'path', 'query', 'fragment']; + foreach ($keys as $key) { + if (isset($url[$key])) { + ${$key} = $url[$key]; + } + } if (isset($query)) { $path .= '?' . $query; } elseif (preg_match('/(\\?|\\?#)$/', $orig)) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php index 602d01d85..2fb13ceb9 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/Net/SSH2.php @@ -64,7 +64,9 @@ use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Twofish; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\ConnectionClosedException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\InsufficientSetupException; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\InvalidPacketLengthException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\NoSupportedAlgorithmsException; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\TimeoutException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnableToConnectException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedAlgorithmException; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\UnsupportedCurveException; @@ -100,7 +102,7 @@ class SSH2 const MASK_LOGIN_REQ = 0x4; const MASK_LOGIN = 0x8; const MASK_SHELL = 0x10; - const MASK_WINDOW_ADJUST = 0x20; + const MASK_DISCONNECT = 0x20; /* * Channel constants * @@ -146,6 +148,10 @@ class SSH2 * Outputs the message numbers real-time */ const LOG_SIMPLE_REALTIME = 5; + /* + * Dumps the message numbers real-time + */ + const LOG_REALTIME_SIMPLE = 5; /** * Make sure that the log never gets larger than this * @@ -570,7 +576,7 @@ class SSH2 */ protected $server_channels = []; /** - * Channel Buffers + * Channel Read Buffers * * If a client requests a packet from one channel but receives two packets from another those packets should * be placed in a buffer @@ -580,6 +586,16 @@ class SSH2 * @var array */ private $channel_buffers = []; + /** + * Channel Write Buffers + * + * If a client sends a packet and receives a timeout error mid-transmission, buffer the data written so it + * can be de-duplicated upon resuming write + * + * @see self::send_channel_packet() + * @var array + */ + private $channel_buffers_write = []; /** * Channel Status * @@ -604,7 +620,7 @@ class SSH2 * @see self::send_channel_packet() * @var array */ - private $packet_size_client_to_server = []; + protected $packet_size_client_to_server = []; /** * Message Number Log * @@ -747,11 +763,11 @@ class SSH2 */ private $quiet_mode = \false; /** - * Time of first network activity + * Time of last read/write network activity * * @var float */ - private $last_packet; + private $last_packet = null; /** * Exit status returned from ssh if any * @@ -802,7 +818,7 @@ class SSH2 * @see self::isTimeout() * @var bool */ - private $is_timeout = \false; + protected $is_timeout = \false; /** * Log Boundary * @@ -902,13 +918,13 @@ class SSH2 * * @var bool */ - private $retry_connect = \false; + private $login_credentials_finalized = \false; /** * Binary Packet Buffer * - * @var string|false + * @var object|null */ - private $binary_packet_buffer = \false; + private $binary_packet_buffer = null; /** * Preferred Signature Format * @@ -990,14 +1006,51 @@ class SSH2 */ private $errorOnMultipleChannels; /** - * Terrapin Countermeasure + * Bytes Transferred Since Last Key Exchange * - * "During initial KEX, terminate the connection if any unexpected or out-of-sequence packet is received" - * -- https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 + * Includes outbound and inbound totals * * @var int */ - private $extra_packets; + private $bytesTransferredSinceLastKEX = 0; + /** + * After how many transferred byte should phpseclib initiate a key re-exchange? + * + * @var int + */ + private $doKeyReexchangeAfterXBytes = 1024 * 1024 * 1024; + /** + * Has a key re-exchange been initialized? + * + * @var bool + * @access private + */ + private $keyExchangeInProgress = \false; + /** + * KEX Buffer + * + * If we're in the middle of a key exchange we want to buffer any additional packets we get until + * the key exchange is over + * + * @see self::_get_binary_packet() + * @see self::_key_exchange() + * @see self::exec() + * @var array + * @access private + */ + private $kex_buffer = []; + /** + * Strict KEX Flag + * + * If kex-strict-s-v00@openssh.com is present in the first KEX packet it need not + * be present in subsequent packet + * + * @see self::_key_exchange() + * @see self::exec() + * @var array + * @access private + */ + private $strict_kex_flag = \false; /** * Default Constructor. * @@ -1177,7 +1230,6 @@ private function connect() } $this->bitmap |= self::MASK_CONSTRUCTOR; $this->curTimeout = $this->timeout; - $this->last_packet = microtime(\true); if (!is_resource($this->fsock)) { $start = microtime(\true); // with stream_select a timeout of 0 means that no timeout takes place; @@ -1195,10 +1247,18 @@ private function connect() throw new \RuntimeException('Connection timed out whilst attempting to open socket connection'); } } + if (defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\NET_SSH2_LOGGING')) { + $this->append_log('(fsockopen took ' . round($elapsed, 4) . 's)', ''); + } } $this->identifier = $this->generate_identifier(); if ($this->send_id_string_first) { + $start = microtime(\true); fputs($this->fsock, $this->identifier . "\r\n"); + $elapsed = round(microtime(\true) - $start, 4); + if (defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\NET_SSH2_LOGGING')) { + $this->append_log("-> (network: {$elapsed})", $this->identifier . "\r\n"); + } } /* According to the SSH2 specs, @@ -1208,6 +1268,7 @@ private function connect() in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients MUST be able to process such lines." */ $data = ''; + $totalElapsed = 0; while (!feof($this->fsock) && !preg_match('#(.*)^(SSH-(\\d\\.\\d+).*)#ms', $data, $matches)) { $line = ''; while (\true) { @@ -1224,38 +1285,37 @@ private function connect() throw new \RuntimeException('Connection timed out whilst receiving server identification string'); } $elapsed = microtime(\true) - $start; + $totalElapsed += $elapsed; $this->curTimeout -= $elapsed; } $temp = stream_get_line($this->fsock, 255, "\n"); if ($temp === \false) { - throw new \RuntimeException('Error reading from socket'); + throw new \RuntimeException('Error reading SSH identification string; are you sure you\'re connecting to an SSH server?'); } + $line .= $temp; if (strlen($temp) == 255) { continue; } - $line .= "{$temp}\n"; - // quoting RFC4253, "Implementers who wish to maintain - // compatibility with older, undocumented versions of this protocol may - // want to process the identification string without expecting the - // presence of the carriage return character for reasons described in - // Section 5 of this document." - //if (substr($line, -2) == "\r\n") { - // break; - //} + $line .= "\n"; break; } $data .= $line; } + if (defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\NET_SSH2_LOGGING')) { + $this->append_log('<- (network: ' . round($totalElapsed, 4) . ')', $data); + } if (feof($this->fsock)) { $this->bitmap = 0; - throw new ConnectionClosedException('Connection closed by server'); + throw new ConnectionClosedException('Connection closed by server; are you sure you\'re connected to an SSH server?'); } $extra = $matches[1]; - if (defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\NET_SSH2_LOGGING')) { - $this->append_log('<-', $matches[0]); - $this->append_log('->', $this->identifier . "\r\n"); - } - $this->server_identifier = trim($temp, "\r\n"); + // earlier the SSH specs were quoted. + // "The server MAY send other lines of data before sending the version string." they said. + // the implication of this is that the lines of data before the server string are *not* a part of it + // getting this right is important because the correct server identifier needs to be fed into the + // exchange hash for the shared keys to be calculated correctly + $data = explode("\r\n", trim($data, "\r\n")); + $this->server_identifier = $data[count($data) - 1]; if (strlen($extra)) { $this->errors[] = $data; } @@ -1275,14 +1335,16 @@ private function connect() $match = $match && version_compare('6.9', $matches[1], '>='); $this->errorOnMultipleChannels = $match; if (!$this->send_id_string_first) { + $start = microtime(\true); fputs($this->fsock, $this->identifier . "\r\n"); + $elapsed = round(microtime(\true) - $start, 4); + if (defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\NET_SSH2_LOGGING')) { + $this->append_log("-> (network: {$elapsed})", $this->identifier . "\r\n"); + } } + $this->last_packet = microtime(\true); if (!$this->send_kex_first) { - $response = $this->get_binary_packet(); - if (is_bool($response) || !strlen($response) || ord($response[0]) != NET_SSH2_MSG_KEXINIT) { - $this->bitmap = 0; - throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); - } + $response = $this->get_binary_packet_or_close(NET_SSH2_MSG_KEXINIT); $this->key_exchange($response); } if ($this->send_kex_first) { @@ -1327,12 +1389,16 @@ private function generate_identifier() * @param string|bool $kexinit_payload_server optional * @throws \UnexpectedValueException on receipt of unexpected packets * @throws \RuntimeException on other errors - * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible + * @throws NoSupportedAlgorithmsException when none of the algorithms phpseclib has loaded are compatible */ private function key_exchange($kexinit_payload_server = \false) { + $this->bytesTransferredSinceLastKEX = 0; $preferred = $this->preferred; - $send_kex = \true; + // for the initial key exchange $send_kex is true (no key re-exchange has been started) + // for phpseclib initiated key exchanges $send_kex is false + $send_kex = !$this->keyExchangeInProgress; + $this->keyExchangeInProgress = \true; $kex_algorithms = isset($preferred['kex']) ? $preferred['kex'] : SSH2::getSupportedKEXAlgorithms(); $server_host_key_algorithms = isset($preferred['hostkey']) ? $preferred['hostkey'] : SSH2::getSupportedHostKeyAlgorithms(); $s2c_encryption_algorithms = isset($preferred['server_to_client']['crypt']) ? $preferred['server_to_client']['crypt'] : SSH2::getSupportedEncryptionAlgorithms(); @@ -1381,13 +1447,17 @@ private function key_exchange($kexinit_payload_server = \false) // first_kex_packet_follows 0 ); - if ($kexinit_payload_server === \false) { + if ($kexinit_payload_server === \false && $send_kex) { $this->send_binary_packet($kexinit_payload_client); - $this->extra_packets = 0; - $kexinit_payload_server = $this->get_binary_packet(); - if (is_bool($kexinit_payload_server) || !strlen($kexinit_payload_server) || ord($kexinit_payload_server[0]) != NET_SSH2_MSG_KEXINIT) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_KEXINIT'); + while (\true) { + $kexinit_payload_server = $this->get_binary_packet(); + switch (ord($kexinit_payload_server[0])) { + case NET_SSH2_MSG_KEXINIT: + break 2; + case NET_SSH2_MSG_DISCONNECT: + return $this->handleDisconnect($kexinit_payload_server); + } + $this->kex_buffer[] = $kexinit_payload_server; } $send_kex = \false; } @@ -1397,8 +1467,13 @@ private function key_exchange($kexinit_payload_server = \false) $server_cookie = Strings::shift($response, 16); list($this->kex_algorithms, $this->server_host_key_algorithms, $this->encryption_algorithms_client_to_server, $this->encryption_algorithms_server_to_client, $this->mac_algorithms_client_to_server, $this->mac_algorithms_server_to_client, $this->compression_algorithms_client_to_server, $this->compression_algorithms_server_to_client, $this->languages_client_to_server, $this->languages_server_to_client, $first_kex_packet_follows) = Strings::unpackSSH2('L10C', $response); if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { - if ($this->session_id === \false && $this->extra_packets) { - throw new \UnexpectedValueException('Possible Terrapin Attack detected'); + if ($this->session_id === \false) { + // [kex-strict-s-v00@openssh.com is] only valid in the initial SSH2_MSG_KEXINIT and MUST be ignored + // if [it is] present in subsequent SSH2_MSG_KEXINIT packets + $this->strict_kex_flag = \true; + if (count($this->kex_buffer)) { + throw new \UnexpectedValueException('Possible Terrapin Attack detected'); + } } } $this->supported_private_key_algorithms = $this->server_host_key_algorithms; @@ -1409,14 +1484,12 @@ private function key_exchange($kexinit_payload_server = \false) // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the // diffie-hellman key exchange as fast as possible $decrypt = self::array_intersect_first($s2c_encryption_algorithms, $this->encryption_algorithms_server_to_client); - $decryptKeyLength = $this->encryption_algorithm_to_key_size($decrypt); - if ($decryptKeyLength === null) { + if (!$decrypt || ($decryptKeyLength = $this->encryption_algorithm_to_key_size($decrypt)) === null) { $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible server to client encryption algorithms found'); } $encrypt = self::array_intersect_first($c2s_encryption_algorithms, $this->encryption_algorithms_client_to_server); - $encryptKeyLength = $this->encryption_algorithm_to_key_size($encrypt); - if ($encryptKeyLength === null) { + if (!$encrypt || ($encryptKeyLength = $this->encryption_algorithm_to_key_size($encrypt)) === null) { $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); throw new NoSupportedAlgorithmsException('No compatible client to server encryption algorithms found'); } @@ -1489,12 +1562,8 @@ private function key_exchange($kexinit_payload_server = \false) $packet = pack('Ca*', NET_SSH2_MSG_KEXDH_GEX_REQUEST, $dh_group_sizes_packed); $this->send_binary_packet($packet); $this->updateLogHistory('UNKNOWN (34)', 'NET_SSH2_MSG_KEXDH_GEX_REQUEST'); - $response = $this->get_binary_packet(); + $response = $this->get_binary_packet_or_close(NET_SSH2_MSG_KEXDH_GEX_GROUP); list($type, $primeBytes, $gBytes) = Strings::unpackSSH2('Css', $response); - if ($type != NET_SSH2_MSG_KEXDH_GEX_GROUP) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_KEX_DH_GEX_GROUP'); - } $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEXDH_GEX_GROUP'); $prime = new BigInteger($primeBytes, -256); $g = new BigInteger($gBytes, -256); @@ -1522,12 +1591,8 @@ private function key_exchange($kexinit_payload_server = \false) case 'NET_SSH2_MSG_KEXDH_GEX_INIT': $this->updateLogHistory('UNKNOWN (32)', 'NET_SSH2_MSG_KEXDH_GEX_INIT'); } - $response = $this->get_binary_packet(); + $response = $this->get_binary_packet_or_close(constant($serverKexReplyMessage)); list($type, $server_public_host_key, $theirPublicBytes, $this->signature) = Strings::unpackSSH2('Csss', $response); - if ($type != constant($serverKexReplyMessage)) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException("Expected {$serverKexReplyMessage}"); - } switch ($serverKexReplyMessage) { case 'NET_SSH2_MSG_KEX_ECDH_REPLY': $this->updateLogHistory('NET_SSH2_MSG_KEXDH_REPLY', 'NET_SSH2_MSG_KEX_ECDH_REPLY'); @@ -1575,17 +1640,9 @@ private function key_exchange($kexinit_payload_server = \false) } $packet = pack('C', NET_SSH2_MSG_NEWKEYS); $this->send_binary_packet($packet); - $response = $this->get_binary_packet(); - if ($response === \false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw new ConnectionClosedException('Connection closed by server'); - } - list($type) = Strings::unpackSSH2('C', $response); - if ($type != NET_SSH2_MSG_NEWKEYS) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); - throw new \UnexpectedValueException('Expected SSH_MSG_NEWKEYS'); - } - if (in_array('kex-strict-s-v00@openssh.com', $this->kex_algorithms)) { + $this->get_binary_packet_or_close(NET_SSH2_MSG_NEWKEYS); + $this->keyExchangeInProgress = \false; + if ($this->strict_kex_flag) { $this->get_seq_no = $this->send_seq_no = 0; } $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes); @@ -1848,7 +1905,7 @@ private static function mac_algorithm_to_hash_instance($algorithm) return [new Hash('md5-96'), 16]; } } - /* + /** * Tests whether or not proposed algorithm has a potential for issues * * @link https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ssh2-aesctr-openssh.html @@ -1878,7 +1935,7 @@ private static function bad_algorithm_candidate($algorithm) */ public function login($username, ...$args) { - if (!$this->retry_connect) { + if (!$this->login_credentials_finalized) { $this->auth[] = func_get_args(); } // try logging with 'none' as an authentication method first since that's what @@ -1974,6 +2031,7 @@ protected function sublogin($username, ...$args) } foreach ($newargs as $arg) { if ($this->login_helper($username, $arg)) { + $this->login_credentials_finalized = \true; return \true; } } @@ -2001,30 +2059,21 @@ private function login_helper($username, $password = null) $packet = Strings::packSSH2('Cs', NET_SSH2_MSG_SERVICE_REQUEST, 'ssh-userauth'); $this->send_binary_packet($packet); try { - $response = $this->get_binary_packet(); - } catch (\Exception $e) { - if ($this->retry_connect) { - $this->retry_connect = \false; - $this->connect(); - return $this->login_helper($username, $password); + $response = $this->get_binary_packet_or_close(NET_SSH2_MSG_SERVICE_ACCEPT); + } catch (InvalidPacketLengthException $e) { + // the first opportunity to encounter the "bad key size" error + if (!$this->bad_key_size_fix && $this->decryptName != null && self::bad_algorithm_candidate($this->decryptName)) { + // bad_key_size_fix is only ever re-assigned to true here + // retry the connection with that new setting but we'll + // only try it once. + $this->bad_key_size_fix = \true; + return $this->reconnect(); } - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); throw $e; } list($type) = Strings::unpackSSH2('C', $response); - if ($type == NET_SSH2_MSG_EXT_INFO) { - list($nr_extensions) = Strings::unpackSSH2('N', $response); - for ($i = 0; $i < $nr_extensions; $i++) { - list($extension_name, $extension_value) = Strings::unpackSSH2('ss', $response); - if ($extension_name == 'server-sig-algs') { - $this->supported_private_key_algorithms = explode(',', $extension_value); - } - } - $response = $this->get_binary_packet(); - list($type) = Strings::unpackSSH2('C', $response); - } list($service) = Strings::unpackSSH2('s', $response); - if ($type != NET_SSH2_MSG_SERVICE_ACCEPT || $service != 'ssh-userauth') { + if ($service != 'ssh-userauth') { $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); throw new \UnexpectedValueException('Expected SSH_MSG_SERVICE_ACCEPT'); } @@ -2049,7 +2098,7 @@ private function login_helper($username, $password = null) if (!isset($password)) { $packet = Strings::packSSH2('Cs3', NET_SSH2_MSG_USERAUTH_REQUEST, $username, 'ssh-connection', 'none'); $this->send_binary_packet($packet); - $response = $this->get_binary_packet(); + $response = $this->get_binary_packet_or_close(); list($type) = Strings::unpackSSH2('C', $response); switch ($type) { case NET_SSH2_MSG_USERAUTH_SUCCESS: @@ -2071,10 +2120,7 @@ private function login_helper($username, $password = null) $logged = Strings::packSSH2('Cs3bs', NET_SSH2_MSG_USERAUTH_REQUEST, $username, 'ssh-connection', 'password', \false, 'password'); } $this->send_binary_packet($packet, $logged); - $response = $this->get_binary_packet(); - if ($response === \false) { - return \false; - } + $response = $this->get_binary_packet_or_close(); list($type) = Strings::unpackSSH2('C', $response); switch ($type) { case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: @@ -2138,7 +2184,7 @@ private function keyboard_interactive_process(...$responses) if (strlen($this->last_interactive_response)) { $response = $this->last_interactive_response; } else { - $orig = $response = $this->get_binary_packet(); + $orig = $response = $this->get_binary_packet_or_close(); } list($type) = Strings::unpackSSH2('C', $response); switch ($type) { @@ -2207,17 +2253,19 @@ private function keyboard_interactive_process(...$responses) * Login with an ssh-agent provided key * * @param string $username - * @param \phpseclib3\System\SSH\Agent $agent + * @param Agent $agent * @return bool */ private function ssh_agent_login($username, Agent $agent) { $this->agent = $agent; $keys = $agent->requestIdentities(); + $orig_algorithms = $this->supported_private_key_algorithms; foreach ($keys as $key) { if ($this->privatekey_login($username, $key)) { return \true; } + $this->supported_private_key_algorithms = $orig_algorithms; } return \false; } @@ -2228,7 +2276,7 @@ private function ssh_agent_login($username, Agent $agent) * by sending dummy SSH_MSG_IGNORE messages.} * * @param string $username - * @param \phpseclib3\Crypt\Common\PrivateKey $privatekey + * @param PrivateKey $privatekey * @return bool * @throws \RuntimeException on connection error */ @@ -2297,7 +2345,7 @@ private function privatekey_login($username, PrivateKey $privatekey) $part2 = Strings::packSSH2('ss', $signatureType, $publickeyStr); $packet = $part1 . chr(0) . $part2; $this->send_binary_packet($packet); - $response = $this->get_binary_packet(); + $response = $this->get_binary_packet_or_close(NET_SSH2_MSG_USERAUTH_SUCCESS, NET_SSH2_MSG_USERAUTH_FAILURE, NET_SSH2_MSG_USERAUTH_PK_OK); list($type) = Strings::unpackSSH2('C', $response); switch ($type) { case NET_SSH2_MSG_USERAUTH_FAILURE: @@ -2317,9 +2365,6 @@ private function privatekey_login($username, PrivateKey $privatekey) case NET_SSH2_MSG_USERAUTH_SUCCESS: $this->bitmap |= self::MASK_LOGIN; return \true; - default: - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new ConnectionClosedException('Unexpected response to publickey authentication pt 1'); } $packet = $part1 . chr(1) . $part2; $privatekey = $privatekey->withHash($hash); @@ -2329,7 +2374,7 @@ private function privatekey_login($username, PrivateKey $privatekey) } $packet .= Strings::packSSH2('s', $signature); $this->send_binary_packet($packet); - $response = $this->get_binary_packet(); + $response = $this->get_binary_packet_or_close(NET_SSH2_MSG_USERAUTH_SUCCESS, NET_SSH2_MSG_USERAUTH_FAILURE); list($type) = Strings::unpackSSH2('C', $response); switch ($type) { case NET_SSH2_MSG_USERAUTH_FAILURE: @@ -2341,8 +2386,6 @@ private function privatekey_login($username, PrivateKey $privatekey) $this->bitmap |= self::MASK_LOGIN; return \true; } - $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - throw new ConnectionClosedException('Unexpected response to publickey authentication pt 2'); } /** * Return the currently configured timeout @@ -2357,7 +2400,7 @@ public function getTimeout() * Set Timeout * * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout. - * Setting $timeout to false or 0 will mean there is no timeout. + * Setting $timeout to false or 0 will revert to the default socket timeout. * * @param mixed $timeout */ @@ -2391,11 +2434,12 @@ public function getStdError() * In all likelihood, this is not a feature you want to be taking advantage of. * * @param string $command + * @param callable $callback * @return string|bool * @psalm-return ($callback is callable ? bool : string|bool) * @throws \RuntimeException on connection error */ - public function exec($command, callable $callback = null) + public function exec($command, $callback = null) { $this->curTimeout = $this->timeout; $this->is_timeout = \false; @@ -2406,7 +2450,7 @@ public function exec($command, callable $callback = null) //if ($this->isPTYOpen()) { // throw new \RuntimeException('If you want to run multiple exec()\'s you will need to disable (and re-enable if appropriate) a PTY for each one.'); //} - $this->openChannel(self::CHANNEL_EXEC); + $this->open_channel(self::CHANNEL_EXEC); if ($this->request_pty === \true) { $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); $packet = Strings::packSSH2('CNsCsN4s', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[self::CHANNEL_EXEC], 'pty-req', 1, $this->term, $this->windowColumns, $this->windowRows, 0, 0, $terminal_modes); @@ -2436,6 +2480,9 @@ public function exec($command, callable $callback = null) $this->channel_id_last_interactive = self::CHANNEL_EXEC; return \true; } + if ($callback === \false) { + return \true; + } $output = ''; while (\true) { $temp = $this->get_channel_packet(self::CHANNEL_EXEC); @@ -2472,9 +2519,9 @@ public function getOpenChannelCount() * @param bool $skip_extended * @return bool */ - protected function openChannel($channel, $skip_extended = \false) + protected function open_channel($channel, $skip_extended = \false) { - if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_CLOSE) { + if (isset($this->channel_status[$channel])) { throw new \RuntimeException('Please close the channel (' . $channel . ') before trying to open it again'); } $this->channelCount++; @@ -2513,7 +2560,7 @@ public function openShell() if (!$this->isAuthenticated()) { throw new InsufficientSetupException('Operation disallowed prior to login()'); } - $this->openChannel(self::CHANNEL_SHELL); + $this->open_channel(self::CHANNEL_SHELL); $terminal_modes = pack('C', NET_SSH2_TTY_OP_END); $packet = Strings::packSSH2( 'CNsbsN4s', @@ -2684,6 +2731,7 @@ public function read($expect = '', $mode = self::READ_SIMPLE, $channel = null) * @return void * @throws \RuntimeException on connection error * @throws InsufficientSetupException on unexpected channel status, possibly due to closure + * @throws TimeoutException if the write could not be completed within the requested self::setTimeout() */ public function write($cmd, $channel = null) { @@ -2700,6 +2748,8 @@ public function write($cmd, $channel = null) throw new \RuntimeException('Unable to initiate an interactive shell session'); } } + $this->curTimeout = $this->timeout; + $this->is_timeout = \false; $this->send_channel_packet($channel, $cmd); } /** @@ -2717,7 +2767,7 @@ public function write($cmd, $channel = null) */ public function startSubsystem($subsystem) { - $this->openChannel(self::CHANNEL_SUBSYSTEM); + $this->open_channel(self::CHANNEL_SUBSYSTEM); $packet = Strings::packSSH2('CNsCs', NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[self::CHANNEL_SUBSYSTEM], 'subsystem', 1, $subsystem); $this->send_binary_packet($packet); $this->channel_status[self::CHANNEL_SUBSYSTEM] = NET_SSH2_MSG_CHANNEL_REQUEST; @@ -2764,6 +2814,25 @@ public function reset($channel = null) $this->close_channel($channel); } } + /** + * Send EOF on a channel + * + * Sends an EOF to the stream; this is typically used to close standard + * input, while keeping output and error alive. + * + * @param int|null $channel Channel id returned by self::getInteractiveChannelId() + * @return void + */ + public function sendEOF($channel = null) + { + if ($channel === null) { + $channel = $this->get_interactive_channel(); + } + $excludeStatuses = [NET_SSH2_MSG_CHANNEL_EOF, NET_SSH2_MSG_CHANNEL_CLOSE]; + if (isset($this->channel_status[$channel]) && !in_array($this->channel_status[$channel], $excludeStatuses)) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$channel])); + } + } /** * Is timeout? * @@ -2824,7 +2893,7 @@ public function isConnected($level = 0) if ($level == 1) { $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); } else { - $this->openChannel(self::CHANNEL_KEEP_ALIVE); + $this->open_channel(self::CHANNEL_KEEP_ALIVE); $this->close_channel(self::CHANNEL_KEEP_ALIVE); } return \true; @@ -2896,7 +2965,7 @@ public function ping() return \false; } try { - $this->openChannel(self::CHANNEL_KEEP_ALIVE); + $this->open_channel(self::CHANNEL_KEEP_ALIVE); } catch (\RuntimeException $e) { return $this->reconnect(); } @@ -2910,8 +2979,7 @@ public function ping() */ private function reconnect() { - $this->reset_connection(NET_SSH2_DISCONNECT_CONNECTION_LOST); - $this->retry_connect = \true; + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); $this->connect(); foreach ($this->auth as $auth) { $result = $this->login(...$auth); @@ -2920,21 +2988,68 @@ private function reconnect() } /** * Resets a connection for re-use - * - * @param int $reason */ - protected function reset_connection($reason) + protected function reset_connection() { - $this->disconnect_helper($reason); + if (is_resource($this->fsock) && get_resource_type($this->fsock) === 'stream') { + fclose($this->fsock); + } + $this->fsock = null; + $this->bitmap = 0; + $this->binary_packet_buffer = null; $this->decrypt = $this->encrypt = \false; $this->decrypt_block_size = $this->encrypt_block_size = 8; $this->hmac_check = $this->hmac_create = \false; $this->hmac_size = \false; $this->session_id = \false; - $this->retry_connect = \true; + $this->last_packet = null; $this->get_seq_no = $this->send_seq_no = 0; $this->channel_status = []; $this->channel_id_last_interactive = 0; + $this->channel_buffers = []; + $this->channel_buffers_write = []; + } + /** + * @return int[] second and microsecond stream timeout options based on user-requested timeout and keep-alive, or the default socket timeout by default, which mirrors PHP socket streams. + */ + private function get_stream_timeout() + { + $sec = ini_get('default_socket_timeout'); + $usec = 0; + if ($this->curTimeout > 0) { + $sec = (int) floor($this->curTimeout); + $usec = (int) (1000000 * ($this->curTimeout - $sec)); + } + if ($this->keepAlive > 0) { + $elapsed = microtime(\true) - $this->last_packet; + $timeout = max($this->keepAlive - $elapsed, 0); + if (!$this->curTimeout || $timeout < $this->curTimeout) { + $sec = (int) floor($timeout); + $usec = (int) (1000000 * ($timeout - $sec)); + } + } + return [$sec, $usec]; + } + /** + * Retrieves the next packet with added timeout and type handling + * + * @param string $message_types Message types to enforce in response, closing if not met + * @return string + * @throws ConnectionClosedException If an error has occurred preventing read of the next packet + */ + private function get_binary_packet_or_close(...$message_types) + { + try { + $packet = $this->get_binary_packet(); + if (count($message_types) > 0 && !in_array(ord($packet[0]), $message_types)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new ConnectionClosedException('Bad message type. Expected: #' . implode(', #', $message_types) . '. Got: #' . ord($packet[0])); + } + return $packet; + } catch (TimeoutException $e) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); + throw new ConnectionClosedException('Connection closed due to timeout'); + } } /** * Gets Binary Packets @@ -2942,175 +3057,145 @@ protected function reset_connection($reason) * See '6. Binary Packet Protocol' of rfc4253 for more info. * * @see self::_send_binary_packet() - * @param bool $skip_channel_filter - * @return bool|string + * @return string + * @throws TimeoutException If user requested timeout was reached while waiting for next packet + * @throws ConnectionClosedException If an error has occurred preventing read of the next packet */ - private function get_binary_packet($skip_channel_filter = \false) + private function get_binary_packet() { - if ($skip_channel_filter) { - if (!is_resource($this->fsock)) { - throw new \InvalidArgumentException('fsock is not a resource.'); + if (!is_resource($this->fsock)) { + throw new \InvalidArgumentException('fsock is not a resource.'); + } + if (!$this->keyExchangeInProgress && count($this->kex_buffer)) { + return $this->filter(array_shift($this->kex_buffer)); + } + if ($this->binary_packet_buffer == null) { + // buffer the packet to permit continued reads across timeouts + $this->binary_packet_buffer = (object) [ + 'read_time' => 0, + // the time to read the packet from the socket + 'raw' => '', + // the raw payload read from the socket + 'plain' => '', + // the packet in plain text, excluding packet_length header + 'packet_length' => null, + // the packet_length value pulled from the payload + 'size' => $this->decrypt_block_size, + ]; + } + $packet = $this->binary_packet_buffer; + while (strlen($packet->raw) < $packet->size) { + if (feof($this->fsock)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw new ConnectionClosedException('Connection closed by server'); } - $read = [$this->fsock]; - $write = $except = null; - if (!$this->curTimeout) { - if ($this->keepAlive <= 0) { - static::stream_select($read, $write, $except, null); - } else { - if (!static::stream_select($read, $write, $except, $this->keepAlive)) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); - return $this->get_binary_packet(\true); - } - } - } else { - if ($this->curTimeout < 0) { - $this->is_timeout = \true; - return \true; - } - $start = microtime(\true); - if ($this->keepAlive > 0 && $this->keepAlive < $this->curTimeout) { - if (!static::stream_select($read, $write, $except, $this->keepAlive)) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); - $elapsed = microtime(\true) - $start; - $this->curTimeout -= $elapsed; - return $this->get_binary_packet(\true); - } - $elapsed = microtime(\true) - $start; - $this->curTimeout -= $elapsed; - } - $sec = (int) floor($this->curTimeout); - $usec = (int) (1000000 * ($this->curTimeout - $sec)); - // this can return a "stream_select(): unable to select [4]: Interrupted system call" error - if (!static::stream_select($read, $write, $except, $sec, $usec)) { - $this->is_timeout = \true; - return \true; - } - $elapsed = microtime(\true) - $start; + if ($this->curTimeout < 0) { + $this->is_timeout = \true; + throw new TimeoutException('Timed out waiting for server'); + } + $this->send_keep_alive(); + list($sec, $usec) = $this->get_stream_timeout(); + stream_set_timeout($this->fsock, $sec, $usec); + $start = microtime(\true); + $raw = stream_get_contents($this->fsock, $packet->size - strlen($packet->raw)); + $elapsed = microtime(\true) - $start; + $packet->read_time += $elapsed; + if ($this->curTimeout > 0) { $this->curTimeout -= $elapsed; } - } - if (!is_resource($this->fsock) || feof($this->fsock)) { - $this->bitmap = 0; - $str = 'Connection closed (by server) prematurely'; - if (isset($elapsed)) { - $str .= ' ' . $elapsed . 's'; + if ($raw === \false) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw new ConnectionClosedException('Connection closed by server'); + } elseif (!strlen($raw)) { + continue; + } + $packet->raw .= $raw; + if (!$packet->packet_length) { + $this->get_binary_packet_size($packet); } - throw new ConnectionClosedException($str); } - $start = microtime(\true); - $sec = (int) floor($this->curTimeout); - $usec = (int) (1000000 * ($this->curTimeout - $sec)); - stream_set_timeout($this->fsock, $sec, $usec); - $raw = stream_get_contents($this->fsock, $this->decrypt_block_size); - if (!strlen($raw)) { - $this->bitmap = 0; - throw new ConnectionClosedException('No data received from server'); + if (strlen($packet->raw) != $packet->size) { + throw new \RuntimeException('Size of packet was not expected length'); } + // destroy buffer as packet represents the entire payload and should be processed in full + $this->binary_packet_buffer = null; + // copy the raw payload, so as not to destroy original + $raw = $packet->raw; + if ($this->hmac_check instanceof Hash) { + $hmac = Strings::pop($raw, $this->hmac_size); + } + $packet_length_header_size = 4; if ($this->decrypt) { switch ($this->decryptName) { case 'aes128-gcm@openssh.com': case 'aes256-gcm@openssh.com': $this->decrypt->setNonce($this->decryptFixedPart . $this->decryptInvocationCounter); Strings::increment_str($this->decryptInvocationCounter); - $this->decrypt->setAAD($temp = Strings::shift($raw, 4)); - extract(unpack('Npacket_length', $temp)); - /** - * @var integer $packet_length - */ - $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); - $stop = microtime(\true); - $tag = stream_get_contents($this->fsock, $this->decrypt_block_size); - $this->decrypt->setTag($tag); - $raw = $this->decrypt->decrypt($raw); - $raw = $temp . $raw; - $remaining_length = 0; + $this->decrypt->setAAD(Strings::shift($raw, $packet_length_header_size)); + $this->decrypt->setTag(Strings::pop($raw, $this->decrypt_block_size)); + $packet->plain = $this->decrypt->decrypt($raw); break; case 'chacha20-poly1305@openssh.com': // This should be impossible, but we are checking anyway to narrow the type for Psalm. if (!$this->decrypt instanceof ChaCha20) { throw new \LogicException('$this->decrypt is not a ' . ChaCha20::class); } - $nonce = pack('N2', 0, $this->get_seq_no); - $this->lengthDecrypt->setNonce($nonce); - $temp = $this->lengthDecrypt->decrypt($aad = Strings::shift($raw, 4)); - extract(unpack('Npacket_length', $temp)); - /** - * @var integer $packet_length - */ - $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); - $stop = microtime(\true); - $tag = stream_get_contents($this->fsock, 16); - $this->decrypt->setNonce($nonce); + $this->decrypt->setNonce(pack('N2', 0, $this->get_seq_no)); $this->decrypt->setCounter(0); // this is the same approach that's implemented in Salsa20::createPoly1305Key() // but we don't want to use the same AEAD construction that RFC8439 describes // for ChaCha20-Poly1305 so we won't rely on it (see Salsa20::poly1305()) $this->decrypt->setPoly1305Key($this->decrypt->encrypt(str_repeat("\x00", 32))); - $this->decrypt->setAAD($aad); + $this->decrypt->setAAD(Strings::shift($raw, $packet_length_header_size)); $this->decrypt->setCounter(1); - $this->decrypt->setTag($tag); - $raw = $this->decrypt->decrypt($raw); - $raw = $temp . $raw; - $remaining_length = 0; + $this->decrypt->setTag(Strings::pop($raw, 16)); + $packet->plain = $this->decrypt->decrypt($raw); break; default: if (!$this->hmac_check instanceof Hash || !$this->hmac_check_etm) { - $raw = $this->decrypt->decrypt($raw); - break; + // first block was already decrypted for contained packet_length header + Strings::shift($raw, $this->decrypt_block_size); + if (strlen($raw) > 0) { + $packet->plain .= $this->decrypt->decrypt($raw); + } + } else { + Strings::shift($raw, $packet_length_header_size); + $packet->plain = $this->decrypt->decrypt($raw); } - extract(unpack('Npacket_length', $temp = Strings::shift($raw, 4))); - /** - * @var integer $packet_length - */ - $raw .= $this->read_remaining_bytes($packet_length - $this->decrypt_block_size + 4); - $stop = microtime(\true); - $encrypted = $temp . $raw; - $raw = $temp . $this->decrypt->decrypt($raw); - $remaining_length = 0; + break; } + } else { + Strings::shift($raw, $packet_length_header_size); + $packet->plain = $raw; } - if (strlen($raw) < 5) { - $this->bitmap = 0; - throw new \RuntimeException('Plaintext is too short'); - } - extract(unpack('Npacket_length/Cpadding_length', Strings::shift($raw, 5))); - /** - * @var integer $packet_length - * @var integer $padding_length - */ - if (!isset($remaining_length)) { - $remaining_length = $packet_length + 4 - $this->decrypt_block_size; - } - $buffer = $this->read_remaining_bytes($remaining_length); - if (!isset($stop)) { - $stop = microtime(\true); - } - if (strlen($buffer)) { - $raw .= $this->decrypt ? $this->decrypt->decrypt($buffer) : $buffer; - } - $payload = Strings::shift($raw, $packet_length - $padding_length - 1); - $padding = Strings::shift($raw, $padding_length); - // should leave $raw empty if ($this->hmac_check instanceof Hash) { - $hmac = stream_get_contents($this->fsock, $this->hmac_size); - if ($hmac === \false || strlen($hmac) != $this->hmac_size) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); - throw new \RuntimeException('Error reading socket'); - } - $reconstructed = !$this->hmac_check_etm ? pack('NCa*', $packet_length, $padding_length, $payload . $padding) : $encrypted; + $reconstructed = !$this->hmac_check_etm ? pack('Na*', $packet->packet_length, $packet->plain) : substr($packet->raw, 0, -$this->hmac_size); if (($this->hmac_check->getHash() & "\xff\xff\xff\xff") == 'umac') { $this->hmac_check->setNonce("\x00\x00\x00\x00" . pack('N', $this->get_seq_no)); if ($hmac != $this->hmac_check->hash($reconstructed)) { $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); - throw new \RuntimeException('Invalid UMAC'); + throw new ConnectionClosedException('Invalid UMAC'); } } else { if ($hmac != $this->hmac_check->hash(pack('Na*', $this->get_seq_no, $reconstructed))) { $this->disconnect_helper(NET_SSH2_DISCONNECT_MAC_ERROR); - throw new \RuntimeException('Invalid HMAC'); + throw new ConnectionClosedException('Invalid HMAC'); } } } + $padding_length = 0; + $payload = $packet->plain; + $padding_length = unpack('Cpadding_length', Strings::shift($payload, 1))['padding_length']; + if ($padding_length > 0) { + Strings::pop($payload, $padding_length); + } + if (!$this->keyExchangeInProgress) { + $this->bytesTransferredSinceLastKEX += $packet->packet_length + $padding_length + 5; + } + if (empty($payload)) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new ConnectionClosedException('Plaintext is too short'); + } switch ($this->decompress) { case self::NET_SSH2_COMPRESSION_ZLIB_AT_OPENSSH: if (!$this->isAuthenticated()) { @@ -3124,17 +3209,17 @@ private function get_binary_packet($skip_channel_filter = \false) $cm = $cmf & 0xf; if ($cm != 8) { // deflate - user_error("Only CM = 8 ('deflate') is supported ({$cm})"); + throw new UnsupportedAlgorithmException("Only CM = 8 ('deflate') is supported ({$cm})"); } $cinfo = ($cmf & 0xf0) >> 4; if ($cinfo > 7) { - user_error("CINFO above 7 is not allowed ({$cinfo})"); + throw new \RuntimeException("CINFO above 7 is not allowed ({$cinfo})"); } $windowSize = 1 << $cinfo + 8; $flg = ord($payload[1]); //$fcheck = $flg && 0x0F; if (($cmf << 8 | $flg) % 31) { - user_error('fcheck failed'); + throw new \RuntimeException('fcheck failed'); } $fdict = boolval($flg & 0x20); $flevel = ($flg & 0xc0) >> 6; @@ -3149,61 +3234,93 @@ private function get_binary_packet($skip_channel_filter = \false) if (defined('Matomo\\Dependencies\\GoogleAnalyticsImporter\\NET_SSH2_LOGGING')) { $current = microtime(\true); $message_number = isset(self::$message_numbers[ord($payload[0])]) ? self::$message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')'; - $message_number = '<- ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; + $message_number = '<- ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($packet->read_time, 4) . 's)'; $this->append_log($message_number, $payload); - $this->last_packet = $current; } - return $this->filter($payload, $skip_channel_filter); + $this->last_packet = microtime(\true); + if ($this->bytesTransferredSinceLastKEX > $this->doKeyReexchangeAfterXBytes) { + $this->key_exchange(); + } + return $this->filter($payload); } /** - * Read Remaining Bytes - * - * @see self::get_binary_packet() - * @param int $remaining_length - * @return string + * @param object $packet The packet object being constructed, passed by reference + * The size, packet_length, and plain properties of this object may be modified in processing + * @throws InvalidPacketLengthException if the packet length header is invalid */ - private function read_remaining_bytes($remaining_length) + private function get_binary_packet_size(&$packet) { - if (!$remaining_length) { - return ''; + $packet_length_header_size = 4; + if (strlen($packet->raw) < $packet_length_header_size) { + return; } - $adjustLength = \false; + $packet_length = 0; + $added_validation_length = 0; + // indicates when the packet length header is included when validating packet length against block size if ($this->decrypt) { - switch (\true) { - case $this->decryptName == 'aes128-gcm@openssh.com': - case $this->decryptName == 'aes256-gcm@openssh.com': - case $this->decryptName == 'chacha20-poly1305@openssh.com': - case $this->hmac_check instanceof Hash && $this->hmac_check_etm: - $remaining_length += $this->decrypt_block_size - 4; - $adjustLength = \true; + switch ($this->decryptName) { + case 'aes128-gcm@openssh.com': + case 'aes256-gcm@openssh.com': + $packet_length = unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size))['packet_length']; + $packet->size = $packet_length_header_size + $packet_length + $this->decrypt_block_size; + // expect tag + break; + case 'chacha20-poly1305@openssh.com': + $this->lengthDecrypt->setNonce(pack('N2', 0, $this->get_seq_no)); + $packet_length_header = $this->lengthDecrypt->decrypt(substr($packet->raw, 0, $packet_length_header_size)); + $packet_length = unpack('Npacket_length', $packet_length_header)['packet_length']; + $packet->size = $packet_length_header_size + $packet_length + 16; + // expect tag + break; + default: + if (!$this->hmac_check instanceof Hash || !$this->hmac_check_etm) { + if (strlen($packet->raw) < $this->decrypt_block_size) { + return; + } + $packet->plain = $this->decrypt->decrypt(substr($packet->raw, 0, $this->decrypt_block_size)); + $packet_length = unpack('Npacket_length', Strings::shift($packet->plain, $packet_length_header_size))['packet_length']; + $packet->size = $packet_length_header_size + $packet_length; + $added_validation_length = $packet_length_header_size; + } else { + $packet_length = unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size))['packet_length']; + $packet->size = $packet_length_header_size + $packet_length; + } + break; } + } else { + $packet_length = unpack('Npacket_length', substr($packet->raw, 0, $packet_length_header_size))['packet_length']; + $packet->size = $packet_length_header_size + $packet_length; + $added_validation_length = $packet_length_header_size; } // quoting , // "implementations SHOULD check that the packet length is reasonable" // PuTTY uses 0x9000 as the actual max packet size and so to shall we - // don't do this when GCM mode is used since GCM mode doesn't encrypt the length - if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) { - if (!$this->bad_key_size_fix && self::bad_algorithm_candidate($this->decrypt ? $this->decryptName : '') && !($this->bitmap & SSH2::MASK_LOGIN)) { - $this->bad_key_size_fix = \true; - $this->reset_connection(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); - return \false; - } - throw new \RuntimeException('Invalid size'); - } - if ($adjustLength) { - $remaining_length -= $this->decrypt_block_size - 4; + if ($packet_length <= 0 || $packet_length > 0x9000 || ($packet_length + $added_validation_length) % $this->decrypt_block_size != 0) { + $this->disconnect_helper(NET_SSH2_DISCONNECT_PROTOCOL_ERROR); + throw new InvalidPacketLengthException('Invalid packet length'); } - $buffer = ''; - while ($remaining_length > 0) { - $temp = stream_get_contents($this->fsock, $remaining_length); - if ($temp === \false || feof($this->fsock)) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw new \RuntimeException('Error reading from socket'); - } - $buffer .= $temp; - $remaining_length -= strlen($temp); + if ($this->hmac_check instanceof Hash) { + $packet->size += $this->hmac_size; } - return $buffer; + $packet->packet_length = $packet_length; + } + /** + * Handle Disconnect + * + * Because some binary packets need to be ignored... + * + * @see self::filter() + * @see self::key_exchange() + * @return boolean + * @access private + */ + private function handleDisconnect($payload) + { + Strings::shift($payload, 1); + list($reason_code, $message) = Strings::unpackSSH2('Ns', $payload); + $this->errors[] = 'SSH_MSG_DISCONNECT: ' . self::$disconnect_reasons[$reason_code] . "\r\n{$message}"; + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); + throw new ConnectionClosedException('Connection closed by server'); } /** * Filter Binary Packets @@ -3212,87 +3329,103 @@ private function read_remaining_bytes($remaining_length) * * @see self::_get_binary_packet() * @param string $payload - * @param bool $skip_channel_filter - * @return string|bool + * @return string */ - private function filter($payload, $skip_channel_filter) + private function filter($payload) { + if (ord($payload[0]) == NET_SSH2_MSG_DISCONNECT) { + return $this->handleDisconnect($payload); + } + if ($this->session_id === \false && $this->keyExchangeInProgress) { + return $payload; + } switch (ord($payload[0])) { - case NET_SSH2_MSG_DISCONNECT: - Strings::shift($payload, 1); - list($reason_code, $message) = Strings::unpackSSH2('Ns', $payload); - $this->errors[] = 'SSH_MSG_DISCONNECT: ' . self::$disconnect_reasons[$reason_code] . "\r\n{$message}"; - $this->bitmap = 0; - return \false; case NET_SSH2_MSG_IGNORE: - $this->extra_packets++; - $payload = $this->get_binary_packet($skip_channel_filter); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_DEBUG: - $this->extra_packets++; Strings::shift($payload, 2); // second byte is "always_display" list($message) = Strings::unpackSSH2('s', $payload); $this->errors[] = "SSH_MSG_DEBUG: {$message}"; - $payload = $this->get_binary_packet($skip_channel_filter); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_UNIMPLEMENTED: - return \false; + break; + // return payload case NET_SSH2_MSG_KEXINIT: - // this is here for key re-exchanges after the initial key exchange - if ($this->session_id !== \false) { + // this is here for server initiated key re-exchanges after the initial key exchange + if (!$this->keyExchangeInProgress && $this->session_id !== \false) { if (!$this->key_exchange($payload)) { - $this->bitmap = 0; - return \false; + $this->disconnect_helper(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED); + throw new ConnectionClosedException('Key exchange failed'); + } + $payload = $this->get_binary_packet(); + } + break; + case NET_SSH2_MSG_EXT_INFO: + Strings::shift($payload, 1); + list($nr_extensions) = Strings::unpackSSH2('N', $payload); + for ($i = 0; $i < $nr_extensions; $i++) { + list($extension_name, $extension_value) = Strings::unpackSSH2('ss', $payload); + if ($extension_name == 'server-sig-algs') { + $this->supported_private_key_algorithms = explode(',', $extension_value); } - $payload = $this->get_binary_packet($skip_channel_filter); } + $payload = $this->get_binary_packet(); + } + /* + Once a party has sent a SSH_MSG_KEXINIT message for key exchange or + re-exchange, until it has sent a SSH_MSG_NEWKEYS message (Section + 7.3), it MUST NOT send any messages other than: + + o Transport layer generic messages (1 to 19) (but + SSH_MSG_SERVICE_REQUEST and SSH_MSG_SERVICE_ACCEPT MUST NOT be + sent); + + o Algorithm negotiation messages (20 to 29) (but further + SSH_MSG_KEXINIT messages MUST NOT be sent); + + o Specific key exchange method messages (30 to 49). + + -- https://www.rfc-editor.org/rfc/rfc4253#section-7.1 + */ + if ($this->keyExchangeInProgress) { + return $payload; } // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in - if ($this->bitmap & self::MASK_CONNECTED && !$this->isAuthenticated() && !is_bool($payload) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { + if ($this->bitmap & self::MASK_CONNECTED && !$this->isAuthenticated() && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) { Strings::shift($payload, 1); list($this->banner_message) = Strings::unpackSSH2('s', $payload); $payload = $this->get_binary_packet(); } // only called when we've already logged in if ($this->bitmap & self::MASK_CONNECTED && $this->isAuthenticated()) { - if (is_bool($payload)) { - return $payload; - } switch (ord($payload[0])) { case NET_SSH2_MSG_CHANNEL_REQUEST: if (strlen($payload) == 31) { - extract(unpack('cpacket_type/Nchannel/Nlength', $payload)); + $unpacked = unpack('cpacket_type/Nchannel/Nlength', $payload); + $packet_type = $unpacked['packet_type']; + $channel = $unpacked['channel']; + $length = $unpacked['length']; if (substr($payload, 9, $length) == 'keepalive@openssh.com' && isset($this->server_channels[$channel])) { if (ord(substr($payload, 9 + $length))) { // want reply $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_SUCCESS, $this->server_channels[$channel])); } - $payload = $this->get_binary_packet($skip_channel_filter); + $payload = $this->get_binary_packet(); } } break; - case NET_SSH2_MSG_CHANNEL_DATA: - case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: - case NET_SSH2_MSG_CHANNEL_CLOSE: - case NET_SSH2_MSG_CHANNEL_EOF: - if (!$skip_channel_filter && !empty($this->server_channels)) { - $this->binary_packet_buffer = $payload; - $this->get_channel_packet(\true); - $payload = $this->get_binary_packet(); - } - break; case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4 Strings::shift($payload, 1); - list($request_name) = Strings::unpackSSH2('s', $payload); + list($request_name, $want_reply) = Strings::unpackSSH2('sb', $payload); $this->errors[] = "SSH_MSG_GLOBAL_REQUEST: {$request_name}"; - try { + if ($want_reply) { $this->send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE)); - } catch (\RuntimeException $e) { - return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); } - $payload = $this->get_binary_packet($skip_channel_filter); + $payload = $this->get_binary_packet(); break; case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1 @@ -3324,19 +3457,10 @@ private function filter($payload, $skip_channel_filter) // description '' ); - try { - $this->send_binary_packet($packet); - } catch (\RuntimeException $e) { - return $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); - } + $this->send_binary_packet($packet); } - $payload = $this->get_binary_packet($skip_channel_filter); + $payload = $this->get_binary_packet(); break; - case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: - Strings::shift($payload, 1); - list($channel, $window_size) = Strings::unpackSSH2('NN', $payload); - $this->window_size_client_to_server[$channel] += $window_size; - $payload = $this->bitmap & self::MASK_WINDOW_ADJUST ? \true : $this->get_binary_packet($skip_channel_filter); } } return $payload; @@ -3409,6 +3533,7 @@ public function isPTYEnabled() * * - the server closes the channel * - if the connection times out + * - if a window adjust packet is received on the given negated client channel * - if the channel status is CHANNEL_OPEN and the response was CHANNEL_OPEN_CONFIRMATION * - if the channel status is CHANNEL_REQUEST and the response was CHANNEL_SUCCESS * - if the channel status is CHANNEL_CLOSE and the response was CHANNEL_CLOSE @@ -3417,7 +3542,10 @@ public function isPTYEnabled() * * - if the channel status is CHANNEL_REQUEST and the response was CHANNEL_FAILURE * - * @param int $client_channel + * @param int $client_channel Specifies the channel to return data for, and data received + * on other channels is buffered. The respective negative value of a channel is + * also supported for the case that the caller is awaiting adjustment of the data + * window, and where data received on that respective channel is also buffered. * @param bool $skip_extended * @return mixed * @throws \RuntimeException on connection error @@ -3425,7 +3553,8 @@ public function isPTYEnabled() protected function get_channel_packet($client_channel, $skip_extended = \false) { if (!empty($this->channel_buffers[$client_channel])) { - switch ($this->channel_status[$client_channel]) { + // in phpseclib 4.0 this should be changed to $this->channel_status[$client_channel] ?? null + switch (isset($this->channel_status[$client_channel]) ? $this->channel_status[$client_channel] : null) { case NET_SSH2_MSG_CHANNEL_REQUEST: foreach ($this->channel_buffers[$client_channel] as $i => $packet) { switch (ord($packet[0])) { @@ -3441,26 +3570,15 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) } } while (\true) { - if ($this->binary_packet_buffer !== \false) { - $response = $this->binary_packet_buffer; - $this->binary_packet_buffer = \false; - } else { - $response = $this->get_binary_packet(\true); - if ($response === \true && $this->is_timeout) { - if ($client_channel == self::CHANNEL_EXEC && !$this->request_pty) { - $this->close_channel($client_channel); - } - return \true; - } - if ($response === \false) { - $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); - throw new ConnectionClosedException('Connection closed by server'); - } - } - if ($client_channel == -1 && $response === \true) { + try { + $response = $this->get_binary_packet(); + } catch (TimeoutException $e) { return \true; } - list($type, $channel) = Strings::unpackSSH2('CN', $response); + list($type) = Strings::unpackSSH2('C', $response); + if (strlen($response) >= 4) { + list($channel) = Strings::unpackSSH2('N', $response); + } // will not be setup yet on incoming channel open request if (isset($channel) && isset($this->channel_status[$channel]) && isset($this->window_size_server_to_client[$channel])) { $this->window_size_server_to_client[$channel] -= strlen($response); @@ -3473,6 +3591,13 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) $this->window_size_server_to_client[$channel] += $this->window_resize; } switch ($type) { + case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST: + list($window_size) = Strings::unpackSSH2('N', $response); + $this->window_size_client_to_server[$channel] += $window_size; + if ($channel == -$client_channel) { + return \true; + } + continue 2; case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA: /* if ($client_channel == self::CHANNEL_EXEC) { @@ -3491,7 +3616,7 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) $this->channel_buffers[$channel][] = chr($type) . $data; continue 2; case NET_SSH2_MSG_CHANNEL_REQUEST: - if ($this->channel_status[$channel] == NET_SSH2_MSG_CHANNEL_CLOSE) { + if (!isset($this->channel_status[$channel])) { continue 2; } list($value) = Strings::unpackSSH2('s', $response); @@ -3502,9 +3627,13 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) if (strlen($error_message)) { $this->errors[count($this->errors) - 1] .= "\r\n{$error_message}"; } - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); - $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF; + if (isset($this->channel_status[$channel]) && $this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_CLOSE) { + if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$channel])); + } + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); + $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; + } continue 3; case 'exit-status': list(, $this->exit_status) = Strings::unpackSSH2('CN', $response); @@ -3512,8 +3641,13 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) // -- http://tools.ietf.org/html/rfc4254#section-6.10 continue 3; default: - // "Some systems may not implement signals, in which case they SHOULD ignore this message." - // -- http://tools.ietf.org/html/rfc4254#section-6.9 + list($want_reply) = Strings::unpackSSH2('b', $response); + if ($want_reply) { + // "If the request is not recognized or is not supported for the channel, + // SSH_MSG_CHANNEL_FAILURE is returned." + // -- https://datatracker.ietf.org/doc/html/rfc4254#page-10 + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_FAILURE, $this->server_channels[$channel])); + } continue 3; } } @@ -3590,10 +3724,10 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) case NET_SSH2_MSG_CHANNEL_CLOSE: $this->curTimeout = 5; $this->close_channel_bitmap($channel); - if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) { + if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_CLOSE) { $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel])); } - $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE; + unset($this->channel_status[$channel]); $this->channelCount--; if ($client_channel == $channel) { return \true; @@ -3620,7 +3754,7 @@ protected function get_channel_packet($client_channel, $skip_extended = \false) protected function send_binary_packet($data, $logged = null) { if (!is_resource($this->fsock) || feof($this->fsock)) { - $this->bitmap = 0; + $this->disconnect_helper(NET_SSH2_DISCONNECT_CONNECTION_LOST); throw new ConnectionClosedException('Connection closed prematurely'); } if (!isset($logged)) { @@ -3712,6 +3846,9 @@ protected function send_binary_packet($data, $logged = null) } $this->send_seq_no++; $packet .= $this->encrypt && $this->encrypt->usesNonce() ? $this->encrypt->getTag() : $hmac; + if (!$this->keyExchangeInProgress) { + $this->bytesTransferredSinceLastKEX += strlen($packet); + } $start = microtime(\true); $sent = @fputs($this->fsock, $packet); $stop = microtime(\true); @@ -3720,13 +3857,28 @@ protected function send_binary_packet($data, $logged = null) $message_number = isset(self::$message_numbers[ord($logged[0])]) ? self::$message_numbers[ord($logged[0])] : 'UNKNOWN (' . ord($logged[0]) . ')'; $message_number = '-> ' . $message_number . ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)'; $this->append_log($message_number, $logged); - $this->last_packet = $current; } + $this->last_packet = microtime(\true); if (strlen($packet) != $sent) { - $this->bitmap = 0; + $this->disconnect_helper(NET_SSH2_DISCONNECT_BY_APPLICATION); $message = $sent === \false ? 'Unable to write ' . strlen($packet) . ' bytes' : "Only {$sent} of " . strlen($packet) . " bytes were sent"; throw new \RuntimeException($message); } + if ($this->bytesTransferredSinceLastKEX > $this->doKeyReexchangeAfterXBytes) { + $this->key_exchange(); + } + } + /** + * Sends a keep-alive message, if keep-alive is enabled and interval is met + */ + private function send_keep_alive() + { + if ($this->bitmap & self::MASK_CONNECTED) { + $elapsed = microtime(\true) - $this->last_packet; + if ($this->keepAlive > 0 && $elapsed >= $this->keepAlive) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_IGNORE, 0)); + } + } } /** * Logs data packets @@ -3756,7 +3908,7 @@ private function append_log($message_number, $message) protected function append_log_helper($constant, $message_number, $message, array &$message_number_log, array &$message_log, &$log_size, &$realtime_log_file, &$realtime_log_wrap, &$realtime_log_size) { // remove the byte identifying the message type from all but the first two messages (ie. the identification strings) - if (strlen($message_number) > 2) { + if (!in_array(substr($message_number, 0, 4), ['<- (', '-> (']) && strlen($message_number) > 2) { Strings::shift($message); } switch ($constant) { @@ -3823,6 +3975,10 @@ protected function append_log_helper($constant, $message_number, $message, array $realtime_log_wrap = \true; } fputs($realtime_log_file, $entry); + break; + case self::LOG_REALTIME_SIMPLE: + echo $message_number; + echo \PHP_SAPI == 'cli' ? "\r\n" : '
'; } } /** @@ -3836,12 +3992,21 @@ protected function append_log_helper($constant, $message_number, $message, array */ protected function send_channel_packet($client_channel, $data) { + if (isset($this->channel_buffers_write[$client_channel]) && strpos($data, $this->channel_buffers_write[$client_channel]) === 0) { + // if buffer holds identical initial data content, resume send from the unmatched data portion + $data = substr($data, strlen($this->channel_buffers_write[$client_channel])); + } else { + $this->channel_buffers_write[$client_channel] = ''; + } while (strlen($data)) { if (!$this->window_size_client_to_server[$client_channel]) { - $this->bitmap ^= self::MASK_WINDOW_ADJUST; // using an invalid channel will let the buffers be built up for the valid channels - $this->get_channel_packet(-1); - $this->bitmap ^= self::MASK_WINDOW_ADJUST; + $this->get_channel_packet(-$client_channel); + if ($this->isTimeout()) { + throw new TimeoutException('Timed out waiting for server'); + } elseif (!$this->window_size_client_to_server[$client_channel]) { + throw new \RuntimeException('Data window was not adjusted'); + } } /* The maximum amount of data allowed is determined by the maximum packet size for the channel, and the current window size, whichever @@ -3852,7 +4017,9 @@ protected function send_channel_packet($client_channel, $data) $packet = Strings::packSSH2('CNs', NET_SSH2_MSG_CHANNEL_DATA, $this->server_channels[$client_channel], $temp); $this->window_size_client_to_server[$client_channel] -= strlen($temp); $this->send_binary_packet($packet); + $this->channel_buffers_write[$client_channel] .= $temp; } + unset($this->channel_buffers_write[$client_channel]); } /** * Closes and flushes a channel @@ -3865,21 +4032,19 @@ protected function send_channel_packet($client_channel, $data) * @param bool $want_reply * @return void */ - private function close_channel($client_channel, $want_reply = \false) + protected function close_channel($client_channel) { // see http://tools.ietf.org/html/rfc4254#section-5.3 - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); - if (!$want_reply) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); + if ($this->channel_status[$client_channel] != NET_SSH2_MSG_CHANNEL_EOF) { + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel])); } + $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE; $this->channelCount--; $this->curTimeout = 5; while (!is_bool($this->get_channel_packet($client_channel))) { } - if ($want_reply) { - $this->send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel])); - } + unset($this->channel_status[$client_channel]); $this->close_channel_bitmap($client_channel); } /** @@ -3908,17 +4073,19 @@ private function close_channel_bitmap($client_channel) */ protected function disconnect_helper($reason) { - if ($this->bitmap & self::MASK_CONNECTED) { + if ($this->bitmap & self::MASK_DISCONNECT) { + // Disregard subsequent disconnect requests + return \false; + } + $this->bitmap |= self::MASK_DISCONNECT; + if ($this->isConnected()) { $data = Strings::packSSH2('CNss', NET_SSH2_MSG_DISCONNECT, $reason, '', ''); try { $this->send_binary_packet($data); } catch (\Exception $e) { } } - $this->bitmap = 0; - if (is_resource($this->fsock) && get_resource_type($this->fsock) === 'stream') { - fclose($this->fsock); - } + $this->reset_connection(); return \false; } /** @@ -3976,9 +4143,12 @@ protected function format_log(array $message_log, array $message_number_log) { $output = ''; for ($i = 0; $i < count($message_log); $i++) { - $output .= $message_number_log[$i] . "\r\n"; + $output .= $message_number_log[$i]; $current_log = $message_log[$i]; $j = 0; + if (strlen($current_log)) { + $output .= "\r\n"; + } do { if (strlen($current_log)) { $output .= str_pad(dechex($j), 7, '0', \STR_PAD_LEFT) . '0 '; @@ -4207,10 +4377,27 @@ public static function getSupportedEncryptionAlgorithms() $obj->setKeyLength(preg_replace('#[^\\d]#', '', $algo)); } switch ($algo) { + // Eval engines do not exist for ChaCha20 or RC4 because they would not benefit from one. + // to benefit from an Eval engine they'd need to loop a variable amount of times, they'd + // need to do table lookups (eg. sbox subsitutions). ChaCha20 doesn't do either because + // it's a so-called ARX cipher, meaning that the only operations it does are add (A), rotate (R) + // and XOR (X). RC4 does do table lookups but being a stream cipher it works differently than + // block ciphers. with RC4 you XOR the plaintext against a keystream and the keystream changes + // as you encrypt stuff. the only table lookups are made against this keystream and thus table + // lookups are kinda unavoidable. with AES and DES, however, the table lookups that are done + // are done against substitution boxes (sboxes), which are invariant. + // OpenSSL can't be used as an engine, either, because OpenSSL doesn't support continuous buffers + // as SSH2 uses and altho you can emulate a continuous buffer with block ciphers you can't do so + // with stream ciphers. As for ChaCha20... for the ChaCha20 part OpenSSL could prob be used but + // the big slow down isn't with ChaCha20 - it's with Poly1305. SSH constructs the key for that + // differently than how OpenSSL does it (OpenSSL does it as the RFC describes, SSH doesn't). + // libsodium can't be used because it doesn't support RC4 and it doesn't construct the Poly1305 + // keys in the same way that SSH does + // mcrypt could prob be used for RC4 but mcrypt hasn't been included in PHP core for yearss case 'chacha20-poly1305@openssh.com': case 'arcfour128': case 'arcfour256': - if ($engine != 'Eval') { + if ($engine != 'PHP') { continue 2; } break; @@ -4239,17 +4426,12 @@ public static function getSupportedMACAlgorithms() return [ 'hmac-sha2-256-etm@openssh.com', 'hmac-sha2-512-etm@openssh.com', - 'umac-64-etm@openssh.com', - 'umac-128-etm@openssh.com', 'hmac-sha1-etm@openssh.com', // from : 'hmac-sha2-256', // RECOMMENDED HMAC-SHA256 (digest length = key length = 32) 'hmac-sha2-512', // OPTIONAL HMAC-SHA512 (digest length = key length = 64) - // from : - 'umac-64@openssh.com', - 'umac-128@openssh.com', 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20) 'hmac-sha1', @@ -4257,6 +4439,12 @@ public static function getSupportedMACAlgorithms() 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16) 'hmac-md5', + // OPTIONAL HMAC-MD5 (digest length = key length = 16) + 'umac-64-etm@openssh.com', + 'umac-128-etm@openssh.com', + // from : + 'umac-64@openssh.com', + 'umac-128@openssh.com', ]; } /** @@ -4312,6 +4500,27 @@ public function setTerminal($term) */ public function setPreferredAlgorithms(array $methods) { + $keys = ['client_to_server', 'server_to_client']; + if (isset($methods['kex']) && is_string($methods['kex'])) { + $methods['kex'] = explode(',', $methods['kex']); + } + if (isset($methods['hostkey']) && is_string($methods['hostkey'])) { + $methods['hostkey'] = explode(',', $methods['hostkey']); + } + foreach ($keys as $key) { + if (isset($methods[$key])) { + $a =& $methods[$key]; + if (isset($a['crypt']) && is_string($a['crypt'])) { + $a['crypt'] = explode(',', $a['crypt']); + } + if (isset($a['comp']) && is_string($a['comp'])) { + $a['comp'] = explode(',', $a['comp']); + } + if (isset($a['mac']) && is_string($a['mac'])) { + $a['mac'] = explode(',', $a['mac']); + } + } + } $preferred = $methods; if (isset($preferred['kex'])) { $preferred['kex'] = array_intersect($preferred['kex'], static::getSupportedKEXAlgorithms()); @@ -4319,7 +4528,6 @@ public function setPreferredAlgorithms(array $methods) if (isset($preferred['hostkey'])) { $preferred['hostkey'] = array_intersect($preferred['hostkey'], static::getSupportedHostKeyAlgorithms()); } - $keys = ['client_to_server', 'server_to_client']; foreach ($keys as $key) { if (isset($preferred[$key])) { $a =& $preferred[$key]; @@ -4374,7 +4582,7 @@ public function getBannerMessage() * * @return string|false * @throws \RuntimeException on badly formatted keys - * @throws \phpseclib3\Exception\NoSupportedAlgorithmsException when the key isn't in a supported format + * @throws NoSupportedAlgorithmsException when the key isn't in a supported format */ public function getServerPublicHostKey() { @@ -4591,4 +4799,13 @@ public function disableSmartMFA() { $this->smartMFA = \false; } + /** + * How many bytes until the next key re-exchange? + * + * @param int $bytes + */ + public function bytesUntilKeyReexchange($bytes) + { + $this->doKeyReexchangeAfterXBytes = $bytes; + } } diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php index 8ada9cbeb..d237e7c2e 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent.php @@ -32,6 +32,7 @@ namespace Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\System\SSH; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Common\Functions\Strings; +use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\Common\PublicKey; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\PublicKeyLoader; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Crypt\RSA; use Matomo\Dependencies\GoogleAnalyticsImporter\phpseclib3\Exception\BadConfigurationException; @@ -98,8 +99,8 @@ class Agent /** * Default Constructor * - * @return \phpseclib3\System\SSH\Agent - * @throws \phpseclib3\Exception\BadConfigurationException if SSH_AUTH_SOCK cannot be found + * @return Agent + * @throws BadConfigurationException if SSH_AUTH_SOCK cannot be found * @throws \RuntimeException on connection errors */ public function __construct($address = null) @@ -171,13 +172,29 @@ public function requestIdentities() } // resources are passed by reference by default if (isset($key)) { - $identity = (new Identity($this->fsock))->withPublicKey($key)->withPublicKeyBlob($key_blob); + $identity = (new Identity($this->fsock))->withPublicKey($key)->withPublicKeyBlob($key_blob)->withComment($comment); $identities[] = $identity; unset($key); } } return $identities; } + /** + * Returns the SSH Agent identity matching a given public key or null if no identity is found + * + * @return ?Identity + */ + public function findIdentityByPublicKey(PublicKey $key) + { + $identities = $this->requestIdentities(); + $key = (string) $key; + foreach ($identities as $identity) { + if ((string) $identity->getPublicKey() == $key) { + return $identity; + } + } + return null; + } /** * Signal that agent forwarding should * be requested when a channel is opened @@ -193,7 +210,7 @@ public function startSSHForwarding() /** * Request agent forwarding of remote server * - * @param \phpseclib3\Net\SSH2 $ssh + * @param SSH2 $ssh * @return bool */ private function request_forwarding(SSH2 $ssh) @@ -211,7 +228,7 @@ private function request_forwarding(SSH2 $ssh) * open to give the SSH Agent an opportunity * to take further action. i.e. request agent forwarding * - * @param \phpseclib3\Net\SSH2 $ssh + * @param SSH2 $ssh */ public function registerChannelOpen(SSH2 $ssh) { diff --git a/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php b/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php index df9615cf5..b443fe205 100644 --- a/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php +++ b/vendor/prefixed/phpseclib/phpseclib/phpseclib/System/SSH/Agent/Identity.php @@ -71,6 +71,12 @@ class Identity implements PrivateKey * @see self::setHash() */ private $flags = 0; + /** + * Comment + * + * @var null|string + */ + private $comment; /** * Curve Aliases * @@ -91,7 +97,7 @@ public function __construct($fsock) * * Called by \phpseclib3\System\SSH\Agent::requestIdentities() * - * @param \phpseclib3\Crypt\Common\PublicKey $key + * @param PublicKey $key */ public function withPublicKey(PublicKey $key) { @@ -123,10 +129,9 @@ public function withPublicKeyBlob($key_blob) * * Wrapper for $this->key->getPublicKey() * - * @param string $type optional * @return mixed */ - public function getPublicKey($type = 'PKCS8') + public function getPublicKey() { return $this->key; } @@ -234,7 +239,7 @@ public function getCurve() * @param string $message * @return string * @throws \RuntimeException on connection errors - * @throws \phpseclib3\Exception\UnsupportedAlgorithmException if the algorithm is unsupported + * @throws UnsupportedAlgorithmException if the algorithm is unsupported */ public function sign($message) { @@ -277,4 +282,22 @@ public function withPassword($password = \false) { throw new \RuntimeException('ssh-agent does not provide a mechanism to get the private key'); } + /** + * Sets the comment + */ + public function withComment($comment = null) + { + $new = clone $this; + $new->comment = $comment; + return $new; + } + /** + * Returns the comment + * + * @return null|string + */ + public function getComment() + { + return $this->comment; + } } diff --git a/vendor/prefixed/vendor/autoload.php b/vendor/prefixed/vendor/autoload.php index 3e3444fa9..fea009be6 100644 --- a/vendor/prefixed/vendor/autoload.php +++ b/vendor/prefixed/vendor/autoload.php @@ -4,4 +4,4 @@ require_once __DIR__ . '/composer/autoload_real.php'; -return ComposerAutoloaderInita5e6e9aa49cf2c382e2d612fb49884ba::getLoader(); +return ComposerAutoloaderInit492d6a2ce807be87c26276f742b9ba1b::getLoader(); diff --git a/vendor/prefixed/vendor/composer/LICENSE b/vendor/prefixed/vendor/composer/LICENSE index 62ecfd8d0..f27399a04 100644 --- a/vendor/prefixed/vendor/composer/LICENSE +++ b/vendor/prefixed/vendor/composer/LICENSE @@ -1,3 +1,4 @@ + Copyright (c) Nils Adermann, Jordi Boggiano Permission is hereby granted, free of charge, to any person obtaining a copy @@ -17,3 +18,4 @@ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + diff --git a/vendor/prefixed/vendor/composer/autoload_classmap.php b/vendor/prefixed/vendor/composer/autoload_classmap.php index 62dcf184c..85b5efd83 100644 --- a/vendor/prefixed/vendor/composer/autoload_classmap.php +++ b/vendor/prefixed/vendor/composer/autoload_classmap.php @@ -1971,8 +1971,10 @@ 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\FileNotFoundException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\InconsistentSetupException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\InsufficientSetupException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php', + 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\InvalidPacketLengthException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/InvalidPacketLengthException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\NoKeyLoadedException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\NoSupportedAlgorithmsException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php', + 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\TimeoutException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/TimeoutException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\UnableToConnectException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\UnsupportedAlgorithmException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\UnsupportedCurveException' => $baseDir . '/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php', @@ -2137,6 +2139,7 @@ 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Math\\Common\\FiniteField\\Integer' => $baseDir . '/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Math\\PrimeField' => $baseDir . '/phpseclib/phpseclib/phpseclib/Math/PrimeField.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Math\\PrimeField\\Integer' => $baseDir . '/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php', + 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SCP' => $baseDir . '/phpseclib/phpseclib/phpseclib/Net/SCP.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SFTP' => $baseDir . '/phpseclib/phpseclib/phpseclib/Net/SFTP.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SFTP\\Stream' => $baseDir . '/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SSH2' => $baseDir . '/phpseclib/phpseclib/phpseclib/Net/SSH2.php', diff --git a/vendor/prefixed/vendor/composer/autoload_real.php b/vendor/prefixed/vendor/composer/autoload_real.php index a6c2a5402..68ca635b8 100644 --- a/vendor/prefixed/vendor/composer/autoload_real.php +++ b/vendor/prefixed/vendor/composer/autoload_real.php @@ -2,7 +2,7 @@ // autoload_real.php @generated by Composer -class ComposerAutoloaderInita5e6e9aa49cf2c382e2d612fb49884ba +class ComposerAutoloaderInit492d6a2ce807be87c26276f742b9ba1b { private static $loader; @@ -22,15 +22,15 @@ public static function getLoader() return self::$loader; } - spl_autoload_register(array('ComposerAutoloaderInita5e6e9aa49cf2c382e2d612fb49884ba', 'loadClassLoader'), true, true); + spl_autoload_register(array('ComposerAutoloaderInit492d6a2ce807be87c26276f742b9ba1b', 'loadClassLoader'), true, true); self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__))); - spl_autoload_unregister(array('ComposerAutoloaderInita5e6e9aa49cf2c382e2d612fb49884ba', 'loadClassLoader')); + spl_autoload_unregister(array('ComposerAutoloaderInit492d6a2ce807be87c26276f742b9ba1b', 'loadClassLoader')); $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded()); if ($useStaticLoader) { require __DIR__ . '/autoload_static.php'; - call_user_func(\Composer\Autoload\ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba::getInitializer($loader)); + call_user_func(\Composer\Autoload\ComposerStaticInit492d6a2ce807be87c26276f742b9ba1b::getInitializer($loader)); } else { $map = require __DIR__ . '/autoload_namespaces.php'; foreach ($map as $namespace => $path) { @@ -51,12 +51,12 @@ public static function getLoader() $loader->register(true); if ($useStaticLoader) { - $includeFiles = Composer\Autoload\ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba::$files; + $includeFiles = Composer\Autoload\ComposerStaticInit492d6a2ce807be87c26276f742b9ba1b::$files; } else { $includeFiles = require __DIR__ . '/autoload_files.php'; } foreach ($includeFiles as $fileIdentifier => $file) { - composerRequirea5e6e9aa49cf2c382e2d612fb49884ba($fileIdentifier, $file); + composerRequire492d6a2ce807be87c26276f742b9ba1b($fileIdentifier, $file); } return $loader; @@ -68,7 +68,7 @@ public static function getLoader() * @param string $file * @return void */ -function composerRequirea5e6e9aa49cf2c382e2d612fb49884ba($fileIdentifier, $file) +function composerRequire492d6a2ce807be87c26276f742b9ba1b($fileIdentifier, $file) { if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) { $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true; diff --git a/vendor/prefixed/vendor/composer/autoload_static.php b/vendor/prefixed/vendor/composer/autoload_static.php index 957b5c937..b4217bba2 100644 --- a/vendor/prefixed/vendor/composer/autoload_static.php +++ b/vendor/prefixed/vendor/composer/autoload_static.php @@ -4,7 +4,7 @@ namespace Composer\Autoload; -class ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba +class ComposerStaticInit492d6a2ce807be87c26276f742b9ba1b { public static $files = array ( '3b866681a14a27c0c8adec54ba7f6a5c' => __DIR__ . '/../..' . '/google/apiclient/src/aliases.php', @@ -1983,8 +1983,10 @@ class ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\FileNotFoundException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/FileNotFoundException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\InconsistentSetupException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/InconsistentSetupException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\InsufficientSetupException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/InsufficientSetupException.php', + 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\InvalidPacketLengthException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/InvalidPacketLengthException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\NoKeyLoadedException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/NoKeyLoadedException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\NoSupportedAlgorithmsException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/NoSupportedAlgorithmsException.php', + 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\TimeoutException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/TimeoutException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\UnableToConnectException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/UnableToConnectException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\UnsupportedAlgorithmException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/UnsupportedAlgorithmException.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Exception\\UnsupportedCurveException' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Exception/UnsupportedCurveException.php', @@ -2149,6 +2151,7 @@ class ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Math\\Common\\FiniteField\\Integer' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Math/Common/FiniteField/Integer.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Math\\PrimeField' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Math/PrimeField.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Math\\PrimeField\\Integer' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Math/PrimeField/Integer.php', + 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SCP' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Net/SCP.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SFTP' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Net/SFTP.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SFTP\\Stream' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Net/SFTP/Stream.php', 'Matomo\\Dependencies\\GoogleAnalyticsImporter\\phpseclib3\\Net\\SSH2' => __DIR__ . '/../..' . '/phpseclib/phpseclib/phpseclib/Net/SSH2.php', @@ -2162,7 +2165,7 @@ class ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba public static function getInitializer(ClassLoader $loader) { return \Closure::bind(function () use ($loader) { - $loader->classMap = ComposerStaticInita5e6e9aa49cf2c382e2d612fb49884ba::$classMap; + $loader->classMap = ComposerStaticInit492d6a2ce807be87c26276f742b9ba1b::$classMap; }, null, ClassLoader::class); }