aboutsummaryrefslogtreecommitdiffstats
path: root/apps/files_external
diff options
context:
space:
mode:
authorsherbrecher <oss@herbrecher.de>2013-03-15 17:50:02 +0100
committersherbrecher <oss@herbrecher.de>2013-03-15 17:50:02 +0100
commitec45a8433dba8140565728500050035ddad0a20e (patch)
treefff9bf7677cf66dabdc2906f54e334c66e3d6dda /apps/files_external
parentd2b3a9fb3bfa4d434d7d797019ec0cadec392a2b (diff)
parentebb2cb340349929e5e1d8e73e0f4523756f69d73 (diff)
downloadnextcloud-server-ec45a8433dba8140565728500050035ddad0a20e.tar.gz
nextcloud-server-ec45a8433dba8140565728500050035ddad0a20e.zip
Merge remote-tracking branch 'upstream/master'
Conflicts: apps/files_external/templates/settings.php
Diffstat (limited to 'apps/files_external')
-rw-r--r--apps/files_external/3rdparty/phpseclib/AUTHORS3
-rw-r--r--apps/files_external/3rdparty/phpseclib/LICENSE21
-rw-r--r--apps/files_external/3rdparty/phpseclib/README.md16
-rw-r--r--apps/files_external/3rdparty/phpseclib/composer.json48
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/AES.php946
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/DES.php1334
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Hash.php825
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RC4.php519
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RSA.php2646
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Random.php243
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Rijndael.php1525
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/TripleDES.php1080
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/File/ANSI.php540
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/File/ASN1.php1277
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/File/X509.php4323
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Math/BigInteger.php3633
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Net/SFTP.php2029
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH1.php1577
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH2.php3009
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpseclib/openssl.cnf6
-rw-r--r--apps/files_external/3rdparty/phpseclib/phpunit.xml.dist18
-rw-r--r--apps/files_external/ajax/addMountPoint.php8
-rw-r--r--apps/files_external/ajax/addRootCertificate.php25
-rw-r--r--apps/files_external/ajax/dropbox.php17
-rw-r--r--apps/files_external/ajax/google.php29
-rw-r--r--apps/files_external/ajax/removeMountPoint.php10
-rw-r--r--apps/files_external/ajax/removeRootCertificate.php1
-rw-r--r--apps/files_external/appinfo/app.php19
-rw-r--r--apps/files_external/appinfo/info.xml2
-rw-r--r--apps/files_external/css/settings.css5
-rw-r--r--apps/files_external/img/error.pngbin0 -> 533 bytes
-rw-r--r--apps/files_external/img/success.pngbin0 -> 545 bytes
-rw-r--r--apps/files_external/img/waiting.pngbin0 -> 512 bytes
-rw-r--r--apps/files_external/js/dropbox.js70
-rw-r--r--apps/files_external/js/google.js94
-rw-r--r--apps/files_external/js/settings.js162
-rw-r--r--apps/files_external/l10n/af_ZA.php3
-rw-r--r--apps/files_external/l10n/ar.php5
-rw-r--r--apps/files_external/l10n/bg_BG.php17
-rw-r--r--apps/files_external/l10n/bn_BD.php20
-rw-r--r--apps/files_external/l10n/ca.php9
-rw-r--r--apps/files_external/l10n/cs_CZ.php11
-rw-r--r--apps/files_external/l10n/da.php7
-rw-r--r--apps/files_external/l10n/de.php9
-rw-r--r--apps/files_external/l10n/de_DE.php25
-rw-r--r--apps/files_external/l10n/el.php7
-rw-r--r--apps/files_external/l10n/eo.php5
-rw-r--r--apps/files_external/l10n/es.php9
-rw-r--r--apps/files_external/l10n/es_AR.php9
-rw-r--r--apps/files_external/l10n/et_EE.php9
-rw-r--r--apps/files_external/l10n/eu.php9
-rw-r--r--apps/files_external/l10n/fa.php11
-rw-r--r--apps/files_external/l10n/fi_FI.php8
-rw-r--r--apps/files_external/l10n/fr.php9
-rw-r--r--apps/files_external/l10n/gl.php25
-rw-r--r--apps/files_external/l10n/he.php8
-rw-r--r--apps/files_external/l10n/hi.php3
-rw-r--r--apps/files_external/l10n/hr.php5
-rw-r--r--apps/files_external/l10n/hu_HU.php25
-rw-r--r--apps/files_external/l10n/hy.php3
-rw-r--r--apps/files_external/l10n/ia.php5
-rw-r--r--apps/files_external/l10n/id.php22
-rw-r--r--apps/files_external/l10n/is.php23
-rw-r--r--apps/files_external/l10n/it.php9
-rw-r--r--apps/files_external/l10n/ja_JP.php9
-rw-r--r--apps/files_external/l10n/ka.php3
-rw-r--r--apps/files_external/l10n/ka_GE.php5
-rw-r--r--apps/files_external/l10n/ko.php23
-rw-r--r--apps/files_external/l10n/ku_IQ.php4
-rw-r--r--apps/files_external/l10n/lb.php5
-rw-r--r--apps/files_external/l10n/lt_LT.php14
-rw-r--r--apps/files_external/l10n/lv.php25
-rw-r--r--apps/files_external/l10n/mk.php23
-rw-r--r--apps/files_external/l10n/ms_MY.php5
-rw-r--r--apps/files_external/l10n/my_MM.php3
-rw-r--r--apps/files_external/l10n/nb_NO.php15
-rw-r--r--apps/files_external/l10n/nl.php11
-rw-r--r--apps/files_external/l10n/nn_NO.php5
-rw-r--r--apps/files_external/l10n/oc.php5
-rw-r--r--apps/files_external/l10n/pl.php9
-rw-r--r--apps/files_external/l10n/pt_BR.php9
-rw-r--r--apps/files_external/l10n/pt_PT.php13
-rw-r--r--apps/files_external/l10n/ro.php11
-rw-r--r--apps/files_external/l10n/ru.php13
-rw-r--r--apps/files_external/l10n/ru_RU.php7
-rw-r--r--apps/files_external/l10n/si_LK.php21
-rw-r--r--apps/files_external/l10n/sk_SK.php16
-rw-r--r--apps/files_external/l10n/sl.php19
-rw-r--r--apps/files_external/l10n/sr.php5
-rw-r--r--apps/files_external/l10n/sr@latin.php5
-rw-r--r--apps/files_external/l10n/sv.php9
-rw-r--r--apps/files_external/l10n/ta_LK.php21
-rw-r--r--apps/files_external/l10n/th_TH.php7
-rw-r--r--apps/files_external/l10n/tr.php19
-rw-r--r--apps/files_external/l10n/uk.php22
-rw-r--r--apps/files_external/l10n/ur_PK.php3
-rw-r--r--apps/files_external/l10n/vi.php11
-rw-r--r--apps/files_external/l10n/zh_CN.GB2312.php5
-rw-r--r--apps/files_external/l10n/zh_CN.php23
-rw-r--r--apps/files_external/l10n/zh_HK.php5
-rw-r--r--apps/files_external/l10n/zh_TW.php10
-rw-r--r--apps/files_external/lib/amazons3.php113
-rwxr-xr-xapps/files_external/lib/config.php288
-rwxr-xr-xapps/files_external/lib/dropbox.php98
-rw-r--r--apps/files_external/lib/ftp.php72
-rw-r--r--apps/files_external/lib/google.php204
-rw-r--r--apps/files_external/lib/sftp.php288
-rw-r--r--apps/files_external/lib/smb.php75
-rw-r--r--apps/files_external/lib/streamwrapper.php65
-rw-r--r--apps/files_external/lib/swift.php313
-rw-r--r--apps/files_external/lib/webdav.php226
-rwxr-xr-xapps/files_external/personal.php5
-rw-r--r--apps/files_external/settings.php5
-rw-r--r--apps/files_external/templates/settings.php160
-rw-r--r--apps/files_external/tests/amazons3.php11
-rw-r--r--apps/files_external/tests/config.php7
-rw-r--r--apps/files_external/tests/dropbox.php8
-rw-r--r--apps/files_external/tests/ftp.php32
-rw-r--r--apps/files_external/tests/google.php7
-rw-r--r--apps/files_external/tests/sftp.php43
-rw-r--r--apps/files_external/tests/smb.php11
-rw-r--r--apps/files_external/tests/swift.php8
-rw-r--r--apps/files_external/tests/webdav.php9
123 files changed, 27942 insertions, 894 deletions
diff --git a/apps/files_external/3rdparty/phpseclib/AUTHORS b/apps/files_external/3rdparty/phpseclib/AUTHORS
new file mode 100644
index 00000000000..7bae8ab94e1
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/AUTHORS
@@ -0,0 +1,3 @@
+phpseclib Lead Developer: TerraFrost (Jim Wigginton)
+
+phpseclib Developers: monnerat (Patrick Monnerat) \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/LICENSE b/apps/files_external/3rdparty/phpseclib/LICENSE
new file mode 100644
index 00000000000..6ecd9b9bec1
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/LICENSE
@@ -0,0 +1,21 @@
+Copyright 2007-2012 TerraFrost and other contributors
+http://phpseclib.sourceforge.net/
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/README.md b/apps/files_external/3rdparty/phpseclib/README.md
new file mode 100644
index 00000000000..fbd58bd82b1
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/README.md
@@ -0,0 +1,16 @@
+# phpseclib - PHP Secure Communications Library
+
+[![Build Status](https://secure.travis-ci.org/phpseclib/phpseclib.png?branch=master)](http://travis-ci.org/phpseclib/phpseclib)
+
+MIT-licensed pure-PHP implementations of an arbitrary-precision integer
+arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4, Rijndael,
+AES, SSH-1, SSH-2, SFTP, and X.509
+
+* [Download (0.3.1)](http://sourceforge.net/projects/phpseclib/files/phpseclib0.3.1.zip/download)
+* [Browse Git](https://github.com/phpseclib/phpseclib)
+* [Documentation](http://phpseclib.sourceforge.net/)
+* [Support](http://www.frostjedi.com/phpbb/viewforum.php?f=46)
+* [Code Coverage Report](http://phpseclib.bantux.org/code_coverage/latest/)
+
+<img src="http://phpseclib.sourceforge.net/pear-icon.png" alt="PEAR Channel" width="16" height="16">
+PEAR Channel: [phpseclib.sourceforge.net](http://phpseclib.sourceforge.net/pear.htm)
diff --git a/apps/files_external/3rdparty/phpseclib/composer.json b/apps/files_external/3rdparty/phpseclib/composer.json
new file mode 100644
index 00000000000..11008cd81d1
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/composer.json
@@ -0,0 +1,48 @@
+{
+ "name": "phpseclib/phpseclib",
+ "type": "library",
+ "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.",
+ "keywords": [
+ "security",
+ "crypto",
+ "cryptography",
+ "encryption",
+ "signature",
+ "signing",
+ "rsa",
+ "aes",
+ "ssh",
+ "sftp",
+ "x509",
+ "x.509",
+ "asn1",
+ "asn.1",
+ "BigInteger"
+ ],
+ "homepage": "http://phpseclib.sourceforge.net",
+ "license": "MIT",
+ "authors": [
+ {
+ "name": "Jim Wigginton",
+ "email": "terrafrost@php.net",
+ "role": "Developer"
+ }
+ ],
+ "require": {
+ "php": ">=5.0.0"
+ },
+ "suggest": {
+ "ext-mcrypt": "Install the Mcrypt extension in order to speed up a wide variety of cryptographic operations.",
+ "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.",
+ "pear-pear/PHP_Compat": "Install PHP_Compat to get phpseclib working on PHP >= 4.3.3."
+ },
+ "include-path": ["phpseclib/"],
+ "autoload": {
+ "psr-0": {
+ "Crypt": "phpseclib/",
+ "File": "phpseclib/",
+ "Math": "phpseclib/",
+ "Net": "phpseclib/"
+ }
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/AES.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/AES.php
new file mode 100644
index 00000000000..bc05adf67a7
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/AES.php
@@ -0,0 +1,946 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of AES.
+ *
+ * Uses mcrypt, if available, and an internal implementation, otherwise.
+ *
+ * PHP versions 4 and 5
+ *
+ * If {@link Crypt_AES::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
+ * {@link Crypt_AES::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's 136-bits
+ * it'll be null-padded to 160-bits and 160 bits will be the key length until {@link Crypt_Rijndael::setKey() setKey()}
+ * is called, again, at which point, it'll be recalculated.
+ *
+ * Since Crypt_AES extends Crypt_Rijndael, some functions are available to be called that, in the context of AES, don't
+ * make a whole lot of sense. {@link Crypt_AES::setBlockLength() setBlockLength()}, for instance. Calling that function,
+ * however possible, won't do anything (AES has a fixed block length whereas Rijndael has a variable one).
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/AES.php');
+ *
+ * $aes = new Crypt_AES();
+ *
+ * $aes->setKey('abcdefghijklmnop');
+ *
+ * $size = 10 * 1024;
+ * $plaintext = '';
+ * for ($i = 0; $i < $size; $i++) {
+ * $plaintext.= 'a';
+ * }
+ *
+ * echo $aes->decrypt($aes->encrypt($plaintext));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_AES
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVIII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: AES.php,v 1.7 2010/02/09 06:10:25 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Crypt_Rijndael
+ */
+if (!class_exists('Crypt_Rijndael')) {
+ require_once 'Rijndael.php';
+}
+
+/**#@+
+ * @access public
+ * @see Crypt_AES::encrypt()
+ * @see Crypt_AES::decrypt()
+ */
+/**
+ * Encrypt / decrypt using the Counter mode.
+ *
+ * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
+ */
+define('CRYPT_AES_MODE_CTR', -1);
+/**
+ * Encrypt / decrypt using the Electronic Code Book mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
+ */
+define('CRYPT_AES_MODE_ECB', 1);
+/**
+ * Encrypt / decrypt using the Code Book Chaining mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
+ */
+define('CRYPT_AES_MODE_CBC', 2);
+/**
+ * Encrypt / decrypt using the Cipher Feedback mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
+ */
+define('CRYPT_AES_MODE_CFB', 3);
+/**
+ * Encrypt / decrypt using the Cipher Feedback mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
+ */
+define('CRYPT_AES_MODE_OFB', 4);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Crypt_AES::Crypt_AES()
+ */
+/**
+ * Toggles the internal implementation
+ */
+define('CRYPT_AES_MODE_INTERNAL', 1);
+/**
+ * Toggles the mcrypt implementation
+ */
+define('CRYPT_AES_MODE_MCRYPT', 2);
+/**#@-*/
+
+/**
+ * Pure-PHP implementation of AES.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_AES
+ */
+class Crypt_AES extends Crypt_Rijndael {
+ /**
+ * mcrypt resource for encryption
+ *
+ * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
+ * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
+ *
+ * @see Crypt_AES::encrypt()
+ * @var String
+ * @access private
+ */
+ var $enmcrypt;
+
+ /**
+ * mcrypt resource for decryption
+ *
+ * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
+ * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
+ *
+ * @see Crypt_AES::decrypt()
+ * @var String
+ * @access private
+ */
+ var $demcrypt;
+
+ /**
+ * mcrypt resource for CFB mode
+ *
+ * @see Crypt_AES::encrypt()
+ * @see Crypt_AES::decrypt()
+ * @var String
+ * @access private
+ */
+ var $ecb;
+
+ /**
+ * The SubByte S-Box
+ *
+ * @see Crypt_AES::_encryptBlock()
+ * @var Array
+ * @access intern
+ */
+ var $sbox = array(
+ 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
+ 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
+ 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
+ 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
+ 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
+ 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
+ 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
+ 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
+ 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
+ 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
+ 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
+ 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
+ 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
+ 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
+ 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
+ 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
+ );
+
+ /**
+ * The inverse SubByte S-Box
+ *
+ * @see Crypt_AES::_decryptBlock()
+ * @var Array
+ * @access intern
+ */
+ var $isbox = array(
+ 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
+ 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
+ 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
+ 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
+ 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
+ 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
+ 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
+ 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
+ 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
+ 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
+ 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
+ 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
+ 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
+ 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
+ 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
+ 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
+ );
+
+ /**
+ * Default Constructor.
+ *
+ * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
+ * CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC. If not explictly set, CRYPT_AES_MODE_CBC will be used.
+ *
+ * @param optional Integer $mode
+ * @return Crypt_AES
+ * @access public
+ */
+ function Crypt_AES($mode = CRYPT_AES_MODE_CBC)
+ {
+ if ( !defined('CRYPT_AES_MODE') ) {
+ switch (true) {
+ case extension_loaded('mcrypt') && in_array('rijndael-128', mcrypt_list_algorithms()):
+ define('CRYPT_AES_MODE', CRYPT_AES_MODE_MCRYPT);
+ break;
+ default:
+ define('CRYPT_AES_MODE', CRYPT_AES_MODE_INTERNAL);
+ }
+ }
+
+ switch ( CRYPT_AES_MODE ) {
+ case CRYPT_AES_MODE_MCRYPT:
+ switch ($mode) {
+ case CRYPT_AES_MODE_ECB:
+ $this->paddable = true;
+ $this->mode = MCRYPT_MODE_ECB;
+ break;
+ case CRYPT_AES_MODE_CTR:
+ // ctr doesn't have a constant associated with it even though it appears to be fairly widely
+ // supported. in lieu of knowing just how widely supported it is, i've, for now, opted not to
+ // include a compatibility layer. the layer has been implemented but, for now, is commented out.
+ $this->mode = 'ctr';
+ //$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_AES_MODE_CTR;
+ break;
+ case CRYPT_AES_MODE_CFB:
+ $this->mode = 'ncfb';
+ break;
+ case CRYPT_AES_MODE_OFB:
+ $this->mode = MCRYPT_MODE_NOFB;
+ break;
+ case CRYPT_AES_MODE_CBC:
+ default:
+ $this->paddable = true;
+ $this->mode = MCRYPT_MODE_CBC;
+ }
+
+ break;
+ default:
+ switch ($mode) {
+ case CRYPT_AES_MODE_ECB:
+ $this->paddable = true;
+ $this->mode = CRYPT_RIJNDAEL_MODE_ECB;
+ break;
+ case CRYPT_AES_MODE_CTR:
+ $this->mode = CRYPT_RIJNDAEL_MODE_CTR;
+ break;
+ case CRYPT_AES_MODE_CFB:
+ $this->mode = CRYPT_RIJNDAEL_MODE_CFB;
+ break;
+ case CRYPT_AES_MODE_OFB:
+ $this->mode = CRYPT_RIJNDAEL_MODE_OFB;
+ break;
+ case CRYPT_AES_MODE_CBC:
+ default:
+ $this->paddable = true;
+ $this->mode = CRYPT_RIJNDAEL_MODE_CBC;
+ }
+ }
+
+ if (CRYPT_AES_MODE == CRYPT_AES_MODE_INTERNAL) {
+ parent::Crypt_Rijndael($this->mode);
+ }
+ }
+
+ /**
+ * Extended Crypt_Rijndael::_setup()
+ *
+ * Optimizing the key schedule arrays ($w, $dw) for _encryptBlock() and _decryptBlock() after Crypt_Rijndael::_setup()
+ *
+ * @see Crypt_Rijndael::_setup()
+ * @access private
+ */
+ function _setup()
+ {
+ if (!$this->changed) {
+ return;
+ }
+
+ $this->w = $this->dw = array();
+ parent::_setup();
+
+ $this->dw = array_reverse($this->dw);
+ $w = array_pop($this->w);
+ $dw = array_pop($this->dw);
+ foreach ($this->w as $r => $wr) {
+ foreach ($wr as $c => $wc) {
+ $w[] = $wc;
+ $dw[] = $this->dw[$r][$c];
+ }
+ }
+ $this->w = $w;
+ $this->dw = $dw;
+ }
+
+ /**
+ * Dummy function
+ *
+ * Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.
+ *
+ * @access public
+ * @param Integer $length
+ */
+ function setBlockLength($length)
+ {
+ return;
+ }
+
+ /**
+ * Sets the initialization vector. (optional)
+ *
+ * SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed
+ * to be all zero's.
+ *
+ * @access public
+ * @param String $iv
+ */
+ function setIV($iv)
+ {
+ parent::setIV($iv);
+ if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
+ $this->changed = true;
+ }
+ }
+
+ /**
+ * Encrypts a message.
+ *
+ * $plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the
+ * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following
+ * URL:
+ *
+ * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
+ *
+ * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
+ * strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that
+ * length.
+ *
+ * @see Crypt_AES::decrypt()
+ * @access public
+ * @param String $plaintext
+ */
+ function encrypt($plaintext)
+ {
+ if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
+ $this->_mcryptSetup();
+
+ // re: http://phpseclib.sourceforge.net/cfb-demo.phps
+ // using mcrypt's default handing of CFB the above would output two different things. using phpseclib's
+ // rewritten CFB implementation the above outputs the same thing twice.
+ if ($this->mode == 'ncfb' && $this->continuousBuffer) {
+ $iv = &$this->encryptIV;
+ $pos = &$this->enbuffer['pos'];
+ $len = strlen($plaintext);
+ $ciphertext = '';
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 16 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $ciphertext = substr($iv, $orig_pos) ^ $plaintext;
+ $iv = substr_replace($iv, $ciphertext, $orig_pos, $i);
+ $this->enbuffer['enmcrypt_init'] = true;
+ }
+ if ($len >= 16) {
+ if ($this->enbuffer['enmcrypt_init'] === false || $len > 280) {
+ if ($this->enbuffer['enmcrypt_init'] === true) {
+ mcrypt_generic_init($this->enmcrypt, $this->key, $iv);
+ $this->enbuffer['enmcrypt_init'] = false;
+ }
+ $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 16));
+ $iv = substr($ciphertext, -16);
+ $len%= 16;
+ } else {
+ while ($len >= 16) {
+ $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 16);
+ $ciphertext.= $iv;
+ $len-= 16;
+ $i+= 16;
+ }
+ }
+ }
+
+ if ($len) {
+ $iv = mcrypt_generic($this->ecb, $iv);
+ $block = $iv ^ substr($plaintext, -$len);
+ $iv = substr_replace($iv, $block, 0, $len);
+ $ciphertext.= $block;
+ $pos = $len;
+ }
+
+ return $ciphertext;
+ }
+
+ if ($this->paddable) {
+ $plaintext = $this->_pad($plaintext);
+ }
+
+ $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
+ }
+
+ return $ciphertext;
+ }
+
+ return parent::encrypt($plaintext);
+ }
+
+ /**
+ * Decrypts a message.
+ *
+ * If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.
+ *
+ * @see Crypt_AES::encrypt()
+ * @access public
+ * @param String $ciphertext
+ */
+ function decrypt($ciphertext)
+ {
+ if ( CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT ) {
+ $this->_mcryptSetup();
+
+ if ($this->mode == 'ncfb' && $this->continuousBuffer) {
+ $iv = &$this->decryptIV;
+ $pos = &$this->debuffer['pos'];
+ $len = strlen($ciphertext);
+ $plaintext = '';
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 16 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize
+ $plaintext = substr($iv, $orig_pos) ^ $ciphertext;
+ $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i);
+ }
+ if ($len >= 16) {
+ $cb = substr($ciphertext, $i, $len - $len % 16);
+ $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
+ $iv = substr($cb, -16);
+ $len%= 16;
+ }
+ if ($len) {
+ $iv = mcrypt_generic($this->ecb, $iv);
+ $plaintext.= $iv ^ substr($ciphertext, -$len);
+ $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len);
+ $pos = $len;
+ }
+
+ return $plaintext;
+ }
+
+ if ($this->paddable) {
+ // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
+ // "The data is padded with "\0" to make sure the length of the data is n * blocksize."
+ $ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 15) & 0xFFFFFFF0, chr(0));
+ }
+
+ $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
+ }
+
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ return parent::decrypt($ciphertext);
+ }
+
+ /**
+ * Setup mcrypt
+ *
+ * Validates all the variables.
+ *
+ * @access private
+ */
+ function _mcryptSetup()
+ {
+ if (!$this->changed) {
+ return;
+ }
+
+ if (!$this->explicit_key_length) {
+ // this just copied from Crypt_Rijndael::_setup()
+ $length = strlen($this->key) >> 2;
+ if ($length > 8) {
+ $length = 8;
+ } else if ($length < 4) {
+ $length = 4;
+ }
+ $this->Nk = $length;
+ $this->key_size = $length << 2;
+ }
+
+ switch ($this->Nk) {
+ case 4: // 128
+ $this->key_size = 16;
+ break;
+ case 5: // 160
+ case 6: // 192
+ $this->key_size = 24;
+ break;
+ case 7: // 224
+ case 8: // 256
+ $this->key_size = 32;
+ }
+
+ $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0));
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, 16), 16, chr(0));
+
+ if (!isset($this->enmcrypt)) {
+ $mode = $this->mode;
+ //$mode = $this->mode == CRYPT_AES_MODE_CTR ? MCRYPT_MODE_ECB : $this->mode;
+
+ $this->demcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
+ $this->enmcrypt = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', $mode, '');
+
+ if ($mode == 'ncfb') {
+ $this->ecb = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
+ }
+
+ } // else should mcrypt_generic_deinit be called?
+
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
+
+ if ($this->mode == 'ncfb') {
+ mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
+ }
+
+ $this->changed = false;
+ }
+
+ /**
+ * Encrypts a block
+ *
+ * Optimized over Crypt_Rijndael's implementation by means of loop unrolling.
+ *
+ * @see Crypt_Rijndael::_encryptBlock()
+ * @access private
+ * @param String $in
+ * @return String
+ */
+ function _encryptBlock($in)
+ {
+ $state = unpack('N*', $in);
+
+ $sbox = $this->sbox;
+ $w = $this->w;
+ $t0 = $this->t0;
+ $t1 = $this->t1;
+ $t2 = $this->t2;
+ $t3 = $this->t3;
+
+ // addRoundKey
+ $s0 = $state[1] ^ $w[4];
+ $s1 = $state[2] ^ $w[5];
+ $s2 = $state[3] ^ $w[6];
+ $s3 = $state[4] ^ $w[7];
+
+ // shiftRows + subWord + mixColumns + addRoundKey
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[8];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[9];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[10];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[11];
+
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[12];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[13];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[14];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[15];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[16];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[17];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[18];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[19];
+
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[20];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[21];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[22];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[23];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[24];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[25];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[26];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[27];
+
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[28];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[29];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[30];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[31];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[32];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[33];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[34];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[35];
+
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[36];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[37];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[38];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[39];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[40];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[41];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[42];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[43];
+
+ switch ($this->Nr) {
+ case 10:
+ break;
+
+ case 14:
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[44];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[45];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[46];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[47];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[48];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[49];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[50];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[51];
+
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[52];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[53];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[54];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[55];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[56];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[57];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[58];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[59];
+ break;
+
+ case 12:
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[44];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[45];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[46];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[47];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[48];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[49];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[50];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[51];
+ break;
+
+ case 13:
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[44];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[45];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[46];
+ $s3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[47];
+
+ $e0 = $t0[($s0 >> 24) & 0xff] ^ $t1[($s1 >> 16) & 0xff] ^ $t2[($s2 >> 8) & 0xff] ^ $t3[$s3 & 0xff] ^ $w[48];
+ $e1 = $t0[($s1 >> 24) & 0xff] ^ $t1[($s2 >> 16) & 0xff] ^ $t2[($s3 >> 8) & 0xff] ^ $t3[$s0 & 0xff] ^ $w[49];
+ $e2 = $t0[($s2 >> 24) & 0xff] ^ $t1[($s3 >> 16) & 0xff] ^ $t2[($s0 >> 8) & 0xff] ^ $t3[$s1 & 0xff] ^ $w[50];
+ $e3 = $t0[($s3 >> 24) & 0xff] ^ $t1[($s0 >> 16) & 0xff] ^ $t2[($s1 >> 8) & 0xff] ^ $t3[$s2 & 0xff] ^ $w[51];
+
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[52];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[53];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[54];
+ $e3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[55];
+ // Note: Here we skip $s3 but using $e3
+
+ $e0 = $s0;
+ $e1 = $s1;
+ $e2 = $s2;
+ // $e3 = $s3;
+ break;
+
+ default: // 11
+ $s0 = $t0[($e0 >> 24) & 0xff] ^ $t1[($e1 >> 16) & 0xff] ^ $t2[($e2 >> 8) & 0xff] ^ $t3[$e3 & 0xff] ^ $w[44];
+ $s1 = $t0[($e1 >> 24) & 0xff] ^ $t1[($e2 >> 16) & 0xff] ^ $t2[($e3 >> 8) & 0xff] ^ $t3[$e0 & 0xff] ^ $w[45];
+ $s2 = $t0[($e2 >> 24) & 0xff] ^ $t1[($e3 >> 16) & 0xff] ^ $t2[($e0 >> 8) & 0xff] ^ $t3[$e1 & 0xff] ^ $w[46];
+ $e3 = $t0[($e3 >> 24) & 0xff] ^ $t1[($e0 >> 16) & 0xff] ^ $t2[($e1 >> 8) & 0xff] ^ $t3[$e2 & 0xff] ^ $w[47];
+ // Note: Here we skip $s3 but using $e3
+
+ $e0 = $s0;
+ $e1 = $s1;
+ $e2 = $s2;
+ // $e3 = $s3;
+ }
+
+ // subWord
+ $e0 = $sbox[$e0 & 0xff] | ($sbox[($e0 >> 8) & 0xff] << 8) | ($sbox[($e0 >> 16) & 0xff] << 16) | ($sbox[($e0 >> 24) & 0xff] << 24);
+ $e1 = $sbox[$e1 & 0xff] | ($sbox[($e1 >> 8) & 0xff] << 8) | ($sbox[($e1 >> 16) & 0xff] << 16) | ($sbox[($e1 >> 24) & 0xff] << 24);
+ $e2 = $sbox[$e2 & 0xff] | ($sbox[($e2 >> 8) & 0xff] << 8) | ($sbox[($e2 >> 16) & 0xff] << 16) | ($sbox[($e2 >> 24) & 0xff] << 24);
+ $e3 = $sbox[$e3 & 0xff] | ($sbox[($e3 >> 8) & 0xff] << 8) | ($sbox[($e3 >> 16) & 0xff] << 16) | ($sbox[($e3 >> 24) & 0xff] << 24);
+
+ // shiftRows + addRoundKey
+ return pack('N*',
+ ($e0 & 0xFF000000) ^ ($e1 & 0x00FF0000) ^ ($e2 & 0x0000FF00) ^ ($e3 & 0x000000FF) ^ $w[0],
+ ($e1 & 0xFF000000) ^ ($e2 & 0x00FF0000) ^ ($e3 & 0x0000FF00) ^ ($e0 & 0x000000FF) ^ $w[1],
+ ($e2 & 0xFF000000) ^ ($e3 & 0x00FF0000) ^ ($e0 & 0x0000FF00) ^ ($e1 & 0x000000FF) ^ $w[2],
+ ($e3 & 0xFF000000) ^ ($e0 & 0x00FF0000) ^ ($e1 & 0x0000FF00) ^ ($e2 & 0x000000FF) ^ $w[3]
+ );
+ }
+
+ /**
+ * Decrypts a block
+ *
+ * Optimized over Crypt_Rijndael's implementation by means of loop unrolling.
+ *
+ * @see Crypt_Rijndael::_decryptBlock()
+ * @access private
+ * @param String $in
+ * @return String
+ */
+ function _decryptBlock($in)
+ {
+ $state = unpack('N*', $in);
+
+ $sbox = $this->isbox;
+ $dw = $this->dw;
+ $dt0 = $this->dt0;
+ $dt1 = $this->dt1;
+ $dt2 = $this->dt2;
+ $dt3 = $this->dt3;
+
+ // addRoundKey
+ $s0 = $state[1] ^ $dw[4];
+ $s1 = $state[2] ^ $dw[5];
+ $s2 = $state[3] ^ $dw[6];
+ $s3 = $state[4] ^ $dw[7];
+
+ // invShiftRows + invSubBytes + invMixColumns + addRoundKey
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[8];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[9];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[10];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[11];
+
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[12];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[13];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[14];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[15];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[16];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[17];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[18];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[19];
+
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[20];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[21];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[22];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[23];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[24];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[25];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[26];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[27];
+
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[28];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[29];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[30];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[31];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[32];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[33];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[34];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[35];
+
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[36];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[37];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[38];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[39];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[40];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[41];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[42];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[43];
+
+ switch ($this->Nr) {
+ case 10:
+ break;
+
+ case 14:
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[44];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[45];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[46];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[47];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[48];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[49];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[50];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[51];
+
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[52];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[53];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[54];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[55];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[56];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[57];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[58];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[59];
+ break;
+
+ case 12:
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[44];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[45];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[46];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[47];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[48];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[49];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[50];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[51];
+ break;
+
+ case 13:
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[44];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[45];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[46];
+ $s3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[47];
+
+ $e0 = $dt0[($s0 >> 24) & 0xff] ^ $dt1[($s3 >> 16) & 0xff] ^ $dt2[($s2 >> 8) & 0xff] ^ $dt3[$s1 & 0xff] ^ $dw[48];
+ $e1 = $dt0[($s1 >> 24) & 0xff] ^ $dt1[($s0 >> 16) & 0xff] ^ $dt2[($s3 >> 8) & 0xff] ^ $dt3[$s2 & 0xff] ^ $dw[49];
+ $e2 = $dt0[($s2 >> 24) & 0xff] ^ $dt1[($s1 >> 16) & 0xff] ^ $dt2[($s0 >> 8) & 0xff] ^ $dt3[$s3 & 0xff] ^ $dw[50];
+ $e3 = $dt0[($s3 >> 24) & 0xff] ^ $dt1[($s2 >> 16) & 0xff] ^ $dt2[($s1 >> 8) & 0xff] ^ $dt3[$s0 & 0xff] ^ $dw[51];
+
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[52];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[53];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[54];
+ $e3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[55];
+ // Note: Here we skip $s3 but using $e3
+
+ $e0 = $s0;
+ $e1 = $s1;
+ $e2 = $s2;
+ // $e3 = $s3;
+ break;
+
+ default: // 11
+ $s0 = $dt0[($e0 >> 24) & 0xff] ^ $dt1[($e3 >> 16) & 0xff] ^ $dt2[($e2 >> 8) & 0xff] ^ $dt3[$e1 & 0xff] ^ $dw[44];
+ $s1 = $dt0[($e1 >> 24) & 0xff] ^ $dt1[($e0 >> 16) & 0xff] ^ $dt2[($e3 >> 8) & 0xff] ^ $dt3[$e2 & 0xff] ^ $dw[45];
+ $s2 = $dt0[($e2 >> 24) & 0xff] ^ $dt1[($e1 >> 16) & 0xff] ^ $dt2[($e0 >> 8) & 0xff] ^ $dt3[$e3 & 0xff] ^ $dw[46];
+ $e3 = $dt0[($e3 >> 24) & 0xff] ^ $dt1[($e2 >> 16) & 0xff] ^ $dt2[($e1 >> 8) & 0xff] ^ $dt3[$e0 & 0xff] ^ $dw[47];
+ // Note: Here we skip $s3 but using $e3
+
+ $e0 = $s0;
+ $e1 = $s1;
+ $e2 = $s2;
+ // $e3 = $s3;
+ }
+
+ // invSubWord
+ $e0 = $sbox[$e0 & 0xff] | ($sbox[($e0 >> 8) & 0xff] << 8) | ($sbox[($e0 >> 16) & 0xff] << 16) | ($sbox[($e0 >> 24) & 0xff] << 24);
+ $e1 = $sbox[$e1 & 0xff] | ($sbox[($e1 >> 8) & 0xff] << 8) | ($sbox[($e1 >> 16) & 0xff] << 16) | ($sbox[($e1 >> 24) & 0xff] << 24);
+ $e2 = $sbox[$e2 & 0xff] | ($sbox[($e2 >> 8) & 0xff] << 8) | ($sbox[($e2 >> 16) & 0xff] << 16) | ($sbox[($e2 >> 24) & 0xff] << 24);
+ $e3 = $sbox[$e3 & 0xff] | ($sbox[($e3 >> 8) & 0xff] << 8) | ($sbox[($e3 >> 16) & 0xff] << 16) | ($sbox[($e3 >> 24) & 0xff] << 24);
+
+ // invShiftRows + addRoundKey
+ return pack('N*',
+ ($e0 & 0xFF000000) ^ ($e3 & 0x00FF0000) ^ ($e2 & 0x0000FF00) ^ ($e1 & 0x000000FF) ^ $dw[0],
+ ($e1 & 0xFF000000) ^ ($e0 & 0x00FF0000) ^ ($e3 & 0x0000FF00) ^ ($e2 & 0x000000FF) ^ $dw[1],
+ ($e2 & 0xFF000000) ^ ($e1 & 0x00FF0000) ^ ($e0 & 0x0000FF00) ^ ($e3 & 0x000000FF) ^ $dw[2],
+ ($e3 & 0xFF000000) ^ ($e2 & 0x00FF0000) ^ ($e1 & 0x0000FF00) ^ ($e0 & 0x000000FF) ^ $dw[3]
+ );
+ }
+
+ /**
+ * Treat consecutive "packets" as if they are a continuous buffer.
+ *
+ * The default behavior.
+ *
+ * @see Crypt_Rijndael::disableContinuousBuffer()
+ * @access public
+ */
+ function enableContinuousBuffer()
+ {
+ parent::enableContinuousBuffer();
+
+ if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) {
+ $this->enbuffer['enmcrypt_init'] = true;
+ $this->debuffer['demcrypt_init'] = true;
+ }
+ }
+
+ /**
+ * Treat consecutive packets as if they are a discontinuous buffer.
+ *
+ * The default behavior.
+ *
+ * @see Crypt_Rijndael::enableContinuousBuffer()
+ * @access public
+ */
+ function disableContinuousBuffer()
+ {
+ parent::disableContinuousBuffer();
+
+ if (CRYPT_AES_MODE == CRYPT_AES_MODE_MCRYPT) {
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->iv);
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->iv);
+ }
+ }
+}
+
+// vim: ts=4:sw=4:et:
+// vim6: fdl=1:
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/DES.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/DES.php
new file mode 100644
index 00000000000..1197a50ab72
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/DES.php
@@ -0,0 +1,1334 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of DES.
+ *
+ * Uses mcrypt, if available, and an internal implementation, otherwise.
+ *
+ * PHP versions 4 and 5
+ *
+ * Useful resources are as follows:
+ *
+ * - {@link http://en.wikipedia.org/wiki/DES_supplementary_material Wikipedia: DES supplementary material}
+ * - {@link http://www.itl.nist.gov/fipspubs/fip46-2.htm FIPS 46-2 - (DES), Data Encryption Standard}
+ * - {@link http://www.cs.eku.edu/faculty/styer/460/Encrypt/JS-DES.html JavaScript DES Example}
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/DES.php');
+ *
+ * $des = new Crypt_DES();
+ *
+ * $des->setKey('abcdefgh');
+ *
+ * $size = 10 * 1024;
+ * $plaintext = '';
+ * for ($i = 0; $i < $size; $i++) {
+ * $plaintext.= 'a';
+ * }
+ *
+ * echo $des->decrypt($des->encrypt($plaintext));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_DES
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: DES.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**#@+
+ * @access private
+ * @see Crypt_DES::_prepareKey()
+ * @see Crypt_DES::_processBlock()
+ */
+/**
+ * Contains array_reverse($keys[CRYPT_DES_DECRYPT])
+ */
+define('CRYPT_DES_ENCRYPT', 0);
+/**
+ * Contains array_reverse($keys[CRYPT_DES_ENCRYPT])
+ */
+define('CRYPT_DES_DECRYPT', 1);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Crypt_DES::encrypt()
+ * @see Crypt_DES::decrypt()
+ */
+/**
+ * Encrypt / decrypt using the Counter mode.
+ *
+ * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
+ */
+define('CRYPT_DES_MODE_CTR', -1);
+/**
+ * Encrypt / decrypt using the Electronic Code Book mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
+ */
+define('CRYPT_DES_MODE_ECB', 1);
+/**
+ * Encrypt / decrypt using the Code Book Chaining mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
+ */
+define('CRYPT_DES_MODE_CBC', 2);
+/**
+ * Encrypt / decrypt using the Cipher Feedback mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
+ */
+define('CRYPT_DES_MODE_CFB', 3);
+/**
+ * Encrypt / decrypt using the Cipher Feedback mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
+ */
+define('CRYPT_DES_MODE_OFB', 4);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Crypt_DES::Crypt_DES()
+ */
+/**
+ * Toggles the internal implementation
+ */
+define('CRYPT_DES_MODE_INTERNAL', 1);
+/**
+ * Toggles the mcrypt implementation
+ */
+define('CRYPT_DES_MODE_MCRYPT', 2);
+/**#@-*/
+
+/**
+ * Pure-PHP implementation of DES.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_DES
+ */
+class Crypt_DES {
+ /**
+ * The Key Schedule
+ *
+ * @see Crypt_DES::setKey()
+ * @var Array
+ * @access private
+ */
+ var $keys = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * The Encryption Mode
+ *
+ * @see Crypt_DES::Crypt_DES()
+ * @var Integer
+ * @access private
+ */
+ var $mode;
+
+ /**
+ * Continuous Buffer status
+ *
+ * @see Crypt_DES::enableContinuousBuffer()
+ * @var Boolean
+ * @access private
+ */
+ var $continuousBuffer = false;
+
+ /**
+ * Padding status
+ *
+ * @see Crypt_DES::enablePadding()
+ * @var Boolean
+ * @access private
+ */
+ var $padding = true;
+
+ /**
+ * The Initialization Vector
+ *
+ * @see Crypt_DES::setIV()
+ * @var String
+ * @access private
+ */
+ var $iv = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * A "sliding" Initialization Vector
+ *
+ * @see Crypt_DES::enableContinuousBuffer()
+ * @var String
+ * @access private
+ */
+ var $encryptIV = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * A "sliding" Initialization Vector
+ *
+ * @see Crypt_DES::enableContinuousBuffer()
+ * @var String
+ * @access private
+ */
+ var $decryptIV = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * mcrypt resource for encryption
+ *
+ * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
+ * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
+ *
+ * @see Crypt_DES::encrypt()
+ * @var String
+ * @access private
+ */
+ var $enmcrypt;
+
+ /**
+ * mcrypt resource for decryption
+ *
+ * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
+ * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
+ *
+ * @see Crypt_DES::decrypt()
+ * @var String
+ * @access private
+ */
+ var $demcrypt;
+
+ /**
+ * Does the enmcrypt resource need to be (re)initialized?
+ *
+ * @see Crypt_DES::setKey()
+ * @see Crypt_DES::setIV()
+ * @var Boolean
+ * @access private
+ */
+ var $enchanged = true;
+
+ /**
+ * Does the demcrypt resource need to be (re)initialized?
+ *
+ * @see Crypt_DES::setKey()
+ * @see Crypt_DES::setIV()
+ * @var Boolean
+ * @access private
+ */
+ var $dechanged = true;
+
+ /**
+ * Is the mode one that is paddable?
+ *
+ * @see Crypt_DES::Crypt_DES()
+ * @var Boolean
+ * @access private
+ */
+ var $paddable = false;
+
+ /**
+ * Encryption buffer for CTR, OFB and CFB modes
+ *
+ * @see Crypt_DES::encrypt()
+ * @var Array
+ * @access private
+ */
+ var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true);
+
+ /**
+ * Decryption buffer for CTR, OFB and CFB modes
+ *
+ * @see Crypt_DES::decrypt()
+ * @var Array
+ * @access private
+ */
+ var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true);
+
+ /**
+ * mcrypt resource for CFB mode
+ *
+ * @see Crypt_DES::encrypt()
+ * @see Crypt_DES::decrypt()
+ * @var String
+ * @access private
+ */
+ var $ecb;
+
+ /**
+ * Default Constructor.
+ *
+ * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
+ * CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used.
+ *
+ * @param optional Integer $mode
+ * @return Crypt_DES
+ * @access public
+ */
+ function Crypt_DES($mode = CRYPT_DES_MODE_CBC)
+ {
+ if ( !defined('CRYPT_DES_MODE') ) {
+ switch (true) {
+ case extension_loaded('mcrypt') && in_array('des', mcrypt_list_algorithms()):
+ define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT);
+ break;
+ default:
+ define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL);
+ }
+ }
+
+ switch ( CRYPT_DES_MODE ) {
+ case CRYPT_DES_MODE_MCRYPT:
+ switch ($mode) {
+ case CRYPT_DES_MODE_ECB:
+ $this->paddable = true;
+ $this->mode = MCRYPT_MODE_ECB;
+ break;
+ case CRYPT_DES_MODE_CTR:
+ $this->mode = 'ctr';
+ //$this->mode = in_array('ctr', mcrypt_list_modes()) ? 'ctr' : CRYPT_DES_MODE_CTR;
+ break;
+ case CRYPT_DES_MODE_CFB:
+ $this->mode = 'ncfb';
+ $this->ecb = mcrypt_module_open(MCRYPT_DES, '', MCRYPT_MODE_ECB, '');
+ break;
+ case CRYPT_DES_MODE_OFB:
+ $this->mode = MCRYPT_MODE_NOFB;
+ break;
+ case CRYPT_DES_MODE_CBC:
+ default:
+ $this->paddable = true;
+ $this->mode = MCRYPT_MODE_CBC;
+ }
+ $this->enmcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, '');
+ $this->demcrypt = mcrypt_module_open(MCRYPT_DES, '', $this->mode, '');
+
+ break;
+ default:
+ switch ($mode) {
+ case CRYPT_DES_MODE_ECB:
+ case CRYPT_DES_MODE_CBC:
+ $this->paddable = true;
+ $this->mode = $mode;
+ break;
+ case CRYPT_DES_MODE_CTR:
+ case CRYPT_DES_MODE_CFB:
+ case CRYPT_DES_MODE_OFB:
+ $this->mode = $mode;
+ break;
+ default:
+ $this->paddable = true;
+ $this->mode = CRYPT_DES_MODE_CBC;
+ }
+ }
+ }
+
+ /**
+ * Sets the key.
+ *
+ * Keys can be of any length. DES, itself, uses 64-bit keys (eg. strlen($key) == 8), however, we
+ * only use the first eight, if $key has more then eight characters in it, and pad $key with the
+ * null byte if it is less then eight characters long.
+ *
+ * DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
+ *
+ * If the key is not explicitly set, it'll be assumed to be all zero's.
+ *
+ * @access public
+ * @param String $key
+ */
+ function setKey($key)
+ {
+ $this->keys = ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) ? str_pad(substr($key, 0, 8), 8, chr(0)) : $this->_prepareKey($key);
+ $this->enchanged = true;
+ $this->dechanged = true;
+ }
+
+ /**
+ * Sets the password.
+ *
+ * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
+ * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}:
+ * $hash, $salt, $count
+ *
+ * @param String $password
+ * @param optional String $method
+ * @access public
+ */
+ function setPassword($password, $method = 'pbkdf2')
+ {
+ $key = '';
+
+ switch ($method) {
+ default: // 'pbkdf2'
+ list(, , $hash, $salt, $count) = func_get_args();
+ if (!isset($hash)) {
+ $hash = 'sha1';
+ }
+ // WPA and WPA2 use the SSID as the salt
+ if (!isset($salt)) {
+ $salt = 'phpseclib/salt';
+ }
+ // RFC2898#section-4.2 uses 1,000 iterations by default
+ // WPA and WPA2 use 4,096.
+ if (!isset($count)) {
+ $count = 1000;
+ }
+
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+
+ $i = 1;
+ while (strlen($key) < 8) { // $dkLen == 8
+ //$dk.= $this->_pbkdf($password, $salt, $count, $i++);
+ $hmac = new Crypt_Hash();
+ $hmac->setHash($hash);
+ $hmac->setKey($password);
+ $f = $u = $hmac->hash($salt . pack('N', $i++));
+ for ($j = 2; $j <= $count; $j++) {
+ $u = $hmac->hash($u);
+ $f^= $u;
+ }
+ $key.= $f;
+ }
+ }
+
+ $this->setKey($key);
+ }
+
+ /**
+ * Sets the initialization vector. (optional)
+ *
+ * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed
+ * to be all zero's.
+ *
+ * @access public
+ * @param String $iv
+ */
+ function setIV($iv)
+ {
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
+ $this->enchanged = true;
+ $this->dechanged = true;
+ }
+
+ /**
+ * Generate CTR XOR encryption key
+ *
+ * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
+ * plaintext / ciphertext in CTR mode.
+ *
+ * @see Crypt_DES::decrypt()
+ * @see Crypt_DES::encrypt()
+ * @access public
+ * @param String $iv
+ */
+ function _generate_xor(&$iv)
+ {
+ $xor = $iv;
+ for ($j = 4; $j <= 8; $j+=4) {
+ $temp = substr($iv, -$j, 4);
+ switch ($temp) {
+ case "\xFF\xFF\xFF\xFF":
+ $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
+ break;
+ case "\x7F\xFF\xFF\xFF":
+ $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
+ break 2;
+ default:
+ extract(unpack('Ncount', $temp));
+ $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
+ break 2;
+ }
+ }
+
+ return $xor;
+ }
+
+ /**
+ * Encrypts a message.
+ *
+ * $plaintext will be padded with up to 8 additional bytes. Other DES implementations may or may not pad in the
+ * same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following
+ * URL:
+ *
+ * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
+ *
+ * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
+ * strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
+ * length.
+ *
+ * @see Crypt_DES::decrypt()
+ * @access public
+ * @param String $plaintext
+ */
+ function encrypt($plaintext)
+ {
+ if ($this->paddable) {
+ $plaintext = $this->_pad($plaintext);
+ }
+
+ if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
+ if ($this->enchanged) {
+ mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV);
+ if ($this->mode == 'ncfb') {
+ mcrypt_generic_init($this->ecb, $this->keys, "\0\0\0\0\0\0\0\0");
+ }
+ $this->enchanged = false;
+ }
+
+ if ($this->mode != 'ncfb' || !$this->continuousBuffer) {
+ $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
+ } else {
+ $iv = &$this->encryptIV;
+ $pos = &$this->enbuffer['pos'];
+ $len = strlen($plaintext);
+ $ciphertext = '';
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 8 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $ciphertext = substr($iv, $orig_pos) ^ $plaintext;
+ $iv = substr_replace($iv, $ciphertext, $orig_pos, $i);
+ $this->enbuffer['enmcrypt_init'] = true;
+ }
+ if ($len >= 8) {
+ if ($this->enbuffer['enmcrypt_init'] === false || $len > 600) {
+ if ($this->enbuffer['enmcrypt_init'] === true) {
+ mcrypt_generic_init($this->enmcrypt, $this->keys, $iv);
+ $this->enbuffer['enmcrypt_init'] = false;
+ }
+ $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 8));
+ $iv = substr($ciphertext, -8);
+ $len%= 8;
+ } else {
+ while ($len >= 8) {
+ $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 8);
+ $ciphertext.= $iv;
+ $len-= 8;
+ $i+= 8;
+ }
+ }
+ }
+ if ($len) {
+ $iv = mcrypt_generic($this->ecb, $iv);
+ $block = $iv ^ substr($plaintext, -$len);
+ $iv = substr_replace($iv, $block, 0, $len);
+ $ciphertext.= $block;
+ $pos = $len;
+ }
+ return $ciphertext;
+ }
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->enmcrypt, $this->keys, $this->encryptIV);
+ }
+
+ return $ciphertext;
+ }
+
+ if (!is_array($this->keys)) {
+ $this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0");
+ }
+
+ $buffer = &$this->enbuffer;
+ $continuousBuffer = $this->continuousBuffer;
+ $ciphertext = '';
+ switch ($this->mode) {
+ case CRYPT_DES_MODE_ECB:
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $ciphertext.= $this->_processBlock(substr($plaintext, $i, 8), CRYPT_DES_ENCRYPT);
+ }
+ break;
+ case CRYPT_DES_MODE_CBC:
+ $xor = $this->encryptIV;
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ $block = $this->_processBlock($block ^ $xor, CRYPT_DES_ENCRYPT);
+ $xor = $block;
+ $ciphertext.= $block;
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ }
+ break;
+ case CRYPT_DES_MODE_CTR:
+ $xor = $this->encryptIV;
+ if (strlen($buffer['encrypted'])) {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ $buffer['encrypted'].= $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT);
+ $key = $this->_string_shift($buffer['encrypted'], 8);
+ $ciphertext.= $block ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ $key = $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT);
+ $ciphertext.= $block ^ $key;
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ if ($start = strlen($plaintext) & 7) {
+ $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted'];
+ }
+ }
+ break;
+ case CRYPT_DES_MODE_CFB:
+ if ($this->continuousBuffer) {
+ $iv = &$this->encryptIV;
+ $pos = &$buffer['pos'];
+ } else {
+ $iv = $this->encryptIV;
+ $pos = 0;
+ }
+ $len = strlen($plaintext);
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 8 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $ciphertext = substr($iv, $orig_pos) ^ $plaintext;
+ $iv = substr_replace($iv, $ciphertext, $orig_pos, $i);
+ }
+ while ($len >= 8) {
+ $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT) ^ substr($plaintext, $i, 8);
+ $ciphertext.= $iv;
+ $len-= 8;
+ $i+= 8;
+ }
+ if ($len) {
+ $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT);
+ $block = $iv ^ substr($plaintext, $i);
+ $iv = substr_replace($iv, $block, 0, $len);
+ $ciphertext.= $block;
+ $pos = $len;
+ }
+ return $ciphertext;
+ case CRYPT_DES_MODE_OFB:
+ $xor = $this->encryptIV;
+ if (strlen($buffer['xor'])) {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $buffer['xor'].= $xor;
+ $key = $this->_string_shift($buffer['xor'], 8);
+ $ciphertext.= substr($plaintext, $i, 8) ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $ciphertext.= substr($plaintext, $i, 8) ^ $xor;
+ }
+ $key = $xor;
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ if ($start = strlen($plaintext) & 7) {
+ $buffer['xor'] = substr($key, $start) . $buffer['xor'];
+ }
+ }
+ }
+
+ return $ciphertext;
+ }
+
+ /**
+ * Decrypts a message.
+ *
+ * If strlen($ciphertext) is not a multiple of 8, null bytes will be added to the end of the string until it is.
+ *
+ * @see Crypt_DES::encrypt()
+ * @access public
+ * @param String $ciphertext
+ */
+ function decrypt($ciphertext)
+ {
+ if ($this->paddable) {
+ // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
+ // "The data is padded with "\0" to make sure the length of the data is n * blocksize."
+ $ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0));
+ }
+
+ if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
+ if ($this->dechanged) {
+ mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV);
+ if ($this->mode == 'ncfb') {
+ mcrypt_generic_init($this->ecb, $this->keys, "\0\0\0\0\0\0\0\0");
+ }
+ $this->dechanged = false;
+ }
+
+ if ($this->mode != 'ncfb' || !$this->continuousBuffer) {
+ $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
+ } else {
+ $iv = &$this->decryptIV;
+ $pos = &$this->debuffer['pos'];
+ $len = strlen($ciphertext);
+ $plaintext = '';
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 8 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $plaintext = substr($iv, $orig_pos) ^ $ciphertext;
+ $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i);
+ }
+ if ($len >= 8) {
+ $cb = substr($ciphertext, $i, $len - $len % 8);
+ $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
+ $iv = substr($cb, -8);
+ $len%= 8;
+ }
+ if ($len) {
+ $iv = mcrypt_generic($this->ecb, $iv);
+ $plaintext.= $iv ^ substr($ciphertext, -$len);
+ $iv = substr_replace($iv, substr($ciphertext, -$len), 0, $len);
+ $pos = $len;
+ }
+ return $plaintext;
+ }
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->demcrypt, $this->keys, $this->decryptIV);
+ }
+
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ if (!is_array($this->keys)) {
+ $this->keys = $this->_prepareKey("\0\0\0\0\0\0\0\0");
+ }
+
+ $buffer = &$this->debuffer;
+ $continuousBuffer = $this->continuousBuffer;
+ $plaintext = '';
+ switch ($this->mode) {
+ case CRYPT_DES_MODE_ECB:
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $plaintext.= $this->_processBlock(substr($ciphertext, $i, 8), CRYPT_DES_DECRYPT);
+ }
+ break;
+ case CRYPT_DES_MODE_CBC:
+ $xor = $this->decryptIV;
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $plaintext.= $this->_processBlock($block, CRYPT_DES_DECRYPT) ^ $xor;
+ $xor = $block;
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ }
+ break;
+ case CRYPT_DES_MODE_CTR:
+ $xor = $this->decryptIV;
+ if (strlen($buffer['ciphertext'])) {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $buffer['ciphertext'].= $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT);
+ $key = $this->_string_shift($buffer['ciphertext'], 8);
+ $plaintext.= $block ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $key = $this->_processBlock($this->_generate_xor($xor), CRYPT_DES_ENCRYPT);
+ $plaintext.= $block ^ $key;
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ if ($start = strlen($ciphertext) % 8) {
+ $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext'];
+ }
+ }
+ break;
+ case CRYPT_DES_MODE_CFB:
+ if ($this->continuousBuffer) {
+ $iv = &$this->decryptIV;
+ $pos = &$buffer['pos'];
+ } else {
+ $iv = $this->decryptIV;
+ $pos = 0;
+ }
+ $len = strlen($ciphertext);
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 8 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $plaintext = substr($iv, $orig_pos) ^ $ciphertext;
+ $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i);
+ }
+ while ($len >= 8) {
+ $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT);
+ $cb = substr($ciphertext, $i, 8);
+ $plaintext.= $iv ^ $cb;
+ $iv = $cb;
+ $len-= 8;
+ $i+= 8;
+ }
+ if ($len) {
+ $iv = $this->_processBlock($iv, CRYPT_DES_ENCRYPT);
+ $plaintext.= $iv ^ substr($ciphertext, $i);
+ $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len);
+ $pos = $len;
+ }
+ return $plaintext;
+ case CRYPT_DES_MODE_OFB:
+ $xor = $this->decryptIV;
+ if (strlen($buffer['xor'])) {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $buffer['xor'].= $xor;
+ $key = $this->_string_shift($buffer['xor'], 8);
+ $plaintext.= substr($ciphertext, $i, 8) ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $xor = $this->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $plaintext.= substr($ciphertext, $i, 8) ^ $xor;
+ }
+ $key = $xor;
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ if ($start = strlen($ciphertext) % 8) {
+ $buffer['xor'] = substr($key, $start) . $buffer['xor'];
+ }
+ }
+ }
+
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ /**
+ * Treat consecutive "packets" as if they are a continuous buffer.
+ *
+ * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
+ * will yield different outputs:
+ *
+ * <code>
+ * echo $des->encrypt(substr($plaintext, 0, 8));
+ * echo $des->encrypt(substr($plaintext, 8, 8));
+ * </code>
+ * <code>
+ * echo $des->encrypt($plaintext);
+ * </code>
+ *
+ * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
+ * another, as demonstrated with the following:
+ *
+ * <code>
+ * $des->encrypt(substr($plaintext, 0, 8));
+ * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
+ * </code>
+ * <code>
+ * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
+ * </code>
+ *
+ * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
+ * outputs. The reason is due to the fact that the initialization vector's change after every encryption /
+ * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
+ *
+ * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
+ * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
+ * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
+ * however, they are also less intuitive and more likely to cause you problems.
+ *
+ * @see Crypt_DES::disableContinuousBuffer()
+ * @access public
+ */
+ function enableContinuousBuffer()
+ {
+ $this->continuousBuffer = true;
+ }
+
+ /**
+ * Treat consecutive packets as if they are a discontinuous buffer.
+ *
+ * The default behavior.
+ *
+ * @see Crypt_DES::enableContinuousBuffer()
+ * @access public
+ */
+ function disableContinuousBuffer()
+ {
+ $this->continuousBuffer = false;
+ $this->encryptIV = $this->iv;
+ $this->decryptIV = $this->iv;
+ $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true);
+ $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true);
+
+ if (CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT) {
+ mcrypt_generic_init($this->enmcrypt, $this->keys, $this->iv);
+ mcrypt_generic_init($this->demcrypt, $this->keys, $this->iv);
+ }
+ }
+
+ /**
+ * Pad "packets".
+ *
+ * DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not
+ * a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight.
+ *
+ * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1,
+ * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
+ * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
+ * transmitted separately)
+ *
+ * @see Crypt_DES::disablePadding()
+ * @access public
+ */
+ function enablePadding()
+ {
+ $this->padding = true;
+ }
+
+ /**
+ * Do not pad packets.
+ *
+ * @see Crypt_DES::enablePadding()
+ * @access public
+ */
+ function disablePadding()
+ {
+ $this->padding = false;
+ }
+
+ /**
+ * Pads a string
+ *
+ * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8).
+ * 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7)
+ *
+ * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
+ * and padding will, hence forth, be enabled.
+ *
+ * @see Crypt_DES::_unpad()
+ * @access private
+ */
+ function _pad($text)
+ {
+ $length = strlen($text);
+
+ if (!$this->padding) {
+ if (($length & 7) == 0) {
+ return $text;
+ } else {
+ user_error("The plaintext's length ($length) is not a multiple of the block size (8)");
+ $this->padding = true;
+ }
+ }
+
+ $pad = 8 - ($length & 7);
+ return str_pad($text, $length + $pad, chr($pad));
+ }
+
+ /**
+ * Unpads a string
+ *
+ * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
+ * and false will be returned.
+ *
+ * @see Crypt_DES::_pad()
+ * @access private
+ */
+ function _unpad($text)
+ {
+ if (!$this->padding) {
+ return $text;
+ }
+
+ $length = ord($text[strlen($text) - 1]);
+
+ if (!$length || $length > 8) {
+ return false;
+ }
+
+ return substr($text, 0, -$length);
+ }
+
+ /**
+ * Encrypts or decrypts a 64-bit block
+ *
+ * $mode should be either CRYPT_DES_ENCRYPT or CRYPT_DES_DECRYPT. See
+ * {@link http://en.wikipedia.org/wiki/Image:Feistel.png Feistel.png} to get a general
+ * idea of what this function does.
+ *
+ * @access private
+ * @param String $block
+ * @param Integer $mode
+ * @return String
+ */
+ function _processBlock($block, $mode)
+ {
+ // s-boxes. in the official DES docs, they're described as being matrices that
+ // one accesses by using the first and last bits to determine the row and the
+ // middle four bits to determine the column. in this implementation, they've
+ // been converted to vectors
+ static $sbox = array(
+ array(
+ 14, 0, 4, 15, 13, 7, 1, 4, 2, 14, 15, 2, 11, 13, 8, 1,
+ 3, 10 ,10, 6, 6, 12, 12, 11, 5, 9, 9, 5, 0, 3, 7, 8,
+ 4, 15, 1, 12, 14, 8, 8, 2, 13, 4, 6, 9, 2, 1, 11, 7,
+ 15, 5, 12, 11, 9, 3, 7, 14, 3, 10, 10, 0, 5, 6, 0, 13
+ ),
+ array(
+ 15, 3, 1, 13, 8, 4, 14, 7, 6, 15, 11, 2, 3, 8, 4, 14,
+ 9, 12, 7, 0, 2, 1, 13, 10, 12, 6, 0, 9, 5, 11, 10, 5,
+ 0, 13, 14, 8, 7, 10, 11, 1, 10, 3, 4, 15, 13, 4, 1, 2,
+ 5, 11, 8, 6, 12, 7, 6, 12, 9, 0, 3, 5, 2, 14, 15, 9
+ ),
+ array(
+ 10, 13, 0, 7, 9, 0, 14, 9, 6, 3, 3, 4, 15, 6, 5, 10,
+ 1, 2, 13, 8, 12, 5, 7, 14, 11, 12, 4, 11, 2, 15, 8, 1,
+ 13, 1, 6, 10, 4, 13, 9, 0, 8, 6, 15, 9, 3, 8, 0, 7,
+ 11, 4, 1, 15, 2, 14, 12, 3, 5, 11, 10, 5, 14, 2, 7, 12
+ ),
+ array(
+ 7, 13, 13, 8, 14, 11, 3, 5, 0, 6, 6, 15, 9, 0, 10, 3,
+ 1, 4, 2, 7, 8, 2, 5, 12, 11, 1, 12, 10, 4, 14, 15, 9,
+ 10, 3, 6, 15, 9, 0, 0, 6, 12, 10, 11, 1, 7, 13, 13, 8,
+ 15, 9, 1, 4, 3, 5, 14, 11, 5, 12, 2, 7, 8, 2, 4, 14
+ ),
+ array(
+ 2, 14, 12, 11, 4, 2, 1, 12, 7, 4, 10, 7, 11, 13, 6, 1,
+ 8, 5, 5, 0, 3, 15, 15, 10, 13, 3, 0, 9, 14, 8, 9, 6,
+ 4, 11, 2, 8, 1, 12, 11, 7, 10, 1, 13, 14, 7, 2, 8, 13,
+ 15, 6, 9, 15, 12, 0, 5, 9, 6, 10, 3, 4, 0, 5, 14, 3
+ ),
+ array(
+ 12, 10, 1, 15, 10, 4, 15, 2, 9, 7, 2, 12, 6, 9, 8, 5,
+ 0, 6, 13, 1, 3, 13, 4, 14, 14, 0, 7, 11, 5, 3, 11, 8,
+ 9, 4, 14, 3, 15, 2, 5, 12, 2, 9, 8, 5, 12, 15, 3, 10,
+ 7, 11, 0, 14, 4, 1, 10, 7, 1, 6, 13, 0, 11, 8, 6, 13
+ ),
+ array(
+ 4, 13, 11, 0, 2, 11, 14, 7, 15, 4, 0, 9, 8, 1, 13, 10,
+ 3, 14, 12, 3, 9, 5, 7, 12, 5, 2, 10, 15, 6, 8, 1, 6,
+ 1, 6, 4, 11, 11, 13, 13, 8, 12, 1, 3, 4, 7, 10, 14, 7,
+ 10, 9, 15, 5, 6, 0, 8, 15, 0, 14, 5, 2, 9, 3, 2, 12
+ ),
+ array(
+ 13, 1, 2, 15, 8, 13, 4, 8, 6, 10, 15, 3, 11, 7, 1, 4,
+ 10, 12, 9, 5, 3, 6, 14, 11, 5, 0, 0, 14, 12, 9, 7, 2,
+ 7, 2, 11, 1, 4, 14, 1, 7, 9, 4, 12, 10, 14, 8, 2, 13,
+ 0, 15, 6, 12, 10, 9, 13, 0, 15, 3, 3, 5, 5, 6, 8, 11
+ )
+ );
+
+ $keys = $this->keys;
+
+ $temp = unpack('Na/Nb', $block);
+ $block = array($temp['a'], $temp['b']);
+
+ // because php does arithmetic right shifts, if the most significant bits are set, right
+ // shifting those into the correct position will add 1's - not 0's. this will intefere
+ // with the | operation unless a second & is done. so we isolate these bits and left shift
+ // them into place. we then & each block with 0x7FFFFFFF to prevennt 1's from being added
+ // for any other shifts.
+ $msb = array(
+ ($block[0] >> 31) & 1,
+ ($block[1] >> 31) & 1
+ );
+ $block[0] &= 0x7FFFFFFF;
+ $block[1] &= 0x7FFFFFFF;
+
+ // we isolate the appropriate bit in the appropriate integer and shift as appropriate. in
+ // some cases, there are going to be multiple bits in the same integer that need to be shifted
+ // in the same way. we combine those into one shift operation.
+ $block = array(
+ (($block[1] & 0x00000040) << 25) | (($block[1] & 0x00004000) << 16) |
+ (($block[1] & 0x00400001) << 7) | (($block[1] & 0x40000100) >> 2) |
+ (($block[0] & 0x00000040) << 21) | (($block[0] & 0x00004000) << 12) |
+ (($block[0] & 0x00400001) << 3) | (($block[0] & 0x40000100) >> 6) |
+ (($block[1] & 0x00000010) << 19) | (($block[1] & 0x00001000) << 10) |
+ (($block[1] & 0x00100000) << 1) | (($block[1] & 0x10000000) >> 8) |
+ (($block[0] & 0x00000010) << 15) | (($block[0] & 0x00001000) << 6) |
+ (($block[0] & 0x00100000) >> 3) | (($block[0] & 0x10000000) >> 12) |
+ (($block[1] & 0x00000004) << 13) | (($block[1] & 0x00000400) << 4) |
+ (($block[1] & 0x00040000) >> 5) | (($block[1] & 0x04000000) >> 14) |
+ (($block[0] & 0x00000004) << 9) | ( $block[0] & 0x00000400 ) |
+ (($block[0] & 0x00040000) >> 9) | (($block[0] & 0x04000000) >> 18) |
+ (($block[1] & 0x00010000) >> 11) | (($block[1] & 0x01000000) >> 20) |
+ (($block[0] & 0x00010000) >> 15) | (($block[0] & 0x01000000) >> 24)
+ ,
+ (($block[1] & 0x00000080) << 24) | (($block[1] & 0x00008000) << 15) |
+ (($block[1] & 0x00800002) << 6) | (($block[0] & 0x00000080) << 20) |
+ (($block[0] & 0x00008000) << 11) | (($block[0] & 0x00800002) << 2) |
+ (($block[1] & 0x00000020) << 18) | (($block[1] & 0x00002000) << 9) |
+ ( $block[1] & 0x00200000 ) | (($block[1] & 0x20000000) >> 9) |
+ (($block[0] & 0x00000020) << 14) | (($block[0] & 0x00002000) << 5) |
+ (($block[0] & 0x00200000) >> 4) | (($block[0] & 0x20000000) >> 13) |
+ (($block[1] & 0x00000008) << 12) | (($block[1] & 0x00000800) << 3) |
+ (($block[1] & 0x00080000) >> 6) | (($block[1] & 0x08000000) >> 15) |
+ (($block[0] & 0x00000008) << 8) | (($block[0] & 0x00000800) >> 1) |
+ (($block[0] & 0x00080000) >> 10) | (($block[0] & 0x08000000) >> 19) |
+ (($block[1] & 0x00000200) >> 3) | (($block[0] & 0x00000200) >> 7) |
+ (($block[1] & 0x00020000) >> 12) | (($block[1] & 0x02000000) >> 21) |
+ (($block[0] & 0x00020000) >> 16) | (($block[0] & 0x02000000) >> 25) |
+ ($msb[1] << 28) | ($msb[0] << 24)
+ );
+
+ for ($i = 0; $i < 16; $i++) {
+ // start of "the Feistel (F) function" - see the following URL:
+ // http://en.wikipedia.org/wiki/Image:Data_Encryption_Standard_InfoBox_Diagram.png
+ $temp = (($sbox[0][((($block[1] >> 27) & 0x1F) | (($block[1] & 1) << 5)) ^ $keys[$mode][$i][0]]) << 28)
+ | (($sbox[1][(($block[1] & 0x1F800000) >> 23) ^ $keys[$mode][$i][1]]) << 24)
+ | (($sbox[2][(($block[1] & 0x01F80000) >> 19) ^ $keys[$mode][$i][2]]) << 20)
+ | (($sbox[3][(($block[1] & 0x001F8000) >> 15) ^ $keys[$mode][$i][3]]) << 16)
+ | (($sbox[4][(($block[1] & 0x0001F800) >> 11) ^ $keys[$mode][$i][4]]) << 12)
+ | (($sbox[5][(($block[1] & 0x00001F80) >> 7) ^ $keys[$mode][$i][5]]) << 8)
+ | (($sbox[6][(($block[1] & 0x000001F8) >> 3) ^ $keys[$mode][$i][6]]) << 4)
+ | ( $sbox[7][((($block[1] & 0x1F) << 1) | (($block[1] >> 31) & 1)) ^ $keys[$mode][$i][7]]);
+
+ $msb = ($temp >> 31) & 1;
+ $temp &= 0x7FFFFFFF;
+ $newBlock = (($temp & 0x00010000) << 15) | (($temp & 0x02020120) << 5)
+ | (($temp & 0x00001800) << 17) | (($temp & 0x01000000) >> 10)
+ | (($temp & 0x00000008) << 24) | (($temp & 0x00100000) << 6)
+ | (($temp & 0x00000010) << 21) | (($temp & 0x00008000) << 9)
+ | (($temp & 0x00000200) << 12) | (($temp & 0x10000000) >> 27)
+ | (($temp & 0x00000040) << 14) | (($temp & 0x08000000) >> 8)
+ | (($temp & 0x00004000) << 4) | (($temp & 0x00000002) << 16)
+ | (($temp & 0x00442000) >> 6) | (($temp & 0x40800000) >> 15)
+ | (($temp & 0x00000001) << 11) | (($temp & 0x20000000) >> 20)
+ | (($temp & 0x00080000) >> 13) | (($temp & 0x00000004) << 3)
+ | (($temp & 0x04000000) >> 22) | (($temp & 0x00000480) >> 7)
+ | (($temp & 0x00200000) >> 19) | ($msb << 23);
+ // end of "the Feistel (F) function" - $newBlock is F's output
+
+ $temp = $block[1];
+ $block[1] = $block[0] ^ $newBlock;
+ $block[0] = $temp;
+ }
+
+ $msb = array(
+ ($block[0] >> 31) & 1,
+ ($block[1] >> 31) & 1
+ );
+ $block[0] &= 0x7FFFFFFF;
+ $block[1] &= 0x7FFFFFFF;
+
+ $block = array(
+ (($block[0] & 0x01000004) << 7) | (($block[1] & 0x01000004) << 6) |
+ (($block[0] & 0x00010000) << 13) | (($block[1] & 0x00010000) << 12) |
+ (($block[0] & 0x00000100) << 19) | (($block[1] & 0x00000100) << 18) |
+ (($block[0] & 0x00000001) << 25) | (($block[1] & 0x00000001) << 24) |
+ (($block[0] & 0x02000008) >> 2) | (($block[1] & 0x02000008) >> 3) |
+ (($block[0] & 0x00020000) << 4) | (($block[1] & 0x00020000) << 3) |
+ (($block[0] & 0x00000200) << 10) | (($block[1] & 0x00000200) << 9) |
+ (($block[0] & 0x00000002) << 16) | (($block[1] & 0x00000002) << 15) |
+ (($block[0] & 0x04000000) >> 11) | (($block[1] & 0x04000000) >> 12) |
+ (($block[0] & 0x00040000) >> 5) | (($block[1] & 0x00040000) >> 6) |
+ (($block[0] & 0x00000400) << 1) | ( $block[1] & 0x00000400 ) |
+ (($block[0] & 0x08000000) >> 20) | (($block[1] & 0x08000000) >> 21) |
+ (($block[0] & 0x00080000) >> 14) | (($block[1] & 0x00080000) >> 15) |
+ (($block[0] & 0x00000800) >> 8) | (($block[1] & 0x00000800) >> 9)
+ ,
+ (($block[0] & 0x10000040) << 3) | (($block[1] & 0x10000040) << 2) |
+ (($block[0] & 0x00100000) << 9) | (($block[1] & 0x00100000) << 8) |
+ (($block[0] & 0x00001000) << 15) | (($block[1] & 0x00001000) << 14) |
+ (($block[0] & 0x00000010) << 21) | (($block[1] & 0x00000010) << 20) |
+ (($block[0] & 0x20000080) >> 6) | (($block[1] & 0x20000080) >> 7) |
+ ( $block[0] & 0x00200000 ) | (($block[1] & 0x00200000) >> 1) |
+ (($block[0] & 0x00002000) << 6) | (($block[1] & 0x00002000) << 5) |
+ (($block[0] & 0x00000020) << 12) | (($block[1] & 0x00000020) << 11) |
+ (($block[0] & 0x40000000) >> 15) | (($block[1] & 0x40000000) >> 16) |
+ (($block[0] & 0x00400000) >> 9) | (($block[1] & 0x00400000) >> 10) |
+ (($block[0] & 0x00004000) >> 3) | (($block[1] & 0x00004000) >> 4) |
+ (($block[0] & 0x00800000) >> 18) | (($block[1] & 0x00800000) >> 19) |
+ (($block[0] & 0x00008000) >> 12) | (($block[1] & 0x00008000) >> 13) |
+ ($msb[0] << 7) | ($msb[1] << 6)
+ );
+
+ return pack('NN', $block[0], $block[1]);
+ }
+
+ /**
+ * Creates the key schedule.
+ *
+ * @access private
+ * @param String $key
+ * @return Array
+ */
+ function _prepareKey($key)
+ {
+ static $shifts = array( // number of key bits shifted per round
+ 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
+ );
+
+ // pad the key and remove extra characters as appropriate.
+ $key = str_pad(substr($key, 0, 8), 8, chr(0));
+
+ $temp = unpack('Na/Nb', $key);
+ $key = array($temp['a'], $temp['b']);
+ $msb = array(
+ ($key[0] >> 31) & 1,
+ ($key[1] >> 31) & 1
+ );
+ $key[0] &= 0x7FFFFFFF;
+ $key[1] &= 0x7FFFFFFF;
+
+ $key = array(
+ (($key[1] & 0x00000002) << 26) | (($key[1] & 0x00000204) << 17) |
+ (($key[1] & 0x00020408) << 8) | (($key[1] & 0x02040800) >> 1) |
+ (($key[0] & 0x00000002) << 22) | (($key[0] & 0x00000204) << 13) |
+ (($key[0] & 0x00020408) << 4) | (($key[0] & 0x02040800) >> 5) |
+ (($key[1] & 0x04080000) >> 10) | (($key[0] & 0x04080000) >> 14) |
+ (($key[1] & 0x08000000) >> 19) | (($key[0] & 0x08000000) >> 23) |
+ (($key[0] & 0x00000010) >> 1) | (($key[0] & 0x00001000) >> 10) |
+ (($key[0] & 0x00100000) >> 19) | (($key[0] & 0x10000000) >> 28)
+ ,
+ (($key[1] & 0x00000080) << 20) | (($key[1] & 0x00008000) << 11) |
+ (($key[1] & 0x00800000) << 2) | (($key[0] & 0x00000080) << 16) |
+ (($key[0] & 0x00008000) << 7) | (($key[0] & 0x00800000) >> 2) |
+ (($key[1] & 0x00000040) << 13) | (($key[1] & 0x00004000) << 4) |
+ (($key[1] & 0x00400000) >> 5) | (($key[1] & 0x40000000) >> 14) |
+ (($key[0] & 0x00000040) << 9) | ( $key[0] & 0x00004000 ) |
+ (($key[0] & 0x00400000) >> 9) | (($key[0] & 0x40000000) >> 18) |
+ (($key[1] & 0x00000020) << 6) | (($key[1] & 0x00002000) >> 3) |
+ (($key[1] & 0x00200000) >> 12) | (($key[1] & 0x20000000) >> 21) |
+ (($key[0] & 0x00000020) << 2) | (($key[0] & 0x00002000) >> 7) |
+ (($key[0] & 0x00200000) >> 16) | (($key[0] & 0x20000000) >> 25) |
+ (($key[1] & 0x00000010) >> 1) | (($key[1] & 0x00001000) >> 10) |
+ (($key[1] & 0x00100000) >> 19) | (($key[1] & 0x10000000) >> 28) |
+ ($msb[1] << 24) | ($msb[0] << 20)
+ );
+
+ $keys = array();
+ for ($i = 0; $i < 16; $i++) {
+ $key[0] <<= $shifts[$i];
+ $temp = ($key[0] & 0xF0000000) >> 28;
+ $key[0] = ($key[0] | $temp) & 0x0FFFFFFF;
+
+ $key[1] <<= $shifts[$i];
+ $temp = ($key[1] & 0xF0000000) >> 28;
+ $key[1] = ($key[1] | $temp) & 0x0FFFFFFF;
+
+ $temp = array(
+ (($key[1] & 0x00004000) >> 9) | (($key[1] & 0x00000800) >> 7) |
+ (($key[1] & 0x00020000) >> 14) | (($key[1] & 0x00000010) >> 2) |
+ (($key[1] & 0x08000000) >> 26) | (($key[1] & 0x00800000) >> 23)
+ ,
+ (($key[1] & 0x02400000) >> 20) | (($key[1] & 0x00000001) << 4) |
+ (($key[1] & 0x00002000) >> 10) | (($key[1] & 0x00040000) >> 18) |
+ (($key[1] & 0x00000080) >> 6)
+ ,
+ ( $key[1] & 0x00000020 ) | (($key[1] & 0x00000200) >> 5) |
+ (($key[1] & 0x00010000) >> 13) | (($key[1] & 0x01000000) >> 22) |
+ (($key[1] & 0x00000004) >> 1) | (($key[1] & 0x00100000) >> 20)
+ ,
+ (($key[1] & 0x00001000) >> 7) | (($key[1] & 0x00200000) >> 17) |
+ (($key[1] & 0x00000002) << 2) | (($key[1] & 0x00000100) >> 6) |
+ (($key[1] & 0x00008000) >> 14) | (($key[1] & 0x04000000) >> 26)
+ ,
+ (($key[0] & 0x00008000) >> 10) | ( $key[0] & 0x00000010 ) |
+ (($key[0] & 0x02000000) >> 22) | (($key[0] & 0x00080000) >> 17) |
+ (($key[0] & 0x00000200) >> 8) | (($key[0] & 0x00000002) >> 1)
+ ,
+ (($key[0] & 0x04000000) >> 21) | (($key[0] & 0x00010000) >> 12) |
+ (($key[0] & 0x00000020) >> 2) | (($key[0] & 0x00000800) >> 9) |
+ (($key[0] & 0x00800000) >> 22) | (($key[0] & 0x00000100) >> 8)
+ ,
+ (($key[0] & 0x00001000) >> 7) | (($key[0] & 0x00000088) >> 3) |
+ (($key[0] & 0x00020000) >> 14) | (($key[0] & 0x00000001) << 2) |
+ (($key[0] & 0x00400000) >> 21)
+ ,
+ (($key[0] & 0x00000400) >> 5) | (($key[0] & 0x00004000) >> 10) |
+ (($key[0] & 0x00000040) >> 3) | (($key[0] & 0x00100000) >> 18) |
+ (($key[0] & 0x08000000) >> 26) | (($key[0] & 0x01000000) >> 24)
+ );
+
+ $keys[] = $temp;
+ }
+
+ $temp = array(
+ CRYPT_DES_ENCRYPT => $keys,
+ CRYPT_DES_DECRYPT => array_reverse($keys)
+ );
+
+ return $temp;
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+}
+
+// vim: ts=4:sw=4:et:
+// vim6: fdl=1:
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Hash.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Hash.php
new file mode 100644
index 00000000000..c5d314f009f
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Hash.php
@@ -0,0 +1,825 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
+ *
+ * Uses hash() or mhash() if available and an internal implementation, otherwise. Currently supports the following:
+ *
+ * md2, md5, md5-96, sha1, sha1-96, sha256, sha384, and sha512
+ *
+ * If {@link Crypt_Hash::setKey() setKey()} is called, {@link Crypt_Hash::hash() hash()} will return the HMAC as opposed to
+ * the hash. If no valid algorithm is provided, sha1 will be used.
+ *
+ * PHP versions 4 and 5
+ *
+ * {@internal The variable names are the same as those in
+ * {@link http://tools.ietf.org/html/rfc2104#section-2 RFC2104}.}}
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/Hash.php');
+ *
+ * $hash = new Crypt_Hash('sha1');
+ *
+ * $hash->setKey('abcdefg');
+ *
+ * echo base64_encode($hash->hash('abcdefg'));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_Hash
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: Hash.php,v 1.6 2009/11/23 23:37:07 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**#@+
+ * @access private
+ * @see Crypt_Hash::Crypt_Hash()
+ */
+/**
+ * Toggles the internal implementation
+ */
+define('CRYPT_HASH_MODE_INTERNAL', 1);
+/**
+ * Toggles the mhash() implementation, which has been deprecated on PHP 5.3.0+.
+ */
+define('CRYPT_HASH_MODE_MHASH', 2);
+/**
+ * Toggles the hash() implementation, which works on PHP 5.1.2+.
+ */
+define('CRYPT_HASH_MODE_HASH', 3);
+/**#@-*/
+
+/**
+ * Pure-PHP implementations of keyed-hash message authentication codes (HMACs) and various cryptographic hashing functions.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_Hash
+ */
+class Crypt_Hash {
+ /**
+ * Byte-length of compression blocks / key (Internal HMAC)
+ *
+ * @see Crypt_Hash::setAlgorithm()
+ * @var Integer
+ * @access private
+ */
+ var $b;
+
+ /**
+ * Byte-length of hash output (Internal HMAC)
+ *
+ * @see Crypt_Hash::setHash()
+ * @var Integer
+ * @access private
+ */
+ var $l = false;
+
+ /**
+ * Hash Algorithm
+ *
+ * @see Crypt_Hash::setHash()
+ * @var String
+ * @access private
+ */
+ var $hash;
+
+ /**
+ * Key
+ *
+ * @see Crypt_Hash::setKey()
+ * @var String
+ * @access private
+ */
+ var $key = false;
+
+ /**
+ * Outer XOR (Internal HMAC)
+ *
+ * @see Crypt_Hash::setKey()
+ * @var String
+ * @access private
+ */
+ var $opad;
+
+ /**
+ * Inner XOR (Internal HMAC)
+ *
+ * @see Crypt_Hash::setKey()
+ * @var String
+ * @access private
+ */
+ var $ipad;
+
+ /**
+ * Default Constructor.
+ *
+ * @param optional String $hash
+ * @return Crypt_Hash
+ * @access public
+ */
+ function Crypt_Hash($hash = 'sha1')
+ {
+ if ( !defined('CRYPT_HASH_MODE') ) {
+ switch (true) {
+ case extension_loaded('hash'):
+ define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_HASH);
+ break;
+ case extension_loaded('mhash'):
+ define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_MHASH);
+ break;
+ default:
+ define('CRYPT_HASH_MODE', CRYPT_HASH_MODE_INTERNAL);
+ }
+ }
+
+ $this->setHash($hash);
+ }
+
+ /**
+ * Sets the key for HMACs
+ *
+ * Keys can be of any length.
+ *
+ * @access public
+ * @param String $key
+ */
+ function setKey($key = false)
+ {
+ $this->key = $key;
+ }
+
+ /**
+ * Sets the hash function.
+ *
+ * @access public
+ * @param String $hash
+ */
+ function setHash($hash)
+ {
+ $hash = strtolower($hash);
+ switch ($hash) {
+ case 'md5-96':
+ case 'sha1-96':
+ $this->l = 12; // 96 / 8 = 12
+ break;
+ case 'md2':
+ case 'md5':
+ $this->l = 16;
+ break;
+ case 'sha1':
+ $this->l = 20;
+ break;
+ case 'sha256':
+ $this->l = 32;
+ break;
+ case 'sha384':
+ $this->l = 48;
+ break;
+ case 'sha512':
+ $this->l = 64;
+ }
+
+ switch ($hash) {
+ case 'md2':
+ $mode = CRYPT_HASH_MODE == CRYPT_HASH_MODE_HASH && in_array('md2', hash_algos()) ?
+ CRYPT_HASH_MODE_HASH : CRYPT_HASH_MODE_INTERNAL;
+ break;
+ case 'sha384':
+ case 'sha512':
+ $mode = CRYPT_HASH_MODE == CRYPT_HASH_MODE_MHASH ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE;
+ break;
+ default:
+ $mode = CRYPT_HASH_MODE;
+ }
+
+ switch ( $mode ) {
+ case CRYPT_HASH_MODE_MHASH:
+ switch ($hash) {
+ case 'md5':
+ case 'md5-96':
+ $this->hash = MHASH_MD5;
+ break;
+ case 'sha256':
+ $this->hash = MHASH_SHA256;
+ break;
+ case 'sha1':
+ case 'sha1-96':
+ default:
+ $this->hash = MHASH_SHA1;
+ }
+ return;
+ case CRYPT_HASH_MODE_HASH:
+ switch ($hash) {
+ case 'md5':
+ case 'md5-96':
+ $this->hash = 'md5';
+ return;
+ case 'md2':
+ case 'sha256':
+ case 'sha384':
+ case 'sha512':
+ $this->hash = $hash;
+ return;
+ case 'sha1':
+ case 'sha1-96':
+ default:
+ $this->hash = 'sha1';
+ }
+ return;
+ }
+
+ switch ($hash) {
+ case 'md2':
+ $this->b = 16;
+ $this->hash = array($this, '_md2');
+ break;
+ case 'md5':
+ case 'md5-96':
+ $this->b = 64;
+ $this->hash = array($this, '_md5');
+ break;
+ case 'sha256':
+ $this->b = 64;
+ $this->hash = array($this, '_sha256');
+ break;
+ case 'sha384':
+ case 'sha512':
+ $this->b = 128;
+ $this->hash = array($this, '_sha512');
+ break;
+ case 'sha1':
+ case 'sha1-96':
+ default:
+ $this->b = 64;
+ $this->hash = array($this, '_sha1');
+ }
+
+ $this->ipad = str_repeat(chr(0x36), $this->b);
+ $this->opad = str_repeat(chr(0x5C), $this->b);
+ }
+
+ /**
+ * Compute the HMAC.
+ *
+ * @access public
+ * @param String $text
+ * @return String
+ */
+ function hash($text)
+ {
+ $mode = is_array($this->hash) ? CRYPT_HASH_MODE_INTERNAL : CRYPT_HASH_MODE;
+
+ if (!empty($this->key) || is_string($this->key)) {
+ switch ( $mode ) {
+ case CRYPT_HASH_MODE_MHASH:
+ $output = mhash($this->hash, $text, $this->key);
+ break;
+ case CRYPT_HASH_MODE_HASH:
+ $output = hash_hmac($this->hash, $text, $this->key, true);
+ break;
+ case CRYPT_HASH_MODE_INTERNAL:
+ /* "Applications that use keys longer than B bytes will first hash the key using H and then use the
+ resultant L byte string as the actual key to HMAC."
+
+ -- http://tools.ietf.org/html/rfc2104#section-2 */
+ $key = strlen($this->key) > $this->b ? call_user_func($this->hash, $this->key) : $this->key;
+
+ $key = str_pad($key, $this->b, chr(0)); // step 1
+ $temp = $this->ipad ^ $key; // step 2
+ $temp .= $text; // step 3
+ $temp = call_user_func($this->hash, $temp); // step 4
+ $output = $this->opad ^ $key; // step 5
+ $output.= $temp; // step 6
+ $output = call_user_func($this->hash, $output); // step 7
+ }
+ } else {
+ switch ( $mode ) {
+ case CRYPT_HASH_MODE_MHASH:
+ $output = mhash($this->hash, $text);
+ break;
+ case CRYPT_HASH_MODE_HASH:
+ $output = hash($this->hash, $text, true);
+ break;
+ case CRYPT_HASH_MODE_INTERNAL:
+ $output = call_user_func($this->hash, $text);
+ }
+ }
+
+ return substr($output, 0, $this->l);
+ }
+
+ /**
+ * Returns the hash length (in bytes)
+ *
+ * @access public
+ * @return Integer
+ */
+ function getLength()
+ {
+ return $this->l;
+ }
+
+ /**
+ * Wrapper for MD5
+ *
+ * @access private
+ * @param String $text
+ */
+ function _md5($m)
+ {
+ return pack('H*', md5($m));
+ }
+
+ /**
+ * Wrapper for SHA1
+ *
+ * @access private
+ * @param String $text
+ */
+ function _sha1($m)
+ {
+ return pack('H*', sha1($m));
+ }
+
+ /**
+ * Pure-PHP implementation of MD2
+ *
+ * See {@link http://tools.ietf.org/html/rfc1319 RFC1319}.
+ *
+ * @access private
+ * @param String $text
+ */
+ function _md2($m)
+ {
+ static $s = array(
+ 41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
+ 19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
+ 76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
+ 138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
+ 245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
+ 148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
+ 39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
+ 181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
+ 150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
+ 112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
+ 96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
+ 85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
+ 234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
+ 129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
+ 8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
+ 203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
+ 166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
+ 31, 26, 219, 153, 141, 51, 159, 17, 131, 20
+ );
+
+ // Step 1. Append Padding Bytes
+ $pad = 16 - (strlen($m) & 0xF);
+ $m.= str_repeat(chr($pad), $pad);
+
+ $length = strlen($m);
+
+ // Step 2. Append Checksum
+ $c = str_repeat(chr(0), 16);
+ $l = chr(0);
+ for ($i = 0; $i < $length; $i+= 16) {
+ for ($j = 0; $j < 16; $j++) {
+ // RFC1319 incorrectly states that C[j] should be set to S[c xor L]
+ //$c[$j] = chr($s[ord($m[$i + $j] ^ $l)]);
+ // per <http://www.rfc-editor.org/errata_search.php?rfc=1319>, however, C[j] should be set to S[c xor L] xor C[j]
+ $c[$j] = chr($s[ord($m[$i + $j] ^ $l)] ^ ord($c[$j]));
+ $l = $c[$j];
+ }
+ }
+ $m.= $c;
+
+ $length+= 16;
+
+ // Step 3. Initialize MD Buffer
+ $x = str_repeat(chr(0), 48);
+
+ // Step 4. Process Message in 16-Byte Blocks
+ for ($i = 0; $i < $length; $i+= 16) {
+ for ($j = 0; $j < 16; $j++) {
+ $x[$j + 16] = $m[$i + $j];
+ $x[$j + 32] = $x[$j + 16] ^ $x[$j];
+ }
+ $t = chr(0);
+ for ($j = 0; $j < 18; $j++) {
+ for ($k = 0; $k < 48; $k++) {
+ $x[$k] = $t = $x[$k] ^ chr($s[ord($t)]);
+ //$t = $x[$k] = $x[$k] ^ chr($s[ord($t)]);
+ }
+ $t = chr(ord($t) + $j);
+ }
+ }
+
+ // Step 5. Output
+ return substr($x, 0, 16);
+ }
+
+ /**
+ * Pure-PHP implementation of SHA256
+ *
+ * See {@link http://en.wikipedia.org/wiki/SHA_hash_functions#SHA-256_.28a_SHA-2_variant.29_pseudocode SHA-256 (a SHA-2 variant) pseudocode - Wikipedia}.
+ *
+ * @access private
+ * @param String $text
+ */
+ function _sha256($m)
+ {
+ if (extension_loaded('suhosin')) {
+ return pack('H*', sha256($m));
+ }
+
+ // Initialize variables
+ $hash = array(
+ 0x6a09e667, 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f, 0x9b05688c, 0x1f83d9ab, 0x5be0cd19
+ );
+ // Initialize table of round constants
+ // (first 32 bits of the fractional parts of the cube roots of the first 64 primes 2..311)
+ static $k = array(
+ 0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+ 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+ 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+ 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+ 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+ 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+ 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+ 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+ );
+
+ // Pre-processing
+ $length = strlen($m);
+ // to round to nearest 56 mod 64, we'll add 64 - (length + (64 - 56)) % 64
+ $m.= str_repeat(chr(0), 64 - (($length + 8) & 0x3F));
+ $m[$length] = chr(0x80);
+ // we don't support hashing strings 512MB long
+ $m.= pack('N2', 0, $length << 3);
+
+ // Process the message in successive 512-bit chunks
+ $chunks = str_split($m, 64);
+ foreach ($chunks as $chunk) {
+ $w = array();
+ for ($i = 0; $i < 16; $i++) {
+ extract(unpack('Ntemp', $this->_string_shift($chunk, 4)));
+ $w[] = $temp;
+ }
+
+ // Extend the sixteen 32-bit words into sixty-four 32-bit words
+ for ($i = 16; $i < 64; $i++) {
+ $s0 = $this->_rightRotate($w[$i - 15], 7) ^
+ $this->_rightRotate($w[$i - 15], 18) ^
+ $this->_rightShift( $w[$i - 15], 3);
+ $s1 = $this->_rightRotate($w[$i - 2], 17) ^
+ $this->_rightRotate($w[$i - 2], 19) ^
+ $this->_rightShift( $w[$i - 2], 10);
+ $w[$i] = $this->_add($w[$i - 16], $s0, $w[$i - 7], $s1);
+
+ }
+
+ // Initialize hash value for this chunk
+ list($a, $b, $c, $d, $e, $f, $g, $h) = $hash;
+
+ // Main loop
+ for ($i = 0; $i < 64; $i++) {
+ $s0 = $this->_rightRotate($a, 2) ^
+ $this->_rightRotate($a, 13) ^
+ $this->_rightRotate($a, 22);
+ $maj = ($a & $b) ^
+ ($a & $c) ^
+ ($b & $c);
+ $t2 = $this->_add($s0, $maj);
+
+ $s1 = $this->_rightRotate($e, 6) ^
+ $this->_rightRotate($e, 11) ^
+ $this->_rightRotate($e, 25);
+ $ch = ($e & $f) ^
+ ($this->_not($e) & $g);
+ $t1 = $this->_add($h, $s1, $ch, $k[$i], $w[$i]);
+
+ $h = $g;
+ $g = $f;
+ $f = $e;
+ $e = $this->_add($d, $t1);
+ $d = $c;
+ $c = $b;
+ $b = $a;
+ $a = $this->_add($t1, $t2);
+ }
+
+ // Add this chunk's hash to result so far
+ $hash = array(
+ $this->_add($hash[0], $a),
+ $this->_add($hash[1], $b),
+ $this->_add($hash[2], $c),
+ $this->_add($hash[3], $d),
+ $this->_add($hash[4], $e),
+ $this->_add($hash[5], $f),
+ $this->_add($hash[6], $g),
+ $this->_add($hash[7], $h)
+ );
+ }
+
+ // Produce the final hash value (big-endian)
+ return pack('N8', $hash[0], $hash[1], $hash[2], $hash[3], $hash[4], $hash[5], $hash[6], $hash[7]);
+ }
+
+ /**
+ * Pure-PHP implementation of SHA384 and SHA512
+ *
+ * @access private
+ * @param String $text
+ */
+ function _sha512($m)
+ {
+ if (!class_exists('Math_BigInteger')) {
+ require_once('Math/BigInteger.php');
+ }
+
+ static $init384, $init512, $k;
+
+ if (!isset($k)) {
+ // Initialize variables
+ $init384 = array( // initial values for SHA384
+ 'cbbb9d5dc1059ed8', '629a292a367cd507', '9159015a3070dd17', '152fecd8f70e5939',
+ '67332667ffc00b31', '8eb44a8768581511', 'db0c2e0d64f98fa7', '47b5481dbefa4fa4'
+ );
+ $init512 = array( // initial values for SHA512
+ '6a09e667f3bcc908', 'bb67ae8584caa73b', '3c6ef372fe94f82b', 'a54ff53a5f1d36f1',
+ '510e527fade682d1', '9b05688c2b3e6c1f', '1f83d9abfb41bd6b', '5be0cd19137e2179'
+ );
+
+ for ($i = 0; $i < 8; $i++) {
+ $init384[$i] = new Math_BigInteger($init384[$i], 16);
+ $init384[$i]->setPrecision(64);
+ $init512[$i] = new Math_BigInteger($init512[$i], 16);
+ $init512[$i]->setPrecision(64);
+ }
+
+ // Initialize table of round constants
+ // (first 64 bits of the fractional parts of the cube roots of the first 80 primes 2..409)
+ $k = array(
+ '428a2f98d728ae22', '7137449123ef65cd', 'b5c0fbcfec4d3b2f', 'e9b5dba58189dbbc',
+ '3956c25bf348b538', '59f111f1b605d019', '923f82a4af194f9b', 'ab1c5ed5da6d8118',
+ 'd807aa98a3030242', '12835b0145706fbe', '243185be4ee4b28c', '550c7dc3d5ffb4e2',
+ '72be5d74f27b896f', '80deb1fe3b1696b1', '9bdc06a725c71235', 'c19bf174cf692694',
+ 'e49b69c19ef14ad2', 'efbe4786384f25e3', '0fc19dc68b8cd5b5', '240ca1cc77ac9c65',
+ '2de92c6f592b0275', '4a7484aa6ea6e483', '5cb0a9dcbd41fbd4', '76f988da831153b5',
+ '983e5152ee66dfab', 'a831c66d2db43210', 'b00327c898fb213f', 'bf597fc7beef0ee4',
+ 'c6e00bf33da88fc2', 'd5a79147930aa725', '06ca6351e003826f', '142929670a0e6e70',
+ '27b70a8546d22ffc', '2e1b21385c26c926', '4d2c6dfc5ac42aed', '53380d139d95b3df',
+ '650a73548baf63de', '766a0abb3c77b2a8', '81c2c92e47edaee6', '92722c851482353b',
+ 'a2bfe8a14cf10364', 'a81a664bbc423001', 'c24b8b70d0f89791', 'c76c51a30654be30',
+ 'd192e819d6ef5218', 'd69906245565a910', 'f40e35855771202a', '106aa07032bbd1b8',
+ '19a4c116b8d2d0c8', '1e376c085141ab53', '2748774cdf8eeb99', '34b0bcb5e19b48a8',
+ '391c0cb3c5c95a63', '4ed8aa4ae3418acb', '5b9cca4f7763e373', '682e6ff3d6b2b8a3',
+ '748f82ee5defb2fc', '78a5636f43172f60', '84c87814a1f0ab72', '8cc702081a6439ec',
+ '90befffa23631e28', 'a4506cebde82bde9', 'bef9a3f7b2c67915', 'c67178f2e372532b',
+ 'ca273eceea26619c', 'd186b8c721c0c207', 'eada7dd6cde0eb1e', 'f57d4f7fee6ed178',
+ '06f067aa72176fba', '0a637dc5a2c898a6', '113f9804bef90dae', '1b710b35131c471b',
+ '28db77f523047d84', '32caab7b40c72493', '3c9ebe0a15c9bebc', '431d67c49c100d4c',
+ '4cc5d4becb3e42b6', '597f299cfc657e2a', '5fcb6fab3ad6faec', '6c44198c4a475817'
+ );
+
+ for ($i = 0; $i < 80; $i++) {
+ $k[$i] = new Math_BigInteger($k[$i], 16);
+ }
+ }
+
+ $hash = $this->l == 48 ? $init384 : $init512;
+
+ // Pre-processing
+ $length = strlen($m);
+ // to round to nearest 112 mod 128, we'll add 128 - (length + (128 - 112)) % 128
+ $m.= str_repeat(chr(0), 128 - (($length + 16) & 0x7F));
+ $m[$length] = chr(0x80);
+ // we don't support hashing strings 512MB long
+ $m.= pack('N4', 0, 0, 0, $length << 3);
+
+ // Process the message in successive 1024-bit chunks
+ $chunks = str_split($m, 128);
+ foreach ($chunks as $chunk) {
+ $w = array();
+ for ($i = 0; $i < 16; $i++) {
+ $temp = new Math_BigInteger($this->_string_shift($chunk, 8), 256);
+ $temp->setPrecision(64);
+ $w[] = $temp;
+ }
+
+ // Extend the sixteen 32-bit words into eighty 32-bit words
+ for ($i = 16; $i < 80; $i++) {
+ $temp = array(
+ $w[$i - 15]->bitwise_rightRotate(1),
+ $w[$i - 15]->bitwise_rightRotate(8),
+ $w[$i - 15]->bitwise_rightShift(7)
+ );
+ $s0 = $temp[0]->bitwise_xor($temp[1]);
+ $s0 = $s0->bitwise_xor($temp[2]);
+ $temp = array(
+ $w[$i - 2]->bitwise_rightRotate(19),
+ $w[$i - 2]->bitwise_rightRotate(61),
+ $w[$i - 2]->bitwise_rightShift(6)
+ );
+ $s1 = $temp[0]->bitwise_xor($temp[1]);
+ $s1 = $s1->bitwise_xor($temp[2]);
+ $w[$i] = $w[$i - 16]->copy();
+ $w[$i] = $w[$i]->add($s0);
+ $w[$i] = $w[$i]->add($w[$i - 7]);
+ $w[$i] = $w[$i]->add($s1);
+ }
+
+ // Initialize hash value for this chunk
+ $a = $hash[0]->copy();
+ $b = $hash[1]->copy();
+ $c = $hash[2]->copy();
+ $d = $hash[3]->copy();
+ $e = $hash[4]->copy();
+ $f = $hash[5]->copy();
+ $g = $hash[6]->copy();
+ $h = $hash[7]->copy();
+
+ // Main loop
+ for ($i = 0; $i < 80; $i++) {
+ $temp = array(
+ $a->bitwise_rightRotate(28),
+ $a->bitwise_rightRotate(34),
+ $a->bitwise_rightRotate(39)
+ );
+ $s0 = $temp[0]->bitwise_xor($temp[1]);
+ $s0 = $s0->bitwise_xor($temp[2]);
+ $temp = array(
+ $a->bitwise_and($b),
+ $a->bitwise_and($c),
+ $b->bitwise_and($c)
+ );
+ $maj = $temp[0]->bitwise_xor($temp[1]);
+ $maj = $maj->bitwise_xor($temp[2]);
+ $t2 = $s0->add($maj);
+
+ $temp = array(
+ $e->bitwise_rightRotate(14),
+ $e->bitwise_rightRotate(18),
+ $e->bitwise_rightRotate(41)
+ );
+ $s1 = $temp[0]->bitwise_xor($temp[1]);
+ $s1 = $s1->bitwise_xor($temp[2]);
+ $temp = array(
+ $e->bitwise_and($f),
+ $g->bitwise_and($e->bitwise_not())
+ );
+ $ch = $temp[0]->bitwise_xor($temp[1]);
+ $t1 = $h->add($s1);
+ $t1 = $t1->add($ch);
+ $t1 = $t1->add($k[$i]);
+ $t1 = $t1->add($w[$i]);
+
+ $h = $g->copy();
+ $g = $f->copy();
+ $f = $e->copy();
+ $e = $d->add($t1);
+ $d = $c->copy();
+ $c = $b->copy();
+ $b = $a->copy();
+ $a = $t1->add($t2);
+ }
+
+ // Add this chunk's hash to result so far
+ $hash = array(
+ $hash[0]->add($a),
+ $hash[1]->add($b),
+ $hash[2]->add($c),
+ $hash[3]->add($d),
+ $hash[4]->add($e),
+ $hash[5]->add($f),
+ $hash[6]->add($g),
+ $hash[7]->add($h)
+ );
+ }
+
+ // Produce the final hash value (big-endian)
+ // (Crypt_Hash::hash() trims the output for hashes but not for HMACs. as such, we trim the output here)
+ $temp = $hash[0]->toBytes() . $hash[1]->toBytes() . $hash[2]->toBytes() . $hash[3]->toBytes() .
+ $hash[4]->toBytes() . $hash[5]->toBytes();
+ if ($this->l != 48) {
+ $temp.= $hash[6]->toBytes() . $hash[7]->toBytes();
+ }
+
+ return $temp;
+ }
+
+ /**
+ * Right Rotate
+ *
+ * @access private
+ * @param Integer $int
+ * @param Integer $amt
+ * @see _sha256()
+ * @return Integer
+ */
+ function _rightRotate($int, $amt)
+ {
+ $invamt = 32 - $amt;
+ $mask = (1 << $invamt) - 1;
+ return (($int << $invamt) & 0xFFFFFFFF) | (($int >> $amt) & $mask);
+ }
+
+ /**
+ * Right Shift
+ *
+ * @access private
+ * @param Integer $int
+ * @param Integer $amt
+ * @see _sha256()
+ * @return Integer
+ */
+ function _rightShift($int, $amt)
+ {
+ $mask = (1 << (32 - $amt)) - 1;
+ return ($int >> $amt) & $mask;
+ }
+
+ /**
+ * Not
+ *
+ * @access private
+ * @param Integer $int
+ * @see _sha256()
+ * @return Integer
+ */
+ function _not($int)
+ {
+ return ~$int & 0xFFFFFFFF;
+ }
+
+ /**
+ * Add
+ *
+ * _sha256() adds multiple unsigned 32-bit integers. Since PHP doesn't support unsigned integers and since the
+ * possibility of overflow exists, care has to be taken. Math_BigInteger() could be used but this should be faster.
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @see _sha256()
+ * @access private
+ */
+ function _add()
+ {
+ static $mod;
+ if (!isset($mod)) {
+ $mod = pow(2, 32);
+ }
+
+ $result = 0;
+ $arguments = func_get_args();
+ foreach ($arguments as $argument) {
+ $result+= $argument < 0 ? ($argument & 0x7FFFFFFF) + 0x80000000 : $argument;
+ }
+
+ return fmod($result, $mod);
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RC4.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RC4.php
new file mode 100644
index 00000000000..390108e0480
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RC4.php
@@ -0,0 +1,519 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of RC4.
+ *
+ * Uses mcrypt, if available, and an internal implementation, otherwise.
+ *
+ * PHP versions 4 and 5
+ *
+ * Useful resources are as follows:
+ *
+ * - {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
+ * - {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
+ *
+ * RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
+ * ARCFOUR or ARC4 because RC4 is how it is refered to in the SSH1 specification.
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/RC4.php');
+ *
+ * $rc4 = new Crypt_RC4();
+ *
+ * $rc4->setKey('abcdefgh');
+ *
+ * $size = 10 * 1024;
+ * $plaintext = '';
+ * for ($i = 0; $i < $size; $i++) {
+ * $plaintext.= 'a';
+ * }
+ *
+ * echo $rc4->decrypt($rc4->encrypt($plaintext));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_RC4
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: RC4.php,v 1.8 2009/06/09 04:00:38 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**#@+
+ * @access private
+ * @see Crypt_RC4::Crypt_RC4()
+ */
+/**
+ * Toggles the internal implementation
+ */
+define('CRYPT_RC4_MODE_INTERNAL', 1);
+/**
+ * Toggles the mcrypt implementation
+ */
+define('CRYPT_RC4_MODE_MCRYPT', 2);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Crypt_RC4::_crypt()
+ */
+define('CRYPT_RC4_ENCRYPT', 0);
+define('CRYPT_RC4_DECRYPT', 1);
+/**#@-*/
+
+/**
+ * Pure-PHP implementation of RC4.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_RC4
+ */
+class Crypt_RC4 {
+ /**
+ * The Key
+ *
+ * @see Crypt_RC4::setKey()
+ * @var String
+ * @access private
+ */
+ var $key = "\0";
+
+ /**
+ * The Key Stream for encryption
+ *
+ * If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object
+ *
+ * @see Crypt_RC4::setKey()
+ * @var Array
+ * @access private
+ */
+ var $encryptStream = false;
+
+ /**
+ * The Key Stream for decryption
+ *
+ * If CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT, this will be equal to the mcrypt object
+ *
+ * @see Crypt_RC4::setKey()
+ * @var Array
+ * @access private
+ */
+ var $decryptStream = false;
+
+ /**
+ * The $i and $j indexes for encryption
+ *
+ * @see Crypt_RC4::_crypt()
+ * @var Integer
+ * @access private
+ */
+ var $encryptIndex = 0;
+
+ /**
+ * The $i and $j indexes for decryption
+ *
+ * @see Crypt_RC4::_crypt()
+ * @var Integer
+ * @access private
+ */
+ var $decryptIndex = 0;
+
+ /**
+ * The Encryption Algorithm
+ *
+ * Only used if CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT. Only possible values are MCRYPT_RC4 or MCRYPT_ARCFOUR.
+ *
+ * @see Crypt_RC4::Crypt_RC4()
+ * @var Integer
+ * @access private
+ */
+ var $mode;
+
+ /**
+ * Continuous Buffer status
+ *
+ * @see Crypt_RC4::enableContinuousBuffer()
+ * @var Boolean
+ * @access private
+ */
+ var $continuousBuffer = false;
+
+ /**
+ * Default Constructor.
+ *
+ * Determines whether or not the mcrypt extension should be used.
+ *
+ * @return Crypt_RC4
+ * @access public
+ */
+ function Crypt_RC4()
+ {
+ if ( !defined('CRYPT_RC4_MODE') ) {
+ switch (true) {
+ case extension_loaded('mcrypt') && (defined('MCRYPT_ARCFOUR') || defined('MCRYPT_RC4')) && in_array('arcfour', mcrypt_list_algorithms()):
+ define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_MCRYPT);
+ break;
+ default:
+ define('CRYPT_RC4_MODE', CRYPT_RC4_MODE_INTERNAL);
+ }
+ }
+
+ switch ( CRYPT_RC4_MODE ) {
+ case CRYPT_RC4_MODE_MCRYPT:
+ switch (true) {
+ case defined('MCRYPT_ARCFOUR'):
+ $this->mode = MCRYPT_ARCFOUR;
+ break;
+ case defined('MCRYPT_RC4');
+ $this->mode = MCRYPT_RC4;
+ }
+ $this->encryptStream = mcrypt_module_open($this->mode, '', MCRYPT_MODE_STREAM, '');
+ $this->decryptStream = mcrypt_module_open($this->mode, '', MCRYPT_MODE_STREAM, '');
+
+ }
+ }
+
+ /**
+ * Sets the key.
+ *
+ * Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
+ * be used. If no key is explicitly set, it'll be assumed to be a single null byte.
+ *
+ * @access public
+ * @param String $key
+ */
+ function setKey($key)
+ {
+ $this->key = $key;
+
+ if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
+ mcrypt_generic_init($this->encryptStream, $this->key, '');
+ mcrypt_generic_init($this->decryptStream, $this->key, '');
+ return;
+ }
+
+ $keyLength = strlen($key);
+ $keyStream = array();
+ for ($i = 0; $i < 256; $i++) {
+ $keyStream[$i] = $i;
+ }
+ $j = 0;
+ for ($i = 0; $i < 256; $i++) {
+ $j = ($j + $keyStream[$i] + ord($key[$i % $keyLength])) & 255;
+ $temp = $keyStream[$i];
+ $keyStream[$i] = $keyStream[$j];
+ $keyStream[$j] = $temp;
+ }
+
+ $this->encryptIndex = $this->decryptIndex = array(0, 0);
+ $this->encryptStream = $this->decryptStream = $keyStream;
+ }
+
+ /**
+ * Sets the password.
+ *
+ * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
+ * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}:
+ * $hash, $salt, $count, $dkLen
+ *
+ * @param String $password
+ * @param optional String $method
+ * @access public
+ */
+ function setPassword($password, $method = 'pbkdf2')
+ {
+ $key = '';
+
+ switch ($method) {
+ default: // 'pbkdf2'
+ list(, , $hash, $salt, $count) = func_get_args();
+ if (!isset($hash)) {
+ $hash = 'sha1';
+ }
+ // WPA and WPA2 use the SSID as the salt
+ if (!isset($salt)) {
+ $salt = 'phpseclib/salt';
+ }
+ // RFC2898#section-4.2 uses 1,000 iterations by default
+ // WPA and WPA2 use 4,096.
+ if (!isset($count)) {
+ $count = 1000;
+ }
+ if (!isset($dkLen)) {
+ $dkLen = 128;
+ }
+
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+
+ $i = 1;
+ while (strlen($key) < $dkLen) {
+ //$dk.= $this->_pbkdf($password, $salt, $count, $i++);
+ $hmac = new Crypt_Hash();
+ $hmac->setHash($hash);
+ $hmac->setKey($password);
+ $f = $u = $hmac->hash($salt . pack('N', $i++));
+ for ($j = 2; $j <= $count; $j++) {
+ $u = $hmac->hash($u);
+ $f^= $u;
+ }
+ $key.= $f;
+ }
+ }
+
+ $this->setKey(substr($key, 0, $dkLen));
+ }
+
+ /**
+ * Dummy function.
+ *
+ * Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
+ * If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
+ * calling setKey().
+ *
+ * [1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
+ * the IV's are relatively easy to predict, an attack described by
+ * {@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
+ * can be used to quickly guess at the rest of the key. The following links elaborate:
+ *
+ * {@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
+ * {@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
+ *
+ * @param String $iv
+ * @see Crypt_RC4::setKey()
+ * @access public
+ */
+ function setIV($iv)
+ {
+ }
+
+ /**
+ * Encrypts a message.
+ *
+ * @see Crypt_RC4::_crypt()
+ * @access public
+ * @param String $plaintext
+ */
+ function encrypt($plaintext)
+ {
+ return $this->_crypt($plaintext, CRYPT_RC4_ENCRYPT);
+ }
+
+ /**
+ * Decrypts a message.
+ *
+ * $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
+ * Atleast if the continuous buffer is disabled.
+ *
+ * @see Crypt_RC4::_crypt()
+ * @access public
+ * @param String $ciphertext
+ */
+ function decrypt($ciphertext)
+ {
+ return $this->_crypt($ciphertext, CRYPT_RC4_DECRYPT);
+ }
+
+ /**
+ * Encrypts or decrypts a message.
+ *
+ * @see Crypt_RC4::encrypt()
+ * @see Crypt_RC4::decrypt()
+ * @access private
+ * @param String $text
+ * @param Integer $mode
+ */
+ function _crypt($text, $mode)
+ {
+ if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
+ $keyStream = $mode == CRYPT_RC4_ENCRYPT ? 'encryptStream' : 'decryptStream';
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->$keyStream, $this->key, '');
+ }
+
+ return mcrypt_generic($this->$keyStream, $text);
+ }
+
+ if ($this->encryptStream === false) {
+ $this->setKey($this->key);
+ }
+
+ switch ($mode) {
+ case CRYPT_RC4_ENCRYPT:
+ $keyStream = $this->encryptStream;
+ list($i, $j) = $this->encryptIndex;
+ break;
+ case CRYPT_RC4_DECRYPT:
+ $keyStream = $this->decryptStream;
+ list($i, $j) = $this->decryptIndex;
+ }
+
+ $newText = '';
+ for ($k = 0; $k < strlen($text); $k++) {
+ $i = ($i + 1) & 255;
+ $j = ($j + $keyStream[$i]) & 255;
+ $temp = $keyStream[$i];
+ $keyStream[$i] = $keyStream[$j];
+ $keyStream[$j] = $temp;
+ $temp = $keyStream[($keyStream[$i] + $keyStream[$j]) & 255];
+ $newText.= chr(ord($text[$k]) ^ $temp);
+ }
+
+ if ($this->continuousBuffer) {
+ switch ($mode) {
+ case CRYPT_RC4_ENCRYPT:
+ $this->encryptStream = $keyStream;
+ $this->encryptIndex = array($i, $j);
+ break;
+ case CRYPT_RC4_DECRYPT:
+ $this->decryptStream = $keyStream;
+ $this->decryptIndex = array($i, $j);
+ }
+ }
+
+ return $newText;
+ }
+
+ /**
+ * Treat consecutive "packets" as if they are a continuous buffer.
+ *
+ * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
+ * will yield different outputs:
+ *
+ * <code>
+ * echo $rc4->encrypt(substr($plaintext, 0, 8));
+ * echo $rc4->encrypt(substr($plaintext, 8, 8));
+ * </code>
+ * <code>
+ * echo $rc4->encrypt($plaintext);
+ * </code>
+ *
+ * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
+ * another, as demonstrated with the following:
+ *
+ * <code>
+ * $rc4->encrypt(substr($plaintext, 0, 8));
+ * echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
+ * </code>
+ * <code>
+ * echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
+ * </code>
+ *
+ * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
+ * outputs. The reason is due to the fact that the initialization vector's change after every encryption /
+ * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
+ *
+ * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
+ * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
+ * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
+ * however, they are also less intuitive and more likely to cause you problems.
+ *
+ * @see Crypt_RC4::disableContinuousBuffer()
+ * @access public
+ */
+ function enableContinuousBuffer()
+ {
+ if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
+ mcrypt_generic_init($this->encryptStream, $this->key, '');
+ mcrypt_generic_init($this->decryptStream, $this->key, '');
+ }
+
+ $this->continuousBuffer = true;
+ }
+
+ /**
+ * Treat consecutive packets as if they are a discontinuous buffer.
+ *
+ * The default behavior.
+ *
+ * @see Crypt_RC4::enableContinuousBuffer()
+ * @access public
+ */
+ function disableContinuousBuffer()
+ {
+ if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_INTERNAL ) {
+ $this->encryptIndex = $this->decryptIndex = array(0, 0);
+ $this->encryptStream = $this->decryptStream = false;
+ }
+
+ $this->continuousBuffer = false;
+ }
+
+ /**
+ * Dummy function.
+ *
+ * Since RC4 is a stream cipher and not a block cipher, no padding is necessary. The only reason this function is
+ * included is so that you can switch between a block cipher and a stream cipher transparently.
+ *
+ * @see Crypt_RC4::disablePadding()
+ * @access public
+ */
+ function enablePadding()
+ {
+ }
+
+ /**
+ * Dummy function.
+ *
+ * @see Crypt_RC4::enablePadding()
+ * @access public
+ */
+ function disablePadding()
+ {
+ }
+
+ /**
+ * Class destructor.
+ *
+ * Will be called, automatically, if you're using PHP5. If you're using PHP4, call it yourself. Only really
+ * needs to be called if mcrypt is being used.
+ *
+ * @access public
+ */
+ function __destruct()
+ {
+ if ( CRYPT_RC4_MODE == CRYPT_RC4_MODE_MCRYPT ) {
+ $this->_closeMCrypt();
+ }
+ }
+
+ /**
+ * Properly close the MCrypt objects.
+ *
+ * @access prviate
+ */
+ function _closeMCrypt()
+ {
+ mcrypt_module_close($this->encryptStream);
+ mcrypt_module_close($this->decryptStream);
+ }
+}
+
+// vim: ts=4:sw=4:et:
+// vim6: fdl=1: \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RSA.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RSA.php
new file mode 100644
index 00000000000..db1ba1581b6
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/RSA.php
@@ -0,0 +1,2646 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP PKCS#1 (v2.1) compliant implementation of RSA.
+ *
+ * PHP versions 4 and 5
+ *
+ * Here's an example of how to encrypt and decrypt text with this library:
+ * <code>
+ * <?php
+ * include('Crypt/RSA.php');
+ *
+ * $rsa = new Crypt_RSA();
+ * extract($rsa->createKey());
+ *
+ * $plaintext = 'terrafrost';
+ *
+ * $rsa->loadKey($privatekey);
+ * $ciphertext = $rsa->encrypt($plaintext);
+ *
+ * $rsa->loadKey($publickey);
+ * echo $rsa->decrypt($ciphertext);
+ * ?>
+ * </code>
+ *
+ * Here's an example of how to create signatures and verify signatures with this library:
+ * <code>
+ * <?php
+ * include('Crypt/RSA.php');
+ *
+ * $rsa = new Crypt_RSA();
+ * extract($rsa->createKey());
+ *
+ * $plaintext = 'terrafrost';
+ *
+ * $rsa->loadKey($privatekey);
+ * $signature = $rsa->sign($plaintext);
+ *
+ * $rsa->loadKey($publickey);
+ * echo $rsa->verify($plaintext, $signature) ? 'verified' : 'unverified';
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_RSA
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMIX Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: RSA.php,v 1.19 2010/09/12 21:58:54 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Math_BigInteger
+ */
+if (!class_exists('Math_BigInteger')) {
+ require_once('Math/BigInteger.php');
+}
+
+/**
+ * Include Crypt_Random
+ */
+// the class_exists() will only be called if the crypt_random_string function hasn't been defined and
+// will trigger a call to __autoload() if you're wanting to auto-load classes
+// call function_exists() a second time to stop the require_once from being called outside
+// of the auto loader
+if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
+ require_once('Crypt/Random.php');
+}
+
+/**
+ * Include Crypt_Hash
+ */
+if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+}
+
+/**#@+
+ * @access public
+ * @see Crypt_RSA::encrypt()
+ * @see Crypt_RSA::decrypt()
+ */
+/**
+ * Use {@link http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding Optimal Asymmetric Encryption Padding}
+ * (OAEP) for encryption / decryption.
+ *
+ * Uses sha1 by default.
+ *
+ * @see Crypt_RSA::setHash()
+ * @see Crypt_RSA::setMGFHash()
+ */
+define('CRYPT_RSA_ENCRYPTION_OAEP', 1);
+/**
+ * Use PKCS#1 padding.
+ *
+ * Although CRYPT_RSA_ENCRYPTION_OAEP offers more security, including PKCS#1 padding is necessary for purposes of backwards
+ * compatability with protocols (like SSH-1) written before OAEP's introduction.
+ */
+define('CRYPT_RSA_ENCRYPTION_PKCS1', 2);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Crypt_RSA::sign()
+ * @see Crypt_RSA::verify()
+ * @see Crypt_RSA::setHash()
+ */
+/**
+ * Use the Probabilistic Signature Scheme for signing
+ *
+ * Uses sha1 by default.
+ *
+ * @see Crypt_RSA::setSaltLength()
+ * @see Crypt_RSA::setMGFHash()
+ */
+define('CRYPT_RSA_SIGNATURE_PSS', 1);
+/**
+ * Use the PKCS#1 scheme by default.
+ *
+ * Although CRYPT_RSA_SIGNATURE_PSS offers more security, including PKCS#1 signing is necessary for purposes of backwards
+ * compatability with protocols (like SSH-2) written before PSS's introduction.
+ */
+define('CRYPT_RSA_SIGNATURE_PKCS1', 2);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Crypt_RSA::createKey()
+ */
+/**
+ * ASN1 Integer
+ */
+define('CRYPT_RSA_ASN1_INTEGER', 2);
+/**
+ * ASN1 Bit String
+ */
+define('CRYPT_RSA_ASN1_BITSTRING', 3);
+/**
+ * ASN1 Sequence (with the constucted bit set)
+ */
+define('CRYPT_RSA_ASN1_SEQUENCE', 48);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Crypt_RSA::Crypt_RSA()
+ */
+/**
+ * To use the pure-PHP implementation
+ */
+define('CRYPT_RSA_MODE_INTERNAL', 1);
+/**
+ * To use the OpenSSL library
+ *
+ * (if enabled; otherwise, the internal implementation will be used)
+ */
+define('CRYPT_RSA_MODE_OPENSSL', 2);
+/**#@-*/
+
+/**
+ * Default openSSL configuration file.
+ */
+define('CRYPT_RSA_OPENSSL_CONFIG', dirname(__FILE__) . '/../openssl.cnf');
+
+
+/**#@+
+ * @access public
+ * @see Crypt_RSA::createKey()
+ * @see Crypt_RSA::setPrivateKeyFormat()
+ */
+/**
+ * PKCS#1 formatted private key
+ *
+ * Used by OpenSSH
+ */
+define('CRYPT_RSA_PRIVATE_FORMAT_PKCS1', 0);
+/**
+ * PuTTY formatted private key
+ */
+define('CRYPT_RSA_PRIVATE_FORMAT_PUTTY', 1);
+/**
+ * XML formatted private key
+ */
+define('CRYPT_RSA_PRIVATE_FORMAT_XML', 2);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Crypt_RSA::createKey()
+ * @see Crypt_RSA::setPublicKeyFormat()
+ */
+/**
+ * Raw public key
+ *
+ * An array containing two Math_BigInteger objects.
+ *
+ * The exponent can be indexed with any of the following:
+ *
+ * 0, e, exponent, publicExponent
+ *
+ * The modulus can be indexed with any of the following:
+ *
+ * 1, n, modulo, modulus
+ */
+define('CRYPT_RSA_PUBLIC_FORMAT_RAW', 3);
+/**
+ * PKCS#1 formatted public key (raw)
+ *
+ * Used by File/X509.php
+ */
+define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW', 4);
+/**
+ * XML formatted public key
+ */
+define('CRYPT_RSA_PUBLIC_FORMAT_XML', 5);
+/**
+ * OpenSSH formatted public key
+ *
+ * Place in $HOME/.ssh/authorized_keys
+ */
+define('CRYPT_RSA_PUBLIC_FORMAT_OPENSSH', 6);
+/**
+ * PKCS#1 formatted public key (encapsulated)
+ *
+ * Used by PHP's openssl_public_encrypt() and openssl's rsautl (when -pubin is set)
+ */
+define('CRYPT_RSA_PUBLIC_FORMAT_PKCS1', 7);
+/**#@-*/
+
+/**
+ * Pure-PHP PKCS#1 compliant implementation of RSA.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_RSA
+ */
+class Crypt_RSA {
+ /**
+ * Precomputed Zero
+ *
+ * @var Array
+ * @access private
+ */
+ var $zero;
+
+ /**
+ * Precomputed One
+ *
+ * @var Array
+ * @access private
+ */
+ var $one;
+
+ /**
+ * Private Key Format
+ *
+ * @var Integer
+ * @access private
+ */
+ var $privateKeyFormat = CRYPT_RSA_PRIVATE_FORMAT_PKCS1;
+
+ /**
+ * Public Key Format
+ *
+ * @var Integer
+ * @access public
+ */
+ var $publicKeyFormat = CRYPT_RSA_PUBLIC_FORMAT_PKCS1;
+
+ /**
+ * Modulus (ie. n)
+ *
+ * @var Math_BigInteger
+ * @access private
+ */
+ var $modulus;
+
+ /**
+ * Modulus length
+ *
+ * @var Math_BigInteger
+ * @access private
+ */
+ var $k;
+
+ /**
+ * Exponent (ie. e or d)
+ *
+ * @var Math_BigInteger
+ * @access private
+ */
+ var $exponent;
+
+ /**
+ * Primes for Chinese Remainder Theorem (ie. p and q)
+ *
+ * @var Array
+ * @access private
+ */
+ var $primes;
+
+ /**
+ * Exponents for Chinese Remainder Theorem (ie. dP and dQ)
+ *
+ * @var Array
+ * @access private
+ */
+ var $exponents;
+
+ /**
+ * Coefficients for Chinese Remainder Theorem (ie. qInv)
+ *
+ * @var Array
+ * @access private
+ */
+ var $coefficients;
+
+ /**
+ * Hash name
+ *
+ * @var String
+ * @access private
+ */
+ var $hashName;
+
+ /**
+ * Hash function
+ *
+ * @var Crypt_Hash
+ * @access private
+ */
+ var $hash;
+
+ /**
+ * Length of hash function output
+ *
+ * @var Integer
+ * @access private
+ */
+ var $hLen;
+
+ /**
+ * Length of salt
+ *
+ * @var Integer
+ * @access private
+ */
+ var $sLen;
+
+ /**
+ * Hash function for the Mask Generation Function
+ *
+ * @var Crypt_Hash
+ * @access private
+ */
+ var $mgfHash;
+
+ /**
+ * Length of MGF hash function output
+ *
+ * @var Integer
+ * @access private
+ */
+ var $mgfHLen;
+
+ /**
+ * Encryption mode
+ *
+ * @var Integer
+ * @access private
+ */
+ var $encryptionMode = CRYPT_RSA_ENCRYPTION_OAEP;
+
+ /**
+ * Signature mode
+ *
+ * @var Integer
+ * @access private
+ */
+ var $signatureMode = CRYPT_RSA_SIGNATURE_PSS;
+
+ /**
+ * Public Exponent
+ *
+ * @var Mixed
+ * @access private
+ */
+ var $publicExponent = false;
+
+ /**
+ * Password
+ *
+ * @var String
+ * @access private
+ */
+ var $password = false;
+
+ /**
+ * Components
+ *
+ * For use with parsing XML formatted keys. PHP's XML Parser functions use utilized - instead of PHP's DOM functions -
+ * because PHP's XML Parser functions work on PHP4 whereas PHP's DOM functions - although surperior - don't.
+ *
+ * @see Crypt_RSA::_start_element_handler()
+ * @var Array
+ * @access private
+ */
+ var $components = array();
+
+ /**
+ * Current String
+ *
+ * For use with parsing XML formatted keys.
+ *
+ * @see Crypt_RSA::_character_handler()
+ * @see Crypt_RSA::_stop_element_handler()
+ * @var Mixed
+ * @access private
+ */
+ var $current;
+
+ /**
+ * OpenSSL configuration file name.
+ *
+ * Set to NULL to use system configuration file.
+ * @see Crypt_RSA::createKey()
+ * @var Mixed
+ * @Access public
+ */
+ var $configFile;
+
+ /**
+ * The constructor
+ *
+ * If you want to make use of the openssl extension, you'll need to set the mode manually, yourself. The reason
+ * Crypt_RSA doesn't do it is because OpenSSL doesn't fail gracefully. openssl_pkey_new(), in particular, requires
+ * openssl.cnf be present somewhere and, unfortunately, the only real way to find out is too late.
+ *
+ * @return Crypt_RSA
+ * @access public
+ */
+ function Crypt_RSA()
+ {
+ $this->configFile = CRYPT_RSA_OPENSSL_CONFIG;
+
+ if ( !defined('CRYPT_RSA_MODE') ) {
+ switch (true) {
+ case extension_loaded('openssl') && version_compare(PHP_VERSION, '4.2.0', '>='):
+ define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_OPENSSL);
+ break;
+ default:
+ define('CRYPT_RSA_MODE', CRYPT_RSA_MODE_INTERNAL);
+ }
+ }
+
+ if (!defined('CRYPT_RSA_COMMENT')) {
+ define('CRYPT_RSA_COMMENT', 'phpseclib-generated-key');
+ }
+
+ $this->zero = new Math_BigInteger();
+ $this->one = new Math_BigInteger(1);
+
+ $this->hash = new Crypt_Hash('sha1');
+ $this->hLen = $this->hash->getLength();
+ $this->hashName = 'sha1';
+ $this->mgfHash = new Crypt_Hash('sha1');
+ $this->mgfHLen = $this->mgfHash->getLength();
+ }
+
+ /**
+ * Create public / private key pair
+ *
+ * Returns an array with the following three elements:
+ * - 'privatekey': The private key.
+ * - 'publickey': The public key.
+ * - 'partialkey': A partially computed key (if the execution time exceeded $timeout).
+ * Will need to be passed back to Crypt_RSA::createKey() as the third parameter for further processing.
+ *
+ * @access public
+ * @param optional Integer $bits
+ * @param optional Integer $timeout
+ * @param optional Math_BigInteger $p
+ */
+ function createKey($bits = 1024, $timeout = false, $partial = array())
+ {
+ if (!defined('CRYPT_RSA_EXPONENT')) {
+ // http://en.wikipedia.org/wiki/65537_%28number%29
+ define('CRYPT_RSA_EXPONENT', '65537');
+ }
+ // per <http://cseweb.ucsd.edu/~hovav/dist/survey.pdf#page=5>, this number ought not result in primes smaller
+ // than 256 bits. as a consequence if the key you're trying to create is 1024 bits and you've set CRYPT_RSA_SMALLEST_PRIME
+ // to 384 bits then you're going to get a 384 bit prime and a 640 bit prime (384 + 1024 % 384). at least if
+ // CRYPT_RSA_MODE is set to CRYPT_RSA_MODE_INTERNAL. if CRYPT_RSA_MODE is set to CRYPT_RSA_MODE_OPENSSL then
+ // CRYPT_RSA_SMALLEST_PRIME is ignored (ie. multi-prime RSA support is more intended as a way to speed up RSA key
+ // generation when there's a chance neither gmp nor OpenSSL are installed)
+ if (!defined('CRYPT_RSA_SMALLEST_PRIME')) {
+ define('CRYPT_RSA_SMALLEST_PRIME', 4096);
+ }
+
+ // OpenSSL uses 65537 as the exponent and requires RSA keys be 384 bits minimum
+ if ( CRYPT_RSA_MODE == CRYPT_RSA_MODE_OPENSSL && $bits >= 384 && CRYPT_RSA_EXPONENT == 65537) {
+ $config = array();
+ if (isset($this->configFile)) {
+ $config['config'] = $this->configFile;
+ }
+ $rsa = openssl_pkey_new(array('private_key_bits' => $bits) + $config);
+ openssl_pkey_export($rsa, $privatekey, NULL, $config);
+ $publickey = openssl_pkey_get_details($rsa);
+ $publickey = $publickey['key'];
+
+ $privatekey = call_user_func_array(array($this, '_convertPrivateKey'), array_values($this->_parseKey($privatekey, CRYPT_RSA_PRIVATE_FORMAT_PKCS1)));
+ $publickey = call_user_func_array(array($this, '_convertPublicKey'), array_values($this->_parseKey($publickey, CRYPT_RSA_PUBLIC_FORMAT_PKCS1)));
+
+ // clear the buffer of error strings stemming from a minimalistic openssl.cnf
+ while (openssl_error_string() !== false);
+
+ return array(
+ 'privatekey' => $privatekey,
+ 'publickey' => $publickey,
+ 'partialkey' => false
+ );
+ }
+
+ static $e;
+ if (!isset($e)) {
+ $e = new Math_BigInteger(CRYPT_RSA_EXPONENT);
+ }
+
+ extract($this->_generateMinMax($bits));
+ $absoluteMin = $min;
+ $temp = $bits >> 1; // divide by two to see how many bits P and Q would be
+ if ($temp > CRYPT_RSA_SMALLEST_PRIME) {
+ $num_primes = floor($bits / CRYPT_RSA_SMALLEST_PRIME);
+ $temp = CRYPT_RSA_SMALLEST_PRIME;
+ } else {
+ $num_primes = 2;
+ }
+ extract($this->_generateMinMax($temp + $bits % $temp));
+ $finalMax = $max;
+ extract($this->_generateMinMax($temp));
+
+ $generator = new Math_BigInteger();
+
+ $n = $this->one->copy();
+ if (!empty($partial)) {
+ extract(unserialize($partial));
+ } else {
+ $exponents = $coefficients = $primes = array();
+ $lcm = array(
+ 'top' => $this->one->copy(),
+ 'bottom' => false
+ );
+ }
+
+ $start = time();
+ $i0 = count($primes) + 1;
+
+ do {
+ for ($i = $i0; $i <= $num_primes; $i++) {
+ if ($timeout !== false) {
+ $timeout-= time() - $start;
+ $start = time();
+ if ($timeout <= 0) {
+ return array(
+ 'privatekey' => '',
+ 'publickey' => '',
+ 'partialkey' => serialize(array(
+ 'primes' => $primes,
+ 'coefficients' => $coefficients,
+ 'lcm' => $lcm,
+ 'exponents' => $exponents
+ ))
+ );
+ }
+ }
+
+ if ($i == $num_primes) {
+ list($min, $temp) = $absoluteMin->divide($n);
+ if (!$temp->equals($this->zero)) {
+ $min = $min->add($this->one); // ie. ceil()
+ }
+ $primes[$i] = $generator->randomPrime($min, $finalMax, $timeout);
+ } else {
+ $primes[$i] = $generator->randomPrime($min, $max, $timeout);
+ }
+
+ if ($primes[$i] === false) { // if we've reached the timeout
+ if (count($primes) > 1) {
+ $partialkey = '';
+ } else {
+ array_pop($primes);
+ $partialkey = serialize(array(
+ 'primes' => $primes,
+ 'coefficients' => $coefficients,
+ 'lcm' => $lcm,
+ 'exponents' => $exponents
+ ));
+ }
+
+ return array(
+ 'privatekey' => '',
+ 'publickey' => '',
+ 'partialkey' => $partialkey
+ );
+ }
+
+ // the first coefficient is calculated differently from the rest
+ // ie. instead of being $primes[1]->modInverse($primes[2]), it's $primes[2]->modInverse($primes[1])
+ if ($i > 2) {
+ $coefficients[$i] = $n->modInverse($primes[$i]);
+ }
+
+ $n = $n->multiply($primes[$i]);
+
+ $temp = $primes[$i]->subtract($this->one);
+
+ // textbook RSA implementations use Euler's totient function instead of the least common multiple.
+ // see http://en.wikipedia.org/wiki/Euler%27s_totient_function
+ $lcm['top'] = $lcm['top']->multiply($temp);
+ $lcm['bottom'] = $lcm['bottom'] === false ? $temp : $lcm['bottom']->gcd($temp);
+
+ $exponents[$i] = $e->modInverse($temp);
+ }
+
+ list($lcm) = $lcm['top']->divide($lcm['bottom']);
+ $gcd = $lcm->gcd($e);
+ $i0 = 1;
+ } while (!$gcd->equals($this->one));
+
+ $d = $e->modInverse($lcm);
+
+ $coefficients[2] = $primes[2]->modInverse($primes[1]);
+
+ // from <http://tools.ietf.org/html/rfc3447#appendix-A.1.2>:
+ // RSAPrivateKey ::= SEQUENCE {
+ // version Version,
+ // modulus INTEGER, -- n
+ // publicExponent INTEGER, -- e
+ // privateExponent INTEGER, -- d
+ // prime1 INTEGER, -- p
+ // prime2 INTEGER, -- q
+ // exponent1 INTEGER, -- d mod (p-1)
+ // exponent2 INTEGER, -- d mod (q-1)
+ // coefficient INTEGER, -- (inverse of q) mod p
+ // otherPrimeInfos OtherPrimeInfos OPTIONAL
+ // }
+
+ return array(
+ 'privatekey' => $this->_convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients),
+ 'publickey' => $this->_convertPublicKey($n, $e),
+ 'partialkey' => false
+ );
+ }
+
+ /**
+ * Convert a private key to the appropriate format.
+ *
+ * @access private
+ * @see setPrivateKeyFormat()
+ * @param String $RSAPrivateKey
+ * @return String
+ */
+ function _convertPrivateKey($n, $e, $d, $primes, $exponents, $coefficients)
+ {
+ $num_primes = count($primes);
+ $raw = array(
+ 'version' => $num_primes == 2 ? chr(0) : chr(1), // two-prime vs. multi
+ 'modulus' => $n->toBytes(true),
+ 'publicExponent' => $e->toBytes(true),
+ 'privateExponent' => $d->toBytes(true),
+ 'prime1' => $primes[1]->toBytes(true),
+ 'prime2' => $primes[2]->toBytes(true),
+ 'exponent1' => $exponents[1]->toBytes(true),
+ 'exponent2' => $exponents[2]->toBytes(true),
+ 'coefficient' => $coefficients[2]->toBytes(true)
+ );
+
+ // if the format in question does not support multi-prime rsa and multi-prime rsa was used,
+ // call _convertPublicKey() instead.
+ switch ($this->privateKeyFormat) {
+ case CRYPT_RSA_PRIVATE_FORMAT_XML:
+ if ($num_primes != 2) {
+ return false;
+ }
+ return "<RSAKeyValue>\r\n" .
+ ' <Modulus>' . base64_encode($raw['modulus']) . "</Modulus>\r\n" .
+ ' <Exponent>' . base64_encode($raw['publicExponent']) . "</Exponent>\r\n" .
+ ' <P>' . base64_encode($raw['prime1']) . "</P>\r\n" .
+ ' <Q>' . base64_encode($raw['prime2']) . "</Q>\r\n" .
+ ' <DP>' . base64_encode($raw['exponent1']) . "</DP>\r\n" .
+ ' <DQ>' . base64_encode($raw['exponent2']) . "</DQ>\r\n" .
+ ' <InverseQ>' . base64_encode($raw['coefficient']) . "</InverseQ>\r\n" .
+ ' <D>' . base64_encode($raw['privateExponent']) . "</D>\r\n" .
+ '</RSAKeyValue>';
+ break;
+ case CRYPT_RSA_PRIVATE_FORMAT_PUTTY:
+ if ($num_primes != 2) {
+ return false;
+ }
+ $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: ";
+ $encryption = (!empty($this->password) || is_string($this->password)) ? 'aes256-cbc' : 'none';
+ $key.= $encryption;
+ $key.= "\r\nComment: " . CRYPT_RSA_COMMENT . "\r\n";
+ $public = pack('Na*Na*Na*',
+ strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']
+ );
+ $source = pack('Na*Na*Na*Na*',
+ strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption,
+ strlen(CRYPT_RSA_COMMENT), CRYPT_RSA_COMMENT, strlen($public), $public
+ );
+ $public = base64_encode($public);
+ $key.= "Public-Lines: " . ((strlen($public) + 32) >> 6) . "\r\n";
+ $key.= chunk_split($public, 64);
+ $private = pack('Na*Na*Na*Na*',
+ strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'],
+ strlen($raw['prime2']), $raw['prime2'], strlen($raw['coefficient']), $raw['coefficient']
+ );
+ if (empty($this->password) && !is_string($this->password)) {
+ $source.= pack('Na*', strlen($private), $private);
+ $hashkey = 'putty-private-key-file-mac-key';
+ } else {
+ $private.= crypt_random_string(16 - (strlen($private) & 15));
+ $source.= pack('Na*', strlen($private), $private);
+ if (!class_exists('Crypt_AES')) {
+ require_once('Crypt/AES.php');
+ }
+ $sequence = 0;
+ $symkey = '';
+ while (strlen($symkey) < 32) {
+ $temp = pack('Na*', $sequence++, $this->password);
+ $symkey.= pack('H*', sha1($temp));
+ }
+ $symkey = substr($symkey, 0, 32);
+ $crypto = new Crypt_AES();
+
+ $crypto->setKey($symkey);
+ $crypto->disablePadding();
+ $private = $crypto->encrypt($private);
+ $hashkey = 'putty-private-key-file-mac-key' . $this->password;
+ }
+
+ $private = base64_encode($private);
+ $key.= 'Private-Lines: ' . ((strlen($private) + 32) >> 6) . "\r\n";
+ $key.= chunk_split($private, 64);
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+ $hash = new Crypt_Hash('sha1');
+ $hash->setKey(pack('H*', sha1($hashkey)));
+ $key.= 'Private-MAC: ' . bin2hex($hash->hash($source)) . "\r\n";
+
+ return $key;
+ default: // eg. CRYPT_RSA_PRIVATE_FORMAT_PKCS1
+ $components = array();
+ foreach ($raw as $name => $value) {
+ $components[$name] = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($value)), $value);
+ }
+
+ $RSAPrivateKey = implode('', $components);
+
+ if ($num_primes > 2) {
+ $OtherPrimeInfos = '';
+ for ($i = 3; $i <= $num_primes; $i++) {
+ // OtherPrimeInfos ::= SEQUENCE SIZE(1..MAX) OF OtherPrimeInfo
+ //
+ // OtherPrimeInfo ::= SEQUENCE {
+ // prime INTEGER, -- ri
+ // exponent INTEGER, -- di
+ // coefficient INTEGER -- ti
+ // }
+ $OtherPrimeInfo = pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($primes[$i]->toBytes(true))), $primes[$i]->toBytes(true));
+ $OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($exponents[$i]->toBytes(true))), $exponents[$i]->toBytes(true));
+ $OtherPrimeInfo.= pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($coefficients[$i]->toBytes(true))), $coefficients[$i]->toBytes(true));
+ $OtherPrimeInfos.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfo)), $OtherPrimeInfo);
+ }
+ $RSAPrivateKey.= pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($OtherPrimeInfos)), $OtherPrimeInfos);
+ }
+
+ $RSAPrivateKey = pack('Ca*a*', CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($RSAPrivateKey)), $RSAPrivateKey);
+
+ if (!empty($this->password) || is_string($this->password)) {
+ $iv = crypt_random_string(8);
+ $symkey = pack('H*', md5($this->password . $iv)); // symkey is short for symmetric key
+ $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
+ if (!class_exists('Crypt_TripleDES')) {
+ require_once('Crypt/TripleDES.php');
+ }
+ $des = new Crypt_TripleDES();
+ $des->setKey($symkey);
+ $des->setIV($iv);
+ $iv = strtoupper(bin2hex($iv));
+ $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
+ "Proc-Type: 4,ENCRYPTED\r\n" .
+ "DEK-Info: DES-EDE3-CBC,$iv\r\n" .
+ "\r\n" .
+ chunk_split(base64_encode($des->encrypt($RSAPrivateKey)), 64) .
+ '-----END RSA PRIVATE KEY-----';
+ } else {
+ $RSAPrivateKey = "-----BEGIN RSA PRIVATE KEY-----\r\n" .
+ chunk_split(base64_encode($RSAPrivateKey), 64) .
+ '-----END RSA PRIVATE KEY-----';
+ }
+
+ return $RSAPrivateKey;
+ }
+ }
+
+ /**
+ * Convert a public key to the appropriate format
+ *
+ * @access private
+ * @see setPublicKeyFormat()
+ * @param String $RSAPrivateKey
+ * @return String
+ */
+ function _convertPublicKey($n, $e)
+ {
+ $modulus = $n->toBytes(true);
+ $publicExponent = $e->toBytes(true);
+
+ switch ($this->publicKeyFormat) {
+ case CRYPT_RSA_PUBLIC_FORMAT_RAW:
+ return array('e' => $e->copy(), 'n' => $n->copy());
+ case CRYPT_RSA_PUBLIC_FORMAT_XML:
+ return "<RSAKeyValue>\r\n" .
+ ' <Modulus>' . base64_encode($modulus) . "</Modulus>\r\n" .
+ ' <Exponent>' . base64_encode($publicExponent) . "</Exponent>\r\n" .
+ '</RSAKeyValue>';
+ break;
+ case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
+ // from <http://tools.ietf.org/html/rfc4253#page-15>:
+ // string "ssh-rsa"
+ // mpint e
+ // mpint n
+ $RSAPublicKey = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publicExponent), $publicExponent, strlen($modulus), $modulus);
+ $RSAPublicKey = 'ssh-rsa ' . base64_encode($RSAPublicKey) . ' ' . CRYPT_RSA_COMMENT;
+
+ return $RSAPublicKey;
+ default: // eg. CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW or CRYPT_RSA_PUBLIC_FORMAT_PKCS1
+ // from <http://tools.ietf.org/html/rfc3447#appendix-A.1.1>:
+ // RSAPublicKey ::= SEQUENCE {
+ // modulus INTEGER, -- n
+ // publicExponent INTEGER -- e
+ // }
+ $components = array(
+ 'modulus' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($modulus)), $modulus),
+ 'publicExponent' => pack('Ca*a*', CRYPT_RSA_ASN1_INTEGER, $this->_encodeLength(strlen($publicExponent)), $publicExponent)
+ );
+
+ $RSAPublicKey = pack('Ca*a*a*',
+ CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($components['modulus']) + strlen($components['publicExponent'])),
+ $components['modulus'], $components['publicExponent']
+ );
+
+ if ($this->publicKeyFormat == CRYPT_RSA_PUBLIC_FORMAT_PKCS1) {
+ // sequence(oid(1.2.840.113549.1.1.1), null)) = rsaEncryption.
+ $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
+ $RSAPublicKey = chr(0) . $RSAPublicKey;
+ $RSAPublicKey = chr(3) . $this->_encodeLength(strlen($RSAPublicKey)) . $RSAPublicKey;
+
+ $RSAPublicKey = pack('Ca*a*',
+ CRYPT_RSA_ASN1_SEQUENCE, $this->_encodeLength(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey
+ );
+ }
+
+ $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
+ chunk_split(base64_encode($RSAPublicKey), 64) .
+ '-----END PUBLIC KEY-----';
+
+ return $RSAPublicKey;
+ }
+ }
+
+ /**
+ * Break a public or private key down into its constituant components
+ *
+ * @access private
+ * @see _convertPublicKey()
+ * @see _convertPrivateKey()
+ * @param String $key
+ * @param Integer $type
+ * @return Array
+ */
+ function _parseKey($key, $type)
+ {
+ if ($type != CRYPT_RSA_PUBLIC_FORMAT_RAW && !is_string($key)) {
+ return false;
+ }
+
+ switch ($type) {
+ case CRYPT_RSA_PUBLIC_FORMAT_RAW:
+ if (!is_array($key)) {
+ return false;
+ }
+ $components = array();
+ switch (true) {
+ case isset($key['e']):
+ $components['publicExponent'] = $key['e']->copy();
+ break;
+ case isset($key['exponent']):
+ $components['publicExponent'] = $key['exponent']->copy();
+ break;
+ case isset($key['publicExponent']):
+ $components['publicExponent'] = $key['publicExponent']->copy();
+ break;
+ case isset($key[0]):
+ $components['publicExponent'] = $key[0]->copy();
+ }
+ switch (true) {
+ case isset($key['n']):
+ $components['modulus'] = $key['n']->copy();
+ break;
+ case isset($key['modulo']):
+ $components['modulus'] = $key['modulo']->copy();
+ break;
+ case isset($key['modulus']):
+ $components['modulus'] = $key['modulus']->copy();
+ break;
+ case isset($key[1]):
+ $components['modulus'] = $key[1]->copy();
+ }
+ return isset($components['modulus']) && isset($components['publicExponent']) ? $components : false;
+ case CRYPT_RSA_PRIVATE_FORMAT_PKCS1:
+ case CRYPT_RSA_PUBLIC_FORMAT_PKCS1:
+ /* Although PKCS#1 proposes a format that public and private keys can use, encrypting them is
+ "outside the scope" of PKCS#1. PKCS#1 then refers you to PKCS#12 and PKCS#15 if you're wanting to
+ protect private keys, however, that's not what OpenSSL* does. OpenSSL protects private keys by adding
+ two new "fields" to the key - DEK-Info and Proc-Type. These fields are discussed here:
+
+ http://tools.ietf.org/html/rfc1421#section-4.6.1.1
+ http://tools.ietf.org/html/rfc1421#section-4.6.1.3
+
+ DES-EDE3-CBC as an algorithm, however, is not discussed anywhere, near as I can tell.
+ DES-CBC and DES-EDE are discussed in RFC1423, however, DES-EDE3-CBC isn't, nor is its key derivation
+ function. As is, the definitive authority on this encoding scheme isn't the IETF but rather OpenSSL's
+ own implementation. ie. the implementation *is* the standard and any bugs that may exist in that
+ implementation are part of the standard, as well.
+
+ * OpenSSL is the de facto standard. It's utilized by OpenSSH and other projects */
+ if (preg_match('#DEK-Info: (.+),(.+)#', $key, $matches)) {
+ $iv = pack('H*', trim($matches[2]));
+ $symkey = pack('H*', md5($this->password . substr($iv, 0, 8))); // symkey is short for symmetric key
+ $symkey.= substr(pack('H*', md5($symkey . $this->password . $iv)), 0, 8);
+ $ciphertext = preg_replace('#.+(\r|\n|\r\n)\1|[\r\n]|-.+-| #s', '', $key);
+ $ciphertext = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $ciphertext) ? base64_decode($ciphertext) : false;
+ if ($ciphertext === false) {
+ $ciphertext = $key;
+ }
+ switch ($matches[1]) {
+ case 'AES-128-CBC':
+ if (!class_exists('Crypt_AES')) {
+ require_once('Crypt/AES.php');
+ }
+ $symkey = substr($symkey, 0, 16);
+ $crypto = new Crypt_AES();
+ break;
+ case 'DES-EDE3-CFB':
+ if (!class_exists('Crypt_TripleDES')) {
+ require_once('Crypt/TripleDES.php');
+ }
+ $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CFB);
+ break;
+ case 'DES-EDE3-CBC':
+ if (!class_exists('Crypt_TripleDES')) {
+ require_once('Crypt/TripleDES.php');
+ }
+ $crypto = new Crypt_TripleDES();
+ break;
+ case 'DES-CBC':
+ if (!class_exists('Crypt_DES')) {
+ require_once('Crypt/DES.php');
+ }
+ $crypto = new Crypt_DES();
+ break;
+ default:
+ return false;
+ }
+ $crypto->setKey($symkey);
+ $crypto->setIV($iv);
+ $decoded = $crypto->decrypt($ciphertext);
+ } else {
+ $decoded = preg_replace('#-.+-|[\r\n]| #', '', $key);
+ $decoded = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $decoded) ? base64_decode($decoded) : false;
+ }
+
+ if ($decoded !== false) {
+ $key = $decoded;
+ }
+
+ $components = array();
+
+ if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
+ return false;
+ }
+ if ($this->_decodeLength($key) != strlen($key)) {
+ return false;
+ }
+
+ $tag = ord($this->_string_shift($key));
+ /* intended for keys for which OpenSSL's asn1parse returns the following:
+
+ 0:d=0 hl=4 l= 631 cons: SEQUENCE
+ 4:d=1 hl=2 l= 1 prim: INTEGER :00
+ 7:d=1 hl=2 l= 13 cons: SEQUENCE
+ 9:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 20:d=2 hl=2 l= 0 prim: NULL
+ 22:d=1 hl=4 l= 609 prim: OCTET STRING */
+
+ if ($tag == CRYPT_RSA_ASN1_INTEGER && substr($key, 0, 3) == "\x01\x00\x30") {
+ $this->_string_shift($key, 3);
+ $tag = CRYPT_RSA_ASN1_SEQUENCE;
+ }
+
+ if ($tag == CRYPT_RSA_ASN1_SEQUENCE) {
+ /* intended for keys for which OpenSSL's asn1parse returns the following:
+
+ 0:d=0 hl=4 l= 290 cons: SEQUENCE
+ 4:d=1 hl=2 l= 13 cons: SEQUENCE
+ 6:d=2 hl=2 l= 9 prim: OBJECT :rsaEncryption
+ 17:d=2 hl=2 l= 0 prim: NULL
+ 19:d=1 hl=4 l= 271 prim: BIT STRING */
+ $this->_string_shift($key, $this->_decodeLength($key));
+ $tag = ord($this->_string_shift($key)); // skip over the BIT STRING / OCTET STRING tag
+ $this->_decodeLength($key); // skip over the BIT STRING / OCTET STRING length
+ // "The initial octet shall encode, as an unsigned binary integer wtih bit 1 as the least significant bit, the number of
+ // unused bits in the final subsequent octet. The number shall be in the range zero to seven."
+ // -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf (section 8.6.2.2)
+ if ($tag == CRYPT_RSA_ASN1_BITSTRING) {
+ $this->_string_shift($key);
+ }
+ if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
+ return false;
+ }
+ if ($this->_decodeLength($key) != strlen($key)) {
+ return false;
+ }
+ $tag = ord($this->_string_shift($key));
+ }
+ if ($tag != CRYPT_RSA_ASN1_INTEGER) {
+ return false;
+ }
+
+ $length = $this->_decodeLength($key);
+ $temp = $this->_string_shift($key, $length);
+ if (strlen($temp) != 1 || ord($temp) > 2) {
+ $components['modulus'] = new Math_BigInteger($temp, 256);
+ $this->_string_shift($key); // skip over CRYPT_RSA_ASN1_INTEGER
+ $length = $this->_decodeLength($key);
+ $components[$type == CRYPT_RSA_PUBLIC_FORMAT_PKCS1 ? 'publicExponent' : 'privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+
+ return $components;
+ }
+ if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_INTEGER) {
+ return false;
+ }
+ $length = $this->_decodeLength($key);
+ $components['modulus'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['publicExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['privateExponent'] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256));
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['exponents'] = array(1 => new Math_BigInteger($this->_string_shift($key, $length), 256));
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($key, $length), 256));
+
+ if (!empty($key)) {
+ if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
+ return false;
+ }
+ $this->_decodeLength($key);
+ while (!empty($key)) {
+ if (ord($this->_string_shift($key)) != CRYPT_RSA_ASN1_SEQUENCE) {
+ return false;
+ }
+ $this->_decodeLength($key);
+ $key = substr($key, 1);
+ $length = $this->_decodeLength($key);
+ $components['primes'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['exponents'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ $this->_string_shift($key);
+ $length = $this->_decodeLength($key);
+ $components['coefficients'][] = new Math_BigInteger($this->_string_shift($key, $length), 256);
+ }
+ }
+
+ return $components;
+ case CRYPT_RSA_PUBLIC_FORMAT_OPENSSH:
+ $key = base64_decode(preg_replace('#^ssh-rsa | .+$#', '', $key));
+ if ($key === false) {
+ return false;
+ }
+
+ $cleanup = substr($key, 0, 11) == "\0\0\0\7ssh-rsa";
+
+ if (strlen($key) <= 4) {
+ return false;
+ }
+ extract(unpack('Nlength', $this->_string_shift($key, 4)));
+ $publicExponent = new Math_BigInteger($this->_string_shift($key, $length), -256);
+ if (strlen($key) <= 4) {
+ return false;
+ }
+ extract(unpack('Nlength', $this->_string_shift($key, 4)));
+ $modulus = new Math_BigInteger($this->_string_shift($key, $length), -256);
+
+ if ($cleanup && strlen($key)) {
+ if (strlen($key) <= 4) {
+ return false;
+ }
+ extract(unpack('Nlength', $this->_string_shift($key, 4)));
+ $realModulus = new Math_BigInteger($this->_string_shift($key, $length), -256);
+ return strlen($key) ? false : array(
+ 'modulus' => $realModulus,
+ 'publicExponent' => $modulus
+ );
+ } else {
+ return strlen($key) ? false : array(
+ 'modulus' => $modulus,
+ 'publicExponent' => $publicExponent
+ );
+ }
+ // http://www.w3.org/TR/xmldsig-core/#sec-RSAKeyValue
+ // http://en.wikipedia.org/wiki/XML_Signature
+ case CRYPT_RSA_PRIVATE_FORMAT_XML:
+ case CRYPT_RSA_PUBLIC_FORMAT_XML:
+ $this->components = array();
+
+ $xml = xml_parser_create('UTF-8');
+ xml_set_object($xml, $this);
+ xml_set_element_handler($xml, '_start_element_handler', '_stop_element_handler');
+ xml_set_character_data_handler($xml, '_data_handler');
+ // add <xml></xml> to account for "dangling" tags like <BitStrength>...</BitStrength> that are sometimes added
+ if (!xml_parse($xml, '<xml>' . $key . '</xml>')) {
+ return false;
+ }
+
+ return isset($this->components['modulus']) && isset($this->components['publicExponent']) ? $this->components : false;
+ // from PuTTY's SSHPUBK.C
+ case CRYPT_RSA_PRIVATE_FORMAT_PUTTY:
+ $components = array();
+ $key = preg_split('#\r\n|\r|\n#', $key);
+ $type = trim(preg_replace('#PuTTY-User-Key-File-2: (.+)#', '$1', $key[0]));
+ if ($type != 'ssh-rsa') {
+ return false;
+ }
+ $encryption = trim(preg_replace('#Encryption: (.+)#', '$1', $key[1]));
+
+ $publicLength = trim(preg_replace('#Public-Lines: (\d+)#', '$1', $key[3]));
+ $public = base64_decode(implode('', array_map('trim', array_slice($key, 4, $publicLength))));
+ $public = substr($public, 11);
+ extract(unpack('Nlength', $this->_string_shift($public, 4)));
+ $components['publicExponent'] = new Math_BigInteger($this->_string_shift($public, $length), -256);
+ extract(unpack('Nlength', $this->_string_shift($public, 4)));
+ $components['modulus'] = new Math_BigInteger($this->_string_shift($public, $length), -256);
+
+ $privateLength = trim(preg_replace('#Private-Lines: (\d+)#', '$1', $key[$publicLength + 4]));
+ $private = base64_decode(implode('', array_map('trim', array_slice($key, $publicLength + 5, $privateLength))));
+
+ switch ($encryption) {
+ case 'aes256-cbc':
+ if (!class_exists('Crypt_AES')) {
+ require_once('Crypt/AES.php');
+ }
+ $symkey = '';
+ $sequence = 0;
+ while (strlen($symkey) < 32) {
+ $temp = pack('Na*', $sequence++, $this->password);
+ $symkey.= pack('H*', sha1($temp));
+ }
+ $symkey = substr($symkey, 0, 32);
+ $crypto = new Crypt_AES();
+ }
+
+ if ($encryption != 'none') {
+ $crypto->setKey($symkey);
+ $crypto->disablePadding();
+ $private = $crypto->decrypt($private);
+ if ($private === false) {
+ return false;
+ }
+ }
+
+ extract(unpack('Nlength', $this->_string_shift($private, 4)));
+ if (strlen($private) < $length) {
+ return false;
+ }
+ $components['privateExponent'] = new Math_BigInteger($this->_string_shift($private, $length), -256);
+ extract(unpack('Nlength', $this->_string_shift($private, 4)));
+ if (strlen($private) < $length) {
+ return false;
+ }
+ $components['primes'] = array(1 => new Math_BigInteger($this->_string_shift($private, $length), -256));
+ extract(unpack('Nlength', $this->_string_shift($private, 4)));
+ if (strlen($private) < $length) {
+ return false;
+ }
+ $components['primes'][] = new Math_BigInteger($this->_string_shift($private, $length), -256);
+
+ $temp = $components['primes'][1]->subtract($this->one);
+ $components['exponents'] = array(1 => $components['publicExponent']->modInverse($temp));
+ $temp = $components['primes'][2]->subtract($this->one);
+ $components['exponents'][] = $components['publicExponent']->modInverse($temp);
+
+ extract(unpack('Nlength', $this->_string_shift($private, 4)));
+ if (strlen($private) < $length) {
+ return false;
+ }
+ $components['coefficients'] = array(2 => new Math_BigInteger($this->_string_shift($private, $length), -256));
+
+ return $components;
+ }
+ }
+
+ /**
+ * Returns the key size
+ *
+ * More specifically, this returns the size of the modulo in bits.
+ *
+ * @access public
+ * @return Integer
+ */
+ function getSize()
+ {
+ return !isset($this->modulus) ? 0 : strlen($this->modulus->toBits());
+ }
+
+ /**
+ * Start Element Handler
+ *
+ * Called by xml_set_element_handler()
+ *
+ * @access private
+ * @param Resource $parser
+ * @param String $name
+ * @param Array $attribs
+ */
+ function _start_element_handler($parser, $name, $attribs)
+ {
+ //$name = strtoupper($name);
+ switch ($name) {
+ case 'MODULUS':
+ $this->current = &$this->components['modulus'];
+ break;
+ case 'EXPONENT':
+ $this->current = &$this->components['publicExponent'];
+ break;
+ case 'P':
+ $this->current = &$this->components['primes'][1];
+ break;
+ case 'Q':
+ $this->current = &$this->components['primes'][2];
+ break;
+ case 'DP':
+ $this->current = &$this->components['exponents'][1];
+ break;
+ case 'DQ':
+ $this->current = &$this->components['exponents'][2];
+ break;
+ case 'INVERSEQ':
+ $this->current = &$this->components['coefficients'][2];
+ break;
+ case 'D':
+ $this->current = &$this->components['privateExponent'];
+ break;
+ default:
+ unset($this->current);
+ }
+ $this->current = '';
+ }
+
+ /**
+ * Stop Element Handler
+ *
+ * Called by xml_set_element_handler()
+ *
+ * @access private
+ * @param Resource $parser
+ * @param String $name
+ */
+ function _stop_element_handler($parser, $name)
+ {
+ //$name = strtoupper($name);
+ if ($name == 'RSAKEYVALUE') {
+ return;
+ }
+ $this->current = new Math_BigInteger(base64_decode($this->current), 256);
+ }
+
+ /**
+ * Data Handler
+ *
+ * Called by xml_set_character_data_handler()
+ *
+ * @access private
+ * @param Resource $parser
+ * @param String $data
+ */
+ function _data_handler($parser, $data)
+ {
+ if (!isset($this->current) || is_object($this->current)) {
+ return;
+ }
+ $this->current.= trim($data);
+ }
+
+ /**
+ * Loads a public or private key
+ *
+ * Returns true on success and false on failure (ie. an incorrect password was provided or the key was malformed)
+ *
+ * @access public
+ * @param String $key
+ * @param Integer $type optional
+ */
+ function loadKey($key, $type = false)
+ {
+ if ($type === false) {
+ $types = array(
+ CRYPT_RSA_PUBLIC_FORMAT_RAW,
+ CRYPT_RSA_PRIVATE_FORMAT_PKCS1,
+ CRYPT_RSA_PRIVATE_FORMAT_XML,
+ CRYPT_RSA_PRIVATE_FORMAT_PUTTY,
+ CRYPT_RSA_PUBLIC_FORMAT_OPENSSH
+ );
+ foreach ($types as $type) {
+ $components = $this->_parseKey($key, $type);
+ if ($components !== false) {
+ break;
+ }
+ }
+
+ } else {
+ $components = $this->_parseKey($key, $type);
+ }
+
+ if ($components === false) {
+ return false;
+ }
+
+ $this->modulus = $components['modulus'];
+ $this->k = strlen($this->modulus->toBytes());
+ $this->exponent = isset($components['privateExponent']) ? $components['privateExponent'] : $components['publicExponent'];
+ if (isset($components['primes'])) {
+ $this->primes = $components['primes'];
+ $this->exponents = $components['exponents'];
+ $this->coefficients = $components['coefficients'];
+ $this->publicExponent = $components['publicExponent'];
+ } else {
+ $this->primes = array();
+ $this->exponents = array();
+ $this->coefficients = array();
+ $this->publicExponent = false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Sets the password
+ *
+ * Private keys can be encrypted with a password. To unset the password, pass in the empty string or false.
+ * Or rather, pass in $password such that empty($password) && !is_string($password) is true.
+ *
+ * @see createKey()
+ * @see loadKey()
+ * @access public
+ * @param String $password
+ */
+ function setPassword($password = false)
+ {
+ $this->password = $password;
+ }
+
+ /**
+ * Defines the public key
+ *
+ * Some private key formats define the public exponent and some don't. Those that don't define it are problematic when
+ * used in certain contexts. For example, in SSH-2, RSA authentication works by sending the public key along with a
+ * message signed by the private key to the server. The SSH-2 server looks the public key up in an index of public keys
+ * and if it's present then proceeds to verify the signature. Problem is, if your private key doesn't include the public
+ * exponent this won't work unless you manually add the public exponent.
+ *
+ * Do note that when a new key is loaded the index will be cleared.
+ *
+ * Returns true on success, false on failure
+ *
+ * @see getPublicKey()
+ * @access public
+ * @param String $key optional
+ * @param Integer $type optional
+ * @return Boolean
+ */
+ function setPublicKey($key = false, $type = false)
+ {
+ if ($key === false && !empty($this->modulus)) {
+ $this->publicExponent = $this->exponent;
+ return true;
+ }
+
+ if ($type === false) {
+ $types = array(
+ CRYPT_RSA_PUBLIC_FORMAT_RAW,
+ CRYPT_RSA_PUBLIC_FORMAT_PKCS1,
+ CRYPT_RSA_PUBLIC_FORMAT_XML,
+ CRYPT_RSA_PUBLIC_FORMAT_OPENSSH
+ );
+ foreach ($types as $type) {
+ $components = $this->_parseKey($key, $type);
+ if ($components !== false) {
+ break;
+ }
+ }
+ } else {
+ $components = $this->_parseKey($key, $type);
+ }
+
+ if ($components === false) {
+ return false;
+ }
+
+ if (empty($this->modulus) || !$this->modulus->equals($components['modulus'])) {
+ $this->modulus = $components['modulus'];
+ $this->exponent = $this->publicExponent = $components['publicExponent'];
+ return true;
+ }
+
+ $this->publicExponent = $components['publicExponent'];
+
+ return true;
+ }
+
+ /**
+ * Returns the public key
+ *
+ * The public key is only returned under two circumstances - if the private key had the public key embedded within it
+ * or if the public key was set via setPublicKey(). If the currently loaded key is supposed to be the public key this
+ * function won't return it since this library, for the most part, doesn't distinguish between public and private keys.
+ *
+ * @see getPublicKey()
+ * @access public
+ * @param String $key
+ * @param Integer $type optional
+ */
+ function getPublicKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
+ {
+ if (empty($this->modulus) || empty($this->publicExponent)) {
+ return false;
+ }
+
+ $oldFormat = $this->publicKeyFormat;
+ $this->publicKeyFormat = $type;
+ $temp = $this->_convertPublicKey($this->modulus, $this->publicExponent);
+ $this->publicKeyFormat = $oldFormat;
+ return $temp;
+ }
+
+ /**
+ * Returns the private key
+ *
+ * The private key is only returned if the currently loaded key contains the constituent prime numbers.
+ *
+ * @see getPublicKey()
+ * @access public
+ * @param String $key
+ * @param Integer $type optional
+ */
+ function getPrivateKey($type = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
+ {
+ if (empty($this->primes)) {
+ return false;
+ }
+
+ $oldFormat = $this->privateKeyFormat;
+ $this->privateKeyFormat = $type;
+ $temp = $this->_convertPrivateKey($this->modulus, $this->publicExponent, $this->exponent, $this->primes, $this->exponents, $this->coefficients);
+ $this->privateKeyFormat = $oldFormat;
+ return $temp;
+ }
+
+ /**
+ * Returns a minimalistic private key
+ *
+ * Returns the private key without the prime number constituants. Structurally identical to a public key that
+ * hasn't been set as the public key
+ *
+ * @see getPrivateKey()
+ * @access private
+ * @param String $key
+ * @param Integer $type optional
+ */
+ function _getPrivatePublicKey($mode = CRYPT_RSA_PUBLIC_FORMAT_PKCS1)
+ {
+ if (empty($this->modulus) || empty($this->exponent)) {
+ return false;
+ }
+
+ $oldFormat = $this->publicKeyFormat;
+ $this->publicKeyFormat = $mode;
+ $temp = $this->_convertPublicKey($this->modulus, $this->exponent);
+ $this->publicKeyFormat = $oldFormat;
+ return $temp;
+ }
+
+ /**
+ * __toString() magic method
+ *
+ * @access public
+ */
+ function __toString()
+ {
+ $key = $this->getPrivateKey($this->privateKeyFormat);
+ if ($key !== false) {
+ return $key;
+ }
+ $key = $this->_getPrivatePublicKey($this->publicKeyFormat);
+ return $key !== false ? $key : '';
+ }
+
+ /**
+ * Generates the smallest and largest numbers requiring $bits bits
+ *
+ * @access private
+ * @param Integer $bits
+ * @return Array
+ */
+ function _generateMinMax($bits)
+ {
+ $bytes = $bits >> 3;
+ $min = str_repeat(chr(0), $bytes);
+ $max = str_repeat(chr(0xFF), $bytes);
+ $msb = $bits & 7;
+ if ($msb) {
+ $min = chr(1 << ($msb - 1)) . $min;
+ $max = chr((1 << $msb) - 1) . $max;
+ } else {
+ $min[0] = chr(0x80);
+ }
+
+ return array(
+ 'min' => new Math_BigInteger($min, 256),
+ 'max' => new Math_BigInteger($max, 256)
+ );
+ }
+
+ /**
+ * DER-decode the length
+ *
+ * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
+ * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 8.1.3} for more information.
+ *
+ * @access private
+ * @param String $string
+ * @return Integer
+ */
+ function _decodeLength(&$string)
+ {
+ $length = ord($this->_string_shift($string));
+ if ( $length & 0x80 ) { // definite length, long form
+ $length&= 0x7F;
+ $temp = $this->_string_shift($string, $length);
+ list(, $length) = unpack('N', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4));
+ }
+ return $length;
+ }
+
+ /**
+ * DER-encode the length
+ *
+ * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
+ * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 8.1.3} for more information.
+ *
+ * @access private
+ * @param Integer $length
+ * @return String
+ */
+ function _encodeLength($length)
+ {
+ if ($length <= 0x7F) {
+ return chr($length);
+ }
+
+ $temp = ltrim(pack('N', $length), chr(0));
+ return pack('Ca*', 0x80 | strlen($temp), $temp);
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+
+ /**
+ * Determines the private key format
+ *
+ * @see createKey()
+ * @access public
+ * @param Integer $format
+ */
+ function setPrivateKeyFormat($format)
+ {
+ $this->privateKeyFormat = $format;
+ }
+
+ /**
+ * Determines the public key format
+ *
+ * @see createKey()
+ * @access public
+ * @param Integer $format
+ */
+ function setPublicKeyFormat($format)
+ {
+ $this->publicKeyFormat = $format;
+ }
+
+ /**
+ * Determines which hashing function should be used
+ *
+ * Used with signature production / verification and (if the encryption mode is CRYPT_RSA_ENCRYPTION_OAEP) encryption and
+ * decryption. If $hash isn't supported, sha1 is used.
+ *
+ * @access public
+ * @param String $hash
+ */
+ function setHash($hash)
+ {
+ // Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
+ switch ($hash) {
+ case 'md2':
+ case 'md5':
+ case 'sha1':
+ case 'sha256':
+ case 'sha384':
+ case 'sha512':
+ $this->hash = new Crypt_Hash($hash);
+ $this->hashName = $hash;
+ break;
+ default:
+ $this->hash = new Crypt_Hash('sha1');
+ $this->hashName = 'sha1';
+ }
+ $this->hLen = $this->hash->getLength();
+ }
+
+ /**
+ * Determines which hashing function should be used for the mask generation function
+ *
+ * The mask generation function is used by CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_SIGNATURE_PSS and although it's
+ * best if Hash and MGFHash are set to the same thing this is not a requirement.
+ *
+ * @access public
+ * @param String $hash
+ */
+ function setMGFHash($hash)
+ {
+ // Crypt_Hash supports algorithms that PKCS#1 doesn't support. md5-96 and sha1-96, for example.
+ switch ($hash) {
+ case 'md2':
+ case 'md5':
+ case 'sha1':
+ case 'sha256':
+ case 'sha384':
+ case 'sha512':
+ $this->mgfHash = new Crypt_Hash($hash);
+ break;
+ default:
+ $this->mgfHash = new Crypt_Hash('sha1');
+ }
+ $this->mgfHLen = $this->mgfHash->getLength();
+ }
+
+ /**
+ * Determines the salt length
+ *
+ * To quote from {@link http://tools.ietf.org/html/rfc3447#page-38 RFC3447#page-38}:
+ *
+ * Typical salt lengths in octets are hLen (the length of the output
+ * of the hash function Hash) and 0.
+ *
+ * @access public
+ * @param Integer $format
+ */
+ function setSaltLength($sLen)
+ {
+ $this->sLen = $sLen;
+ }
+
+ /**
+ * Integer-to-Octet-String primitive
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-4.1 RFC3447#section-4.1}.
+ *
+ * @access private
+ * @param Math_BigInteger $x
+ * @param Integer $xLen
+ * @return String
+ */
+ function _i2osp($x, $xLen)
+ {
+ $x = $x->toBytes();
+ if (strlen($x) > $xLen) {
+ user_error('Integer too large');
+ return false;
+ }
+ return str_pad($x, $xLen, chr(0), STR_PAD_LEFT);
+ }
+
+ /**
+ * Octet-String-to-Integer primitive
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-4.2 RFC3447#section-4.2}.
+ *
+ * @access private
+ * @param String $x
+ * @return Math_BigInteger
+ */
+ function _os2ip($x)
+ {
+ return new Math_BigInteger($x, 256);
+ }
+
+ /**
+ * Exponentiate with or without Chinese Remainder Theorem
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.2}.
+ *
+ * @access private
+ * @param Math_BigInteger $x
+ * @return Math_BigInteger
+ */
+ function _exponentiate($x)
+ {
+ if (empty($this->primes) || empty($this->coefficients) || empty($this->exponents)) {
+ return $x->modPow($this->exponent, $this->modulus);
+ }
+
+ $num_primes = count($this->primes);
+
+ if (defined('CRYPT_RSA_DISABLE_BLINDING')) {
+ $m_i = array(
+ 1 => $x->modPow($this->exponents[1], $this->primes[1]),
+ 2 => $x->modPow($this->exponents[2], $this->primes[2])
+ );
+ $h = $m_i[1]->subtract($m_i[2]);
+ $h = $h->multiply($this->coefficients[2]);
+ list(, $h) = $h->divide($this->primes[1]);
+ $m = $m_i[2]->add($h->multiply($this->primes[2]));
+
+ $r = $this->primes[1];
+ for ($i = 3; $i <= $num_primes; $i++) {
+ $m_i = $x->modPow($this->exponents[$i], $this->primes[$i]);
+
+ $r = $r->multiply($this->primes[$i - 1]);
+
+ $h = $m_i->subtract($m);
+ $h = $h->multiply($this->coefficients[$i]);
+ list(, $h) = $h->divide($this->primes[$i]);
+
+ $m = $m->add($r->multiply($h));
+ }
+ } else {
+ $smallest = $this->primes[1];
+ for ($i = 2; $i <= $num_primes; $i++) {
+ if ($smallest->compare($this->primes[$i]) > 0) {
+ $smallest = $this->primes[$i];
+ }
+ }
+
+ $one = new Math_BigInteger(1);
+
+ $r = $one->random($one, $smallest->subtract($one));
+
+ $m_i = array(
+ 1 => $this->_blind($x, $r, 1),
+ 2 => $this->_blind($x, $r, 2)
+ );
+ $h = $m_i[1]->subtract($m_i[2]);
+ $h = $h->multiply($this->coefficients[2]);
+ list(, $h) = $h->divide($this->primes[1]);
+ $m = $m_i[2]->add($h->multiply($this->primes[2]));
+
+ $r = $this->primes[1];
+ for ($i = 3; $i <= $num_primes; $i++) {
+ $m_i = $this->_blind($x, $r, $i);
+
+ $r = $r->multiply($this->primes[$i - 1]);
+
+ $h = $m_i->subtract($m);
+ $h = $h->multiply($this->coefficients[$i]);
+ list(, $h) = $h->divide($this->primes[$i]);
+
+ $m = $m->add($r->multiply($h));
+ }
+ }
+
+ return $m;
+ }
+
+ /**
+ * Performs RSA Blinding
+ *
+ * Protects against timing attacks by employing RSA Blinding.
+ * Returns $x->modPow($this->exponents[$i], $this->primes[$i])
+ *
+ * @access private
+ * @param Math_BigInteger $x
+ * @param Math_BigInteger $r
+ * @param Integer $i
+ * @return Math_BigInteger
+ */
+ function _blind($x, $r, $i)
+ {
+ $x = $x->multiply($r->modPow($this->publicExponent, $this->primes[$i]));
+ $x = $x->modPow($this->exponents[$i], $this->primes[$i]);
+
+ $r = $r->modInverse($this->primes[$i]);
+ $x = $x->multiply($r);
+ list(, $x) = $x->divide($this->primes[$i]);
+
+ return $x;
+ }
+
+ /**
+ * Performs blinded RSA equality testing
+ *
+ * Protects against a particular type of timing attack described.
+ *
+ * See {@link http://codahale.com/a-lesson-in-timing-attacks/ A Lesson In Timing Attacks (or, Dont use MessageDigest.isEquals)}
+ *
+ * Thanks for the heads up singpolyma!
+ *
+ * @access private
+ * @param String $x
+ * @param String $y
+ * @return Boolean
+ */
+ function _equals($x, $y)
+ {
+ if (strlen($x) != strlen($y)) {
+ return false;
+ }
+
+ $result = 0;
+ for ($i = 0; $i < strlen($x); $i++) {
+ $result |= ord($x[$i]) ^ ord($y[$i]);
+ }
+
+ return $result == 0;
+ }
+
+ /**
+ * RSAEP
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.1 RFC3447#section-5.1.1}.
+ *
+ * @access private
+ * @param Math_BigInteger $m
+ * @return Math_BigInteger
+ */
+ function _rsaep($m)
+ {
+ if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
+ user_error('Message representative out of range');
+ return false;
+ }
+ return $this->_exponentiate($m);
+ }
+
+ /**
+ * RSADP
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-5.1.2 RFC3447#section-5.1.2}.
+ *
+ * @access private
+ * @param Math_BigInteger $c
+ * @return Math_BigInteger
+ */
+ function _rsadp($c)
+ {
+ if ($c->compare($this->zero) < 0 || $c->compare($this->modulus) > 0) {
+ user_error('Ciphertext representative out of range');
+ return false;
+ }
+ return $this->_exponentiate($c);
+ }
+
+ /**
+ * RSASP1
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.1 RFC3447#section-5.2.1}.
+ *
+ * @access private
+ * @param Math_BigInteger $m
+ * @return Math_BigInteger
+ */
+ function _rsasp1($m)
+ {
+ if ($m->compare($this->zero) < 0 || $m->compare($this->modulus) > 0) {
+ user_error('Message representative out of range');
+ return false;
+ }
+ return $this->_exponentiate($m);
+ }
+
+ /**
+ * RSAVP1
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-5.2.2 RFC3447#section-5.2.2}.
+ *
+ * @access private
+ * @param Math_BigInteger $s
+ * @return Math_BigInteger
+ */
+ function _rsavp1($s)
+ {
+ if ($s->compare($this->zero) < 0 || $s->compare($this->modulus) > 0) {
+ user_error('Signature representative out of range');
+ return false;
+ }
+ return $this->_exponentiate($s);
+ }
+
+ /**
+ * MGF1
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#appendix-B.2.1 RFC3447#appendix-B.2.1}.
+ *
+ * @access private
+ * @param String $mgfSeed
+ * @param Integer $mgfLen
+ * @return String
+ */
+ function _mgf1($mgfSeed, $maskLen)
+ {
+ // if $maskLen would yield strings larger than 4GB, PKCS#1 suggests a "Mask too long" error be output.
+
+ $t = '';
+ $count = ceil($maskLen / $this->mgfHLen);
+ for ($i = 0; $i < $count; $i++) {
+ $c = pack('N', $i);
+ $t.= $this->mgfHash->hash($mgfSeed . $c);
+ }
+
+ return substr($t, 0, $maskLen);
+ }
+
+ /**
+ * RSAES-OAEP-ENCRYPT
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.1 RFC3447#section-7.1.1} and
+ * {http://en.wikipedia.org/wiki/Optimal_Asymmetric_Encryption_Padding OAES}.
+ *
+ * @access private
+ * @param String $m
+ * @param String $l
+ * @return String
+ */
+ function _rsaes_oaep_encrypt($m, $l = '')
+ {
+ $mLen = strlen($m);
+
+ // Length checking
+
+ // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
+ // be output.
+
+ if ($mLen > $this->k - 2 * $this->hLen - 2) {
+ user_error('Message too long');
+ return false;
+ }
+
+ // EME-OAEP encoding
+
+ $lHash = $this->hash->hash($l);
+ $ps = str_repeat(chr(0), $this->k - $mLen - 2 * $this->hLen - 2);
+ $db = $lHash . $ps . chr(1) . $m;
+ $seed = crypt_random_string($this->hLen);
+ $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
+ $maskedDB = $db ^ $dbMask;
+ $seedMask = $this->_mgf1($maskedDB, $this->hLen);
+ $maskedSeed = $seed ^ $seedMask;
+ $em = chr(0) . $maskedSeed . $maskedDB;
+
+ // RSA encryption
+
+ $m = $this->_os2ip($em);
+ $c = $this->_rsaep($m);
+ $c = $this->_i2osp($c, $this->k);
+
+ // Output the ciphertext C
+
+ return $c;
+ }
+
+ /**
+ * RSAES-OAEP-DECRYPT
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-7.1.2 RFC3447#section-7.1.2}. The fact that the error
+ * messages aren't distinguishable from one another hinders debugging, but, to quote from RFC3447#section-7.1.2:
+ *
+ * Note. Care must be taken to ensure that an opponent cannot
+ * distinguish the different error conditions in Step 3.g, whether by
+ * error message or timing, or, more generally, learn partial
+ * information about the encoded message EM. Otherwise an opponent may
+ * be able to obtain useful information about the decryption of the
+ * ciphertext C, leading to a chosen-ciphertext attack such as the one
+ * observed by Manger [36].
+ *
+ * As for $l... to quote from {@link http://tools.ietf.org/html/rfc3447#page-17 RFC3447#page-17}:
+ *
+ * Both the encryption and the decryption operations of RSAES-OAEP take
+ * the value of a label L as input. In this version of PKCS #1, L is
+ * the empty string; other uses of the label are outside the scope of
+ * this document.
+ *
+ * @access private
+ * @param String $c
+ * @param String $l
+ * @return String
+ */
+ function _rsaes_oaep_decrypt($c, $l = '')
+ {
+ // Length checking
+
+ // if $l is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
+ // be output.
+
+ if (strlen($c) != $this->k || $this->k < 2 * $this->hLen + 2) {
+ user_error('Decryption error');
+ return false;
+ }
+
+ // RSA decryption
+
+ $c = $this->_os2ip($c);
+ $m = $this->_rsadp($c);
+ if ($m === false) {
+ user_error('Decryption error');
+ return false;
+ }
+ $em = $this->_i2osp($m, $this->k);
+
+ // EME-OAEP decoding
+
+ $lHash = $this->hash->hash($l);
+ $y = ord($em[0]);
+ $maskedSeed = substr($em, 1, $this->hLen);
+ $maskedDB = substr($em, $this->hLen + 1);
+ $seedMask = $this->_mgf1($maskedDB, $this->hLen);
+ $seed = $maskedSeed ^ $seedMask;
+ $dbMask = $this->_mgf1($seed, $this->k - $this->hLen - 1);
+ $db = $maskedDB ^ $dbMask;
+ $lHash2 = substr($db, 0, $this->hLen);
+ $m = substr($db, $this->hLen);
+ if ($lHash != $lHash2) {
+ user_error('Decryption error');
+ return false;
+ }
+ $m = ltrim($m, chr(0));
+ if (ord($m[0]) != 1) {
+ user_error('Decryption error');
+ return false;
+ }
+
+ // Output the message M
+
+ return substr($m, 1);
+ }
+
+ /**
+ * RSAES-PKCS1-V1_5-ENCRYPT
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.1 RFC3447#section-7.2.1}.
+ *
+ * @access private
+ * @param String $m
+ * @return String
+ */
+ function _rsaes_pkcs1_v1_5_encrypt($m)
+ {
+ $mLen = strlen($m);
+
+ // Length checking
+
+ if ($mLen > $this->k - 11) {
+ user_error('Message too long');
+ return false;
+ }
+
+ // EME-PKCS1-v1_5 encoding
+ $psLen = $this->k - $mLen - 3;
+ $ps = '';
+ while (strlen($ps) != $psLen) {
+ $temp = crypt_random_string($psLen - strlen($ps));
+ $temp = str_replace("\x00", '', $temp);
+ $ps.= $temp;
+ }
+ $em = chr(0) . chr(2) . $ps . chr(0) . $m;
+
+ // RSA encryption
+ $m = $this->_os2ip($em);
+ $c = $this->_rsaep($m);
+ $c = $this->_i2osp($c, $this->k);
+
+ // Output the ciphertext C
+
+ return $c;
+ }
+
+ /**
+ * RSAES-PKCS1-V1_5-DECRYPT
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-7.2.2 RFC3447#section-7.2.2}.
+ *
+ * For compatability purposes, this function departs slightly from the description given in RFC3447.
+ * The reason being that RFC2313#section-8.1 (PKCS#1 v1.5) states that ciphertext's encrypted by the
+ * private key should have the second byte set to either 0 or 1 and that ciphertext's encrypted by the
+ * public key should have the second byte set to 2. In RFC3447 (PKCS#1 v2.1), the second byte is supposed
+ * to be 2 regardless of which key is used. For compatability purposes, we'll just check to make sure the
+ * second byte is 2 or less. If it is, we'll accept the decrypted string as valid.
+ *
+ * As a consequence of this, a private key encrypted ciphertext produced with Crypt_RSA may not decrypt
+ * with a strictly PKCS#1 v1.5 compliant RSA implementation. Public key encrypted ciphertext's should but
+ * not private key encrypted ciphertext's.
+ *
+ * @access private
+ * @param String $c
+ * @return String
+ */
+ function _rsaes_pkcs1_v1_5_decrypt($c)
+ {
+ // Length checking
+
+ if (strlen($c) != $this->k) { // or if k < 11
+ user_error('Decryption error');
+ return false;
+ }
+
+ // RSA decryption
+
+ $c = $this->_os2ip($c);
+ $m = $this->_rsadp($c);
+
+ if ($m === false) {
+ user_error('Decryption error');
+ return false;
+ }
+ $em = $this->_i2osp($m, $this->k);
+
+ // EME-PKCS1-v1_5 decoding
+
+ if (ord($em[0]) != 0 || ord($em[1]) > 2) {
+ user_error('Decryption error');
+ return false;
+ }
+
+ $ps = substr($em, 2, strpos($em, chr(0), 2) - 2);
+ $m = substr($em, strlen($ps) + 3);
+
+ if (strlen($ps) < 8) {
+ user_error('Decryption error');
+ return false;
+ }
+
+ // Output M
+
+ return $m;
+ }
+
+ /**
+ * EMSA-PSS-ENCODE
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.1 RFC3447#section-9.1.1}.
+ *
+ * @access private
+ * @param String $m
+ * @param Integer $emBits
+ */
+ function _emsa_pss_encode($m, $emBits)
+ {
+ // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
+ // be output.
+
+ $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8)
+ $sLen = $this->sLen == false ? $this->hLen : $this->sLen;
+
+ $mHash = $this->hash->hash($m);
+ if ($emLen < $this->hLen + $sLen + 2) {
+ user_error('Encoding error');
+ return false;
+ }
+
+ $salt = crypt_random_string($sLen);
+ $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
+ $h = $this->hash->hash($m2);
+ $ps = str_repeat(chr(0), $emLen - $sLen - $this->hLen - 2);
+ $db = $ps . chr(1) . $salt;
+ $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
+ $maskedDB = $db ^ $dbMask;
+ $maskedDB[0] = ~chr(0xFF << ($emBits & 7)) & $maskedDB[0];
+ $em = $maskedDB . $h . chr(0xBC);
+
+ return $em;
+ }
+
+ /**
+ * EMSA-PSS-VERIFY
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-9.1.2 RFC3447#section-9.1.2}.
+ *
+ * @access private
+ * @param String $m
+ * @param String $em
+ * @param Integer $emBits
+ * @return String
+ */
+ function _emsa_pss_verify($m, $em, $emBits)
+ {
+ // if $m is larger than two million terrabytes and you're using sha1, PKCS#1 suggests a "Label too long" error
+ // be output.
+
+ $emLen = ($emBits + 1) >> 3; // ie. ceil($emBits / 8);
+ $sLen = $this->sLen == false ? $this->hLen : $this->sLen;
+
+ $mHash = $this->hash->hash($m);
+ if ($emLen < $this->hLen + $sLen + 2) {
+ return false;
+ }
+
+ if ($em[strlen($em) - 1] != chr(0xBC)) {
+ return false;
+ }
+
+ $maskedDB = substr($em, 0, -$this->hLen - 1);
+ $h = substr($em, -$this->hLen - 1, $this->hLen);
+ $temp = chr(0xFF << ($emBits & 7));
+ if ((~$maskedDB[0] & $temp) != $temp) {
+ return false;
+ }
+ $dbMask = $this->_mgf1($h, $emLen - $this->hLen - 1);
+ $db = $maskedDB ^ $dbMask;
+ $db[0] = ~chr(0xFF << ($emBits & 7)) & $db[0];
+ $temp = $emLen - $this->hLen - $sLen - 2;
+ if (substr($db, 0, $temp) != str_repeat(chr(0), $temp) || ord($db[$temp]) != 1) {
+ return false;
+ }
+ $salt = substr($db, $temp + 1); // should be $sLen long
+ $m2 = "\0\0\0\0\0\0\0\0" . $mHash . $salt;
+ $h2 = $this->hash->hash($m2);
+ return $this->_equals($h, $h2);
+ }
+
+ /**
+ * RSASSA-PSS-SIGN
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.1 RFC3447#section-8.1.1}.
+ *
+ * @access private
+ * @param String $m
+ * @return String
+ */
+ function _rsassa_pss_sign($m)
+ {
+ // EMSA-PSS encoding
+
+ $em = $this->_emsa_pss_encode($m, 8 * $this->k - 1);
+
+ // RSA signature
+
+ $m = $this->_os2ip($em);
+ $s = $this->_rsasp1($m);
+ $s = $this->_i2osp($s, $this->k);
+
+ // Output the signature S
+
+ return $s;
+ }
+
+ /**
+ * RSASSA-PSS-VERIFY
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-8.1.2 RFC3447#section-8.1.2}.
+ *
+ * @access private
+ * @param String $m
+ * @param String $s
+ * @return String
+ */
+ function _rsassa_pss_verify($m, $s)
+ {
+ // Length checking
+
+ if (strlen($s) != $this->k) {
+ user_error('Invalid signature');
+ return false;
+ }
+
+ // RSA verification
+
+ $modBits = 8 * $this->k;
+
+ $s2 = $this->_os2ip($s);
+ $m2 = $this->_rsavp1($s2);
+ if ($m2 === false) {
+ user_error('Invalid signature');
+ return false;
+ }
+ $em = $this->_i2osp($m2, $modBits >> 3);
+ if ($em === false) {
+ user_error('Invalid signature');
+ return false;
+ }
+
+ // EMSA-PSS verification
+
+ return $this->_emsa_pss_verify($m, $em, $modBits - 1);
+ }
+
+ /**
+ * EMSA-PKCS1-V1_5-ENCODE
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-9.2 RFC3447#section-9.2}.
+ *
+ * @access private
+ * @param String $m
+ * @param Integer $emLen
+ * @return String
+ */
+ function _emsa_pkcs1_v1_5_encode($m, $emLen)
+ {
+ $h = $this->hash->hash($m);
+ if ($h === false) {
+ return false;
+ }
+
+ // see http://tools.ietf.org/html/rfc3447#page-43
+ switch ($this->hashName) {
+ case 'md2':
+ $t = pack('H*', '3020300c06082a864886f70d020205000410');
+ break;
+ case 'md5':
+ $t = pack('H*', '3020300c06082a864886f70d020505000410');
+ break;
+ case 'sha1':
+ $t = pack('H*', '3021300906052b0e03021a05000414');
+ break;
+ case 'sha256':
+ $t = pack('H*', '3031300d060960864801650304020105000420');
+ break;
+ case 'sha384':
+ $t = pack('H*', '3041300d060960864801650304020205000430');
+ break;
+ case 'sha512':
+ $t = pack('H*', '3051300d060960864801650304020305000440');
+ }
+ $t.= $h;
+ $tLen = strlen($t);
+
+ if ($emLen < $tLen + 11) {
+ user_error('Intended encoded message length too short');
+ return false;
+ }
+
+ $ps = str_repeat(chr(0xFF), $emLen - $tLen - 3);
+
+ $em = "\0\1$ps\0$t";
+
+ return $em;
+ }
+
+ /**
+ * RSASSA-PKCS1-V1_5-SIGN
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.1 RFC3447#section-8.2.1}.
+ *
+ * @access private
+ * @param String $m
+ * @return String
+ */
+ function _rsassa_pkcs1_v1_5_sign($m)
+ {
+ // EMSA-PKCS1-v1_5 encoding
+
+ $em = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
+ if ($em === false) {
+ user_error('RSA modulus too short');
+ return false;
+ }
+
+ // RSA signature
+
+ $m = $this->_os2ip($em);
+ $s = $this->_rsasp1($m);
+ $s = $this->_i2osp($s, $this->k);
+
+ // Output the signature S
+
+ return $s;
+ }
+
+ /**
+ * RSASSA-PKCS1-V1_5-VERIFY
+ *
+ * See {@link http://tools.ietf.org/html/rfc3447#section-8.2.2 RFC3447#section-8.2.2}.
+ *
+ * @access private
+ * @param String $m
+ * @return String
+ */
+ function _rsassa_pkcs1_v1_5_verify($m, $s)
+ {
+ // Length checking
+
+ if (strlen($s) != $this->k) {
+ user_error('Invalid signature');
+ return false;
+ }
+
+ // RSA verification
+
+ $s = $this->_os2ip($s);
+ $m2 = $this->_rsavp1($s);
+ if ($m2 === false) {
+ user_error('Invalid signature');
+ return false;
+ }
+ $em = $this->_i2osp($m2, $this->k);
+ if ($em === false) {
+ user_error('Invalid signature');
+ return false;
+ }
+
+ // EMSA-PKCS1-v1_5 encoding
+
+ $em2 = $this->_emsa_pkcs1_v1_5_encode($m, $this->k);
+ if ($em2 === false) {
+ user_error('RSA modulus too short');
+ return false;
+ }
+
+ // Compare
+ return $this->_equals($em, $em2);
+ }
+
+ /**
+ * Set Encryption Mode
+ *
+ * Valid values include CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1.
+ *
+ * @access public
+ * @param Integer $mode
+ */
+ function setEncryptionMode($mode)
+ {
+ $this->encryptionMode = $mode;
+ }
+
+ /**
+ * Set Signature Mode
+ *
+ * Valid values include CRYPT_RSA_SIGNATURE_PSS and CRYPT_RSA_SIGNATURE_PKCS1
+ *
+ * @access public
+ * @param Integer $mode
+ */
+ function setSignatureMode($mode)
+ {
+ $this->signatureMode = $mode;
+ }
+
+ /**
+ * Encryption
+ *
+ * Both CRYPT_RSA_ENCRYPTION_OAEP and CRYPT_RSA_ENCRYPTION_PKCS1 both place limits on how long $plaintext can be.
+ * If $plaintext exceeds those limits it will be broken up so that it does and the resultant ciphertext's will
+ * be concatenated together.
+ *
+ * @see decrypt()
+ * @access public
+ * @param String $plaintext
+ * @return String
+ */
+ function encrypt($plaintext)
+ {
+ switch ($this->encryptionMode) {
+ case CRYPT_RSA_ENCRYPTION_PKCS1:
+ $length = $this->k - 11;
+ if ($length <= 0) {
+ return false;
+ }
+
+ $plaintext = str_split($plaintext, $length);
+ $ciphertext = '';
+ foreach ($plaintext as $m) {
+ $ciphertext.= $this->_rsaes_pkcs1_v1_5_encrypt($m);
+ }
+ return $ciphertext;
+ //case CRYPT_RSA_ENCRYPTION_OAEP:
+ default:
+ $length = $this->k - 2 * $this->hLen - 2;
+ if ($length <= 0) {
+ return false;
+ }
+
+ $plaintext = str_split($plaintext, $length);
+ $ciphertext = '';
+ foreach ($plaintext as $m) {
+ $ciphertext.= $this->_rsaes_oaep_encrypt($m);
+ }
+ return $ciphertext;
+ }
+ }
+
+ /**
+ * Decryption
+ *
+ * @see encrypt()
+ * @access public
+ * @param String $plaintext
+ * @return String
+ */
+ function decrypt($ciphertext)
+ {
+ if ($this->k <= 0) {
+ return false;
+ }
+
+ $ciphertext = str_split($ciphertext, $this->k);
+ $ciphertext[count($ciphertext) - 1] = str_pad($ciphertext[count($ciphertext) - 1], $this->k, chr(0), STR_PAD_LEFT);
+
+ $plaintext = '';
+
+ switch ($this->encryptionMode) {
+ case CRYPT_RSA_ENCRYPTION_PKCS1:
+ $decrypt = '_rsaes_pkcs1_v1_5_decrypt';
+ break;
+ //case CRYPT_RSA_ENCRYPTION_OAEP:
+ default:
+ $decrypt = '_rsaes_oaep_decrypt';
+ }
+
+ foreach ($ciphertext as $c) {
+ $temp = $this->$decrypt($c);
+ if ($temp === false) {
+ return false;
+ }
+ $plaintext.= $temp;
+ }
+
+ return $plaintext;
+ }
+
+ /**
+ * Create a signature
+ *
+ * @see verify()
+ * @access public
+ * @param String $message
+ * @return String
+ */
+ function sign($message)
+ {
+ if (empty($this->modulus) || empty($this->exponent)) {
+ return false;
+ }
+
+ switch ($this->signatureMode) {
+ case CRYPT_RSA_SIGNATURE_PKCS1:
+ return $this->_rsassa_pkcs1_v1_5_sign($message);
+ //case CRYPT_RSA_SIGNATURE_PSS:
+ default:
+ return $this->_rsassa_pss_sign($message);
+ }
+ }
+
+ /**
+ * Verifies a signature
+ *
+ * @see sign()
+ * @access public
+ * @param String $message
+ * @param String $signature
+ * @return Boolean
+ */
+ function verify($message, $signature)
+ {
+ if (empty($this->modulus) || empty($this->exponent)) {
+ return false;
+ }
+
+ switch ($this->signatureMode) {
+ case CRYPT_RSA_SIGNATURE_PKCS1:
+ return $this->_rsassa_pkcs1_v1_5_verify($message, $signature);
+ //case CRYPT_RSA_SIGNATURE_PSS:
+ default:
+ return $this->_rsassa_pss_verify($message, $signature);
+ }
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Random.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Random.php
new file mode 100644
index 00000000000..a60857df95d
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Random.php
@@ -0,0 +1,243 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Random Number Generator
+ *
+ * PHP versions 4 and 5
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/Random.php');
+ *
+ * echo bin2hex(crypt_random_string(8));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_Random
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: Random.php,v 1.9 2010/04/24 06:40:48 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Generate a random string.
+ *
+ * Although microoptimizations are generally discouraged as they impair readability this function is ripe with
+ * microoptimizations because this function has the potential of being called a huge number of times.
+ * eg. for RSA key generation.
+ *
+ * @param Integer $length
+ * @return String
+ * @access public
+ */
+function crypt_random_string($length) {
+ // PHP_OS & "\xDF\xDF\xDF" == strtoupper(substr(PHP_OS, 0, 3)), but a lot faster
+ if ((PHP_OS & "\xDF\xDF\xDF") === 'WIN') {
+ // method 1. prior to PHP 5.3 this would call rand() on windows hence the function_exists('class_alias') call.
+ // ie. class_alias is a function that was introduced in PHP 5.3
+ if (function_exists('mcrypt_create_iv') && function_exists('class_alias')) {
+ return mcrypt_create_iv($length);
+ }
+ // method 2. openssl_random_pseudo_bytes was introduced in PHP 5.3.0 but prior to PHP 5.3.4 there was,
+ // to quote <http://php.net/ChangeLog-5.php#5.3.4>, "possible blocking behavior". as of 5.3.4
+ // openssl_random_pseudo_bytes and mcrypt_create_iv do the exact same thing on Windows. ie. they both
+ // call php_win32_get_random_bytes():
+ //
+ // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/openssl/openssl.c#L5008
+ // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1392
+ //
+ // php_win32_get_random_bytes() is defined thusly:
+ //
+ // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/win32/winutil.c#L80
+ //
+ // we're calling it, all the same, in the off chance that the mcrypt extension is not available
+ if (function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>=')) {
+ return openssl_random_pseudo_bytes($length);
+ }
+ } else {
+ // method 1. the fastest
+ if (function_exists('openssl_random_pseudo_bytes')) {
+ return openssl_random_pseudo_bytes($length);
+ }
+ // method 2
+ static $fp = true;
+ if ($fp === true) {
+ // warning's will be output unles the error suppression operator is used. errors such as
+ // "open_basedir restriction in effect", "Permission denied", "No such file or directory", etc.
+ $fp = @fopen('/dev/urandom', 'rb');
+ }
+ if ($fp !== true && $fp !== false) { // surprisingly faster than !is_bool() or is_resource()
+ return fread($fp, $length);
+ }
+ // method 3. pretty much does the same thing as method 2 per the following url:
+ // https://github.com/php/php-src/blob/7014a0eb6d1611151a286c0ff4f2238f92c120d6/ext/mcrypt/mcrypt.c#L1391
+ // surprisingly slower than method 2. maybe that's because mcrypt_create_iv does a bunch of error checking that we're
+ // not doing. regardless, this'll only be called if this PHP script couldn't open /dev/urandom due to open_basedir
+ // restrictions or some such
+ if (function_exists('mcrypt_create_iv')) {
+ return mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
+ }
+ }
+ // at this point we have no choice but to use a pure-PHP CSPRNG
+
+ // cascade entropy across multiple PHP instances by fixing the session and collecting all
+ // environmental variables, including the previous session data and the current session
+ // data.
+ //
+ // mt_rand seeds itself by looking at the PID and the time, both of which are (relatively)
+ // easy to guess at. linux uses mouse clicks, keyboard timings, etc, as entropy sources, but
+ // PHP isn't low level to be able to use those as sources and on a web server there's not likely
+ // going to be a ton of keyboard or mouse action. web servers do have one thing that we can use
+ // however. a ton of people visiting the website. obviously you don't want to base your seeding
+ // soley on parameters a potential attacker sends but (1) not everything in $_SERVER is controlled
+ // by the user and (2) this isn't just looking at the data sent by the current user - it's based
+ // on the data sent by all users. one user requests the page and a hash of their info is saved.
+ // another user visits the page and the serialization of their data is utilized along with the
+ // server envirnment stuff and a hash of the previous http request data (which itself utilizes
+ // a hash of the session data before that). certainly an attacker should be assumed to have
+ // full control over his own http requests. he, however, is not going to have control over
+ // everyone's http requests.
+ static $crypto = false, $v;
+ if ($crypto === false) {
+ // save old session data
+ $old_session_id = session_id();
+ $old_use_cookies = ini_get('session.use_cookies');
+ $old_session_cache_limiter = session_cache_limiter();
+ if (isset($_SESSION)) {
+ $_OLD_SESSION = $_SESSION;
+ }
+ if ($old_session_id != '') {
+ session_write_close();
+ }
+
+ session_id(1);
+ ini_set('session.use_cookies', 0);
+ session_cache_limiter('');
+ session_start();
+
+ $v = $seed = $_SESSION['seed'] = pack('H*', sha1(
+ serialize($_SERVER) .
+ serialize($_POST) .
+ serialize($_GET) .
+ serialize($_COOKIE) .
+ serialize($_GLOBAL) .
+ serialize($_SESSION) .
+ serialize($_OLD_SESSION)
+ ));
+ if (!isset($_SESSION['count'])) {
+ $_SESSION['count'] = 0;
+ }
+ $_SESSION['count']++;
+
+ session_write_close();
+
+ // restore old session data
+ if ($old_session_id != '') {
+ session_id($old_session_id);
+ session_start();
+ ini_set('session.use_cookies', $old_use_cookies);
+ session_cache_limiter($old_session_cache_limiter);
+ } else {
+ if (isset($_OLD_SESSION)) {
+ $_SESSION = $_OLD_SESSION;
+ unset($_OLD_SESSION);
+ } else {
+ unset($_SESSION);
+ }
+ }
+
+ // in SSH2 a shared secret and an exchange hash are generated through the key exchange process.
+ // the IV client to server is the hash of that "nonce" with the letter A and for the encryption key it's the letter C.
+ // if the hash doesn't produce enough a key or an IV that's long enough concat successive hashes of the
+ // original hash and the current hash. we'll be emulating that. for more info see the following URL:
+ //
+ // http://tools.ietf.org/html/rfc4253#section-7.2
+ //
+ // see the is_string($crypto) part for an example of how to expand the keys
+ $key = pack('H*', sha1($seed . 'A'));
+ $iv = pack('H*', sha1($seed . 'C'));
+
+ // ciphers are used as per the nist.gov link below. also, see this link:
+ //
+ // http://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator#Designs_based_on_cryptographic_primitives
+ switch (true) {
+ case class_exists('Crypt_AES'):
+ $crypto = new Crypt_AES(CRYPT_AES_MODE_CTR);
+ break;
+ case class_exists('Crypt_TripleDES'):
+ $crypto = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
+ break;
+ case class_exists('Crypt_DES'):
+ $crypto = new Crypt_DES(CRYPT_DES_MODE_CTR);
+ break;
+ case class_exists('Crypt_RC4'):
+ $crypto = new Crypt_RC4();
+ break;
+ default:
+ $crypto = $seed;
+ return crypt_random_string($length);
+ }
+
+ $crypto->setKey($key);
+ $crypto->setIV($iv);
+ $crypto->enableContinuousBuffer();
+ }
+
+ if (is_string($crypto)) {
+ // the following is based off of ANSI X9.31:
+ //
+ // http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf
+ //
+ // OpenSSL uses that same standard for it's random numbers:
+ //
+ // http://www.opensource.apple.com/source/OpenSSL/OpenSSL-38/openssl/fips-1.0/rand/fips_rand.c
+ // (do a search for "ANS X9.31 A.2.4")
+ //
+ // ANSI X9.31 recommends ciphers be used and phpseclib does use them if they're available (see
+ // later on in the code) but if they're not we'll use sha1
+ $result = '';
+ while (strlen($result) < $length) { // each loop adds 20 bytes
+ // microtime() isn't packed as "densely" as it could be but then neither is that the idea.
+ // the idea is simply to ensure that each "block" has a unique element to it.
+ $i = pack('H*', sha1(microtime()));
+ $r = pack('H*', sha1($i ^ $v));
+ $v = pack('H*', sha1($r ^ $i));
+ $result.= $r;
+ }
+ return substr($result, 0, $length);
+ }
+
+ //return $crypto->encrypt(str_repeat("\0", $length));
+
+ $result = '';
+ while (strlen($result) < $length) {
+ $i = $crypto->encrypt(microtime());
+ $r = $crypto->encrypt($i ^ $v);
+ $v = $crypto->encrypt($r ^ $i);
+ $result.= $r;
+ }
+ return substr($result, 0, $length);
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Rijndael.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Rijndael.php
new file mode 100644
index 00000000000..335d5233c4d
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/Rijndael.php
@@ -0,0 +1,1525 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of Rijndael.
+ *
+ * Does not use mcrypt, even when available, for reasons that are explained below.
+ *
+ * PHP versions 4 and 5
+ *
+ * If {@link Crypt_Rijndael::setBlockLength() setBlockLength()} isn't called, it'll be assumed to be 128 bits. If
+ * {@link Crypt_Rijndael::setKeyLength() setKeyLength()} isn't called, it'll be calculated from
+ * {@link Crypt_Rijndael::setKey() setKey()}. ie. if the key is 128-bits, the key length will be 128-bits. If it's
+ * 136-bits it'll be null-padded to 160-bits and 160 bits will be the key length until
+ * {@link Crypt_Rijndael::setKey() setKey()} is called, again, at which point, it'll be recalculated.
+ *
+ * Not all Rijndael implementations may support 160-bits or 224-bits as the block length / key length. mcrypt, for example,
+ * does not. AES, itself, only supports block lengths of 128 and key lengths of 128, 192, and 256.
+ * {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=10 Rijndael-ammended.pdf#page=10} defines the
+ * algorithm for block lengths of 192 and 256 but not for block lengths / key lengths of 160 and 224. Indeed, 160 and 224
+ * are first defined as valid key / block lengths in
+ * {@link http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=44 Rijndael-ammended.pdf#page=44}:
+ * Extensions: Other block and Cipher Key lengths.
+ *
+ * {@internal The variable names are the same as those in
+ * {@link http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf#page=10 fips-197.pdf#page=10}.}}
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/Rijndael.php');
+ *
+ * $rijndael = new Crypt_Rijndael();
+ *
+ * $rijndael->setKey('abcdefghijklmnop');
+ *
+ * $size = 10 * 1024;
+ * $plaintext = '';
+ * for ($i = 0; $i < $size; $i++) {
+ * $plaintext.= 'a';
+ * }
+ *
+ * echo $rijndael->decrypt($rijndael->encrypt($plaintext));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_Rijndael
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVIII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: Rijndael.php,v 1.12 2010/02/09 06:10:26 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**#@+
+ * @access public
+ * @see Crypt_Rijndael::encrypt()
+ * @see Crypt_Rijndael::decrypt()
+ */
+/**
+ * Encrypt / decrypt using the Counter mode.
+ *
+ * Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29
+ */
+define('CRYPT_RIJNDAEL_MODE_CTR', -1);
+/**
+ * Encrypt / decrypt using the Electronic Code Book mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Electronic_codebook_.28ECB.29
+ */
+define('CRYPT_RIJNDAEL_MODE_ECB', 1);
+/**
+ * Encrypt / decrypt using the Code Book Chaining mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher-block_chaining_.28CBC.29
+ */
+define('CRYPT_RIJNDAEL_MODE_CBC', 2);
+/**
+ * Encrypt / decrypt using the Cipher Feedback mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Cipher_feedback_.28CFB.29
+ */
+define('CRYPT_RIJNDAEL_MODE_CFB', 3);
+/**
+ * Encrypt / decrypt using the Cipher Feedback mode.
+ *
+ * @link http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Output_feedback_.28OFB.29
+ */
+define('CRYPT_RIJNDAEL_MODE_OFB', 4);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Crypt_Rijndael::Crypt_Rijndael()
+ */
+/**
+ * Toggles the internal implementation
+ */
+define('CRYPT_RIJNDAEL_MODE_INTERNAL', 1);
+/**
+ * Toggles the mcrypt implementation
+ */
+define('CRYPT_RIJNDAEL_MODE_MCRYPT', 2);
+/**#@-*/
+
+/**
+ * Pure-PHP implementation of Rijndael.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_Rijndael
+ */
+class Crypt_Rijndael {
+ /**
+ * The Encryption Mode
+ *
+ * @see Crypt_Rijndael::Crypt_Rijndael()
+ * @var Integer
+ * @access private
+ */
+ var $mode;
+
+ /**
+ * The Key
+ *
+ * @see Crypt_Rijndael::setKey()
+ * @var String
+ * @access private
+ */
+ var $key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+
+ /**
+ * The Initialization Vector
+ *
+ * @see Crypt_Rijndael::setIV()
+ * @var String
+ * @access private
+ */
+ var $iv = '';
+
+ /**
+ * A "sliding" Initialization Vector
+ *
+ * @see Crypt_Rijndael::enableContinuousBuffer()
+ * @var String
+ * @access private
+ */
+ var $encryptIV = '';
+
+ /**
+ * A "sliding" Initialization Vector
+ *
+ * @see Crypt_Rijndael::enableContinuousBuffer()
+ * @var String
+ * @access private
+ */
+ var $decryptIV = '';
+
+ /**
+ * Continuous Buffer status
+ *
+ * @see Crypt_Rijndael::enableContinuousBuffer()
+ * @var Boolean
+ * @access private
+ */
+ var $continuousBuffer = false;
+
+ /**
+ * Padding status
+ *
+ * @see Crypt_Rijndael::enablePadding()
+ * @var Boolean
+ * @access private
+ */
+ var $padding = true;
+
+ /**
+ * Does the key schedule need to be (re)calculated?
+ *
+ * @see setKey()
+ * @see setBlockLength()
+ * @see setKeyLength()
+ * @var Boolean
+ * @access private
+ */
+ var $changed = true;
+
+ /**
+ * Has the key length explicitly been set or should it be derived from the key, itself?
+ *
+ * @see setKeyLength()
+ * @var Boolean
+ * @access private
+ */
+ var $explicit_key_length = false;
+
+ /**
+ * The Key Schedule
+ *
+ * @see _setup()
+ * @var Array
+ * @access private
+ */
+ var $w;
+
+ /**
+ * The Inverse Key Schedule
+ *
+ * @see _setup()
+ * @var Array
+ * @access private
+ */
+ var $dw;
+
+ /**
+ * The Block Length
+ *
+ * @see setBlockLength()
+ * @var Integer
+ * @access private
+ * @internal The max value is 32, the min value is 16. All valid values are multiples of 4. Exists in conjunction with
+ * $Nb because we need this value and not $Nb to pad strings appropriately.
+ */
+ var $block_size = 16;
+
+ /**
+ * The Block Length divided by 32
+ *
+ * @see setBlockLength()
+ * @var Integer
+ * @access private
+ * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4. Exists in conjunction with $block_size
+ * because the encryption / decryption / key schedule creation requires this number and not $block_size. We could
+ * derive this from $block_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
+ * of that, we'll just precompute it once.
+ *
+ */
+ var $Nb = 4;
+
+ /**
+ * The Key Length
+ *
+ * @see setKeyLength()
+ * @var Integer
+ * @access private
+ * @internal The max value is 256 / 8 = 32, the min value is 128 / 8 = 16. Exists in conjunction with $key_size
+ * because the encryption / decryption / key schedule creation requires this number and not $key_size. We could
+ * derive this from $key_size or vice versa, but that'd mean we'd have to do multiple shift operations, so in lieu
+ * of that, we'll just precompute it once.
+ */
+ var $key_size = 16;
+
+ /**
+ * The Key Length divided by 32
+ *
+ * @see setKeyLength()
+ * @var Integer
+ * @access private
+ * @internal The max value is 256 / 32 = 8, the min value is 128 / 32 = 4
+ */
+ var $Nk = 4;
+
+ /**
+ * The Number of Rounds
+ *
+ * @var Integer
+ * @access private
+ * @internal The max value is 14, the min value is 10.
+ */
+ var $Nr;
+
+ /**
+ * Shift offsets
+ *
+ * @var Array
+ * @access private
+ */
+ var $c;
+
+ /**
+ * Precomputed mixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $t0;
+
+ /**
+ * Precomputed mixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $t1;
+
+ /**
+ * Precomputed mixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $t2;
+
+ /**
+ * Precomputed mixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $t3;
+
+ /**
+ * Precomputed invMixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $dt0;
+
+ /**
+ * Precomputed invMixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $dt1;
+
+ /**
+ * Precomputed invMixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $dt2;
+
+ /**
+ * Precomputed invMixColumns table
+ *
+ * @see Crypt_Rijndael()
+ * @var Array
+ * @access private
+ */
+ var $dt3;
+
+ /**
+ * Is the mode one that is paddable?
+ *
+ * @see Crypt_Rijndael::Crypt_Rijndael()
+ * @var Boolean
+ * @access private
+ */
+ var $paddable = false;
+
+ /**
+ * Encryption buffer for CTR, OFB and CFB modes
+ *
+ * @see Crypt_Rijndael::encrypt()
+ * @var String
+ * @access private
+ */
+ var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0);
+
+ /**
+ * Decryption buffer for CTR, OFB and CFB modes
+ *
+ * @see Crypt_Rijndael::decrypt()
+ * @var String
+ * @access private
+ */
+ var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0);
+
+ /**
+ * Default Constructor.
+ *
+ * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
+ * CRYPT_RIJNDAEL_MODE_ECB or CRYPT_RIJNDAEL_MODE_CBC. If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used.
+ *
+ * @param optional Integer $mode
+ * @return Crypt_Rijndael
+ * @access public
+ */
+ function Crypt_Rijndael($mode = CRYPT_RIJNDAEL_MODE_CBC)
+ {
+ switch ($mode) {
+ case CRYPT_RIJNDAEL_MODE_ECB:
+ case CRYPT_RIJNDAEL_MODE_CBC:
+ $this->paddable = true;
+ $this->mode = $mode;
+ break;
+ case CRYPT_RIJNDAEL_MODE_CTR:
+ case CRYPT_RIJNDAEL_MODE_CFB:
+ case CRYPT_RIJNDAEL_MODE_OFB:
+ $this->mode = $mode;
+ break;
+ default:
+ $this->paddable = true;
+ $this->mode = CRYPT_RIJNDAEL_MODE_CBC;
+ }
+
+ $t3 = &$this->t3;
+ $t2 = &$this->t2;
+ $t1 = &$this->t1;
+ $t0 = &$this->t0;
+
+ $dt3 = &$this->dt3;
+ $dt2 = &$this->dt2;
+ $dt1 = &$this->dt1;
+ $dt0 = &$this->dt0;
+
+ // according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=19> (section 5.2.1),
+ // precomputed tables can be used in the mixColumns phase. in that example, they're assigned t0...t3, so
+ // those are the names we'll use.
+ $t3 = array(
+ 0x6363A5C6, 0x7C7C84F8, 0x777799EE, 0x7B7B8DF6, 0xF2F20DFF, 0x6B6BBDD6, 0x6F6FB1DE, 0xC5C55491,
+ 0x30305060, 0x01010302, 0x6767A9CE, 0x2B2B7D56, 0xFEFE19E7, 0xD7D762B5, 0xABABE64D, 0x76769AEC,
+ 0xCACA458F, 0x82829D1F, 0xC9C94089, 0x7D7D87FA, 0xFAFA15EF, 0x5959EBB2, 0x4747C98E, 0xF0F00BFB,
+ 0xADADEC41, 0xD4D467B3, 0xA2A2FD5F, 0xAFAFEA45, 0x9C9CBF23, 0xA4A4F753, 0x727296E4, 0xC0C05B9B,
+ 0xB7B7C275, 0xFDFD1CE1, 0x9393AE3D, 0x26266A4C, 0x36365A6C, 0x3F3F417E, 0xF7F702F5, 0xCCCC4F83,
+ 0x34345C68, 0xA5A5F451, 0xE5E534D1, 0xF1F108F9, 0x717193E2, 0xD8D873AB, 0x31315362, 0x15153F2A,
+ 0x04040C08, 0xC7C75295, 0x23236546, 0xC3C35E9D, 0x18182830, 0x9696A137, 0x05050F0A, 0x9A9AB52F,
+ 0x0707090E, 0x12123624, 0x80809B1B, 0xE2E23DDF, 0xEBEB26CD, 0x2727694E, 0xB2B2CD7F, 0x75759FEA,
+ 0x09091B12, 0x83839E1D, 0x2C2C7458, 0x1A1A2E34, 0x1B1B2D36, 0x6E6EB2DC, 0x5A5AEEB4, 0xA0A0FB5B,
+ 0x5252F6A4, 0x3B3B4D76, 0xD6D661B7, 0xB3B3CE7D, 0x29297B52, 0xE3E33EDD, 0x2F2F715E, 0x84849713,
+ 0x5353F5A6, 0xD1D168B9, 0x00000000, 0xEDED2CC1, 0x20206040, 0xFCFC1FE3, 0xB1B1C879, 0x5B5BEDB6,
+ 0x6A6ABED4, 0xCBCB468D, 0xBEBED967, 0x39394B72, 0x4A4ADE94, 0x4C4CD498, 0x5858E8B0, 0xCFCF4A85,
+ 0xD0D06BBB, 0xEFEF2AC5, 0xAAAAE54F, 0xFBFB16ED, 0x4343C586, 0x4D4DD79A, 0x33335566, 0x85859411,
+ 0x4545CF8A, 0xF9F910E9, 0x02020604, 0x7F7F81FE, 0x5050F0A0, 0x3C3C4478, 0x9F9FBA25, 0xA8A8E34B,
+ 0x5151F3A2, 0xA3A3FE5D, 0x4040C080, 0x8F8F8A05, 0x9292AD3F, 0x9D9DBC21, 0x38384870, 0xF5F504F1,
+ 0xBCBCDF63, 0xB6B6C177, 0xDADA75AF, 0x21216342, 0x10103020, 0xFFFF1AE5, 0xF3F30EFD, 0xD2D26DBF,
+ 0xCDCD4C81, 0x0C0C1418, 0x13133526, 0xECEC2FC3, 0x5F5FE1BE, 0x9797A235, 0x4444CC88, 0x1717392E,
+ 0xC4C45793, 0xA7A7F255, 0x7E7E82FC, 0x3D3D477A, 0x6464ACC8, 0x5D5DE7BA, 0x19192B32, 0x737395E6,
+ 0x6060A0C0, 0x81819819, 0x4F4FD19E, 0xDCDC7FA3, 0x22226644, 0x2A2A7E54, 0x9090AB3B, 0x8888830B,
+ 0x4646CA8C, 0xEEEE29C7, 0xB8B8D36B, 0x14143C28, 0xDEDE79A7, 0x5E5EE2BC, 0x0B0B1D16, 0xDBDB76AD,
+ 0xE0E03BDB, 0x32325664, 0x3A3A4E74, 0x0A0A1E14, 0x4949DB92, 0x06060A0C, 0x24246C48, 0x5C5CE4B8,
+ 0xC2C25D9F, 0xD3D36EBD, 0xACACEF43, 0x6262A6C4, 0x9191A839, 0x9595A431, 0xE4E437D3, 0x79798BF2,
+ 0xE7E732D5, 0xC8C8438B, 0x3737596E, 0x6D6DB7DA, 0x8D8D8C01, 0xD5D564B1, 0x4E4ED29C, 0xA9A9E049,
+ 0x6C6CB4D8, 0x5656FAAC, 0xF4F407F3, 0xEAEA25CF, 0x6565AFCA, 0x7A7A8EF4, 0xAEAEE947, 0x08081810,
+ 0xBABAD56F, 0x787888F0, 0x25256F4A, 0x2E2E725C, 0x1C1C2438, 0xA6A6F157, 0xB4B4C773, 0xC6C65197,
+ 0xE8E823CB, 0xDDDD7CA1, 0x74749CE8, 0x1F1F213E, 0x4B4BDD96, 0xBDBDDC61, 0x8B8B860D, 0x8A8A850F,
+ 0x707090E0, 0x3E3E427C, 0xB5B5C471, 0x6666AACC, 0x4848D890, 0x03030506, 0xF6F601F7, 0x0E0E121C,
+ 0x6161A3C2, 0x35355F6A, 0x5757F9AE, 0xB9B9D069, 0x86869117, 0xC1C15899, 0x1D1D273A, 0x9E9EB927,
+ 0xE1E138D9, 0xF8F813EB, 0x9898B32B, 0x11113322, 0x6969BBD2, 0xD9D970A9, 0x8E8E8907, 0x9494A733,
+ 0x9B9BB62D, 0x1E1E223C, 0x87879215, 0xE9E920C9, 0xCECE4987, 0x5555FFAA, 0x28287850, 0xDFDF7AA5,
+ 0x8C8C8F03, 0xA1A1F859, 0x89898009, 0x0D0D171A, 0xBFBFDA65, 0xE6E631D7, 0x4242C684, 0x6868B8D0,
+ 0x4141C382, 0x9999B029, 0x2D2D775A, 0x0F0F111E, 0xB0B0CB7B, 0x5454FCA8, 0xBBBBD66D, 0x16163A2C
+ );
+
+ $dt3 = array(
+ 0xF4A75051, 0x4165537E, 0x17A4C31A, 0x275E963A, 0xAB6BCB3B, 0x9D45F11F, 0xFA58ABAC, 0xE303934B,
+ 0x30FA5520, 0x766DF6AD, 0xCC769188, 0x024C25F5, 0xE5D7FC4F, 0x2ACBD7C5, 0x35448026, 0x62A38FB5,
+ 0xB15A49DE, 0xBA1B6725, 0xEA0E9845, 0xFEC0E15D, 0x2F7502C3, 0x4CF01281, 0x4697A38D, 0xD3F9C66B,
+ 0x8F5FE703, 0x929C9515, 0x6D7AEBBF, 0x5259DA95, 0xBE832DD4, 0x7421D358, 0xE0692949, 0xC9C8448E,
+ 0xC2896A75, 0x8E7978F4, 0x583E6B99, 0xB971DD27, 0xE14FB6BE, 0x88AD17F0, 0x20AC66C9, 0xCE3AB47D,
+ 0xDF4A1863, 0x1A3182E5, 0x51336097, 0x537F4562, 0x6477E0B1, 0x6BAE84BB, 0x81A01CFE, 0x082B94F9,
+ 0x48685870, 0x45FD198F, 0xDE6C8794, 0x7BF8B752, 0x73D323AB, 0x4B02E272, 0x1F8F57E3, 0x55AB2A66,
+ 0xEB2807B2, 0xB5C2032F, 0xC57B9A86, 0x3708A5D3, 0x2887F230, 0xBFA5B223, 0x036ABA02, 0x16825CED,
+ 0xCF1C2B8A, 0x79B492A7, 0x07F2F0F3, 0x69E2A14E, 0xDAF4CD65, 0x05BED506, 0x34621FD1, 0xA6FE8AC4,
+ 0x2E539D34, 0xF355A0A2, 0x8AE13205, 0xF6EB75A4, 0x83EC390B, 0x60EFAA40, 0x719F065E, 0x6E1051BD,
+ 0x218AF93E, 0xDD063D96, 0x3E05AEDD, 0xE6BD464D, 0x548DB591, 0xC45D0571, 0x06D46F04, 0x5015FF60,
+ 0x98FB2419, 0xBDE997D6, 0x4043CC89, 0xD99E7767, 0xE842BDB0, 0x898B8807, 0x195B38E7, 0xC8EEDB79,
+ 0x7C0A47A1, 0x420FE97C, 0x841EC9F8, 0x00000000, 0x80868309, 0x2BED4832, 0x1170AC1E, 0x5A724E6C,
+ 0x0EFFFBFD, 0x8538560F, 0xAED51E3D, 0x2D392736, 0x0FD9640A, 0x5CA62168, 0x5B54D19B, 0x362E3A24,
+ 0x0A67B10C, 0x57E70F93, 0xEE96D2B4, 0x9B919E1B, 0xC0C54F80, 0xDC20A261, 0x774B695A, 0x121A161C,
+ 0x93BA0AE2, 0xA02AE5C0, 0x22E0433C, 0x1B171D12, 0x090D0B0E, 0x8BC7ADF2, 0xB6A8B92D, 0x1EA9C814,
+ 0xF1198557, 0x75074CAF, 0x99DDBBEE, 0x7F60FDA3, 0x01269FF7, 0x72F5BC5C, 0x663BC544, 0xFB7E345B,
+ 0x4329768B, 0x23C6DCCB, 0xEDFC68B6, 0xE4F163B8, 0x31DCCAD7, 0x63851042, 0x97224013, 0xC6112084,
+ 0x4A247D85, 0xBB3DF8D2, 0xF93211AE, 0x29A16DC7, 0x9E2F4B1D, 0xB230F3DC, 0x8652EC0D, 0xC1E3D077,
+ 0xB3166C2B, 0x70B999A9, 0x9448FA11, 0xE9642247, 0xFC8CC4A8, 0xF03F1AA0, 0x7D2CD856, 0x3390EF22,
+ 0x494EC787, 0x38D1C1D9, 0xCAA2FE8C, 0xD40B3698, 0xF581CFA6, 0x7ADE28A5, 0xB78E26DA, 0xADBFA43F,
+ 0x3A9DE42C, 0x78920D50, 0x5FCC9B6A, 0x7E466254, 0x8D13C2F6, 0xD8B8E890, 0x39F75E2E, 0xC3AFF582,
+ 0x5D80BE9F, 0xD0937C69, 0xD52DA96F, 0x2512B3CF, 0xAC993BC8, 0x187DA710, 0x9C636EE8, 0x3BBB7BDB,
+ 0x267809CD, 0x5918F46E, 0x9AB701EC, 0x4F9AA883, 0x956E65E6, 0xFFE67EAA, 0xBCCF0821, 0x15E8E6EF,
+ 0xE79BD9BA, 0x6F36CE4A, 0x9F09D4EA, 0xB07CD629, 0xA4B2AF31, 0x3F23312A, 0xA59430C6, 0xA266C035,
+ 0x4EBC3774, 0x82CAA6FC, 0x90D0B0E0, 0xA7D81533, 0x04984AF1, 0xECDAF741, 0xCD500E7F, 0x91F62F17,
+ 0x4DD68D76, 0xEFB04D43, 0xAA4D54CC, 0x9604DFE4, 0xD1B5E39E, 0x6A881B4C, 0x2C1FB8C1, 0x65517F46,
+ 0x5EEA049D, 0x8C355D01, 0x877473FA, 0x0B412EFB, 0x671D5AB3, 0xDBD25292, 0x105633E9, 0xD647136D,
+ 0xD7618C9A, 0xA10C7A37, 0xF8148E59, 0x133C89EB, 0xA927EECE, 0x61C935B7, 0x1CE5EDE1, 0x47B13C7A,
+ 0xD2DF599C, 0xF2733F55, 0x14CE7918, 0xC737BF73, 0xF7CDEA53, 0xFDAA5B5F, 0x3D6F14DF, 0x44DB8678,
+ 0xAFF381CA, 0x68C43EB9, 0x24342C38, 0xA3405FC2, 0x1DC37216, 0xE2250CBC, 0x3C498B28, 0x0D9541FF,
+ 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064, 0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0
+ );
+
+ for ($i = 0; $i < 256; $i++) {
+ $t2[] = (($t3[$i] << 8) & 0xFFFFFF00) | (($t3[$i] >> 24) & 0x000000FF);
+ $t1[] = (($t3[$i] << 16) & 0xFFFF0000) | (($t3[$i] >> 16) & 0x0000FFFF);
+ $t0[] = (($t3[$i] << 24) & 0xFF000000) | (($t3[$i] >> 8) & 0x00FFFFFF);
+
+ $dt2[] = (($dt3[$i] << 8) & 0xFFFFFF00) | (($dt3[$i] >> 24) & 0x000000FF);
+ $dt1[] = (($dt3[$i] << 16) & 0xFFFF0000) | (($dt3[$i] >> 16) & 0x0000FFFF);
+ $dt0[] = (($dt3[$i] << 24) & 0xFF000000) | (($dt3[$i] >> 8) & 0x00FFFFFF);
+ }
+ }
+
+ /**
+ * Sets the key.
+ *
+ * Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and
+ * whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length
+ * up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the
+ * excess bits.
+ *
+ * If the key is not explicitly set, it'll be assumed to be all null bytes.
+ *
+ * @access public
+ * @param String $key
+ */
+ function setKey($key)
+ {
+ $this->key = $key;
+ $this->changed = true;
+ }
+
+ /**
+ * Sets the initialization vector. (optional)
+ *
+ * SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed
+ * to be all zero's.
+ *
+ * @access public
+ * @param String $iv
+ */
+ function setIV($iv)
+ {
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, $this->block_size), $this->block_size, chr(0));
+ }
+
+ /**
+ * Sets the key length
+ *
+ * Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
+ * 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
+ *
+ * @access public
+ * @param Integer $length
+ */
+ function setKeyLength($length)
+ {
+ $length >>= 5;
+ if ($length > 8) {
+ $length = 8;
+ } else if ($length < 4) {
+ $length = 4;
+ }
+ $this->Nk = $length;
+ $this->key_size = $length << 2;
+
+ $this->explicit_key_length = true;
+ $this->changed = true;
+ }
+
+ /**
+ * Sets the password.
+ *
+ * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
+ * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}:
+ * $hash, $salt, $method
+ * Set $dkLen by calling setKeyLength()
+ *
+ * @param String $password
+ * @param optional String $method
+ * @access public
+ */
+ function setPassword($password, $method = 'pbkdf2')
+ {
+ $key = '';
+
+ switch ($method) {
+ default: // 'pbkdf2'
+ list(, , $hash, $salt, $count) = func_get_args();
+ if (!isset($hash)) {
+ $hash = 'sha1';
+ }
+ // WPA and WPA2 use the SSID as the salt
+ if (!isset($salt)) {
+ $salt = 'phpseclib';
+ }
+ // RFC2898#section-4.2 uses 1,000 iterations by default
+ // WPA and WPA2 use 4,096.
+ if (!isset($count)) {
+ $count = 1000;
+ }
+
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+
+ $i = 1;
+ while (strlen($key) < $this->key_size) { // $dkLen == $this->key_size
+ //$dk.= $this->_pbkdf($password, $salt, $count, $i++);
+ $hmac = new Crypt_Hash();
+ $hmac->setHash($hash);
+ $hmac->setKey($password);
+ $f = $u = $hmac->hash($salt . pack('N', $i++));
+ for ($j = 2; $j <= $count; $j++) {
+ $u = $hmac->hash($u);
+ $f^= $u;
+ }
+ $key.= $f;
+ }
+ }
+
+ $this->setKey(substr($key, 0, $this->key_size));
+ }
+
+ /**
+ * Sets the block length
+ *
+ * Valid block lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to
+ * 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.
+ *
+ * @access public
+ * @param Integer $length
+ */
+ function setBlockLength($length)
+ {
+ $length >>= 5;
+ if ($length > 8) {
+ $length = 8;
+ } else if ($length < 4) {
+ $length = 4;
+ }
+ $this->Nb = $length;
+ $this->block_size = $length << 2;
+ $this->changed = true;
+ }
+
+ /**
+ * Generate CTR XOR encryption key
+ *
+ * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
+ * plaintext / ciphertext in CTR mode.
+ *
+ * @see Crypt_Rijndael::decrypt()
+ * @see Crypt_Rijndael::encrypt()
+ * @access public
+ * @param Integer $length
+ * @param String $iv
+ */
+ function _generate_xor($length, &$iv)
+ {
+ $xor = '';
+ $block_size = $this->block_size;
+ $num_blocks = floor(($length + ($block_size - 1)) / $block_size);
+ for ($i = 0; $i < $num_blocks; $i++) {
+ $xor.= $iv;
+ for ($j = 4; $j <= $block_size; $j+=4) {
+ $temp = substr($iv, -$j, 4);
+ switch ($temp) {
+ case "\xFF\xFF\xFF\xFF":
+ $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
+ break;
+ case "\x7F\xFF\xFF\xFF":
+ $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
+ break 2;
+ default:
+ extract(unpack('Ncount', $temp));
+ $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
+ break 2;
+ }
+ }
+ }
+
+ return $xor;
+ }
+
+ /**
+ * Encrypts a message.
+ *
+ * $plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other Rjindael
+ * implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's
+ * necessary are discussed in the following
+ * URL:
+ *
+ * {@link http://www.di-mgt.com.au/cryptopad.html http://www.di-mgt.com.au/cryptopad.html}
+ *
+ * An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does.
+ * strlen($plaintext) will still need to be a multiple of 8, however, arbitrary values can be added to make it that
+ * length.
+ *
+ * @see Crypt_Rijndael::decrypt()
+ * @access public
+ * @param String $plaintext
+ */
+ function encrypt($plaintext)
+ {
+ $this->_setup();
+ if ($this->paddable) {
+ $plaintext = $this->_pad($plaintext);
+ }
+
+ $block_size = $this->block_size;
+ $buffer = &$this->enbuffer;
+ $ciphertext = '';
+ switch ($this->mode) {
+ case CRYPT_RIJNDAEL_MODE_ECB:
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
+ $ciphertext.= $this->_encryptBlock(substr($plaintext, $i, $block_size));
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_CBC:
+ $xor = $this->encryptIV;
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
+ $block = substr($plaintext, $i, $block_size);
+ $block = $this->_encryptBlock($block ^ $xor);
+ $xor = $block;
+ $ciphertext.= $block;
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_CTR:
+ $xor = $this->encryptIV;
+ if (strlen($buffer['encrypted'])) {
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
+ $block = substr($plaintext, $i, $block_size);
+ $buffer['encrypted'].= $this->_encryptBlock($this->_generate_xor($block_size, $xor));
+ $key = $this->_string_shift($buffer['encrypted'], $block_size);
+ $ciphertext.= $block ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
+ $block = substr($plaintext, $i, $block_size);
+ $key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
+ $ciphertext.= $block ^ $key;
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ if ($start = strlen($plaintext) % $block_size) {
+ $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted'];
+ }
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_CFB:
+ // cfb loosely routines inspired by openssl's:
+ // http://cvs.openssl.org/fileview?f=openssl/crypto/modes/cfb128.c&v=1.3.2.2.2.1
+ if ($this->continuousBuffer) {
+ $iv = &$this->encryptIV;
+ $pos = &$buffer['pos'];
+ } else {
+ $iv = $this->encryptIV;
+ $pos = 0;
+ }
+ $len = strlen($plaintext);
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = $block_size - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize
+ $ciphertext = substr($iv, $orig_pos) ^ $plaintext;
+ $iv = substr_replace($iv, $ciphertext, $orig_pos, $i);
+ }
+ while ($len >= $block_size) {
+ $iv = $this->_encryptBlock($iv) ^ substr($plaintext, $i, $block_size);
+ $ciphertext.= $iv;
+ $len-= $block_size;
+ $i+= $block_size;
+ }
+ if ($len) {
+ $iv = $this->_encryptBlock($iv);
+ $block = $iv ^ substr($plaintext, $i);
+ $iv = substr_replace($iv, $block, 0, $len);
+ $ciphertext.= $block;
+ $pos = $len;
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_OFB:
+ $xor = $this->encryptIV;
+ if (strlen($buffer['xor'])) {
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
+ $xor = $this->_encryptBlock($xor);
+ $buffer['xor'].= $xor;
+ $key = $this->_string_shift($buffer['xor'], $block_size);
+ $ciphertext.= substr($plaintext, $i, $block_size) ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($plaintext); $i+=$block_size) {
+ $xor = $this->_encryptBlock($xor);
+ $ciphertext.= substr($plaintext, $i, $block_size) ^ $xor;
+ }
+ $key = $xor;
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ if ($start = strlen($plaintext) % $block_size) {
+ $buffer['xor'] = substr($key, $start) . $buffer['xor'];
+ }
+ }
+ }
+
+ return $ciphertext;
+ }
+
+ /**
+ * Decrypts a message.
+ *
+ * If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until
+ * it is.
+ *
+ * @see Crypt_Rijndael::encrypt()
+ * @access public
+ * @param String $ciphertext
+ */
+ function decrypt($ciphertext)
+ {
+ $this->_setup();
+
+ if ($this->paddable) {
+ // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
+ // "The data is padded with "\0" to make sure the length of the data is n * blocksize."
+ $ciphertext = str_pad($ciphertext, strlen($ciphertext) + ($this->block_size - strlen($ciphertext) % $this->block_size) % $this->block_size, chr(0));
+ }
+
+ $block_size = $this->block_size;
+ $buffer = &$this->debuffer;
+ $plaintext = '';
+ switch ($this->mode) {
+ case CRYPT_RIJNDAEL_MODE_ECB:
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
+ $plaintext.= $this->_decryptBlock(substr($ciphertext, $i, $block_size));
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_CBC:
+ $xor = $this->decryptIV;
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
+ $block = substr($ciphertext, $i, $block_size);
+ $plaintext.= $this->_decryptBlock($block) ^ $xor;
+ $xor = $block;
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_CTR:
+ $xor = $this->decryptIV;
+ if (strlen($buffer['ciphertext'])) {
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
+ $block = substr($ciphertext, $i, $block_size);
+ $buffer['ciphertext'].= $this->_encryptBlock($this->_generate_xor($block_size, $xor));
+ $key = $this->_string_shift($buffer['ciphertext'], $block_size);
+ $plaintext.= $block ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
+ $block = substr($ciphertext, $i, $block_size);
+ $key = $this->_encryptBlock($this->_generate_xor($block_size, $xor));
+ $plaintext.= $block ^ $key;
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ if ($start = strlen($ciphertext) % $block_size) {
+ $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext'];
+ }
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_CFB:
+ if ($this->continuousBuffer) {
+ $iv = &$this->decryptIV;
+ $pos = &$buffer['pos'];
+ } else {
+ $iv = $this->decryptIV;
+ $pos = 0;
+ }
+ $len = strlen($ciphertext);
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = $block_size - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ // ie. $i = min($max, $len), $len-= $i, $pos+= $i, $pos%= $blocksize
+ $plaintext = substr($iv, $orig_pos) ^ $ciphertext;
+ $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i);
+ }
+ while ($len >= $block_size) {
+ $iv = $this->_encryptBlock($iv);
+ $cb = substr($ciphertext, $i, $block_size);
+ $plaintext.= $iv ^ $cb;
+ $iv = $cb;
+ $len-= $block_size;
+ $i+= $block_size;
+ }
+ if ($len) {
+ $iv = $this->_encryptBlock($iv);
+ $plaintext.= $iv ^ substr($ciphertext, $i);
+ $iv = substr_replace($iv, substr($ciphertext, $i), 0, $len);
+ $pos = $len;
+ }
+ break;
+ case CRYPT_RIJNDAEL_MODE_OFB:
+ $xor = $this->decryptIV;
+ if (strlen($buffer['xor'])) {
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
+ $xor = $this->_encryptBlock($xor);
+ $buffer['xor'].= $xor;
+ $key = $this->_string_shift($buffer['xor'], $block_size);
+ $plaintext.= substr($ciphertext, $i, $block_size) ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($ciphertext); $i+=$block_size) {
+ $xor = $this->_encryptBlock($xor);
+ $plaintext.= substr($ciphertext, $i, $block_size) ^ $xor;
+ }
+ $key = $xor;
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ if ($start = strlen($ciphertext) % $block_size) {
+ $buffer['xor'] = substr($key, $start) . $buffer['xor'];
+ }
+ }
+ }
+
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ /**
+ * Encrypts a block
+ *
+ * @access private
+ * @param String $in
+ * @return String
+ */
+ function _encryptBlock($in)
+ {
+ $state = array();
+ $words = unpack('N*word', $in);
+
+ $w = $this->w;
+ $t0 = $this->t0;
+ $t1 = $this->t1;
+ $t2 = $this->t2;
+ $t3 = $this->t3;
+ $Nb = $this->Nb;
+ $Nr = $this->Nr;
+ $c = $this->c;
+
+ // addRoundKey
+ $i = -1;
+ foreach ($words as $word) {
+ $state[] = $word ^ $w[0][++$i];
+ }
+
+ // fips-197.pdf#page=19, "Figure 5. Pseudo Code for the Cipher", states that this loop has four components -
+ // subBytes, shiftRows, mixColumns, and addRoundKey. fips-197.pdf#page=30, "Implementation Suggestions Regarding
+ // Various Platforms" suggests that performs enhanced implementations are described in Rijndael-ammended.pdf.
+ // Rijndael-ammended.pdf#page=20, "Implementation aspects / 32-bit processor", discusses such an optimization.
+ // Unfortunately, the description given there is not quite correct. Per aes.spec.v316.pdf#page=19 [1],
+ // equation (7.4.7) is supposed to use addition instead of subtraction, so we'll do that here, as well.
+
+ // [1] http://fp.gladman.plus.com/cryptography_technology/rijndael/aes.spec.v316.pdf
+ $temp = array();
+ for ($round = 1; $round < $Nr; ++$round) {
+ $i = 0; // $c[0] == 0
+ $j = $c[1];
+ $k = $c[2];
+ $l = $c[3];
+
+ while ($i < $Nb) {
+ $temp[$i] = $t0[$state[$i] >> 24 & 0x000000FF] ^
+ $t1[$state[$j] >> 16 & 0x000000FF] ^
+ $t2[$state[$k] >> 8 & 0x000000FF] ^
+ $t3[$state[$l] & 0x000000FF] ^
+ $w[$round][$i];
+ ++$i;
+ $j = ($j + 1) % $Nb;
+ $k = ($k + 1) % $Nb;
+ $l = ($l + 1) % $Nb;
+ }
+ $state = $temp;
+ }
+
+ // subWord
+ for ($i = 0; $i < $Nb; ++$i) {
+ $state[$i] = $this->_subWord($state[$i]);
+ }
+
+ // shiftRows + addRoundKey
+ $i = 0; // $c[0] == 0
+ $j = $c[1];
+ $k = $c[2];
+ $l = $c[3];
+ while ($i < $Nb) {
+ $temp[$i] = ($state[$i] & 0xFF000000) ^
+ ($state[$j] & 0x00FF0000) ^
+ ($state[$k] & 0x0000FF00) ^
+ ($state[$l] & 0x000000FF) ^
+ $w[$Nr][$i];
+ ++$i;
+ $j = ($j + 1) % $Nb;
+ $k = ($k + 1) % $Nb;
+ $l = ($l + 1) % $Nb;
+ }
+
+ // 100% ugly switch/case code... but ~5% faster (meaning: ~half second faster de/encrypting 1MB text, tested with php5.4.9 on linux/32bit with an AMD Athlon II P360 CPU) then the commented smart code below. Don't know it's worth or not
+ switch ($Nb) {
+ case 8:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]);
+ case 7:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6]);
+ case 6:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5]);
+ case 5:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4]);
+ default:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3]);
+ }
+ /*
+ $state = $temp;
+
+ array_unshift($state, 'N*');
+
+ return call_user_func_array('pack', $state);
+ */
+ }
+
+ /**
+ * Decrypts a block
+ *
+ * @access private
+ * @param String $in
+ * @return String
+ */
+ function _decryptBlock($in)
+ {
+ $state = array();
+ $words = unpack('N*word', $in);
+
+ $dw = $this->dw;
+ $dt0 = $this->dt0;
+ $dt1 = $this->dt1;
+ $dt2 = $this->dt2;
+ $dt3 = $this->dt3;
+ $Nb = $this->Nb;
+ $Nr = $this->Nr;
+ $c = $this->c;
+
+ // addRoundKey
+ $i = -1;
+ foreach ($words as $word) {
+ $state[] = $word ^ $dw[$Nr][++$i];
+ }
+
+ $temp = array();
+ for ($round = $Nr - 1; $round > 0; --$round) {
+ $i = 0; // $c[0] == 0
+ $j = $Nb - $c[1];
+ $k = $Nb - $c[2];
+ $l = $Nb - $c[3];
+
+ while ($i < $Nb) {
+ $temp[$i] = $dt0[$state[$i] >> 24 & 0x000000FF] ^
+ $dt1[$state[$j] >> 16 & 0x000000FF] ^
+ $dt2[$state[$k] >> 8 & 0x000000FF] ^
+ $dt3[$state[$l] & 0x000000FF] ^
+ $dw[$round][$i];
+ ++$i;
+ $j = ($j + 1) % $Nb;
+ $k = ($k + 1) % $Nb;
+ $l = ($l + 1) % $Nb;
+ }
+ $state = $temp;
+ }
+
+ // invShiftRows + invSubWord + addRoundKey
+ $i = 0; // $c[0] == 0
+ $j = $Nb - $c[1];
+ $k = $Nb - $c[2];
+ $l = $Nb - $c[3];
+
+ while ($i < $Nb) {
+ $temp[$i] = $dw[0][$i] ^
+ $this->_invSubWord(($state[$i] & 0xFF000000) |
+ ($state[$j] & 0x00FF0000) |
+ ($state[$k] & 0x0000FF00) |
+ ($state[$l] & 0x000000FF));
+ ++$i;
+ $j = ($j + 1) % $Nb;
+ $k = ($k + 1) % $Nb;
+ $l = ($l + 1) % $Nb;
+ }
+
+ switch ($Nb) {
+ case 8:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6], $temp[7]);
+ case 7:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5], $temp[6]);
+ case 6:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4], $temp[5]);
+ case 5:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3], $temp[4]);
+ default:
+ return pack('N*', $temp[0], $temp[1], $temp[2], $temp[3]);
+ }
+ /*
+ $state = $temp;
+
+ array_unshift($state, 'N*');
+
+ return call_user_func_array('pack', $state);
+ */
+ }
+
+ /**
+ * Setup Rijndael
+ *
+ * Validates all the variables and calculates $Nr - the number of rounds that need to be performed - and $w - the key
+ * key schedule.
+ *
+ * @access private
+ */
+ function _setup()
+ {
+ // Each number in $rcon is equal to the previous number multiplied by two in Rijndael's finite field.
+ // See http://en.wikipedia.org/wiki/Finite_field_arithmetic#Multiplicative_inverse
+ static $rcon = array(0,
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
+ 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000,
+ 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000,
+ 0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000,
+ 0x97000000, 0x35000000, 0x6A000000, 0xD4000000, 0xB3000000,
+ 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000
+ );
+
+ if (!$this->changed) {
+ return;
+ }
+
+ if (!$this->explicit_key_length) {
+ // we do >> 2, here, and not >> 5, as we do above, since strlen($this->key) tells us the number of bytes - not bits
+ $length = strlen($this->key) >> 2;
+ if ($length > 8) {
+ $length = 8;
+ } else if ($length < 4) {
+ $length = 4;
+ }
+ $this->Nk = $length;
+ $this->key_size = $length << 2;
+ }
+
+ $this->key = str_pad(substr($this->key, 0, $this->key_size), $this->key_size, chr(0));
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($this->iv, 0, $this->block_size), $this->block_size, chr(0));
+
+ // see Rijndael-ammended.pdf#page=44
+ $this->Nr = max($this->Nk, $this->Nb) + 6;
+
+ // shift offsets for Nb = 5, 7 are defined in Rijndael-ammended.pdf#page=44,
+ // "Table 8: Shift offsets in Shiftrow for the alternative block lengths"
+ // shift offsets for Nb = 4, 6, 8 are defined in Rijndael-ammended.pdf#page=14,
+ // "Table 2: Shift offsets for different block lengths"
+ switch ($this->Nb) {
+ case 4:
+ case 5:
+ case 6:
+ $this->c = array(0, 1, 2, 3);
+ break;
+ case 7:
+ $this->c = array(0, 1, 2, 4);
+ break;
+ case 8:
+ $this->c = array(0, 1, 3, 4);
+ }
+
+ $key = $this->key;
+
+ $w = array_values(unpack('N*words', $key));
+
+ $length = $this->Nb * ($this->Nr + 1);
+ for ($i = $this->Nk; $i < $length; $i++) {
+ $temp = $w[$i - 1];
+ if ($i % $this->Nk == 0) {
+ // according to <http://php.net/language.types.integer>, "the size of an integer is platform-dependent".
+ // on a 32-bit machine, it's 32-bits, and on a 64-bit machine, it's 64-bits. on a 32-bit machine,
+ // 0xFFFFFFFF << 8 == 0xFFFFFF00, but on a 64-bit machine, it equals 0xFFFFFFFF00. as such, doing 'and'
+ // with 0xFFFFFFFF (or 0xFFFFFF00) on a 32-bit machine is unnecessary, but on a 64-bit machine, it is.
+ $temp = (($temp << 8) & 0xFFFFFF00) | (($temp >> 24) & 0x000000FF); // rotWord
+ $temp = $this->_subWord($temp) ^ $rcon[$i / $this->Nk];
+ } else if ($this->Nk > 6 && $i % $this->Nk == 4) {
+ $temp = $this->_subWord($temp);
+ }
+ $w[$i] = $w[$i - $this->Nk] ^ $temp;
+ }
+
+ // convert the key schedule from a vector of $Nb * ($Nr + 1) length to a matrix with $Nr + 1 rows and $Nb columns
+ // and generate the inverse key schedule. more specifically,
+ // according to <http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf#page=23> (section 5.3.3),
+ // "The key expansion for the Inverse Cipher is defined as follows:
+ // 1. Apply the Key Expansion.
+ // 2. Apply InvMixColumn to all Round Keys except the first and the last one."
+ // also, see fips-197.pdf#page=27, "5.3.5 Equivalent Inverse Cipher"
+ $temp = array();
+ for ($i = $row = $col = 0; $i < $length; $i++, $col++) {
+ if ($col == $this->Nb) {
+ if ($row == 0) {
+ $this->dw[0] = $this->w[0];
+ } else {
+ // subWord + invMixColumn + invSubWord = invMixColumn
+ $j = 0;
+ while ($j < $this->Nb) {
+ $dw = $this->_subWord($this->w[$row][$j]);
+ $temp[$j] = $this->dt0[$dw >> 24 & 0x000000FF] ^
+ $this->dt1[$dw >> 16 & 0x000000FF] ^
+ $this->dt2[$dw >> 8 & 0x000000FF] ^
+ $this->dt3[$dw & 0x000000FF];
+ $j++;
+ }
+ $this->dw[$row] = $temp;
+ }
+
+ $col = 0;
+ $row++;
+ }
+ $this->w[$row][$col] = $w[$i];
+ }
+
+ $this->dw[$row] = $this->w[$row];
+
+ $this->changed = false;
+ }
+
+ /**
+ * Performs S-Box substitutions
+ *
+ * @access private
+ */
+ function _subWord($word)
+ {
+ static $sbox0, $sbox1, $sbox2, $sbox3;
+
+ if (empty($sbox0)) {
+ $sbox0 = array(
+ 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76,
+ 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0,
+ 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15,
+ 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75,
+ 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84,
+ 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF,
+ 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8,
+ 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2,
+ 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73,
+ 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB,
+ 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79,
+ 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08,
+ 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A,
+ 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E,
+ 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF,
+ 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16
+ );
+
+ $sbox1 = array();
+ $sbox2 = array();
+ $sbox3 = array();
+
+ for ($i = 0; $i < 256; $i++) {
+ $sbox1[] = $sbox0[$i] << 8;
+ $sbox2[] = $sbox0[$i] << 16;
+ $sbox3[] = $sbox0[$i] << 24;
+ }
+ }
+
+ return $sbox0[$word & 0x000000FF] |
+ $sbox1[$word >> 8 & 0x000000FF] |
+ $sbox2[$word >> 16 & 0x000000FF] |
+ $sbox3[$word >> 24 & 0x000000FF];
+ }
+
+
+ /**
+ * Performs inverse S-Box substitutions
+ *
+ * @access private
+ */
+ function _invSubWord($word)
+ {
+ static $sbox0, $sbox1, $sbox2, $sbox3;
+
+ if (empty($sbox0)) {
+ $sbox0 = array(
+ 0x52, 0x09, 0x6A, 0xD5, 0x30, 0x36, 0xA5, 0x38, 0xBF, 0x40, 0xA3, 0x9E, 0x81, 0xF3, 0xD7, 0xFB,
+ 0x7C, 0xE3, 0x39, 0x82, 0x9B, 0x2F, 0xFF, 0x87, 0x34, 0x8E, 0x43, 0x44, 0xC4, 0xDE, 0xE9, 0xCB,
+ 0x54, 0x7B, 0x94, 0x32, 0xA6, 0xC2, 0x23, 0x3D, 0xEE, 0x4C, 0x95, 0x0B, 0x42, 0xFA, 0xC3, 0x4E,
+ 0x08, 0x2E, 0xA1, 0x66, 0x28, 0xD9, 0x24, 0xB2, 0x76, 0x5B, 0xA2, 0x49, 0x6D, 0x8B, 0xD1, 0x25,
+ 0x72, 0xF8, 0xF6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xD4, 0xA4, 0x5C, 0xCC, 0x5D, 0x65, 0xB6, 0x92,
+ 0x6C, 0x70, 0x48, 0x50, 0xFD, 0xED, 0xB9, 0xDA, 0x5E, 0x15, 0x46, 0x57, 0xA7, 0x8D, 0x9D, 0x84,
+ 0x90, 0xD8, 0xAB, 0x00, 0x8C, 0xBC, 0xD3, 0x0A, 0xF7, 0xE4, 0x58, 0x05, 0xB8, 0xB3, 0x45, 0x06,
+ 0xD0, 0x2C, 0x1E, 0x8F, 0xCA, 0x3F, 0x0F, 0x02, 0xC1, 0xAF, 0xBD, 0x03, 0x01, 0x13, 0x8A, 0x6B,
+ 0x3A, 0x91, 0x11, 0x41, 0x4F, 0x67, 0xDC, 0xEA, 0x97, 0xF2, 0xCF, 0xCE, 0xF0, 0xB4, 0xE6, 0x73,
+ 0x96, 0xAC, 0x74, 0x22, 0xE7, 0xAD, 0x35, 0x85, 0xE2, 0xF9, 0x37, 0xE8, 0x1C, 0x75, 0xDF, 0x6E,
+ 0x47, 0xF1, 0x1A, 0x71, 0x1D, 0x29, 0xC5, 0x89, 0x6F, 0xB7, 0x62, 0x0E, 0xAA, 0x18, 0xBE, 0x1B,
+ 0xFC, 0x56, 0x3E, 0x4B, 0xC6, 0xD2, 0x79, 0x20, 0x9A, 0xDB, 0xC0, 0xFE, 0x78, 0xCD, 0x5A, 0xF4,
+ 0x1F, 0xDD, 0xA8, 0x33, 0x88, 0x07, 0xC7, 0x31, 0xB1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xEC, 0x5F,
+ 0x60, 0x51, 0x7F, 0xA9, 0x19, 0xB5, 0x4A, 0x0D, 0x2D, 0xE5, 0x7A, 0x9F, 0x93, 0xC9, 0x9C, 0xEF,
+ 0xA0, 0xE0, 0x3B, 0x4D, 0xAE, 0x2A, 0xF5, 0xB0, 0xC8, 0xEB, 0xBB, 0x3C, 0x83, 0x53, 0x99, 0x61,
+ 0x17, 0x2B, 0x04, 0x7E, 0xBA, 0x77, 0xD6, 0x26, 0xE1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0C, 0x7D
+ );
+
+ $sbox1 = array();
+ $sbox2 = array();
+ $sbox3 = array();
+
+ for ($i = 0; $i < 256; $i++) {
+ $sbox1[] = $sbox0[$i] << 8;
+ $sbox2[] = $sbox0[$i] << 16;
+ $sbox3[] = $sbox0[$i] << 24;
+ }
+ }
+
+ return $sbox0[$word & 0x000000FF] |
+ $sbox1[$word >> 8 & 0x000000FF] |
+ $sbox2[$word >> 16 & 0x000000FF] |
+ $sbox3[$word >> 24 & 0x000000FF];
+ }
+
+ /**
+ * Pad "packets".
+ *
+ * Rijndael works by encrypting between sixteen and thirty-two bytes at a time, provided that number is also a multiple
+ * of four. If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to
+ * pad the input so that it is of the proper length.
+ *
+ * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH,
+ * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
+ * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
+ * transmitted separately)
+ *
+ * @see Crypt_Rijndael::disablePadding()
+ * @access public
+ */
+ function enablePadding()
+ {
+ $this->padding = true;
+ }
+
+ /**
+ * Do not pad packets.
+ *
+ * @see Crypt_Rijndael::enablePadding()
+ * @access public
+ */
+ function disablePadding()
+ {
+ $this->padding = false;
+ }
+
+ /**
+ * Pads a string
+ *
+ * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize.
+ * $block_size - (strlen($text) % $block_size) bytes are added, each of which is equal to
+ * chr($block_size - (strlen($text) % $block_size)
+ *
+ * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
+ * and padding will, hence forth, be enabled.
+ *
+ * @see Crypt_Rijndael::_unpad()
+ * @access private
+ */
+ function _pad($text)
+ {
+ $length = strlen($text);
+
+ if (!$this->padding) {
+ if ($length % $this->block_size == 0) {
+ return $text;
+ } else {
+ user_error("The plaintext's length ($length) is not a multiple of the block size ({$this->block_size})");
+ $this->padding = true;
+ }
+ }
+
+ $pad = $this->block_size - ($length % $this->block_size);
+
+ return str_pad($text, $length + $pad, chr($pad));
+ }
+
+ /**
+ * Unpads a string.
+ *
+ * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
+ * and false will be returned.
+ *
+ * @see Crypt_Rijndael::_pad()
+ * @access private
+ */
+ function _unpad($text)
+ {
+ if (!$this->padding) {
+ return $text;
+ }
+
+ $length = ord($text[strlen($text) - 1]);
+
+ if (!$length || $length > $this->block_size) {
+ return false;
+ }
+
+ return substr($text, 0, -$length);
+ }
+
+ /**
+ * Treat consecutive "packets" as if they are a continuous buffer.
+ *
+ * Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets
+ * will yield different outputs:
+ *
+ * <code>
+ * echo $rijndael->encrypt(substr($plaintext, 0, 16));
+ * echo $rijndael->encrypt(substr($plaintext, 16, 16));
+ * </code>
+ * <code>
+ * echo $rijndael->encrypt($plaintext);
+ * </code>
+ *
+ * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
+ * another, as demonstrated with the following:
+ *
+ * <code>
+ * $rijndael->encrypt(substr($plaintext, 0, 16));
+ * echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
+ * </code>
+ * <code>
+ * echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
+ * </code>
+ *
+ * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
+ * outputs. The reason is due to the fact that the initialization vector's change after every encryption /
+ * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
+ *
+ * Put another way, when the continuous buffer is enabled, the state of the Crypt_Rijndael() object changes after each
+ * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
+ * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
+ * however, they are also less intuitive and more likely to cause you problems.
+ *
+ * @see Crypt_Rijndael::disableContinuousBuffer()
+ * @access public
+ */
+ function enableContinuousBuffer()
+ {
+ $this->continuousBuffer = true;
+ }
+
+ /**
+ * Treat consecutive packets as if they are a discontinuous buffer.
+ *
+ * The default behavior.
+ *
+ * @see Crypt_Rijndael::enableContinuousBuffer()
+ * @access public
+ */
+ function disableContinuousBuffer()
+ {
+ $this->continuousBuffer = false;
+ $this->encryptIV = $this->iv;
+ $this->decryptIV = $this->iv;
+ $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0);
+ $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0);
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+}
+
+// vim: ts=4:sw=4:et:
+// vim6: fdl=1: \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/TripleDES.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/TripleDES.php
new file mode 100644
index 00000000000..3b4c8c3622f
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Crypt/TripleDES.php
@@ -0,0 +1,1080 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of Triple DES.
+ *
+ * Uses mcrypt, if available, and an internal implementation, otherwise. Operates in the EDE3 mode (encrypt-decrypt-encrypt).
+ *
+ * PHP versions 4 and 5
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Crypt/TripleDES.php');
+ *
+ * $des = new Crypt_TripleDES();
+ *
+ * $des->setKey('abcdefghijklmnopqrstuvwx');
+ *
+ * $size = 10 * 1024;
+ * $plaintext = '';
+ * for ($i = 0; $i < $size; $i++) {
+ * $plaintext.= 'a';
+ * }
+ *
+ * echo $des->decrypt($des->encrypt($plaintext));
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Crypt
+ * @package Crypt_TripleDES
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: TripleDES.php,v 1.13 2010/02/26 03:40:25 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Crypt_DES
+ */
+if (!class_exists('Crypt_DES')) {
+ require_once('DES.php');
+}
+
+/**
+ * Encrypt / decrypt using inner chaining
+ *
+ * Inner chaining is used by SSH-1 and is generally considered to be less secure then outer chaining (CRYPT_DES_MODE_CBC3).
+ */
+define('CRYPT_DES_MODE_3CBC', -2);
+
+/**
+ * Encrypt / decrypt using outer chaining
+ *
+ * Outer chaining is used by SSH-2 and when the mode is set to CRYPT_DES_MODE_CBC.
+ */
+define('CRYPT_DES_MODE_CBC3', CRYPT_DES_MODE_CBC);
+
+/**
+ * Pure-PHP implementation of Triple DES.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Crypt_TerraDES
+ */
+class Crypt_TripleDES {
+ /**
+ * The Three Keys
+ *
+ * @see Crypt_TripleDES::setKey()
+ * @var String
+ * @access private
+ */
+ var $key = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * The Encryption Mode
+ *
+ * @see Crypt_TripleDES::Crypt_TripleDES()
+ * @var Integer
+ * @access private
+ */
+ var $mode = CRYPT_DES_MODE_CBC;
+
+ /**
+ * Continuous Buffer status
+ *
+ * @see Crypt_TripleDES::enableContinuousBuffer()
+ * @var Boolean
+ * @access private
+ */
+ var $continuousBuffer = false;
+
+ /**
+ * Padding status
+ *
+ * @see Crypt_TripleDES::enablePadding()
+ * @var Boolean
+ * @access private
+ */
+ var $padding = true;
+
+ /**
+ * The Initialization Vector
+ *
+ * @see Crypt_TripleDES::setIV()
+ * @var String
+ * @access private
+ */
+ var $iv = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * A "sliding" Initialization Vector
+ *
+ * @see Crypt_TripleDES::enableContinuousBuffer()
+ * @var String
+ * @access private
+ */
+ var $encryptIV = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * A "sliding" Initialization Vector
+ *
+ * @see Crypt_TripleDES::enableContinuousBuffer()
+ * @var String
+ * @access private
+ */
+ var $decryptIV = "\0\0\0\0\0\0\0\0";
+
+ /**
+ * The Crypt_DES objects
+ *
+ * @var Array
+ * @access private
+ */
+ var $des;
+
+ /**
+ * mcrypt resource for encryption
+ *
+ * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
+ * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
+ *
+ * @see Crypt_TripleDES::encrypt()
+ * @var String
+ * @access private
+ */
+ var $enmcrypt;
+
+ /**
+ * mcrypt resource for decryption
+ *
+ * The mcrypt resource can be recreated every time something needs to be created or it can be created just once.
+ * Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.
+ *
+ * @see Crypt_TripleDES::decrypt()
+ * @var String
+ * @access private
+ */
+ var $demcrypt;
+
+ /**
+ * Does the enmcrypt resource need to be (re)initialized?
+ *
+ * @see Crypt_TripleDES::setKey()
+ * @see Crypt_TripleDES::setIV()
+ * @var Boolean
+ * @access private
+ */
+ var $enchanged = true;
+
+ /**
+ * Does the demcrypt resource need to be (re)initialized?
+ *
+ * @see Crypt_TripleDES::setKey()
+ * @see Crypt_TripleDES::setIV()
+ * @var Boolean
+ * @access private
+ */
+ var $dechanged = true;
+
+ /**
+ * Is the mode one that is paddable?
+ *
+ * @see Crypt_TripleDES::Crypt_TripleDES()
+ * @var Boolean
+ * @access private
+ */
+ var $paddable = false;
+
+ /**
+ * Encryption buffer for CTR, OFB and CFB modes
+ *
+ * @see Crypt_TripleDES::encrypt()
+ * @var Array
+ * @access private
+ */
+ var $enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true);
+
+ /**
+ * Decryption buffer for CTR, OFB and CFB modes
+ *
+ * @see Crypt_TripleDES::decrypt()
+ * @var Array
+ * @access private
+ */
+ var $debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true);
+
+ /**
+ * mcrypt resource for CFB mode
+ *
+ * @see Crypt_TripleDES::encrypt()
+ * @see Crypt_TripleDES::decrypt()
+ * @var String
+ * @access private
+ */
+ var $ecb;
+
+ /**
+ * Default Constructor.
+ *
+ * Determines whether or not the mcrypt extension should be used. $mode should only, at present, be
+ * CRYPT_DES_MODE_ECB or CRYPT_DES_MODE_CBC. If not explictly set, CRYPT_DES_MODE_CBC will be used.
+ *
+ * @param optional Integer $mode
+ * @return Crypt_TripleDES
+ * @access public
+ */
+ function Crypt_TripleDES($mode = CRYPT_DES_MODE_CBC)
+ {
+ if ( !defined('CRYPT_DES_MODE') ) {
+ switch (true) {
+ case extension_loaded('mcrypt') && in_array('tripledes', mcrypt_list_algorithms()):
+ define('CRYPT_DES_MODE', CRYPT_DES_MODE_MCRYPT);
+ break;
+ default:
+ define('CRYPT_DES_MODE', CRYPT_DES_MODE_INTERNAL);
+ }
+ }
+
+ if ( $mode == CRYPT_DES_MODE_3CBC ) {
+ $this->mode = CRYPT_DES_MODE_3CBC;
+ $this->des = array(
+ new Crypt_DES(CRYPT_DES_MODE_CBC),
+ new Crypt_DES(CRYPT_DES_MODE_CBC),
+ new Crypt_DES(CRYPT_DES_MODE_CBC)
+ );
+ $this->paddable = true;
+
+ // we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
+ $this->des[0]->disablePadding();
+ $this->des[1]->disablePadding();
+ $this->des[2]->disablePadding();
+
+ return;
+ }
+
+ switch ( CRYPT_DES_MODE ) {
+ case CRYPT_DES_MODE_MCRYPT:
+ switch ($mode) {
+ case CRYPT_DES_MODE_ECB:
+ $this->paddable = true;
+ $this->mode = MCRYPT_MODE_ECB;
+ break;
+ case CRYPT_DES_MODE_CTR:
+ $this->mode = 'ctr';
+ break;
+ case CRYPT_DES_MODE_CFB:
+ $this->mode = 'ncfb';
+ $this->ecb = mcrypt_module_open(MCRYPT_3DES, '', MCRYPT_MODE_ECB, '');
+ break;
+ case CRYPT_DES_MODE_OFB:
+ $this->mode = MCRYPT_MODE_NOFB;
+ break;
+ case CRYPT_DES_MODE_CBC:
+ default:
+ $this->paddable = true;
+ $this->mode = MCRYPT_MODE_CBC;
+ }
+ $this->enmcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
+ $this->demcrypt = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
+
+ break;
+ default:
+ $this->des = array(
+ new Crypt_DES(CRYPT_DES_MODE_ECB),
+ new Crypt_DES(CRYPT_DES_MODE_ECB),
+ new Crypt_DES(CRYPT_DES_MODE_ECB)
+ );
+
+ // we're going to be doing the padding, ourselves, so disable it in the Crypt_DES objects
+ $this->des[0]->disablePadding();
+ $this->des[1]->disablePadding();
+ $this->des[2]->disablePadding();
+
+ switch ($mode) {
+ case CRYPT_DES_MODE_ECB:
+ case CRYPT_DES_MODE_CBC:
+ $this->paddable = true;
+ $this->mode = $mode;
+ break;
+ case CRYPT_DES_MODE_CTR:
+ case CRYPT_DES_MODE_CFB:
+ case CRYPT_DES_MODE_OFB:
+ $this->mode = $mode;
+ break;
+ default:
+ $this->paddable = true;
+ $this->mode = CRYPT_DES_MODE_CBC;
+ }
+ }
+ }
+
+ /**
+ * Sets the key.
+ *
+ * Keys can be of any length. Triple DES, itself, can use 128-bit (eg. strlen($key) == 16) or
+ * 192-bit (eg. strlen($key) == 24) keys. This function pads and truncates $key as appropriate.
+ *
+ * DES also requires that every eighth bit be a parity bit, however, we'll ignore that.
+ *
+ * If the key is not explicitly set, it'll be assumed to be all zero's.
+ *
+ * @access public
+ * @param String $key
+ */
+ function setKey($key)
+ {
+ $length = strlen($key);
+ if ($length > 8) {
+ $key = str_pad($key, 24, chr(0));
+ // if $key is between 64 and 128-bits, use the first 64-bits as the last, per this:
+ // http://php.net/function.mcrypt-encrypt#47973
+ //$key = $length <= 16 ? substr_replace($key, substr($key, 0, 8), 16) : substr($key, 0, 24);
+ } else {
+ $key = str_pad($key, 8, chr(0));
+ }
+ $this->key = $key;
+ switch (true) {
+ case CRYPT_DES_MODE == CRYPT_DES_MODE_INTERNAL:
+ case $this->mode == CRYPT_DES_MODE_3CBC:
+ $this->des[0]->setKey(substr($key, 0, 8));
+ $this->des[1]->setKey(substr($key, 8, 8));
+ $this->des[2]->setKey(substr($key, 16, 8));
+ }
+ $this->enchanged = $this->dechanged = true;
+ }
+
+ /**
+ * Sets the password.
+ *
+ * Depending on what $method is set to, setPassword()'s (optional) parameters are as follows:
+ * {@link http://en.wikipedia.org/wiki/PBKDF2 pbkdf2}:
+ * $hash, $salt, $method
+ *
+ * @param String $password
+ * @param optional String $method
+ * @access public
+ */
+ function setPassword($password, $method = 'pbkdf2')
+ {
+ $key = '';
+
+ switch ($method) {
+ default: // 'pbkdf2'
+ list(, , $hash, $salt, $count) = func_get_args();
+ if (!isset($hash)) {
+ $hash = 'sha1';
+ }
+ // WPA and WPA2 use the SSID as the salt
+ if (!isset($salt)) {
+ $salt = 'phpseclib';
+ }
+ // RFC2898#section-4.2 uses 1,000 iterations by default
+ // WPA and WPA2 use 4,096.
+ if (!isset($count)) {
+ $count = 1000;
+ }
+
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+
+ $i = 1;
+ while (strlen($key) < 24) { // $dkLen == 24
+ $hmac = new Crypt_Hash();
+ $hmac->setHash($hash);
+ $hmac->setKey($password);
+ $f = $u = $hmac->hash($salt . pack('N', $i++));
+ for ($j = 2; $j <= $count; $j++) {
+ $u = $hmac->hash($u);
+ $f^= $u;
+ }
+ $key.= $f;
+ }
+ }
+
+ $this->setKey($key);
+ }
+
+ /**
+ * Sets the initialization vector. (optional)
+ *
+ * SetIV is not required when CRYPT_DES_MODE_ECB is being used. If not explictly set, it'll be assumed
+ * to be all zero's.
+ *
+ * @access public
+ * @param String $iv
+ */
+ function setIV($iv)
+ {
+ $this->encryptIV = $this->decryptIV = $this->iv = str_pad(substr($iv, 0, 8), 8, chr(0));
+ if ($this->mode == CRYPT_DES_MODE_3CBC) {
+ $this->des[0]->setIV($iv);
+ $this->des[1]->setIV($iv);
+ $this->des[2]->setIV($iv);
+ }
+ $this->enchanged = $this->dechanged = true;
+ }
+
+ /**
+ * Generate CTR XOR encryption key
+ *
+ * Encrypt the output of this and XOR it against the ciphertext / plaintext to get the
+ * plaintext / ciphertext in CTR mode.
+ *
+ * @see Crypt_TripleDES::decrypt()
+ * @see Crypt_TripleDES::encrypt()
+ * @access private
+ * @param String $iv
+ */
+ function _generate_xor(&$iv)
+ {
+ $xor = $iv;
+ for ($j = 4; $j <= 8; $j+=4) {
+ $temp = substr($iv, -$j, 4);
+ switch ($temp) {
+ case "\xFF\xFF\xFF\xFF":
+ $iv = substr_replace($iv, "\x00\x00\x00\x00", -$j, 4);
+ break;
+ case "\x7F\xFF\xFF\xFF":
+ $iv = substr_replace($iv, "\x80\x00\x00\x00", -$j, 4);
+ break 2;
+ default:
+ extract(unpack('Ncount', $temp));
+ $iv = substr_replace($iv, pack('N', $count + 1), -$j, 4);
+ break 2;
+ }
+ }
+
+ return $xor;
+ }
+
+ /**
+ * Encrypts a message.
+ *
+ * @access public
+ * @param String $plaintext
+ */
+ function encrypt($plaintext)
+ {
+ if ($this->paddable) {
+ $plaintext = $this->_pad($plaintext);
+ }
+
+ // if the key is smaller then 8, do what we'd normally do
+ if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
+ $ciphertext = $this->des[2]->encrypt($this->des[1]->decrypt($this->des[0]->encrypt($plaintext)));
+
+ return $ciphertext;
+ }
+
+ if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
+ if ($this->enchanged) {
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
+ if ($this->mode == 'ncfb') {
+ mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0");
+ }
+ $this->enchanged = false;
+ }
+
+ if ($this->mode != 'ncfb' || !$this->continuousBuffer) {
+ $ciphertext = mcrypt_generic($this->enmcrypt, $plaintext);
+ } else {
+ $iv = &$this->encryptIV;
+ $pos = &$this->enbuffer['pos'];
+ $len = strlen($plaintext);
+ $ciphertext = '';
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 8 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $ciphertext = substr($iv, $orig_pos) ^ $plaintext;
+ $iv = substr_replace($iv, $ciphertext, $orig_pos, $i);
+ $this->enbuffer['enmcrypt_init'] = true;
+ }
+ if ($len >= 8) {
+ if ($this->enbuffer['enmcrypt_init'] === false || $len > 950) {
+ if ($this->enbuffer['enmcrypt_init'] === true) {
+ mcrypt_generic_init($this->enmcrypt, $this->key, $iv);
+ $this->enbuffer['enmcrypt_init'] = false;
+ }
+ $ciphertext.= mcrypt_generic($this->enmcrypt, substr($plaintext, $i, $len - $len % 8));
+ $iv = substr($ciphertext, -8);
+ $i = strlen($ciphertext);
+ $len%= 8;
+ } else {
+ while ($len >= 8) {
+ $iv = mcrypt_generic($this->ecb, $iv) ^ substr($plaintext, $i, 8);
+ $ciphertext.= $iv;
+ $len-= 8;
+ $i+= 8;
+ }
+ }
+ }
+ if ($len) {
+ $iv = mcrypt_generic($this->ecb, $iv);
+ $block = $iv ^ substr($plaintext, $i);
+ $iv = substr_replace($iv, $block, 0, $len);
+ $ciphertext.= $block;
+ $pos = $len;
+ }
+ return $ciphertext;
+ }
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->enmcrypt, $this->key, $this->encryptIV);
+ }
+
+ return $ciphertext;
+ }
+
+ if (strlen($this->key) <= 8) {
+ $this->des[0]->mode = $this->mode;
+
+ return $this->des[0]->encrypt($plaintext);
+ }
+
+ $des = $this->des;
+
+ $buffer = &$this->enbuffer;
+ $continuousBuffer = $this->continuousBuffer;
+ $ciphertext = '';
+ switch ($this->mode) {
+ case CRYPT_DES_MODE_ECB:
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ // all of these _processBlock calls could, in theory, be put in a function - say Crypt_TripleDES::_ede_encrypt() or something.
+ // only problem with that: it would slow encryption and decryption down. $this->des would have to be called every time that
+ // function is called, instead of once for the whole string of text that's being encrypted, which would, in turn, make
+ // encryption and decryption take more time, per this:
+ //
+ // http://blog.libssh2.org/index.php?/archives/21-Compiled-Variables.html
+ $block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT);
+ $block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $ciphertext.= $block;
+ }
+ break;
+ case CRYPT_DES_MODE_CBC:
+ $xor = $this->encryptIV;
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8) ^ $xor;
+ $block = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $block = $des[1]->_processBlock($block, CRYPT_DES_DECRYPT);
+ $block = $des[2]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $xor = $block;
+ $ciphertext.= $block;
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ }
+ break;
+ case CRYPT_DES_MODE_CTR:
+ $xor = $this->encryptIV;
+ if (strlen($buffer['encrypted'])) {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ $key = $this->_generate_xor($xor);
+ $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
+ $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $buffer['encrypted'].= $key;
+ $key = $this->_string_shift($buffer['encrypted'], 8);
+ $ciphertext.= $block ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ $key = $this->_generate_xor($xor);
+ $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
+ $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $ciphertext.= $block ^ $key;
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ if ($start = strlen($plaintext) & 7) {
+ $buffer['encrypted'] = substr($key, $start) . $buffer['encrypted'];
+ }
+ }
+ break;
+ case CRYPT_DES_MODE_CFB:
+ if (strlen($buffer['xor'])) {
+ $ciphertext = $plaintext ^ $buffer['xor'];
+ $iv = $buffer['encrypted'] . $ciphertext;
+ $start = strlen($ciphertext);
+ $buffer['encrypted'].= $ciphertext;
+ $buffer['xor'] = substr($buffer['xor'], strlen($ciphertext));
+ } else {
+ $ciphertext = '';
+ $iv = $this->encryptIV;
+ $start = 0;
+ }
+
+ for ($i = $start; $i < strlen($plaintext); $i+=8) {
+ $block = substr($plaintext, $i, 8);
+ $iv = $des[0]->_processBlock($iv, CRYPT_DES_ENCRYPT);
+ $iv = $des[1]->_processBlock($iv, CRYPT_DES_DECRYPT);
+ $xor= $des[2]->_processBlock($iv, CRYPT_DES_ENCRYPT);
+
+ $iv = $block ^ $xor;
+ if ($continuousBuffer && strlen($iv) != 8) {
+ $buffer = array(
+ 'encrypted' => $iv,
+ 'xor' => substr($xor, strlen($iv))
+ );
+ }
+ $ciphertext.= $iv;
+ }
+
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $iv;
+ }
+ break;
+ case CRYPT_DES_MODE_OFB:
+ $xor = $this->encryptIV;
+ if (strlen($buffer['xor'])) {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $buffer['xor'].= $xor;
+ $key = $this->_string_shift($buffer['xor'], 8);
+ $ciphertext.= substr($plaintext, $i, 8) ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($plaintext); $i+=8) {
+ $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $ciphertext.= substr($plaintext, $i, 8) ^ $xor;
+ }
+ $key = $xor;
+ }
+ if ($this->continuousBuffer) {
+ $this->encryptIV = $xor;
+ if ($start = strlen($plaintext) & 7) {
+ $buffer['xor'] = substr($key, $start) . $buffer['xor'];
+ }
+ }
+ }
+
+ return $ciphertext;
+ }
+
+ /**
+ * Decrypts a message.
+ *
+ * @access public
+ * @param String $ciphertext
+ */
+ function decrypt($ciphertext)
+ {
+ if ($this->mode == CRYPT_DES_MODE_3CBC && strlen($this->key) > 8) {
+ $plaintext = $this->des[0]->decrypt($this->des[1]->encrypt($this->des[2]->decrypt($ciphertext)));
+
+ return $this->_unpad($plaintext);
+ }
+
+ if ($this->paddable) {
+ // we pad with chr(0) since that's what mcrypt_generic does. to quote from http://php.net/function.mcrypt-generic :
+ // "The data is padded with "\0" to make sure the length of the data is n * blocksize."
+ $ciphertext = str_pad($ciphertext, (strlen($ciphertext) + 7) & 0xFFFFFFF8, chr(0));
+ }
+
+ if ( CRYPT_DES_MODE == CRYPT_DES_MODE_MCRYPT ) {
+ if ($this->dechanged) {
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
+ if ($this->mode == 'ncfb') {
+ mcrypt_generic_init($this->ecb, $this->key, "\0\0\0\0\0\0\0\0");
+ }
+ $this->dechanged = false;
+ }
+
+ if ($this->mode != 'ncfb' || !$this->continuousBuffer) {
+ $plaintext = mdecrypt_generic($this->demcrypt, $ciphertext);
+ } else {
+ $iv = &$this->decryptIV;
+ $pos = &$this->debuffer['pos'];
+ $len = strlen($ciphertext);
+ $plaintext = '';
+ $i = 0;
+ if ($pos) {
+ $orig_pos = $pos;
+ $max = 8 - $pos;
+ if ($len >= $max) {
+ $i = $max;
+ $len-= $max;
+ $pos = 0;
+ } else {
+ $i = $len;
+ $pos+= $len;
+ $len = 0;
+ }
+ $plaintext = substr($iv, $orig_pos) ^ $ciphertext;
+ $iv = substr_replace($iv, substr($ciphertext, 0, $i), $orig_pos, $i);
+ }
+ if ($len >= 8) {
+ $cb = substr($ciphertext, $i, $len - $len % 8);
+ $plaintext.= mcrypt_generic($this->ecb, $iv . $cb) ^ $cb;
+ $iv = substr($cb, -8);
+ $len%= 8;
+ }
+ if ($len) {
+ $iv = mcrypt_generic($this->ecb, $iv);
+ $cb = substr($ciphertext, -$len);
+ $plaintext.= $iv ^ $cb;
+ $iv = substr_replace($iv, $cb, 0, $len);
+ $pos = $len;
+ }
+ return $plaintext;
+ }
+
+ if (!$this->continuousBuffer) {
+ mcrypt_generic_init($this->demcrypt, $this->key, $this->decryptIV);
+ }
+
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ if (strlen($this->key) <= 8) {
+ $this->des[0]->mode = $this->mode;
+ $plaintext = $this->des[0]->decrypt($ciphertext);
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ $des = $this->des;
+
+ $buffer = &$this->debuffer;
+ $continuousBuffer = $this->continuousBuffer;
+ $plaintext = '';
+ switch ($this->mode) {
+ case CRYPT_DES_MODE_ECB:
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
+ $block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
+ $plaintext.= $block;
+ }
+ break;
+ case CRYPT_DES_MODE_CBC:
+ $xor = $this->decryptIV;
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $orig = $block = substr($ciphertext, $i, 8);
+ $block = $des[2]->_processBlock($block, CRYPT_DES_DECRYPT);
+ $block = $des[1]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $block = $des[0]->_processBlock($block, CRYPT_DES_DECRYPT);
+ $plaintext.= $block ^ $xor;
+ $xor = $orig;
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ }
+ break;
+ case CRYPT_DES_MODE_CTR:
+ $xor = $this->decryptIV;
+ if (strlen($buffer['ciphertext'])) {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $key = $this->_generate_xor($xor);
+ $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
+ $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $buffer['ciphertext'].= $key;
+ $key = $this->_string_shift($buffer['ciphertext'], 8);
+ $plaintext.= $block ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $key = $this->_generate_xor($xor);
+ $key = $des[0]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $key = $des[1]->_processBlock($key, CRYPT_DES_DECRYPT);
+ $key = $des[2]->_processBlock($key, CRYPT_DES_ENCRYPT);
+ $plaintext.= $block ^ $key;
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ if ($start = strlen($plaintext) & 7) {
+ $buffer['ciphertext'] = substr($key, $start) . $buffer['ciphertext'];
+ }
+ }
+ break;
+ case CRYPT_DES_MODE_CFB:
+ if (strlen($buffer['ciphertext'])) {
+ $plaintext = $ciphertext ^ substr($this->decryptIV, strlen($buffer['ciphertext']));
+ $buffer['ciphertext'].= substr($ciphertext, 0, strlen($plaintext));
+ if (strlen($buffer['ciphertext']) != 8) {
+ $block = $this->decryptIV;
+ } else {
+ $block = $buffer['ciphertext'];
+ $xor = $des[0]->_processBlock($buffer['ciphertext'], CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $buffer['ciphertext'] = '';
+ }
+ $start = strlen($plaintext);
+ } else {
+ $plaintext = '';
+ $xor = $des[0]->_processBlock($this->decryptIV, CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $start = 0;
+ }
+
+ for ($i = $start; $i < strlen($ciphertext); $i+=8) {
+ $block = substr($ciphertext, $i, 8);
+ $plaintext.= $block ^ $xor;
+ if ($continuousBuffer && strlen($block) != 8) {
+ $buffer['ciphertext'].= $block;
+ $block = $xor;
+ } else if (strlen($block) == 8) {
+ $xor = $des[0]->_processBlock($block, CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ }
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $block;
+ }
+ break;
+ case CRYPT_DES_MODE_OFB:
+ $xor = $this->decryptIV;
+ if (strlen($buffer['xor'])) {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $buffer['xor'].= $xor;
+ $key = $this->_string_shift($buffer['xor'], 8);
+ $plaintext.= substr($ciphertext, $i, 8) ^ $key;
+ }
+ } else {
+ for ($i = 0; $i < strlen($ciphertext); $i+=8) {
+ $xor = $des[0]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $xor = $des[1]->_processBlock($xor, CRYPT_DES_DECRYPT);
+ $xor = $des[2]->_processBlock($xor, CRYPT_DES_ENCRYPT);
+ $plaintext.= substr($ciphertext, $i, 8) ^ $xor;
+ }
+ $key = $xor;
+ }
+ if ($this->continuousBuffer) {
+ $this->decryptIV = $xor;
+ if ($start = strlen($ciphertext) & 7) {
+ $buffer['xor'] = substr($key, $start) . $buffer['xor'];
+ }
+ }
+ }
+
+ return $this->paddable ? $this->_unpad($plaintext) : $plaintext;
+ }
+
+ /**
+ * Treat consecutive "packets" as if they are a continuous buffer.
+ *
+ * Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
+ * will yield different outputs:
+ *
+ * <code>
+ * echo $des->encrypt(substr($plaintext, 0, 8));
+ * echo $des->encrypt(substr($plaintext, 8, 8));
+ * </code>
+ * <code>
+ * echo $des->encrypt($plaintext);
+ * </code>
+ *
+ * The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
+ * another, as demonstrated with the following:
+ *
+ * <code>
+ * $des->encrypt(substr($plaintext, 0, 8));
+ * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
+ * </code>
+ * <code>
+ * echo $des->decrypt($des->encrypt(substr($plaintext, 8, 8)));
+ * </code>
+ *
+ * With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
+ * outputs. The reason is due to the fact that the initialization vector's change after every encryption /
+ * decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
+ *
+ * Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
+ * encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
+ * continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
+ * however, they are also less intuitive and more likely to cause you problems.
+ *
+ * @see Crypt_TripleDES::disableContinuousBuffer()
+ * @access public
+ */
+ function enableContinuousBuffer()
+ {
+ $this->continuousBuffer = true;
+ if ($this->mode == CRYPT_DES_MODE_3CBC) {
+ $this->des[0]->enableContinuousBuffer();
+ $this->des[1]->enableContinuousBuffer();
+ $this->des[2]->enableContinuousBuffer();
+ }
+ }
+
+ /**
+ * Treat consecutive packets as if they are a discontinuous buffer.
+ *
+ * The default behavior.
+ *
+ * @see Crypt_TripleDES::enableContinuousBuffer()
+ * @access public
+ */
+ function disableContinuousBuffer()
+ {
+ $this->continuousBuffer = false;
+ $this->encryptIV = $this->iv;
+ $this->decryptIV = $this->iv;
+ $this->enchanged = true;
+ $this->dechanged = true;
+ $this->enbuffer = array('encrypted' => '', 'xor' => '', 'pos' => 0, 'enmcrypt_init' => true);
+ $this->debuffer = array('ciphertext' => '', 'xor' => '', 'pos' => 0, 'demcrypt_init' => true);
+
+ if ($this->mode == CRYPT_DES_MODE_3CBC) {
+ $this->des[0]->disableContinuousBuffer();
+ $this->des[1]->disableContinuousBuffer();
+ $this->des[2]->disableContinuousBuffer();
+ }
+ }
+
+ /**
+ * Pad "packets".
+ *
+ * DES works by encrypting eight bytes at a time. If you ever need to encrypt or decrypt something that's not
+ * a multiple of eight, it becomes necessary to pad the input so that it's length is a multiple of eight.
+ *
+ * Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH1,
+ * where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping
+ * away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is
+ * transmitted separately)
+ *
+ * @see Crypt_TripleDES::disablePadding()
+ * @access public
+ */
+ function enablePadding()
+ {
+ $this->padding = true;
+ }
+
+ /**
+ * Do not pad packets.
+ *
+ * @see Crypt_TripleDES::enablePadding()
+ * @access public
+ */
+ function disablePadding()
+ {
+ $this->padding = false;
+ }
+
+ /**
+ * Pads a string
+ *
+ * Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize (8).
+ * 8 - (strlen($text) & 7) bytes are added, each of which is equal to chr(8 - (strlen($text) & 7)
+ *
+ * If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless
+ * and padding will, hence forth, be enabled.
+ *
+ * @see Crypt_TripleDES::_unpad()
+ * @access private
+ */
+ function _pad($text)
+ {
+ $length = strlen($text);
+
+ if (!$this->padding) {
+ if (($length & 7) == 0) {
+ return $text;
+ } else {
+ user_error("The plaintext's length ($length) is not a multiple of the block size (8)", E_USER_NOTICE);
+ $this->padding = true;
+ }
+ }
+
+ $pad = 8 - ($length & 7);
+ return str_pad($text, $length + $pad, chr($pad));
+ }
+
+ /**
+ * Unpads a string
+ *
+ * If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong
+ * and false will be returned.
+ *
+ * @see Crypt_TripleDES::_pad()
+ * @access private
+ */
+ function _unpad($text)
+ {
+ if (!$this->padding) {
+ return $text;
+ }
+
+ $length = ord($text[strlen($text) - 1]);
+
+ if (!$length || $length > 8) {
+ return false;
+ }
+
+ return substr($text, 0, -$length);
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+}
+
+// vim: ts=4:sw=4:et:
+// vim6: fdl=1:
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/File/ANSI.php b/apps/files_external/3rdparty/phpseclib/phpseclib/File/ANSI.php
new file mode 100644
index 00000000000..29ad949e104
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/File/ANSI.php
@@ -0,0 +1,540 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP ANSI Decoder
+ *
+ * PHP versions 4 and 5
+ *
+ * If you call read() in Net_SSH2 you may get {@link http://en.wikipedia.org/wiki/ANSI_escape_code ANSI escape codes} back.
+ * They'd look like chr(0x1B) . '[00m' or whatever (0x1B = ESC). They tell a
+ * {@link http://en.wikipedia.org/wiki/Terminal_emulator terminal emulator} how to format the characters, what
+ * color to display them in, etc. File_ANSI is a {@link http://en.wikipedia.org/wiki/VT100 VT100} terminal emulator.
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category File
+ * @package File_ANSI
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMXII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id$
+ * @link htp://phpseclib.sourceforge.net
+ */
+
+/**
+ * Pure-PHP ANSI Decoder
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.3.0
+ * @access public
+ * @package File_ANSI
+ */
+class File_ANSI {
+ /**
+ * Max Width
+ *
+ * @var Integer
+ * @access private
+ */
+ var $max_x;
+
+ /**
+ * Max Height
+ *
+ * @var Integer
+ * @access private
+ */
+ var $max_y;
+
+ /**
+ * Max History
+ *
+ * @var Integer
+ * @access private
+ */
+ var $max_history;
+
+ /**
+ * History
+ *
+ * @var Array
+ * @access private
+ */
+ var $history;
+
+ /**
+ * History Attributes
+ *
+ * @var Array
+ * @access private
+ */
+ var $history_attrs;
+
+ /**
+ * Current Column
+ *
+ * @var Integer
+ * @access private
+ */
+ var $x;
+
+ /**
+ * Current Row
+ *
+ * @var Integer
+ * @access private
+ */
+ var $y;
+
+ /**
+ * Old Column
+ *
+ * @var Integer
+ * @access private
+ */
+ var $old_x;
+
+ /**
+ * Old Row
+ *
+ * @var Integer
+ * @access private
+ */
+ var $old_y;
+
+ /**
+ * An empty attribute row
+ *
+ * @var Array
+ * @access private
+ */
+ var $attr_row;
+
+ /**
+ * The current screen text
+ *
+ * @var Array
+ * @access private
+ */
+ var $screen;
+
+ /**
+ * The current screen attributes
+ *
+ * @var Array
+ * @access private
+ */
+ var $attrs;
+
+ /**
+ * The current foreground color
+ *
+ * @var String
+ * @access private
+ */
+ var $foreground;
+
+ /**
+ * The current background color
+ *
+ * @var String
+ * @access private
+ */
+ var $background;
+
+ /**
+ * Bold flag
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $bold;
+
+ /**
+ * Underline flag
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $underline;
+
+ /**
+ * Blink flag
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $blink;
+
+ /**
+ * Reverse flag
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $reverse;
+
+ /**
+ * Color flag
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $color;
+
+ /**
+ * Current ANSI code
+ *
+ * @var String
+ * @access private
+ */
+ var $ansi;
+
+ /**
+ * Default Constructor.
+ *
+ * @return File_ANSI
+ * @access public
+ */
+ function File_ANSI()
+ {
+ $this->setHistory(200);
+ $this->setDimensions(80, 24);
+ }
+
+ /**
+ * Set terminal width and height
+ *
+ * Resets the screen as well
+ *
+ * @param Integer $x
+ * @param Integer $y
+ * @access public
+ */
+ function setDimensions($x, $y)
+ {
+ $this->max_x = $x - 1;
+ $this->max_y = $y - 1;
+ $this->x = $this->y = 0;
+ $this->history = $this->history_attrs = array();
+ $this->attr_row = array_fill(0, $this->max_x + 1, '');
+ $this->screen = array_fill(0, $this->max_y + 1, '');
+ $this->attrs = array_fill(0, $this->max_y + 1, $this->attr_row);
+ $this->foreground = 'white';
+ $this->background = 'black';
+ $this->bold = false;
+ $this->underline = false;
+ $this->blink = false;
+ $this->reverse = false;
+ $this->color = false;
+
+ $this->ansi = '';
+ }
+
+ /**
+ * Set the number of lines that should be logged past the terminal height
+ *
+ * @param Integer $x
+ * @param Integer $y
+ * @access public
+ */
+ function setHistory($history)
+ {
+ $this->max_history = $history;
+ }
+
+ /**
+ * Load a string
+ *
+ * @param String $source
+ * @access public
+ */
+ function loadString($source)
+ {
+ $this->setDimensions($this->max_x + 1, $this->max_y + 1);
+ $this->appendString($source);
+ }
+
+ /**
+ * Appdend a string
+ *
+ * @param String $source
+ * @access public
+ */
+ function appendString($source)
+ {
+ for ($i = 0; $i < strlen($source); $i++) {
+ if (strlen($this->ansi)) {
+ $this->ansi.= $source[$i];
+ $chr = ord($source[$i]);
+ // http://en.wikipedia.org/wiki/ANSI_escape_code#Sequence_elements
+ // single character CSI's not currently supported
+ switch (true) {
+ case $this->ansi == "\x1B=":
+ $this->ansi = '';
+ continue 2;
+ case strlen($this->ansi) == 2 && $chr >= 64 && $chr <= 95 && $chr != ord('['):
+ case strlen($this->ansi) > 2 && $chr >= 64 && $chr <= 126:
+ break;
+ default:
+ continue 2;
+ }
+ // http://ascii-table.com/ansi-escape-sequences-vt-100.php
+ switch ($this->ansi) {
+ case "\x1B[H":
+ $this->old_x = $this->x;
+ $this->old_y = $this->y;
+ $this->x = $this->y = 0;
+ break;
+ case "\x1B[J":
+ $this->history = array_merge($this->history, array_slice(array_splice($this->screen, $this->y + 1), 0, $this->old_y));
+ $this->screen = array_merge($this->screen, array_fill($this->y, $this->max_y, ''));
+
+ $this->history_attrs = array_merge($this->history_attrs, array_slice(array_splice($this->attrs, $this->y + 1), 0, $this->old_y));
+ $this->attrs = array_merge($this->attrs, array_fill($this->y, $this->max_y, $this->attr_row));
+
+ if (count($this->history) == $this->max_history) {
+ array_shift($this->history);
+ array_shift($this->history_attrs);
+ }
+ case "\x1B[K":
+ $this->screen[$this->y] = substr($this->screen[$this->y], 0, $this->x);
+
+ array_splice($this->attrs[$this->y], $this->x + 1);
+ break;
+ case "\x1B[?1h": // set cursor key to application
+ break;
+ default:
+ switch (true) {
+ case preg_match('#\x1B\[(\d+);(\d+)H#', $this->ansi, $match):
+ $this->old_x = $this->x;
+ $this->old_y = $this->y;
+ $this->x = $match[2] - 1;
+ $this->y = $match[1] - 1;
+ break;
+ case preg_match('#\x1B\[(\d+)C#', $this->ansi, $match):
+ $this->old_x = $this->x;
+ $x = $match[1] - 1;
+ break;
+ case preg_match('#\x1B\[(\d+);(\d+)r#', $this->ansi, $match): // Set top and bottom lines of a window
+ break;
+ case preg_match('#\x1B\[(\d*(?:;\d*)*)m#', $this->ansi, $match):
+ $mods = explode(';', $match[1]);
+ foreach ($mods as $mod) {
+ switch ($mod) {
+ case 0:
+ $this->attrs[$this->y][$this->x] = '';
+
+ if ($this->bold) $this->attrs[$this->y][$this->x].= '</b>';
+ if ($this->underline) $this->attrs[$this->y][$this->x].= '</underline>';
+ if ($this->blink) $this->attrs[$this->y][$this->x].= '</blink>';
+ if ($this->color) $this->attrs[$this->y][$this->x].= '</span>';
+
+ if ($this->reverse) {
+ $temp = $this->background;
+ $this->background = $this->foreground;
+ $this->foreground = $temp;
+ }
+
+ $this->bold = $this->underline = $this->blink = $this->color = $this->reverse = false;
+ break;
+ case 1:
+ if (!$this->bold) {
+ $this->attrs[$this->y][$this->x] = '<b>';
+ $this->bold = true;
+ }
+ break;
+ case 4:
+ if (!$this->underline) {
+ $this->attrs[$this->y][$this->x] = '<u>';
+ $this->underline = true;
+ }
+ break;
+ case 5:
+ if (!$this->blink) {
+ $this->attrs[$this->y][$this->x] = '<blink>';
+ $this->blink = true;
+ }
+ break;
+ case 7:
+ $this->reverse = !$this->reverse;
+ $temp = $this->background;
+ $this->background = $this->foreground;
+ $this->foreground = $temp;
+ $this->attrs[$this->y][$this->x] = '<span style="color: ' . $this->foreground . '; background: ' . $this->background . '">';
+ if ($this->color) {
+ $this->attrs[$this->y][$this->x] = '</span>' . $this->attrs[$this->y][$this->x];
+ }
+ $this->color = true;
+ break;
+ default:
+ //$front = $this->reverse ? &$this->background : &$this->foreground;
+ $front = &$this->{ $this->reverse ? 'background' : 'foreground' };
+ //$back = $this->reverse ? &$this->foreground : &$this->background;
+ $back = &$this->{ $this->reverse ? 'foreground' : 'background' };
+ switch ($mod) {
+ case 30: $front = 'black'; break;
+ case 31: $front = 'red'; break;
+ case 32: $front = 'green'; break;
+ case 33: $front = 'yellow'; break;
+ case 34: $front = 'blue'; break;
+ case 35: $front = 'magenta'; break;
+ case 36: $front = 'cyan'; break;
+ case 37: $front = 'white'; break;
+
+ case 40: $back = 'black'; break;
+ case 41: $back = 'red'; break;
+ case 42: $back = 'green'; break;
+ case 43: $back = 'yellow'; break;
+ case 44: $back = 'blue'; break;
+ case 45: $back = 'magenta'; break;
+ case 46: $back = 'cyan'; break;
+ case 47: $back = 'white'; break;
+
+ default:
+ user_error('Unsupported attribute: ' . $mod);
+ $this->ansi = '';
+ break 2;
+ }
+
+ unset($temp);
+ $this->attrs[$this->y][$this->x] = '<span style="color: ' . $this->foreground . '; background: ' . $this->background . '">';
+ if ($this->color) {
+ $this->attrs[$this->y][$this->x] = '</span>' . $this->attrs[$this->y][$this->x];
+ }
+ $this->color = true;
+ }
+ }
+ break;
+ default:
+ echo "{$this->ansi} unsupported\r\n";
+ }
+ }
+ $this->ansi = '';
+ continue;
+ }
+
+ switch ($source[$i]) {
+ case "\r":
+ $this->x = 0;
+ break;
+ case "\n":
+ //if ($this->y < $this->max_y) {
+ // $this->y++;
+ //}
+
+ while ($this->y >= $this->max_y) {
+ $this->history = array_merge($this->history, array(array_shift($this->screen)));
+ $this->screen[] = '';
+
+ $this->history_attrs = array_merge($this->history_attrs, array(array_shift($this->attrs)));
+ $this->attrs[] = $this->attr_row;
+
+ if (count($this->history) >= $this->max_history) {
+ array_shift($this->history);
+ array_shift($this->history_attrs);
+ }
+
+ $this->y--;
+ }
+ $this->y++;
+ break;
+ case "\x0F": // shift
+ break;
+ case "\x1B": // start ANSI escape code
+ $this->ansi.= "\x1B";
+ break;
+ default:
+ $this->screen[$this->y] = substr_replace(
+ $this->screen[$this->y],
+ $source[$i],
+ $this->x,
+ 1
+ );
+
+ if ($this->x > $this->max_x) {
+ $this->x = 0;
+ $this->y++;
+ } else {
+ $this->x++;
+ }
+ }
+ }
+ }
+
+ /**
+ * Returns the current screen without preformating
+ *
+ * @access private
+ * @return String
+ */
+ function _getScreen()
+ {
+ $output = '';
+ for ($i = 0; $i <= $this->max_y; $i++) {
+ for ($j = 0; $j <= $this->max_x + 1; $j++) {
+ if (isset($this->attrs[$i][$j])) {
+ $output.= $this->attrs[$i][$j];
+ }
+ if (isset($this->screen[$i][$j])) {
+ $output.= htmlspecialchars($this->screen[$i][$j]);
+ }
+ }
+ $output.= "\r\n";
+ }
+ return rtrim($output);
+ }
+
+ /**
+ * Returns the current screen
+ *
+ * @access public
+ * @return String
+ */
+ function getScreen()
+ {
+ return '<pre style="color: white; background: black" width="' . ($this->max_x + 1) . '">' . $this->_getScreen() . '</pre>';
+ }
+
+ /**
+ * Returns the current screen and the x previous lines
+ *
+ * @access public
+ * @return String
+ */
+ function getHistory()
+ {
+ $scrollback = '';
+ for ($i = 0; $i < count($this->history); $i++) {
+ for ($j = 0; $j <= $this->max_x + 1; $j++) {
+ if (isset($this->history_attrs[$i][$j])) {
+ $scrollback.= $this->history_attrs[$i][$j];
+ }
+ if (isset($this->history[$i][$j])) {
+ $scrollback.= htmlspecialchars($this->history[$i][$j]);
+ }
+ }
+ $scrollback.= "\r\n";
+ }
+ $scrollback.= $this->_getScreen();
+
+ return '<pre style="color: white; background: black" width="' . ($this->max_x + 1) . '">' . $scrollback . '</pre>';
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/File/ASN1.php b/apps/files_external/3rdparty/phpseclib/phpseclib/File/ASN1.php
new file mode 100644
index 00000000000..766c6e7ebf4
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/File/ASN1.php
@@ -0,0 +1,1277 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP ASN.1 Parser
+ *
+ * PHP versions 4 and 5
+ *
+ * ASN.1 provides the semantics for data encoded using various schemes. The most commonly
+ * utilized scheme is DER or the "Distinguished Encoding Rules". PEM's are base64 encoded
+ * DER blobs.
+ *
+ * File_ASN1 decodes and encodes DER formatted messages and places them in a semantic context.
+ *
+ * Uses the 1988 ASN.1 syntax.
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category File
+ * @package File_ASN1
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMXII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id$
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Math_BigInteger
+ */
+if (!class_exists('Math_BigInteger')) {
+ require_once('Math/BigInteger.php');
+}
+
+/**#@+
+ * Tag Classes
+ *
+ * @access private
+ * @link http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=12
+ */
+define('FILE_ASN1_CLASS_UNIVERSAL', 0);
+define('FILE_ASN1_CLASS_APPLICATION', 1);
+define('FILE_ASN1_CLASS_CONTEXT_SPECIFIC', 2);
+define('FILE_ASN1_CLASS_PRIVATE', 3);
+/**#@-*/
+
+/**#@+
+ * Tag Classes
+ *
+ * @access private
+ * @link http://www.obj-sys.com/asn1tutorial/node124.html
+ */
+define('FILE_ASN1_TYPE_BOOLEAN', 1);
+define('FILE_ASN1_TYPE_INTEGER', 2);
+define('FILE_ASN1_TYPE_BIT_STRING', 3);
+define('FILE_ASN1_TYPE_OCTET_STRING', 4);
+define('FILE_ASN1_TYPE_NULL', 5);
+define('FILE_ASN1_TYPE_OBJECT_IDENTIFIER',6);
+//define('FILE_ASN1_TYPE_OBJECT_DESCRIPTOR',7);
+//define('FILE_ASN1_TYPE_INSTANCE_OF', 8); // EXTERNAL
+define('FILE_ASN1_TYPE_REAL', 9);
+define('FILE_ASN1_TYPE_ENUMERATED', 10);
+//define('FILE_ASN1_TYPE_EMBEDDED', 11);
+define('FILE_ASN1_TYPE_UTF8_STRING', 12);
+//define('FILE_ASN1_TYPE_RELATIVE_OID', 13);
+define('FILE_ASN1_TYPE_SEQUENCE', 16); // SEQUENCE OF
+define('FILE_ASN1_TYPE_SET', 17); // SET OF
+/**#@-*/
+/**#@+
+ * More Tag Classes
+ *
+ * @access private
+ * @link http://www.obj-sys.com/asn1tutorial/node10.html
+ */
+define('FILE_ASN1_TYPE_NUMERIC_STRING', 18);
+define('FILE_ASN1_TYPE_PRINTABLE_STRING',19);
+define('FILE_ASN1_TYPE_TELETEX_STRING', 20); // T61String
+define('FILE_ASN1_TYPE_VIDEOTEX_STRING', 21);
+define('FILE_ASN1_TYPE_IA5_STRING', 22);
+define('FILE_ASN1_TYPE_UTC_TIME', 23);
+define('FILE_ASN1_TYPE_GENERALIZED_TIME',24);
+define('FILE_ASN1_TYPE_GRAPHIC_STRING', 25);
+define('FILE_ASN1_TYPE_VISIBLE_STRING', 26); // ISO646String
+define('FILE_ASN1_TYPE_GENERAL_STRING', 27);
+define('FILE_ASN1_TYPE_UNIVERSAL_STRING',28);
+//define('FILE_ASN1_TYPE_CHARACTER_STRING',29);
+define('FILE_ASN1_TYPE_BMP_STRING', 30);
+/**#@-*/
+
+/**#@+
+ * Tag Aliases
+ *
+ * These tags are kinda place holders for other tags.
+ *
+ * @access private
+ */
+define('FILE_ASN1_TYPE_CHOICE', -1);
+define('FILE_ASN1_TYPE_ANY', -2);
+/**#@-*/
+
+/**
+ * ASN.1 Element
+ *
+ * Bypass normal encoding rules in File_ASN1::encodeDER()
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.3.0
+ * @access public
+ * @package File_ASN1
+ */
+class File_ASN1_Element {
+ /**
+ * Raw element value
+ *
+ * @var String
+ * @access private
+ */
+ var $element;
+
+ /**
+ * Constructor
+ *
+ * @param String $encoded
+ * @return File_ASN1_Element
+ * @access public
+ */
+ function File_ASN1_Element($encoded)
+ {
+ $this->element = $encoded;
+ }
+}
+
+/**
+ * Pure-PHP ASN.1 Parser
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.3.0
+ * @access public
+ * @package File_ASN1
+ */
+class File_ASN1 {
+ /**
+ * ASN.1 object identifier
+ *
+ * @var Array
+ * @access private
+ * @link http://en.wikipedia.org/wiki/Object_identifier
+ */
+ var $oids = array();
+
+ /**
+ * Default date format
+ *
+ * @var String
+ * @access private
+ * @link http://php.net/class.datetime
+ */
+ var $format = 'D, d M y H:i:s O';
+
+ /**
+ * Default date format
+ *
+ * @var Array
+ * @access private
+ * @see File_ASN1::setTimeFormat()
+ * @see File_ASN1::asn1map()
+ * @link http://php.net/class.datetime
+ */
+ var $encoded;
+
+ /**
+ * Filters
+ *
+ * If the mapping type is FILE_ASN1_TYPE_ANY what do we actually encode it as?
+ *
+ * @var Array
+ * @access private
+ * @see File_ASN1::_encode_der()
+ */
+ var $filters;
+
+ /**
+ * Type mapping table for the ANY type.
+ *
+ * Structured or unknown types are mapped to a FILE_ASN1_Element.
+ * Unambiguous types get the direct mapping (int/real/bool).
+ * Others are mapped as a choice, with an extra indexing level.
+ *
+ * @var Array
+ * @access public
+ */
+ var $ANYmap = array(
+ FILE_ASN1_TYPE_BOOLEAN => true,
+ FILE_ASN1_TYPE_INTEGER => true,
+ FILE_ASN1_TYPE_BIT_STRING => 'bitString',
+ FILE_ASN1_TYPE_OCTET_STRING => 'octetString',
+ FILE_ASN1_TYPE_NULL => 'null',
+ FILE_ASN1_TYPE_OBJECT_IDENTIFIER => 'objectIdentifier',
+ FILE_ASN1_TYPE_REAL => true,
+ FILE_ASN1_TYPE_ENUMERATED => 'enumerated',
+ FILE_ASN1_TYPE_UTF8_STRING => 'utf8String',
+ FILE_ASN1_TYPE_NUMERIC_STRING => 'numericString',
+ FILE_ASN1_TYPE_PRINTABLE_STRING => 'printableString',
+ FILE_ASN1_TYPE_TELETEX_STRING => 'teletexString',
+ FILE_ASN1_TYPE_VIDEOTEX_STRING => 'videotexString',
+ FILE_ASN1_TYPE_IA5_STRING => 'ia5String',
+ FILE_ASN1_TYPE_UTC_TIME => 'utcTime',
+ FILE_ASN1_TYPE_GENERALIZED_TIME => 'generalTime',
+ FILE_ASN1_TYPE_GRAPHIC_STRING => 'graphicString',
+ FILE_ASN1_TYPE_VISIBLE_STRING => 'visibleString',
+ FILE_ASN1_TYPE_GENERAL_STRING => 'generalString',
+ FILE_ASN1_TYPE_UNIVERSAL_STRING => 'universalString',
+ //FILE_ASN1_TYPE_CHARACTER_STRING => 'characterString',
+ FILE_ASN1_TYPE_BMP_STRING => 'bmpString'
+ );
+
+ /**
+ * String type to character size mapping table.
+ *
+ * Non-convertable types are absent from this table.
+ * size == 0 indicates variable length encoding.
+ *
+ * @var Array
+ * @access public
+ */
+ var $stringTypeSize = array(
+ FILE_ASN1_TYPE_UTF8_STRING => 0,
+ FILE_ASN1_TYPE_BMP_STRING => 2,
+ FILE_ASN1_TYPE_UNIVERSAL_STRING => 4,
+ FILE_ASN1_TYPE_PRINTABLE_STRING => 1,
+ FILE_ASN1_TYPE_TELETEX_STRING => 1,
+ FILE_ASN1_TYPE_IA5_STRING => 1,
+ FILE_ASN1_TYPE_VISIBLE_STRING => 1,
+ );
+
+ /**
+ * Parse BER-encoding
+ *
+ * Serves a similar purpose to openssl's asn1parse
+ *
+ * @param String $encoded
+ * @return Array
+ * @access public
+ */
+ function decodeBER($encoded)
+ {
+ if (is_object($encoded) && strtolower(get_class($encoded)) == 'file_asn1_element') {
+ $encoded = $encoded->element;
+ }
+
+ $this->encoded = $encoded;
+ return $this->_decode_ber($encoded);
+ }
+
+ /**
+ * Parse BER-encoding (Helper function)
+ *
+ * Sometimes we want to get the BER encoding of a particular tag. $start lets us do that without having to reencode.
+ * $encoded is passed by reference for the recursive calls done for FILE_ASN1_TYPE_BIT_STRING and
+ * FILE_ASN1_TYPE_OCTET_STRING. In those cases, the indefinite length is used.
+ *
+ * @param String $encoded
+ * @param Integer $start
+ * @return Array
+ * @access private
+ */
+ function _decode_ber(&$encoded, $start = 0)
+ {
+ $decoded = array();
+
+ while ( strlen($encoded) ) {
+ $current = array('start' => $start);
+
+ $type = ord($this->_string_shift($encoded));
+ $start++;
+
+ $constructed = ($type >> 5) & 1;
+
+ $tag = $type & 0x1F;
+ if ($tag == 0x1F) {
+ $tag = 0;
+ // process septets (since the eighth bit is ignored, it's not an octet)
+ do {
+ $loop = ord($encoded[0]) >> 7;
+ $tag <<= 7;
+ $tag |= ord($this->_string_shift($encoded)) & 0x7F;
+ $start++;
+ } while ( $loop );
+ }
+
+ // Length, as discussed in 8.1.3 of X.690-0207.pdf#page=13
+ $length = ord($this->_string_shift($encoded));
+ $start++;
+ if ( $length == 0x80 ) { // indefinite length
+ // "[A sender shall] use the indefinite form (see 8.1.3.6) if the encoding is constructed and is not all
+ // immediately available." -- 8.1.3.2.c
+ //if ( !$constructed ) {
+ // return false;
+ //}
+ $length = strlen($encoded);
+ } elseif ( $length & 0x80 ) { // definite length, long form
+ // technically, the long form of the length can be represented by up to 126 octets (bytes), but we'll only
+ // support it up to four.
+ $length&= 0x7F;
+ $temp = $this->_string_shift($encoded, $length);
+ $start+= $length;
+ extract(unpack('Nlength', substr(str_pad($temp, 4, chr(0), STR_PAD_LEFT), -4)));
+ }
+
+ // End-of-content, see 8.1.1.3, 8.1.3.2, 8.1.3.6, 8.1.5, and (for an example) 8.6.4.2
+ if (!$type && !$length) {
+ return $decoded;
+ }
+ $content = $this->_string_shift($encoded, $length);
+
+ /* Class is UNIVERSAL, APPLICATION, PRIVATE, or CONTEXT-SPECIFIC. The UNIVERSAL class is restricted to the ASN.1
+ built-in types. It defines an application-independent data type that must be distinguishable from all other
+ data types. The other three classes are user defined. The APPLICATION class distinguishes data types that
+ have a wide, scattered use within a particular presentation context. PRIVATE distinguishes data types within
+ a particular organization or country. CONTEXT-SPECIFIC distinguishes members of a sequence or set, the
+ alternatives of a CHOICE, or universally tagged set members. Only the class number appears in braces for this
+ data type; the term CONTEXT-SPECIFIC does not appear.
+
+ -- http://www.obj-sys.com/asn1tutorial/node12.html */
+ $class = ($type >> 6) & 3;
+ switch ($class) {
+ case FILE_ASN1_CLASS_APPLICATION:
+ case FILE_ASN1_CLASS_PRIVATE:
+ case FILE_ASN1_CLASS_CONTEXT_SPECIFIC:
+ $decoded[] = array(
+ 'type' => $class,
+ 'constant' => $tag,
+ 'content' => $constructed ? $this->_decode_ber($content, $start) : $content,
+ 'length' => $length + $start - $current['start']
+ ) + $current;
+ continue 2;
+ }
+
+ $current+= array('type' => $tag);
+
+ // decode UNIVERSAL tags
+ switch ($tag) {
+ case FILE_ASN1_TYPE_BOOLEAN:
+ // "The contents octets shall consist of a single octet." -- 8.2.1
+ //if (strlen($content) != 1) {
+ // return false;
+ //}
+ $current['content'] = (bool) ord($content[0]);
+ break;
+ case FILE_ASN1_TYPE_INTEGER:
+ case FILE_ASN1_TYPE_ENUMERATED:
+ $current['content'] = new Math_BigInteger($content, -256);
+ break;
+ case FILE_ASN1_TYPE_REAL: // not currently supported
+ return false;
+ case FILE_ASN1_TYPE_BIT_STRING:
+ // The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit,
+ // the number of unused bits in the final subsequent octet. The number shall be in the range zero to
+ // seven.
+ if (!$constructed) {
+ $current['content'] = $content;
+ } else {
+ $temp = $this->_decode_ber($content, $start);
+ $length-= strlen($content);
+ $last = count($temp) - 1;
+ for ($i = 0; $i < $last; $i++) {
+ // all subtags should be bit strings
+ //if ($temp[$i]['type'] != FILE_ASN1_TYPE_BIT_STRING) {
+ // return false;
+ //}
+ $current['content'].= substr($temp[$i]['content'], 1);
+ }
+ // all subtags should be bit strings
+ //if ($temp[$last]['type'] != FILE_ASN1_TYPE_BIT_STRING) {
+ // return false;
+ //}
+ $current['content'] = $temp[$last]['content'][0] . $current['content'] . substr($temp[$i]['content'], 1);
+ }
+ break;
+ case FILE_ASN1_TYPE_OCTET_STRING:
+ if (!$constructed) {
+ $current['content'] = $content;
+ } else {
+ $temp = $this->_decode_ber($content, $start);
+ $length-= strlen($content);
+ for ($i = 0, $size = count($temp); $i < $size; $i++) {
+ // all subtags should be octet strings
+ //if ($temp[$i]['type'] != FILE_ASN1_TYPE_OCTET_STRING) {
+ // return false;
+ //}
+ $current['content'].= $temp[$i]['content'];
+ }
+ // $length =
+ }
+ break;
+ case FILE_ASN1_TYPE_NULL:
+ // "The contents octets shall not contain any octets." -- 8.8.2
+ //if (strlen($content)) {
+ // return false;
+ //}
+ break;
+ case FILE_ASN1_TYPE_SEQUENCE:
+ case FILE_ASN1_TYPE_SET:
+ $current['content'] = $this->_decode_ber($content, $start);
+ break;
+ case FILE_ASN1_TYPE_OBJECT_IDENTIFIER:
+ $temp = ord($this->_string_shift($content));
+ $current['content'] = sprintf('%d.%d', floor($temp / 40), $temp % 40);
+ $valuen = 0;
+ // process septets
+ while (strlen($content)) {
+ $temp = ord($this->_string_shift($content));
+ $valuen <<= 7;
+ $valuen |= $temp & 0x7F;
+ if (~$temp & 0x80) {
+ $current['content'].= ".$valuen";
+ $valuen = 0;
+ }
+ }
+ // the eighth bit of the last byte should not be 1
+ //if ($temp >> 7) {
+ // return false;
+ //}
+ break;
+ /* Each character string type shall be encoded as if it had been declared:
+ [UNIVERSAL x] IMPLICIT OCTET STRING
+
+ -- X.690-0207.pdf#page=23 ( 8.21.3)
+
+ Per that, we're not going to do any validation. If there are any illegal characters in the string,
+ we don't really care */
+ case FILE_ASN1_TYPE_NUMERIC_STRING:
+ // 0,1,2,3,4,5,6,7,8,9, and space
+ case FILE_ASN1_TYPE_PRINTABLE_STRING:
+ // Upper and lower case letters, digits, space, apostrophe, left/right parenthesis, plus sign, comma,
+ // hyphen, full stop, solidus, colon, equal sign, question mark
+ case FILE_ASN1_TYPE_TELETEX_STRING:
+ // The Teletex character set in CCITT's T61, space, and delete
+ // see http://en.wikipedia.org/wiki/Teletex#Character_sets
+ case FILE_ASN1_TYPE_VIDEOTEX_STRING:
+ // The Videotex character set in CCITT's T.100 and T.101, space, and delete
+ case FILE_ASN1_TYPE_VISIBLE_STRING:
+ // Printing character sets of international ASCII, and space
+ case FILE_ASN1_TYPE_IA5_STRING:
+ // International Alphabet 5 (International ASCII)
+ case FILE_ASN1_TYPE_GRAPHIC_STRING:
+ // All registered G sets, and space
+ case FILE_ASN1_TYPE_GENERAL_STRING:
+ // All registered C and G sets, space and delete
+ case FILE_ASN1_TYPE_UTF8_STRING:
+ // ????
+ case FILE_ASN1_TYPE_BMP_STRING:
+ $current['content'] = $content;
+ break;
+ case FILE_ASN1_TYPE_UTC_TIME:
+ case FILE_ASN1_TYPE_GENERALIZED_TIME:
+ $current['content'] = $this->_decodeTime($content, $tag);
+ default:
+
+ }
+
+ $start+= $length;
+ $decoded[] = $current + array('length' => $start - $current['start']);
+ }
+
+ return $decoded;
+ }
+
+ /**
+ * ASN.1 Decode
+ *
+ * Provides an ASN.1 semantic mapping ($mapping) from a parsed BER-encoding to a human readable format.
+ *
+ * @param Array $decoded
+ * @param Array $mapping
+ * @return Array
+ * @access public
+ */
+ function asn1map($decoded, $mapping)
+ {
+ if (isset($mapping['explicit'])) {
+ $decoded = $decoded['content'][0];
+ }
+
+ switch (true) {
+ case $mapping['type'] == FILE_ASN1_TYPE_ANY:
+ $intype = $decoded['type'];
+ if (isset($decoded['constant']) || !isset($this->ANYmap[$intype]) || ($this->encoded[$decoded['start']] & 0x20)) {
+ return new File_ASN1_Element(substr($this->encoded, $decoded['start'], $decoded['length']));
+ }
+ $inmap = $this->ANYmap[$intype];
+ if (is_string($inmap)) {
+ return array($inmap => $this->asn1map($decoded, array('type' => $intype) + $mapping));
+ }
+ break;
+ case $mapping['type'] == FILE_ASN1_TYPE_CHOICE:
+ foreach ($mapping['children'] as $key => $option) {
+ switch (true) {
+ case isset($option['constant']) && $option['constant'] == $decoded['constant']:
+ case !isset($option['constant']) && $option['type'] == $decoded['type']:
+ $value = $this->asn1map($decoded, $option);
+ break;
+ case !isset($option['constant']) && $option['type'] == FILE_ASN1_TYPE_CHOICE:
+ $v = $this->asn1map($decoded, $option);
+ if (isset($v)) {
+ $value = $v;
+ }
+ }
+ if (isset($value)) {
+ return array($key => $value);
+ }
+ }
+ return NULL;
+ case isset($mapping['implicit']):
+ case isset($mapping['explicit']):
+ case $decoded['type'] == $mapping['type']:
+ break;
+ default:
+ return NULL;
+ }
+
+ if (isset($mapping['implicit'])) {
+ $decoded['type'] = $mapping['type'];
+ }
+
+ switch ($decoded['type']) {
+ case FILE_ASN1_TYPE_SEQUENCE:
+ $map = array();
+
+ // ignore the min and max
+ if (isset($mapping['min']) && isset($mapping['max'])) {
+ $child = $mapping['children'];
+ foreach ($decoded['content'] as $content) {
+ if (($map[] = $this->asn1map($content, $child)) === NULL) {
+ return NULL;
+ }
+ }
+
+ return $map;
+ }
+
+ $n = count($decoded['content']);
+ $i = 0;
+
+ foreach ($mapping['children'] as $key => $child) {
+ $maymatch = $i < $n; // Match only existing input.
+ if ($maymatch) {
+ $temp = $decoded['content'][$i];
+
+ if ($child['type'] != FILE_ASN1_TYPE_CHOICE) {
+ // Get the mapping and input class & constant.
+ $childClass = $tempClass = FILE_ASN1_CLASS_UNIVERSAL;
+ $constant = NULL;
+ if (isset($temp['constant'])) {
+ $tempClass = isset($temp['class']) ? $temp['class'] : FILE_ASN1_CLASS_CONTEXT_SPECIFIC;
+ }
+ if (isset($child['class'])) {
+ $childClass = $child['class'];
+ $constant = $child['cast'];
+ }
+ elseif (isset($child['constant'])) {
+ $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC;
+ $constant = $child['constant'];
+ }
+
+ if (isset($constant) && isset($temp['constant'])) {
+ // Can only match if constants and class match.
+ $maymatch = $constant == $temp['constant'] && $childClass == $tempClass;
+ } else {
+ // Can only match if no constant expected and type matches or is generic.
+ $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], FILE_ASN1_TYPE_ANY, FILE_ASN1_TYPE_CHOICE)) !== false;
+ }
+ }
+ }
+
+ if ($maymatch) {
+ // Attempt submapping.
+ $candidate = $this->asn1map($temp, $child);
+ $maymatch = $candidate !== NULL;
+ }
+
+ if ($maymatch) {
+ // Got the match: use it.
+ $map[$key] = $candidate;
+ $i++;
+ } elseif (isset($child['default'])) {
+ $map[$key] = $child['default']; // Use default.
+ } elseif (!isset($child['optional'])) {
+ return NULL; // Syntax error.
+ }
+ }
+
+ // Fail mapping if all input items have not been consumed.
+ return $i < $n? NULL: $map;
+
+ // the main diff between sets and sequences is the encapsulation of the foreach in another for loop
+ case FILE_ASN1_TYPE_SET:
+ $map = array();
+
+ // ignore the min and max
+ if (isset($mapping['min']) && isset($mapping['max'])) {
+ $child = $mapping['children'];
+ foreach ($decoded['content'] as $content) {
+ if (($map[] = $this->asn1map($content, $child)) === NULL) {
+ return NULL;
+ }
+ }
+
+ return $map;
+ }
+
+ for ($i = 0; $i < count($decoded['content']); $i++) {
+ $temp = $decoded['content'][$i];
+ $tempClass = FILE_ASN1_CLASS_UNIVERSAL;
+ if (isset($temp['constant'])) {
+ $tempClass = isset($temp['class']) ? $temp['class'] : FILE_ASN1_CLASS_CONTEXT_SPECIFIC;
+ }
+
+ foreach ($mapping['children'] as $key => $child) {
+ if (isset($map[$key])) {
+ continue;
+ }
+ $maymatch = true;
+ if ($child['type'] != FILE_ASN1_TYPE_CHOICE) {
+ $childClass = FILE_ASN1_CLASS_UNIVERSAL;
+ $constant = NULL;
+ if (isset($child['class'])) {
+ $childClass = $child['class'];
+ $constant = $child['cast'];
+ }
+ elseif (isset($child['constant'])) {
+ $childClass = FILE_ASN1_CLASS_CONTEXT_SPECIFIC;
+ $constant = $child['constant'];
+ }
+
+ if (isset($constant) && isset($temp['constant'])) {
+ // Can only match if constants and class match.
+ $maymatch = $constant == $temp['constant'] && $childClass == $tempClass;
+ } else {
+ // Can only match if no constant expected and type matches or is generic.
+ $maymatch = !isset($child['constant']) && array_search($child['type'], array($temp['type'], FILE_ASN1_TYPE_ANY, FILE_ASN1_TYPE_CHOICE)) !== false;
+ }
+ }
+
+ if ($maymatch) {
+ // Attempt submapping.
+ $candidate = $this->asn1map($temp, $child);
+ $maymatch = $candidate !== NULL;
+ }
+
+ if (!$maymatch) {
+ break;
+ }
+
+ // Got the match: use it.
+ $map[$key] = $candidate;
+ break;
+ }
+ }
+
+ foreach ($mapping['children'] as $key => $child) {
+ if (!isset($map[$key])) {
+ if (isset($child['default'])) {
+ $map[$key] = $child['default'];
+ } elseif (!isset($child['optional'])) {
+ return NULL;
+ }
+ }
+ }
+ return $map;
+ case FILE_ASN1_TYPE_OBJECT_IDENTIFIER:
+ return isset($this->oids[$decoded['content']]) ? $this->oids[$decoded['content']] : $decoded['content'];
+ case FILE_ASN1_TYPE_UTC_TIME:
+ case FILE_ASN1_TYPE_GENERALIZED_TIME:
+ if (isset($mapping['implicit'])) {
+ $decoded['content'] = $this->_decodeTime($decoded['content'], $decoded['type']);
+ }
+ return @date($this->format, $decoded['content']);
+ case FILE_ASN1_TYPE_BIT_STRING:
+ if (isset($mapping['mapping'])) {
+ $offset = ord($decoded['content'][0]);
+ $size = (strlen($decoded['content']) - 1) * 8 - $offset;
+ /*
+ From X.680-0207.pdf#page=46 (21.7):
+
+ "When a "NamedBitList" is used in defining a bitstring type ASN.1 encoding rules are free to add (or remove)
+ arbitrarily any trailing 0 bits to (or from) values that are being encoded or decoded. Application designers should
+ therefore ensure that different semantics are not associated with such values which differ only in the number of trailing
+ 0 bits."
+ */
+ $bits = count($mapping['mapping']) == $size ? array() : array_fill(0, count($mapping['mapping']) - $size, false);
+ for ($i = strlen($decoded['content']) - 1; $i > 0; $i--) {
+ $current = ord($decoded['content'][$i]);
+ for ($j = $offset; $j < 8; $j++) {
+ $bits[] = (bool) ($current & (1 << $j));
+ }
+ $offset = 0;
+ }
+ $values = array();
+ $map = array_reverse($mapping['mapping']);
+ foreach ($map as $i => $value) {
+ if ($bits[$i]) {
+ $values[] = $value;
+ }
+ }
+ return $values;
+ }
+ case FILE_ASN1_TYPE_OCTET_STRING:
+ return base64_encode($decoded['content']);
+ case FILE_ASN1_TYPE_NULL:
+ return '';
+ case FILE_ASN1_TYPE_BOOLEAN:
+ return $decoded['content'];
+ case FILE_ASN1_TYPE_NUMERIC_STRING:
+ case FILE_ASN1_TYPE_PRINTABLE_STRING:
+ case FILE_ASN1_TYPE_TELETEX_STRING:
+ case FILE_ASN1_TYPE_VIDEOTEX_STRING:
+ case FILE_ASN1_TYPE_IA5_STRING:
+ case FILE_ASN1_TYPE_GRAPHIC_STRING:
+ case FILE_ASN1_TYPE_VISIBLE_STRING:
+ case FILE_ASN1_TYPE_GENERAL_STRING:
+ case FILE_ASN1_TYPE_UNIVERSAL_STRING:
+ case FILE_ASN1_TYPE_UTF8_STRING:
+ case FILE_ASN1_TYPE_BMP_STRING:
+ return $decoded['content'];
+ case FILE_ASN1_TYPE_INTEGER:
+ case FILE_ASN1_TYPE_ENUMERATED:
+ $temp = $decoded['content'];
+ if (isset($mapping['implicit'])) {
+ $temp = new Math_BigInteger($decoded['content'], -256);
+ }
+ if (isset($mapping['mapping'])) {
+ $temp = (int) $temp->toString();
+ return isset($mapping['mapping'][$temp]) ?
+ $mapping['mapping'][$temp] :
+ false;
+ }
+ return $temp;
+ }
+ }
+
+ /**
+ * ASN.1 Encode
+ *
+ * DER-encodes an ASN.1 semantic mapping ($mapping). Some libraries would probably call this function
+ * an ASN.1 compiler.
+ *
+ * @param String $source
+ * @param String $mapping
+ * @param Integer $idx
+ * @return String
+ * @access public
+ */
+ function encodeDER($source, $mapping)
+ {
+ $this->location = array();
+ return $this->_encode_der($source, $mapping);
+ }
+
+ /**
+ * ASN.1 Encode (Helper function)
+ *
+ * @param String $source
+ * @param String $mapping
+ * @param Integer $idx
+ * @return String
+ * @access private
+ */
+ function _encode_der($source, $mapping, $idx = NULL)
+ {
+ if (is_object($source) && strtolower(get_class($source)) == 'file_asn1_element') {
+ return $source->element;
+ }
+
+ // do not encode (implicitly optional) fields with value set to default
+ if (isset($mapping['default']) && $source === $mapping['default']) {
+ return '';
+ }
+
+ if (isset($idx)) {
+ $this->location[] = $idx;
+ }
+
+ $tag = $mapping['type'];
+
+ switch ($tag) {
+ case FILE_ASN1_TYPE_SET: // Children order is not important, thus process in sequence.
+ case FILE_ASN1_TYPE_SEQUENCE:
+ $tag|= 0x20; // set the constructed bit
+ $value = '';
+
+ // ignore the min and max
+ if (isset($mapping['min']) && isset($mapping['max'])) {
+ $child = $mapping['children'];
+
+ foreach ($source as $content) {
+ $temp = $this->_encode_der($content, $child);
+ if ($temp === false) {
+ return false;
+ }
+ $value.= $temp;
+ }
+ break;
+ }
+
+ foreach ($mapping['children'] as $key => $child) {
+ if (!isset($source[$key])) {
+ if (!isset($child['optional'])) {
+ return false;
+ }
+ continue;
+ }
+
+ $temp = $this->_encode_der($source[$key], $child, $key);
+ if ($temp === false) {
+ return false;
+ }
+
+ // An empty child encoding means it has been optimized out.
+ // Else we should have at least one tag byte.
+ if ($temp === '') {
+ continue;
+ }
+
+ // if isset($child['constant']) is true then isset($child['optional']) should be true as well
+ if (isset($child['constant'])) {
+ /*
+ From X.680-0207.pdf#page=58 (30.6):
+
+ "The tagging construction specifies explicit tagging if any of the following holds:
+ ...
+ c) the "Tag Type" alternative is used and the value of "TagDefault" for the module is IMPLICIT TAGS or
+ AUTOMATIC TAGS, but the type defined by "Type" is an untagged choice type, an untagged open type, or
+ an untagged "DummyReference" (see ITU-T Rec. X.683 | ISO/IEC 8824-4, 8.3)."
+ */
+ if (isset($child['explicit']) || $child['type'] == FILE_ASN1_TYPE_CHOICE) {
+ $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']);
+ $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp;
+ } else {
+ $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']);
+ $temp = $subtag . substr($temp, 1);
+ }
+ }
+ $value.= $temp;
+ }
+ break;
+ case FILE_ASN1_TYPE_CHOICE:
+ $temp = false;
+
+ foreach ($mapping['children'] as $key => $child) {
+ if (!isset($source[$key])) {
+ continue;
+ }
+
+ $temp = $this->_encode_der($source[$key], $child, $key);
+ if ($temp === false) {
+ return false;
+ }
+
+ // An empty child encoding means it has been optimized out.
+ // Else we should have at least one tag byte.
+ if ($temp === '') {
+ continue;
+ }
+
+ $tag = ord($temp[0]);
+
+ // if isset($child['constant']) is true then isset($child['optional']) should be true as well
+ if (isset($child['constant'])) {
+ if (isset($child['explicit']) || $child['type'] == FILE_ASN1_TYPE_CHOICE) {
+ $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | 0x20 | $child['constant']);
+ $temp = $subtag . $this->_encodeLength(strlen($temp)) . $temp;
+ } else {
+ $subtag = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | (ord($temp[0]) & 0x20) | $child['constant']);
+ $temp = $subtag . substr($temp, 1);
+ }
+ }
+ }
+
+ if (isset($idx)) {
+ array_pop($this->location);
+ }
+
+ if ($temp && isset($mapping['cast'])) {
+ $temp[0] = chr(($mapping['class'] << 6) | ($tag & 0x20) | $mapping['cast']);
+ }
+
+ return $temp;
+ case FILE_ASN1_TYPE_INTEGER:
+ case FILE_ASN1_TYPE_ENUMERATED:
+ if (!isset($mapping['mapping'])) {
+ $value = $source->toBytes(true);
+ } else {
+ $value = array_search($source, $mapping['mapping']);
+ if ($value === false) {
+ return false;
+ }
+ $value = new Math_BigInteger($value);
+ $value = $value->toBytes(true);
+ }
+ break;
+ case FILE_ASN1_TYPE_UTC_TIME:
+ case FILE_ASN1_TYPE_GENERALIZED_TIME:
+ $format = $mapping['type'] == FILE_ASN1_TYPE_UTC_TIME ? 'y' : 'Y';
+ $format.= 'mdHis';
+ $value = @gmdate($format, strtotime($source)) . 'Z';
+ break;
+ case FILE_ASN1_TYPE_BIT_STRING:
+ if (isset($mapping['mapping'])) {
+ $bits = array_fill(0, count($mapping['mapping']), 0);
+ $size = 0;
+ for ($i = 0; $i < count($mapping['mapping']); $i++) {
+ if (in_array($mapping['mapping'][$i], $source)) {
+ $bits[$i] = 1;
+ $size = $i;
+ }
+ }
+
+ $offset = 8 - (($size + 1) & 7);
+ $offset = $offset !== 8 ? $offset : 0;
+
+ $value = chr($offset);
+
+ for ($i = $size + 1; $i < count($mapping['mapping']); $i++) {
+ unset($bits[$i]);
+ }
+
+ $bits = implode('', array_pad($bits, $size + $offset + 1, 0));
+ $bytes = explode(' ', rtrim(chunk_split($bits, 8, ' ')));
+ foreach ($bytes as $byte) {
+ $value.= chr(bindec($byte));
+ }
+
+ break;
+ }
+ case FILE_ASN1_TYPE_OCTET_STRING:
+ /* The initial octet shall encode, as an unsigned binary integer with bit 1 as the least significant bit,
+ the number of unused bits in the final subsequent octet. The number shall be in the range zero to seven.
+
+ -- http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#page=16 */
+ $value = base64_decode($source);
+ break;
+ case FILE_ASN1_TYPE_OBJECT_IDENTIFIER:
+ $oid = preg_match('#(?:\d+\.)+#', $source) ? $source : array_search($source, $this->oids);
+ if ($oid === false) {
+ user_error('Invalid OID');
+ return false;
+ }
+ $value = '';
+ $parts = explode('.', $oid);
+ $value = chr(40 * $parts[0] + $parts[1]);
+ for ($i = 2; $i < count($parts); $i++) {
+ $temp = '';
+ if (!$parts[$i]) {
+ $temp = "\0";
+ } else {
+ while ($parts[$i]) {
+ $temp = chr(0x80 | ($parts[$i] & 0x7F)) . $temp;
+ $parts[$i] >>= 7;
+ }
+ $temp[strlen($temp) - 1] = $temp[strlen($temp) - 1] & chr(0x7F);
+ }
+ $value.= $temp;
+ }
+ break;
+ case FILE_ASN1_TYPE_ANY:
+ $loc = $this->location;
+ if (isset($idx)) {
+ array_pop($this->location);
+ }
+
+ switch (true) {
+ case !isset($source):
+ return $this->_encode_der(NULL, array('type' => FILE_ASN1_TYPE_NULL) + $mapping);
+ case is_int($source):
+ case is_object($source) && strtolower(get_class($source)) == 'math_biginteger':
+ return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_INTEGER) + $mapping);
+ case is_float($source):
+ return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_REAL) + $mapping);
+ case is_bool($source):
+ return $this->_encode_der($source, array('type' => FILE_ASN1_TYPE_BOOLEAN) + $mapping);
+ case is_array($source) && count($source) == 1:
+ $typename = implode('', array_keys($source));
+ $outtype = array_search($typename, $this->ANYmap, true);
+ if ($outtype !== false) {
+ return $this->_encode_der($source[$typename], array('type' => $outtype) + $mapping);
+ }
+ }
+
+ $filters = $this->filters;
+ foreach ($loc as $part) {
+ if (!isset($filters[$part])) {
+ $filters = false;
+ break;
+ }
+ $filters = $filters[$part];
+ }
+ if ($filters === false) {
+ user_error('No filters defined for ' . implode('/', $loc));
+ return false;
+ }
+ return $this->_encode_der($source, $filters + $mapping);
+ case FILE_ASN1_TYPE_NULL:
+ $value = '';
+ break;
+ case FILE_ASN1_TYPE_NUMERIC_STRING:
+ case FILE_ASN1_TYPE_TELETEX_STRING:
+ case FILE_ASN1_TYPE_PRINTABLE_STRING:
+ case FILE_ASN1_TYPE_UNIVERSAL_STRING:
+ case FILE_ASN1_TYPE_UTF8_STRING:
+ case FILE_ASN1_TYPE_BMP_STRING:
+ case FILE_ASN1_TYPE_IA5_STRING:
+ case FILE_ASN1_TYPE_VISIBLE_STRING:
+ case FILE_ASN1_TYPE_VIDEOTEX_STRING:
+ case FILE_ASN1_TYPE_GRAPHIC_STRING:
+ case FILE_ASN1_TYPE_GENERAL_STRING:
+ $value = $source;
+ break;
+ case FILE_ASN1_TYPE_BOOLEAN:
+ $value = $source ? "\xFF" : "\x00";
+ break;
+ default:
+ user_error('Mapping provides no type definition for ' . implode('/', $this->location));
+ return false;
+ }
+
+ if (isset($idx)) {
+ array_pop($this->location);
+ }
+
+ if (isset($mapping['cast'])) {
+ $tag = ($mapping['class'] << 6) | ($tag & 0x20) | $mapping['cast'];
+ }
+
+ return chr($tag) . $this->_encodeLength(strlen($value)) . $value;
+ }
+
+ /**
+ * DER-encode the length
+ *
+ * DER supports lengths up to (2**8)**127, however, we'll only support lengths up to (2**8)**4. See
+ * {@link http://itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf#p=13 X.690 8.1.3} for more information.
+ *
+ * @access private
+ * @param Integer $length
+ * @return String
+ */
+ function _encodeLength($length)
+ {
+ if ($length <= 0x7F) {
+ return chr($length);
+ }
+
+ $temp = ltrim(pack('N', $length), chr(0));
+ return pack('Ca*', 0x80 | strlen($temp), $temp);
+ }
+
+ /**
+ * BER-decode the time
+ *
+ * Called by _decode_ber() and in the case of implicit tags asn1map().
+ *
+ * @access private
+ * @param String $content
+ * @param Integer $tag
+ * @return String
+ */
+ function _decodeTime($content, $tag)
+ {
+ /* UTCTime:
+ http://tools.ietf.org/html/rfc5280#section-4.1.2.5.1
+ http://www.obj-sys.com/asn1tutorial/node15.html
+
+ GeneralizedTime:
+ http://tools.ietf.org/html/rfc5280#section-4.1.2.5.2
+ http://www.obj-sys.com/asn1tutorial/node14.html */
+
+ $pattern = $tag == FILE_ASN1_TYPE_UTC_TIME ?
+ '#(..)(..)(..)(..)(..)(..)(.*)#' :
+ '#(....)(..)(..)(..)(..)(..).*([Z+-].*)$#';
+
+ preg_match($pattern, $content, $matches);
+
+ list(, $year, $month, $day, $hour, $minute, $second, $timezone) = $matches;
+
+ if ($tag == FILE_ASN1_TYPE_UTC_TIME) {
+ $year = $year >= 50 ? "19$year" : "20$year";
+ }
+
+ if ($timezone == 'Z') {
+ $mktime = 'gmmktime';
+ $timezone = 0;
+ } elseif (preg_match('#([+-])(\d\d)(\d\d)#', $timezone, $matches)) {
+ $mktime = 'gmmktime';
+ $timezone = 60 * $matches[3] + 3600 * $matches[2];
+ if ($matches[1] == '-') {
+ $timezone = -$timezone;
+ }
+ } else {
+ $mktime = 'mktime';
+ $timezone = 0;
+ }
+
+ return @$mktime($hour, $minute, $second, $month, $day, $year) + $timezone;
+ }
+
+ /**
+ * Set the time format
+ *
+ * Sets the time / date format for asn1map().
+ *
+ * @access public
+ * @param String $format
+ */
+ function setTimeFormat($format)
+ {
+ $this->format = $format;
+ }
+
+ /**
+ * Load OIDs
+ *
+ * Load the relevant OIDs for a particular ASN.1 semantic mapping.
+ *
+ * @access public
+ * @param Array $oids
+ */
+ function loadOIDs($oids)
+ {
+ $this->oids = $oids;
+ }
+
+ /**
+ * Load filters
+ *
+ * See File_X509, etc, for an example.
+ *
+ * @access public
+ * @param Array $filters
+ */
+ function loadFilters($filters)
+ {
+ $this->filters = $filters;
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+
+ /**
+ * String type conversion
+ *
+ * This is a lazy conversion, dealing only with character size.
+ * No real conversion table is used.
+ *
+ * @param String $in
+ * @param optional Integer $from
+ * @param optional Integer $to
+ * @return String
+ * @access public
+ */
+ function convert($in, $from = FILE_ASN1_TYPE_UTF8_STRING, $to = FILE_ASN1_TYPE_UTF8_STRING)
+ {
+ if (!isset($this->stringTypeSize[$from]) || !isset($this->stringTypeSize[$to])) {
+ return false;
+ }
+ $insize = $this->stringTypeSize[$from];
+ $outsize = $this->stringTypeSize[$to];
+ $inlength = strlen($in);
+ $out = '';
+
+ for ($i = 0; $i < $inlength;) {
+ if ($inlength - $i < $insize) {
+ return false;
+ }
+
+ // Get an input character as a 32-bit value.
+ $c = ord($in[$i++]);
+ switch (true) {
+ case $insize == 4:
+ $c = ($c << 8) | ord($in[$i++]);
+ $c = ($c << 8) | ord($in[$i++]);
+ case $insize == 2:
+ $c = ($c << 8) | ord($in[$i++]);
+ case $insize == 1:
+ break;
+ case ($c & 0x80) == 0x00:
+ break;
+ case ($c & 0x40) == 0x00:
+ return false;
+ default:
+ $bit = 6;
+ do {
+ if ($bit > 25 || $i >= $inlength || (ord($in[$i]) & 0xC0) != 0x80) {
+ return false;
+ }
+ $c = ($c << 6) | (ord($in[$i++]) & 0x3F);
+ $bit += 5;
+ $mask = 1 << $bit;
+ } while ($c & $bit);
+ $c &= $mask - 1;
+ break;
+ }
+
+ // Convert and append the character to output string.
+ $v = '';
+ switch (true) {
+ case $outsize == 4:
+ $v .= chr($c & 0xFF);
+ $c >>= 8;
+ $v .= chr($c & 0xFF);
+ $c >>= 8;
+ case $outsize == 2:
+ $v .= chr($c & 0xFF);
+ $c >>= 8;
+ case $outsize == 1:
+ $v .= chr($c & 0xFF);
+ $c >>= 8;
+ if ($c) {
+ return false;
+ }
+ break;
+ case ($c & 0x80000000) != 0:
+ return false;
+ case $c >= 0x04000000:
+ $v .= chr(0x80 | ($c & 0x3F));
+ $c = ($c >> 6) | 0x04000000;
+ case $c >= 0x00200000:
+ $v .= chr(0x80 | ($c & 0x3F));
+ $c = ($c >> 6) | 0x00200000;
+ case $c >= 0x00010000:
+ $v .= chr(0x80 | ($c & 0x3F));
+ $c = ($c >> 6) | 0x00010000;
+ case $c >= 0x00000800:
+ $v .= chr(0x80 | ($c & 0x3F));
+ $c = ($c >> 6) | 0x00000800;
+ case $c >= 0x00000080:
+ $v .= chr(0x80 | ($c & 0x3F));
+ $c = ($c >> 6) | 0x000000C0;
+ default:
+ $v .= chr($c);
+ break;
+ }
+ $out .= strrev($v);
+ }
+ return $out;
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/File/X509.php b/apps/files_external/3rdparty/phpseclib/phpseclib/File/X509.php
new file mode 100644
index 00000000000..278da62e262
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/File/X509.php
@@ -0,0 +1,4323 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP X.509 Parser
+ *
+ * PHP versions 4 and 5
+ *
+ * Encode and decode X.509 certificates.
+ *
+ * The extensions are from {@link http://tools.ietf.org/html/rfc5280 RFC5280} and
+ * {@link http://web.archive.org/web/19961027104704/http://www3.netscape.com/eng/security/cert-exts.html Netscape Certificate Extensions}.
+ *
+ * Note that loading an X.509 certificate and resaving it may invalidate the signature. The reason being that the signature is based on a
+ * portion of the certificate that contains optional parameters with default values. ie. if the parameter isn't there the default value is
+ * used. Problem is, if the parameter is there and it just so happens to have the default value there are two ways that that parameter can
+ * be encoded. It can be encoded explicitly or left out all together. This would effect the signature value and thus may invalidate the
+ * the certificate all together unless the certificate is re-signed.
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category File
+ * @package File_X509
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMXII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id$
+ * @link htp://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include File_ASN1
+ */
+if (!class_exists('File_ASN1')) {
+ require_once('File/ASN1.php');
+}
+
+/**
+ * Flag to only accept signatures signed by certificate authorities
+ *
+ * @access public
+ * @see File_X509::validateSignature()
+ */
+define('FILE_X509_VALIDATE_SIGNATURE_BY_CA', 1);
+
+/**#@+
+ * @access public
+ * @see File_X509::getDN()
+ */
+/**
+ * Return internal array representation
+ */
+define('FILE_X509_DN_ARRAY', 0);
+/**
+ * Return string
+ */
+define('FILE_X509_DN_STRING', 1);
+/**
+ * Return ASN.1 name string
+ */
+define('FILE_X509_DN_ASN1', 2);
+/**
+ * Return OpenSSL compatible array
+ */
+define('FILE_X509_DN_OPENSSL', 3);
+/**
+ * Return canonical ASN.1 RDNs string
+ */
+define('FILE_X509_DN_CANON', 4);
+/**
+ * Return name hash for file indexing
+ */
+define('FILE_X509_DN_HASH', 5);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see File_X509::saveX509()
+ * @see File_X509::saveCSR()
+ * @see File_X509::saveCRL()
+ */
+/**
+ * Save as PEM
+ *
+ * ie. a base64-encoded PEM with a header and a footer
+ */
+define('FILE_X509_FORMAT_PEM', 0);
+/**
+ * Save as DER
+ */
+define('FILE_X509_FORMAT_DER', 1);
+/**
+ * Save as a SPKAC
+ *
+ * Only works on CSRs. Not currently supported.
+ */
+define('FILE_X509_FORMAT_SPKAC', 2);
+/**#@-*/
+
+/**
+ * Attribute value disposition.
+ * If disposition is >= 0, this is the index of the target value.
+ */
+define('FILE_X509_ATTR_ALL', -1); // All attribute values (array).
+define('FILE_X509_ATTR_APPEND', -2); // Add a value.
+define('FILE_X509_ATTR_REPLACE', -3); // Clear first, then add a value.
+
+/**
+ * Pure-PHP X.509 Parser
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.3.1
+ * @access public
+ * @package File_X509
+ */
+class File_X509 {
+ /**
+ * ASN.1 syntax for X.509 certificates
+ *
+ * @var Array
+ * @access private
+ */
+ var $Certificate;
+
+ /**#@+
+ * ASN.1 syntax for various extensions
+ *
+ * @access private
+ */
+ var $DirectoryString;
+ var $PKCS9String;
+ var $AttributeValue;
+ var $Extensions;
+ var $KeyUsage;
+ var $ExtKeyUsageSyntax;
+ var $BasicConstraints;
+ var $KeyIdentifier;
+ var $CRLDistributionPoints;
+ var $AuthorityKeyIdentifier;
+ var $CertificatePolicies;
+ var $AuthorityInfoAccessSyntax;
+ var $SubjectAltName;
+ var $PrivateKeyUsagePeriod;
+ var $IssuerAltName;
+ var $PolicyMappings;
+ var $NameConstraints;
+
+ var $CPSuri;
+ var $UserNotice;
+
+ var $netscape_cert_type;
+ var $netscape_comment;
+ var $netscape_ca_policy_url;
+
+ var $Name;
+ var $RelativeDistinguishedName;
+ var $CRLNumber;
+ var $CRLReason;
+ var $IssuingDistributionPoint;
+ var $InvalidityDate;
+ var $CertificateIssuer;
+ var $HoldInstructionCode;
+ var $SignedPublicKeyAndChallenge;
+ /**#@-*/
+
+ /**
+ * ASN.1 syntax for Certificate Signing Requests (RFC2986)
+ *
+ * @var Array
+ * @access private
+ */
+ var $CertificationRequest;
+
+ /**
+ * ASN.1 syntax for Certificate Revocation Lists (RFC5280)
+ *
+ * @var Array
+ * @access private
+ */
+ var $CertificateList;
+
+ /**
+ * Distinguished Name
+ *
+ * @var Array
+ * @access private
+ */
+ var $dn;
+
+ /**
+ * Public key
+ *
+ * @var String
+ * @access private
+ */
+ var $publicKey;
+
+ /**
+ * Private key
+ *
+ * @var String
+ * @access private
+ */
+ var $privateKey;
+
+ /**
+ * Object identifiers for X.509 certificates
+ *
+ * @var Array
+ * @access private
+ * @link http://en.wikipedia.org/wiki/Object_identifier
+ */
+ var $oids;
+
+ /**
+ * The certificate authorities
+ *
+ * @var Array
+ * @access private
+ */
+ var $CAs;
+
+ /**
+ * The currently loaded certificate
+ *
+ * @var Array
+ * @access private
+ */
+ var $currentCert;
+
+ /**
+ * The signature subject
+ *
+ * There's no guarantee File_X509 is going to reencode an X.509 cert in the same way it was originally
+ * encoded so we take save the portion of the original cert that the signature would have made for.
+ *
+ * @var String
+ * @access private
+ */
+ var $signatureSubject;
+
+ /**
+ * Certificate Start Date
+ *
+ * @var String
+ * @access private
+ */
+ var $startDate;
+
+ /**
+ * Certificate End Date
+ *
+ * @var String
+ * @access private
+ */
+ var $endDate;
+
+ /**
+ * Serial Number
+ *
+ * @var String
+ * @access private
+ */
+ var $serialNumber;
+
+ /**
+ * Key Identifier
+ *
+ * See {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.1 RFC5280#section-4.2.1.1} and
+ * {@link http://tools.ietf.org/html/rfc5280#section-4.2.1.2 RFC5280#section-4.2.1.2}.
+ *
+ * @var String
+ * @access private
+ */
+ var $currentKeyIdentifier;
+
+ /**
+ * CA Flag
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $caFlag = false;
+
+ /**
+ * Default Constructor.
+ *
+ * @return File_X509
+ * @access public
+ */
+ function File_X509()
+ {
+ // Explicitly Tagged Module, 1988 Syntax
+ // http://tools.ietf.org/html/rfc5280#appendix-A.1
+
+ $this->DirectoryString = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'teletexString' => array('type' => FILE_ASN1_TYPE_TELETEX_STRING),
+ 'printableString' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING),
+ 'universalString' => array('type' => FILE_ASN1_TYPE_UNIVERSAL_STRING),
+ 'utf8String' => array('type' => FILE_ASN1_TYPE_UTF8_STRING),
+ 'bmpString' => array('type' => FILE_ASN1_TYPE_BMP_STRING)
+ )
+ );
+
+ $this->PKCS9String = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'ia5String' => array('type' => FILE_ASN1_TYPE_IA5_STRING),
+ 'directoryString' => $this->DirectoryString
+ )
+ );
+
+ $this->AttributeValue = array('type' => FILE_ASN1_TYPE_ANY);
+
+ $AttributeType = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER);
+
+ $AttributeTypeAndValue = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'type' => $AttributeType,
+ 'value'=> $this->AttributeValue
+ )
+ );
+
+ /*
+ In practice, RDNs containing multiple name-value pairs (called "multivalued RDNs") are rare,
+ but they can be useful at times when either there is no unique attribute in the entry or you
+ want to ensure that the entry's DN contains some useful identifying information.
+
+ - https://www.opends.org/wiki/page/DefinitionRelativeDistinguishedName
+ */
+ $this->RelativeDistinguishedName = array(
+ 'type' => FILE_ASN1_TYPE_SET,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $AttributeTypeAndValue
+ );
+
+ // http://tools.ietf.org/html/rfc5280#section-4.1.2.4
+ $RDNSequence = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ // RDNSequence does not define a min or a max, which means it doesn't have one
+ 'min' => 0,
+ 'max' => -1,
+ 'children' => $this->RelativeDistinguishedName
+ );
+
+ $this->Name = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'rdnSequence' => $RDNSequence
+ )
+ );
+
+ // http://tools.ietf.org/html/rfc5280#section-4.1.1.2
+ $AlgorithmIdentifier = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'algorithm' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER),
+ 'parameters' => array(
+ 'type' => FILE_ASN1_TYPE_ANY,
+ 'optional' => true
+ )
+ )
+ );
+
+ /*
+ A certificate using system MUST reject the certificate if it encounters
+ a critical extension it does not recognize; however, a non-critical
+ extension may be ignored if it is not recognized.
+
+ http://tools.ietf.org/html/rfc5280#section-4.2
+ */
+ $Extension = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'extnId' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER),
+ 'critical' => array(
+ 'type' => FILE_ASN1_TYPE_BOOLEAN,
+ 'optional' => true,
+ 'default' => false
+ ),
+ 'extnValue' => array('type' => FILE_ASN1_TYPE_OCTET_STRING)
+ )
+ );
+
+ $this->Extensions = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ // technically, it's MAX, but we'll assume anything < 0 is MAX
+ 'max' => -1,
+ // if 'children' isn't an array then 'min' and 'max' must be defined
+ 'children' => $Extension
+ );
+
+ $SubjectPublicKeyInfo = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'algorithm' => $AlgorithmIdentifier,
+ 'subjectPublicKey' => array('type' => FILE_ASN1_TYPE_BIT_STRING)
+ )
+ );
+
+ $UniqueIdentifier = array('type' => FILE_ASN1_TYPE_BIT_STRING);
+
+ $Time = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'utcTime' => array('type' => FILE_ASN1_TYPE_UTC_TIME),
+ 'generalTime' => array('type' => FILE_ASN1_TYPE_GENERALIZED_TIME)
+ )
+ );
+
+ // http://tools.ietf.org/html/rfc5280#section-4.1.2.5
+ $Validity = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'notBefore' => $Time,
+ 'notAfter' => $Time
+ )
+ );
+
+ $CertificateSerialNumber = array('type' => FILE_ASN1_TYPE_INTEGER);
+
+ $Version = array(
+ 'type' => FILE_ASN1_TYPE_INTEGER,
+ 'mapping' => array('v1', 'v2', 'v3')
+ );
+
+ // assert($TBSCertificate['children']['signature'] == $Certificate['children']['signatureAlgorithm'])
+ $TBSCertificate = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ // technically, default implies optional, but we'll define it as being optional, none-the-less, just to
+ // reenforce that fact
+ 'version' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'explicit' => true,
+ 'default' => 'v1'
+ ) + $Version,
+ 'serialNumber' => $CertificateSerialNumber,
+ 'signature' => $AlgorithmIdentifier,
+ 'issuer' => $this->Name,
+ 'validity' => $Validity,
+ 'subject' => $this->Name,
+ 'subjectPublicKeyInfo' => $SubjectPublicKeyInfo,
+ // implicit means that the T in the TLV structure is to be rewritten, regardless of the type
+ 'issuerUniqueID' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $UniqueIdentifier,
+ 'subjectUniqueID' => array(
+ 'constant' => 2,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $UniqueIdentifier,
+ // <http://tools.ietf.org/html/rfc2459#page-74> doesn't use the EXPLICIT keyword but if
+ // it's not IMPLICIT, it's EXPLICIT
+ 'extensions' => array(
+ 'constant' => 3,
+ 'optional' => true,
+ 'explicit' => true
+ ) + $this->Extensions
+ )
+ );
+
+ $this->Certificate = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'tbsCertificate' => $TBSCertificate,
+ 'signatureAlgorithm' => $AlgorithmIdentifier,
+ 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING)
+ )
+ );
+
+ $this->KeyUsage = array(
+ 'type' => FILE_ASN1_TYPE_BIT_STRING,
+ 'mapping' => array(
+ 'digitalSignature',
+ 'nonRepudiation',
+ 'keyEncipherment',
+ 'dataEncipherment',
+ 'keyAgreement',
+ 'keyCertSign',
+ 'cRLSign',
+ 'encipherOnly',
+ 'decipherOnly'
+ )
+ );
+
+ $this->BasicConstraints = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'cA' => array(
+ 'type' => FILE_ASN1_TYPE_BOOLEAN,
+ 'optional' => true,
+ 'default' => false
+ ),
+ 'pathLenConstraint' => array(
+ 'type' => FILE_ASN1_TYPE_INTEGER,
+ 'optional' => true
+ )
+ )
+ );
+
+ $this->KeyIdentifier = array('type' => FILE_ASN1_TYPE_OCTET_STRING);
+
+ $OrganizationalUnitNames = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => 4, // ub-organizational-units
+ 'children' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING)
+ );
+
+ $PersonalName = array(
+ 'type' => FILE_ASN1_TYPE_SET,
+ 'children' => array(
+ 'surname' => array(
+ 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING,
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'given-name' => array(
+ 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING,
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'initials' => array(
+ 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING,
+ 'constant' => 2,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'generation-qualifier' => array(
+ 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING,
+ 'constant' => 3,
+ 'optional' => true,
+ 'implicit' => true
+ )
+ )
+ );
+
+ $NumericUserIdentifier = array('type' => FILE_ASN1_TYPE_NUMERIC_STRING);
+
+ $OrganizationName = array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING);
+
+ $PrivateDomainName = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'numeric' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING),
+ 'printable' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING)
+ )
+ );
+
+ $TerminalIdentifier = array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING);
+
+ $NetworkAddress = array('type' => FILE_ASN1_TYPE_NUMERIC_STRING);
+
+ $AdministrationDomainName = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ // if class isn't present it's assumed to be FILE_ASN1_CLASS_UNIVERSAL or
+ // (if constant is present) FILE_ASN1_CLASS_CONTEXT_SPECIFIC
+ 'class' => FILE_ASN1_CLASS_APPLICATION,
+ 'cast' => 2,
+ 'children' => array(
+ 'numeric' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING),
+ 'printable' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING)
+ )
+ );
+
+ $CountryName = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ // if class isn't present it's assumed to be FILE_ASN1_CLASS_UNIVERSAL or
+ // (if constant is present) FILE_ASN1_CLASS_CONTEXT_SPECIFIC
+ 'class' => FILE_ASN1_CLASS_APPLICATION,
+ 'cast' => 1,
+ 'children' => array(
+ 'x121-dcc-code' => array('type' => FILE_ASN1_TYPE_NUMERIC_STRING),
+ 'iso-3166-alpha2-code' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING)
+ )
+ );
+
+ $AnotherName = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'type-id' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER),
+ 'value' => array(
+ 'type' => FILE_ASN1_TYPE_ANY,
+ 'constant' => 0,
+ 'optional' => true,
+ 'explicit' => true
+ )
+ )
+ );
+
+ $ExtensionAttribute = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'extension-attribute-type' => array(
+ 'type' => FILE_ASN1_TYPE_PRINTABLE_STRING,
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'extension-attribute-value' => array(
+ 'type' => FILE_ASN1_TYPE_ANY,
+ 'constant' => 1,
+ 'optional' => true,
+ 'explicit' => true
+ )
+ )
+ );
+
+ $ExtensionAttributes = array(
+ 'type' => FILE_ASN1_TYPE_SET,
+ 'min' => 1,
+ 'max' => 256, // ub-extension-attributes
+ 'children' => $ExtensionAttribute
+ );
+
+ $BuiltInDomainDefinedAttribute = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'type' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING),
+ 'value' => array('type' => FILE_ASN1_TYPE_PRINTABLE_STRING)
+ )
+ );
+
+ $BuiltInDomainDefinedAttributes = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => 4, // ub-domain-defined-attributes
+ 'children' => $BuiltInDomainDefinedAttribute
+ );
+
+ $BuiltInStandardAttributes = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'country-name' => array('optional' => true) + $CountryName,
+ 'administration-domain-name' => array('optional' => true) + $AdministrationDomainName,
+ 'network-address' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $NetworkAddress,
+ 'terminal-identifier' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $TerminalIdentifier,
+ 'private-domain-name' => array(
+ 'constant' => 2,
+ 'optional' => true,
+ 'explicit' => true
+ ) + $PrivateDomainName,
+ 'organization-name' => array(
+ 'constant' => 3,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $OrganizationName,
+ 'numeric-user-identifier' => array(
+ 'constant' => 4,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $NumericUserIdentifier,
+ 'personal-name' => array(
+ 'constant' => 5,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $PersonalName,
+ 'organizational-unit-names' => array(
+ 'constant' => 6,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $OrganizationalUnitNames
+ )
+ );
+
+ $ORAddress = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'built-in-standard-attributes' => $BuiltInStandardAttributes,
+ 'built-in-domain-defined-attributes' => array('optional' => true) + $BuiltInDomainDefinedAttributes,
+ 'extension-attributes' => array('optional' => true) + $ExtensionAttributes
+ )
+ );
+
+ $EDIPartyName = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'nameAssigner' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $this->DirectoryString,
+ // partyName is technically required but File_ASN1 doesn't currently support non-optional constants and
+ // setting it to optional gets the job done in any event.
+ 'partyName' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $this->DirectoryString
+ )
+ );
+
+ $GeneralName = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'otherName' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $AnotherName,
+ 'rfc822Name' => array(
+ 'type' => FILE_ASN1_TYPE_IA5_STRING,
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'dNSName' => array(
+ 'type' => FILE_ASN1_TYPE_IA5_STRING,
+ 'constant' => 2,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'x400Address' => array(
+ 'constant' => 3,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $ORAddress,
+ 'directoryName' => array(
+ 'constant' => 4,
+ 'optional' => true,
+ 'explicit' => true
+ ) + $this->Name,
+ 'ediPartyName' => array(
+ 'constant' => 5,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $EDIPartyName,
+ 'uniformResourceIdentifier' => array(
+ 'type' => FILE_ASN1_TYPE_IA5_STRING,
+ 'constant' => 6,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'iPAddress' => array(
+ 'type' => FILE_ASN1_TYPE_OCTET_STRING,
+ 'constant' => 7,
+ 'optional' => true,
+ 'implicit' => true
+ ),
+ 'registeredID' => array(
+ 'type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER,
+ 'constant' => 8,
+ 'optional' => true,
+ 'implicit' => true
+ )
+ )
+ );
+
+ $GeneralNames = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $GeneralName
+ );
+
+ $this->IssuerAltName = $GeneralNames;
+
+ $ReasonFlags = array(
+ 'type' => FILE_ASN1_TYPE_BIT_STRING,
+ 'mapping' => array(
+ 'unused',
+ 'keyCompromise',
+ 'cACompromise',
+ 'affiliationChanged',
+ 'superseded',
+ 'cessationOfOperation',
+ 'certificateHold',
+ 'privilegeWithdrawn',
+ 'aACompromise'
+ )
+ );
+
+ $DistributionPointName = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'fullName' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $GeneralNames,
+ 'nameRelativeToCRLIssuer' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $this->RelativeDistinguishedName
+ )
+ );
+
+ $DistributionPoint = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'distributionPoint' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'explicit' => true
+ ) + $DistributionPointName,
+ 'reasons' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $ReasonFlags,
+ 'cRLIssuer' => array(
+ 'constant' => 2,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $GeneralNames
+ )
+ );
+
+ $this->CRLDistributionPoints = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $DistributionPoint
+ );
+
+ $this->AuthorityKeyIdentifier = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'keyIdentifier' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $this->KeyIdentifier,
+ 'authorityCertIssuer' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $GeneralNames,
+ 'authorityCertSerialNumber' => array(
+ 'constant' => 2,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $CertificateSerialNumber
+ )
+ );
+
+ $PolicyQualifierId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER);
+
+ $PolicyQualifierInfo = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'policyQualifierId' => $PolicyQualifierId,
+ 'qualifier' => array('type' => FILE_ASN1_TYPE_ANY)
+ )
+ );
+
+ $CertPolicyId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER);
+
+ $PolicyInformation = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'policyIdentifier' => $CertPolicyId,
+ 'policyQualifiers' => array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 0,
+ 'max' => -1,
+ 'optional' => true,
+ 'children' => $PolicyQualifierInfo
+ )
+ )
+ );
+
+ $this->CertificatePolicies = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $PolicyInformation
+ );
+
+ $this->PolicyMappings = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'issuerDomainPolicy' => $CertPolicyId,
+ 'subjectDomainPolicy' => $CertPolicyId
+ )
+ )
+ );
+
+ $KeyPurposeId = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER);
+
+ $this->ExtKeyUsageSyntax = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $KeyPurposeId
+ );
+
+ $AccessDescription = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'accessMethod' => array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER),
+ 'accessLocation' => $GeneralName
+ )
+ );
+
+ $this->AuthorityInfoAccessSyntax = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $AccessDescription
+ );
+
+ $this->SubjectAltName = $GeneralNames;
+
+ $this->PrivateKeyUsagePeriod = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'notBefore' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true,
+ 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME),
+ 'notAfter' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true,
+ 'type' => FILE_ASN1_TYPE_GENERALIZED_TIME)
+ )
+ );
+
+ $BaseDistance = array('type' => FILE_ASN1_TYPE_INTEGER);
+
+ $GeneralSubtree = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'base' => $GeneralName,
+ 'minimum' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true,
+ 'default' => new Math_BigInteger(0)
+ ) + $BaseDistance,
+ 'maximum' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true,
+ ) + $BaseDistance
+ )
+ );
+
+ $GeneralSubtrees = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $GeneralSubtree
+ );
+
+ $this->NameConstraints = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'permittedSubtrees' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $GeneralSubtrees,
+ 'excludedSubtrees' => array(
+ 'constant' => 1,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $GeneralSubtrees
+ )
+ );
+
+ $this->CPSuri = array('type' => FILE_ASN1_TYPE_IA5_STRING);
+
+ $DisplayText = array(
+ 'type' => FILE_ASN1_TYPE_CHOICE,
+ 'children' => array(
+ 'ia5String' => array('type' => FILE_ASN1_TYPE_IA5_STRING),
+ 'visibleString' => array('type' => FILE_ASN1_TYPE_VISIBLE_STRING),
+ 'bmpString' => array('type' => FILE_ASN1_TYPE_BMP_STRING),
+ 'utf8String' => array('type' => FILE_ASN1_TYPE_UTF8_STRING)
+ )
+ );
+
+ $NoticeReference = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'organization' => $DisplayText,
+ 'noticeNumbers' => array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'min' => 1,
+ 'max' => 200,
+ 'children' => array('type' => FILE_ASN1_TYPE_INTEGER)
+ )
+ )
+ );
+
+ $this->UserNotice = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'noticeRef' => array(
+ 'optional' => true,
+ 'implicit' => true
+ ) + $NoticeReference,
+ 'explicitText' => array(
+ 'optional' => true,
+ 'implicit' => true
+ ) + $DisplayText
+ )
+ );
+
+ // mapping is from <http://www.mozilla.org/projects/security/pki/nss/tech-notes/tn3.html>
+ $this->netscape_cert_type = array(
+ 'type' => FILE_ASN1_TYPE_BIT_STRING,
+ 'mapping' => array(
+ 'SSLClient',
+ 'SSLServer',
+ 'Email',
+ 'ObjectSigning',
+ 'Reserved',
+ 'SSLCA',
+ 'EmailCA',
+ 'ObjectSigningCA'
+ )
+ );
+
+ $this->netscape_comment = array('type' => FILE_ASN1_TYPE_IA5_STRING);
+ $this->netscape_ca_policy_url = array('type' => FILE_ASN1_TYPE_IA5_STRING);
+
+ // attribute is used in RFC2986 but we're using the RFC5280 definition
+
+ $Attribute = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'type' => $AttributeType,
+ 'value'=> array(
+ 'type' => FILE_ASN1_TYPE_SET,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $this->AttributeValue
+ )
+ )
+ );
+
+ // adapted from <http://tools.ietf.org/html/rfc2986>
+
+ $Attributes = array(
+ 'type' => FILE_ASN1_TYPE_SET,
+ 'min' => 1,
+ 'max' => -1,
+ 'children' => $Attribute
+ );
+
+ $CertificationRequestInfo = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'version' => array(
+ 'type' => FILE_ASN1_TYPE_INTEGER,
+ 'mapping' => array('v1')
+ ),
+ 'subject' => $this->Name,
+ 'subjectPKInfo' => $SubjectPublicKeyInfo,
+ 'attributes' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $Attributes,
+ )
+ );
+
+ $this->CertificationRequest = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'certificationRequestInfo' => $CertificationRequestInfo,
+ 'signatureAlgorithm' => $AlgorithmIdentifier,
+ 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING)
+ )
+ );
+
+ $RevokedCertificate = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'userCertificate' => $CertificateSerialNumber,
+ 'revocationDate' => $Time,
+ 'crlEntryExtensions' => array(
+ 'optional' => true
+ ) + $this->Extensions
+ )
+ );
+
+ $TBSCertList = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'version' => array(
+ 'optional' => true,
+ 'default' => 'v1'
+ ) + $Version,
+ 'signature' => $AlgorithmIdentifier,
+ 'issuer' => $this->Name,
+ 'thisUpdate' => $Time,
+ 'nextUpdate' => array(
+ 'optional' => true
+ ) + $Time,
+ 'revokedCertificates' => array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'optional' => true,
+ 'min' => 0,
+ 'max' => -1,
+ 'children' => $RevokedCertificate
+ ),
+ 'crlExtensions' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'explicit' => true
+ ) + $this->Extensions
+ )
+ );
+
+ $this->CertificateList = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'tbsCertList' => $TBSCertList,
+ 'signatureAlgorithm' => $AlgorithmIdentifier,
+ 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING)
+ )
+ );
+
+ $this->CRLNumber = array('type' => FILE_ASN1_TYPE_INTEGER);
+
+ $this->CRLReason = array('type' => FILE_ASN1_TYPE_ENUMERATED,
+ 'mapping' => array(
+ 'unspecified',
+ 'keyCompromise',
+ 'cACompromise',
+ 'affiliationChanged',
+ 'superseded',
+ 'cessationOfOperation',
+ 'certificateHold',
+ // Value 7 is not used.
+ 8 => 'removeFromCRL',
+ 'privilegeWithdrawn',
+ 'aACompromise'
+ )
+ );
+
+ $this->IssuingDistributionPoint = array('type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'distributionPoint' => array(
+ 'constant' => 0,
+ 'optional' => true,
+ 'explicit' => true
+ ) + $DistributionPointName,
+ 'onlyContainsUserCerts' => array(
+ 'type' => FILE_ASN1_TYPE_BOOLEAN,
+ 'constant' => 1,
+ 'optional' => true,
+ 'default' => false,
+ 'implicit' => true
+ ),
+ 'onlyContainsCACerts' => array(
+ 'type' => FILE_ASN1_TYPE_BOOLEAN,
+ 'constant' => 2,
+ 'optional' => true,
+ 'default' => false,
+ 'implicit' => true
+ ),
+ 'onlySomeReasons' => array(
+ 'constant' => 3,
+ 'optional' => true,
+ 'implicit' => true
+ ) + $ReasonFlags,
+ 'indirectCRL' => array(
+ 'type' => FILE_ASN1_TYPE_BOOLEAN,
+ 'constant' => 4,
+ 'optional' => true,
+ 'default' => false,
+ 'implicit' => true
+ ),
+ 'onlyContainsAttributeCerts' => array(
+ 'type' => FILE_ASN1_TYPE_BOOLEAN,
+ 'constant' => 5,
+ 'optional' => true,
+ 'default' => false,
+ 'implicit' => true
+ )
+ )
+ );
+
+ $this->InvalidityDate = array('type' => FILE_ASN1_TYPE_GENERALIZED_TIME);
+
+ $this->CertificateIssuer = $GeneralNames;
+
+ $this->HoldInstructionCode = array('type' => FILE_ASN1_TYPE_OBJECT_IDENTIFIER);
+
+ $PublicKeyAndChallenge = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'spki' => $SubjectPublicKeyInfo,
+ 'challenge' => array('type' => FILE_ASN1_TYPE_IA5_STRING)
+ )
+ );
+
+ $this->SignedPublicKeyAndChallenge = array(
+ 'type' => FILE_ASN1_TYPE_SEQUENCE,
+ 'children' => array(
+ 'publicKeyAndChallenge' => $PublicKeyAndChallenge,
+ 'signatureAlgorithm' => $AlgorithmIdentifier,
+ 'signature' => array('type' => FILE_ASN1_TYPE_BIT_STRING)
+ )
+ );
+
+ // OIDs from RFC5280 and those RFCs mentioned in RFC5280#section-4.1.1.2
+ $this->oids = array(
+ '1.3.6.1.5.5.7' => 'id-pkix',
+ '1.3.6.1.5.5.7.1' => 'id-pe',
+ '1.3.6.1.5.5.7.2' => 'id-qt',
+ '1.3.6.1.5.5.7.3' => 'id-kp',
+ '1.3.6.1.5.5.7.48' => 'id-ad',
+ '1.3.6.1.5.5.7.2.1' => 'id-qt-cps',
+ '1.3.6.1.5.5.7.2.2' => 'id-qt-unotice',
+ '1.3.6.1.5.5.7.48.1' =>'id-ad-ocsp',
+ '1.3.6.1.5.5.7.48.2' => 'id-ad-caIssuers',
+ '1.3.6.1.5.5.7.48.3' => 'id-ad-timeStamping',
+ '1.3.6.1.5.5.7.48.5' => 'id-ad-caRepository',
+ '2.5.4' => 'id-at',
+ '2.5.4.41' => 'id-at-name',
+ '2.5.4.4' => 'id-at-surname',
+ '2.5.4.42' => 'id-at-givenName',
+ '2.5.4.43' => 'id-at-initials',
+ '2.5.4.44' => 'id-at-generationQualifier',
+ '2.5.4.3' => 'id-at-commonName',
+ '2.5.4.7' => 'id-at-localityName',
+ '2.5.4.8' => 'id-at-stateOrProvinceName',
+ '2.5.4.10' => 'id-at-organizationName',
+ '2.5.4.11' => 'id-at-organizationalUnitName',
+ '2.5.4.12' => 'id-at-title',
+ '2.5.4.13' => 'id-at-description',
+ '2.5.4.46' => 'id-at-dnQualifier',
+ '2.5.4.6' => 'id-at-countryName',
+ '2.5.4.5' => 'id-at-serialNumber',
+ '2.5.4.65' => 'id-at-pseudonym',
+ '2.5.4.17' => 'id-at-postalCode',
+ '2.5.4.9' => 'id-at-streetAddress',
+ '2.5.4.45' => 'id-at-uniqueIdentifier',
+ '2.5.4.72' => 'id-at-role',
+
+ '0.9.2342.19200300.100.1.25' => 'id-domainComponent',
+ '1.2.840.113549.1.9' => 'pkcs-9',
+ '1.2.840.113549.1.9.1' => 'pkcs-9-at-emailAddress',
+ '2.5.29' => 'id-ce',
+ '2.5.29.35' => 'id-ce-authorityKeyIdentifier',
+ '2.5.29.14' => 'id-ce-subjectKeyIdentifier',
+ '2.5.29.15' => 'id-ce-keyUsage',
+ '2.5.29.16' => 'id-ce-privateKeyUsagePeriod',
+ '2.5.29.32' => 'id-ce-certificatePolicies',
+ '2.5.29.32.0' => 'anyPolicy',
+
+ '2.5.29.33' => 'id-ce-policyMappings',
+ '2.5.29.17' => 'id-ce-subjectAltName',
+ '2.5.29.18' => 'id-ce-issuerAltName',
+ '2.5.29.9' => 'id-ce-subjectDirectoryAttributes',
+ '2.5.29.19' => 'id-ce-basicConstraints',
+ '2.5.29.30' => 'id-ce-nameConstraints',
+ '2.5.29.36' => 'id-ce-policyConstraints',
+ '2.5.29.31' => 'id-ce-cRLDistributionPoints',
+ '2.5.29.37' => 'id-ce-extKeyUsage',
+ '2.5.29.37.0' => 'anyExtendedKeyUsage',
+ '1.3.6.1.5.5.7.3.1' => 'id-kp-serverAuth',
+ '1.3.6.1.5.5.7.3.2' => 'id-kp-clientAuth',
+ '1.3.6.1.5.5.7.3.3' => 'id-kp-codeSigning',
+ '1.3.6.1.5.5.7.3.4' => 'id-kp-emailProtection',
+ '1.3.6.1.5.5.7.3.8' => 'id-kp-timeStamping',
+ '1.3.6.1.5.5.7.3.9' => 'id-kp-OCSPSigning',
+ '2.5.29.54' => 'id-ce-inhibitAnyPolicy',
+ '2.5.29.46' => 'id-ce-freshestCRL',
+ '1.3.6.1.5.5.7.1.1' => 'id-pe-authorityInfoAccess',
+ '1.3.6.1.5.5.7.1.11' => 'id-pe-subjectInfoAccess',
+ '2.5.29.20' => 'id-ce-cRLNumber',
+ '2.5.29.28' => 'id-ce-issuingDistributionPoint',
+ '2.5.29.27' => 'id-ce-deltaCRLIndicator',
+ '2.5.29.21' => 'id-ce-cRLReasons',
+ '2.5.29.29' => 'id-ce-certificateIssuer',
+ '2.5.29.23' => 'id-ce-holdInstructionCode',
+ '1.2.840.10040.2' => 'holdInstruction',
+ '1.2.840.10040.2.1' => 'id-holdinstruction-none',
+ '1.2.840.10040.2.2' => 'id-holdinstruction-callissuer',
+ '1.2.840.10040.2.3' => 'id-holdinstruction-reject',
+ '2.5.29.24' => 'id-ce-invalidityDate',
+
+ '1.2.840.113549.2.2' => 'md2',
+ '1.2.840.113549.2.5' => 'md5',
+ '1.3.14.3.2.26' => 'id-sha1',
+ '1.2.840.10040.4.1' => 'id-dsa',
+ '1.2.840.10040.4.3' => 'id-dsa-with-sha1',
+ '1.2.840.113549.1.1' => 'pkcs-1',
+ '1.2.840.113549.1.1.1' => 'rsaEncryption',
+ '1.2.840.113549.1.1.2' => 'md2WithRSAEncryption',
+ '1.2.840.113549.1.1.4' => 'md5WithRSAEncryption',
+ '1.2.840.113549.1.1.5' => 'sha1WithRSAEncryption',
+ '1.2.840.10046.2.1' => 'dhpublicnumber',
+ '2.16.840.1.101.2.1.1.22' => 'id-keyExchangeAlgorithm',
+ '1.2.840.10045' => 'ansi-X9-62',
+ '1.2.840.10045.4' => 'id-ecSigType',
+ '1.2.840.10045.4.1' => 'ecdsa-with-SHA1',
+ '1.2.840.10045.1' => 'id-fieldType',
+ '1.2.840.10045.1.1' => 'prime-field',
+ '1.2.840.10045.1.2' => 'characteristic-two-field',
+ '1.2.840.10045.1.2.3' => 'id-characteristic-two-basis',
+ '1.2.840.10045.1.2.3.1' => 'gnBasis',
+ '1.2.840.10045.1.2.3.2' => 'tpBasis',
+ '1.2.840.10045.1.2.3.3' => 'ppBasis',
+ '1.2.840.10045.2' => 'id-publicKeyType',
+ '1.2.840.10045.2.1' => 'id-ecPublicKey',
+ '1.2.840.10045.3' => 'ellipticCurve',
+ '1.2.840.10045.3.0' => 'c-TwoCurve',
+ '1.2.840.10045.3.0.1' => 'c2pnb163v1',
+ '1.2.840.10045.3.0.2' => 'c2pnb163v2',
+ '1.2.840.10045.3.0.3' => 'c2pnb163v3',
+ '1.2.840.10045.3.0.4' => 'c2pnb176w1',
+ '1.2.840.10045.3.0.5' => 'c2pnb191v1',
+ '1.2.840.10045.3.0.6' => 'c2pnb191v2',
+ '1.2.840.10045.3.0.7' => 'c2pnb191v3',
+ '1.2.840.10045.3.0.8' => 'c2pnb191v4',
+ '1.2.840.10045.3.0.9' => 'c2pnb191v5',
+ '1.2.840.10045.3.0.10' => 'c2pnb208w1',
+ '1.2.840.10045.3.0.11' => 'c2pnb239v1',
+ '1.2.840.10045.3.0.12' => 'c2pnb239v2',
+ '1.2.840.10045.3.0.13' => 'c2pnb239v3',
+ '1.2.840.10045.3.0.14' => 'c2pnb239v4',
+ '1.2.840.10045.3.0.15' => 'c2pnb239v5',
+ '1.2.840.10045.3.0.16' => 'c2pnb272w1',
+ '1.2.840.10045.3.0.17' => 'c2pnb304w1',
+ '1.2.840.10045.3.0.18' => 'c2pnb359v1',
+ '1.2.840.10045.3.0.19' => 'c2pnb368w1',
+ '1.2.840.10045.3.0.20' => 'c2pnb431r1',
+ '1.2.840.10045.3.1' => 'primeCurve',
+ '1.2.840.10045.3.1.1' => 'prime192v1',
+ '1.2.840.10045.3.1.2' => 'prime192v2',
+ '1.2.840.10045.3.1.3' => 'prime192v3',
+ '1.2.840.10045.3.1.4' => 'prime239v1',
+ '1.2.840.10045.3.1.5' => 'prime239v2',
+ '1.2.840.10045.3.1.6' => 'prime239v3',
+ '1.2.840.10045.3.1.7' => 'prime256v1',
+ '1.2.840.113549.1.1.7' => 'id-RSAES-OAEP',
+ '1.2.840.113549.1.1.9' => 'id-pSpecified',
+ '1.2.840.113549.1.1.10' => 'id-RSASSA-PSS',
+ '1.2.840.113549.1.1.8' => 'id-mgf1',
+ '1.2.840.113549.1.1.14' => 'sha224WithRSAEncryption',
+ '1.2.840.113549.1.1.11' => 'sha256WithRSAEncryption',
+ '1.2.840.113549.1.1.12' => 'sha384WithRSAEncryption',
+ '1.2.840.113549.1.1.13' => 'sha512WithRSAEncryption',
+ '2.16.840.1.101.3.4.2.4' => 'id-sha224',
+ '2.16.840.1.101.3.4.2.1' => 'id-sha256',
+ '2.16.840.1.101.3.4.2.2' => 'id-sha384',
+ '2.16.840.1.101.3.4.2.3' => 'id-sha512',
+ '1.2.643.2.2.4' => 'id-GostR3411-94-with-GostR3410-94',
+ '1.2.643.2.2.3' => 'id-GostR3411-94-with-GostR3410-2001',
+ '1.2.643.2.2.20' => 'id-GostR3410-2001',
+ '1.2.643.2.2.19' => 'id-GostR3410-94',
+ // Netscape Object Identifiers from "Netscape Certificate Extensions"
+ '2.16.840.1.113730' => 'netscape',
+ '2.16.840.1.113730.1' => 'netscape-cert-extension',
+ '2.16.840.1.113730.1.1' => 'netscape-cert-type',
+ '2.16.840.1.113730.1.13' => 'netscape-comment',
+ '2.16.840.1.113730.1.8' => 'netscape-ca-policy-url',
+ // the following are X.509 extensions not supported by phpseclib
+ '1.3.6.1.5.5.7.1.12' => 'id-pe-logotype',
+ '1.2.840.113533.7.65.0' => 'entrustVersInfo',
+ '2.16.840.1.113733.1.6.9' => 'verisignPrivate',
+ // for Certificate Signing Requests
+ // see http://tools.ietf.org/html/rfc2985
+ '1.2.840.113549.1.9.2' => 'pkcs-9-at-unstructuredName', // PKCS #9 unstructured name
+ '1.2.840.113549.1.9.7' => 'pkcs-9-at-challengePassword', // Challenge password for certificate revocations
+ '1.2.840.113549.1.9.14' => 'pkcs-9-at-extensionRequest' // Certificate extension request
+ );
+ }
+
+ /**
+ * Load X.509 certificate
+ *
+ * Returns an associative array describing the X.509 cert or a false if the cert failed to load
+ *
+ * @param String $cert
+ * @access public
+ * @return Mixed
+ */
+ function loadX509($cert)
+ {
+ if (is_array($cert) && isset($cert['tbsCertificate'])) {
+ unset($this->currentCert);
+ unset($this->currentKeyIdentifier);
+ $this->dn = $cert['tbsCertificate']['subject'];
+ if (!isset($this->dn)) {
+ return false;
+ }
+ $this->currentCert = $cert;
+
+ $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier');
+ $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : NULL;
+
+ unset($this->signatureSubject);
+
+ return $cert;
+ }
+
+ $asn1 = new File_ASN1();
+
+ /*
+ X.509 certs are assumed to be base64 encoded but sometimes they'll have additional things in them above and beyond the ceritificate. ie.
+ some may have the following preceeding the -----BEGIN CERTIFICATE----- line:
+
+ subject=/O=organization/OU=org unit/CN=common name
+ issuer=/O=organization/CN=common name
+ */
+ $temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $cert);
+ $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
+ if ($temp != false) {
+ $cert = $temp;
+ }
+
+ if ($cert === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $asn1->loadOIDs($this->oids);
+ $decoded = $asn1->decodeBER($cert);
+
+ if (!empty($decoded)) {
+ $x509 = $asn1->asn1map($decoded[0], $this->Certificate);
+ }
+ if (!isset($x509) || $x509 === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $this->signatureSubject = substr($cert, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']);
+
+ $this->_mapInExtensions($x509, 'tbsCertificate/extensions', $asn1);
+
+ $key = &$x509['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'];
+ $key = $this->_reformatKey($x509['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'], $key);
+
+ $this->currentCert = $x509;
+ $this->dn = $x509['tbsCertificate']['subject'];
+
+ $currentKeyIdentifier = $this->getExtension('id-ce-subjectKeyIdentifier');
+ $this->currentKeyIdentifier = is_string($currentKeyIdentifier) ? $currentKeyIdentifier : NULL;
+
+ return $x509;
+ }
+
+ /**
+ * Save X.509 certificate
+ *
+ * @param Array $cert
+ * @param Integer $format optional
+ * @access public
+ * @return String
+ */
+ function saveX509($cert, $format = FILE_X509_FORMAT_PEM)
+ {
+ if (!is_array($cert) || !isset($cert['tbsCertificate'])) {
+ return false;
+ }
+
+ switch (true) {
+ // "case !$a: case !$b: break; default: whatever();" is the same thing as "if ($a && $b) whatever()"
+ case !($algorithm = $this->_subArray($cert, 'tbsCertificate/subjectPublicKeyInfo/algorithm/algorithm')):
+ case is_object($cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']):
+ break;
+ default:
+ switch ($algorithm) {
+ case 'rsaEncryption':
+ $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'] =
+ base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $cert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'])));
+ }
+ }
+
+ $asn1 = new File_ASN1();
+
+ $asn1->loadOIDs($this->oids);
+
+ $filters = array();
+ $filters['tbsCertificate']['signature']['parameters'] =
+ $filters['tbsCertificate']['signature']['issuer']['rdnSequence']['value'] =
+ $filters['tbsCertificate']['issuer']['rdnSequence']['value'] =
+ $filters['tbsCertificate']['subject']['rdnSequence']['value'] =
+ $filters['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['parameters'] =
+ $filters['signatureAlgorithm']['parameters'] =
+ $filters['authorityCertIssuer']['directoryName']['rdnSequence']['value'] =
+ //$filters['policyQualifiers']['qualifier'] =
+ $filters['distributionPoint']['fullName']['directoryName']['rdnSequence']['value'] =
+ $filters['directoryName']['rdnSequence']['value'] =
+ array('type' => FILE_ASN1_TYPE_UTF8_STRING);
+ /* in the case of policyQualifiers/qualifier, the type has to be FILE_ASN1_TYPE_IA5_STRING.
+ FILE_ASN1_TYPE_PRINTABLE_STRING will cause OpenSSL's X.509 parser to spit out random
+ characters.
+ */
+ $filters['policyQualifiers']['qualifier'] =
+ array('type' => FILE_ASN1_TYPE_IA5_STRING);
+
+ $asn1->loadFilters($filters);
+
+ $this->_mapOutExtensions($cert, 'tbsCertificate/extensions', $asn1);
+
+ $cert = $asn1->encodeDER($cert, $this->Certificate);
+
+ switch ($format) {
+ case FILE_X509_FORMAT_DER:
+ return $cert;
+ // case FILE_X509_FORMAT_PEM:
+ default:
+ return "-----BEGIN CERTIFICATE-----\r\n" . chunk_split(base64_encode($cert), 64) . '-----END CERTIFICATE-----';
+ }
+ }
+
+ /**
+ * Map extension values from octet string to extension-specific internal
+ * format.
+ *
+ * @param Array ref $root
+ * @param String $path
+ * @param Object $asn1
+ * @access private
+ */
+ function _mapInExtensions(&$root, $path, $asn1)
+ {
+ $extensions = &$this->_subArray($root, $path);
+
+ if (is_array($extensions)) {
+ for ($i = 0; $i < count($extensions); $i++) {
+ $id = $extensions[$i]['extnId'];
+ $value = &$extensions[$i]['extnValue'];
+ $value = base64_decode($value);
+ $decoded = $asn1->decodeBER($value);
+ /* [extnValue] contains the DER encoding of an ASN.1 value
+ corresponding to the extension type identified by extnID */
+ $map = $this->_getMapping($id);
+ if (!is_bool($map)) {
+ $mapped = $asn1->asn1map($decoded[0], $map);
+ $value = $mapped === false ? $decoded[0] : $mapped;
+
+ if ($id == 'id-ce-certificatePolicies') {
+ for ($j = 0; $j < count($value); $j++) {
+ if (!isset($value[$j]['policyQualifiers'])) {
+ continue;
+ }
+ for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) {
+ $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId'];
+ $map = $this->_getMapping($subid);
+ $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier'];
+ if ($map !== false) {
+ $decoded = $asn1->decodeBER($subvalue);
+ $mapped = $asn1->asn1map($decoded[0], $map);
+ $subvalue = $mapped === false ? $decoded[0] : $mapped;
+ }
+ }
+ }
+ }
+ } elseif ($map) {
+ $value = base64_encode($value);
+ }
+ }
+ }
+ }
+
+ /**
+ * Map extension values from extension-specific internal format to
+ * octet string.
+ *
+ * @param Array ref $root
+ * @param String $path
+ * @param Object $asn1
+ * @access private
+ */
+ function _mapOutExtensions(&$root, $path, $asn1)
+ {
+ $extensions = &$this->_subArray($root, $path);
+
+ if (is_array($extensions)) {
+ $size = count($extensions);
+ for ($i = 0; $i < $size; $i++) {
+ $id = $extensions[$i]['extnId'];
+ $value = &$extensions[$i]['extnValue'];
+
+ switch ($id) {
+ case 'id-ce-certificatePolicies':
+ for ($j = 0; $j < count($value); $j++) {
+ if (!isset($value[$j]['policyQualifiers'])) {
+ continue;
+ }
+ for ($k = 0; $k < count($value[$j]['policyQualifiers']); $k++) {
+ $subid = $value[$j]['policyQualifiers'][$k]['policyQualifierId'];
+ $map = $this->_getMapping($subid);
+ $subvalue = &$value[$j]['policyQualifiers'][$k]['qualifier'];
+ if ($map !== false) {
+ // by default File_ASN1 will try to render qualifier as a FILE_ASN1_TYPE_IA5_STRING since it's
+ // actual type is FILE_ASN1_TYPE_ANY
+ $subvalue = new File_ASN1_Element($asn1->encodeDER($subvalue, $map));
+ }
+ }
+ }
+ break;
+ case 'id-ce-authorityKeyIdentifier': // use 00 as the serial number instead of an empty string
+ if (isset($value['authorityCertSerialNumber'])) {
+ if ($value['authorityCertSerialNumber']->toBytes() == '') {
+ $temp = chr((FILE_ASN1_CLASS_CONTEXT_SPECIFIC << 6) | 2) . "\1\0";
+ $value['authorityCertSerialNumber'] = new File_ASN1_Element($temp);
+ }
+ }
+ }
+
+ /* [extnValue] contains the DER encoding of an ASN.1 value
+ corresponding to the extension type identified by extnID */
+ $map = $this->_getMapping($id);
+ if (is_bool($map)) {
+ if (!$map) {
+ user_error($id . ' is not a currently supported extension');
+ unset($extensions[$i]);
+ }
+ } else {
+ $temp = $asn1->encodeDER($value, $map);
+ $value = base64_encode($temp);
+ }
+ }
+ }
+ }
+
+ /**
+ * Map attribute values from ANY type to attribute-specific internal
+ * format.
+ *
+ * @param Array ref $root
+ * @param String $path
+ * @param Object $asn1
+ * @access private
+ */
+ function _mapInAttributes(&$root, $path, $asn1)
+ {
+ $attributes = &$this->_subArray($root, $path);
+
+ if (is_array($attributes)) {
+ for ($i = 0; $i < count($attributes); $i++) {
+ $id = $attributes[$i]['type'];
+ /* $value contains the DER encoding of an ASN.1 value
+ corresponding to the attribute type identified by type */
+ $map = $this->_getMapping($id);
+ if (is_array($attributes[$i]['value'])) {
+ $values = &$attributes[$i]['value'];
+ for ($j = 0; $j < count($values); $j++) {
+ $value = $asn1->encodeDER($values[$j], $this->AttributeValue);
+ $decoded = $asn1->decodeBER($value);
+ if (!is_bool($map)) {
+ $mapped = $asn1->asn1map($decoded[0], $map);
+ if ($mapped !== false) {
+ $values[$j] = $mapped;
+ }
+ if ($id == 'pkcs-9-at-extensionRequest') {
+ $this->_mapInExtensions($values, $j, $asn1);
+ }
+ } elseif ($map) {
+ $values[$j] = base64_encode($value);
+ }
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Map attribute values from attribute-specific internal format to
+ * ANY type.
+ *
+ * @param Array ref $root
+ * @param String $path
+ * @param Object $asn1
+ * @access private
+ */
+ function _mapOutAttributes(&$root, $path, $asn1)
+ {
+ $attributes = &$this->_subArray($root, $path);
+
+ if (is_array($attributes)) {
+ $size = count($attributes);
+ for ($i = 0; $i < $size; $i++) {
+ /* [value] contains the DER encoding of an ASN.1 value
+ corresponding to the attribute type identified by type */
+ $id = $attributes[$i]['type'];
+ $map = $this->_getMapping($id);
+ if ($map === false) {
+ user_error($id . ' is not a currently supported attribute', E_USER_NOTICE);
+ unset($attributes[$i]);
+ }
+ elseif (is_array($attributes[$i]['value'])) {
+ $values = &$attributes[$i]['value'];
+ for ($j = 0; $j < count($values); $j++) {
+ switch ($id) {
+ case 'pkcs-9-at-extensionRequest':
+ $this->_mapOutExtensions($values, $j, $asn1);
+ break;
+ }
+
+ if (!is_bool($map)) {
+ $temp = $asn1->encodeDER($values[$j], $map);
+ $decoded = $asn1->decodeBER($temp);
+ $values[$j] = $asn1->asn1map($decoded[0], $this->AttributeValue);
+ }
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Associate an extension ID to an extension mapping
+ *
+ * @param String $extnId
+ * @access private
+ * @return Mixed
+ */
+ function _getMapping($extnId)
+ {
+ if (!is_string($extnId)) { // eg. if it's a File_ASN1_Element object
+ return true;
+ }
+
+ switch ($extnId) {
+ case 'id-ce-keyUsage':
+ return $this->KeyUsage;
+ case 'id-ce-basicConstraints':
+ return $this->BasicConstraints;
+ case 'id-ce-subjectKeyIdentifier':
+ return $this->KeyIdentifier;
+ case 'id-ce-cRLDistributionPoints':
+ return $this->CRLDistributionPoints;
+ case 'id-ce-authorityKeyIdentifier':
+ return $this->AuthorityKeyIdentifier;
+ case 'id-ce-certificatePolicies':
+ return $this->CertificatePolicies;
+ case 'id-ce-extKeyUsage':
+ return $this->ExtKeyUsageSyntax;
+ case 'id-pe-authorityInfoAccess':
+ return $this->AuthorityInfoAccessSyntax;
+ case 'id-ce-subjectAltName':
+ return $this->SubjectAltName;
+ case 'id-ce-privateKeyUsagePeriod':
+ return $this->PrivateKeyUsagePeriod;
+ case 'id-ce-issuerAltName':
+ return $this->IssuerAltName;
+ case 'id-ce-policyMappings':
+ return $this->PolicyMappings;
+ case 'id-ce-nameConstraints':
+ return $this->NameConstraints;
+
+ case 'netscape-cert-type':
+ return $this->netscape_cert_type;
+ case 'netscape-comment':
+ return $this->netscape_comment;
+ case 'netscape-ca-policy-url':
+ return $this->netscape_ca_policy_url;
+
+ // since id-qt-cps isn't a constructed type it will have already been decoded as a string by the time it gets
+ // back around to asn1map() and we don't want it decoded again.
+ //case 'id-qt-cps':
+ // return $this->CPSuri;
+ case 'id-qt-unotice':
+ return $this->UserNotice;
+
+ // the following OIDs are unsupported but we don't want them to give notices when calling saveX509().
+ case 'id-pe-logotype': // http://www.ietf.org/rfc/rfc3709.txt
+ case 'entrustVersInfo':
+ // http://support.microsoft.com/kb/287547
+ case '1.3.6.1.4.1.311.20.2': // szOID_ENROLL_CERTTYPE_EXTENSION
+ case '1.3.6.1.4.1.311.21.1': // szOID_CERTSRV_CA_VERSION
+ // "SET Secure Electronic Transaction Specification"
+ // http://www.maithean.com/docs/set_bk3.pdf
+ case '2.23.42.7.0': // id-set-hashedRootKey
+ return true;
+
+ // CSR attributes
+ case 'pkcs-9-at-unstructuredName':
+ return $this->PKCS9String;
+ case 'pkcs-9-at-challengePassword':
+ return $this->DirectoryString;
+ case 'pkcs-9-at-extensionRequest':
+ return $this->Extensions;
+
+ // CRL extensions.
+ case 'id-ce-cRLNumber':
+ return $this->CRLNumber;
+ case 'id-ce-deltaCRLIndicator':
+ return $this->CRLNumber;
+ case 'id-ce-issuingDistributionPoint':
+ return $this->IssuingDistributionPoint;
+ case 'id-ce-freshestCRL':
+ return $this->CRLDistributionPoints;
+ case 'id-ce-cRLReasons':
+ return $this->CRLReason;
+ case 'id-ce-invalidityDate':
+ return $this->InvalidityDate;
+ case 'id-ce-certificateIssuer':
+ return $this->CertificateIssuer;
+ case 'id-ce-holdInstructionCode':
+ return $this->HoldInstructionCode;
+ }
+
+ return false;
+ }
+
+ /**
+ * Load an X.509 certificate as a certificate authority
+ *
+ * @param String $cert
+ * @access public
+ * @return Boolean
+ */
+ function loadCA($cert)
+ {
+ $olddn = $this->dn;
+ $oldcert = $this->currentCert;
+ $oldsigsubj = $this->signatureSubject;
+ $oldkeyid = $this->currentKeyIdentifier;
+
+ $cert = $this->loadX509($cert);
+ if (!$cert) {
+ $this->dn = $olddn;
+ $this->currentCert = $oldcert;
+ $this->signatureSubject = $oldsigsubj;
+ $this->currentKeyIdentifier = $oldkeyid;
+
+ return false;
+ }
+
+ /* From RFC5280 "PKIX Certificate and CRL Profile":
+
+ If the keyUsage extension is present, then the subject public key
+ MUST NOT be used to verify signatures on certificates or CRLs unless
+ the corresponding keyCertSign or cRLSign bit is set. */
+ //$keyUsage = $this->getExtension('id-ce-keyUsage');
+ //if ($keyUsage && !in_array('keyCertSign', $keyUsage)) {
+ // return false;
+ //}
+
+ /* From RFC5280 "PKIX Certificate and CRL Profile":
+
+ The cA boolean indicates whether the certified public key may be used
+ to verify certificate signatures. If the cA boolean is not asserted,
+ then the keyCertSign bit in the key usage extension MUST NOT be
+ asserted. If the basic constraints extension is not present in a
+ version 3 certificate, or the extension is present but the cA boolean
+ is not asserted, then the certified public key MUST NOT be used to
+ verify certificate signatures. */
+ //$basicConstraints = $this->getExtension('id-ce-basicConstraints');
+ //if (!$basicConstraints || !$basicConstraints['cA']) {
+ // return false;
+ //}
+
+ $this->CAs[] = $cert;
+
+ $this->dn = $olddn;
+ $this->currentCert = $oldcert;
+ $this->signatureSubject = $oldsigsubj;
+
+ return true;
+ }
+
+ /**
+ * Validate an X.509 certificate against a URL
+ *
+ * From RFC2818 "HTTP over TLS":
+ *
+ * Matching is performed using the matching rules specified by
+ * [RFC2459]. If more than one identity of a given type is present in
+ * the certificate (e.g., more than one dNSName name, a match in any one
+ * of the set is considered acceptable.) Names may contain the wildcard
+ * character * which is considered to match any single domain name
+ * component or component fragment. E.g., *.a.com matches foo.a.com but
+ * not bar.foo.a.com. f*.com matches foo.com but not bar.com.
+ *
+ * @param String $url
+ * @access public
+ * @return Boolean
+ */
+ function validateURL($url)
+ {
+ if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) {
+ return false;
+ }
+
+ $components = parse_url($url);
+ if (!isset($components['host'])) {
+ return false;
+ }
+
+ if ($names = $this->getExtension('id-ce-subjectAltName')) {
+ foreach ($names as $key => $value) {
+ $value = str_replace(array('.', '*'), array('\.', '[^.]*'), $value);
+ switch ($key) {
+ case 'dNSName':
+ /* From RFC2818 "HTTP over TLS":
+
+ If a subjectAltName extension of type dNSName is present, that MUST
+ be used as the identity. Otherwise, the (most specific) Common Name
+ field in the Subject field of the certificate MUST be used. Although
+ the use of the Common Name is existing practice, it is deprecated and
+ Certification Authorities are encouraged to use the dNSName instead. */
+ if (preg_match('#^' . $value . '$#', $components['host'])) {
+ return true;
+ }
+ break;
+ case 'iPAddress':
+ /* From RFC2818 "HTTP over TLS":
+
+ In some cases, the URI is specified as an IP address rather than a
+ hostname. In this case, the iPAddress subjectAltName must be present
+ in the certificate and must exactly match the IP in the URI. */
+ if (preg_match('#(?:\d{1-3}\.){4}#', $components['host'] . '.') && preg_match('#^' . $value . '$#', $components['host'])) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ if ($value = $this->getDNProp('id-at-commonName')) {
+ $value = str_replace(array('.', '*'), array('\.', '[^.]*'), $value[0]);
+ return preg_match('#^' . $value . '$#', $components['host']);
+ }
+
+ return false;
+ }
+
+ /**
+ * Validate a date
+ *
+ * If $date isn't defined it is assumed to be the current date.
+ *
+ * @param Integer $date optional
+ * @access public
+ */
+ function validateDate($date = NULL)
+ {
+ if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) {
+ return false;
+ }
+
+ if (!isset($date)) {
+ $date = time();
+ }
+
+ $notBefore = $this->currentCert['tbsCertificate']['validity']['notBefore'];
+ $notBefore = isset($notBefore['generalTime']) ? $notBefore['generalTime'] : $notBefore['utcTime'];
+
+ $notAfter = $this->currentCert['tbsCertificate']['validity']['notAfter'];
+ $notAfter = isset($notAfter['generalTime']) ? $notAfter['generalTime'] : $notAfter['utcTime'];
+
+ switch (true) {
+ case $date < @strtotime($notBefore):
+ case $date > @strtotime($notAfter):
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Validate a signature
+ *
+ * Works on X.509 certs, CSR's and CRL's.
+ * Returns true if the signature is verified, false if it is not correct or NULL on error
+ *
+ * The behavior of this function is inspired by {@link http://php.net/openssl-verify openssl_verify}.
+ *
+ * @param Integer $options optional
+ * @access public
+ * @return Mixed
+ */
+ function validateSignature($options = 0)
+ {
+ if (!is_array($this->currentCert) || !isset($this->signatureSubject)) {
+ return 0;
+ }
+
+ /* TODO:
+ "emailAddress attribute values are not case-sensitive (e.g., "subscriber@example.com" is the same as "SUBSCRIBER@EXAMPLE.COM")."
+ -- http://tools.ietf.org/html/rfc5280#section-4.1.2.6
+
+ implement pathLenConstraint in the id-ce-basicConstraints extension */
+
+ switch (true) {
+ case isset($this->currentCert['tbsCertificate']):
+ // self-signed cert
+ if ($this->currentCert['tbsCertificate']['issuer'] === $this->currentCert['tbsCertificate']['subject']) {
+ $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier');
+ $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier');
+ switch (true) {
+ case !is_array($authorityKey):
+ case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID:
+ $signingCert = $this->currentCert; // working cert
+ }
+ }
+
+ if (!empty($this->CAs)) {
+ for ($i = 0; $i < count($this->CAs); $i++) {
+ // even if the cert is a self-signed one we still want to see if it's a CA;
+ // if not, we'll conditionally return an error
+ $ca = $this->CAs[$i];
+ if ($this->currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']) {
+ $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier');
+ $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca);
+ switch (true) {
+ case !is_array($authorityKey):
+ case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID:
+ $signingCert = $ca; // working cert
+ break 2;
+ }
+ }
+ }
+ if (count($this->CAs) == $i && ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
+ return false;
+ }
+ } elseif (!isset($signingCert) || ($options & FILE_X509_VALIDATE_SIGNATURE_BY_CA)) {
+ return false;
+ }
+ return $this->_validateSignature(
+ $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
+ $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'],
+ $this->currentCert['signatureAlgorithm']['algorithm'],
+ substr(base64_decode($this->currentCert['signature']), 1),
+ $this->signatureSubject
+ );
+ case isset($this->currentCert['certificationRequestInfo']):
+ return $this->_validateSignature(
+ $this->currentCert['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'],
+ $this->currentCert['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'],
+ $this->currentCert['signatureAlgorithm']['algorithm'],
+ substr(base64_decode($this->currentCert['signature']), 1),
+ $this->signatureSubject
+ );
+ case isset($this->currentCert['publicKeyAndChallenge']):
+ return $this->_validateSignature(
+ $this->currentCert['publicKeyAndChallenge']['spki']['algorithm']['algorithm'],
+ $this->currentCert['publicKeyAndChallenge']['spki']['subjectPublicKey'],
+ $this->currentCert['signatureAlgorithm']['algorithm'],
+ substr(base64_decode($this->currentCert['signature']), 1),
+ $this->signatureSubject
+ );
+ case isset($this->currentCert['tbsCertList']):
+ if (!empty($this->CAs)) {
+ for ($i = 0; $i < count($this->CAs); $i++) {
+ $ca = $this->CAs[$i];
+ if ($this->currentCert['tbsCertList']['issuer'] === $ca['tbsCertificate']['subject']) {
+ $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier');
+ $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca);
+ switch (true) {
+ case !is_array($authorityKey):
+ case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID:
+ $signingCert = $ca; // working cert
+ break 2;
+ }
+ }
+ }
+ }
+ if (!isset($signingCert)) {
+ return false;
+ }
+ return $this->_validateSignature(
+ $signingCert['tbsCertificate']['subjectPublicKeyInfo']['algorithm']['algorithm'],
+ $signingCert['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'],
+ $this->currentCert['signatureAlgorithm']['algorithm'],
+ substr(base64_decode($this->currentCert['signature']), 1),
+ $this->signatureSubject
+ );
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Validates a signature
+ *
+ * Returns true if the signature is verified, false if it is not correct or NULL on error
+ *
+ * @param String $publicKeyAlgorithm
+ * @param String $publicKey
+ * @param String $signatureAlgorithm
+ * @param String $signature
+ * @param String $signatureSubject
+ * @access private
+ * @return Integer
+ */
+ function _validateSignature($publicKeyAlgorithm, $publicKey, $signatureAlgorithm, $signature, $signatureSubject)
+ {
+ switch ($publicKeyAlgorithm) {
+ case 'rsaEncryption':
+ if (!class_exists('Crypt_RSA')) {
+ require_once('Crypt/RSA.php');
+ }
+ $rsa = new Crypt_RSA();
+ $rsa->loadKey($publicKey);
+
+ switch ($signatureAlgorithm) {
+ case 'md2WithRSAEncryption':
+ case 'md5WithRSAEncryption':
+ case 'sha1WithRSAEncryption':
+ case 'sha224WithRSAEncryption':
+ case 'sha256WithRSAEncryption':
+ case 'sha384WithRSAEncryption':
+ case 'sha512WithRSAEncryption':
+ $rsa->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm));
+ $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
+ if (!@$rsa->verify($signatureSubject, $signature)) {
+ return false;
+ }
+ break;
+ default:
+ return NULL;
+ }
+ break;
+ default:
+ return NULL;
+ }
+
+ return true;
+ }
+
+ /**
+ * Reformat public keys
+ *
+ * Reformats a public key to a format supported by phpseclib (if applicable)
+ *
+ * @param String $algorithm
+ * @param String $key
+ * @access private
+ * @return String
+ */
+ function _reformatKey($algorithm, $key)
+ {
+ switch ($algorithm) {
+ case 'rsaEncryption':
+ return
+ "-----BEGIN PUBLIC KEY-----\r\n" .
+ // subjectPublicKey is stored as a bit string in X.509 certs. the first byte of a bit string represents how many bits
+ // in the last byte should be ignored. the following only supports non-zero stuff but as none of the X.509 certs Firefox
+ // uses as a cert authority actually use a non-zero bit I think it's safe to assume that none do.
+ chunk_split(base64_encode(substr(base64_decode($key), 1)), 64) .
+ '-----END PUBLIC KEY-----';
+ default:
+ return $key;
+ }
+ }
+
+ /**
+ * "Normalizes" a Distinguished Name property
+ *
+ * @param String $propName
+ * @access private
+ * @return Mixed
+ */
+ function _translateDNProp($propName)
+ {
+ switch (strtolower($propName)) {
+ case 'id-at-countryname':
+ case 'countryname':
+ case 'c':
+ return 'id-at-countryName';
+ case 'id-at-organizationname':
+ case 'organizationname':
+ case 'o':
+ return 'id-at-organizationName';
+ case 'id-at-dnqualifier':
+ case 'dnqualifier':
+ return 'id-at-dnQualifier';
+ case 'id-at-commonname':
+ case 'commonname':
+ case 'cn':
+ return 'id-at-commonName';
+ case 'id-at-stateorprovinceName':
+ case 'stateorprovincename':
+ case 'state':
+ case 'province':
+ case 'provincename':
+ case 'st':
+ return 'id-at-stateOrProvinceName';
+ case 'id-at-localityname':
+ case 'localityname':
+ case 'l':
+ return 'id-at-localityName';
+ case 'id-emailaddress':
+ case 'emailaddress':
+ return 'pkcs-9-at-emailAddress';
+ case 'id-at-serialnumber':
+ case 'serialnumber':
+ return 'id-at-serialNumber';
+ case 'id-at-postalcode':
+ case 'postalcode':
+ return 'id-at-postalCode';
+ case 'id-at-streetaddress':
+ case 'streetaddress':
+ return 'id-at-streetAddress';
+ case 'id-at-name':
+ case 'name':
+ return 'id-at-name';
+ case 'id-at-givenname':
+ case 'givenname':
+ return 'id-at-givenName';
+ case 'id-at-surname':
+ case 'surname':
+ case 'sn':
+ return 'id-at-surname';
+ case 'id-at-initials':
+ case 'initials':
+ return 'id-at-initials';
+ case 'id-at-generationqualifier':
+ case 'generationqualifier':
+ return 'id-at-generationQualifier';
+ case 'id-at-organizationalunitname':
+ case 'organizationalunitname':
+ case 'ou':
+ return 'id-at-organizationalUnitName';
+ case 'id-at-pseudonym':
+ case 'pseudonym':
+ return 'id-at-pseudonym';
+ case 'id-at-title':
+ case 'title':
+ return 'id-at-title';
+ case 'id-at-description':
+ case 'description':
+ return 'id-at-description';
+ case 'id-at-role':
+ case 'role':
+ return 'id-at-role';
+ case 'id-at-uniqueidentifier':
+ case 'uniqueidentifier':
+ case 'x500uniqueidentifier':
+ return 'id-at-uniqueIdentifier';
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Set a Distinguished Name property
+ *
+ * @param String $propName
+ * @param Mixed $propValue
+ * @param String $type optional
+ * @access public
+ * @return Boolean
+ */
+ function setDNProp($propName, $propValue, $type = 'utf8String')
+ {
+ if (empty($this->dn)) {
+ $this->dn = array('rdnSequence' => array());
+ }
+
+ if (($propName = $this->_translateDNProp($propName)) === false) {
+ return false;
+ }
+
+ foreach ((array) $propValue as $v) {
+ if (!is_array($v) && isset($type)) {
+ $v = array($type => $v);
+ }
+ $this->dn['rdnSequence'][] = array(
+ array(
+ 'type' => $propName,
+ 'value'=> $v
+ )
+ );
+ }
+
+ return true;
+ }
+
+ /**
+ * Remove Distinguished Name properties
+ *
+ * @param String $propName
+ * @access public
+ */
+ function removeDNProp($propName)
+ {
+ if (empty($this->dn)) {
+ return;
+ }
+
+ if (($propName = $this->_translateDNProp($propName)) === false) {
+ return;
+ }
+
+ $dn = &$this->dn['rdnSequence'];
+ $size = count($dn);
+ for ($i = 0; $i < $size; $i++) {
+ if ($dn[$i][0]['type'] == $propName) {
+ unset($dn[$i]);
+ }
+ }
+
+ $dn = array_values($dn);
+ }
+
+ /**
+ * Get Distinguished Name properties
+ *
+ * @param String $propName
+ * @param Array $dn optional
+ * @param Boolean $withType optional
+ * @return Mixed
+ * @access public
+ */
+ function getDNProp($propName, $dn = NULL, $withType = false)
+ {
+ if (!isset($dn)) {
+ $dn = $this->dn;
+ }
+
+ if (empty($dn)) {
+ return false;
+ }
+
+ if (($propName = $this->_translateDNProp($propName)) === false) {
+ return false;
+ }
+
+ $dn = $dn['rdnSequence'];
+ $result = array();
+ $asn1 = new File_ASN1();
+ for ($i = 0; $i < count($dn); $i++) {
+ if ($dn[$i][0]['type'] == $propName) {
+ $v = $dn[$i][0]['value'];
+ if (!$withType && is_array($v)) {
+ foreach ($v as $type => $s) {
+ $type = array_search($type, $asn1->ANYmap, true);
+ if ($type !== false && isset($asn1->stringTypeSize[$type])) {
+ $s = $asn1->convert($s, $type);
+ if ($s !== false) {
+ $v = $s;
+ break;
+ }
+ }
+ }
+ if (is_array($v)) {
+ $v = array_pop($v); // Always strip data type.
+ }
+ }
+ $result[] = $v;
+ }
+ }
+
+ return $result;
+ }
+
+ /**
+ * Set a Distinguished Name
+ *
+ * @param Mixed $dn
+ * @param Boolean $merge optional
+ * @param String $type optional
+ * @access public
+ * @return Boolean
+ */
+ function setDN($dn, $merge = false, $type = 'utf8String')
+ {
+ if (!$merge) {
+ $this->dn = NULL;
+ }
+
+ if (is_array($dn)) {
+ if (isset($dn['rdnSequence'])) {
+ $this->dn = $dn; // No merge here.
+ return true;
+ }
+
+ // handles stuff generated by openssl_x509_parse()
+ foreach ($dn as $prop => $value) {
+ if (!$this->setDNProp($prop, $value, $type)) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ // handles everything else
+ $results = preg_split('#((?:^|, *|/)(?:C=|O=|OU=|CN=|L=|ST=|SN=|postalCode=|streetAddress=|emailAddress=|serialNumber=|organizationalUnitName=|title=|description=|role=|x500UniqueIdentifier=))#', $dn, -1, PREG_SPLIT_DELIM_CAPTURE);
+ for ($i = 1; $i < count($results); $i+=2) {
+ $prop = trim($results[$i], ', =/');
+ $value = $results[$i + 1];
+ if (!$this->setDNProp($prop, $value, $type)) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Get the Distinguished Name for a certificates subject
+ *
+ * @param Mixed $format optional
+ * @param Array $dn optional
+ * @access public
+ * @return Boolean
+ */
+ function getDN($format = FILE_X509_DN_ARRAY, $dn = NULL)
+ {
+ if (!isset($dn)) {
+ $dn = isset($this->currentCert['tbsCertList']) ? $this->currentCert['tbsCertList']['issuer'] : $this->dn;
+ }
+
+ switch ((int) $format) {
+ case FILE_X509_DN_ARRAY:
+ return $dn;
+ case FILE_X509_DN_ASN1:
+ $asn1 = new File_ASN1();
+ $asn1->loadOIDs($this->oids);
+ $filters = array();
+ $filters['rdnSequence']['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING);
+ $asn1->loadFilters($filters);
+ return $asn1->encodeDER($dn, $this->Name);
+ case FILE_X509_DN_OPENSSL:
+ $dn = $this->getDN(FILE_X509_DN_STRING, $dn);
+ if ($dn === false) {
+ return false;
+ }
+ $attrs = preg_split('#((?:^|, *|/)[a-z][a-z0-9]*=)#i', $dn, -1, PREG_SPLIT_DELIM_CAPTURE);
+ $dn = array();
+ for ($i = 1; $i < count($attrs); $i += 2) {
+ $prop = trim($attrs[$i], ', =/');
+ $value = $attrs[$i + 1];
+ if (!isset($dn[$prop])) {
+ $dn[$prop] = $value;
+ } else {
+ $dn[$prop] = array_merge((array) $dn[$prop], array($value));
+ }
+ }
+ return $dn;
+ case FILE_X509_DN_CANON:
+ // No SEQUENCE around RDNs and all string values normalized as
+ // trimmed lowercase UTF-8 with all spacing as one blank.
+ $asn1 = new File_ASN1();
+ $asn1->loadOIDs($this->oids);
+ $filters = array();
+ $filters['value'] = array('type' => FILE_ASN1_TYPE_UTF8_STRING);
+ $asn1->loadFilters($filters);
+ $result = '';
+ foreach ($dn['rdnSequence'] as $rdn) {
+ foreach ($rdn as &$attr) {
+ if (is_array($attr['value'])) {
+ foreach ($attr['value'] as $type => $v) {
+ $type = array_search($type, $asn1->ANYmap, true);
+ if ($type !== false && isset($asn1->stringTypeSize[$type])) {
+ $v = $asn1->convert($v, $type);
+ if ($v !== false) {
+ $v = preg_replace('/\s+/', ' ', $v);
+ $attr['value'] = strtolower(trim($v));
+ break;
+ }
+ }
+ }
+ }
+ }
+ $result .= $asn1->encodeDER($rdn, $this->RelativeDistinguishedName);
+ }
+ return $result;
+ case FILE_X509_DN_HASH:
+ $dn = $this->getDN(FILE_X509_DN_CANON, $dn);
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+ $hash = new Crypt_Hash('sha1');
+ $hash = $hash->hash($dn);
+ extract(unpack('Vhash', $hash));
+ return strtolower(bin2hex(pack('N', $hash)));
+ }
+
+ // Defaut is to return a string.
+ $start = true;
+ $output = '';
+ $asn1 = new File_ASN1();
+ foreach ($dn['rdnSequence'] as $field) {
+ $prop = $field[0]['type'];
+ $value = $field[0]['value'];
+
+ $delim = ', ';
+ switch ($prop) {
+ case 'id-at-countryName':
+ $desc = 'C=';
+ break;
+ case 'id-at-stateOrProvinceName':
+ $desc = 'ST=';
+ break;
+ case 'id-at-organizationName':
+ $desc = 'O=';
+ break;
+ case 'id-at-organizationalUnitName':
+ $desc = 'OU=';
+ break;
+ case 'id-at-commonName':
+ $desc = 'CN=';
+ break;
+ case 'id-at-localityName':
+ $desc = 'L=';
+ break;
+ case 'id-at-surname':
+ $desc = 'SN=';
+ break;
+ case 'id-at-uniqueIdentifier':
+ $delim = '/';
+ $desc = 'x500UniqueIdentifier=';
+ break;
+ default:
+ $delim = '/';
+ $desc = preg_replace('#.+-([^-]+)$#', '$1', $prop) . '=';
+ }
+
+ if (!$start) {
+ $output.= $delim;
+ }
+ if (is_array($value)) {
+ foreach ($value as $type => $v) {
+ $type = array_search($type, $asn1->ANYmap, true);
+ if ($type !== false && isset($asn1->stringTypeSize[$type])) {
+ $v = $asn1->convert($v, $type);
+ if ($v !== false) {
+ $value = $v;
+ break;
+ }
+ }
+ }
+ if (is_array($value)) {
+ $value = array_pop($value); // Always strip data type.
+ }
+ }
+ $output.= $desc . $value;
+ $start = false;
+ }
+
+ return $output;
+ }
+
+ /**
+ * Get the Distinguished Name for a certificate/crl issuer
+ *
+ * @param Integer $format optional
+ * @access public
+ * @return Mixed
+ */
+ function getIssuerDN($format = FILE_X509_DN_ARRAY)
+ {
+ switch (true) {
+ case !isset($this->currentCert) || !is_array($this->currentCert):
+ break;
+ case isset($this->currentCert['tbsCertificate']):
+ return $this->getDN($format, $this->currentCert['tbsCertificate']['issuer']);
+ case isset($this->currentCert['tbsCertList']):
+ return $this->getDN($format, $this->currentCert['tbsCertList']['issuer']);
+ }
+
+ return false;
+ }
+
+ /**
+ * Get the Distinguished Name for a certificate/csr subject
+ * Alias of getDN()
+ *
+ * @param Integer $format optional
+ * @access public
+ * @return Mixed
+ */
+ function getSubjectDN($format = FILE_X509_DN_ARRAY)
+ {
+ switch (true) {
+ case !empty($this->dn):
+ return $this->getDN($format);
+ case !isset($this->currentCert) || !is_array($this->currentCert):
+ break;
+ case isset($this->currentCert['tbsCertificate']):
+ return $this->getDN($format, $this->currentCert['tbsCertificate']['subject']);
+ case isset($this->currentCert['certificationRequestInfo']):
+ return $this->getDN($format, $this->currentCert['certificationRequestInfo']['subject']);
+ }
+
+ return false;
+ }
+
+ /**
+ * Get an individual Distinguished Name property for a certificate/crl issuer
+ *
+ * @param String $propName
+ * @param Boolean $withType optional
+ * @access public
+ * @return Mixed
+ */
+ function getIssuerDNProp($propName, $withType = false)
+ {
+ switch (true) {
+ case !isset($this->currentCert) || !is_array($this->currentCert):
+ break;
+ case isset($this->currentCert['tbsCertificate']):
+ return $this->getDNProp($propname, $this->currentCert['tbsCertificate']['issuer'], $withType);
+ case isset($this->currentCert['tbsCertList']):
+ return $this->getDNProp($propname, $this->currentCert['tbsCertList']['issuer'], $withType);
+ }
+
+ return false;
+ }
+
+ /**
+ * Get an individual Distinguished Name property for a certificate/csr subject
+ *
+ * @param String $propName
+ * @param Boolean $withType optional
+ * @access public
+ * @return Mixed
+ */
+ function getSubjectDNProp($propName, $withType = false)
+ {
+ switch (true) {
+ case !empty($this->dn):
+ return $this->getDNProp($propName, NULL, $withType);
+ case !isset($this->currentCert) || !is_array($this->currentCert):
+ break;
+ case isset($this->currentCert['tbsCertificate']):
+ return $this->getDNProp($propName, $this->currentCert['tbsCertificate']['subject'], $withType);
+ case isset($this->currentCert['certificationRequestInfo']):
+ return $this->getDNProp($propname, $this->currentCert['certificationRequestInfo']['subject'], $withType);
+ }
+
+ return false;
+ }
+
+ /**
+ * Get the certificate chain for the current cert
+ *
+ * @access public
+ * @return Mixed
+ */
+ function getChain()
+ {
+ $chain = array($this->currentCert);
+
+ if (!is_array($this->currentCert) || !isset($this->currentCert['tbsCertificate'])) {
+ return false;
+ }
+ if (empty($this->CAs)) {
+ return $chain;
+ }
+ while (true) {
+ $currentCert = $chain[count($chain) - 1];
+ for ($i = 0; $i < count($this->CAs); $i++) {
+ $ca = $this->CAs[$i];
+ if ($currentCert['tbsCertificate']['issuer'] === $ca['tbsCertificate']['subject']) {
+ $authorityKey = $this->getExtension('id-ce-authorityKeyIdentifier', $currentCert);
+ $subjectKeyID = $this->getExtension('id-ce-subjectKeyIdentifier', $ca);
+ switch (true) {
+ case !is_array($authorityKey):
+ case is_array($authorityKey) && isset($authorityKey['keyIdentifier']) && $authorityKey['keyIdentifier'] === $subjectKeyID:
+ if ($currentCert === $ca) {
+ break 3;
+ }
+ $chain[] = $ca;
+ break 2;
+ }
+ }
+ }
+ if ($i == count($this->CAs)) {
+ break;
+ }
+ }
+ foreach ($chain as $key=>$value) {
+ $chain[$key] = new File_X509();
+ $chain[$key]->loadX509($value);
+ }
+ return $chain;
+ }
+
+ /**
+ * Set public key
+ *
+ * Key needs to be a Crypt_RSA object
+ *
+ * @param Object $key
+ * @access public
+ * @return Boolean
+ */
+ function setPublicKey($key)
+ {
+ $this->publicKey = $key;
+ }
+
+ /**
+ * Set private key
+ *
+ * Key needs to be a Crypt_RSA object
+ *
+ * @param Object $key
+ * @access public
+ */
+ function setPrivateKey($key)
+ {
+ $this->privateKey = $key;
+ }
+
+ /**
+ * Gets the public key
+ *
+ * Returns a Crypt_RSA object or a false.
+ *
+ * @access public
+ * @return Mixed
+ */
+ function getPublicKey()
+ {
+ if (isset($this->publicKey)) {
+ return $this->publicKey;
+ }
+
+ if (isset($this->currentCert) && is_array($this->currentCert)) {
+ foreach (array('tbsCertificate/subjectPublicKeyInfo', 'certificationRequestInfo/subjectPKInfo') as $path) {
+ $keyinfo = $this->_subArray($this->currentCert, $path);
+ if (!empty($keyinfo)) {
+ break;
+ }
+ }
+ }
+ if (empty($keyinfo)) {
+ return false;
+ }
+
+ $key = $keyinfo['subjectPublicKey'];
+
+ switch ($keyinfo['algorithm']['algorithm']) {
+ case 'rsaEncryption':
+ if (!class_exists('Crypt_RSA')) {
+ require_once('Crypt/RSA.php');
+ }
+ $publicKey = new Crypt_RSA();
+ $publicKey->loadKey($key);
+ $publicKey->setPublicKey();
+ break;
+ default:
+ return false;
+ }
+
+ return $publicKey;
+ }
+
+ /**
+ * Load a Certificate Signing Request
+ *
+ * @param String $csr
+ * @access public
+ * @return Mixed
+ */
+ function loadCSR($csr)
+ {
+ if (is_array($csr) && isset($csr['certificationRequestInfo'])) {
+ unset($this->currentCert);
+ unset($this->currentKeyIdentifier);
+ unset($this->signatureSubject);
+ $this->dn = $csr['certificationRequestInfo']['subject'];
+ if (!isset($this->dn)) {
+ return false;
+ }
+
+ $this->currentCert = $csr;
+ return $csr;
+ }
+
+ // see http://tools.ietf.org/html/rfc2986
+
+ $asn1 = new File_ASN1();
+
+ $temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $csr);
+ $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
+ if ($temp != false) {
+ $csr = $temp;
+ }
+ $orig = $csr;
+
+ if ($csr === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $asn1->loadOIDs($this->oids);
+ $decoded = $asn1->decodeBER($csr);
+
+ if (empty($decoded)) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $csr = $asn1->asn1map($decoded[0], $this->CertificationRequest);
+ if (!isset($csr) || $csr === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $this->dn = $csr['certificationRequestInfo']['subject'];
+ $this->_mapInAttributes($csr, 'certificationRequestInfo/attributes', $asn1);
+
+ $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']);
+
+ $algorithm = &$csr['certificationRequestInfo']['subjectPKInfo']['algorithm']['algorithm'];
+ $key = &$csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'];
+ $key = $this->_reformatKey($algorithm, $key);
+
+ switch ($algorithm) {
+ case 'rsaEncryption':
+ if (!class_exists('Crypt_RSA')) {
+ require_once('Crypt/RSA.php');
+ }
+ $this->publicKey = new Crypt_RSA();
+ $this->publicKey->loadKey($key);
+ $this->publicKey->setPublicKey();
+ break;
+ default:
+ $this->publicKey = NULL;
+ }
+
+ $this->currentKeyIdentifier = NULL;
+ $this->currentCert = $csr;
+
+ return $csr;
+ }
+
+ /**
+ * Save CSR request
+ *
+ * @param Array $csr
+ * @param Integer $format optional
+ * @access public
+ * @return String
+ */
+ function saveCSR($csr, $format = FILE_X509_FORMAT_PEM)
+ {
+ if (!is_array($csr) || !isset($csr['certificationRequestInfo'])) {
+ return false;
+ }
+
+ switch (true) {
+ case !($algorithm = $this->_subArray($csr, 'certificationRequestInfo/subjectPKInfo/algorithm/algorithm')):
+ case is_object($csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']);
+ break;
+ default:
+ switch ($algorithm) {
+ case 'rsaEncryption':
+ $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'] =
+ base64_encode("\0" . base64_decode(preg_replace('#-.+-|[\r\n]#', '', $csr['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'])));
+ }
+ }
+
+ $asn1 = new File_ASN1();
+
+ $asn1->loadOIDs($this->oids);
+
+ $filters = array();
+ $filters['certificationRequestInfo']['subject']['rdnSequence']['value'] =
+ array('type' => FILE_ASN1_TYPE_UTF8_STRING);
+
+ $asn1->loadFilters($filters);
+
+ $this->_mapOutAttributes($csr, 'certificationRequestInfo/attributes', $asn1);
+ $csr = $asn1->encodeDER($csr, $this->CertificationRequest);
+
+ switch ($format) {
+ case FILE_X509_FORMAT_DER:
+ return $csr;
+ // case FILE_X509_FORMAT_PEM:
+ default:
+ return "-----BEGIN CERTIFICATE REQUEST-----\r\n" . chunk_split(base64_encode($csr), 64) . '-----END CERTIFICATE REQUEST-----';
+ }
+ }
+
+ /**
+ * Load a SPKAC CSR
+ *
+ * SPKAC's are produced by the HTML5 keygen element:
+ *
+ * https://developer.mozilla.org/en-US/docs/HTML/Element/keygen
+ *
+ * @param String $csr
+ * @access public
+ * @return Mixed
+ */
+ function loadSPKAC($csr)
+ {
+ if (is_array($csr) && isset($csr['publicKeyAndChallenge'])) {
+ unset($this->currentCert);
+ unset($this->currentKeyIdentifier);
+ unset($this->signatureSubject);
+ $this->currentCert = $csr;
+ return $csr;
+ }
+
+ // see http://www.w3.org/html/wg/drafts/html/master/forms.html#signedpublickeyandchallenge
+
+ $asn1 = new File_ASN1();
+
+ $temp = preg_replace('#(?:^[^=]+=)|[\r\n\\\]#', '', $csr);
+ $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
+ if ($temp != false) {
+ $csr = $temp;
+ }
+ $orig = $csr;
+
+ if ($csr === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $asn1->loadOIDs($this->oids);
+ $decoded = $asn1->decodeBER($csr);
+
+ if (empty($decoded)) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $csr = $asn1->asn1map($decoded[0], $this->SignedPublicKeyAndChallenge);
+
+ if (!isset($csr) || $csr === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']);
+
+ $algorithm = &$csr['publicKeyAndChallenge']['spki']['algorithm']['algorithm'];
+ $key = &$csr['publicKeyAndChallenge']['spki']['subjectPublicKey'];
+ $key = $this->_reformatKey($algorithm, $key);
+
+ switch ($algorithm) {
+ case 'rsaEncryption':
+ if (!class_exists('Crypt_RSA')) {
+ require_once('Crypt/RSA.php');
+ }
+ $this->publicKey = new Crypt_RSA();
+ $this->publicKey->loadKey($key);
+ $this->publicKey->setPublicKey();
+ break;
+ default:
+ $this->publicKey = NULL;
+ }
+
+ $this->currentKeyIdentifier = NULL;
+ $this->currentCert = $csr;
+
+ return $csr;
+ }
+
+ /**
+ * Load a Certificate Revocation List
+ *
+ * @param String $crl
+ * @access public
+ * @return Mixed
+ */
+ function loadCRL($crl)
+ {
+ if (is_array($crl) && isset($crl['tbsCertList'])) {
+ $this->currentCert = $crl;
+ unset($this->signatureSubject);
+ return $crl;
+ }
+
+ $asn1 = new File_ASN1();
+
+ $temp = preg_replace('#^(?:[^-].+[\r\n]+)+|-.+-|[\r\n]| #', '', $crl);
+ $temp = preg_match('#^[a-zA-Z\d/+]*={0,2}$#', $temp) ? base64_decode($temp) : false;
+ if ($temp != false) {
+ $crl = $temp;
+ }
+ $orig = $crl;
+
+ if ($crl === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $asn1->loadOIDs($this->oids);
+ $decoded = $asn1->decodeBER($crl);
+
+ if (empty($decoded)) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $crl = $asn1->asn1map($decoded[0], $this->CertificateList);
+ if (!isset($crl) || $crl === false) {
+ $this->currentCert = false;
+ return false;
+ }
+
+ $this->signatureSubject = substr($orig, $decoded[0]['content'][0]['start'], $decoded[0]['content'][0]['length']);
+
+ $this->_mapInExtensions($crl, 'tbsCertList/crlExtensions', $asn1);
+ $rclist = &$this->_subArray($crl,'tbsCertList/revokedCertificates');
+ if (is_array($rclist)) {
+ foreach ($rclist as $i => $extension) {
+ $this->_mapInExtensions($rclist, "$i/crlEntryExtensions", $asn1);
+ }
+ }
+
+ $this->currentKeyIdentifier = NULL;
+ $this->currentCert = $crl;
+
+ return $crl;
+ }
+
+ /**
+ * Save Certificate Revocation List.
+ *
+ * @param Array $crl
+ * @param Integer $format optional
+ * @access public
+ * @return String
+ */
+ function saveCRL($crl, $format = FILE_X509_FORMAT_PEM)
+ {
+ if (!is_array($crl) || !isset($crl['tbsCertList'])) {
+ return false;
+ }
+
+ $asn1 = new File_ASN1();
+
+ $asn1->loadOIDs($this->oids);
+
+ $filters = array();
+ $filters['tbsCertList']['issuer']['rdnSequence']['value'] =
+ $filters['tbsCertList']['signature']['parameters'] =
+ $filters['signatureAlgorithm']['parameters'] =
+ array('type' => FILE_ASN1_TYPE_UTF8_STRING);
+
+ if (empty($crl['tbsCertList']['signature']['parameters'])) {
+ $filters['tbsCertList']['signature']['parameters'] =
+ array('type' => FILE_ASN1_TYPE_NULL);
+ }
+
+ if (empty($crl['signatureAlgorithm']['parameters'])) {
+ $filters['signatureAlgorithm']['parameters'] =
+ array('type' => FILE_ASN1_TYPE_NULL);
+ }
+
+ $asn1->loadFilters($filters);
+
+ $this->_mapOutExtensions($crl, 'tbsCertList/crlExtensions', $asn1);
+ $rclist = &$this->_subArray($crl,'tbsCertList/revokedCertificates');
+ if (is_array($rclist)) {
+ foreach ($rclist as $i => $extension) {
+ $this->_mapOutExtensions($rclist, "$i/crlEntryExtensions", $asn1);
+ }
+ }
+
+ $crl = $asn1->encodeDER($crl, $this->CertificateList);
+
+ switch ($format) {
+ case FILE_X509_FORMAT_DER:
+ return $crl;
+ // case FILE_X509_FORMAT_PEM:
+ default:
+ return "-----BEGIN X509 CRL-----\r\n" . chunk_split(base64_encode($crl), 64) . '-----END X509 CRL-----';
+ }
+ }
+
+ /**
+ * Sign an X.509 certificate
+ *
+ * $issuer's private key needs to be loaded.
+ * $subject can be either an existing X.509 cert (if you want to resign it),
+ * a CSR or something with the DN and public key explicitly set.
+ *
+ * @param File_X509 $issuer
+ * @param File_X509 $subject
+ * @param String $signatureAlgorithm optional
+ * @access public
+ * @return Mixed
+ */
+ function sign($issuer, $subject, $signatureAlgorithm = 'sha1WithRSAEncryption')
+ {
+ if (!is_object($issuer->privateKey) || empty($issuer->dn)) {
+ return false;
+ }
+
+ if (isset($subject->publicKey) && !($subjectPublicKey = $subject->_formatSubjectPublicKey())) {
+ return false;
+ }
+
+ $currentCert = isset($this->currentCert) ? $this->currentCert : NULL;
+ $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: NULL;
+
+ if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertificate'])) {
+ $this->currentCert = $subject->currentCert;
+ $this->currentCert['tbsCertificate']['signature']['algorithm'] =
+ $this->currentCert['signatureAlgorithm']['algorithm'] =
+ $signatureAlgorithm;
+ if (!empty($this->startDate)) {
+ $this->currentCert['tbsCertificate']['validity']['notBefore']['generalTime'] = $this->startDate;
+ unset($this->currentCert['tbsCertificate']['validity']['notBefore']['utcTime']);
+ }
+ if (!empty($this->endDate)) {
+ $this->currentCert['tbsCertificate']['validity']['notAfter']['generalTime'] = $this->endDate;
+ unset($this->currentCert['tbsCertificate']['validity']['notAfter']['utcTime']);
+ }
+ if (!empty($this->serialNumber)) {
+ $this->currentCert['tbsCertificate']['serialNumber'] = $this->serialNumber;
+ }
+ if (!empty($subject->dn)) {
+ $this->currentCert['tbsCertificate']['subject'] = $subject->dn;
+ }
+ if (!empty($subject->publicKey)) {
+ $this->currentCert['tbsCertificate']['subjectPublicKeyInfo'] = $subjectPublicKey;
+ }
+ $this->removeExtension('id-ce-authorityKeyIdentifier');
+ if (isset($subject->domains)) {
+ $this->removeExtension('id-ce-subjectAltName');
+ }
+ } else if (isset($subject->currentCert) && is_array($subject->currentCert) && isset($subject->currentCert['tbsCertList'])) {
+ return false;
+ } else {
+ if (!isset($subject->publicKey)) {
+ return false;
+ }
+
+ $startDate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O');
+ $endDate = !empty($this->endDate) ? $this->endDate : @date('D, d M y H:i:s O', strtotime('+1 year'));
+ $serialNumber = !empty($this->serialNumber) ? $this->serialNumber : new Math_BigInteger();
+
+ $this->currentCert = array(
+ 'tbsCertificate' =>
+ array(
+ 'version' => 'v3',
+ 'serialNumber' => $serialNumber, // $this->setserialNumber()
+ 'signature' => array('algorithm' => $signatureAlgorithm),
+ 'issuer' => false, // this is going to be overwritten later
+ 'validity' => array(
+ 'notBefore' => array('generalTime' => $startDate), // $this->setStartDate()
+ 'notAfter' => array('generalTime' => $endDate) // $this->setEndDate()
+ ),
+ 'subject' => $subject->dn,
+ 'subjectPublicKeyInfo' => $subjectPublicKey
+ ),
+ 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),
+ 'signature' => false // this is going to be overwritten later
+ );
+
+ // Copy extensions from CSR.
+ $csrexts = $subject->getAttribute('pkcs-9-at-extensionRequest', 0);
+
+ if (!empty($csrexts)) {
+ $this->currentCert['tbsCertificate']['extensions'] = $csrexts;
+ }
+ }
+
+ $this->currentCert['tbsCertificate']['issuer'] = $issuer->dn;
+
+ if (isset($issuer->currentKeyIdentifier)) {
+ $this->setExtension('id-ce-authorityKeyIdentifier', array(
+ //'authorityCertIssuer' => array(
+ // array(
+ // 'directoryName' => $issuer->dn
+ // )
+ //),
+ 'keyIdentifier' => $issuer->currentKeyIdentifier
+ )
+ );
+ //$extensions = &$this->currentCert['tbsCertificate']['extensions'];
+ //if (isset($issuer->serialNumber)) {
+ // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber;
+ //}
+ //unset($extensions);
+ }
+
+ if (isset($subject->currentKeyIdentifier)) {
+ $this->setExtension('id-ce-subjectKeyIdentifier', $subject->currentKeyIdentifier);
+ }
+
+ if (isset($subject->domains) && count($subject->domains) > 1) {
+ $this->setExtension('id-ce-subjectAltName',
+ array_map(array('File_X509', '_dnsName'), $subject->domains));
+ }
+
+ if ($this->caFlag) {
+ $keyUsage = $this->getExtension('id-ce-keyUsage');
+ if (!$keyUsage) {
+ $keyUsage = array();
+ }
+
+ $this->setExtension('id-ce-keyUsage',
+ array_values(array_unique(array_merge($keyUsage, array('cRLSign', 'keyCertSign'))))
+ );
+
+ $basicConstraints = $this->getExtension('id-ce-basicConstraints');
+ if (!$basicConstraints) {
+ $basicConstraints = array();
+ }
+
+ $this->setExtension('id-ce-basicConstraints',
+ array_unique(array_merge(array('cA' => true), $basicConstraints)), true);
+
+ if (!isset($subject->currentKeyIdentifier)) {
+ $this->setExtension('id-ce-subjectKeyIdentifier', base64_encode($this->computeKeyIdentifier($this->currentCert)), false, false);
+ }
+ }
+
+ // resync $this->signatureSubject
+ // save $tbsCertificate in case there are any File_ASN1_Element objects in it
+ $tbsCertificate = $this->currentCert['tbsCertificate'];
+ $this->loadX509($this->saveX509($this->currentCert));
+
+ $result = $this->_sign($issuer->privateKey, $signatureAlgorithm);
+ $result['tbsCertificate'] = $tbsCertificate;
+
+ $this->currentCert = $currentCert;
+ $this->signatureSubject = $signatureSubject;
+
+ return $result;
+ }
+
+ /**
+ * Sign a CSR
+ *
+ * @access public
+ * @return Mixed
+ */
+ function signCSR($signatureAlgorithm = 'sha1WithRSAEncryption')
+ {
+ if (!is_object($this->privateKey) || empty($this->dn)) {
+ return false;
+ }
+
+ $origPublicKey = $this->publicKey;
+ $class = get_class($this->privateKey);
+ $this->publicKey = new $class();
+ $this->publicKey->loadKey($this->privateKey->getPublicKey());
+ $this->publicKey->setPublicKey();
+ if (!($publicKey = $this->_formatSubjectPublicKey())) {
+ return false;
+ }
+ $this->publicKey = $origPublicKey;
+
+ $currentCert = isset($this->currentCert) ? $this->currentCert : NULL;
+ $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject: NULL;
+
+ if (isset($this->currentCert) && is_array($this->currentCert) && isset($this->currentCert['certificationRequestInfo'])) {
+ $this->currentCert['signatureAlgorithm']['algorithm'] =
+ $signatureAlgorithm;
+ if (!empty($this->dn)) {
+ $this->currentCert['certificationRequestInfo']['subject'] = $this->dn;
+ }
+ $this->currentCert['certificationRequestInfo']['subjectPKInfo'] = $publicKey;
+ } else {
+ $this->currentCert = array(
+ 'certificationRequestInfo' =>
+ array(
+ 'version' => 'v1',
+ 'subject' => $this->dn,
+ 'subjectPKInfo' => $publicKey
+ ),
+ 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),
+ 'signature' => false // this is going to be overwritten later
+ );
+ }
+
+ // resync $this->signatureSubject
+ // save $certificationRequestInfo in case there are any File_ASN1_Element objects in it
+ $certificationRequestInfo = $this->currentCert['certificationRequestInfo'];
+ $this->loadCSR($this->saveCSR($this->currentCert));
+
+ $result = $this->_sign($this->privateKey, $signatureAlgorithm);
+ $result['certificationRequestInfo'] = $certificationRequestInfo;
+
+ $this->currentCert = $currentCert;
+ $this->signatureSubject = $signatureSubject;
+
+ return $result;
+ }
+
+ /**
+ * Sign a CRL
+ *
+ * $issuer's private key needs to be loaded.
+ *
+ * @param File_X509 $issuer
+ * @param File_X509 $crl
+ * @param String $signatureAlgorithm optional
+ * @access public
+ * @return Mixed
+ */
+ function signCRL($issuer, $crl, $signatureAlgorithm = 'sha1WithRSAEncryption')
+ {
+ if (!is_object($issuer->privateKey) || empty($issuer->dn)) {
+ return false;
+ }
+
+ $currentCert = isset($this->currentCert) ? $this->currentCert : NULL;
+ $signatureSubject = isset($this->signatureSubject) ? $this->signatureSubject : NULL;
+ $thisUpdate = !empty($this->startDate) ? $this->startDate : @date('D, d M y H:i:s O');
+
+ if (isset($crl->currentCert) && is_array($crl->currentCert) && isset($crl->currentCert['tbsCertList'])) {
+ $this->currentCert = $crl->currentCert;
+ $this->currentCert['tbsCertList']['signature']['algorithm'] = $signatureAlgorithm;
+ $this->currentCert['signatureAlgorithm']['algorithm'] = $signatureAlgorithm;
+ } else {
+ $this->currentCert = array(
+ 'tbsCertList' =>
+ array(
+ 'version' => 'v2',
+ 'signature' => array('algorithm' => $signatureAlgorithm),
+ 'issuer' => false, // this is going to be overwritten later
+ 'thisUpdate' => array('generalTime' => $thisUpdate) // $this->setStartDate()
+ ),
+ 'signatureAlgorithm' => array('algorithm' => $signatureAlgorithm),
+ 'signature' => false // this is going to be overwritten later
+ );
+ }
+
+ $tbsCertList = &$this->currentCert['tbsCertList'];
+ $tbsCertList['issuer'] = $issuer->dn;
+ $tbsCertList['thisUpdate'] = array('generalTime' => $thisUpdate);
+
+ if (!empty($this->endDate)) {
+ $tbsCertList['nextUpdate'] = array('generalTime' => $this->endDate); // $this->setEndDate()
+ } else {
+ unset($tbsCertList['nextUpdate']);
+ }
+
+ if (!empty($this->serialNumber)) {
+ $crlNumber = $this->serialNumber;
+ }
+ else {
+ $crlNumber = $this->getExtension('id-ce-cRLNumber');
+ $crlNumber = $crlNumber !== false ? $crlNumber->add(new Math_BigInteger(1)) : NULL;
+ }
+
+ $this->removeExtension('id-ce-authorityKeyIdentifier');
+ $this->removeExtension('id-ce-issuerAltName');
+
+ // Be sure version >= v2 if some extension found.
+ $version = isset($tbsCertList['version']) ? $tbsCertList['version'] : 0;
+ if (!$version) {
+ if (!empty($tbsCertList['crlExtensions'])) {
+ $version = 1; // v2.
+ }
+ elseif (!empty($tbsCertList['revokedCertificates'])) {
+ foreach ($tbsCertList['revokedCertificates'] as $cert) {
+ if (!empty($cert['crlEntryExtensions'])) {
+ $version = 1; // v2.
+ }
+ }
+ }
+
+ if ($version) {
+ $tbsCertList['version'] = $version;
+ }
+ }
+
+ // Store additional extensions.
+ if (!empty($tbsCertList['version'])) { // At least v2.
+ if (!empty($crlNumber)) {
+ $this->setExtension('id-ce-cRLNumber', $crlNumber);
+ }
+
+ if (isset($issuer->currentKeyIdentifier)) {
+ $this->setExtension('id-ce-authorityKeyIdentifier', array(
+ //'authorityCertIssuer' => array(
+ // array(
+ // 'directoryName' => $issuer->dn
+ // )
+ //),
+ 'keyIdentifier' => $issuer->currentKeyIdentifier
+ )
+ );
+ //$extensions = &$tbsCertList['crlExtensions'];
+ //if (isset($issuer->serialNumber)) {
+ // $extensions[count($extensions) - 1]['authorityCertSerialNumber'] = $issuer->serialNumber;
+ //}
+ //unset($extensions);
+ }
+
+ $issuerAltName = $this->getExtension('id-ce-subjectAltName', $issuer->currentCert);
+
+ if ($issuerAltName !== false) {
+ $this->setExtension('id-ce-issuerAltName', $issuerAltName);
+ }
+ }
+
+ if (empty($tbsCertList['revokedCertificates'])) {
+ unset($tbsCertList['revokedCertificates']);
+ }
+
+ unset($tbsCertList);
+
+ // resync $this->signatureSubject
+ // save $tbsCertList in case there are any File_ASN1_Element objects in it
+ $tbsCertList = $this->currentCert['tbsCertList'];
+ $this->loadCRL($this->saveCRL($this->currentCert));
+
+ $result = $this->_sign($issuer->privateKey, $signatureAlgorithm);
+ $result['tbsCertList'] = $tbsCertList;
+
+ $this->currentCert = $currentCert;
+ $this->signatureSubject = $signatureSubject;
+
+ return $result;
+ }
+
+ /**
+ * X.509 certificate signing helper function.
+ *
+ * @param Object $key
+ * @param File_X509 $subject
+ * @param String $signatureAlgorithm
+ * @access public
+ * @return Mixed
+ */
+ function _sign($key, $signatureAlgorithm)
+ {
+ switch (strtolower(get_class($key))) {
+ case 'crypt_rsa':
+ switch ($signatureAlgorithm) {
+ case 'md2WithRSAEncryption':
+ case 'md5WithRSAEncryption':
+ case 'sha1WithRSAEncryption':
+ case 'sha224WithRSAEncryption':
+ case 'sha256WithRSAEncryption':
+ case 'sha384WithRSAEncryption':
+ case 'sha512WithRSAEncryption':
+ $key->setHash(preg_replace('#WithRSAEncryption$#', '', $signatureAlgorithm));
+ $key->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
+
+ $this->currentCert['signature'] = base64_encode("\0" . $key->sign($this->signatureSubject));
+ return $this->currentCert;
+ }
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Set certificate start date
+ *
+ * @param String $date
+ * @access public
+ */
+ function setStartDate($date)
+ {
+ $this->startDate = @date('D, d M y H:i:s O', @strtotime($date));
+ }
+
+ /**
+ * Set certificate end date
+ *
+ * @param String $date
+ * @access public
+ */
+ function setEndDate($date)
+ {
+ /*
+ To indicate that a certificate has no well-defined expiration date,
+ the notAfter SHOULD be assigned the GeneralizedTime value of
+ 99991231235959Z.
+
+ -- http://tools.ietf.org/html/rfc5280#section-4.1.2.5
+ */
+ if (strtolower($date) == 'lifetime') {
+ $temp = '99991231235959Z';
+ $asn1 = new File_ASN1();
+ $temp = chr(FILE_ASN1_TYPE_GENERALIZED_TIME) . $asn1->_encodeLength(strlen($temp)) . $temp;
+ $this->endDate = new File_ASN1_Element($temp);
+ } else {
+ $this->endDate = @date('D, d M y H:i:s O', @strtotime($date));
+ }
+ }
+
+ /**
+ * Set Serial Number
+ *
+ * @param String $serial
+ * @param $base optional
+ * @access public
+ */
+ function setSerialNumber($serial, $base = -256)
+ {
+ $this->serialNumber = new Math_BigInteger($serial, $base);
+ }
+
+ /**
+ * Turns the certificate into a certificate authority
+ *
+ * @access public
+ */
+ function makeCA()
+ {
+ $this->caFlag = true;
+ }
+
+ /**
+ * Get a reference to a subarray
+ *
+ * @param array $root
+ * @param String $path absolute path with / as component separator
+ * @param Boolean $create optional
+ * @access private
+ * @return array item ref or false
+ */
+ function &_subArray(&$root, $path, $create = false)
+ {
+ $false = false;
+
+ if (!is_array($root)) {
+ return $false;
+ }
+
+ foreach (explode('/', $path) as $i) {
+ if (!is_array($root)) {
+ return $false;
+ }
+
+ if (!isset($root[$i])) {
+ if (!$create) {
+ return $false;
+ }
+
+ $root[$i] = array();
+ }
+
+ $root = &$root[$i];
+ }
+
+ return $root;
+ }
+
+ /**
+ * Get a reference to an extension subarray
+ *
+ * @param array $root
+ * @param String $path optional absolute path with / as component separator
+ * @param Boolean $create optional
+ * @access private
+ * @return array ref or false
+ */
+ function &_extensions(&$root, $path = NULL, $create = false)
+ {
+ if (!isset($root)) {
+ $root = $this->currentCert;
+ }
+
+ switch (true) {
+ case !empty($path):
+ case !is_array($root):
+ break;
+ case isset($root['tbsCertificate']):
+ $path = 'tbsCertificate/extensions';
+ break;
+ case isset($root['tbsCertList']):
+ $path = 'tbsCertList/crlExtensions';
+ break;
+ case isset($root['certificationRequestInfo']):
+ $pth = 'certificationRequestInfo/attributes';
+ $attributes = &$this->_subArray($root, $pth, $create);
+
+ if (is_array($attributes)) {
+ foreach ($attributes as $key => $value) {
+ if ($value['type'] == 'pkcs-9-at-extensionRequest') {
+ $path = "$pth/$key/value/0";
+ break 2;
+ }
+ }
+ if ($create) {
+ $key = count($attributes);
+ $attributes[] = array('type' => 'pkcs-9-at-extensionRequest', 'value' => array());
+ $path = "$pth/$key/value/0";
+ }
+ }
+ break;
+ }
+
+ $extensions = &$this->_subArray($root, $path, $create);
+
+ if (!is_array($extensions)) {
+ $false = false;
+ return $false;
+ }
+
+ return $extensions;
+ }
+
+ /**
+ * Remove an Extension
+ *
+ * @param String $id
+ * @param String $path optional
+ * @access private
+ * @return Boolean
+ */
+ function _removeExtension($id, $path = NULL)
+ {
+ $extensions = &$this->_extensions($this->currentCert, $path);
+
+ if (!is_array($extensions)) {
+ return false;
+ }
+
+ $result = false;
+ foreach ($extensions as $key => $value) {
+ if ($value['extnId'] == $id) {
+ unset($extensions[$key]);
+ $result = true;
+ }
+ }
+
+ $extensions = array_values($extensions);
+ return $result;
+ }
+
+ /**
+ * Get an Extension
+ *
+ * Returns the extension if it exists and false if not
+ *
+ * @param String $id
+ * @param Array $cert optional
+ * @param String $path optional
+ * @access private
+ * @return Mixed
+ */
+ function _getExtension($id, $cert = NULL, $path = NULL)
+ {
+ $extensions = $this->_extensions($cert, $path);
+
+ if (!is_array($extensions)) {
+ return false;
+ }
+
+ foreach ($extensions as $key => $value) {
+ if ($value['extnId'] == $id) {
+ return $value['extnValue'];
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Returns a list of all extensions in use
+ *
+ * @param array $cert optional
+ * @param String $path optional
+ * @access private
+ * @return Array
+ */
+ function _getExtensions($cert = NULL, $path = NULL)
+ {
+ $exts = $this->_extensions($cert, $path);
+ $extensions = array();
+
+ if (is_array($exts)) {
+ foreach ($exts as $extension) {
+ $extensions[] = $extension['extnId'];
+ }
+ }
+
+ return $extensions;
+ }
+
+ /**
+ * Set an Extension
+ *
+ * @param String $id
+ * @param Mixed $value
+ * @param Boolean $critical optional
+ * @param Boolean $replace optional
+ * @param String $path optional
+ * @access private
+ * @return Boolean
+ */
+ function _setExtension($id, $value, $critical = false, $replace = true, $path = NULL)
+ {
+ $extensions = &$this->_extensions($this->currentCert, $path, true);
+
+ if (!is_array($extensions)) {
+ return false;
+ }
+
+ $newext = array('extnId' => $id, 'critical' => $critical, 'extnValue' => $value);
+
+ foreach ($extensions as $key => $value) {
+ if ($value['extnId'] == $id) {
+ if (!$replace) {
+ return false;
+ }
+
+ $extensions[$key] = $newext;
+ return true;
+ }
+ }
+
+ $extensions[] = $newext;
+ return true;
+ }
+
+ /**
+ * Remove a certificate, CSR or CRL Extension
+ *
+ * @param String $id
+ * @access public
+ * @return Boolean
+ */
+ function removeExtension($id)
+ {
+ return $this->_removeExtension($id);
+ }
+
+ /**
+ * Get a certificate, CSR or CRL Extension
+ *
+ * Returns the extension if it exists and false if not
+ *
+ * @param String $id
+ * @param Array $cert optional
+ * @access public
+ * @return Mixed
+ */
+ function getExtension($id, $cert = NULL)
+ {
+ return $this->_getExtension($id, $cert);
+ }
+
+ /**
+ * Returns a list of all extensions in use in certificate, CSR or CRL
+ *
+ * @param array $cert optional
+ * @access public
+ * @return Array
+ */
+ function getExtensions($cert = NULL)
+ {
+ return $this->_getExtensions($cert);
+ }
+
+ /**
+ * Set a certificate, CSR or CRL Extension
+ *
+ * @param String $id
+ * @param Mixed $value
+ * @param Boolean $critical optional
+ * @param Boolean $replace optional
+ * @access public
+ * @return Boolean
+ */
+ function setExtension($id, $value, $critical = false, $replace = true)
+ {
+ return $this->_setExtension($id, $value, $critical, $replace);
+ }
+
+ /**
+ * Remove a CSR attribute.
+ *
+ * @param String $id
+ * @param Integer $disposition optional
+ * @access public
+ * @return Boolean
+ */
+ function removeAttribute($id, $disposition = FILE_X509_ATTR_ALL)
+ {
+ $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes');
+
+ if (!is_array($attributes)) {
+ return false;
+ }
+
+ $result = false;
+ foreach ($attributes as $key => $attribute) {
+ if ($attribute['type'] == $id) {
+ $n = count($attribute['value']);
+ switch (true) {
+ case $disposition == FILE_X509_ATTR_APPEND:
+ case $disposition == FILE_X509_ATTR_REPLACE:
+ return false;
+ case $disposition >= $n:
+ $disposition -= $n;
+ break;
+ case $disposition == FILE_X509_ATTR_ALL:
+ case $n == 1:
+ unset($attributes[$key]);
+ $result = true;
+ break;
+ default:
+ unset($attributes[$key]['value'][$disposition]);
+ $attributes[$key]['value'] = array_values($attributes[$key]['value']);
+ $result = true;
+ break;
+ }
+ if ($result && $disposition != FILE_X509_ATTR_ALL) {
+ break;
+ }
+ }
+ }
+
+ $attributes = array_values($attributes);
+ return $result;
+ }
+
+ /**
+ * Get a CSR attribute
+ *
+ * Returns the attribute if it exists and false if not
+ *
+ * @param String $id
+ * @param Integer $disposition optional
+ * @param Array $csr optional
+ * @access public
+ * @return Mixed
+ */
+ function getAttribute($id, $disposition = FILE_X509_ATTR_ALL, $csr = NULL)
+ {
+ if (empty($csr)) {
+ $csr = $this->currentCert;
+ }
+
+ $attributes = $this->_subArray($csr, 'certificationRequestInfo/attributes');
+
+ if (!is_array($attributes)) {
+ return false;
+ }
+
+ foreach ($attributes as $key => $attribute) {
+ if ($attribute['type'] == $id) {
+ $n = count($attribute['value']);
+ switch (true) {
+ case $disposition == FILE_X509_ATTR_APPEND:
+ case $disposition == FILE_X509_ATTR_REPLACE:
+ return false;
+ case $disposition == FILE_X509_ATTR_ALL:
+ return $attribute['value'];
+ case $disposition >= $n:
+ $disposition -= $n;
+ break;
+ default:
+ return $attribute['value'][$disposition];
+ }
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Returns a list of all CSR attributes in use
+ *
+ * @param array $csr optional
+ * @access public
+ * @return Array
+ */
+ function getAttributes($csr = NULL)
+ {
+ if (empty($csr)) {
+ $csr = $this->currentCert;
+ }
+
+ $attributes = $this->_subArray($csr, 'certificationRequestInfo/attributes');
+ $attrs = array();
+
+ if (is_array($attributes)) {
+ foreach ($attributes as $attribute) {
+ $attrs[] = $attribute['type'];
+ }
+ }
+
+ return $attrs;
+ }
+
+ /**
+ * Set a CSR attribute
+ *
+ * @param String $id
+ * @param Mixed $value
+ * @param Boolean $disposition optional
+ * @access public
+ * @return Boolean
+ */
+ function setAttribute($id, $value, $disposition = FILE_X509_ATTR_ALL)
+ {
+ $attributes = &$this->_subArray($this->currentCert, 'certificationRequestInfo/attributes', true);
+
+ if (!is_array($attributes)) {
+ return false;
+ }
+
+ switch ($disposition) {
+ case FILE_X509_ATTR_REPLACE:
+ $disposition = FILE_X509_ATTR_APPEND;
+ case FILE_X509_ATTR_ALL:
+ $this->removeAttribute($id);
+ break;
+ }
+
+ foreach ($attributes as $key => $attribute) {
+ if ($attribute['type'] == $id) {
+ $n = count($attribute['value']);
+ switch (true) {
+ case $disposition == FILE_X509_ATTR_APPEND:
+ $last = $key;
+ break;
+ case $disposition >= $n;
+ $disposition -= $n;
+ break;
+ default:
+ $attributes[$key]['value'][$disposition] = $value;
+ return true;
+ }
+ }
+ }
+
+ switch (true) {
+ case $disposition >= 0:
+ return false;
+ case isset($last):
+ $attributes[$last]['value'][] = $value;
+ break;
+ default:
+ $attributes[] = array('type' => $id, 'value' => $disposition == FILE_X509_ATTR_ALL ? $value: array($value));
+ break;
+ }
+
+ return true;
+ }
+
+ /**
+ * Sets the subject key identifier
+ *
+ * This is used by the id-ce-authorityKeyIdentifier and the id-ce-subjectKeyIdentifier extensions.
+ *
+ * @param String $value
+ * @access public
+ */
+ function setKeyIdentifier($value)
+ {
+ if (empty($value)) {
+ unset($this->currentKeyIdentifier);
+ } else {
+ $this->currentKeyIdentifier = base64_encode($value);
+ }
+ }
+
+ /**
+ * Compute a public key identifier.
+ *
+ * Although key identifiers may be set to any unique value, this function
+ * computes key identifiers from public key according to the two
+ * recommended methods (4.2.1.2 RFC 3280).
+ * Highly polymorphic: try to accept all possible forms of key:
+ * - Key object
+ * - File_X509 object with public or private key defined
+ * - Certificate or CSR array
+ * - File_ASN1_Element object
+ * - PEM or DER string
+ *
+ * @param Mixed $key optional
+ * @param Integer $method optional
+ * @access public
+ * @return String binary key identifier
+ */
+ function computeKeyIdentifier($key = NULL, $method = 1)
+ {
+ if (is_null($key)) {
+ $key = $this;
+ }
+
+ switch (true) {
+ case is_string($key):
+ break;
+ case is_array($key) && isset($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey']):
+ return $this->computeKeyIdentifier($key['tbsCertificate']['subjectPublicKeyInfo']['subjectPublicKey'], $method);
+ case is_array($key) && isset($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey']):
+ return $this->computeKeyIdentifier($key['certificationRequestInfo']['subjectPKInfo']['subjectPublicKey'], $method);
+ case !is_object($key):
+ return false;
+ case strtolower(get_class($key)) == 'file_asn1_element':
+ $asn1 = new File_ASN1();
+ $decoded = $asn1->decodeBER($cert);
+ if (empty($decoded)) {
+ return false;
+ }
+ $key = $asn1->asn1map($decoded[0], array('type' => FILE_ASN1_TYPE_BIT_STRING));
+ break;
+ case strtolower(get_class($key)) == 'file_x509':
+ if (isset($key->publicKey)) {
+ return $this->computeKeyIdentifier($key->publicKey, $method);
+ }
+ if (isset($key->privateKey)) {
+ return $this->computeKeyIdentifier($key->privateKey, $method);
+ }
+ if (isset($key->currentCert['tbsCertificate']) || isset($key->currentCert['certificationRequestInfo'])) {
+ return $this->computeKeyIdentifier($key->currentCert, $method);
+ }
+ return false;
+ default: // Should be a key object (i.e.: Crypt_RSA).
+ $key = $key->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW);
+ break;
+ }
+
+ // If in PEM format, convert to binary.
+ if (preg_match('#^-----BEGIN #', $key)) {
+ $key = base64_decode(preg_replace('#-.+-|[\r\n]#', '', $key));
+ }
+
+ // Now we have the key string: compute its sha-1 sum.
+ if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+ }
+ $hash = new Crypt_Hash('sha1');
+ $hash = $hash->hash($key);
+
+ if ($method == 2) {
+ $hash = substr($hash, -8);
+ $hash[0] = chr((ord($hash[0]) & 0x0F) | 0x40);
+ }
+
+ return $hash;
+ }
+
+ /**
+ * Format a public key as appropriate
+ *
+ * @access private
+ * @return Array
+ */
+ function _formatSubjectPublicKey()
+ {
+ if (!isset($this->publicKey) || !is_object($this->publicKey)) {
+ return false;
+ }
+
+ switch (strtolower(get_class($this->publicKey))) {
+ case 'crypt_rsa':
+ // the following two return statements do the same thing. i dunno.. i just prefer the later for some reason.
+ // the former is a good example of how to do fuzzing on the public key
+ //return new File_ASN1_Element(base64_decode(preg_replace('#-.+-|[\r\n]#', '', $this->publicKey->getPublicKey())));
+ return array(
+ 'algorithm' => array('algorithm' => 'rsaEncryption'),
+ 'subjectPublicKey' => $this->publicKey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_PKCS1_RAW)
+ );
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Set the domain name's which the cert is to be valid for
+ *
+ * @access public
+ * @return Array
+ */
+ function setDomain()
+ {
+ $this->domains = func_get_args();
+ $this->removeDNProp('id-at-commonName');
+ $this->setDNProp('id-at-commonName', $this->domains[0]);
+ }
+
+ /**
+ * Helper function to build domain array
+ *
+ * @access private
+ * @param String $domain
+ * @return Array
+ */
+ function _dnsName($domain)
+ {
+ return array('dNSName' => $domain);
+ }
+
+ /**
+ * Get the index of a revoked certificate.
+ *
+ * @param array $rclist
+ * @param String $serial
+ * @param Boolean $create optional
+ * @access private
+ * @return Integer or false
+ */
+ function _revokedCertificate(&$rclist, $serial, $create = false)
+ {
+ $serial = new Math_BigInteger($serial);
+
+ foreach ($rclist as $i => $rc) {
+ if (!($serial->compare($rc['userCertificate']))) {
+ return $i;
+ }
+ }
+
+ if (!$create) {
+ return false;
+ }
+
+ $i = count($rclist);
+ $rclist[] = array('userCertificate' => $serial,
+ 'revocationDate' => array('generalTime' => @date('D, d M y H:i:s O')));
+ return $i;
+ }
+
+ /**
+ * Revoke a certificate.
+ *
+ * @param String $serial
+ * @param String $date optional
+ * @access public
+ * @return Boolean
+ */
+ function revoke($serial, $date = NULL)
+ {
+ if (isset($this->currentCert['tbsCertList'])) {
+ if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) {
+ if ($this->_revokedCertificate($rclist, $serial) === false) { // If not yet revoked
+ if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) {
+
+ if (!empty($date)) {
+ $rclist[$i]['revocationDate'] = array('generalTime' => $date);
+ }
+
+ return true;
+ }
+ }
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Unrevoke a certificate.
+ *
+ * @param String $serial
+ * @access public
+ * @return Boolean
+ */
+ function unrevoke($serial)
+ {
+ if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) {
+ if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
+ unset($rclist[$i]);
+ $rclist = array_values($rclist);
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Get a revoked certificate.
+ *
+ * @param String $serial
+ * @access public
+ * @return Mixed
+ */
+ function getRevoked($serial)
+ {
+ if (is_array($rclist = $this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) {
+ if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
+ return $rclist[$i];
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * List revoked certificates
+ *
+ * @param array $crl optional
+ * @access public
+ * @return array
+ */
+ function listRevoked($crl = NULL)
+ {
+ if (!isset($crl)) {
+ $crl = $this->currentCert;
+ }
+
+ if (!isset($crl['tbsCertList'])) {
+ return false;
+ }
+
+ $result = array();
+
+ if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) {
+ foreach ($rclist as $rc) {
+ $result[] = $rc['userCertificate']->toString();
+ }
+ }
+
+ return $result;
+ }
+
+ /**
+ * Remove a Revoked Certificate Extension
+ *
+ * @param String $serial
+ * @param String $id
+ * @access public
+ * @return Boolean
+ */
+ function removeRevokedCertificateExtension($serial, $id)
+ {
+ if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates'))) {
+ if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
+ return $this->_removeExtension($id, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Get a Revoked Certificate Extension
+ *
+ * Returns the extension if it exists and false if not
+ *
+ * @param String $serial
+ * @param String $id
+ * @param Array $crl optional
+ * @access public
+ * @return Mixed
+ */
+ function getRevokedCertificateExtension($serial, $id, $crl = NULL)
+ {
+ if (!isset($crl)) {
+ $crl = $this->currentCert;
+ }
+
+ if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) {
+ if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
+ return $this->_getExtension($id, $crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Returns a list of all extensions in use for a given revoked certificate
+ *
+ * @param String $serial
+ * @param array $crl optional
+ * @access public
+ * @return Array
+ */
+ function getRevokedCertificateExtensions($serial, $crl = NULL)
+ {
+ if (!isset($crl)) {
+ $crl = $this->currentCert;
+ }
+
+ if (is_array($rclist = $this->_subArray($crl, 'tbsCertList/revokedCertificates'))) {
+ if (($i = $this->_revokedCertificate($rclist, $serial)) !== false) {
+ return $this->_getExtensions($crl, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Set a Revoked Certificate Extension
+ *
+ * @param String $serial
+ * @param String $id
+ * @param Mixed $value
+ * @param Boolean $critical optional
+ * @param Boolean $replace optional
+ * @access public
+ * @return Boolean
+ */
+ function setRevokedCertificateExtension($serial, $id, $value, $critical = false, $replace = true)
+ {
+ if (isset($this->currentCert['tbsCertList'])) {
+ if (is_array($rclist = &$this->_subArray($this->currentCert, 'tbsCertList/revokedCertificates', true))) {
+ if (($i = $this->_revokedCertificate($rclist, $serial, true)) !== false) {
+ return $this->_setExtension($id, $value, $critical, $replace, "tbsCertList/revokedCertificates/$i/crlEntryExtensions");
+ }
+ }
+ }
+
+ return false;
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Math/BigInteger.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Math/BigInteger.php
new file mode 100644
index 00000000000..d048cb032c5
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Math/BigInteger.php
@@ -0,0 +1,3633 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP arbitrary precision integer arithmetic library.
+ *
+ * Supports base-2, base-10, base-16, and base-256 numbers. Uses the GMP or BCMath extensions, if available,
+ * and an internal implementation, otherwise.
+ *
+ * PHP versions 4 and 5
+ *
+ * {@internal (all DocBlock comments regarding implementation - such as the one that follows - refer to the
+ * {@link MATH_BIGINTEGER_MODE_INTERNAL MATH_BIGINTEGER_MODE_INTERNAL} mode)
+ *
+ * Math_BigInteger uses base-2**26 to perform operations such as multiplication and division and
+ * base-2**52 (ie. two base 2**26 digits) to perform addition and subtraction. Because the largest possible
+ * value when multiplying two base-2**26 numbers together is a base-2**52 number, double precision floating
+ * point numbers - numbers that should be supported on most hardware and whose significand is 53 bits - are
+ * used. As a consequence, bitwise operators such as >> and << cannot be used, nor can the modulo operator %,
+ * which only supports integers. Although this fact will slow this library down, the fact that such a high
+ * base is being used should more than compensate.
+ *
+ * When PHP version 6 is officially released, we'll be able to use 64-bit integers. This should, once again,
+ * allow bitwise operators, and will increase the maximum possible base to 2**31 (or 2**62 for addition /
+ * subtraction).
+ *
+ * Numbers are stored in {@link http://en.wikipedia.org/wiki/Endianness little endian} format. ie.
+ * (new Math_BigInteger(pow(2, 26)))->value = array(0, 1)
+ *
+ * Useful resources are as follows:
+ *
+ * - {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf Handbook of Applied Cryptography (HAC)}
+ * - {@link http://math.libtomcrypt.com/files/tommath.pdf Multi-Precision Math (MPM)}
+ * - Java's BigInteger classes. See /j2se/src/share/classes/java/math in jdk-1_5_0-src-jrl.zip
+ *
+ * Here's an example of how to use this library:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger(2);
+ * $b = new Math_BigInteger(3);
+ *
+ * $c = $a->add($b);
+ *
+ * echo $c->toString(); // outputs 5
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Math
+ * @package Math_BigInteger
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVI Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: BigInteger.php,v 1.33 2010/03/22 22:32:03 terrafrost Exp $
+ * @link http://pear.php.net/package/Math_BigInteger
+ */
+
+/**#@+
+ * Reduction constants
+ *
+ * @access private
+ * @see Math_BigInteger::_reduce()
+ */
+/**
+ * @see Math_BigInteger::_montgomery()
+ * @see Math_BigInteger::_prepMontgomery()
+ */
+define('MATH_BIGINTEGER_MONTGOMERY', 0);
+/**
+ * @see Math_BigInteger::_barrett()
+ */
+define('MATH_BIGINTEGER_BARRETT', 1);
+/**
+ * @see Math_BigInteger::_mod2()
+ */
+define('MATH_BIGINTEGER_POWEROF2', 2);
+/**
+ * @see Math_BigInteger::_remainder()
+ */
+define('MATH_BIGINTEGER_CLASSIC', 3);
+/**
+ * @see Math_BigInteger::__clone()
+ */
+define('MATH_BIGINTEGER_NONE', 4);
+/**#@-*/
+
+/**#@+
+ * Array constants
+ *
+ * Rather than create a thousands and thousands of new Math_BigInteger objects in repeated function calls to add() and
+ * multiply() or whatever, we'll just work directly on arrays, taking them in as parameters and returning them.
+ *
+ * @access private
+ */
+/**
+ * $result[MATH_BIGINTEGER_VALUE] contains the value.
+ */
+define('MATH_BIGINTEGER_VALUE', 0);
+/**
+ * $result[MATH_BIGINTEGER_SIGN] contains the sign.
+ */
+define('MATH_BIGINTEGER_SIGN', 1);
+/**#@-*/
+
+/**#@+
+ * @access private
+ * @see Math_BigInteger::_montgomery()
+ * @see Math_BigInteger::_barrett()
+ */
+/**
+ * Cache constants
+ *
+ * $cache[MATH_BIGINTEGER_VARIABLE] tells us whether or not the cached data is still valid.
+ */
+define('MATH_BIGINTEGER_VARIABLE', 0);
+/**
+ * $cache[MATH_BIGINTEGER_DATA] contains the cached data.
+ */
+define('MATH_BIGINTEGER_DATA', 1);
+/**#@-*/
+
+/**#@+
+ * Mode constants.
+ *
+ * @access private
+ * @see Math_BigInteger::Math_BigInteger()
+ */
+/**
+ * To use the pure-PHP implementation
+ */
+define('MATH_BIGINTEGER_MODE_INTERNAL', 1);
+/**
+ * To use the BCMath library
+ *
+ * (if enabled; otherwise, the internal implementation will be used)
+ */
+define('MATH_BIGINTEGER_MODE_BCMATH', 2);
+/**
+ * To use the GMP library
+ *
+ * (if present; otherwise, either the BCMath or the internal implementation will be used)
+ */
+define('MATH_BIGINTEGER_MODE_GMP', 3);
+/**#@-*/
+
+/**
+ * The largest digit that may be used in addition / subtraction
+ *
+ * (we do pow(2, 52) instead of using 4503599627370496, directly, because some PHP installations
+ * will truncate 4503599627370496)
+ *
+ * @access private
+ */
+define('MATH_BIGINTEGER_MAX_DIGIT52', pow(2, 52));
+
+/**
+ * Karatsuba Cutoff
+ *
+ * At what point do we switch between Karatsuba multiplication and schoolbook long multiplication?
+ *
+ * @access private
+ */
+define('MATH_BIGINTEGER_KARATSUBA_CUTOFF', 25);
+
+/**
+ * Pure-PHP arbitrary precision integer arithmetic library. Supports base-2, base-10, base-16, and base-256
+ * numbers.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 1.0.0RC4
+ * @access public
+ * @package Math_BigInteger
+ */
+class Math_BigInteger {
+ /**
+ * Holds the BigInteger's value.
+ *
+ * @var Array
+ * @access private
+ */
+ var $value;
+
+ /**
+ * Holds the BigInteger's magnitude.
+ *
+ * @var Boolean
+ * @access private
+ */
+ var $is_negative = false;
+
+ /**
+ * Random number generator function
+ *
+ * @see setRandomGenerator()
+ * @access private
+ */
+ var $generator = 'mt_rand';
+
+ /**
+ * Precision
+ *
+ * @see setPrecision()
+ * @access private
+ */
+ var $precision = -1;
+
+ /**
+ * Precision Bitmask
+ *
+ * @see setPrecision()
+ * @access private
+ */
+ var $bitmask = false;
+
+ /**
+ * Mode independant value used for serialization.
+ *
+ * If the bcmath or gmp extensions are installed $this->value will be a non-serializable resource, hence the need for
+ * a variable that'll be serializable regardless of whether or not extensions are being used. Unlike $this->value,
+ * however, $this->hex is only calculated when $this->__sleep() is called.
+ *
+ * @see __sleep()
+ * @see __wakeup()
+ * @var String
+ * @access private
+ */
+ var $hex;
+
+ /**
+ * Converts base-2, base-10, base-16, and binary strings (eg. base-256) to BigIntegers.
+ *
+ * If the second parameter - $base - is negative, then it will be assumed that the number's are encoded using
+ * two's compliment. The sole exception to this is -10, which is treated the same as 10 is.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('0x32', 16); // 50 in base-16
+ *
+ * echo $a->toString(); // outputs 50
+ * ?>
+ * </code>
+ *
+ * @param optional $x base-10 number or base-$base number if $base set.
+ * @param optional integer $base
+ * @return Math_BigInteger
+ * @access public
+ */
+ function Math_BigInteger($x = 0, $base = 10)
+ {
+ if ( !defined('MATH_BIGINTEGER_MODE') ) {
+ switch (true) {
+ case extension_loaded('gmp'):
+ define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_GMP);
+ break;
+ case extension_loaded('bcmath'):
+ define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_BCMATH);
+ break;
+ default:
+ define('MATH_BIGINTEGER_MODE', MATH_BIGINTEGER_MODE_INTERNAL);
+ }
+ }
+
+ if (function_exists('openssl_public_encrypt') && !defined('MATH_BIGINTEGER_OPENSSL_DISABLE') && !defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) {
+ define('MATH_BIGINTEGER_OPENSSL_ENABLED', true);
+ }
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ if (is_resource($x) && get_resource_type($x) == 'GMP integer') {
+ $this->value = $x;
+ return;
+ }
+ $this->value = gmp_init(0);
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $this->value = '0';
+ break;
+ default:
+ $this->value = array();
+ }
+
+ // '0' counts as empty() but when the base is 256 '0' is equal to ord('0') or 48
+ // '0' is the only value like this per http://php.net/empty
+ if (empty($x) && (abs($base) != 256 || $x !== '0')) {
+ return;
+ }
+
+ switch ($base) {
+ case -256:
+ if (ord($x[0]) & 0x80) {
+ $x = ~$x;
+ $this->is_negative = true;
+ }
+ case 256:
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $sign = $this->is_negative ? '-' : '';
+ $this->value = gmp_init($sign . '0x' . bin2hex($x));
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ // round $len to the nearest 4 (thanks, DavidMJ!)
+ $len = (strlen($x) + 3) & 0xFFFFFFFC;
+
+ $x = str_pad($x, $len, chr(0), STR_PAD_LEFT);
+
+ for ($i = 0; $i < $len; $i+= 4) {
+ $this->value = bcmul($this->value, '4294967296', 0); // 4294967296 == 2**32
+ $this->value = bcadd($this->value, 0x1000000 * ord($x[$i]) + ((ord($x[$i + 1]) << 16) | (ord($x[$i + 2]) << 8) | ord($x[$i + 3])), 0);
+ }
+
+ if ($this->is_negative) {
+ $this->value = '-' . $this->value;
+ }
+
+ break;
+ // converts a base-2**8 (big endian / msb) number to base-2**26 (little endian / lsb)
+ default:
+ while (strlen($x)) {
+ $this->value[] = $this->_bytes2int($this->_base256_rshift($x, 26));
+ }
+ }
+
+ if ($this->is_negative) {
+ if (MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL) {
+ $this->is_negative = false;
+ }
+ $temp = $this->add(new Math_BigInteger('-1'));
+ $this->value = $temp->value;
+ }
+ break;
+ case 16:
+ case -16:
+ if ($base > 0 && $x[0] == '-') {
+ $this->is_negative = true;
+ $x = substr($x, 1);
+ }
+
+ $x = preg_replace('#^(?:0x)?([A-Fa-f0-9]*).*#', '$1', $x);
+
+ $is_negative = false;
+ if ($base < 0 && hexdec($x[0]) >= 8) {
+ $this->is_negative = $is_negative = true;
+ $x = bin2hex(~pack('H*', $x));
+ }
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = $this->is_negative ? '-0x' . $x : '0x' . $x;
+ $this->value = gmp_init($temp);
+ $this->is_negative = false;
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $x = ( strlen($x) & 1 ) ? '0' . $x : $x;
+ $temp = new Math_BigInteger(pack('H*', $x), 256);
+ $this->value = $this->is_negative ? '-' . $temp->value : $temp->value;
+ $this->is_negative = false;
+ break;
+ default:
+ $x = ( strlen($x) & 1 ) ? '0' . $x : $x;
+ $temp = new Math_BigInteger(pack('H*', $x), 256);
+ $this->value = $temp->value;
+ }
+
+ if ($is_negative) {
+ $temp = $this->add(new Math_BigInteger('-1'));
+ $this->value = $temp->value;
+ }
+ break;
+ case 10:
+ case -10:
+ $x = preg_replace('#^(-?[0-9]*).*#', '$1', $x);
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $this->value = gmp_init($x);
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ // explicitly casting $x to a string is necessary, here, since doing $x[0] on -1 yields different
+ // results then doing it on '-1' does (modInverse does $x[0])
+ $this->value = (string) $x;
+ break;
+ default:
+ $temp = new Math_BigInteger();
+
+ // array(10000000) is 10**7 in base-2**26. 10**7 is the closest to 2**26 we can get without passing it.
+ $multiplier = new Math_BigInteger();
+ $multiplier->value = array(10000000);
+
+ if ($x[0] == '-') {
+ $this->is_negative = true;
+ $x = substr($x, 1);
+ }
+
+ $x = str_pad($x, strlen($x) + (6 * strlen($x)) % 7, 0, STR_PAD_LEFT);
+
+ while (strlen($x)) {
+ $temp = $temp->multiply($multiplier);
+ $temp = $temp->add(new Math_BigInteger($this->_int2bytes(substr($x, 0, 7)), 256));
+ $x = substr($x, 7);
+ }
+
+ $this->value = $temp->value;
+ }
+ break;
+ case 2: // base-2 support originally implemented by Lluis Pamies - thanks!
+ case -2:
+ if ($base > 0 && $x[0] == '-') {
+ $this->is_negative = true;
+ $x = substr($x, 1);
+ }
+
+ $x = preg_replace('#^([01]*).*#', '$1', $x);
+ $x = str_pad($x, strlen($x) + (3 * strlen($x)) % 4, 0, STR_PAD_LEFT);
+
+ $str = '0x';
+ while (strlen($x)) {
+ $part = substr($x, 0, 4);
+ $str.= dechex(bindec($part));
+ $x = substr($x, 4);
+ }
+
+ if ($this->is_negative) {
+ $str = '-' . $str;
+ }
+
+ $temp = new Math_BigInteger($str, 8 * $base); // ie. either -16 or +16
+ $this->value = $temp->value;
+ $this->is_negative = $temp->is_negative;
+
+ break;
+ default:
+ // base not supported, so we'll let $this == 0
+ }
+ }
+
+ /**
+ * Converts a BigInteger to a byte string (eg. base-256).
+ *
+ * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
+ * saved as two's compliment.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('65');
+ *
+ * echo $a->toBytes(); // outputs chr(65)
+ * ?>
+ * </code>
+ *
+ * @param Boolean $twos_compliment
+ * @return String
+ * @access public
+ * @internal Converts a base-2**26 number to base-2**8
+ */
+ function toBytes($twos_compliment = false)
+ {
+ if ($twos_compliment) {
+ $comparison = $this->compare(new Math_BigInteger());
+ if ($comparison == 0) {
+ return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
+ }
+
+ $temp = $comparison < 0 ? $this->add(new Math_BigInteger(1)) : $this->copy();
+ $bytes = $temp->toBytes();
+
+ if (empty($bytes)) { // eg. if the number we're trying to convert is -1
+ $bytes = chr(0);
+ }
+
+ if (ord($bytes[0]) & 0x80) {
+ $bytes = chr(0) . $bytes;
+ }
+
+ return $comparison < 0 ? ~$bytes : $bytes;
+ }
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ if (gmp_cmp($this->value, gmp_init(0)) == 0) {
+ return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
+ }
+
+ $temp = gmp_strval(gmp_abs($this->value), 16);
+ $temp = ( strlen($temp) & 1 ) ? '0' . $temp : $temp;
+ $temp = pack('H*', $temp);
+
+ return $this->precision > 0 ?
+ substr(str_pad($temp, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
+ ltrim($temp, chr(0));
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ if ($this->value === '0') {
+ return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
+ }
+
+ $value = '';
+ $current = $this->value;
+
+ if ($current[0] == '-') {
+ $current = substr($current, 1);
+ }
+
+ while (bccomp($current, '0', 0) > 0) {
+ $temp = bcmod($current, '16777216');
+ $value = chr($temp >> 16) . chr($temp >> 8) . chr($temp) . $value;
+ $current = bcdiv($current, '16777216', 0);
+ }
+
+ return $this->precision > 0 ?
+ substr(str_pad($value, $this->precision >> 3, chr(0), STR_PAD_LEFT), -($this->precision >> 3)) :
+ ltrim($value, chr(0));
+ }
+
+ if (!count($this->value)) {
+ return $this->precision > 0 ? str_repeat(chr(0), ($this->precision + 1) >> 3) : '';
+ }
+ $result = $this->_int2bytes($this->value[count($this->value) - 1]);
+
+ $temp = $this->copy();
+
+ for ($i = count($temp->value) - 2; $i >= 0; --$i) {
+ $temp->_base256_lshift($result, 26);
+ $result = $result | str_pad($temp->_int2bytes($temp->value[$i]), strlen($result), chr(0), STR_PAD_LEFT);
+ }
+
+ return $this->precision > 0 ?
+ str_pad(substr($result, -(($this->precision + 7) >> 3)), ($this->precision + 7) >> 3, chr(0), STR_PAD_LEFT) :
+ $result;
+ }
+
+ /**
+ * Converts a BigInteger to a hex string (eg. base-16)).
+ *
+ * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
+ * saved as two's compliment.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('65');
+ *
+ * echo $a->toHex(); // outputs '41'
+ * ?>
+ * </code>
+ *
+ * @param Boolean $twos_compliment
+ * @return String
+ * @access public
+ * @internal Converts a base-2**26 number to base-2**8
+ */
+ function toHex($twos_compliment = false)
+ {
+ return bin2hex($this->toBytes($twos_compliment));
+ }
+
+ /**
+ * Converts a BigInteger to a bit string (eg. base-2).
+ *
+ * Negative numbers are saved as positive numbers, unless $twos_compliment is set to true, at which point, they're
+ * saved as two's compliment.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('65');
+ *
+ * echo $a->toBits(); // outputs '1000001'
+ * ?>
+ * </code>
+ *
+ * @param Boolean $twos_compliment
+ * @return String
+ * @access public
+ * @internal Converts a base-2**26 number to base-2**2
+ */
+ function toBits($twos_compliment = false)
+ {
+ $hex = $this->toHex($twos_compliment);
+ $bits = '';
+ for ($i = strlen($hex) - 8, $start = strlen($hex) & 7; $i >= $start; $i-=8) {
+ $bits = str_pad(decbin(hexdec(substr($hex, $i, 8))), 32, '0', STR_PAD_LEFT) . $bits;
+ }
+ if ($start) { // hexdec('') == 0
+ $bits = str_pad(decbin(hexdec(substr($hex, 0, $start))), 8, '0', STR_PAD_LEFT) . $bits;
+ }
+ $result = $this->precision > 0 ? substr($bits, -$this->precision) : ltrim($bits, '0');
+
+ if ($twos_compliment && $this->compare(new Math_BigInteger()) > 0 && $this->precision <= 0) {
+ return '0' . $result;
+ }
+
+ return $result;
+ }
+
+ /**
+ * Converts a BigInteger to a base-10 number.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('50');
+ *
+ * echo $a->toString(); // outputs 50
+ * ?>
+ * </code>
+ *
+ * @return String
+ * @access public
+ * @internal Converts a base-2**26 number to base-10**7 (which is pretty much base-10)
+ */
+ function toString()
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ return gmp_strval($this->value);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ if ($this->value === '0') {
+ return '0';
+ }
+
+ return ltrim($this->value, '0');
+ }
+
+ if (!count($this->value)) {
+ return '0';
+ }
+
+ $temp = $this->copy();
+ $temp->is_negative = false;
+
+ $divisor = new Math_BigInteger();
+ $divisor->value = array(10000000); // eg. 10**7
+ $result = '';
+ while (count($temp->value)) {
+ list($temp, $mod) = $temp->divide($divisor);
+ $result = str_pad(isset($mod->value[0]) ? $mod->value[0] : '', 7, '0', STR_PAD_LEFT) . $result;
+ }
+ $result = ltrim($result, '0');
+ if (empty($result)) {
+ $result = '0';
+ }
+
+ if ($this->is_negative) {
+ $result = '-' . $result;
+ }
+
+ return $result;
+ }
+
+ /**
+ * Copy an object
+ *
+ * PHP5 passes objects by reference while PHP4 passes by value. As such, we need a function to guarantee
+ * that all objects are passed by value, when appropriate. More information can be found here:
+ *
+ * {@link http://php.net/language.oop5.basic#51624}
+ *
+ * @access public
+ * @see __clone()
+ * @return Math_BigInteger
+ */
+ function copy()
+ {
+ $temp = new Math_BigInteger();
+ $temp->value = $this->value;
+ $temp->is_negative = $this->is_negative;
+ $temp->generator = $this->generator;
+ $temp->precision = $this->precision;
+ $temp->bitmask = $this->bitmask;
+ return $temp;
+ }
+
+ /**
+ * __toString() magic method
+ *
+ * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
+ * toString().
+ *
+ * @access public
+ * @internal Implemented per a suggestion by Techie-Michael - thanks!
+ */
+ function __toString()
+ {
+ return $this->toString();
+ }
+
+ /**
+ * __clone() magic method
+ *
+ * Although you can call Math_BigInteger::__toString() directly in PHP5, you cannot call Math_BigInteger::__clone()
+ * directly in PHP5. You can in PHP4 since it's not a magic method, but in PHP5, you have to call it by using the PHP5
+ * only syntax of $y = clone $x. As such, if you're trying to write an application that works on both PHP4 and PHP5,
+ * call Math_BigInteger::copy(), instead.
+ *
+ * @access public
+ * @see copy()
+ * @return Math_BigInteger
+ */
+ function __clone()
+ {
+ return $this->copy();
+ }
+
+ /**
+ * __sleep() magic method
+ *
+ * Will be called, automatically, when serialize() is called on a Math_BigInteger object.
+ *
+ * @see __wakeup()
+ * @access public
+ */
+ function __sleep()
+ {
+ $this->hex = $this->toHex(true);
+ $vars = array('hex');
+ if ($this->generator != 'mt_rand') {
+ $vars[] = 'generator';
+ }
+ if ($this->precision > 0) {
+ $vars[] = 'precision';
+ }
+ return $vars;
+
+ }
+
+ /**
+ * __wakeup() magic method
+ *
+ * Will be called, automatically, when unserialize() is called on a Math_BigInteger object.
+ *
+ * @see __sleep()
+ * @access public
+ */
+ function __wakeup()
+ {
+ $temp = new Math_BigInteger($this->hex, -16);
+ $this->value = $temp->value;
+ $this->is_negative = $temp->is_negative;
+ $this->setRandomGenerator($this->generator);
+ if ($this->precision > 0) {
+ // recalculate $this->bitmask
+ $this->setPrecision($this->precision);
+ }
+ }
+
+ /**
+ * Adds two BigIntegers.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('10');
+ * $b = new Math_BigInteger('20');
+ *
+ * $c = $a->add($b);
+ *
+ * echo $c->toString(); // outputs 30
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $y
+ * @return Math_BigInteger
+ * @access public
+ * @internal Performs base-2**52 addition
+ */
+ function add($y)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_add($this->value, $y->value);
+
+ return $this->_normalize($temp);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $temp = new Math_BigInteger();
+ $temp->value = bcadd($this->value, $y->value, 0);
+
+ return $this->_normalize($temp);
+ }
+
+ $temp = $this->_add($this->value, $this->is_negative, $y->value, $y->is_negative);
+
+ $result = new Math_BigInteger();
+ $result->value = $temp[MATH_BIGINTEGER_VALUE];
+ $result->is_negative = $temp[MATH_BIGINTEGER_SIGN];
+
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Performs addition.
+ *
+ * @param Array $x_value
+ * @param Boolean $x_negative
+ * @param Array $y_value
+ * @param Boolean $y_negative
+ * @return Array
+ * @access private
+ */
+ function _add($x_value, $x_negative, $y_value, $y_negative)
+ {
+ $x_size = count($x_value);
+ $y_size = count($y_value);
+
+ if ($x_size == 0) {
+ return array(
+ MATH_BIGINTEGER_VALUE => $y_value,
+ MATH_BIGINTEGER_SIGN => $y_negative
+ );
+ } else if ($y_size == 0) {
+ return array(
+ MATH_BIGINTEGER_VALUE => $x_value,
+ MATH_BIGINTEGER_SIGN => $x_negative
+ );
+ }
+
+ // subtract, if appropriate
+ if ( $x_negative != $y_negative ) {
+ if ( $x_value == $y_value ) {
+ return array(
+ MATH_BIGINTEGER_VALUE => array(),
+ MATH_BIGINTEGER_SIGN => false
+ );
+ }
+
+ $temp = $this->_subtract($x_value, false, $y_value, false);
+ $temp[MATH_BIGINTEGER_SIGN] = $this->_compare($x_value, false, $y_value, false) > 0 ?
+ $x_negative : $y_negative;
+
+ return $temp;
+ }
+
+ if ($x_size < $y_size) {
+ $size = $x_size;
+ $value = $y_value;
+ } else {
+ $size = $y_size;
+ $value = $x_value;
+ }
+
+ $value[] = 0; // just in case the carry adds an extra digit
+
+ $carry = 0;
+ for ($i = 0, $j = 1; $j < $size; $i+=2, $j+=2) {
+ $sum = $x_value[$j] * 0x4000000 + $x_value[$i] + $y_value[$j] * 0x4000000 + $y_value[$i] + $carry;
+ $carry = $sum >= MATH_BIGINTEGER_MAX_DIGIT52; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1
+ $sum = $carry ? $sum - MATH_BIGINTEGER_MAX_DIGIT52 : $sum;
+
+ $temp = (int) ($sum / 0x4000000);
+
+ $value[$i] = (int) ($sum - 0x4000000 * $temp); // eg. a faster alternative to fmod($sum, 0x4000000)
+ $value[$j] = $temp;
+ }
+
+ if ($j == $size) { // ie. if $y_size is odd
+ $sum = $x_value[$i] + $y_value[$i] + $carry;
+ $carry = $sum >= 0x4000000;
+ $value[$i] = $carry ? $sum - 0x4000000 : $sum;
+ ++$i; // ie. let $i = $j since we've just done $value[$i]
+ }
+
+ if ($carry) {
+ for (; $value[$i] == 0x3FFFFFF; ++$i) {
+ $value[$i] = 0;
+ }
+ ++$value[$i];
+ }
+
+ return array(
+ MATH_BIGINTEGER_VALUE => $this->_trim($value),
+ MATH_BIGINTEGER_SIGN => $x_negative
+ );
+ }
+
+ /**
+ * Subtracts two BigIntegers.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('10');
+ * $b = new Math_BigInteger('20');
+ *
+ * $c = $a->subtract($b);
+ *
+ * echo $c->toString(); // outputs -10
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $y
+ * @return Math_BigInteger
+ * @access public
+ * @internal Performs base-2**52 subtraction
+ */
+ function subtract($y)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_sub($this->value, $y->value);
+
+ return $this->_normalize($temp);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $temp = new Math_BigInteger();
+ $temp->value = bcsub($this->value, $y->value, 0);
+
+ return $this->_normalize($temp);
+ }
+
+ $temp = $this->_subtract($this->value, $this->is_negative, $y->value, $y->is_negative);
+
+ $result = new Math_BigInteger();
+ $result->value = $temp[MATH_BIGINTEGER_VALUE];
+ $result->is_negative = $temp[MATH_BIGINTEGER_SIGN];
+
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Performs subtraction.
+ *
+ * @param Array $x_value
+ * @param Boolean $x_negative
+ * @param Array $y_value
+ * @param Boolean $y_negative
+ * @return Array
+ * @access private
+ */
+ function _subtract($x_value, $x_negative, $y_value, $y_negative)
+ {
+ $x_size = count($x_value);
+ $y_size = count($y_value);
+
+ if ($x_size == 0) {
+ return array(
+ MATH_BIGINTEGER_VALUE => $y_value,
+ MATH_BIGINTEGER_SIGN => !$y_negative
+ );
+ } else if ($y_size == 0) {
+ return array(
+ MATH_BIGINTEGER_VALUE => $x_value,
+ MATH_BIGINTEGER_SIGN => $x_negative
+ );
+ }
+
+ // add, if appropriate (ie. -$x - +$y or +$x - -$y)
+ if ( $x_negative != $y_negative ) {
+ $temp = $this->_add($x_value, false, $y_value, false);
+ $temp[MATH_BIGINTEGER_SIGN] = $x_negative;
+
+ return $temp;
+ }
+
+ $diff = $this->_compare($x_value, $x_negative, $y_value, $y_negative);
+
+ if ( !$diff ) {
+ return array(
+ MATH_BIGINTEGER_VALUE => array(),
+ MATH_BIGINTEGER_SIGN => false
+ );
+ }
+
+ // switch $x and $y around, if appropriate.
+ if ( (!$x_negative && $diff < 0) || ($x_negative && $diff > 0) ) {
+ $temp = $x_value;
+ $x_value = $y_value;
+ $y_value = $temp;
+
+ $x_negative = !$x_negative;
+
+ $x_size = count($x_value);
+ $y_size = count($y_value);
+ }
+
+ // at this point, $x_value should be at least as big as - if not bigger than - $y_value
+
+ $carry = 0;
+ for ($i = 0, $j = 1; $j < $y_size; $i+=2, $j+=2) {
+ $sum = $x_value[$j] * 0x4000000 + $x_value[$i] - $y_value[$j] * 0x4000000 - $y_value[$i] - $carry;
+ $carry = $sum < 0; // eg. floor($sum / 2**52); only possible values (in any base) are 0 and 1
+ $sum = $carry ? $sum + MATH_BIGINTEGER_MAX_DIGIT52 : $sum;
+
+ $temp = (int) ($sum / 0x4000000);
+
+ $x_value[$i] = (int) ($sum - 0x4000000 * $temp);
+ $x_value[$j] = $temp;
+ }
+
+ if ($j == $y_size) { // ie. if $y_size is odd
+ $sum = $x_value[$i] - $y_value[$i] - $carry;
+ $carry = $sum < 0;
+ $x_value[$i] = $carry ? $sum + 0x4000000 : $sum;
+ ++$i;
+ }
+
+ if ($carry) {
+ for (; !$x_value[$i]; ++$i) {
+ $x_value[$i] = 0x3FFFFFF;
+ }
+ --$x_value[$i];
+ }
+
+ return array(
+ MATH_BIGINTEGER_VALUE => $this->_trim($x_value),
+ MATH_BIGINTEGER_SIGN => $x_negative
+ );
+ }
+
+ /**
+ * Multiplies two BigIntegers
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('10');
+ * $b = new Math_BigInteger('20');
+ *
+ * $c = $a->multiply($b);
+ *
+ * echo $c->toString(); // outputs 200
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $x
+ * @return Math_BigInteger
+ * @access public
+ */
+ function multiply($x)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_mul($this->value, $x->value);
+
+ return $this->_normalize($temp);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $temp = new Math_BigInteger();
+ $temp->value = bcmul($this->value, $x->value, 0);
+
+ return $this->_normalize($temp);
+ }
+
+ $temp = $this->_multiply($this->value, $this->is_negative, $x->value, $x->is_negative);
+
+ $product = new Math_BigInteger();
+ $product->value = $temp[MATH_BIGINTEGER_VALUE];
+ $product->is_negative = $temp[MATH_BIGINTEGER_SIGN];
+
+ return $this->_normalize($product);
+ }
+
+ /**
+ * Performs multiplication.
+ *
+ * @param Array $x_value
+ * @param Boolean $x_negative
+ * @param Array $y_value
+ * @param Boolean $y_negative
+ * @return Array
+ * @access private
+ */
+ function _multiply($x_value, $x_negative, $y_value, $y_negative)
+ {
+ //if ( $x_value == $y_value ) {
+ // return array(
+ // MATH_BIGINTEGER_VALUE => $this->_square($x_value),
+ // MATH_BIGINTEGER_SIGN => $x_sign != $y_value
+ // );
+ //}
+
+ $x_length = count($x_value);
+ $y_length = count($y_value);
+
+ if ( !$x_length || !$y_length ) { // a 0 is being multiplied
+ return array(
+ MATH_BIGINTEGER_VALUE => array(),
+ MATH_BIGINTEGER_SIGN => false
+ );
+ }
+
+ return array(
+ MATH_BIGINTEGER_VALUE => min($x_length, $y_length) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ?
+ $this->_trim($this->_regularMultiply($x_value, $y_value)) :
+ $this->_trim($this->_karatsuba($x_value, $y_value)),
+ MATH_BIGINTEGER_SIGN => $x_negative != $y_negative
+ );
+ }
+
+ /**
+ * Performs long multiplication on two BigIntegers
+ *
+ * Modeled after 'multiply' in MutableBigInteger.java.
+ *
+ * @param Array $x_value
+ * @param Array $y_value
+ * @return Array
+ * @access private
+ */
+ function _regularMultiply($x_value, $y_value)
+ {
+ $x_length = count($x_value);
+ $y_length = count($y_value);
+
+ if ( !$x_length || !$y_length ) { // a 0 is being multiplied
+ return array();
+ }
+
+ if ( $x_length < $y_length ) {
+ $temp = $x_value;
+ $x_value = $y_value;
+ $y_value = $temp;
+
+ $x_length = count($x_value);
+ $y_length = count($y_value);
+ }
+
+ $product_value = $this->_array_repeat(0, $x_length + $y_length);
+
+ // the following for loop could be removed if the for loop following it
+ // (the one with nested for loops) initially set $i to 0, but
+ // doing so would also make the result in one set of unnecessary adds,
+ // since on the outermost loops first pass, $product->value[$k] is going
+ // to always be 0
+
+ $carry = 0;
+
+ for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0
+ $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0
+ $carry = (int) ($temp / 0x4000000);
+ $product_value[$j] = (int) ($temp - 0x4000000 * $carry);
+ }
+
+ $product_value[$j] = $carry;
+
+ // the above for loop is what the previous comment was talking about. the
+ // following for loop is the "one with nested for loops"
+ for ($i = 1; $i < $y_length; ++$i) {
+ $carry = 0;
+
+ for ($j = 0, $k = $i; $j < $x_length; ++$j, ++$k) {
+ $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry;
+ $carry = (int) ($temp / 0x4000000);
+ $product_value[$k] = (int) ($temp - 0x4000000 * $carry);
+ }
+
+ $product_value[$k] = $carry;
+ }
+
+ return $product_value;
+ }
+
+ /**
+ * Performs Karatsuba multiplication on two BigIntegers
+ *
+ * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=120 MPM 5.2.3}.
+ *
+ * @param Array $x_value
+ * @param Array $y_value
+ * @return Array
+ * @access private
+ */
+ function _karatsuba($x_value, $y_value)
+ {
+ $m = min(count($x_value) >> 1, count($y_value) >> 1);
+
+ if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) {
+ return $this->_regularMultiply($x_value, $y_value);
+ }
+
+ $x1 = array_slice($x_value, $m);
+ $x0 = array_slice($x_value, 0, $m);
+ $y1 = array_slice($y_value, $m);
+ $y0 = array_slice($y_value, 0, $m);
+
+ $z2 = $this->_karatsuba($x1, $y1);
+ $z0 = $this->_karatsuba($x0, $y0);
+
+ $z1 = $this->_add($x1, false, $x0, false);
+ $temp = $this->_add($y1, false, $y0, false);
+ $z1 = $this->_karatsuba($z1[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_VALUE]);
+ $temp = $this->_add($z2, false, $z0, false);
+ $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false);
+
+ $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2);
+ $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]);
+
+ $xy = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]);
+ $xy = $this->_add($xy[MATH_BIGINTEGER_VALUE], $xy[MATH_BIGINTEGER_SIGN], $z0, false);
+
+ return $xy[MATH_BIGINTEGER_VALUE];
+ }
+
+ /**
+ * Performs squaring
+ *
+ * @param Array $x
+ * @return Array
+ * @access private
+ */
+ function _square($x = false)
+ {
+ return count($x) < 2 * MATH_BIGINTEGER_KARATSUBA_CUTOFF ?
+ $this->_trim($this->_baseSquare($x)) :
+ $this->_trim($this->_karatsubaSquare($x));
+ }
+
+ /**
+ * Performs traditional squaring on two BigIntegers
+ *
+ * Squaring can be done faster than multiplying a number by itself can be. See
+ * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=7 HAC 14.2.4} /
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=141 MPM 5.3} for more information.
+ *
+ * @param Array $value
+ * @return Array
+ * @access private
+ */
+ function _baseSquare($value)
+ {
+ if ( empty($value) ) {
+ return array();
+ }
+ $square_value = $this->_array_repeat(0, 2 * count($value));
+
+ for ($i = 0, $max_index = count($value) - 1; $i <= $max_index; ++$i) {
+ $i2 = $i << 1;
+
+ $temp = $square_value[$i2] + $value[$i] * $value[$i];
+ $carry = (int) ($temp / 0x4000000);
+ $square_value[$i2] = (int) ($temp - 0x4000000 * $carry);
+
+ // note how we start from $i+1 instead of 0 as we do in multiplication.
+ for ($j = $i + 1, $k = $i2 + 1; $j <= $max_index; ++$j, ++$k) {
+ $temp = $square_value[$k] + 2 * $value[$j] * $value[$i] + $carry;
+ $carry = (int) ($temp / 0x4000000);
+ $square_value[$k] = (int) ($temp - 0x4000000 * $carry);
+ }
+
+ // the following line can yield values larger 2**15. at this point, PHP should switch
+ // over to floats.
+ $square_value[$i + $max_index + 1] = $carry;
+ }
+
+ return $square_value;
+ }
+
+ /**
+ * Performs Karatsuba "squaring" on two BigIntegers
+ *
+ * See {@link http://en.wikipedia.org/wiki/Karatsuba_algorithm Karatsuba algorithm} and
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=151 MPM 5.3.4}.
+ *
+ * @param Array $value
+ * @return Array
+ * @access private
+ */
+ function _karatsubaSquare($value)
+ {
+ $m = count($value) >> 1;
+
+ if ($m < MATH_BIGINTEGER_KARATSUBA_CUTOFF) {
+ return $this->_baseSquare($value);
+ }
+
+ $x1 = array_slice($value, $m);
+ $x0 = array_slice($value, 0, $m);
+
+ $z2 = $this->_karatsubaSquare($x1);
+ $z0 = $this->_karatsubaSquare($x0);
+
+ $z1 = $this->_add($x1, false, $x0, false);
+ $z1 = $this->_karatsubaSquare($z1[MATH_BIGINTEGER_VALUE]);
+ $temp = $this->_add($z2, false, $z0, false);
+ $z1 = $this->_subtract($z1, false, $temp[MATH_BIGINTEGER_VALUE], false);
+
+ $z2 = array_merge(array_fill(0, 2 * $m, 0), $z2);
+ $z1[MATH_BIGINTEGER_VALUE] = array_merge(array_fill(0, $m, 0), $z1[MATH_BIGINTEGER_VALUE]);
+
+ $xx = $this->_add($z2, false, $z1[MATH_BIGINTEGER_VALUE], $z1[MATH_BIGINTEGER_SIGN]);
+ $xx = $this->_add($xx[MATH_BIGINTEGER_VALUE], $xx[MATH_BIGINTEGER_SIGN], $z0, false);
+
+ return $xx[MATH_BIGINTEGER_VALUE];
+ }
+
+ /**
+ * Divides two BigIntegers.
+ *
+ * Returns an array whose first element contains the quotient and whose second element contains the
+ * "common residue". If the remainder would be positive, the "common residue" and the remainder are the
+ * same. If the remainder would be negative, the "common residue" is equal to the sum of the remainder
+ * and the divisor (basically, the "common residue" is the first positive modulo).
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('10');
+ * $b = new Math_BigInteger('20');
+ *
+ * list($quotient, $remainder) = $a->divide($b);
+ *
+ * echo $quotient->toString(); // outputs 0
+ * echo "\r\n";
+ * echo $remainder->toString(); // outputs 10
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $y
+ * @return Array
+ * @access public
+ * @internal This function is based off of {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=9 HAC 14.20}.
+ */
+ function divide($y)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $quotient = new Math_BigInteger();
+ $remainder = new Math_BigInteger();
+
+ list($quotient->value, $remainder->value) = gmp_div_qr($this->value, $y->value);
+
+ if (gmp_sign($remainder->value) < 0) {
+ $remainder->value = gmp_add($remainder->value, gmp_abs($y->value));
+ }
+
+ return array($this->_normalize($quotient), $this->_normalize($remainder));
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $quotient = new Math_BigInteger();
+ $remainder = new Math_BigInteger();
+
+ $quotient->value = bcdiv($this->value, $y->value, 0);
+ $remainder->value = bcmod($this->value, $y->value);
+
+ if ($remainder->value[0] == '-') {
+ $remainder->value = bcadd($remainder->value, $y->value[0] == '-' ? substr($y->value, 1) : $y->value, 0);
+ }
+
+ return array($this->_normalize($quotient), $this->_normalize($remainder));
+ }
+
+ if (count($y->value) == 1) {
+ list($q, $r) = $this->_divide_digit($this->value, $y->value[0]);
+ $quotient = new Math_BigInteger();
+ $remainder = new Math_BigInteger();
+ $quotient->value = $q;
+ $remainder->value = array($r);
+ $quotient->is_negative = $this->is_negative != $y->is_negative;
+ return array($this->_normalize($quotient), $this->_normalize($remainder));
+ }
+
+ static $zero;
+ if ( !isset($zero) ) {
+ $zero = new Math_BigInteger();
+ }
+
+ $x = $this->copy();
+ $y = $y->copy();
+
+ $x_sign = $x->is_negative;
+ $y_sign = $y->is_negative;
+
+ $x->is_negative = $y->is_negative = false;
+
+ $diff = $x->compare($y);
+
+ if ( !$diff ) {
+ $temp = new Math_BigInteger();
+ $temp->value = array(1);
+ $temp->is_negative = $x_sign != $y_sign;
+ return array($this->_normalize($temp), $this->_normalize(new Math_BigInteger()));
+ }
+
+ if ( $diff < 0 ) {
+ // if $x is negative, "add" $y.
+ if ( $x_sign ) {
+ $x = $y->subtract($x);
+ }
+ return array($this->_normalize(new Math_BigInteger()), $this->_normalize($x));
+ }
+
+ // normalize $x and $y as described in HAC 14.23 / 14.24
+ $msb = $y->value[count($y->value) - 1];
+ for ($shift = 0; !($msb & 0x2000000); ++$shift) {
+ $msb <<= 1;
+ }
+ $x->_lshift($shift);
+ $y->_lshift($shift);
+ $y_value = &$y->value;
+
+ $x_max = count($x->value) - 1;
+ $y_max = count($y->value) - 1;
+
+ $quotient = new Math_BigInteger();
+ $quotient_value = &$quotient->value;
+ $quotient_value = $this->_array_repeat(0, $x_max - $y_max + 1);
+
+ static $temp, $lhs, $rhs;
+ if (!isset($temp)) {
+ $temp = new Math_BigInteger();
+ $lhs = new Math_BigInteger();
+ $rhs = new Math_BigInteger();
+ }
+ $temp_value = &$temp->value;
+ $rhs_value = &$rhs->value;
+
+ // $temp = $y << ($x_max - $y_max-1) in base 2**26
+ $temp_value = array_merge($this->_array_repeat(0, $x_max - $y_max), $y_value);
+
+ while ( $x->compare($temp) >= 0 ) {
+ // calculate the "common residue"
+ ++$quotient_value[$x_max - $y_max];
+ $x = $x->subtract($temp);
+ $x_max = count($x->value) - 1;
+ }
+
+ for ($i = $x_max; $i >= $y_max + 1; --$i) {
+ $x_value = &$x->value;
+ $x_window = array(
+ isset($x_value[$i]) ? $x_value[$i] : 0,
+ isset($x_value[$i - 1]) ? $x_value[$i - 1] : 0,
+ isset($x_value[$i - 2]) ? $x_value[$i - 2] : 0
+ );
+ $y_window = array(
+ $y_value[$y_max],
+ ( $y_max > 0 ) ? $y_value[$y_max - 1] : 0
+ );
+
+ $q_index = $i - $y_max - 1;
+ if ($x_window[0] == $y_window[0]) {
+ $quotient_value[$q_index] = 0x3FFFFFF;
+ } else {
+ $quotient_value[$q_index] = (int) (
+ ($x_window[0] * 0x4000000 + $x_window[1])
+ /
+ $y_window[0]
+ );
+ }
+
+ $temp_value = array($y_window[1], $y_window[0]);
+
+ $lhs->value = array($quotient_value[$q_index]);
+ $lhs = $lhs->multiply($temp);
+
+ $rhs_value = array($x_window[2], $x_window[1], $x_window[0]);
+
+ while ( $lhs->compare($rhs) > 0 ) {
+ --$quotient_value[$q_index];
+
+ $lhs->value = array($quotient_value[$q_index]);
+ $lhs = $lhs->multiply($temp);
+ }
+
+ $adjust = $this->_array_repeat(0, $q_index);
+ $temp_value = array($quotient_value[$q_index]);
+ $temp = $temp->multiply($y);
+ $temp_value = &$temp->value;
+ $temp_value = array_merge($adjust, $temp_value);
+
+ $x = $x->subtract($temp);
+
+ if ($x->compare($zero) < 0) {
+ $temp_value = array_merge($adjust, $y_value);
+ $x = $x->add($temp);
+
+ --$quotient_value[$q_index];
+ }
+
+ $x_max = count($x_value) - 1;
+ }
+
+ // unnormalize the remainder
+ $x->_rshift($shift);
+
+ $quotient->is_negative = $x_sign != $y_sign;
+
+ // calculate the "common residue", if appropriate
+ if ( $x_sign ) {
+ $y->_rshift($shift);
+ $x = $y->subtract($x);
+ }
+
+ return array($this->_normalize($quotient), $this->_normalize($x));
+ }
+
+ /**
+ * Divides a BigInteger by a regular integer
+ *
+ * abc / x = a00 / x + b0 / x + c / x
+ *
+ * @param Array $dividend
+ * @param Array $divisor
+ * @return Array
+ * @access private
+ */
+ function _divide_digit($dividend, $divisor)
+ {
+ $carry = 0;
+ $result = array();
+
+ for ($i = count($dividend) - 1; $i >= 0; --$i) {
+ $temp = 0x4000000 * $carry + $dividend[$i];
+ $result[$i] = (int) ($temp / $divisor);
+ $carry = (int) ($temp - $divisor * $result[$i]);
+ }
+
+ return array($result, $carry);
+ }
+
+ /**
+ * Performs modular exponentiation.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger('10');
+ * $b = new Math_BigInteger('20');
+ * $c = new Math_BigInteger('30');
+ *
+ * $c = $a->modPow($b, $c);
+ *
+ * echo $c->toString(); // outputs 10
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $e
+ * @param Math_BigInteger $n
+ * @return Math_BigInteger
+ * @access public
+ * @internal The most naive approach to modular exponentiation has very unreasonable requirements, and
+ * and although the approach involving repeated squaring does vastly better, it, too, is impractical
+ * for our purposes. The reason being that division - by far the most complicated and time-consuming
+ * of the basic operations (eg. +,-,*,/) - occurs multiple times within it.
+ *
+ * Modular reductions resolve this issue. Although an individual modular reduction takes more time
+ * then an individual division, when performed in succession (with the same modulo), they're a lot faster.
+ *
+ * The two most commonly used modular reductions are Barrett and Montgomery reduction. Montgomery reduction,
+ * although faster, only works when the gcd of the modulo and of the base being used is 1. In RSA, when the
+ * base is a power of two, the modulo - a product of two primes - is always going to have a gcd of 1 (because
+ * the product of two odd numbers is odd), but what about when RSA isn't used?
+ *
+ * In contrast, Barrett reduction has no such constraint. As such, some bigint implementations perform a
+ * Barrett reduction after every operation in the modpow function. Others perform Barrett reductions when the
+ * modulo is even and Montgomery reductions when the modulo is odd. BigInteger.java's modPow method, however,
+ * uses a trick involving the Chinese Remainder Theorem to factor the even modulo into two numbers - one odd and
+ * the other, a power of two - and recombine them, later. This is the method that this modPow function uses.
+ * {@link http://islab.oregonstate.edu/papers/j34monex.pdf Montgomery Reduction with Even Modulus} elaborates.
+ */
+ function modPow($e, $n)
+ {
+ $n = $this->bitmask !== false && $this->bitmask->compare($n) < 0 ? $this->bitmask : $n->abs();
+
+ if ($e->compare(new Math_BigInteger()) < 0) {
+ $e = $e->abs();
+
+ $temp = $this->modInverse($n);
+ if ($temp === false) {
+ return false;
+ }
+
+ return $this->_normalize($temp->modPow($e, $n));
+ }
+
+ if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP ) {
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_powm($this->value, $e->value, $n->value);
+
+ return $this->_normalize($temp);
+ }
+
+ if ($this->compare(new Math_BigInteger()) < 0 || $this->compare($n) > 0) {
+ list(, $temp) = $this->divide($n);
+ return $temp->modPow($e, $n);
+ }
+
+ if (defined('MATH_BIGINTEGER_OPENSSL_ENABLED')) {
+ $components = array(
+ 'modulus' => $n->toBytes(true),
+ 'publicExponent' => $e->toBytes(true)
+ );
+
+ $components = array(
+ 'modulus' => pack('Ca*a*', 2, $this->_encodeASN1Length(strlen($components['modulus'])), $components['modulus']),
+ 'publicExponent' => pack('Ca*a*', 2, $this->_encodeASN1Length(strlen($components['publicExponent'])), $components['publicExponent'])
+ );
+
+ $RSAPublicKey = pack('Ca*a*a*',
+ 48, $this->_encodeASN1Length(strlen($components['modulus']) + strlen($components['publicExponent'])),
+ $components['modulus'], $components['publicExponent']
+ );
+
+ $rsaOID = pack('H*', '300d06092a864886f70d0101010500'); // hex version of MA0GCSqGSIb3DQEBAQUA
+ $RSAPublicKey = chr(0) . $RSAPublicKey;
+ $RSAPublicKey = chr(3) . $this->_encodeASN1Length(strlen($RSAPublicKey)) . $RSAPublicKey;
+
+ $encapsulated = pack('Ca*a*',
+ 48, $this->_encodeASN1Length(strlen($rsaOID . $RSAPublicKey)), $rsaOID . $RSAPublicKey
+ );
+
+ $RSAPublicKey = "-----BEGIN PUBLIC KEY-----\r\n" .
+ chunk_split(base64_encode($encapsulated)) .
+ '-----END PUBLIC KEY-----';
+
+ $plaintext = str_pad($this->toBytes(), strlen($n->toBytes(true)) - 1, "\0", STR_PAD_LEFT);
+
+ if (openssl_public_encrypt($plaintext, $result, $RSAPublicKey, OPENSSL_NO_PADDING)) {
+ return new Math_BigInteger($result, 256);
+ }
+ }
+
+ if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
+ $temp = new Math_BigInteger();
+ $temp->value = bcpowmod($this->value, $e->value, $n->value, 0);
+
+ return $this->_normalize($temp);
+ }
+
+ if ( empty($e->value) ) {
+ $temp = new Math_BigInteger();
+ $temp->value = array(1);
+ return $this->_normalize($temp);
+ }
+
+ if ( $e->value == array(1) ) {
+ list(, $temp) = $this->divide($n);
+ return $this->_normalize($temp);
+ }
+
+ if ( $e->value == array(2) ) {
+ $temp = new Math_BigInteger();
+ $temp->value = $this->_square($this->value);
+ list(, $temp) = $temp->divide($n);
+ return $this->_normalize($temp);
+ }
+
+ return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_BARRETT));
+
+ // is the modulo odd?
+ if ( $n->value[0] & 1 ) {
+ return $this->_normalize($this->_slidingWindow($e, $n, MATH_BIGINTEGER_MONTGOMERY));
+ }
+ // if it's not, it's even
+
+ // find the lowest set bit (eg. the max pow of 2 that divides $n)
+ for ($i = 0; $i < count($n->value); ++$i) {
+ if ( $n->value[$i] ) {
+ $temp = decbin($n->value[$i]);
+ $j = strlen($temp) - strrpos($temp, '1') - 1;
+ $j+= 26 * $i;
+ break;
+ }
+ }
+ // at this point, 2^$j * $n/(2^$j) == $n
+
+ $mod1 = $n->copy();
+ $mod1->_rshift($j);
+ $mod2 = new Math_BigInteger();
+ $mod2->value = array(1);
+ $mod2->_lshift($j);
+
+ $part1 = ( $mod1->value != array(1) ) ? $this->_slidingWindow($e, $mod1, MATH_BIGINTEGER_MONTGOMERY) : new Math_BigInteger();
+ $part2 = $this->_slidingWindow($e, $mod2, MATH_BIGINTEGER_POWEROF2);
+
+ $y1 = $mod2->modInverse($mod1);
+ $y2 = $mod1->modInverse($mod2);
+
+ $result = $part1->multiply($mod2);
+ $result = $result->multiply($y1);
+
+ $temp = $part2->multiply($mod1);
+ $temp = $temp->multiply($y2);
+
+ $result = $result->add($temp);
+ list(, $result) = $result->divide($n);
+
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Performs modular exponentiation.
+ *
+ * Alias for Math_BigInteger::modPow()
+ *
+ * @param Math_BigInteger $e
+ * @param Math_BigInteger $n
+ * @return Math_BigInteger
+ * @access public
+ */
+ function powMod($e, $n)
+ {
+ return $this->modPow($e, $n);
+ }
+
+ /**
+ * Sliding Window k-ary Modular Exponentiation
+ *
+ * Based on {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=27 HAC 14.85} /
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=210 MPM 7.7}. In a departure from those algorithims,
+ * however, this function performs a modular reduction after every multiplication and squaring operation.
+ * As such, this function has the same preconditions that the reductions being used do.
+ *
+ * @param Math_BigInteger $e
+ * @param Math_BigInteger $n
+ * @param Integer $mode
+ * @return Math_BigInteger
+ * @access private
+ */
+ function _slidingWindow($e, $n, $mode)
+ {
+ static $window_ranges = array(7, 25, 81, 241, 673, 1793); // from BigInteger.java's oddModPow function
+ //static $window_ranges = array(0, 7, 36, 140, 450, 1303, 3529); // from MPM 7.3.1
+
+ $e_value = $e->value;
+ $e_length = count($e_value) - 1;
+ $e_bits = decbin($e_value[$e_length]);
+ for ($i = $e_length - 1; $i >= 0; --$i) {
+ $e_bits.= str_pad(decbin($e_value[$i]), 26, '0', STR_PAD_LEFT);
+ }
+
+ $e_length = strlen($e_bits);
+
+ // calculate the appropriate window size.
+ // $window_size == 3 if $window_ranges is between 25 and 81, for example.
+ for ($i = 0, $window_size = 1; $e_length > $window_ranges[$i] && $i < count($window_ranges); ++$window_size, ++$i);
+
+ $n_value = $n->value;
+
+ // precompute $this^0 through $this^$window_size
+ $powers = array();
+ $powers[1] = $this->_prepareReduce($this->value, $n_value, $mode);
+ $powers[2] = $this->_squareReduce($powers[1], $n_value, $mode);
+
+ // we do every other number since substr($e_bits, $i, $j+1) (see below) is supposed to end
+ // in a 1. ie. it's supposed to be odd.
+ $temp = 1 << ($window_size - 1);
+ for ($i = 1; $i < $temp; ++$i) {
+ $i2 = $i << 1;
+ $powers[$i2 + 1] = $this->_multiplyReduce($powers[$i2 - 1], $powers[2], $n_value, $mode);
+ }
+
+ $result = array(1);
+ $result = $this->_prepareReduce($result, $n_value, $mode);
+
+ for ($i = 0; $i < $e_length; ) {
+ if ( !$e_bits[$i] ) {
+ $result = $this->_squareReduce($result, $n_value, $mode);
+ ++$i;
+ } else {
+ for ($j = $window_size - 1; $j > 0; --$j) {
+ if ( !empty($e_bits[$i + $j]) ) {
+ break;
+ }
+ }
+
+ for ($k = 0; $k <= $j; ++$k) {// eg. the length of substr($e_bits, $i, $j+1)
+ $result = $this->_squareReduce($result, $n_value, $mode);
+ }
+
+ $result = $this->_multiplyReduce($result, $powers[bindec(substr($e_bits, $i, $j + 1))], $n_value, $mode);
+
+ $i+=$j + 1;
+ }
+ }
+
+ $temp = new Math_BigInteger();
+ $temp->value = $this->_reduce($result, $n_value, $mode);
+
+ return $temp;
+ }
+
+ /**
+ * Modular reduction
+ *
+ * For most $modes this will return the remainder.
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $n
+ * @param Integer $mode
+ * @return Array
+ */
+ function _reduce($x, $n, $mode)
+ {
+ switch ($mode) {
+ case MATH_BIGINTEGER_MONTGOMERY:
+ return $this->_montgomery($x, $n);
+ case MATH_BIGINTEGER_BARRETT:
+ return $this->_barrett($x, $n);
+ case MATH_BIGINTEGER_POWEROF2:
+ $lhs = new Math_BigInteger();
+ $lhs->value = $x;
+ $rhs = new Math_BigInteger();
+ $rhs->value = $n;
+ return $x->_mod2($n);
+ case MATH_BIGINTEGER_CLASSIC:
+ $lhs = new Math_BigInteger();
+ $lhs->value = $x;
+ $rhs = new Math_BigInteger();
+ $rhs->value = $n;
+ list(, $temp) = $lhs->divide($rhs);
+ return $temp->value;
+ case MATH_BIGINTEGER_NONE:
+ return $x;
+ default:
+ // an invalid $mode was provided
+ }
+ }
+
+ /**
+ * Modular reduction preperation
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $n
+ * @param Integer $mode
+ * @return Array
+ */
+ function _prepareReduce($x, $n, $mode)
+ {
+ if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
+ return $this->_prepMontgomery($x, $n);
+ }
+ return $this->_reduce($x, $n, $mode);
+ }
+
+ /**
+ * Modular multiply
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $y
+ * @param Array $n
+ * @param Integer $mode
+ * @return Array
+ */
+ function _multiplyReduce($x, $y, $n, $mode)
+ {
+ if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
+ return $this->_montgomeryMultiply($x, $y, $n);
+ }
+ $temp = $this->_multiply($x, false, $y, false);
+ return $this->_reduce($temp[MATH_BIGINTEGER_VALUE], $n, $mode);
+ }
+
+ /**
+ * Modular square
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $n
+ * @param Integer $mode
+ * @return Array
+ */
+ function _squareReduce($x, $n, $mode)
+ {
+ if ($mode == MATH_BIGINTEGER_MONTGOMERY) {
+ return $this->_montgomeryMultiply($x, $x, $n);
+ }
+ return $this->_reduce($this->_square($x), $n, $mode);
+ }
+
+ /**
+ * Modulos for Powers of Two
+ *
+ * Calculates $x%$n, where $n = 2**$e, for some $e. Since this is basically the same as doing $x & ($n-1),
+ * we'll just use this function as a wrapper for doing that.
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Math_BigInteger
+ * @return Math_BigInteger
+ */
+ function _mod2($n)
+ {
+ $temp = new Math_BigInteger();
+ $temp->value = array(1);
+ return $this->bitwise_and($n->subtract($temp));
+ }
+
+ /**
+ * Barrett Modular Reduction
+ *
+ * See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=14 HAC 14.3.3} /
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=165 MPM 6.2.5} for more information. Modified slightly,
+ * so as not to require negative numbers (initially, this script didn't support negative numbers).
+ *
+ * Employs "folding", as described at
+ * {@link http://www.cosic.esat.kuleuven.be/publications/thesis-149.pdf#page=66 thesis-149.pdf#page=66}. To quote from
+ * it, "the idea [behind folding] is to find a value x' such that x (mod m) = x' (mod m), with x' being smaller than x."
+ *
+ * Unfortunately, the "Barrett Reduction with Folding" algorithm described in thesis-149.pdf is not, as written, all that
+ * usable on account of (1) its not using reasonable radix points as discussed in
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=162 MPM 6.2.2} and (2) the fact that, even with reasonable
+ * radix points, it only works when there are an even number of digits in the denominator. The reason for (2) is that
+ * (x >> 1) + (x >> 1) != x / 2 + x / 2. If x is even, they're the same, but if x is odd, they're not. See the in-line
+ * comments for details.
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $n
+ * @param Array $m
+ * @return Array
+ */
+ function _barrett($n, $m)
+ {
+ static $cache = array(
+ MATH_BIGINTEGER_VARIABLE => array(),
+ MATH_BIGINTEGER_DATA => array()
+ );
+
+ $m_length = count($m);
+
+ // if ($this->_compare($n, $this->_square($m)) >= 0) {
+ if (count($n) > 2 * $m_length) {
+ $lhs = new Math_BigInteger();
+ $rhs = new Math_BigInteger();
+ $lhs->value = $n;
+ $rhs->value = $m;
+ list(, $temp) = $lhs->divide($rhs);
+ return $temp->value;
+ }
+
+ // if (m.length >> 1) + 2 <= m.length then m is too small and n can't be reduced
+ if ($m_length < 5) {
+ return $this->_regularBarrett($n, $m);
+ }
+
+ // n = 2 * m.length
+
+ if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
+ $key = count($cache[MATH_BIGINTEGER_VARIABLE]);
+ $cache[MATH_BIGINTEGER_VARIABLE][] = $m;
+
+ $lhs = new Math_BigInteger();
+ $lhs_value = &$lhs->value;
+ $lhs_value = $this->_array_repeat(0, $m_length + ($m_length >> 1));
+ $lhs_value[] = 1;
+ $rhs = new Math_BigInteger();
+ $rhs->value = $m;
+
+ list($u, $m1) = $lhs->divide($rhs);
+ $u = $u->value;
+ $m1 = $m1->value;
+
+ $cache[MATH_BIGINTEGER_DATA][] = array(
+ 'u' => $u, // m.length >> 1 (technically (m.length >> 1) + 1)
+ 'm1'=> $m1 // m.length
+ );
+ } else {
+ extract($cache[MATH_BIGINTEGER_DATA][$key]);
+ }
+
+ $cutoff = $m_length + ($m_length >> 1);
+ $lsd = array_slice($n, 0, $cutoff); // m.length + (m.length >> 1)
+ $msd = array_slice($n, $cutoff); // m.length >> 1
+ $lsd = $this->_trim($lsd);
+ $temp = $this->_multiply($msd, false, $m1, false);
+ $n = $this->_add($lsd, false, $temp[MATH_BIGINTEGER_VALUE], false); // m.length + (m.length >> 1) + 1
+
+ if ($m_length & 1) {
+ return $this->_regularBarrett($n[MATH_BIGINTEGER_VALUE], $m);
+ }
+
+ // (m.length + (m.length >> 1) + 1) - (m.length - 1) == (m.length >> 1) + 2
+ $temp = array_slice($n[MATH_BIGINTEGER_VALUE], $m_length - 1);
+ // if even: ((m.length >> 1) + 2) + (m.length >> 1) == m.length + 2
+ // if odd: ((m.length >> 1) + 2) + (m.length >> 1) == (m.length - 1) + 2 == m.length + 1
+ $temp = $this->_multiply($temp, false, $u, false);
+ // if even: (m.length + 2) - ((m.length >> 1) + 1) = m.length - (m.length >> 1) + 1
+ // if odd: (m.length + 1) - ((m.length >> 1) + 1) = m.length - (m.length >> 1)
+ $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], ($m_length >> 1) + 1);
+ // if even: (m.length - (m.length >> 1) + 1) + m.length = 2 * m.length - (m.length >> 1) + 1
+ // if odd: (m.length - (m.length >> 1)) + m.length = 2 * m.length - (m.length >> 1)
+ $temp = $this->_multiply($temp, false, $m, false);
+
+ // at this point, if m had an odd number of digits, we'd be subtracting a 2 * m.length - (m.length >> 1) digit
+ // number from a m.length + (m.length >> 1) + 1 digit number. ie. there'd be an extra digit and the while loop
+ // following this comment would loop a lot (hence our calling _regularBarrett() in that situation).
+
+ $result = $this->_subtract($n[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false);
+
+ while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false) >= 0) {
+ $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $m, false);
+ }
+
+ return $result[MATH_BIGINTEGER_VALUE];
+ }
+
+ /**
+ * (Regular) Barrett Modular Reduction
+ *
+ * For numbers with more than four digits Math_BigInteger::_barrett() is faster. The difference between that and this
+ * is that this function does not fold the denominator into a smaller form.
+ *
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $n
+ * @return Array
+ */
+ function _regularBarrett($x, $n)
+ {
+ static $cache = array(
+ MATH_BIGINTEGER_VARIABLE => array(),
+ MATH_BIGINTEGER_DATA => array()
+ );
+
+ $n_length = count($n);
+
+ if (count($x) > 2 * $n_length) {
+ $lhs = new Math_BigInteger();
+ $rhs = new Math_BigInteger();
+ $lhs->value = $x;
+ $rhs->value = $n;
+ list(, $temp) = $lhs->divide($rhs);
+ return $temp->value;
+ }
+
+ if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
+ $key = count($cache[MATH_BIGINTEGER_VARIABLE]);
+ $cache[MATH_BIGINTEGER_VARIABLE][] = $n;
+ $lhs = new Math_BigInteger();
+ $lhs_value = &$lhs->value;
+ $lhs_value = $this->_array_repeat(0, 2 * $n_length);
+ $lhs_value[] = 1;
+ $rhs = new Math_BigInteger();
+ $rhs->value = $n;
+ list($temp, ) = $lhs->divide($rhs); // m.length
+ $cache[MATH_BIGINTEGER_DATA][] = $temp->value;
+ }
+
+ // 2 * m.length - (m.length - 1) = m.length + 1
+ $temp = array_slice($x, $n_length - 1);
+ // (m.length + 1) + m.length = 2 * m.length + 1
+ $temp = $this->_multiply($temp, false, $cache[MATH_BIGINTEGER_DATA][$key], false);
+ // (2 * m.length + 1) - (m.length - 1) = m.length + 2
+ $temp = array_slice($temp[MATH_BIGINTEGER_VALUE], $n_length + 1);
+
+ // m.length + 1
+ $result = array_slice($x, 0, $n_length + 1);
+ // m.length + 1
+ $temp = $this->_multiplyLower($temp, false, $n, false, $n_length + 1);
+ // $temp == array_slice($temp->_multiply($temp, false, $n, false)->value, 0, $n_length + 1)
+
+ if ($this->_compare($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]) < 0) {
+ $corrector_value = $this->_array_repeat(0, $n_length + 1);
+ $corrector_value[] = 1;
+ $result = $this->_add($result, false, $corrector, false);
+ $result = $result[MATH_BIGINTEGER_VALUE];
+ }
+
+ // at this point, we're subtracting a number with m.length + 1 digits from another number with m.length + 1 digits
+ $result = $this->_subtract($result, false, $temp[MATH_BIGINTEGER_VALUE], $temp[MATH_BIGINTEGER_SIGN]);
+ while ($this->_compare($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false) > 0) {
+ $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], $result[MATH_BIGINTEGER_SIGN], $n, false);
+ }
+
+ return $result[MATH_BIGINTEGER_VALUE];
+ }
+
+ /**
+ * Performs long multiplication up to $stop digits
+ *
+ * If you're going to be doing array_slice($product->value, 0, $stop), some cycles can be saved.
+ *
+ * @see _regularBarrett()
+ * @param Array $x_value
+ * @param Boolean $x_negative
+ * @param Array $y_value
+ * @param Boolean $y_negative
+ * @return Array
+ * @access private
+ */
+ function _multiplyLower($x_value, $x_negative, $y_value, $y_negative, $stop)
+ {
+ $x_length = count($x_value);
+ $y_length = count($y_value);
+
+ if ( !$x_length || !$y_length ) { // a 0 is being multiplied
+ return array(
+ MATH_BIGINTEGER_VALUE => array(),
+ MATH_BIGINTEGER_SIGN => false
+ );
+ }
+
+ if ( $x_length < $y_length ) {
+ $temp = $x_value;
+ $x_value = $y_value;
+ $y_value = $temp;
+
+ $x_length = count($x_value);
+ $y_length = count($y_value);
+ }
+
+ $product_value = $this->_array_repeat(0, $x_length + $y_length);
+
+ // the following for loop could be removed if the for loop following it
+ // (the one with nested for loops) initially set $i to 0, but
+ // doing so would also make the result in one set of unnecessary adds,
+ // since on the outermost loops first pass, $product->value[$k] is going
+ // to always be 0
+
+ $carry = 0;
+
+ for ($j = 0; $j < $x_length; ++$j) { // ie. $i = 0, $k = $i
+ $temp = $x_value[$j] * $y_value[0] + $carry; // $product_value[$k] == 0
+ $carry = (int) ($temp / 0x4000000);
+ $product_value[$j] = (int) ($temp - 0x4000000 * $carry);
+ }
+
+ if ($j < $stop) {
+ $product_value[$j] = $carry;
+ }
+
+ // the above for loop is what the previous comment was talking about. the
+ // following for loop is the "one with nested for loops"
+
+ for ($i = 1; $i < $y_length; ++$i) {
+ $carry = 0;
+
+ for ($j = 0, $k = $i; $j < $x_length && $k < $stop; ++$j, ++$k) {
+ $temp = $product_value[$k] + $x_value[$j] * $y_value[$i] + $carry;
+ $carry = (int) ($temp / 0x4000000);
+ $product_value[$k] = (int) ($temp - 0x4000000 * $carry);
+ }
+
+ if ($k < $stop) {
+ $product_value[$k] = $carry;
+ }
+ }
+
+ return array(
+ MATH_BIGINTEGER_VALUE => $this->_trim($product_value),
+ MATH_BIGINTEGER_SIGN => $x_negative != $y_negative
+ );
+ }
+
+ /**
+ * Montgomery Modular Reduction
+ *
+ * ($x->_prepMontgomery($n))->_montgomery($n) yields $x % $n.
+ * {@link http://math.libtomcrypt.com/files/tommath.pdf#page=170 MPM 6.3} provides insights on how this can be
+ * improved upon (basically, by using the comba method). gcd($n, 2) must be equal to one for this function
+ * to work correctly.
+ *
+ * @see _prepMontgomery()
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $n
+ * @return Array
+ */
+ function _montgomery($x, $n)
+ {
+ static $cache = array(
+ MATH_BIGINTEGER_VARIABLE => array(),
+ MATH_BIGINTEGER_DATA => array()
+ );
+
+ if ( ($key = array_search($n, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
+ $key = count($cache[MATH_BIGINTEGER_VARIABLE]);
+ $cache[MATH_BIGINTEGER_VARIABLE][] = $x;
+ $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($n);
+ }
+
+ $k = count($n);
+
+ $result = array(MATH_BIGINTEGER_VALUE => $x);
+
+ for ($i = 0; $i < $k; ++$i) {
+ $temp = $result[MATH_BIGINTEGER_VALUE][$i] * $cache[MATH_BIGINTEGER_DATA][$key];
+ $temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
+ $temp = $this->_regularMultiply(array($temp), $n);
+ $temp = array_merge($this->_array_repeat(0, $i), $temp);
+ $result = $this->_add($result[MATH_BIGINTEGER_VALUE], false, $temp, false);
+ }
+
+ $result[MATH_BIGINTEGER_VALUE] = array_slice($result[MATH_BIGINTEGER_VALUE], $k);
+
+ if ($this->_compare($result, false, $n, false) >= 0) {
+ $result = $this->_subtract($result[MATH_BIGINTEGER_VALUE], false, $n, false);
+ }
+
+ return $result[MATH_BIGINTEGER_VALUE];
+ }
+
+ /**
+ * Montgomery Multiply
+ *
+ * Interleaves the montgomery reduction and long multiplication algorithms together as described in
+ * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=13 HAC 14.36}
+ *
+ * @see _prepMontgomery()
+ * @see _montgomery()
+ * @access private
+ * @param Array $x
+ * @param Array $y
+ * @param Array $m
+ * @return Array
+ */
+ function _montgomeryMultiply($x, $y, $m)
+ {
+ $temp = $this->_multiply($x, false, $y, false);
+ return $this->_montgomery($temp[MATH_BIGINTEGER_VALUE], $m);
+
+ static $cache = array(
+ MATH_BIGINTEGER_VARIABLE => array(),
+ MATH_BIGINTEGER_DATA => array()
+ );
+
+ if ( ($key = array_search($m, $cache[MATH_BIGINTEGER_VARIABLE])) === false ) {
+ $key = count($cache[MATH_BIGINTEGER_VARIABLE]);
+ $cache[MATH_BIGINTEGER_VARIABLE][] = $m;
+ $cache[MATH_BIGINTEGER_DATA][] = $this->_modInverse67108864($m);
+ }
+
+ $n = max(count($x), count($y), count($m));
+ $x = array_pad($x, $n, 0);
+ $y = array_pad($y, $n, 0);
+ $m = array_pad($m, $n, 0);
+ $a = array(MATH_BIGINTEGER_VALUE => $this->_array_repeat(0, $n + 1));
+ for ($i = 0; $i < $n; ++$i) {
+ $temp = $a[MATH_BIGINTEGER_VALUE][0] + $x[$i] * $y[0];
+ $temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
+ $temp = $temp * $cache[MATH_BIGINTEGER_DATA][$key];
+ $temp = (int) ($temp - 0x4000000 * ((int) ($temp / 0x4000000)));
+ $temp = $this->_add($this->_regularMultiply(array($x[$i]), $y), false, $this->_regularMultiply(array($temp), $m), false);
+ $a = $this->_add($a[MATH_BIGINTEGER_VALUE], false, $temp[MATH_BIGINTEGER_VALUE], false);
+ $a[MATH_BIGINTEGER_VALUE] = array_slice($a[MATH_BIGINTEGER_VALUE], 1);
+ }
+ if ($this->_compare($a[MATH_BIGINTEGER_VALUE], false, $m, false) >= 0) {
+ $a = $this->_subtract($a[MATH_BIGINTEGER_VALUE], false, $m, false);
+ }
+ return $a[MATH_BIGINTEGER_VALUE];
+ }
+
+ /**
+ * Prepare a number for use in Montgomery Modular Reductions
+ *
+ * @see _montgomery()
+ * @see _slidingWindow()
+ * @access private
+ * @param Array $x
+ * @param Array $n
+ * @return Array
+ */
+ function _prepMontgomery($x, $n)
+ {
+ $lhs = new Math_BigInteger();
+ $lhs->value = array_merge($this->_array_repeat(0, count($n)), $x);
+ $rhs = new Math_BigInteger();
+ $rhs->value = $n;
+
+ list(, $temp) = $lhs->divide($rhs);
+ return $temp->value;
+ }
+
+ /**
+ * Modular Inverse of a number mod 2**26 (eg. 67108864)
+ *
+ * Based off of the bnpInvDigit function implemented and justified in the following URL:
+ *
+ * {@link http://www-cs-students.stanford.edu/~tjw/jsbn/jsbn.js}
+ *
+ * The following URL provides more info:
+ *
+ * {@link http://groups.google.com/group/sci.crypt/msg/7a137205c1be7d85}
+ *
+ * As for why we do all the bitmasking... strange things can happen when converting from floats to ints. For
+ * instance, on some computers, var_dump((int) -4294967297) yields int(-1) and on others, it yields
+ * int(-2147483648). To avoid problems stemming from this, we use bitmasks to guarantee that ints aren't
+ * auto-converted to floats. The outermost bitmask is present because without it, there's no guarantee that
+ * the "residue" returned would be the so-called "common residue". We use fmod, in the last step, because the
+ * maximum possible $x is 26 bits and the maximum $result is 16 bits. Thus, we have to be able to handle up to
+ * 40 bits, which only 64-bit floating points will support.
+ *
+ * Thanks to Pedro Gimeno Fortea for input!
+ *
+ * @see _montgomery()
+ * @access private
+ * @param Array $x
+ * @return Integer
+ */
+ function _modInverse67108864($x) // 2**26 == 67108864
+ {
+ $x = -$x[0];
+ $result = $x & 0x3; // x**-1 mod 2**2
+ $result = ($result * (2 - $x * $result)) & 0xF; // x**-1 mod 2**4
+ $result = ($result * (2 - ($x & 0xFF) * $result)) & 0xFF; // x**-1 mod 2**8
+ $result = ($result * ((2 - ($x & 0xFFFF) * $result) & 0xFFFF)) & 0xFFFF; // x**-1 mod 2**16
+ $result = fmod($result * (2 - fmod($x * $result, 0x4000000)), 0x4000000); // x**-1 mod 2**26
+ return $result & 0x3FFFFFF;
+ }
+
+ /**
+ * Calculates modular inverses.
+ *
+ * Say you have (30 mod 17 * x mod 17) mod 17 == 1. x can be found using modular inverses.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger(30);
+ * $b = new Math_BigInteger(17);
+ *
+ * $c = $a->modInverse($b);
+ * echo $c->toString(); // outputs 4
+ *
+ * echo "\r\n";
+ *
+ * $d = $a->multiply($c);
+ * list(, $d) = $d->divide($b);
+ * echo $d; // outputs 1 (as per the definition of modular inverse)
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $n
+ * @return mixed false, if no modular inverse exists, Math_BigInteger, otherwise.
+ * @access public
+ * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=21 HAC 14.64} for more information.
+ */
+ function modInverse($n)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_invert($this->value, $n->value);
+
+ return ( $temp->value === false ) ? false : $this->_normalize($temp);
+ }
+
+ static $zero, $one;
+ if (!isset($zero)) {
+ $zero = new Math_BigInteger();
+ $one = new Math_BigInteger(1);
+ }
+
+ // $x mod -$n == $x mod $n.
+ $n = $n->abs();
+
+ if ($this->compare($zero) < 0) {
+ $temp = $this->abs();
+ $temp = $temp->modInverse($n);
+ return $this->_normalize($n->subtract($temp));
+ }
+
+ extract($this->extendedGCD($n));
+
+ if (!$gcd->equals($one)) {
+ return false;
+ }
+
+ $x = $x->compare($zero) < 0 ? $x->add($n) : $x;
+
+ return $this->compare($zero) < 0 ? $this->_normalize($n->subtract($x)) : $this->_normalize($x);
+ }
+
+ /**
+ * Calculates the greatest common divisor and Bzout's identity.
+ *
+ * Say you have 693 and 609. The GCD is 21. Bzout's identity states that there exist integers x and y such that
+ * 693*x + 609*y == 21. In point of fact, there are actually an infinite number of x and y combinations and which
+ * combination is returned is dependant upon which mode is in use. See
+ * {@link http://en.wikipedia.org/wiki/B%C3%A9zout%27s_identity Bzout's identity - Wikipedia} for more information.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger(693);
+ * $b = new Math_BigInteger(609);
+ *
+ * extract($a->extendedGCD($b));
+ *
+ * echo $gcd->toString() . "\r\n"; // outputs 21
+ * echo $a->toString() * $x->toString() + $b->toString() * $y->toString(); // outputs 21
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $n
+ * @return Math_BigInteger
+ * @access public
+ * @internal Calculates the GCD using the binary xGCD algorithim described in
+ * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap14.pdf#page=19 HAC 14.61}. As the text above 14.61 notes,
+ * the more traditional algorithim requires "relatively costly multiple-precision divisions".
+ */
+ function extendedGCD($n)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ extract(gmp_gcdext($this->value, $n->value));
+
+ return array(
+ 'gcd' => $this->_normalize(new Math_BigInteger($g)),
+ 'x' => $this->_normalize(new Math_BigInteger($s)),
+ 'y' => $this->_normalize(new Math_BigInteger($t))
+ );
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ // it might be faster to use the binary xGCD algorithim here, as well, but (1) that algorithim works
+ // best when the base is a power of 2 and (2) i don't think it'd make much difference, anyway. as is,
+ // the basic extended euclidean algorithim is what we're using.
+
+ $u = $this->value;
+ $v = $n->value;
+
+ $a = '1';
+ $b = '0';
+ $c = '0';
+ $d = '1';
+
+ while (bccomp($v, '0', 0) != 0) {
+ $q = bcdiv($u, $v, 0);
+
+ $temp = $u;
+ $u = $v;
+ $v = bcsub($temp, bcmul($v, $q, 0), 0);
+
+ $temp = $a;
+ $a = $c;
+ $c = bcsub($temp, bcmul($a, $q, 0), 0);
+
+ $temp = $b;
+ $b = $d;
+ $d = bcsub($temp, bcmul($b, $q, 0), 0);
+ }
+
+ return array(
+ 'gcd' => $this->_normalize(new Math_BigInteger($u)),
+ 'x' => $this->_normalize(new Math_BigInteger($a)),
+ 'y' => $this->_normalize(new Math_BigInteger($b))
+ );
+ }
+
+ $y = $n->copy();
+ $x = $this->copy();
+ $g = new Math_BigInteger();
+ $g->value = array(1);
+
+ while ( !(($x->value[0] & 1)|| ($y->value[0] & 1)) ) {
+ $x->_rshift(1);
+ $y->_rshift(1);
+ $g->_lshift(1);
+ }
+
+ $u = $x->copy();
+ $v = $y->copy();
+
+ $a = new Math_BigInteger();
+ $b = new Math_BigInteger();
+ $c = new Math_BigInteger();
+ $d = new Math_BigInteger();
+
+ $a->value = $d->value = $g->value = array(1);
+ $b->value = $c->value = array();
+
+ while ( !empty($u->value) ) {
+ while ( !($u->value[0] & 1) ) {
+ $u->_rshift(1);
+ if ( (!empty($a->value) && ($a->value[0] & 1)) || (!empty($b->value) && ($b->value[0] & 1)) ) {
+ $a = $a->add($y);
+ $b = $b->subtract($x);
+ }
+ $a->_rshift(1);
+ $b->_rshift(1);
+ }
+
+ while ( !($v->value[0] & 1) ) {
+ $v->_rshift(1);
+ if ( (!empty($d->value) && ($d->value[0] & 1)) || (!empty($c->value) && ($c->value[0] & 1)) ) {
+ $c = $c->add($y);
+ $d = $d->subtract($x);
+ }
+ $c->_rshift(1);
+ $d->_rshift(1);
+ }
+
+ if ($u->compare($v) >= 0) {
+ $u = $u->subtract($v);
+ $a = $a->subtract($c);
+ $b = $b->subtract($d);
+ } else {
+ $v = $v->subtract($u);
+ $c = $c->subtract($a);
+ $d = $d->subtract($b);
+ }
+ }
+
+ return array(
+ 'gcd' => $this->_normalize($g->multiply($v)),
+ 'x' => $this->_normalize($c),
+ 'y' => $this->_normalize($d)
+ );
+ }
+
+ /**
+ * Calculates the greatest common divisor
+ *
+ * Say you have 693 and 609. The GCD is 21.
+ *
+ * Here's an example:
+ * <code>
+ * <?php
+ * include('Math/BigInteger.php');
+ *
+ * $a = new Math_BigInteger(693);
+ * $b = new Math_BigInteger(609);
+ *
+ * $gcd = a->extendedGCD($b);
+ *
+ * echo $gcd->toString() . "\r\n"; // outputs 21
+ * ?>
+ * </code>
+ *
+ * @param Math_BigInteger $n
+ * @return Math_BigInteger
+ * @access public
+ */
+ function gcd($n)
+ {
+ extract($this->extendedGCD($n));
+ return $gcd;
+ }
+
+ /**
+ * Absolute value.
+ *
+ * @return Math_BigInteger
+ * @access public
+ */
+ function abs()
+ {
+ $temp = new Math_BigInteger();
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp->value = gmp_abs($this->value);
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $temp->value = (bccomp($this->value, '0', 0) < 0) ? substr($this->value, 1) : $this->value;
+ break;
+ default:
+ $temp->value = $this->value;
+ }
+
+ return $temp;
+ }
+
+ /**
+ * Compares two numbers.
+ *
+ * Although one might think !$x->compare($y) means $x != $y, it, in fact, means the opposite. The reason for this is
+ * demonstrated thusly:
+ *
+ * $x > $y: $x->compare($y) > 0
+ * $x < $y: $x->compare($y) < 0
+ * $x == $y: $x->compare($y) == 0
+ *
+ * Note how the same comparison operator is used. If you want to test for equality, use $x->equals($y).
+ *
+ * @param Math_BigInteger $x
+ * @return Integer < 0 if $this is less than $x; > 0 if $this is greater than $x, and 0 if they are equal.
+ * @access public
+ * @see equals()
+ * @internal Could return $this->subtract($x), but that's not as fast as what we do do.
+ */
+ function compare($y)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ return gmp_cmp($this->value, $y->value);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ return bccomp($this->value, $y->value, 0);
+ }
+
+ return $this->_compare($this->value, $this->is_negative, $y->value, $y->is_negative);
+ }
+
+ /**
+ * Compares two numbers.
+ *
+ * @param Array $x_value
+ * @param Boolean $x_negative
+ * @param Array $y_value
+ * @param Boolean $y_negative
+ * @return Integer
+ * @see compare()
+ * @access private
+ */
+ function _compare($x_value, $x_negative, $y_value, $y_negative)
+ {
+ if ( $x_negative != $y_negative ) {
+ return ( !$x_negative && $y_negative ) ? 1 : -1;
+ }
+
+ $result = $x_negative ? -1 : 1;
+
+ if ( count($x_value) != count($y_value) ) {
+ return ( count($x_value) > count($y_value) ) ? $result : -$result;
+ }
+ $size = max(count($x_value), count($y_value));
+
+ $x_value = array_pad($x_value, $size, 0);
+ $y_value = array_pad($y_value, $size, 0);
+
+ for ($i = count($x_value) - 1; $i >= 0; --$i) {
+ if ($x_value[$i] != $y_value[$i]) {
+ return ( $x_value[$i] > $y_value[$i] ) ? $result : -$result;
+ }
+ }
+
+ return 0;
+ }
+
+ /**
+ * Tests the equality of two numbers.
+ *
+ * If you need to see if one number is greater than or less than another number, use Math_BigInteger::compare()
+ *
+ * @param Math_BigInteger $x
+ * @return Boolean
+ * @access public
+ * @see compare()
+ */
+ function equals($x)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ return gmp_cmp($this->value, $x->value) == 0;
+ default:
+ return $this->value === $x->value && $this->is_negative == $x->is_negative;
+ }
+ }
+
+ /**
+ * Set Precision
+ *
+ * Some bitwise operations give different results depending on the precision being used. Examples include left
+ * shift, not, and rotates.
+ *
+ * @param Math_BigInteger $x
+ * @access public
+ * @return Math_BigInteger
+ */
+ function setPrecision($bits)
+ {
+ $this->precision = $bits;
+ if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ) {
+ $this->bitmask = new Math_BigInteger(chr((1 << ($bits & 0x7)) - 1) . str_repeat(chr(0xFF), $bits >> 3), 256);
+ } else {
+ $this->bitmask = new Math_BigInteger(bcpow('2', $bits, 0));
+ }
+
+ $temp = $this->_normalize($this);
+ $this->value = $temp->value;
+ }
+
+ /**
+ * Logical And
+ *
+ * @param Math_BigInteger $x
+ * @access public
+ * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
+ * @return Math_BigInteger
+ */
+ function bitwise_and($x)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_and($this->value, $x->value);
+
+ return $this->_normalize($temp);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $left = $this->toBytes();
+ $right = $x->toBytes();
+
+ $length = max(strlen($left), strlen($right));
+
+ $left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
+ $right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
+
+ return $this->_normalize(new Math_BigInteger($left & $right, 256));
+ }
+
+ $result = $this->copy();
+
+ $length = min(count($x->value), count($this->value));
+
+ $result->value = array_slice($result->value, 0, $length);
+
+ for ($i = 0; $i < $length; ++$i) {
+ $result->value[$i] = $result->value[$i] & $x->value[$i];
+ }
+
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Logical Or
+ *
+ * @param Math_BigInteger $x
+ * @access public
+ * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
+ * @return Math_BigInteger
+ */
+ function bitwise_or($x)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_or($this->value, $x->value);
+
+ return $this->_normalize($temp);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $left = $this->toBytes();
+ $right = $x->toBytes();
+
+ $length = max(strlen($left), strlen($right));
+
+ $left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
+ $right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
+
+ return $this->_normalize(new Math_BigInteger($left | $right, 256));
+ }
+
+ $length = max(count($this->value), count($x->value));
+ $result = $this->copy();
+ $result->value = array_pad($result->value, 0, $length);
+ $x->value = array_pad($x->value, 0, $length);
+
+ for ($i = 0; $i < $length; ++$i) {
+ $result->value[$i] = $this->value[$i] | $x->value[$i];
+ }
+
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Logical Exclusive-Or
+ *
+ * @param Math_BigInteger $x
+ * @access public
+ * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
+ * @return Math_BigInteger
+ */
+ function bitwise_xor($x)
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ $temp = new Math_BigInteger();
+ $temp->value = gmp_xor($this->value, $x->value);
+
+ return $this->_normalize($temp);
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $left = $this->toBytes();
+ $right = $x->toBytes();
+
+ $length = max(strlen($left), strlen($right));
+
+ $left = str_pad($left, $length, chr(0), STR_PAD_LEFT);
+ $right = str_pad($right, $length, chr(0), STR_PAD_LEFT);
+
+ return $this->_normalize(new Math_BigInteger($left ^ $right, 256));
+ }
+
+ $length = max(count($this->value), count($x->value));
+ $result = $this->copy();
+ $result->value = array_pad($result->value, 0, $length);
+ $x->value = array_pad($x->value, 0, $length);
+
+ for ($i = 0; $i < $length; ++$i) {
+ $result->value[$i] = $this->value[$i] ^ $x->value[$i];
+ }
+
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Logical Not
+ *
+ * @access public
+ * @internal Implemented per a request by Lluis Pamies i Juarez <lluis _a_ pamies.cat>
+ * @return Math_BigInteger
+ */
+ function bitwise_not()
+ {
+ // calculuate "not" without regard to $this->precision
+ // (will always result in a smaller number. ie. ~1 isn't 1111 1110 - it's 0)
+ $temp = $this->toBytes();
+ $pre_msb = decbin(ord($temp[0]));
+ $temp = ~$temp;
+ $msb = decbin(ord($temp[0]));
+ if (strlen($msb) == 8) {
+ $msb = substr($msb, strpos($msb, '0'));
+ }
+ $temp[0] = chr(bindec($msb));
+
+ // see if we need to add extra leading 1's
+ $current_bits = strlen($pre_msb) + 8 * strlen($temp) - 8;
+ $new_bits = $this->precision - $current_bits;
+ if ($new_bits <= 0) {
+ return $this->_normalize(new Math_BigInteger($temp, 256));
+ }
+
+ // generate as many leading 1's as we need to.
+ $leading_ones = chr((1 << ($new_bits & 0x7)) - 1) . str_repeat(chr(0xFF), $new_bits >> 3);
+ $this->_base256_lshift($leading_ones, $current_bits);
+
+ $temp = str_pad($temp, ceil($this->bits / 8), chr(0), STR_PAD_LEFT);
+
+ return $this->_normalize(new Math_BigInteger($leading_ones | $temp, 256));
+ }
+
+ /**
+ * Logical Right Shift
+ *
+ * Shifts BigInteger's by $shift bits, effectively dividing by 2**$shift.
+ *
+ * @param Integer $shift
+ * @return Math_BigInteger
+ * @access public
+ * @internal The only version that yields any speed increases is the internal version.
+ */
+ function bitwise_rightShift($shift)
+ {
+ $temp = new Math_BigInteger();
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ static $two;
+
+ if (!isset($two)) {
+ $two = gmp_init('2');
+ }
+
+ $temp->value = gmp_div_q($this->value, gmp_pow($two, $shift));
+
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $temp->value = bcdiv($this->value, bcpow('2', $shift, 0), 0);
+
+ break;
+ default: // could just replace _lshift with this, but then all _lshift() calls would need to be rewritten
+ // and I don't want to do that...
+ $temp->value = $this->value;
+ $temp->_rshift($shift);
+ }
+
+ return $this->_normalize($temp);
+ }
+
+ /**
+ * Logical Left Shift
+ *
+ * Shifts BigInteger's by $shift bits, effectively multiplying by 2**$shift.
+ *
+ * @param Integer $shift
+ * @return Math_BigInteger
+ * @access public
+ * @internal The only version that yields any speed increases is the internal version.
+ */
+ function bitwise_leftShift($shift)
+ {
+ $temp = new Math_BigInteger();
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ static $two;
+
+ if (!isset($two)) {
+ $two = gmp_init('2');
+ }
+
+ $temp->value = gmp_mul($this->value, gmp_pow($two, $shift));
+
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ $temp->value = bcmul($this->value, bcpow('2', $shift, 0), 0);
+
+ break;
+ default: // could just replace _rshift with this, but then all _lshift() calls would need to be rewritten
+ // and I don't want to do that...
+ $temp->value = $this->value;
+ $temp->_lshift($shift);
+ }
+
+ return $this->_normalize($temp);
+ }
+
+ /**
+ * Logical Left Rotate
+ *
+ * Instead of the top x bits being dropped they're appended to the shifted bit string.
+ *
+ * @param Integer $shift
+ * @return Math_BigInteger
+ * @access public
+ */
+ function bitwise_leftRotate($shift)
+ {
+ $bits = $this->toBytes();
+
+ if ($this->precision > 0) {
+ $precision = $this->precision;
+ if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
+ $mask = $this->bitmask->subtract(new Math_BigInteger(1));
+ $mask = $mask->toBytes();
+ } else {
+ $mask = $this->bitmask->toBytes();
+ }
+ } else {
+ $temp = ord($bits[0]);
+ for ($i = 0; $temp >> $i; ++$i);
+ $precision = 8 * strlen($bits) - 8 + $i;
+ $mask = chr((1 << ($precision & 0x7)) - 1) . str_repeat(chr(0xFF), $precision >> 3);
+ }
+
+ if ($shift < 0) {
+ $shift+= $precision;
+ }
+ $shift%= $precision;
+
+ if (!$shift) {
+ return $this->copy();
+ }
+
+ $left = $this->bitwise_leftShift($shift);
+ $left = $left->bitwise_and(new Math_BigInteger($mask, 256));
+ $right = $this->bitwise_rightShift($precision - $shift);
+ $result = MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_BCMATH ? $left->bitwise_or($right) : $left->add($right);
+ return $this->_normalize($result);
+ }
+
+ /**
+ * Logical Right Rotate
+ *
+ * Instead of the bottom x bits being dropped they're prepended to the shifted bit string.
+ *
+ * @param Integer $shift
+ * @return Math_BigInteger
+ * @access public
+ */
+ function bitwise_rightRotate($shift)
+ {
+ return $this->bitwise_leftRotate(-$shift);
+ }
+
+ /**
+ * Set random number generator function
+ *
+ * This function is deprecated.
+ *
+ * @param String $generator
+ * @access public
+ */
+ function setRandomGenerator($generator)
+ {
+ }
+
+ /**
+ * Generate a random number
+ *
+ * @param optional Integer $min
+ * @param optional Integer $max
+ * @return Math_BigInteger
+ * @access public
+ */
+ function random($min = false, $max = false)
+ {
+ if ($min === false) {
+ $min = new Math_BigInteger(0);
+ }
+
+ if ($max === false) {
+ $max = new Math_BigInteger(0x7FFFFFFF);
+ }
+
+ $compare = $max->compare($min);
+
+ if (!$compare) {
+ return $this->_normalize($min);
+ } else if ($compare < 0) {
+ // if $min is bigger then $max, swap $min and $max
+ $temp = $max;
+ $max = $min;
+ $min = $temp;
+ }
+
+ $generator = $this->generator;
+
+ $max = $max->subtract($min);
+ $max = ltrim($max->toBytes(), chr(0));
+ $size = strlen($max) - 1;
+
+ $crypt_random = function_exists('crypt_random_string') || (!class_exists('Crypt_Random') && function_exists('crypt_random_string'));
+ if ($crypt_random) {
+ $random = crypt_random_string($size);
+ } else {
+ $random = '';
+
+ if ($size & 1) {
+ $random.= chr(mt_rand(0, 255));
+ }
+
+ $blocks = $size >> 1;
+ for ($i = 0; $i < $blocks; ++$i) {
+ // mt_rand(-2147483648, 0x7FFFFFFF) always produces -2147483648 on some systems
+ $random.= pack('n', mt_rand(0, 0xFFFF));
+ }
+ }
+
+ $fragment = new Math_BigInteger($random, 256);
+ $leading = $fragment->compare(new Math_BigInteger(substr($max, 1), 256)) > 0 ?
+ ord($max[0]) - 1 : ord($max[0]);
+
+ if (!$crypt_random) {
+ $msb = chr(mt_rand(0, $leading));
+ } else {
+ $cutoff = floor(0xFF / $leading) * $leading;
+ while (true) {
+ $msb = ord(crypt_random_string(1));
+ if ($msb <= $cutoff) {
+ $msb%= $leading;
+ break;
+ }
+ }
+ $msb = chr($msb);
+ }
+
+ $random = new Math_BigInteger($msb . $random, 256);
+
+ return $this->_normalize($random->add($min));
+ }
+
+ /**
+ * Generate a random prime number.
+ *
+ * If there's not a prime within the given range, false will be returned. If more than $timeout seconds have elapsed,
+ * give up and return false.
+ *
+ * @param optional Integer $min
+ * @param optional Integer $max
+ * @param optional Integer $timeout
+ * @return Math_BigInteger
+ * @access public
+ * @internal See {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=15 HAC 4.44}.
+ */
+ function randomPrime($min = false, $max = false, $timeout = false)
+ {
+ $compare = $max->compare($min);
+
+ if (!$compare) {
+ return $min;
+ } else if ($compare < 0) {
+ // if $min is bigger then $max, swap $min and $max
+ $temp = $max;
+ $max = $min;
+ $min = $temp;
+ }
+
+ // gmp_nextprime() requires PHP 5 >= 5.2.0 per <http://php.net/gmp-nextprime>.
+ if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_GMP && function_exists('gmp_nextprime') ) {
+ // we don't rely on Math_BigInteger::random()'s min / max when gmp_nextprime() is being used since this function
+ // does its own checks on $max / $min when gmp_nextprime() is used. When gmp_nextprime() is not used, however,
+ // the same $max / $min checks are not performed.
+ if ($min === false) {
+ $min = new Math_BigInteger(0);
+ }
+
+ if ($max === false) {
+ $max = new Math_BigInteger(0x7FFFFFFF);
+ }
+
+ $x = $this->random($min, $max);
+
+ $x->value = gmp_nextprime($x->value);
+
+ if ($x->compare($max) <= 0) {
+ return $x;
+ }
+
+ $x->value = gmp_nextprime($min->value);
+
+ if ($x->compare($max) <= 0) {
+ return $x;
+ }
+
+ return false;
+ }
+
+ static $one, $two;
+ if (!isset($one)) {
+ $one = new Math_BigInteger(1);
+ $two = new Math_BigInteger(2);
+ }
+
+ $start = time();
+
+ $x = $this->random($min, $max);
+ if ($x->equals($two)) {
+ return $x;
+ }
+
+ $x->_make_odd();
+ if ($x->compare($max) > 0) {
+ // if $x > $max then $max is even and if $min == $max then no prime number exists between the specified range
+ if ($min->equals($max)) {
+ return false;
+ }
+ $x = $min->copy();
+ $x->_make_odd();
+ }
+
+ $initial_x = $x->copy();
+
+ while (true) {
+ if ($timeout !== false && time() - $start > $timeout) {
+ return false;
+ }
+
+ if ($x->isPrime()) {
+ return $x;
+ }
+
+ $x = $x->add($two);
+
+ if ($x->compare($max) > 0) {
+ $x = $min->copy();
+ if ($x->equals($two)) {
+ return $x;
+ }
+ $x->_make_odd();
+ }
+
+ if ($x->equals($initial_x)) {
+ return false;
+ }
+ }
+ }
+
+ /**
+ * Make the current number odd
+ *
+ * If the current number is odd it'll be unchanged. If it's even, one will be added to it.
+ *
+ * @see randomPrime()
+ * @access private
+ */
+ function _make_odd()
+ {
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ gmp_setbit($this->value, 0);
+ break;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ if ($this->value[strlen($this->value) - 1] % 2 == 0) {
+ $this->value = bcadd($this->value, '1');
+ }
+ break;
+ default:
+ $this->value[0] |= 1;
+ }
+ }
+
+ /**
+ * Checks a numer to see if it's prime
+ *
+ * Assuming the $t parameter is not set, this function has an error rate of 2**-80. The main motivation for the
+ * $t parameter is distributability. Math_BigInteger::randomPrime() can be distributed accross multiple pageloads
+ * on a website instead of just one.
+ *
+ * @param optional Integer $t
+ * @return Boolean
+ * @access public
+ * @internal Uses the
+ * {@link http://en.wikipedia.org/wiki/Miller%E2%80%93Rabin_primality_test Miller-Rabin primality test}. See
+ * {@link http://www.cacr.math.uwaterloo.ca/hac/about/chap4.pdf#page=8 HAC 4.24}.
+ */
+ function isPrime($t = false)
+ {
+ $length = strlen($this->toBytes());
+
+ if (!$t) {
+ // see HAC 4.49 "Note (controlling the error probability)"
+ if ($length >= 163) { $t = 2; } // floor(1300 / 8)
+ else if ($length >= 106) { $t = 3; } // floor( 850 / 8)
+ else if ($length >= 81 ) { $t = 4; } // floor( 650 / 8)
+ else if ($length >= 68 ) { $t = 5; } // floor( 550 / 8)
+ else if ($length >= 56 ) { $t = 6; } // floor( 450 / 8)
+ else if ($length >= 50 ) { $t = 7; } // floor( 400 / 8)
+ else if ($length >= 43 ) { $t = 8; } // floor( 350 / 8)
+ else if ($length >= 37 ) { $t = 9; } // floor( 300 / 8)
+ else if ($length >= 31 ) { $t = 12; } // floor( 250 / 8)
+ else if ($length >= 25 ) { $t = 15; } // floor( 200 / 8)
+ else if ($length >= 18 ) { $t = 18; } // floor( 150 / 8)
+ else { $t = 27; }
+ }
+
+ // ie. gmp_testbit($this, 0)
+ // ie. isEven() or !isOdd()
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ return gmp_prob_prime($this->value, $t) != 0;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ if ($this->value === '2') {
+ return true;
+ }
+ if ($this->value[strlen($this->value) - 1] % 2 == 0) {
+ return false;
+ }
+ break;
+ default:
+ if ($this->value == array(2)) {
+ return true;
+ }
+ if (~$this->value[0] & 1) {
+ return false;
+ }
+ }
+
+ static $primes, $zero, $one, $two;
+
+ if (!isset($primes)) {
+ $primes = array(
+ 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59,
+ 61, 67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137,
+ 139, 149, 151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227,
+ 229, 233, 239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313,
+ 317, 331, 337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419,
+ 421, 431, 433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509,
+ 521, 523, 541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607, 613, 617,
+ 619, 631, 641, 643, 647, 653, 659, 661, 673, 677, 683, 691, 701, 709, 719, 727,
+ 733, 739, 743, 751, 757, 761, 769, 773, 787, 797, 809, 811, 821, 823, 827, 829,
+ 839, 853, 857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937, 941, 947,
+ 953, 967, 971, 977, 983, 991, 997
+ );
+
+ if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) {
+ for ($i = 0; $i < count($primes); ++$i) {
+ $primes[$i] = new Math_BigInteger($primes[$i]);
+ }
+ }
+
+ $zero = new Math_BigInteger();
+ $one = new Math_BigInteger(1);
+ $two = new Math_BigInteger(2);
+ }
+
+ if ($this->equals($one)) {
+ return false;
+ }
+
+ // see HAC 4.4.1 "Random search for probable primes"
+ if ( MATH_BIGINTEGER_MODE != MATH_BIGINTEGER_MODE_INTERNAL ) {
+ foreach ($primes as $prime) {
+ list(, $r) = $this->divide($prime);
+ if ($r->equals($zero)) {
+ return $this->equals($prime);
+ }
+ }
+ } else {
+ $value = $this->value;
+ foreach ($primes as $prime) {
+ list(, $r) = $this->_divide_digit($value, $prime);
+ if (!$r) {
+ return count($value) == 1 && $value[0] == $prime;
+ }
+ }
+ }
+
+ $n = $this->copy();
+ $n_1 = $n->subtract($one);
+ $n_2 = $n->subtract($two);
+
+ $r = $n_1->copy();
+ $r_value = $r->value;
+ // ie. $s = gmp_scan1($n, 0) and $r = gmp_div_q($n, gmp_pow(gmp_init('2'), $s));
+ if ( MATH_BIGINTEGER_MODE == MATH_BIGINTEGER_MODE_BCMATH ) {
+ $s = 0;
+ // if $n was 1, $r would be 0 and this would be an infinite loop, hence our $this->equals($one) check earlier
+ while ($r->value[strlen($r->value) - 1] % 2 == 0) {
+ $r->value = bcdiv($r->value, '2', 0);
+ ++$s;
+ }
+ } else {
+ for ($i = 0, $r_length = count($r_value); $i < $r_length; ++$i) {
+ $temp = ~$r_value[$i] & 0xFFFFFF;
+ for ($j = 1; ($temp >> $j) & 1; ++$j);
+ if ($j != 25) {
+ break;
+ }
+ }
+ $s = 26 * $i + $j - 1;
+ $r->_rshift($s);
+ }
+
+ for ($i = 0; $i < $t; ++$i) {
+ $a = $this->random($two, $n_2);
+ $y = $a->modPow($r, $n);
+
+ if (!$y->equals($one) && !$y->equals($n_1)) {
+ for ($j = 1; $j < $s && !$y->equals($n_1); ++$j) {
+ $y = $y->modPow($two, $n);
+ if ($y->equals($one)) {
+ return false;
+ }
+ }
+
+ if (!$y->equals($n_1)) {
+ return false;
+ }
+ }
+ }
+ return true;
+ }
+
+ /**
+ * Logical Left Shift
+ *
+ * Shifts BigInteger's by $shift bits.
+ *
+ * @param Integer $shift
+ * @access private
+ */
+ function _lshift($shift)
+ {
+ if ( $shift == 0 ) {
+ return;
+ }
+
+ $num_digits = (int) ($shift / 26);
+ $shift %= 26;
+ $shift = 1 << $shift;
+
+ $carry = 0;
+
+ for ($i = 0; $i < count($this->value); ++$i) {
+ $temp = $this->value[$i] * $shift + $carry;
+ $carry = (int) ($temp / 0x4000000);
+ $this->value[$i] = (int) ($temp - $carry * 0x4000000);
+ }
+
+ if ( $carry ) {
+ $this->value[] = $carry;
+ }
+
+ while ($num_digits--) {
+ array_unshift($this->value, 0);
+ }
+ }
+
+ /**
+ * Logical Right Shift
+ *
+ * Shifts BigInteger's by $shift bits.
+ *
+ * @param Integer $shift
+ * @access private
+ */
+ function _rshift($shift)
+ {
+ if ($shift == 0) {
+ return;
+ }
+
+ $num_digits = (int) ($shift / 26);
+ $shift %= 26;
+ $carry_shift = 26 - $shift;
+ $carry_mask = (1 << $shift) - 1;
+
+ if ( $num_digits ) {
+ $this->value = array_slice($this->value, $num_digits);
+ }
+
+ $carry = 0;
+
+ for ($i = count($this->value) - 1; $i >= 0; --$i) {
+ $temp = $this->value[$i] >> $shift | $carry;
+ $carry = ($this->value[$i] & $carry_mask) << $carry_shift;
+ $this->value[$i] = $temp;
+ }
+
+ $this->value = $this->_trim($this->value);
+ }
+
+ /**
+ * Normalize
+ *
+ * Removes leading zeros and truncates (if necessary) to maintain the appropriate precision
+ *
+ * @param Math_BigInteger
+ * @return Math_BigInteger
+ * @see _trim()
+ * @access private
+ */
+ function _normalize($result)
+ {
+ $result->precision = $this->precision;
+ $result->bitmask = $this->bitmask;
+
+ switch ( MATH_BIGINTEGER_MODE ) {
+ case MATH_BIGINTEGER_MODE_GMP:
+ if (!empty($result->bitmask->value)) {
+ $result->value = gmp_and($result->value, $result->bitmask->value);
+ }
+
+ return $result;
+ case MATH_BIGINTEGER_MODE_BCMATH:
+ if (!empty($result->bitmask->value)) {
+ $result->value = bcmod($result->value, $result->bitmask->value);
+ }
+
+ return $result;
+ }
+
+ $value = &$result->value;
+
+ if ( !count($value) ) {
+ return $result;
+ }
+
+ $value = $this->_trim($value);
+
+ if (!empty($result->bitmask->value)) {
+ $length = min(count($value), count($this->bitmask->value));
+ $value = array_slice($value, 0, $length);
+
+ for ($i = 0; $i < $length; ++$i) {
+ $value[$i] = $value[$i] & $this->bitmask->value[$i];
+ }
+ }
+
+ return $result;
+ }
+
+ /**
+ * Trim
+ *
+ * Removes leading zeros
+ *
+ * @return Math_BigInteger
+ * @access private
+ */
+ function _trim($value)
+ {
+ for ($i = count($value) - 1; $i >= 0; --$i) {
+ if ( $value[$i] ) {
+ break;
+ }
+ unset($value[$i]);
+ }
+
+ return $value;
+ }
+
+ /**
+ * Array Repeat
+ *
+ * @param $input Array
+ * @param $multiplier mixed
+ * @return Array
+ * @access private
+ */
+ function _array_repeat($input, $multiplier)
+ {
+ return ($multiplier) ? array_fill(0, $multiplier, $input) : array();
+ }
+
+ /**
+ * Logical Left Shift
+ *
+ * Shifts binary strings $shift bits, essentially multiplying by 2**$shift.
+ *
+ * @param $x String
+ * @param $shift Integer
+ * @return String
+ * @access private
+ */
+ function _base256_lshift(&$x, $shift)
+ {
+ if ($shift == 0) {
+ return;
+ }
+
+ $num_bytes = $shift >> 3; // eg. floor($shift/8)
+ $shift &= 7; // eg. $shift % 8
+
+ $carry = 0;
+ for ($i = strlen($x) - 1; $i >= 0; --$i) {
+ $temp = ord($x[$i]) << $shift | $carry;
+ $x[$i] = chr($temp);
+ $carry = $temp >> 8;
+ }
+ $carry = ($carry != 0) ? chr($carry) : '';
+ $x = $carry . $x . str_repeat(chr(0), $num_bytes);
+ }
+
+ /**
+ * Logical Right Shift
+ *
+ * Shifts binary strings $shift bits, essentially dividing by 2**$shift and returning the remainder.
+ *
+ * @param $x String
+ * @param $shift Integer
+ * @return String
+ * @access private
+ */
+ function _base256_rshift(&$x, $shift)
+ {
+ if ($shift == 0) {
+ $x = ltrim($x, chr(0));
+ return '';
+ }
+
+ $num_bytes = $shift >> 3; // eg. floor($shift/8)
+ $shift &= 7; // eg. $shift % 8
+
+ $remainder = '';
+ if ($num_bytes) {
+ $start = $num_bytes > strlen($x) ? -strlen($x) : -$num_bytes;
+ $remainder = substr($x, $start);
+ $x = substr($x, 0, -$num_bytes);
+ }
+
+ $carry = 0;
+ $carry_shift = 8 - $shift;
+ for ($i = 0; $i < strlen($x); ++$i) {
+ $temp = (ord($x[$i]) >> $shift) | $carry;
+ $carry = (ord($x[$i]) << $carry_shift) & 0xFF;
+ $x[$i] = chr($temp);
+ }
+ $x = ltrim($x, chr(0));
+
+ $remainder = chr($carry >> $carry_shift) . $remainder;
+
+ return ltrim($remainder, chr(0));
+ }
+
+ // one quirk about how the following functions are implemented is that PHP defines N to be an unsigned long
+ // at 32-bits, while java's longs are 64-bits.
+
+ /**
+ * Converts 32-bit integers to bytes.
+ *
+ * @param Integer $x
+ * @return String
+ * @access private
+ */
+ function _int2bytes($x)
+ {
+ return ltrim(pack('N', $x), chr(0));
+ }
+
+ /**
+ * Converts bytes to 32-bit integers
+ *
+ * @param String $x
+ * @return Integer
+ * @access private
+ */
+ function _bytes2int($x)
+ {
+ $temp = unpack('Nint', str_pad($x, 4, chr(0), STR_PAD_LEFT));
+ return $temp['int'];
+ }
+
+ /**
+ * DER-encode an integer
+ *
+ * The ability to DER-encode integers is needed to create RSA public keys for use with OpenSSL
+ *
+ * @see modPow()
+ * @access private
+ * @param Integer $length
+ * @return String
+ */
+ function _encodeASN1Length($length)
+ {
+ if ($length <= 0x7F) {
+ return chr($length);
+ }
+
+ $temp = ltrim(pack('N', $length), chr(0));
+ return pack('Ca*', 0x80 | strlen($temp), $temp);
+ }
+} \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SFTP.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SFTP.php
new file mode 100644
index 00000000000..8db087d3d99
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SFTP.php
@@ -0,0 +1,2029 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of SFTP.
+ *
+ * PHP versions 4 and 5
+ *
+ * Currently only supports SFTPv2 and v3, which, according to wikipedia.org, "is the most widely used version,
+ * implemented by the popular OpenSSH SFTP server". If you want SFTPv4/5/6 support, provide me with access
+ * to an SFTPv4/5/6 server.
+ *
+ * The API for this library is modeled after the API from PHP's {@link http://php.net/book.ftp FTP extension}.
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Net/SFTP.php');
+ *
+ * $sftp = new Net_SFTP('www.domain.tld');
+ * if (!$sftp->login('username', 'password')) {
+ * exit('Login Failed');
+ * }
+ *
+ * echo $sftp->pwd() . "\r\n";
+ * $sftp->put('filename.ext', 'hello, world!');
+ * print_r($sftp->nlist());
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Net
+ * @package Net_SFTP
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMIX Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Net_SSH2
+ */
+if (!class_exists('Net_SSH2')) {
+ require_once('Net/SSH2.php');
+}
+
+/**#@+
+ * @access public
+ * @see Net_SFTP::getLog()
+ */
+/**
+ * Returns the message numbers
+ */
+define('NET_SFTP_LOG_SIMPLE', NET_SSH2_LOG_SIMPLE);
+/**
+ * Returns the message content
+ */
+define('NET_SFTP_LOG_COMPLEX', NET_SSH2_LOG_COMPLEX);
+/**
+ * Outputs the message content in real-time.
+ */
+define('NET_SFTP_LOG_REALTIME', 3);
+/**#@-*/
+
+/**
+ * SFTP channel constant
+ *
+ * Net_SSH2::exec() uses 0 and Net_SSH2::read() / Net_SSH2::write() use 1.
+ *
+ * @see Net_SSH2::_send_channel_packet()
+ * @see Net_SSH2::_get_channel_packet()
+ * @access private
+ */
+define('NET_SFTP_CHANNEL', 2);
+
+/**#@+
+ * @access public
+ * @see Net_SFTP::put()
+ */
+/**
+ * Reads data from a local file.
+ */
+define('NET_SFTP_LOCAL_FILE', 1);
+/**
+ * Reads data from a string.
+ */
+// this value isn't really used anymore but i'm keeping it reserved for historical reasons
+define('NET_SFTP_STRING', 2);
+/**
+ * Resumes an upload
+ */
+define('NET_SFTP_RESUME', 4);
+/**#@-*/
+
+/**
+ * Pure-PHP implementations of SFTP.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Net_SFTP
+ */
+class Net_SFTP extends Net_SSH2 {
+ /**
+ * Packet Types
+ *
+ * @see Net_SFTP::Net_SFTP()
+ * @var Array
+ * @access private
+ */
+ var $packet_types = array();
+
+ /**
+ * Status Codes
+ *
+ * @see Net_SFTP::Net_SFTP()
+ * @var Array
+ * @access private
+ */
+ var $status_codes = array();
+
+ /**
+ * The Request ID
+ *
+ * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support
+ * concurrent actions, so it's somewhat academic, here.
+ *
+ * @var Integer
+ * @see Net_SFTP::_send_sftp_packet()
+ * @access private
+ */
+ var $request_id = false;
+
+ /**
+ * The Packet Type
+ *
+ * The request ID exists in the off chance that a packet is sent out-of-order. Of course, this library doesn't support
+ * concurrent actions, so it's somewhat academic, here.
+ *
+ * @var Integer
+ * @see Net_SFTP::_get_sftp_packet()
+ * @access private
+ */
+ var $packet_type = -1;
+
+ /**
+ * Packet Buffer
+ *
+ * @var String
+ * @see Net_SFTP::_get_sftp_packet()
+ * @access private
+ */
+ var $packet_buffer = '';
+
+ /**
+ * Extensions supported by the server
+ *
+ * @var Array
+ * @see Net_SFTP::_initChannel()
+ * @access private
+ */
+ var $extensions = array();
+
+ /**
+ * Server SFTP version
+ *
+ * @var Integer
+ * @see Net_SFTP::_initChannel()
+ * @access private
+ */
+ var $version;
+
+ /**
+ * Current working directory
+ *
+ * @var String
+ * @see Net_SFTP::_realpath()
+ * @see Net_SFTP::chdir()
+ * @access private
+ */
+ var $pwd = false;
+
+ /**
+ * Packet Type Log
+ *
+ * @see Net_SFTP::getLog()
+ * @var Array
+ * @access private
+ */
+ var $packet_type_log = array();
+
+ /**
+ * Packet Log
+ *
+ * @see Net_SFTP::getLog()
+ * @var Array
+ * @access private
+ */
+ var $packet_log = array();
+
+ /**
+ * Error information
+ *
+ * @see Net_SFTP::getSFTPErrors()
+ * @see Net_SFTP::getLastSFTPError()
+ * @var String
+ * @access private
+ */
+ var $sftp_errors = array();
+
+ /**
+ * File Type
+ *
+ * @see Net_SFTP::_parseLongname()
+ * @var Integer
+ * @access private
+ */
+ var $fileType = 0;
+
+ /**
+ * Directory Cache
+ *
+ * Rather than always having to open a directory and close it immediately there after to see if a file is a directory or
+ * rather than always
+ *
+ * @see Net_SFTP::_save_dir()
+ * @see Net_SFTP::_remove_dir()
+ * @see Net_SFTP::_is_dir()
+ * @var Array
+ * @access private
+ */
+ var $dirs = array();
+
+ /**
+ * Default Constructor.
+ *
+ * Connects to an SFTP server
+ *
+ * @param String $host
+ * @param optional Integer $port
+ * @param optional Integer $timeout
+ * @return Net_SFTP
+ * @access public
+ */
+ function Net_SFTP($host, $port = 22, $timeout = 10)
+ {
+ parent::Net_SSH2($host, $port, $timeout);
+ $this->packet_types = array(
+ 1 => 'NET_SFTP_INIT',
+ 2 => 'NET_SFTP_VERSION',
+ /* the format of SSH_FXP_OPEN changed between SFTPv4 and SFTPv5+:
+ SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.1
+ pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3 */
+ 3 => 'NET_SFTP_OPEN',
+ 4 => 'NET_SFTP_CLOSE',
+ 5 => 'NET_SFTP_READ',
+ 6 => 'NET_SFTP_WRITE',
+ 7 => 'NET_SFTP_LSTAT',
+ 9 => 'NET_SFTP_SETSTAT',
+ 11 => 'NET_SFTP_OPENDIR',
+ 12 => 'NET_SFTP_READDIR',
+ 13 => 'NET_SFTP_REMOVE',
+ 14 => 'NET_SFTP_MKDIR',
+ 15 => 'NET_SFTP_RMDIR',
+ 16 => 'NET_SFTP_REALPATH',
+ 17 => 'NET_SFTP_STAT',
+ /* the format of SSH_FXP_RENAME changed between SFTPv4 and SFTPv5+:
+ SFTPv5+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
+ pre-SFTPv5 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.5 */
+ 18 => 'NET_SFTP_RENAME',
+
+ 101=> 'NET_SFTP_STATUS',
+ 102=> 'NET_SFTP_HANDLE',
+ /* the format of SSH_FXP_NAME changed between SFTPv3 and SFTPv4+:
+ SFTPv4+: http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.4
+ pre-SFTPv4 : http://tools.ietf.org/html/draft-ietf-secsh-filexfer-02#section-7 */
+ 103=> 'NET_SFTP_DATA',
+ 104=> 'NET_SFTP_NAME',
+ 105=> 'NET_SFTP_ATTRS',
+
+ 200=> 'NET_SFTP_EXTENDED'
+ );
+ $this->status_codes = array(
+ 0 => 'NET_SFTP_STATUS_OK',
+ 1 => 'NET_SFTP_STATUS_EOF',
+ 2 => 'NET_SFTP_STATUS_NO_SUCH_FILE',
+ 3 => 'NET_SFTP_STATUS_PERMISSION_DENIED',
+ 4 => 'NET_SFTP_STATUS_FAILURE',
+ 5 => 'NET_SFTP_STATUS_BAD_MESSAGE',
+ 6 => 'NET_SFTP_STATUS_NO_CONNECTION',
+ 7 => 'NET_SFTP_STATUS_CONNECTION_LOST',
+ 8 => 'NET_SFTP_STATUS_OP_UNSUPPORTED'
+ );
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-7.1
+ // the order, in this case, matters quite a lot - see Net_SFTP::_parseAttributes() to understand why
+ $this->attributes = array(
+ 0x00000001 => 'NET_SFTP_ATTR_SIZE',
+ 0x00000002 => 'NET_SFTP_ATTR_UIDGID', // defined in SFTPv3, removed in SFTPv4+
+ 0x00000004 => 'NET_SFTP_ATTR_PERMISSIONS',
+ 0x00000008 => 'NET_SFTP_ATTR_ACCESSTIME',
+ // 0x80000000 will yield a floating point on 32-bit systems and converting floating points to integers
+ // yields inconsistent behavior depending on how php is compiled. so we left shift -1 (which, in
+ // two's compliment, consists of all 1 bits) by 31. on 64-bit systems this'll yield 0xFFFFFFFF80000000.
+ // that's not a problem, however, and 'anded' and a 32-bit number, as all the leading 1 bits are ignored.
+ -1 << 31 => 'NET_SFTP_ATTR_EXTENDED'
+ );
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-6.3
+ // the flag definitions change somewhat in SFTPv5+. if SFTPv5+ support is added to this library, maybe name
+ // the array for that $this->open5_flags and similarily alter the constant names.
+ $this->open_flags = array(
+ 0x00000001 => 'NET_SFTP_OPEN_READ',
+ 0x00000002 => 'NET_SFTP_OPEN_WRITE',
+ 0x00000004 => 'NET_SFTP_OPEN_APPEND',
+ 0x00000008 => 'NET_SFTP_OPEN_CREATE',
+ 0x00000010 => 'NET_SFTP_OPEN_TRUNCATE'
+ );
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2
+ // see Net_SFTP::_parseLongname() for an explanation
+ $this->file_types = array(
+ 1 => 'NET_SFTP_TYPE_REGULAR',
+ 2 => 'NET_SFTP_TYPE_DIRECTORY',
+ 3 => 'NET_SFTP_TYPE_SYMLINK',
+ 4 => 'NET_SFTP_TYPE_SPECIAL'
+ );
+ $this->_define_array(
+ $this->packet_types,
+ $this->status_codes,
+ $this->attributes,
+ $this->open_flags,
+ $this->file_types
+ );
+ }
+
+ /**
+ * Login
+ *
+ * @param String $username
+ * @param optional String $password
+ * @return Boolean
+ * @access public
+ */
+ function login($username, $password = '')
+ {
+ if (!parent::login($username, $password)) {
+ return false;
+ }
+
+ $this->window_size_client_to_server[NET_SFTP_CHANNEL] = $this->window_size;
+
+ $packet = pack('CNa*N3',
+ NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SFTP_CHANNEL, $this->window_size, 0x4000);
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_OPEN;
+
+ $response = $this->_get_channel_packet(NET_SFTP_CHANNEL);
+ if ($response === false) {
+ return false;
+ }
+
+ $packet = pack('CNNa*CNa*',
+ NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SFTP_CHANNEL], strlen('subsystem'), 'subsystem', 1, strlen('sftp'), 'sftp');
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_REQUEST;
+
+ $response = $this->_get_channel_packet(NET_SFTP_CHANNEL);
+ if ($response === false) {
+ return false;
+ }
+
+ $this->channel_status[NET_SFTP_CHANNEL] = NET_SSH2_MSG_CHANNEL_DATA;
+
+ if (!$this->_send_sftp_packet(NET_SFTP_INIT, "\0\0\0\3")) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_VERSION) {
+ user_error('Expected SSH_FXP_VERSION');
+ return false;
+ }
+
+ extract(unpack('Nversion', $this->_string_shift($response, 4)));
+ $this->version = $version;
+ while (!empty($response)) {
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $key = $this->_string_shift($response, $length);
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $value = $this->_string_shift($response, $length);
+ $this->extensions[$key] = $value;
+ }
+
+ /*
+ SFTPv4+ defines a 'newline' extension. SFTPv3 seems to have unofficial support for it via 'newline@vandyke.com',
+ however, I'm not sure what 'newline@vandyke.com' is supposed to do (the fact that it's unofficial means that it's
+ not in the official SFTPv3 specs) and 'newline@vandyke.com' / 'newline' are likely not drop-in substitutes for
+ one another due to the fact that 'newline' comes with a SSH_FXF_TEXT bitmask whereas it seems unlikely that
+ 'newline@vandyke.com' would.
+ */
+ /*
+ if (isset($this->extensions['newline@vandyke.com'])) {
+ $this->extensions['newline'] = $this->extensions['newline@vandyke.com'];
+ unset($this->extensions['newline@vandyke.com']);
+ }
+ */
+
+ $this->request_id = 1;
+
+ /*
+ A Note on SFTPv4/5/6 support:
+ <http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.1> states the following:
+
+ "If the client wishes to interoperate with servers that support noncontiguous version
+ numbers it SHOULD send '3'"
+
+ Given that the server only sends its version number after the client has already done so, the above
+ seems to be suggesting that v3 should be the default version. This makes sense given that v3 is the
+ most popular.
+
+ <http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-5.5> states the following;
+
+ "If the server did not send the "versions" extension, or the version-from-list was not included, the
+ server MAY send a status response describing the failure, but MUST then close the channel without
+ processing any further requests."
+
+ So what do you do if you have a client whose initial SSH_FXP_INIT packet says it implements v3 and
+ a server whose initial SSH_FXP_VERSION reply says it implements v4 and only v4? If it only implements
+ v4, the "versions" extension is likely not going to have been sent so version re-negotiation as discussed
+ in draft-ietf-secsh-filexfer-13 would be quite impossible. As such, what Net_SFTP would do is close the
+ channel and reopen it with a new and updated SSH_FXP_INIT packet.
+ */
+ switch ($this->version) {
+ case 2:
+ case 3:
+ break;
+ default:
+ return false;
+ }
+
+ $this->pwd = $this->_realpath('.', false);
+
+ $this->_save_dir($this->pwd);
+
+ return true;
+ }
+
+ /**
+ * Returns the current directory name
+ *
+ * @return Mixed
+ * @access public
+ */
+ function pwd()
+ {
+ return $this->pwd;
+ }
+
+ /**
+ * Logs errors
+ *
+ * @param String $response
+ * @param optional Integer $status
+ * @access public
+ */
+ function _logError($response, $status = -1) {
+ if ($status == -1) {
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ }
+
+ $error = $this->status_codes[$status];
+
+ if ($this->version > 2) {
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->sftp_errors[] = $error . ': ' . $this->_string_shift($response, $length);
+ } else {
+ $this->sftp_errors[] = $error;
+ }
+ }
+
+ /**
+ * Canonicalize the Server-Side Path Name
+ *
+ * SFTP doesn't provide a mechanism by which the current working directory can be changed, so we'll emulate it. Returns
+ * the absolute (canonicalized) path.
+ *
+ * @see Net_SFTP::chdir()
+ * @param String $dir
+ * @return Mixed
+ * @access private
+ */
+ function _realpath($dir, $check_dir = true)
+ {
+ if ($check_dir && $this->_is_dir($dir)) {
+ return true;
+ }
+
+ /*
+ "This protocol represents file names as strings. File names are
+ assumed to use the slash ('/') character as a directory separator.
+
+ File names starting with a slash are "absolute", and are relative to
+ the root of the file system. Names starting with any other character
+ are relative to the user's default directory (home directory). Note
+ that identifying the user is assumed to take place outside of this
+ protocol."
+
+ -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-6
+ */
+ $file = '';
+ if ($this->pwd !== false) {
+ // if the SFTP server returned the canonicalized path even for non-existant files this wouldn't be necessary
+ // on OpenSSH it isn't necessary but on other SFTP servers it is. that and since the specs say nothing on
+ // the subject, we'll go ahead and work around it with the following.
+ if (empty($dir) || $dir[strlen($dir) - 1] != '/') {
+ $file = basename($dir);
+ $dir = dirname($dir);
+ }
+
+ $dir = $dir[0] == '/' ? '/' . rtrim(substr($dir, 1), '/') : rtrim($dir, '/');
+
+ if ($dir == '.' || $dir == $this->pwd) {
+ $temp = $this->pwd;
+ if (!empty($file)) {
+ $temp.= '/' . $file;
+ }
+ return $temp;
+ }
+
+ if ($dir[0] != '/') {
+ $dir = $this->pwd . '/' . $dir;
+ }
+ // on the surface it seems like maybe resolving a path beginning with / is unnecessary, but such paths
+ // can contain .'s and ..'s just like any other. we could parse those out as appropriate or we can let
+ // the server do it. we'll do the latter.
+ }
+
+ /*
+ that SSH_FXP_REALPATH returns SSH_FXP_NAME does not necessarily mean that anything actually exists at the
+ specified path. generally speaking, no attributes are returned with this particular SSH_FXP_NAME packet
+ regardless of whether or not a file actually exists. and in SFTPv3, the longname field and the filename
+ field match for this particular SSH_FXP_NAME packet. for other SSH_FXP_NAME packets, this will likely
+ not be the case, but for this one, it is.
+ */
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.9
+ if (!$this->_send_sftp_packet(NET_SFTP_REALPATH, pack('Na*', strlen($dir), $dir))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_NAME:
+ // although SSH_FXP_NAME is implemented differently in SFTPv3 than it is in SFTPv4+, the following
+ // should work on all SFTP versions since the only part of the SSH_FXP_NAME packet the following looks
+ // at is the first part and that part is defined the same in SFTP versions 3 through 6.
+ $this->_string_shift($response, 4); // skip over the count - it should be 1, anyway
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $realpath = $this->_string_shift($response, $length);
+ // the following is SFTPv3 only code. see Net_SFTP::_parseLongname() for more information.
+ // per the above comment, this is a shot in the dark that, on most servers, won't help us in determining
+ // the file type for Net_SFTP::stat() and Net_SFTP::lstat() but it's worth a shot.
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->fileType = $this->_parseLongname($this->_string_shift($response, $length));
+ break;
+ case NET_SFTP_STATUS:
+ $this->_logError($response);
+ return false;
+ default:
+ user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
+ return false;
+ }
+
+ // if $this->pwd isn't set than the only thing $realpath could be is for '.', which is pretty much guaranteed to
+ // be a bonafide directory
+ if (!empty($file)) {
+ $realpath.= '/' . $file;
+ }
+
+ return $realpath;
+ }
+
+ /**
+ * Changes the current directory
+ *
+ * @param String $dir
+ * @return Boolean
+ * @access public
+ */
+ function chdir($dir)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ if ($dir[strlen($dir) - 1] != '/') {
+ $dir.= '/';
+ }
+
+ // confirm that $dir is, in fact, a valid directory
+ if ($this->_is_dir($dir)) {
+ $this->pwd = $dir;
+ return true;
+ }
+
+ $dir = $this->_realpath($dir, false);
+
+ if ($this->_is_dir($dir)) {
+ $this->pwd = $dir;
+ return true;
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) {
+ return false;
+ }
+
+ // see Net_SFTP::nlist() for a more thorough explanation of the following
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_HANDLE:
+ $handle = substr($response, 4);
+ break;
+ case NET_SFTP_STATUS:
+ $this->_logError($response);
+ return false;
+ default:
+ user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
+ return false;
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ $this->_save_dir($dir);
+
+ $this->pwd = $dir;
+ return true;
+ }
+
+ /**
+ * Returns a list of files in the given directory
+ *
+ * @param optional String $dir
+ * @return Mixed
+ * @access public
+ */
+ function nlist($dir = '.')
+ {
+ return $this->_list($dir, false);
+ }
+
+ /**
+ * Returns a detailed list of files in the given directory
+ *
+ * @param optional String $dir
+ * @return Mixed
+ * @access public
+ */
+ function rawlist($dir = '.')
+ {
+ return $this->_list($dir, true);
+ }
+
+ /**
+ * Reads a list, be it detailed or not, of files in the given directory
+ *
+ * $realpath exists because, in the case of the recursive deletes and recursive chmod's $realpath has already
+ * been calculated.
+ *
+ * @param String $dir
+ * @param optional Boolean $raw
+ * @param optional Boolean $realpath
+ * @return Mixed
+ * @access private
+ */
+ function _list($dir, $raw = true, $realpath = true)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $dir = $this->_realpath($dir . '/');
+ if ($dir === false) {
+ return false;
+ }
+
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.2
+ if (!$this->_send_sftp_packet(NET_SFTP_OPENDIR, pack('Na*', strlen($dir), $dir))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_HANDLE:
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-9.2
+ // since 'handle' is the last field in the SSH_FXP_HANDLE packet, we'll just remove the first four bytes that
+ // represent the length of the string and leave it at that
+ $handle = substr($response, 4);
+ break;
+ case NET_SFTP_STATUS:
+ // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
+ $this->_logError($response);
+ return false;
+ default:
+ user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
+ return false;
+ }
+
+ $this->_save_dir($dir);
+
+ $contents = array();
+ while (true) {
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.2
+ // why multiple SSH_FXP_READDIR packets would be sent when the response to a single one can span arbitrarily many
+ // SSH_MSG_CHANNEL_DATA messages is not known to me.
+ if (!$this->_send_sftp_packet(NET_SFTP_READDIR, pack('Na*', strlen($handle), $handle))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_NAME:
+ extract(unpack('Ncount', $this->_string_shift($response, 4)));
+ for ($i = 0; $i < $count; $i++) {
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $shortname = $this->_string_shift($response, $length);
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $longname = $this->_string_shift($response, $length);
+ $attributes = $this->_parseAttributes($response); // we also don't care about the attributes
+ if (!$raw) {
+ $contents[] = $shortname;
+ } else {
+ $contents[$shortname] = $attributes;
+ $fileType = $this->_parseLongname($longname);
+ if ($fileType) {
+ if ($fileType == NET_SFTP_TYPE_DIRECTORY && ($shortname != '.' && $shortname != '..')) {
+ $this->_save_dir($dir . '/' . $shortname);
+ }
+ $contents[$shortname]['type'] = $fileType;
+ }
+ }
+ // SFTPv6 has an optional boolean end-of-list field, but we'll ignore that, since the
+ // final SSH_FXP_STATUS packet should tell us that, already.
+ }
+ break;
+ case NET_SFTP_STATUS:
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_EOF) {
+ $this->_logError($response, $status);
+ return false;
+ }
+ break 2;
+ default:
+ user_error('Expected SSH_FXP_NAME or SSH_FXP_STATUS');
+ return false;
+ }
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
+ return false;
+ }
+
+ // "The client MUST release all resources associated with the handle regardless of the status."
+ // -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.1.3
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ return $contents;
+ }
+
+ /**
+ * Returns the file size, in bytes, or false, on failure
+ *
+ * Files larger than 4GB will show up as being exactly 4GB.
+ *
+ * @param String $filename
+ * @return Mixed
+ * @access public
+ */
+ function size($filename)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $filename = $this->_realpath($filename);
+ if ($filename === false) {
+ return false;
+ }
+
+ return $this->_size($filename);
+ }
+
+ /**
+ * Save directories to cache
+ *
+ * @param String $dir
+ * @access private
+ */
+ function _save_dir($dir)
+ {
+ // preg_replace('#^/|/(?=/)|/$#', '', $dir) == str_replace('//', '/', trim($dir, '/'))
+ $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir));
+
+ $temp = &$this->dirs;
+ foreach ($dirs as $dir) {
+ if (!isset($temp[$dir])) {
+ $temp[$dir] = array();
+ }
+ $temp = &$temp[$dir];
+ }
+ }
+
+ /**
+ * Remove directories from cache
+ *
+ * @param String $dir
+ * @access private
+ */
+ function _remove_dir($dir)
+ {
+ $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir));
+
+ $temp = &$this->dirs;
+ foreach ($dirs as $dir) {
+ if ($dir == end($dirs)) {
+ unset($temp[$dir]);
+ return true;
+ }
+ if (!isset($temp[$dir])) {
+ return false;
+ }
+ $temp = &$temp[$dir];
+ }
+ }
+
+ /**
+ * Checks cache for directory
+ *
+ * @param String $dir
+ * @access private
+ */
+ function _is_dir($dir)
+ {
+ $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir));
+
+ $temp = &$this->dirs;
+ foreach ($dirs as $dir) {
+ if (!isset($temp[$dir])) {
+ return false;
+ }
+ $temp = &$temp[$dir];
+ }
+ }
+
+ /**
+ * Returns general information about a file.
+ *
+ * Returns an array on success and false otherwise.
+ *
+ * @param String $filename
+ * @return Mixed
+ * @access public
+ */
+ function stat($filename)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $filename = $this->_realpath($filename);
+ if ($filename === false) {
+ return false;
+ }
+
+ $stat = $this->_stat($filename, NET_SFTP_STAT);
+ if ($stat === false) {
+ return false;
+ }
+
+ $pwd = $this->pwd;
+ $stat['type'] = $this->chdir($filename) ?
+ NET_SFTP_TYPE_DIRECTORY :
+ NET_SFTP_TYPE_REGULAR;
+ $this->pwd = $pwd;
+
+ return $stat;
+ }
+
+ /**
+ * Returns general information about a file or symbolic link.
+ *
+ * Returns an array on success and false otherwise.
+ *
+ * @param String $filename
+ * @return Mixed
+ * @access public
+ */
+ function lstat($filename)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $filename = $this->_realpath($filename);
+ if ($filename === false) {
+ return false;
+ }
+
+ $lstat = $this->_stat($filename, NET_SFTP_LSTAT);
+ $stat = $this->_stat($filename, NET_SFTP_STAT);
+ if ($stat === false) {
+ return false;
+ }
+
+ if ($lstat != $stat) {
+ return array_merge($lstat, array('type' => NET_SFTP_TYPE_SYMLINK));
+ }
+
+ $pwd = $this->pwd;
+ $lstat['type'] = $this->chdir($filename) ?
+ NET_SFTP_TYPE_DIRECTORY :
+ NET_SFTP_TYPE_REGULAR;
+ $this->pwd = $pwd;
+
+ return $lstat;
+ }
+
+ /**
+ * Returns general information about a file or symbolic link
+ *
+ * Determines information without calling Net_SFTP::_realpath().
+ * The second parameter can be either NET_SFTP_STAT or NET_SFTP_LSTAT.
+ *
+ * @param String $filename
+ * @param Integer $type
+ * @return Mixed
+ * @access private
+ */
+ function _stat($filename, $type)
+ {
+ // SFTPv4+ adds an additional 32-bit integer field - flags - to the following:
+ $packet = pack('Na*', strlen($filename), $filename);
+ if (!$this->_send_sftp_packet($type, $packet)) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_ATTRS:
+ $attributes = $this->_parseAttributes($response);
+ if ($this->fileType) {
+ $attributes['type'] = $this->fileType;
+ }
+ return $attributes;
+ case NET_SFTP_STATUS:
+ $this->_logError($response);
+ return false;
+ }
+
+ user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS');
+ return false;
+ }
+
+ /**
+ * Attempt to identify the file type
+ *
+ * @param String $path
+ * @param Array $stat
+ * @param Array $lstat
+ * @return Integer
+ * @access private
+ */
+ function _identify_type($path, $stat1, $stat2)
+ {
+ $stat1 = $this->_stat($path, $stat1);
+ $stat2 = $this->_stat($path, $stat2);
+
+ if ($stat1 != $stat2) {
+ return array_merge($stat1, array('type' => NET_SFTP_TYPE_SYMLINK));
+ }
+
+ $pwd = $this->pwd;
+ $stat1['type'] = $this->chdir($path) ?
+ NET_SFTP_TYPE_DIRECTORY :
+ NET_SFTP_TYPE_REGULAR;
+ $this->pwd = $pwd;
+
+ return $stat1;
+ }
+
+ /**
+ * Returns the file size, in bytes, or false, on failure
+ *
+ * Determines the size without calling Net_SFTP::_realpath()
+ *
+ * @param String $filename
+ * @return Mixed
+ * @access private
+ */
+ function _size($filename)
+ {
+ $result = $this->_stat($filename, NET_SFTP_LSTAT);
+ if ($result === false) {
+ return false;
+ }
+ return isset($result['size']) ? $result['size'] : -1;
+ }
+
+ /**
+ * Set permissions on a file.
+ *
+ * Returns the new file permissions on success or FALSE on error.
+ *
+ * @param Integer $mode
+ * @param String $filename
+ * @return Mixed
+ * @access public
+ */
+ function chmod($mode, $filename, $recursive = false)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $filename = $this->_realpath($filename);
+ if ($filename === false) {
+ return false;
+ }
+
+ if ($recursive) {
+ $i = 0;
+ $result = $this->_chmod_recursive($mode, $filename, $i);
+ $this->_read_put_responses($i);
+ return $result;
+ }
+
+ // SFTPv4+ has an additional byte field - type - that would need to be sent, as well. setting it to
+ // SSH_FILEXFER_TYPE_UNKNOWN might work. if not, we'd have to do an SSH_FXP_STAT before doing an SSH_FXP_SETSTAT.
+ $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777);
+ if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($filename), $filename, $attr))) {
+ return false;
+ }
+
+ /*
+ "Because some systems must use separate system calls to set various attributes, it is possible that a failure
+ response will be returned, but yet some of the attributes may be have been successfully modified. If possible,
+ servers SHOULD avoid this situation; however, clients MUST be aware that this is possible."
+
+ -- http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.6
+ */
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ }
+
+ // rather than return what the permissions *should* be, we'll return what they actually are. this will also
+ // tell us if the file actually exists.
+ // incidentally, SFTPv4+ adds an additional 32-bit integer field - flags - to the following:
+ $packet = pack('Na*', strlen($filename), $filename);
+ if (!$this->_send_sftp_packet(NET_SFTP_STAT, $packet)) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_ATTRS:
+ $attrs = $this->_parseAttributes($response);
+ return $attrs['permissions'];
+ case NET_SFTP_STATUS:
+ $this->_logError($response);
+ return false;
+ }
+
+ user_error('Expected SSH_FXP_ATTRS or SSH_FXP_STATUS');
+ return false;
+ }
+
+ /**
+ * Recursively chmods directories on the SFTP server
+ *
+ * Minimizes directory lookups and SSH_FXP_STATUS requests for speed.
+ *
+ * @param Integer $mode
+ * @param String $filename
+ * @return Boolean
+ * @access private
+ */
+ function _chmod_recursive($mode, $path, &$i)
+ {
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+ $i = 0;
+ $entries = $this->_list($path, true, false);
+
+ if ($entries === false) {
+ return $this->chmod($mode, $path);
+ }
+
+ // normally $entries would have at least . and .. but it might not if the directories
+ // permissions didn't allow reading
+ if (empty($entries)) {
+ return false;
+ }
+
+ foreach ($entries as $filename=>$props) {
+ if ($filename == '.' || $filename == '..') {
+ continue;
+ }
+
+ if (!isset($props['type'])) {
+ return false;
+ }
+
+ $temp = $path . '/' . $filename;
+ if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) {
+ if (!$this->_chmod_recursive($mode, $temp, $i)) {
+ return false;
+ }
+ } else {
+ $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777);
+ if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($temp), $temp, $attr))) {
+ return false;
+ }
+
+ $i++;
+
+ if ($i >= 50) {
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+ $i = 0;
+ }
+ }
+ }
+
+ $attr = pack('N2', NET_SFTP_ATTR_PERMISSIONS, $mode & 07777);
+ if (!$this->_send_sftp_packet(NET_SFTP_SETSTAT, pack('Na*a*', strlen($path), $path, $attr))) {
+ return false;
+ }
+
+ $i++;
+
+ if ($i >= 50) {
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+ $i = 0;
+ }
+
+ return true;
+ }
+
+ /**
+ * Creates a directory.
+ *
+ * @param String $dir
+ * @return Boolean
+ * @access public
+ */
+ function mkdir($dir)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ if ($dir[0] != '/') {
+ $dir = $this->_realpath(rtrim($dir, '/'));
+ if ($dir === false) {
+ return false;
+ }
+ if (!$this->_mkdir_helper($dir)) {
+ return false;
+ }
+ } else {
+ $dirs = explode('/', preg_replace('#^/|/(?=/)|/$#', '', $dir));
+ $temp = '';
+ foreach ($dirs as $dir) {
+ $temp.= '/' . $dir;
+ $result = $this->_mkdir_helper($temp);
+ }
+ if (!$result) {
+ return false;
+ }
+ }
+
+ return true;
+ }
+
+ /**
+ * Helper function for directory creation
+ *
+ * @param String $dir
+ * @return Boolean
+ * @access private
+ */
+ function _mkdir_helper($dir)
+ {
+ // by not providing any permissions, hopefully the server will use the logged in users umask - their
+ // default permissions.
+ if (!$this->_send_sftp_packet(NET_SFTP_MKDIR, pack('Na*N', strlen($dir), $dir, 0))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ $this->_save_dir($dir);
+
+ return true;
+ }
+
+ /**
+ * Removes a directory.
+ *
+ * @param String $dir
+ * @return Boolean
+ * @access public
+ */
+ function rmdir($dir)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $dir = $this->_realpath($dir);
+ if ($dir === false) {
+ return false;
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($dir), $dir))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED?
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ $this->_remove_dir($dir);
+
+ return true;
+ }
+
+ /**
+ * Uploads a file to the SFTP server.
+ *
+ * By default, Net_SFTP::put() does not read from the local filesystem. $data is dumped directly into $remote_file.
+ * So, for example, if you set $data to 'filename.ext' and then do Net_SFTP::get(), you will get a file, twelve bytes
+ * long, containing 'filename.ext' as its contents.
+ *
+ * Setting $mode to NET_SFTP_LOCAL_FILE will change the above behavior. With NET_SFTP_LOCAL_FILE, $remote_file will
+ * contain as many bytes as filename.ext does on your local filesystem. If your filename.ext is 1MB then that is how
+ * large $remote_file will be, as well.
+ *
+ * Currently, only binary mode is supported. As such, if the line endings need to be adjusted, you will need to take
+ * care of that, yourself.
+ *
+ * @param String $remote_file
+ * @param String $data
+ * @param optional Integer $mode
+ * @return Boolean
+ * @access public
+ * @internal ASCII mode for SFTPv4/5/6 can be supported by adding a new function - Net_SFTP::setMode().
+ */
+ function put($remote_file, $data, $mode = NET_SFTP_STRING)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $remote_file = $this->_realpath($remote_file);
+ if ($remote_file === false) {
+ return false;
+ }
+
+ $flags = NET_SFTP_OPEN_WRITE | NET_SFTP_OPEN_CREATE;
+ // according to the SFTP specs, NET_SFTP_OPEN_APPEND should "force all writes to append data at the end of the file."
+ // in practice, it doesn't seem to do that.
+ //$flags|= ($mode & NET_SFTP_RESUME) ? NET_SFTP_OPEN_APPEND : NET_SFTP_OPEN_TRUNCATE;
+
+ // if NET_SFTP_OPEN_APPEND worked as it should the following (up until the -----------) wouldn't be necessary
+ $offset = 0;
+ if ($mode & NET_SFTP_RESUME) {
+ $size = $this->_size($remote_file);
+ $offset = $size !== false ? $size : 0;
+ } else {
+ $flags|= NET_SFTP_OPEN_TRUNCATE;
+ }
+ // --------------
+
+ $packet = pack('Na*N2', strlen($remote_file), $remote_file, $flags, 0);
+ if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_HANDLE:
+ $handle = substr($response, 4);
+ break;
+ case NET_SFTP_STATUS:
+ $this->_logError($response);
+ return false;
+ default:
+ user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
+ return false;
+ }
+
+ $initialize = true;
+
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.2.3
+ if ($mode & NET_SFTP_LOCAL_FILE) {
+ if (!is_file($data)) {
+ user_error("$data is not a valid file");
+ return false;
+ }
+ $fp = @fopen($data, 'rb');
+ if (!$fp) {
+ return false;
+ }
+ $size = filesize($data);
+ } else {
+ $size = strlen($data);
+ }
+
+ $sent = 0;
+ $size = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
+
+ $sftp_packet_size = 4096; // PuTTY uses 4096
+ $i = 0;
+ while ($sent < $size) {
+ $temp = $mode & NET_SFTP_LOCAL_FILE ? fread($fp, $sftp_packet_size) : $this->_string_shift($data, $sftp_packet_size);
+ $packet = pack('Na*N3a*', strlen($handle), $handle, 0, $offset + $sent, strlen($temp), $temp);
+ if (!$this->_send_sftp_packet(NET_SFTP_WRITE, $packet)) {
+ fclose($fp);
+ return false;
+ }
+ $sent+= strlen($temp);
+
+ $i++;
+
+ if ($i == 50) {
+ if (!$this->_read_put_responses($i)) {
+ $i = 0;
+ break;
+ }
+ $i = 0;
+ }
+ }
+
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+
+ if ($mode & NET_SFTP_LOCAL_FILE) {
+ fclose($fp);
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Reads multiple successive SSH_FXP_WRITE responses
+ *
+ * Sending an SSH_FXP_WRITE packet and immediately reading its response isn't as efficient as blindly sending out $i
+ * SSH_FXP_WRITEs, in succession, and then reading $i responses.
+ *
+ * @param Integer $i
+ * @return Boolean
+ * @access private
+ */
+ function _read_put_responses($i)
+ {
+ while ($i--) {
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ break;
+ }
+ }
+
+ return $i < 0;
+ }
+
+ /**
+ * Downloads a file from the SFTP server.
+ *
+ * Returns a string containing the contents of $remote_file if $local_file is left undefined or a boolean false if
+ * the operation was unsuccessful. If $local_file is defined, returns true or false depending on the success of the
+ * operation
+ *
+ * @param String $remote_file
+ * @param optional String $local_file
+ * @return Mixed
+ * @access public
+ */
+ function get($remote_file, $local_file = false, $offset = 0, $length = -1)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $remote_file = $this->_realpath($remote_file);
+ if ($remote_file === false) {
+ return false;
+ }
+
+ $packet = pack('Na*N2', strlen($remote_file), $remote_file, NET_SFTP_OPEN_READ, 0);
+ if (!$this->_send_sftp_packet(NET_SFTP_OPEN, $packet)) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_HANDLE:
+ $handle = substr($response, 4);
+ break;
+ case NET_SFTP_STATUS: // presumably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
+ $this->_logError($response);
+ return false;
+ default:
+ user_error('Expected SSH_FXP_HANDLE or SSH_FXP_STATUS');
+ return false;
+ }
+
+ if ($local_file !== false) {
+ $fp = fopen($local_file, 'wb');
+ if (!$fp) {
+ return false;
+ }
+ } else {
+ $content = '';
+ }
+
+ $size = (1 << 20) < $length || $length < 0 ? 1 << 20 : $length;
+ $start = $offset;
+ while (true) {
+ $packet = pack('Na*N3', strlen($handle), $handle, 0, $offset, $size);
+ if (!$this->_send_sftp_packet(NET_SFTP_READ, $packet)) {
+ if ($local_file !== false) {
+ fclose($fp);
+ }
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ switch ($this->packet_type) {
+ case NET_SFTP_DATA:
+ $temp = substr($response, 4);
+ $offset+= strlen($temp);
+ if ($local_file === false) {
+ $content.= $temp;
+ } else {
+ fputs($fp, $temp);
+ }
+ break;
+ case NET_SFTP_STATUS:
+ $this->_logError($response);
+ break 2;
+ default:
+ user_error('Expected SSH_FXP_DATA or SSH_FXP_STATUS');
+ if ($local_file !== false) {
+ fclose($fp);
+ }
+ return false;
+ }
+
+ if ($length > 0 && $length <= $offset - $size) {
+ if ($local_file === false) {
+ $content = substr($content, 0, $length);
+ } else {
+ ftruncate($fp, $length);
+ }
+ break;
+ }
+ }
+
+ if ($local_file !== false) {
+ fclose($fp);
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_CLOSE, pack('Na*', strlen($handle), $handle))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ if (isset($content)) {
+ return $content;
+ }
+
+ return true;
+ }
+
+ /**
+ * Deletes a file on the SFTP server.
+ *
+ * @param String $path
+ * @param Boolean $recursive
+ * @return Boolean
+ * @access public
+ */
+ function delete($path, $recursive = true)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $path = $this->_realpath($path);
+ if ($path === false) {
+ return false;
+ }
+
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
+ if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($path), $path))) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ if (!$recursive) {
+ return false;
+ }
+ $i = 0;
+ $result = $this->_delete_recursive($path, $i);
+ $this->_read_put_responses($i);
+ return $result;
+ }
+
+ return true;
+ }
+
+ /**
+ * Recursively deletes directories on the SFTP server
+ *
+ * Minimizes directory lookups and SSH_FXP_STATUS requests for speed.
+ *
+ * @param String $path
+ * @param Integer $i
+ * @return Boolean
+ * @access private
+ */
+ function _delete_recursive($path, &$i)
+ {
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+ $i = 0;
+ $entries = $this->_list($path, true, false);
+
+ // normally $entries would have at least . and .. but it might not if the directories
+ // permissions didn't allow reading
+ if (empty($entries)) {
+ return false;
+ }
+
+ foreach ($entries as $filename=>$props) {
+ if ($filename == '.' || $filename == '..') {
+ continue;
+ }
+
+ if (!isset($props['type'])) {
+ return false;
+ }
+
+ $temp = $path . '/' . $filename;
+ if ($props['type'] == NET_SFTP_TYPE_DIRECTORY) {
+ if (!$this->_delete_recursive($temp, $i)) {
+ return false;
+ }
+ } else {
+ if (!$this->_send_sftp_packet(NET_SFTP_REMOVE, pack('Na*', strlen($temp), $temp))) {
+ return false;
+ }
+
+ $i++;
+
+ if ($i >= 50) {
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+ $i = 0;
+ }
+ }
+ }
+
+ if (!$this->_send_sftp_packet(NET_SFTP_RMDIR, pack('Na*', strlen($path), $path))) {
+ return false;
+ }
+ $this->_remove_dir($path);
+
+ $i++;
+
+ if ($i >= 50) {
+ if (!$this->_read_put_responses($i)) {
+ return false;
+ }
+ $i = 0;
+ }
+
+ return true;
+ }
+
+ /**
+ * Renames a file or a directory on the SFTP server
+ *
+ * @param String $oldname
+ * @param String $newname
+ * @return Boolean
+ * @access public
+ */
+ function rename($oldname, $newname)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ $oldname = $this->_realpath($oldname);
+ $newname = $this->_realpath($newname);
+ if ($oldname === false || $newname === false) {
+ return false;
+ }
+
+ // http://tools.ietf.org/html/draft-ietf-secsh-filexfer-13#section-8.3
+ $packet = pack('Na*Na*', strlen($oldname), $oldname, strlen($newname), $newname);
+ if (!$this->_send_sftp_packet(NET_SFTP_RENAME, $packet)) {
+ return false;
+ }
+
+ $response = $this->_get_sftp_packet();
+ if ($this->packet_type != NET_SFTP_STATUS) {
+ user_error('Expected SSH_FXP_STATUS');
+ return false;
+ }
+
+ // if $status isn't SSH_FX_OK it's probably SSH_FX_NO_SUCH_FILE or SSH_FX_PERMISSION_DENIED
+ extract(unpack('Nstatus', $this->_string_shift($response, 4)));
+ if ($status != NET_SFTP_STATUS_OK) {
+ $this->_logError($response, $status);
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Parse Attributes
+ *
+ * See '7. File Attributes' of draft-ietf-secsh-filexfer-13 for more info.
+ *
+ * @param String $response
+ * @return Array
+ * @access private
+ */
+ function _parseAttributes(&$response)
+ {
+ $attr = array();
+ extract(unpack('Nflags', $this->_string_shift($response, 4)));
+ // SFTPv4+ have a type field (a byte) that follows the above flag field
+ foreach ($this->attributes as $key => $value) {
+ switch ($flags & $key) {
+ case NET_SFTP_ATTR_SIZE: // 0x00000001
+ // size is represented by a 64-bit integer, so we perhaps ought to be doing the following:
+ // $attr['size'] = new Math_BigInteger($this->_string_shift($response, 8), 256);
+ // of course, you shouldn't be using Net_SFTP to transfer files that are in excess of 4GB
+ // (0xFFFFFFFF bytes), anyway. as such, we'll just represent all file sizes that are bigger than
+ // 4GB as being 4GB.
+ extract(unpack('Nupper/Nsize', $this->_string_shift($response, 8)));
+ if ($upper) {
+ $attr['size'] = 0xFFFFFFFF;
+ } else {
+ $attr['size'] = $size < 0 ? ($size & 0x7FFFFFFF) + 0x80000000 : $size;
+ }
+ break;
+ case NET_SFTP_ATTR_UIDGID: // 0x00000002 (SFTPv3 only)
+ $attr+= unpack('Nuid/Ngid', $this->_string_shift($response, 8));
+ break;
+ case NET_SFTP_ATTR_PERMISSIONS: // 0x00000004
+ $attr+= unpack('Npermissions', $this->_string_shift($response, 4));
+ break;
+ case NET_SFTP_ATTR_ACCESSTIME: // 0x00000008
+ $attr+= unpack('Natime/Nmtime', $this->_string_shift($response, 8));
+ break;
+ case NET_SFTP_ATTR_EXTENDED: // 0x80000000
+ extract(unpack('Ncount', $this->_string_shift($response, 4)));
+ for ($i = 0; $i < $count; $i++) {
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $key = $this->_string_shift($response, $length);
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $attr[$key] = $this->_string_shift($response, $length);
+ }
+ }
+ }
+ return $attr;
+ }
+
+ /**
+ * Parse Longname
+ *
+ * SFTPv3 doesn't provide any easy way of identifying a file type. You could try to open
+ * a file as a directory and see if an error is returned or you could try to parse the
+ * SFTPv3-specific longname field of the SSH_FXP_NAME packet. That's what this function does.
+ * The result is returned using the
+ * {@link http://tools.ietf.org/html/draft-ietf-secsh-filexfer-04#section-5.2 SFTPv4 type constants}.
+ *
+ * If the longname is in an unrecognized format bool(false) is returned.
+ *
+ * @param String $longname
+ * @return Mixed
+ * @access private
+ */
+ function _parseLongname($longname)
+ {
+ // http://en.wikipedia.org/wiki/Unix_file_types
+ // http://en.wikipedia.org/wiki/Filesystem_permissions#Notation_of_traditional_Unix_permissions
+ if (preg_match('#^[^/]([r-][w-][xstST-]){3}#', $longname)) {
+ switch ($longname[0]) {
+ case '-':
+ return NET_SFTP_TYPE_REGULAR;
+ case 'd':
+ return NET_SFTP_TYPE_DIRECTORY;
+ case 'l':
+ return NET_SFTP_TYPE_SYMLINK;
+ default:
+ return NET_SFTP_TYPE_SPECIAL;
+ }
+ }
+
+ return false;
+ }
+
+ /**
+ * Sends SFTP Packets
+ *
+ * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info.
+ *
+ * @param Integer $type
+ * @param String $data
+ * @see Net_SFTP::_get_sftp_packet()
+ * @see Net_SSH2::_send_channel_packet()
+ * @return Boolean
+ * @access private
+ */
+ function _send_sftp_packet($type, $data)
+ {
+ $packet = $this->request_id !== false ?
+ pack('NCNa*', strlen($data) + 5, $type, $this->request_id, $data) :
+ pack('NCa*', strlen($data) + 1, $type, $data);
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $result = $this->_send_channel_packet(NET_SFTP_CHANNEL, $packet);
+ $stop = strtok(microtime(), ' ') + strtok('');
+
+ if (defined('NET_SFTP_LOGGING')) {
+ $packet_type = '-> ' . $this->packet_types[$type] .
+ ' (' . round($stop - $start, 4) . 's)';
+ if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) {
+ echo "<pre>\r\n" . $this->_format_log(array($data), array($packet_type)) . "\r\n</pre>\r\n";
+ flush();
+ ob_flush();
+ } else {
+ $this->packet_type_log[] = $packet_type;
+ if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) {
+ $this->packet_log[] = $data;
+ }
+ }
+ }
+
+ return $result;
+ }
+
+ /**
+ * Receives SFTP Packets
+ *
+ * See '6. General Packet Format' of draft-ietf-secsh-filexfer-13 for more info.
+ *
+ * Incidentally, the number of SSH_MSG_CHANNEL_DATA messages has no bearing on the number of SFTP packets present.
+ * There can be one SSH_MSG_CHANNEL_DATA messages containing two SFTP packets or there can be two SSH_MSG_CHANNEL_DATA
+ * messages containing one SFTP packet.
+ *
+ * @see Net_SFTP::_send_sftp_packet()
+ * @return String
+ * @access private
+ */
+ function _get_sftp_packet()
+ {
+ $this->curTimeout = false;
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+
+ // SFTP packet length
+ while (strlen($this->packet_buffer) < 4) {
+ $temp = $this->_get_channel_packet(NET_SFTP_CHANNEL);
+ if (is_bool($temp)) {
+ $this->packet_type = false;
+ $this->packet_buffer = '';
+ return false;
+ }
+ $this->packet_buffer.= $temp;
+ }
+ extract(unpack('Nlength', $this->_string_shift($this->packet_buffer, 4)));
+ $tempLength = $length;
+ $tempLength-= strlen($this->packet_buffer);
+
+ // SFTP packet type and data payload
+ while ($tempLength > 0) {
+ $temp = $this->_get_channel_packet(NET_SFTP_CHANNEL);
+ if (is_bool($temp)) {
+ $this->packet_type = false;
+ $this->packet_buffer = '';
+ return false;
+ }
+ $this->packet_buffer.= $temp;
+ $tempLength-= strlen($temp);
+ }
+
+ $stop = strtok(microtime(), ' ') + strtok('');
+
+ $this->packet_type = ord($this->_string_shift($this->packet_buffer));
+
+ if ($this->request_id !== false) {
+ $this->_string_shift($this->packet_buffer, 4); // remove the request id
+ $length-= 5; // account for the request id and the packet type
+ } else {
+ $length-= 1; // account for the packet type
+ }
+
+ $packet = $this->_string_shift($this->packet_buffer, $length);
+
+ if (defined('NET_SFTP_LOGGING')) {
+ $packet_type = '<- ' . $this->packet_types[$this->packet_type] .
+ ' (' . round($stop - $start, 4) . 's)';
+ if (NET_SFTP_LOGGING == NET_SFTP_LOG_REALTIME) {
+ echo "<pre>\r\n" . $this->_format_log(array($packet), array($packet_type)) . "\r\n</pre>\r\n";
+ flush();
+ ob_flush();
+ } else {
+ $this->packet_type_log[] = $packet_type;
+ if (NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX) {
+ $this->packet_log[] = $packet;
+ }
+ }
+ }
+
+ return $packet;
+ }
+
+ /**
+ * Returns a log of the packets that have been sent and received.
+ *
+ * Returns a string if NET_SFTP_LOGGING == NET_SFTP_LOG_COMPLEX, an array if NET_SFTP_LOGGING == NET_SFTP_LOG_SIMPLE and false if !defined('NET_SFTP_LOGGING')
+ *
+ * @access public
+ * @return String or Array
+ */
+ function getSFTPLog()
+ {
+ if (!defined('NET_SFTP_LOGGING')) {
+ return false;
+ }
+
+ switch (NET_SFTP_LOGGING) {
+ case NET_SFTP_LOG_COMPLEX:
+ return $this->_format_log($this->packet_log, $this->packet_type_log);
+ break;
+ //case NET_SFTP_LOG_SIMPLE:
+ default:
+ return $this->packet_type_log;
+ }
+ }
+
+ /**
+ * Returns all errors
+ *
+ * @return String
+ * @access public
+ */
+ function getSFTPErrors()
+ {
+ return $this->sftp_errors;
+ }
+
+ /**
+ * Returns the last error
+ *
+ * @return String
+ * @access public
+ */
+ function getLastSFTPError()
+ {
+ return count($this->sftp_errors) ? $this->sftp_errors[count($this->sftp_errors) - 1] : '';
+ }
+
+ /**
+ * Get supported SFTP versions
+ *
+ * @return Array
+ * @access public
+ */
+ function getSupportedVersions()
+ {
+ $temp = array('version' => $this->version);
+ if (isset($this->extensions['versions'])) {
+ $temp['extensions'] = $this->extensions['versions'];
+ }
+ return $temp;
+ }
+
+ /**
+ * Disconnect
+ *
+ * @param Integer $reason
+ * @return Boolean
+ * @access private
+ */
+ function _disconnect($reason)
+ {
+ $this->pwd = false;
+ parent::_disconnect($reason);
+ }
+} \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH1.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH1.php
new file mode 100644
index 00000000000..8f5c79938e4
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH1.php
@@ -0,0 +1,1577 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of SSHv1.
+ *
+ * PHP versions 4 and 5
+ *
+ * Here's a short example of how to use this library:
+ * <code>
+ * <?php
+ * include('Net/SSH1.php');
+ *
+ * $ssh = new Net_SSH1('www.domain.tld');
+ * if (!$ssh->login('username', 'password')) {
+ * exit('Login Failed');
+ * }
+ *
+ * echo $ssh->exec('ls -la');
+ * ?>
+ * </code>
+ *
+ * Here's another short example:
+ * <code>
+ * <?php
+ * include('Net/SSH1.php');
+ *
+ * $ssh = new Net_SSH1('www.domain.tld');
+ * if (!$ssh->login('username', 'password')) {
+ * exit('Login Failed');
+ * }
+ *
+ * echo $ssh->read('username@username:~$');
+ * $ssh->write("ls -la\n");
+ * echo $ssh->read('username@username:~$');
+ * ?>
+ * </code>
+ *
+ * More information on the SSHv1 specification can be found by reading
+ * {@link http://www.snailbook.com/docs/protocol-1.5.txt protocol-1.5.txt}.
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Net
+ * @package Net_SSH1
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: SSH1.php,v 1.15 2010/03/22 22:01:38 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Math_BigInteger
+ *
+ * Used to do RSA encryption.
+ */
+if (!class_exists('Math_BigInteger')) {
+ require_once('Math/BigInteger.php');
+}
+
+/**
+ * Include Crypt_Null
+ */
+//require_once('Crypt/Null.php');
+
+/**
+ * Include Crypt_DES
+ */
+if (!class_exists('Crypt_DES')) {
+ require_once('Crypt/DES.php');
+}
+
+/**
+ * Include Crypt_TripleDES
+ */
+if (!class_exists('Crypt_TripleDES')) {
+ require_once('Crypt/TripleDES.php');
+}
+
+/**
+ * Include Crypt_RC4
+ */
+if (!class_exists('Crypt_RC4')) {
+ require_once('Crypt/RC4.php');
+}
+
+/**
+ * Include Crypt_Random
+ */
+// the class_exists() will only be called if the crypt_random_string function hasn't been defined and
+// will trigger a call to __autoload() if you're wanting to auto-load classes
+// call function_exists() a second time to stop the require_once from being called outside
+// of the auto loader
+if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
+ require_once('Crypt/Random.php');
+}
+
+/**#@+
+ * Encryption Methods
+ *
+ * @see Net_SSH1::getSupportedCiphers()
+ * @access public
+ */
+/**
+ * No encryption
+ *
+ * Not supported.
+ */
+define('NET_SSH1_CIPHER_NONE', 0);
+/**
+ * IDEA in CFB mode
+ *
+ * Not supported.
+ */
+define('NET_SSH1_CIPHER_IDEA', 1);
+/**
+ * DES in CBC mode
+ */
+define('NET_SSH1_CIPHER_DES', 2);
+/**
+ * Triple-DES in CBC mode
+ *
+ * All implementations are required to support this
+ */
+define('NET_SSH1_CIPHER_3DES', 3);
+/**
+ * TRI's Simple Stream encryption CBC
+ *
+ * Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, does define it (see cipher.h),
+ * although it doesn't use it (see cipher.c)
+ */
+define('NET_SSH1_CIPHER_BROKEN_TSS', 4);
+/**
+ * RC4
+ *
+ * Not supported.
+ *
+ * @internal According to the SSH1 specs:
+ *
+ * "The first 16 bytes of the session key are used as the key for
+ * the server to client direction. The remaining 16 bytes are used
+ * as the key for the client to server direction. This gives
+ * independent 128-bit keys for each direction."
+ *
+ * This library currently only supports encryption when the same key is being used for both directions. This is
+ * because there's only one $crypto object. Two could be added ($encrypt and $decrypt, perhaps).
+ */
+define('NET_SSH1_CIPHER_RC4', 5);
+/**
+ * Blowfish
+ *
+ * Not supported nor is it defined in the official SSH1 specs. OpenSSH, however, defines it (see cipher.h) and
+ * uses it (see cipher.c)
+ */
+define('NET_SSH1_CIPHER_BLOWFISH', 6);
+/**#@-*/
+
+/**#@+
+ * Authentication Methods
+ *
+ * @see Net_SSH1::getSupportedAuthentications()
+ * @access public
+ */
+/**
+ * .rhosts or /etc/hosts.equiv
+ */
+define('NET_SSH1_AUTH_RHOSTS', 1);
+/**
+ * pure RSA authentication
+ */
+define('NET_SSH1_AUTH_RSA', 2);
+/**
+ * password authentication
+ *
+ * This is the only method that is supported by this library.
+ */
+define('NET_SSH1_AUTH_PASSWORD', 3);
+/**
+ * .rhosts with RSA host authentication
+ */
+define('NET_SSH1_AUTH_RHOSTS_RSA', 4);
+/**#@-*/
+
+/**#@+
+ * Terminal Modes
+ *
+ * @link http://3sp.com/content/developer/maverick-net/docs/Maverick.SSH.PseudoTerminalModesMembers.html
+ * @access private
+ */
+define('NET_SSH1_TTY_OP_END', 0);
+/**#@-*/
+
+/**
+ * The Response Type
+ *
+ * @see Net_SSH1::_get_binary_packet()
+ * @access private
+ */
+define('NET_SSH1_RESPONSE_TYPE', 1);
+
+/**
+ * The Response Data
+ *
+ * @see Net_SSH1::_get_binary_packet()
+ * @access private
+ */
+define('NET_SSH1_RESPONSE_DATA', 2);
+
+/**#@+
+ * Execution Bitmap Masks
+ *
+ * @see Net_SSH1::bitmap
+ * @access private
+ */
+define('NET_SSH1_MASK_CONSTRUCTOR', 0x00000001);
+define('NET_SSH1_MASK_LOGIN', 0x00000002);
+define('NET_SSH1_MASK_SHELL', 0x00000004);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Net_SSH1::getLog()
+ */
+/**
+ * Returns the message numbers
+ */
+define('NET_SSH1_LOG_SIMPLE', 1);
+/**
+ * Returns the message content
+ */
+define('NET_SSH1_LOG_COMPLEX', 2);
+/**
+ * Outputs the content real-time
+ */
+define('NET_SSH2_LOG_REALTIME', 3);
+/**
+ * Dumps the content real-time to a file
+ */
+define('NET_SSH2_LOG_REALTIME_FILE', 4);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Net_SSH1::read()
+ */
+/**
+ * Returns when a string matching $expect exactly is found
+ */
+define('NET_SSH1_READ_SIMPLE', 1);
+/**
+ * Returns when a string matching the regular expression $expect is found
+ */
+define('NET_SSH1_READ_REGEX', 2);
+/**#@-*/
+
+/**
+ * Pure-PHP implementation of SSHv1.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Net_SSH1
+ */
+class Net_SSH1 {
+ /**
+ * The SSH identifier
+ *
+ * @var String
+ * @access private
+ */
+ var $identifier = 'SSH-1.5-phpseclib';
+
+ /**
+ * The Socket Object
+ *
+ * @var Object
+ * @access private
+ */
+ var $fsock;
+
+ /**
+ * The cryptography object
+ *
+ * @var Object
+ * @access private
+ */
+ var $crypto = false;
+
+ /**
+ * Execution Bitmap
+ *
+ * The bits that are set represent functions that have been called already. This is used to determine
+ * if a requisite function has been successfully executed. If not, an error should be thrown.
+ *
+ * @var Integer
+ * @access private
+ */
+ var $bitmap = 0;
+
+ /**
+ * The Server Key Public Exponent
+ *
+ * Logged for debug purposes
+ *
+ * @see Net_SSH1::getServerKeyPublicExponent()
+ * @var String
+ * @access private
+ */
+ var $server_key_public_exponent;
+
+ /**
+ * The Server Key Public Modulus
+ *
+ * Logged for debug purposes
+ *
+ * @see Net_SSH1::getServerKeyPublicModulus()
+ * @var String
+ * @access private
+ */
+ var $server_key_public_modulus;
+
+ /**
+ * The Host Key Public Exponent
+ *
+ * Logged for debug purposes
+ *
+ * @see Net_SSH1::getHostKeyPublicExponent()
+ * @var String
+ * @access private
+ */
+ var $host_key_public_exponent;
+
+ /**
+ * The Host Key Public Modulus
+ *
+ * Logged for debug purposes
+ *
+ * @see Net_SSH1::getHostKeyPublicModulus()
+ * @var String
+ * @access private
+ */
+ var $host_key_public_modulus;
+
+ /**
+ * Supported Ciphers
+ *
+ * Logged for debug purposes
+ *
+ * @see Net_SSH1::getSupportedCiphers()
+ * @var Array
+ * @access private
+ */
+ var $supported_ciphers = array(
+ NET_SSH1_CIPHER_NONE => 'No encryption',
+ NET_SSH1_CIPHER_IDEA => 'IDEA in CFB mode',
+ NET_SSH1_CIPHER_DES => 'DES in CBC mode',
+ NET_SSH1_CIPHER_3DES => 'Triple-DES in CBC mode',
+ NET_SSH1_CIPHER_BROKEN_TSS => 'TRI\'s Simple Stream encryption CBC',
+ NET_SSH1_CIPHER_RC4 => 'RC4',
+ NET_SSH1_CIPHER_BLOWFISH => 'Blowfish'
+ );
+
+ /**
+ * Supported Authentications
+ *
+ * Logged for debug purposes
+ *
+ * @see Net_SSH1::getSupportedAuthentications()
+ * @var Array
+ * @access private
+ */
+ var $supported_authentications = array(
+ NET_SSH1_AUTH_RHOSTS => '.rhosts or /etc/hosts.equiv',
+ NET_SSH1_AUTH_RSA => 'pure RSA authentication',
+ NET_SSH1_AUTH_PASSWORD => 'password authentication',
+ NET_SSH1_AUTH_RHOSTS_RSA => '.rhosts with RSA host authentication'
+ );
+
+ /**
+ * Server Identification
+ *
+ * @see Net_SSH1::getServerIdentification()
+ * @var String
+ * @access private
+ */
+ var $server_identification = '';
+
+ /**
+ * Protocol Flags
+ *
+ * @see Net_SSH1::Net_SSH1()
+ * @var Array
+ * @access private
+ */
+ var $protocol_flags = array();
+
+ /**
+ * Protocol Flag Log
+ *
+ * @see Net_SSH1::getLog()
+ * @var Array
+ * @access private
+ */
+ var $protocol_flag_log = array();
+
+ /**
+ * Message Log
+ *
+ * @see Net_SSH1::getLog()
+ * @var Array
+ * @access private
+ */
+ var $message_log = array();
+
+ /**
+ * Real-time log file pointer
+ *
+ * @see Net_SSH1::_append_log()
+ * @var Resource
+ * @access private
+ */
+ var $realtime_log_file;
+
+ /**
+ * Real-time log file size
+ *
+ * @see Net_SSH1::_append_log()
+ * @var Integer
+ * @access private
+ */
+ var $realtime_log_size;
+
+ /**
+ * Real-time log file wrap boolean
+ *
+ * @see Net_SSH1::_append_log()
+ * @var Boolean
+ * @access private
+ */
+ var $realtime_log_wrap;
+
+ /**
+ * Interactive Buffer
+ *
+ * @see Net_SSH1::read()
+ * @var Array
+ * @access private
+ */
+ var $interactiveBuffer = '';
+
+ /**
+ * Timeout
+ *
+ * @see Net_SSH1::setTimeout()
+ * @access private
+ */
+ var $timeout;
+
+ /**
+ * Current Timeout
+ *
+ * @see Net_SSH2::_get_channel_packet()
+ * @access private
+ */
+ var $curTimeout;
+
+ /**
+ * Default Constructor.
+ *
+ * Connects to an SSHv1 server
+ *
+ * @param String $host
+ * @param optional Integer $port
+ * @param optional Integer $timeout
+ * @param optional Integer $cipher
+ * @return Net_SSH1
+ * @access public
+ */
+ function Net_SSH1($host, $port = 22, $timeout = 10, $cipher = NET_SSH1_CIPHER_3DES)
+ {
+ $this->protocol_flags = array(
+ 1 => 'NET_SSH1_MSG_DISCONNECT',
+ 2 => 'NET_SSH1_SMSG_PUBLIC_KEY',
+ 3 => 'NET_SSH1_CMSG_SESSION_KEY',
+ 4 => 'NET_SSH1_CMSG_USER',
+ 9 => 'NET_SSH1_CMSG_AUTH_PASSWORD',
+ 10 => 'NET_SSH1_CMSG_REQUEST_PTY',
+ 12 => 'NET_SSH1_CMSG_EXEC_SHELL',
+ 13 => 'NET_SSH1_CMSG_EXEC_CMD',
+ 14 => 'NET_SSH1_SMSG_SUCCESS',
+ 15 => 'NET_SSH1_SMSG_FAILURE',
+ 16 => 'NET_SSH1_CMSG_STDIN_DATA',
+ 17 => 'NET_SSH1_SMSG_STDOUT_DATA',
+ 18 => 'NET_SSH1_SMSG_STDERR_DATA',
+ 19 => 'NET_SSH1_CMSG_EOF',
+ 20 => 'NET_SSH1_SMSG_EXITSTATUS',
+ 33 => 'NET_SSH1_CMSG_EXIT_CONFIRMATION'
+ );
+
+ $this->_define_array($this->protocol_flags);
+
+ $this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
+ if (!$this->fsock) {
+ user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
+ return;
+ }
+
+ $this->server_identification = $init_line = fgets($this->fsock, 255);
+
+ if (defined('NET_SSH1_LOGGING')) {
+ $this->_append_log('<-', $this->server_identification);
+ $this->_append_log('->', $this->identifier . "\r\n");
+ }
+
+ if (!preg_match('#SSH-([0-9\.]+)-(.+)#', $init_line, $parts)) {
+ user_error('Can only connect to SSH servers');
+ return;
+ }
+ if ($parts[1][0] != 1) {
+ user_error("Cannot connect to SSH $parts[1] servers");
+ return;
+ }
+
+ fputs($this->fsock, $this->identifier."\r\n");
+
+ $response = $this->_get_binary_packet();
+ if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_PUBLIC_KEY) {
+ user_error('Expected SSH_SMSG_PUBLIC_KEY');
+ return;
+ }
+
+ $anti_spoofing_cookie = $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 8);
+
+ $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
+
+ $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
+ $server_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
+ $this->server_key_public_exponent = $server_key_public_exponent;
+
+ $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
+ $server_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
+ $this->server_key_public_modulus = $server_key_public_modulus;
+
+ $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
+
+ $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
+ $host_key_public_exponent = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
+ $this->host_key_public_exponent = $host_key_public_exponent;
+
+ $temp = unpack('nlen', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 2));
+ $host_key_public_modulus = new Math_BigInteger($this->_string_shift($response[NET_SSH1_RESPONSE_DATA], ceil($temp['len'] / 8)), 256);
+ $this->host_key_public_modulus = $host_key_public_modulus;
+
+ $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4);
+
+ // get a list of the supported ciphers
+ extract(unpack('Nsupported_ciphers_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4)));
+ foreach ($this->supported_ciphers as $mask=>$name) {
+ if (($supported_ciphers_mask & (1 << $mask)) == 0) {
+ unset($this->supported_ciphers[$mask]);
+ }
+ }
+
+ // get a list of the supported authentications
+ extract(unpack('Nsupported_authentications_mask', $this->_string_shift($response[NET_SSH1_RESPONSE_DATA], 4)));
+ foreach ($this->supported_authentications as $mask=>$name) {
+ if (($supported_authentications_mask & (1 << $mask)) == 0) {
+ unset($this->supported_authentications[$mask]);
+ }
+ }
+
+ $session_id = pack('H*', md5($host_key_public_modulus->toBytes() . $server_key_public_modulus->toBytes() . $anti_spoofing_cookie));
+
+ $session_key = crypt_random_string(32);
+ $double_encrypted_session_key = $session_key ^ str_pad($session_id, 32, chr(0));
+
+ if ($server_key_public_modulus->compare($host_key_public_modulus) < 0) {
+ $double_encrypted_session_key = $this->_rsa_crypt(
+ $double_encrypted_session_key,
+ array(
+ $server_key_public_exponent,
+ $server_key_public_modulus
+ )
+ );
+ $double_encrypted_session_key = $this->_rsa_crypt(
+ $double_encrypted_session_key,
+ array(
+ $host_key_public_exponent,
+ $host_key_public_modulus
+ )
+ );
+ } else {
+ $double_encrypted_session_key = $this->_rsa_crypt(
+ $double_encrypted_session_key,
+ array(
+ $host_key_public_exponent,
+ $host_key_public_modulus
+ )
+ );
+ $double_encrypted_session_key = $this->_rsa_crypt(
+ $double_encrypted_session_key,
+ array(
+ $server_key_public_exponent,
+ $server_key_public_modulus
+ )
+ );
+ }
+
+ $cipher = isset($this->supported_ciphers[$cipher]) ? $cipher : NET_SSH1_CIPHER_3DES;
+ $data = pack('C2a*na*N', NET_SSH1_CMSG_SESSION_KEY, $cipher, $anti_spoofing_cookie, 8 * strlen($double_encrypted_session_key), $double_encrypted_session_key, 0);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_SESSION_KEY');
+ return;
+ }
+
+ switch ($cipher) {
+ //case NET_SSH1_CIPHER_NONE:
+ // $this->crypto = new Crypt_Null();
+ // break;
+ case NET_SSH1_CIPHER_DES:
+ $this->crypto = new Crypt_DES();
+ $this->crypto->disablePadding();
+ $this->crypto->enableContinuousBuffer();
+ $this->crypto->setKey(substr($session_key, 0, 8));
+ break;
+ case NET_SSH1_CIPHER_3DES:
+ $this->crypto = new Crypt_TripleDES(CRYPT_DES_MODE_3CBC);
+ $this->crypto->disablePadding();
+ $this->crypto->enableContinuousBuffer();
+ $this->crypto->setKey(substr($session_key, 0, 24));
+ break;
+ //case NET_SSH1_CIPHER_RC4:
+ // $this->crypto = new Crypt_RC4();
+ // $this->crypto->enableContinuousBuffer();
+ // $this->crypto->setKey(substr($session_key, 0, 16));
+ // break;
+ }
+
+ $response = $this->_get_binary_packet();
+
+ if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
+ user_error('Expected SSH_SMSG_SUCCESS');
+ return;
+ }
+
+ $this->bitmap = NET_SSH1_MASK_CONSTRUCTOR;
+ }
+
+ /**
+ * Login
+ *
+ * @param String $username
+ * @param optional String $password
+ * @return Boolean
+ * @access public
+ */
+ function login($username, $password = '')
+ {
+ if (!($this->bitmap & NET_SSH1_MASK_CONSTRUCTOR)) {
+ return false;
+ }
+
+ $data = pack('CNa*', NET_SSH1_CMSG_USER, strlen($username), $username);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_USER');
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+
+ if ($response === true) {
+ return false;
+ }
+ if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) {
+ $this->bitmap |= NET_SSH1_MASK_LOGIN;
+ return true;
+ } else if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_FAILURE) {
+ user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE');
+ return false;
+ }
+
+ $data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen($password), $password);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_AUTH_PASSWORD');
+ return false;
+ }
+
+ // remove the username and password from the last logged packet
+ if (defined('NET_SSH1_LOGGING') && NET_SSH1_LOGGING == NET_SSH1_LOG_COMPLEX) {
+ $data = pack('CNa*', NET_SSH1_CMSG_AUTH_PASSWORD, strlen('password'), 'password');
+ $this->message_log[count($this->message_log) - 1] = $data;
+ }
+
+ $response = $this->_get_binary_packet();
+
+ if ($response === true) {
+ return false;
+ }
+ if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_SUCCESS) {
+ $this->bitmap |= NET_SSH1_MASK_LOGIN;
+ return true;
+ } else if ($response[NET_SSH1_RESPONSE_TYPE] == NET_SSH1_SMSG_FAILURE) {
+ return false;
+ } else {
+ user_error('Expected SSH_SMSG_SUCCESS or SSH_SMSG_FAILURE');
+ return false;
+ }
+ }
+
+ /**
+ * Set Timeout
+ *
+ * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout.
+ * Setting $timeout to false or 0 will mean there is no timeout.
+ *
+ * @param Mixed $timeout
+ */
+ function setTimeout($timeout)
+ {
+ $this->timeout = $this->curTimeout = $timeout;
+ }
+
+ /**
+ * Executes a command on a non-interactive shell, returns the output, and quits.
+ *
+ * An SSH1 server will close the connection after a command has been executed on a non-interactive shell. SSH2
+ * servers don't, however, this isn't an SSH2 client. The way this works, on the server, is by initiating a
+ * shell with the -s option, as discussed in the following links:
+ *
+ * {@link http://www.faqs.org/docs/bashman/bashref_65.html http://www.faqs.org/docs/bashman/bashref_65.html}
+ * {@link http://www.faqs.org/docs/bashman/bashref_62.html http://www.faqs.org/docs/bashman/bashref_62.html}
+ *
+ * To execute further commands, a new Net_SSH1 object will need to be created.
+ *
+ * Returns false on failure and the output, otherwise.
+ *
+ * @see Net_SSH1::interactiveRead()
+ * @see Net_SSH1::interactiveWrite()
+ * @param String $cmd
+ * @return mixed
+ * @access public
+ */
+ function exec($cmd, $block = true)
+ {
+ if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
+ user_error('Operation disallowed prior to login()');
+ return false;
+ }
+
+ $data = pack('CNa*', NET_SSH1_CMSG_EXEC_CMD, strlen($cmd), $cmd);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_EXEC_CMD');
+ return false;
+ }
+
+ if (!$block) {
+ return true;
+ }
+
+ $output = '';
+ $response = $this->_get_binary_packet();
+
+ if ($response !== false) {
+ do {
+ $output.= substr($response[NET_SSH1_RESPONSE_DATA], 4);
+ $response = $this->_get_binary_packet();
+ } while (is_array($response) && $response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_EXITSTATUS);
+ }
+
+ $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION);
+
+ // i don't think it's really all that important if this packet gets sent or not.
+ $this->_send_binary_packet($data);
+
+ fclose($this->fsock);
+
+ // reset the execution bitmap - a new Net_SSH1 object needs to be created.
+ $this->bitmap = 0;
+
+ return $output;
+ }
+
+ /**
+ * Creates an interactive shell
+ *
+ * @see Net_SSH1::interactiveRead()
+ * @see Net_SSH1::interactiveWrite()
+ * @return Boolean
+ * @access private
+ */
+ function _initShell()
+ {
+ // connect using the sample parameters in protocol-1.5.txt.
+ // according to wikipedia.org's entry on text terminals, "the fundamental type of application running on a text
+ // terminal is a command line interpreter or shell". thus, opening a terminal session to run the shell.
+ $data = pack('CNa*N4C', NET_SSH1_CMSG_REQUEST_PTY, strlen('vt100'), 'vt100', 24, 80, 0, 0, NET_SSH1_TTY_OP_END);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_REQUEST_PTY');
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+
+ if ($response === true) {
+ return false;
+ }
+ if ($response[NET_SSH1_RESPONSE_TYPE] != NET_SSH1_SMSG_SUCCESS) {
+ user_error('Expected SSH_SMSG_SUCCESS');
+ return false;
+ }
+
+ $data = pack('C', NET_SSH1_CMSG_EXEC_SHELL);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_EXEC_SHELL');
+ return false;
+ }
+
+ $this->bitmap |= NET_SSH1_MASK_SHELL;
+
+ //stream_set_blocking($this->fsock, 0);
+
+ return true;
+ }
+
+ /**
+ * Inputs a command into an interactive shell.
+ *
+ * @see Net_SSH1::interactiveWrite()
+ * @param String $cmd
+ * @return Boolean
+ * @access public
+ */
+ function write($cmd)
+ {
+ return $this->interactiveWrite($cmd);
+ }
+
+ /**
+ * Returns the output of an interactive shell when there's a match for $expect
+ *
+ * $expect can take the form of a string literal or, if $mode == NET_SSH1_READ_REGEX,
+ * a regular expression.
+ *
+ * @see Net_SSH1::write()
+ * @param String $expect
+ * @param Integer $mode
+ * @return Boolean
+ * @access public
+ */
+ function read($expect, $mode = NET_SSH1_READ_SIMPLE)
+ {
+ if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
+ user_error('Operation disallowed prior to login()');
+ return false;
+ }
+
+ if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
+ user_error('Unable to initiate an interactive shell session');
+ return false;
+ }
+
+ $match = $expect;
+ while (true) {
+ if ($mode == NET_SSH1_READ_REGEX) {
+ preg_match($expect, $this->interactiveBuffer, $matches);
+ $match = isset($matches[0]) ? $matches[0] : '';
+ }
+ $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false;
+ if ($pos !== false) {
+ return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match));
+ }
+ $response = $this->_get_binary_packet();
+
+ if ($response === true) {
+ return $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer));
+ }
+ $this->interactiveBuffer.= substr($response[NET_SSH1_RESPONSE_DATA], 4);
+ }
+ }
+
+ /**
+ * Inputs a command into an interactive shell.
+ *
+ * @see Net_SSH1::interactiveRead()
+ * @param String $cmd
+ * @return Boolean
+ * @access public
+ */
+ function interactiveWrite($cmd)
+ {
+ if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
+ user_error('Operation disallowed prior to login()');
+ return false;
+ }
+
+ if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
+ user_error('Unable to initiate an interactive shell session');
+ return false;
+ }
+
+ $data = pack('CNa*', NET_SSH1_CMSG_STDIN_DATA, strlen($cmd), $cmd);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Error sending SSH_CMSG_STDIN');
+ return false;
+ }
+
+ return true;
+ }
+
+ /**
+ * Returns the output of an interactive shell when no more output is available.
+ *
+ * Requires PHP 4.3.0 or later due to the use of the stream_select() function. If you see stuff like
+ * "", you're seeing ANSI escape codes. According to
+ * {@link http://support.microsoft.com/kb/101875 How to Enable ANSI.SYS in a Command Window}, "Windows NT
+ * does not support ANSI escape sequences in Win32 Console applications", so if you're a Windows user,
+ * there's not going to be much recourse.
+ *
+ * @see Net_SSH1::interactiveRead()
+ * @return String
+ * @access public
+ */
+ function interactiveRead()
+ {
+ if (!($this->bitmap & NET_SSH1_MASK_LOGIN)) {
+ user_error('Operation disallowed prior to login()');
+ return false;
+ }
+
+ if (!($this->bitmap & NET_SSH1_MASK_SHELL) && !$this->_initShell()) {
+ user_error('Unable to initiate an interactive shell session');
+ return false;
+ }
+
+ $read = array($this->fsock);
+ $write = $except = null;
+ if (stream_select($read, $write, $except, 0)) {
+ $response = $this->_get_binary_packet();
+ return substr($response[NET_SSH1_RESPONSE_DATA], 4);
+ } else {
+ return '';
+ }
+ }
+
+ /**
+ * Disconnect
+ *
+ * @access public
+ */
+ function disconnect()
+ {
+ $this->_disconnect();
+ }
+
+ /**
+ * Destructor.
+ *
+ * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
+ * disconnect().
+ *
+ * @access public
+ */
+ function __destruct()
+ {
+ $this->_disconnect();
+ }
+
+ /**
+ * Disconnect
+ *
+ * @param String $msg
+ * @access private
+ */
+ function _disconnect($msg = 'Client Quit')
+ {
+ if ($this->bitmap) {
+ $data = pack('C', NET_SSH1_CMSG_EOF);
+ $this->_send_binary_packet($data);
+ /*
+ $response = $this->_get_binary_packet();
+ if ($response === true) {
+ $response = array(NET_SSH1_RESPONSE_TYPE => -1);
+ }
+ switch ($response[NET_SSH1_RESPONSE_TYPE]) {
+ case NET_SSH1_SMSG_EXITSTATUS:
+ $data = pack('C', NET_SSH1_CMSG_EXIT_CONFIRMATION);
+ break;
+ default:
+ $data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg);
+ }
+ */
+ $data = pack('CNa*', NET_SSH1_MSG_DISCONNECT, strlen($msg), $msg);
+
+ $this->_send_binary_packet($data);
+ fclose($this->fsock);
+ $this->bitmap = 0;
+ }
+ }
+
+ /**
+ * Gets Binary Packets
+ *
+ * See 'The Binary Packet Protocol' of protocol-1.5.txt for more info.
+ *
+ * Also, this function could be improved upon by adding detection for the following exploit:
+ * http://www.securiteam.com/securitynews/5LP042K3FY.html
+ *
+ * @see Net_SSH1::_send_binary_packet()
+ * @return Array
+ * @access private
+ */
+ function _get_binary_packet()
+ {
+ if (feof($this->fsock)) {
+ //user_error('connection closed prematurely');
+ return false;
+ }
+
+ if ($this->curTimeout) {
+ $read = array($this->fsock);
+ $write = $except = NULL;
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $sec = floor($this->curTimeout);
+ $usec = 1000000 * ($this->curTimeout - $sec);
+ // on windows this returns a "Warning: Invalid CRT parameters detected" error
+ if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) {
+ //$this->_disconnect('Timeout');
+ return true;
+ }
+ $elapsed = strtok(microtime(), ' ') + strtok('') - $start;
+ $this->curTimeout-= $elapsed;
+ }
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $temp = unpack('Nlength', fread($this->fsock, 4));
+
+ $padding_length = 8 - ($temp['length'] & 7);
+ $length = $temp['length'] + $padding_length;
+
+ while ($length > 0) {
+ $temp = fread($this->fsock, $length);
+ $raw.= $temp;
+ $length-= strlen($temp);
+ }
+ $stop = strtok(microtime(), ' ') + strtok('');
+
+ if (strlen($raw) && $this->crypto !== false) {
+ $raw = $this->crypto->decrypt($raw);
+ }
+
+ $padding = substr($raw, 0, $padding_length);
+ $type = $raw[$padding_length];
+ $data = substr($raw, $padding_length + 1, -4);
+
+ $temp = unpack('Ncrc', substr($raw, -4));
+
+ //if ( $temp['crc'] != $this->_crc($padding . $type . $data) ) {
+ // user_error('Bad CRC in packet from server');
+ // return false;
+ //}
+
+ $type = ord($type);
+
+ if (defined('NET_SSH1_LOGGING')) {
+ $temp = isset($this->protocol_flags[$type]) ? $this->protocol_flags[$type] : 'UNKNOWN';
+ $temp = '<- ' . $temp .
+ ' (' . round($stop - $start, 4) . 's)';
+ $this->_append_log($temp, $data);
+ }
+
+ return array(
+ NET_SSH1_RESPONSE_TYPE => $type,
+ NET_SSH1_RESPONSE_DATA => $data
+ );
+ }
+
+ /**
+ * Sends Binary Packets
+ *
+ * Returns true on success, false on failure.
+ *
+ * @see Net_SSH1::_get_binary_packet()
+ * @param String $data
+ * @return Boolean
+ * @access private
+ */
+ function _send_binary_packet($data)
+ {
+ if (feof($this->fsock)) {
+ //user_error('connection closed prematurely');
+ return false;
+ }
+
+ $length = strlen($data) + 4;
+
+ $padding = crypt_random_string(8 - ($length & 7));
+
+ $orig = $data;
+ $data = $padding . $data;
+ $data.= pack('N', $this->_crc($data));
+
+ if ($this->crypto !== false) {
+ $data = $this->crypto->encrypt($data);
+ }
+
+ $packet = pack('Na*', $length, $data);
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $result = strlen($packet) == fputs($this->fsock, $packet);
+ $stop = strtok(microtime(), ' ') + strtok('');
+
+ if (defined('NET_SSH1_LOGGING')) {
+ $temp = isset($this->protocol_flags[ord($orig[0])]) ? $this->protocol_flags[ord($orig[0])] : 'UNKNOWN';
+ $temp = '-> ' . $temp .
+ ' (' . round($stop - $start, 4) . 's)';
+ $this->_append_log($temp, $orig);
+ }
+
+ return $result;
+ }
+
+ /**
+ * Cyclic Redundancy Check (CRC)
+ *
+ * PHP's crc32 function is implemented slightly differently than the one that SSH v1 uses, so
+ * we've reimplemented it. A more detailed discussion of the differences can be found after
+ * $crc_lookup_table's initialization.
+ *
+ * @see Net_SSH1::_get_binary_packet()
+ * @see Net_SSH1::_send_binary_packet()
+ * @param String $data
+ * @return Integer
+ * @access private
+ */
+ function _crc($data)
+ {
+ static $crc_lookup_table = array(
+ 0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA,
+ 0x076DC419, 0x706AF48F, 0xE963A535, 0x9E6495A3,
+ 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
+ 0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91,
+ 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE,
+ 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
+ 0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC,
+ 0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5,
+ 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
+ 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B,
+ 0x35B5A8FA, 0x42B2986C, 0xDBBBC9D6, 0xACBCF940,
+ 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59,
+ 0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116,
+ 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F,
+ 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924,
+ 0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D,
+ 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A,
+ 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433,
+ 0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818,
+ 0x7F6A0DBB, 0x086D3D2D, 0x91646C97, 0xE6635C01,
+ 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
+ 0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457,
+ 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA, 0xFCB9887C,
+ 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65,
+ 0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2,
+ 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB,
+ 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0,
+ 0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9,
+ 0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086,
+ 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F,
+ 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4,
+ 0x59B33D17, 0x2EB40D81, 0xB7BD5C3B, 0xC0BA6CAD,
+ 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A,
+ 0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683,
+ 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8,
+ 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1,
+ 0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE,
+ 0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7,
+ 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC,
+ 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5,
+ 0xD6D6A3E8, 0xA1D1937E, 0x38D8C2C4, 0x4FDFF252,
+ 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
+ 0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60,
+ 0xDF60EFC3, 0xA867DF55, 0x316E8EEF, 0x4669BE79,
+ 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236,
+ 0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F,
+ 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04,
+ 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D,
+ 0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A,
+ 0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713,
+ 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38,
+ 0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21,
+ 0x86D3D2D4, 0xF1D4E242, 0x68DDB3F8, 0x1FDA836E,
+ 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777,
+ 0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C,
+ 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45,
+ 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2,
+ 0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB,
+ 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0,
+ 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9,
+ 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6,
+ 0xBAD03605, 0xCDD70693, 0x54DE5729, 0x23D967BF,
+ 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
+ 0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
+ );
+
+ // For this function to yield the same output as PHP's crc32 function, $crc would have to be
+ // set to 0xFFFFFFFF, initially - not 0x00000000 as it currently is.
+ $crc = 0x00000000;
+ $length = strlen($data);
+
+ for ($i=0;$i<$length;$i++) {
+ // We AND $crc >> 8 with 0x00FFFFFF because we want the eight newly added bits to all
+ // be zero. PHP, unfortunately, doesn't always do this. 0x80000000 >> 8, as an example,
+ // yields 0xFF800000 - not 0x00800000. The following link elaborates:
+ // http://www.php.net/manual/en/language.operators.bitwise.php#57281
+ $crc = (($crc >> 8) & 0x00FFFFFF) ^ $crc_lookup_table[($crc & 0xFF) ^ ord($data[$i])];
+ }
+
+ // In addition to having to set $crc to 0xFFFFFFFF, initially, the return value must be XOR'd with
+ // 0xFFFFFFFF for this function to return the same thing that PHP's crc32 function would.
+ return $crc;
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+
+ /**
+ * RSA Encrypt
+ *
+ * Returns mod(pow($m, $e), $n), where $n should be the product of two (large) primes $p and $q and where $e
+ * should be a number with the property that gcd($e, ($p - 1) * ($q - 1)) == 1. Could just make anything that
+ * calls this call modexp, instead, but I think this makes things clearer, maybe...
+ *
+ * @see Net_SSH1::Net_SSH1()
+ * @param Math_BigInteger $m
+ * @param Array $key
+ * @return Math_BigInteger
+ * @access private
+ */
+ function _rsa_crypt($m, $key)
+ {
+ /*
+ if (!class_exists('Crypt_RSA')) {
+ require_once('Crypt/RSA.php');
+ }
+
+ $rsa = new Crypt_RSA();
+ $rsa->loadKey($key, CRYPT_RSA_PUBLIC_FORMAT_RAW);
+ $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1);
+ return $rsa->encrypt($m);
+ */
+
+ // To quote from protocol-1.5.txt:
+ // The most significant byte (which is only partial as the value must be
+ // less than the public modulus, which is never a power of two) is zero.
+ //
+ // The next byte contains the value 2 (which stands for public-key
+ // encrypted data in the PKCS standard [PKCS#1]). Then, there are non-
+ // zero random bytes to fill any unused space, a zero byte, and the data
+ // to be encrypted in the least significant bytes, the last byte of the
+ // data in the least significant byte.
+
+ // Presumably the part of PKCS#1 they're refering to is "Section 7.2.1 Encryption Operation",
+ // under "7.2 RSAES-PKCS1-v1.5" and "7 Encryption schemes" of the following URL:
+ // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
+ $modulus = $key[1]->toBytes();
+ $length = strlen($modulus) - strlen($m) - 3;
+ $random = '';
+ while (strlen($random) != $length) {
+ $block = crypt_random_string($length - strlen($random));
+ $block = str_replace("\x00", '', $block);
+ $random.= $block;
+ }
+ $temp = chr(0) . chr(2) . $random . chr(0) . $m;
+
+ $m = new Math_BigInteger($temp, 256);
+ $m = $m->modPow($key[0], $key[1]);
+
+ return $m->toBytes();
+ }
+
+ /**
+ * Define Array
+ *
+ * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of
+ * named constants from it, using the value as the name of the constant and the index as the value of the constant.
+ * If any of the constants that would be defined already exists, none of the constants will be defined.
+ *
+ * @param Array $array
+ * @access private
+ */
+ function _define_array()
+ {
+ $args = func_get_args();
+ foreach ($args as $arg) {
+ foreach ($arg as $key=>$value) {
+ if (!defined($value)) {
+ define($value, $key);
+ } else {
+ break 2;
+ }
+ }
+ }
+ }
+
+ /**
+ * Returns a log of the packets that have been sent and received.
+ *
+ * Returns a string if NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX, an array if NET_SSH2_LOGGING == NET_SSH2_LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING')
+ *
+ * @access public
+ * @return String or Array
+ */
+ function getLog()
+ {
+ if (!defined('NET_SSH1_LOGGING')) {
+ return false;
+ }
+
+ switch (NET_SSH1_LOGGING) {
+ case NET_SSH1_LOG_SIMPLE:
+ return $this->message_number_log;
+ break;
+ case NET_SSH1_LOG_COMPLEX:
+ return $this->_format_log($this->message_log, $this->protocol_flags_log);
+ break;
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Formats a log for printing
+ *
+ * @param Array $message_log
+ * @param Array $message_number_log
+ * @access private
+ * @return String
+ */
+ function _format_log($message_log, $message_number_log)
+ {
+ static $boundary = ':', $long_width = 65, $short_width = 16;
+
+ $output = '';
+ for ($i = 0; $i < count($message_log); $i++) {
+ $output.= $message_number_log[$i] . "\r\n";
+ $current_log = $message_log[$i];
+ $j = 0;
+ do {
+ if (strlen($current_log)) {
+ $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 ';
+ }
+ $fragment = $this->_string_shift($current_log, $short_width);
+ $hex = substr(
+ preg_replace(
+ '#(.)#es',
+ '"' . $boundary . '" . str_pad(dechex(ord(substr("\\1", -1))), 2, "0", STR_PAD_LEFT)',
+ $fragment),
+ strlen($boundary)
+ );
+ // replace non ASCII printable characters with dots
+ // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters
+ // also replace < with a . since < messes up the output on web browsers
+ $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment);
+ $output.= str_pad($hex, $long_width - $short_width, ' ') . $raw . "\r\n";
+ $j++;
+ } while (strlen($current_log));
+ $output.= "\r\n";
+ }
+
+ return $output;
+ }
+
+ /**
+ * Return the server key public exponent
+ *
+ * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
+ * the raw bytes. This behavior is similar to PHP's md5() function.
+ *
+ * @param optional Boolean $raw_output
+ * @return String
+ * @access public
+ */
+ function getServerKeyPublicExponent($raw_output = false)
+ {
+ return $raw_output ? $this->server_key_public_exponent->toBytes() : $this->server_key_public_exponent->toString();
+ }
+
+ /**
+ * Return the server key public modulus
+ *
+ * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
+ * the raw bytes. This behavior is similar to PHP's md5() function.
+ *
+ * @param optional Boolean $raw_output
+ * @return String
+ * @access public
+ */
+ function getServerKeyPublicModulus($raw_output = false)
+ {
+ return $raw_output ? $this->server_key_public_modulus->toBytes() : $this->server_key_public_modulus->toString();
+ }
+
+ /**
+ * Return the host key public exponent
+ *
+ * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
+ * the raw bytes. This behavior is similar to PHP's md5() function.
+ *
+ * @param optional Boolean $raw_output
+ * @return String
+ * @access public
+ */
+ function getHostKeyPublicExponent($raw_output = false)
+ {
+ return $raw_output ? $this->host_key_public_exponent->toBytes() : $this->host_key_public_exponent->toString();
+ }
+
+ /**
+ * Return the host key public modulus
+ *
+ * Returns, by default, the base-10 representation. If $raw_output is set to true, returns, instead,
+ * the raw bytes. This behavior is similar to PHP's md5() function.
+ *
+ * @param optional Boolean $raw_output
+ * @return String
+ * @access public
+ */
+ function getHostKeyPublicModulus($raw_output = false)
+ {
+ return $raw_output ? $this->host_key_public_modulus->toBytes() : $this->host_key_public_modulus->toString();
+ }
+
+ /**
+ * Return a list of ciphers supported by SSH1 server.
+ *
+ * Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output
+ * is set to true, returns, instead, an array of constants. ie. instead of array('Triple-DES in CBC mode'), you'll
+ * get array(NET_SSH1_CIPHER_3DES).
+ *
+ * @param optional Boolean $raw_output
+ * @return Array
+ * @access public
+ */
+ function getSupportedCiphers($raw_output = false)
+ {
+ return $raw_output ? array_keys($this->supported_ciphers) : array_values($this->supported_ciphers);
+ }
+
+ /**
+ * Return a list of authentications supported by SSH1 server.
+ *
+ * Just because a cipher is supported by an SSH1 server doesn't mean it's supported by this library. If $raw_output
+ * is set to true, returns, instead, an array of constants. ie. instead of array('password authentication'), you'll
+ * get array(NET_SSH1_AUTH_PASSWORD).
+ *
+ * @param optional Boolean $raw_output
+ * @return Array
+ * @access public
+ */
+ function getSupportedAuthentications($raw_output = false)
+ {
+ return $raw_output ? array_keys($this->supported_authentications) : array_values($this->supported_authentications);
+ }
+
+ /**
+ * Return the server identification.
+ *
+ * @return String
+ * @access public
+ */
+ function getServerIdentification()
+ {
+ return rtrim($this->server_identification);
+ }
+
+ /**
+ * Logs data packets
+ *
+ * Makes sure that only the last 1MB worth of packets will be logged
+ *
+ * @param String $data
+ * @access private
+ */
+ function _append_log($protocol_flags, $message)
+ {
+ switch (NET_SSH1_LOGGING) {
+ // useful for benchmarks
+ case NET_SSH1_LOG_SIMPLE:
+ $this->protocol_flags_log[] = $protocol_flags;
+ break;
+ // the most useful log for SSH1
+ case NET_SSH1_LOG_COMPLEX:
+ $this->protocol_flags_log[] = $protocol_flags;
+ $this->_string_shift($message);
+ $this->log_size+= strlen($message);
+ $this->message_log[] = $message;
+ while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) {
+ $this->log_size-= strlen(array_shift($this->message_log));
+ array_shift($this->protocol_flags_log);
+ }
+ break;
+ // dump the output out realtime; packets may be interspersed with non packets,
+ // passwords won't be filtered out and select other packets may not be correctly
+ // identified
+ case NET_SSH1_LOG_REALTIME:
+ echo "<pre>\r\n" . $this->_format_log(array($message), array($protocol_flags)) . "\r\n</pre>\r\n";
+ @flush();
+ @ob_flush();
+ break;
+ // basically the same thing as NET_SSH1_LOG_REALTIME with the caveat that NET_SSH1_LOG_REALTIME_FILE
+ // needs to be defined and that the resultant log file will be capped out at NET_SSH1_LOG_MAX_SIZE.
+ // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily
+ // at the beginning of the file
+ case NET_SSH1_LOG_REALTIME_FILE:
+ if (!isset($this->realtime_log_file)) {
+ // PHP doesn't seem to like using constants in fopen()
+ $filename = NET_SSH2_LOG_REALTIME_FILE;
+ $fp = fopen($filename, 'w');
+ $this->realtime_log_file = $fp;
+ }
+ if (!is_resource($this->realtime_log_file)) {
+ break;
+ }
+ $entry = $this->_format_log(array($message), array($protocol_flags));
+ if ($this->realtime_log_wrap) {
+ $temp = "<<< START >>>\r\n";
+ $entry.= $temp;
+ fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp));
+ }
+ $this->realtime_log_size+= strlen($entry);
+ if ($this->realtime_log_size > NET_SSH1_LOG_MAX_SIZE) {
+ fseek($this->realtime_log_file, 0);
+ $this->realtime_log_size = strlen($entry);
+ $this->realtime_log_wrap = true;
+ }
+ fputs($this->realtime_log_file, $entry);
+ }
+ }
+} \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH2.php b/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH2.php
new file mode 100644
index 00000000000..43bfbca2dbe
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/Net/SSH2.php
@@ -0,0 +1,3009 @@
+<?php
+/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
+
+/**
+ * Pure-PHP implementation of SSHv2.
+ *
+ * PHP versions 4 and 5
+ *
+ * Here are some examples of how to use this library:
+ * <code>
+ * <?php
+ * include('Net/SSH2.php');
+ *
+ * $ssh = new Net_SSH2('www.domain.tld');
+ * if (!$ssh->login('username', 'password')) {
+ * exit('Login Failed');
+ * }
+ *
+ * echo $ssh->exec('pwd');
+ * echo $ssh->exec('ls -la');
+ * ?>
+ * </code>
+ *
+ * <code>
+ * <?php
+ * include('Crypt/RSA.php');
+ * include('Net/SSH2.php');
+ *
+ * $key = new Crypt_RSA();
+ * //$key->setPassword('whatever');
+ * $key->loadKey(file_get_contents('privatekey'));
+ *
+ * $ssh = new Net_SSH2('www.domain.tld');
+ * if (!$ssh->login('username', $key)) {
+ * exit('Login Failed');
+ * }
+ *
+ * echo $ssh->read('username@username:~$');
+ * $ssh->write("ls -la\n");
+ * echo $ssh->read('username@username:~$');
+ * ?>
+ * </code>
+ *
+ * LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ *
+ * @category Net
+ * @package Net_SSH2
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @copyright MMVII Jim Wigginton
+ * @license http://www.opensource.org/licenses/mit-license.html MIT License
+ * @version $Id: SSH2.php,v 1.53 2010-10-24 01:24:30 terrafrost Exp $
+ * @link http://phpseclib.sourceforge.net
+ */
+
+/**
+ * Include Math_BigInteger
+ *
+ * Used to do Diffie-Hellman key exchange and DSA/RSA signature verification.
+ */
+if (!class_exists('Math_BigInteger')) {
+ require_once('Math/BigInteger.php');
+}
+
+/**
+ * Include Crypt_Random
+ */
+// the class_exists() will only be called if the crypt_random_string function hasn't been defined and
+// will trigger a call to __autoload() if you're wanting to auto-load classes
+// call function_exists() a second time to stop the require_once from being called outside
+// of the auto loader
+if (!function_exists('crypt_random_string') && !class_exists('Crypt_Random') && !function_exists('crypt_random_string')) {
+ require_once('Crypt/Random.php');
+}
+
+/**
+ * Include Crypt_Hash
+ */
+if (!class_exists('Crypt_Hash')) {
+ require_once('Crypt/Hash.php');
+}
+
+/**
+ * Include Crypt_TripleDES
+ */
+if (!class_exists('Crypt_TripleDES')) {
+ require_once('Crypt/TripleDES.php');
+}
+
+/**
+ * Include Crypt_RC4
+ */
+if (!class_exists('Crypt_RC4')) {
+ require_once('Crypt/RC4.php');
+}
+
+/**
+ * Include Crypt_AES
+ */
+if (!class_exists('Crypt_AES')) {
+ require_once('Crypt/AES.php');
+}
+
+/**#@+
+ * Execution Bitmap Masks
+ *
+ * @see Net_SSH2::bitmap
+ * @access private
+ */
+define('NET_SSH2_MASK_CONSTRUCTOR', 0x00000001);
+define('NET_SSH2_MASK_LOGIN', 0x00000002);
+define('NET_SSH2_MASK_SHELL', 0x00000004);
+/**#@-*/
+
+/**#@+
+ * Channel constants
+ *
+ * RFC4254 refers not to client and server channels but rather to sender and recipient channels. we don't refer
+ * to them in that way because RFC4254 toggles the meaning. the client sends a SSH_MSG_CHANNEL_OPEN message with
+ * a sender channel and the server sends a SSH_MSG_CHANNEL_OPEN_CONFIRMATION in response, with a sender and a
+ * recepient channel. at first glance, you might conclude that SSH_MSG_CHANNEL_OPEN_CONFIRMATION's sender channel
+ * would be the same thing as SSH_MSG_CHANNEL_OPEN's sender channel, but it's not, per this snipet:
+ * The 'recipient channel' is the channel number given in the original
+ * open request, and 'sender channel' is the channel number allocated by
+ * the other side.
+ *
+ * @see Net_SSH2::_send_channel_packet()
+ * @see Net_SSH2::_get_channel_packet()
+ * @access private
+ */
+define('NET_SSH2_CHANNEL_EXEC', 0); // PuTTy uses 0x100
+define('NET_SSH2_CHANNEL_SHELL',1);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Net_SSH2::getLog()
+ */
+/**
+ * Returns the message numbers
+ */
+define('NET_SSH2_LOG_SIMPLE', 1);
+/**
+ * Returns the message content
+ */
+define('NET_SSH2_LOG_COMPLEX', 2);
+/**
+ * Outputs the content real-time
+ */
+define('NET_SSH2_LOG_REALTIME', 3);
+/**
+ * Dumps the content real-time to a file
+ */
+define('NET_SSH2_LOG_REALTIME_FILE', 4);
+/**#@-*/
+
+/**#@+
+ * @access public
+ * @see Net_SSH2::read()
+ */
+/**
+ * Returns when a string matching $expect exactly is found
+ */
+define('NET_SSH2_READ_SIMPLE', 1);
+/**
+ * Returns when a string matching the regular expression $expect is found
+ */
+define('NET_SSH2_READ_REGEX', 2);
+/**
+ * Make sure that the log never gets larger than this
+ */
+define('NET_SSH2_LOG_MAX_SIZE', 1024 * 1024);
+/**#@-*/
+
+/**
+ * Pure-PHP implementation of SSHv2.
+ *
+ * @author Jim Wigginton <terrafrost@php.net>
+ * @version 0.1.0
+ * @access public
+ * @package Net_SSH2
+ */
+class Net_SSH2 {
+ /**
+ * The SSH identifier
+ *
+ * @var String
+ * @access private
+ */
+ var $identifier = 'SSH-2.0-phpseclib_0.3';
+
+ /**
+ * The Socket Object
+ *
+ * @var Object
+ * @access private
+ */
+ var $fsock;
+
+ /**
+ * Execution Bitmap
+ *
+ * The bits that are set represent functions that have been called already. This is used to determine
+ * if a requisite function has been successfully executed. If not, an error should be thrown.
+ *
+ * @var Integer
+ * @access private
+ */
+ var $bitmap = 0;
+
+ /**
+ * Error information
+ *
+ * @see Net_SSH2::getErrors()
+ * @see Net_SSH2::getLastError()
+ * @var String
+ * @access private
+ */
+ var $errors = array();
+
+ /**
+ * Server Identifier
+ *
+ * @see Net_SSH2::getServerIdentification()
+ * @var String
+ * @access private
+ */
+ var $server_identifier = '';
+
+ /**
+ * Key Exchange Algorithms
+ *
+ * @see Net_SSH2::getKexAlgorithims()
+ * @var Array
+ * @access private
+ */
+ var $kex_algorithms;
+
+ /**
+ * Server Host Key Algorithms
+ *
+ * @see Net_SSH2::getServerHostKeyAlgorithms()
+ * @var Array
+ * @access private
+ */
+ var $server_host_key_algorithms;
+
+ /**
+ * Encryption Algorithms: Client to Server
+ *
+ * @see Net_SSH2::getEncryptionAlgorithmsClient2Server()
+ * @var Array
+ * @access private
+ */
+ var $encryption_algorithms_client_to_server;
+
+ /**
+ * Encryption Algorithms: Server to Client
+ *
+ * @see Net_SSH2::getEncryptionAlgorithmsServer2Client()
+ * @var Array
+ * @access private
+ */
+ var $encryption_algorithms_server_to_client;
+
+ /**
+ * MAC Algorithms: Client to Server
+ *
+ * @see Net_SSH2::getMACAlgorithmsClient2Server()
+ * @var Array
+ * @access private
+ */
+ var $mac_algorithms_client_to_server;
+
+ /**
+ * MAC Algorithms: Server to Client
+ *
+ * @see Net_SSH2::getMACAlgorithmsServer2Client()
+ * @var Array
+ * @access private
+ */
+ var $mac_algorithms_server_to_client;
+
+ /**
+ * Compression Algorithms: Client to Server
+ *
+ * @see Net_SSH2::getCompressionAlgorithmsClient2Server()
+ * @var Array
+ * @access private
+ */
+ var $compression_algorithms_client_to_server;
+
+ /**
+ * Compression Algorithms: Server to Client
+ *
+ * @see Net_SSH2::getCompressionAlgorithmsServer2Client()
+ * @var Array
+ * @access private
+ */
+ var $compression_algorithms_server_to_client;
+
+ /**
+ * Languages: Server to Client
+ *
+ * @see Net_SSH2::getLanguagesServer2Client()
+ * @var Array
+ * @access private
+ */
+ var $languages_server_to_client;
+
+ /**
+ * Languages: Client to Server
+ *
+ * @see Net_SSH2::getLanguagesClient2Server()
+ * @var Array
+ * @access private
+ */
+ var $languages_client_to_server;
+
+ /**
+ * Block Size for Server to Client Encryption
+ *
+ * "Note that the length of the concatenation of 'packet_length',
+ * 'padding_length', 'payload', and 'random padding' MUST be a multiple
+ * of the cipher block size or 8, whichever is larger. This constraint
+ * MUST be enforced, even when using stream ciphers."
+ *
+ * -- http://tools.ietf.org/html/rfc4253#section-6
+ *
+ * @see Net_SSH2::Net_SSH2()
+ * @see Net_SSH2::_send_binary_packet()
+ * @var Integer
+ * @access private
+ */
+ var $encrypt_block_size = 8;
+
+ /**
+ * Block Size for Client to Server Encryption
+ *
+ * @see Net_SSH2::Net_SSH2()
+ * @see Net_SSH2::_get_binary_packet()
+ * @var Integer
+ * @access private
+ */
+ var $decrypt_block_size = 8;
+
+ /**
+ * Server to Client Encryption Object
+ *
+ * @see Net_SSH2::_get_binary_packet()
+ * @var Object
+ * @access private
+ */
+ var $decrypt = false;
+
+ /**
+ * Client to Server Encryption Object
+ *
+ * @see Net_SSH2::_send_binary_packet()
+ * @var Object
+ * @access private
+ */
+ var $encrypt = false;
+
+ /**
+ * Client to Server HMAC Object
+ *
+ * @see Net_SSH2::_send_binary_packet()
+ * @var Object
+ * @access private
+ */
+ var $hmac_create = false;
+
+ /**
+ * Server to Client HMAC Object
+ *
+ * @see Net_SSH2::_get_binary_packet()
+ * @var Object
+ * @access private
+ */
+ var $hmac_check = false;
+
+ /**
+ * Size of server to client HMAC
+ *
+ * We need to know how big the HMAC will be for the server to client direction so that we know how many bytes to read.
+ * For the client to server side, the HMAC object will make the HMAC as long as it needs to be. All we need to do is
+ * append it.
+ *
+ * @see Net_SSH2::_get_binary_packet()
+ * @var Integer
+ * @access private
+ */
+ var $hmac_size = false;
+
+ /**
+ * Server Public Host Key
+ *
+ * @see Net_SSH2::getServerPublicHostKey()
+ * @var String
+ * @access private
+ */
+ var $server_public_host_key;
+
+ /**
+ * Session identifer
+ *
+ * "The exchange hash H from the first key exchange is additionally
+ * used as the session identifier, which is a unique identifier for
+ * this connection."
+ *
+ * -- http://tools.ietf.org/html/rfc4253#section-7.2
+ *
+ * @see Net_SSH2::_key_exchange()
+ * @var String
+ * @access private
+ */
+ var $session_id = false;
+
+ /**
+ * Exchange hash
+ *
+ * The current exchange hash
+ *
+ * @see Net_SSH2::_key_exchange()
+ * @var String
+ * @access private
+ */
+ var $exchange_hash = false;
+
+ /**
+ * Message Numbers
+ *
+ * @see Net_SSH2::Net_SSH2()
+ * @var Array
+ * @access private
+ */
+ var $message_numbers = array();
+
+ /**
+ * Disconnection Message 'reason codes' defined in RFC4253
+ *
+ * @see Net_SSH2::Net_SSH2()
+ * @var Array
+ * @access private
+ */
+ var $disconnect_reasons = array();
+
+ /**
+ * SSH_MSG_CHANNEL_OPEN_FAILURE 'reason codes', defined in RFC4254
+ *
+ * @see Net_SSH2::Net_SSH2()
+ * @var Array
+ * @access private
+ */
+ var $channel_open_failure_reasons = array();
+
+ /**
+ * Terminal Modes
+ *
+ * @link http://tools.ietf.org/html/rfc4254#section-8
+ * @see Net_SSH2::Net_SSH2()
+ * @var Array
+ * @access private
+ */
+ var $terminal_modes = array();
+
+ /**
+ * SSH_MSG_CHANNEL_EXTENDED_DATA's data_type_codes
+ *
+ * @link http://tools.ietf.org/html/rfc4254#section-5.2
+ * @see Net_SSH2::Net_SSH2()
+ * @var Array
+ * @access private
+ */
+ var $channel_extended_data_type_codes = array();
+
+ /**
+ * Send Sequence Number
+ *
+ * See 'Section 6.4. Data Integrity' of rfc4253 for more info.
+ *
+ * @see Net_SSH2::_send_binary_packet()
+ * @var Integer
+ * @access private
+ */
+ var $send_seq_no = 0;
+
+ /**
+ * Get Sequence Number
+ *
+ * See 'Section 6.4. Data Integrity' of rfc4253 for more info.
+ *
+ * @see Net_SSH2::_get_binary_packet()
+ * @var Integer
+ * @access private
+ */
+ var $get_seq_no = 0;
+
+ /**
+ * Server Channels
+ *
+ * Maps client channels to server channels
+ *
+ * @see Net_SSH2::_get_channel_packet()
+ * @see Net_SSH2::exec()
+ * @var Array
+ * @access private
+ */
+ var $server_channels = array();
+
+ /**
+ * Channel Buffers
+ *
+ * If a client requests a packet from one channel but receives two packets from another those packets should
+ * be placed in a buffer
+ *
+ * @see Net_SSH2::_get_channel_packet()
+ * @see Net_SSH2::exec()
+ * @var Array
+ * @access private
+ */
+ var $channel_buffers = array();
+
+ /**
+ * Channel Status
+ *
+ * Contains the type of the last sent message
+ *
+ * @see Net_SSH2::_get_channel_packet()
+ * @var Array
+ * @access private
+ */
+ var $channel_status = array();
+
+ /**
+ * Packet Size
+ *
+ * Maximum packet size indexed by channel
+ *
+ * @see Net_SSH2::_send_channel_packet()
+ * @var Array
+ * @access private
+ */
+ var $packet_size_client_to_server = array();
+
+ /**
+ * Message Number Log
+ *
+ * @see Net_SSH2::getLog()
+ * @var Array
+ * @access private
+ */
+ var $message_number_log = array();
+
+ /**
+ * Message Log
+ *
+ * @see Net_SSH2::getLog()
+ * @var Array
+ * @access private
+ */
+ var $message_log = array();
+
+ /**
+ * The Window Size
+ *
+ * Bytes the other party can send before it must wait for the window to be adjusted (0x7FFFFFFF = 4GB)
+ *
+ * @var Integer
+ * @see Net_SSH2::_send_channel_packet()
+ * @see Net_SSH2::exec()
+ * @access private
+ */
+ var $window_size = 0x7FFFFFFF;
+
+ /**
+ * Window size
+ *
+ * Window size indexed by channel
+ *
+ * @see Net_SSH2::_send_channel_packet()
+ * @var Array
+ * @access private
+ */
+ var $window_size_client_to_server = array();
+
+ /**
+ * Server signature
+ *
+ * Verified against $this->session_id
+ *
+ * @see Net_SSH2::getServerPublicHostKey()
+ * @var String
+ * @access private
+ */
+ var $signature = '';
+
+ /**
+ * Server signature format
+ *
+ * ssh-rsa or ssh-dss.
+ *
+ * @see Net_SSH2::getServerPublicHostKey()
+ * @var String
+ * @access private
+ */
+ var $signature_format = '';
+
+ /**
+ * Interactive Buffer
+ *
+ * @see Net_SSH2::read()
+ * @var Array
+ * @access private
+ */
+ var $interactiveBuffer = '';
+
+ /**
+ * Current log size
+ *
+ * Should never exceed NET_SSH2_LOG_MAX_SIZE
+ *
+ * @see Net_SSH2::_send_binary_packet()
+ * @see Net_SSH2::_get_binary_packet()
+ * @var Integer
+ * @access private
+ */
+ var $log_size;
+
+ /**
+ * Timeout
+ *
+ * @see Net_SSH2::setTimeout()
+ * @access private
+ */
+ var $timeout;
+
+ /**
+ * Current Timeout
+ *
+ * @see Net_SSH2::_get_channel_packet()
+ * @access private
+ */
+ var $curTimeout;
+
+ /**
+ * Real-time log file pointer
+ *
+ * @see Net_SSH2::_append_log()
+ * @var Resource
+ * @access private
+ */
+ var $realtime_log_file;
+
+ /**
+ * Real-time log file size
+ *
+ * @see Net_SSH2::_append_log()
+ * @var Integer
+ * @access private
+ */
+ var $realtime_log_size;
+
+ /**
+ * Has the signature been validated?
+ *
+ * @see Net_SSH2::getServerPublicHostKey()
+ * @var Boolean
+ * @access private
+ */
+ var $signature_validated = false;
+
+ /**
+ * Real-time log file wrap boolean
+ *
+ * @see Net_SSH2::_append_log()
+ * @access private
+ */
+ var $realtime_log_wrap;
+
+ /**
+ * Flag to suppress stderr from output
+ *
+ * @see Net_SSH2::enableQuietMode()
+ * @access private
+ */
+ var $quiet_mode = false;
+
+ /**
+ * Time of first network activity
+ *
+ * @access private
+ */
+ var $last_packet;
+
+ /**
+ * Exit status returned from ssh if any
+ *
+ * @var Integer
+ * @access private
+ */
+ var $exit_status;
+
+ /**
+ * Default Constructor.
+ *
+ * Connects to an SSHv2 server
+ *
+ * @param String $host
+ * @param optional Integer $port
+ * @param optional Integer $timeout
+ * @return Net_SSH2
+ * @access public
+ */
+ function Net_SSH2($host, $port = 22, $timeout = 10)
+ {
+ $this->last_packet = strtok(microtime(), ' ') + strtok(''); // == microtime(true) in PHP5
+ $this->message_numbers = array(
+ 1 => 'NET_SSH2_MSG_DISCONNECT',
+ 2 => 'NET_SSH2_MSG_IGNORE',
+ 3 => 'NET_SSH2_MSG_UNIMPLEMENTED',
+ 4 => 'NET_SSH2_MSG_DEBUG',
+ 5 => 'NET_SSH2_MSG_SERVICE_REQUEST',
+ 6 => 'NET_SSH2_MSG_SERVICE_ACCEPT',
+ 20 => 'NET_SSH2_MSG_KEXINIT',
+ 21 => 'NET_SSH2_MSG_NEWKEYS',
+ 30 => 'NET_SSH2_MSG_KEXDH_INIT',
+ 31 => 'NET_SSH2_MSG_KEXDH_REPLY',
+ 50 => 'NET_SSH2_MSG_USERAUTH_REQUEST',
+ 51 => 'NET_SSH2_MSG_USERAUTH_FAILURE',
+ 52 => 'NET_SSH2_MSG_USERAUTH_SUCCESS',
+ 53 => 'NET_SSH2_MSG_USERAUTH_BANNER',
+
+ 80 => 'NET_SSH2_MSG_GLOBAL_REQUEST',
+ 81 => 'NET_SSH2_MSG_REQUEST_SUCCESS',
+ 82 => 'NET_SSH2_MSG_REQUEST_FAILURE',
+ 90 => 'NET_SSH2_MSG_CHANNEL_OPEN',
+ 91 => 'NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION',
+ 92 => 'NET_SSH2_MSG_CHANNEL_OPEN_FAILURE',
+ 93 => 'NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST',
+ 94 => 'NET_SSH2_MSG_CHANNEL_DATA',
+ 95 => 'NET_SSH2_MSG_CHANNEL_EXTENDED_DATA',
+ 96 => 'NET_SSH2_MSG_CHANNEL_EOF',
+ 97 => 'NET_SSH2_MSG_CHANNEL_CLOSE',
+ 98 => 'NET_SSH2_MSG_CHANNEL_REQUEST',
+ 99 => 'NET_SSH2_MSG_CHANNEL_SUCCESS',
+ 100 => 'NET_SSH2_MSG_CHANNEL_FAILURE'
+ );
+ $this->disconnect_reasons = array(
+ 1 => 'NET_SSH2_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT',
+ 2 => 'NET_SSH2_DISCONNECT_PROTOCOL_ERROR',
+ 3 => 'NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED',
+ 4 => 'NET_SSH2_DISCONNECT_RESERVED',
+ 5 => 'NET_SSH2_DISCONNECT_MAC_ERROR',
+ 6 => 'NET_SSH2_DISCONNECT_COMPRESSION_ERROR',
+ 7 => 'NET_SSH2_DISCONNECT_SERVICE_NOT_AVAILABLE',
+ 8 => 'NET_SSH2_DISCONNECT_PROTOCOL_VERSION_NOT_SUPPORTED',
+ 9 => 'NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE',
+ 10 => 'NET_SSH2_DISCONNECT_CONNECTION_LOST',
+ 11 => 'NET_SSH2_DISCONNECT_BY_APPLICATION',
+ 12 => 'NET_SSH2_DISCONNECT_TOO_MANY_CONNECTIONS',
+ 13 => 'NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER',
+ 14 => 'NET_SSH2_DISCONNECT_NO_MORE_AUTH_METHODS_AVAILABLE',
+ 15 => 'NET_SSH2_DISCONNECT_ILLEGAL_USER_NAME'
+ );
+ $this->channel_open_failure_reasons = array(
+ 1 => 'NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED'
+ );
+ $this->terminal_modes = array(
+ 0 => 'NET_SSH2_TTY_OP_END'
+ );
+ $this->channel_extended_data_type_codes = array(
+ 1 => 'NET_SSH2_EXTENDED_DATA_STDERR'
+ );
+
+ $this->_define_array(
+ $this->message_numbers,
+ $this->disconnect_reasons,
+ $this->channel_open_failure_reasons,
+ $this->terminal_modes,
+ $this->channel_extended_data_type_codes,
+ array(60 => 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ'),
+ array(60 => 'NET_SSH2_MSG_USERAUTH_PK_OK'),
+ array(60 => 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST',
+ 61 => 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE')
+ );
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $this->fsock = @fsockopen($host, $port, $errno, $errstr, $timeout);
+ if (!$this->fsock) {
+ user_error(rtrim("Cannot connect to $host. Error $errno. $errstr"));
+ return;
+ }
+ $elapsed = strtok(microtime(), ' ') + strtok('') - $start;
+
+ $timeout-= $elapsed;
+
+ if ($timeout <= 0) {
+ user_error(rtrim("Cannot connect to $host. Timeout error"));
+ return;
+ }
+
+ $read = array($this->fsock);
+ $write = $except = NULL;
+
+ $sec = floor($timeout);
+ $usec = 1000000 * ($timeout - $sec);
+
+ // on windows this returns a "Warning: Invalid CRT parameters detected" error
+ // the !count() is done as a workaround for <https://bugs.php.net/42682>
+ if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) {
+ user_error(rtrim("Cannot connect to $host. Banner timeout"));
+ return;
+ }
+
+ /* According to the SSH2 specs,
+
+ "The server MAY send other lines of data before sending the version
+ string. Each line SHOULD be terminated by a Carriage Return and Line
+ Feed. Such lines MUST NOT begin with "SSH-", and SHOULD be encoded
+ in ISO-10646 UTF-8 [RFC3629] (language is not specified). Clients
+ MUST be able to process such lines." */
+ $temp = '';
+ $extra = '';
+ while (!feof($this->fsock) && !preg_match('#^SSH-(\d\.\d+)#', $temp, $matches)) {
+ if (substr($temp, -2) == "\r\n") {
+ $extra.= $temp;
+ $temp = '';
+ }
+ $temp.= fgets($this->fsock, 255);
+ }
+
+ if (feof($this->fsock)) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ $ext = array();
+ if (extension_loaded('mcrypt')) {
+ $ext[] = 'mcrypt';
+ }
+ if (extension_loaded('gmp')) {
+ $ext[] = 'gmp';
+ } else if (extension_loaded('bcmath')) {
+ $ext[] = 'bcmath';
+ }
+
+ if (!empty($ext)) {
+ $this->identifier.= ' (' . implode(', ', $ext) . ')';
+ }
+
+ if (defined('NET_SSH2_LOGGING')) {
+ $this->_append_log('<-', $extra . $temp);
+ $this->_append_log('->', $this->identifier . "\r\n");
+ }
+
+ $this->server_identifier = trim($temp, "\r\n");
+ if (strlen($extra)) {
+ $this->errors[] = utf8_decode($extra);
+ }
+
+ if ($matches[1] != '1.99' && $matches[1] != '2.0') {
+ user_error("Cannot connect to SSH $matches[1] servers");
+ return;
+ }
+
+ fputs($this->fsock, $this->identifier . "\r\n");
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return;
+ }
+
+ if (ord($response[0]) != NET_SSH2_MSG_KEXINIT) {
+ user_error('Expected SSH_MSG_KEXINIT');
+ return;
+ }
+
+ if (!$this->_key_exchange($response)) {
+ return;
+ }
+
+ $this->bitmap = NET_SSH2_MASK_CONSTRUCTOR;
+ }
+
+ /**
+ * Key Exchange
+ *
+ * @param String $kexinit_payload_server
+ * @access private
+ */
+ function _key_exchange($kexinit_payload_server)
+ {
+ static $kex_algorithms = array(
+ 'diffie-hellman-group1-sha1', // REQUIRED
+ 'diffie-hellman-group14-sha1' // REQUIRED
+ );
+
+ static $server_host_key_algorithms = array(
+ 'ssh-rsa', // RECOMMENDED sign Raw RSA Key
+ 'ssh-dss' // REQUIRED sign Raw DSS Key
+ );
+
+ static $encryption_algorithms = array(
+ // from <http://tools.ietf.org/html/rfc4345#section-4>:
+ 'arcfour256',
+ 'arcfour128',
+
+ 'arcfour', // OPTIONAL the ARCFOUR stream cipher with a 128-bit key
+
+ 'aes128-cbc', // RECOMMENDED AES with a 128-bit key
+ 'aes192-cbc', // OPTIONAL AES with a 192-bit key
+ 'aes256-cbc', // OPTIONAL AES in CBC mode, with a 256-bit key
+
+ // from <http://tools.ietf.org/html/rfc4344#section-4>:
+ 'aes128-ctr', // RECOMMENDED AES (Rijndael) in SDCTR mode, with 128-bit key
+ 'aes192-ctr', // RECOMMENDED AES with 192-bit key
+ 'aes256-ctr', // RECOMMENDED AES with 256-bit key
+ '3des-ctr', // RECOMMENDED Three-key 3DES in SDCTR mode
+
+ '3des-cbc', // REQUIRED three-key 3DES in CBC mode
+ 'none' // OPTIONAL no encryption; NOT RECOMMENDED
+ );
+
+ static $mac_algorithms = array(
+ 'hmac-sha1-96', // RECOMMENDED first 96 bits of HMAC-SHA1 (digest length = 12, key length = 20)
+ 'hmac-sha1', // REQUIRED HMAC-SHA1 (digest length = key length = 20)
+ 'hmac-md5-96', // OPTIONAL first 96 bits of HMAC-MD5 (digest length = 12, key length = 16)
+ 'hmac-md5', // OPTIONAL HMAC-MD5 (digest length = key length = 16)
+ 'none' // OPTIONAL no MAC; NOT RECOMMENDED
+ );
+
+ static $compression_algorithms = array(
+ 'none' // REQUIRED no compression
+ //'zlib' // OPTIONAL ZLIB (LZ77) compression
+ );
+
+ // some SSH servers have buggy implementations of some of the above algorithms
+ switch ($this->server_identifier) {
+ case 'SSH-2.0-SSHD':
+ $mac_algorithms = array_values(array_diff(
+ $mac_algorithms,
+ array('hmac-sha1-96', 'hmac-md5-96')
+ ));
+ }
+
+ static $str_kex_algorithms, $str_server_host_key_algorithms,
+ $encryption_algorithms_server_to_client, $mac_algorithms_server_to_client, $compression_algorithms_server_to_client,
+ $encryption_algorithms_client_to_server, $mac_algorithms_client_to_server, $compression_algorithms_client_to_server;
+
+ if (empty($str_kex_algorithms)) {
+ $str_kex_algorithms = implode(',', $kex_algorithms);
+ $str_server_host_key_algorithms = implode(',', $server_host_key_algorithms);
+ $encryption_algorithms_server_to_client = $encryption_algorithms_client_to_server = implode(',', $encryption_algorithms);
+ $mac_algorithms_server_to_client = $mac_algorithms_client_to_server = implode(',', $mac_algorithms);
+ $compression_algorithms_server_to_client = $compression_algorithms_client_to_server = implode(',', $compression_algorithms);
+ }
+
+ $client_cookie = crypt_random_string(16);
+
+ $response = $kexinit_payload_server;
+ $this->_string_shift($response, 1); // skip past the message number (it should be SSH_MSG_KEXINIT)
+ $server_cookie = $this->_string_shift($response, 16);
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->kex_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->server_host_key_algorithms = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->encryption_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->encryption_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->mac_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->mac_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->compression_algorithms_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->compression_algorithms_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->languages_client_to_server = explode(',', $this->_string_shift($response, $temp['length']));
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->languages_server_to_client = explode(',', $this->_string_shift($response, $temp['length']));
+
+ extract(unpack('Cfirst_kex_packet_follows', $this->_string_shift($response, 1)));
+ $first_kex_packet_follows = $first_kex_packet_follows != 0;
+
+ // the sending of SSH2_MSG_KEXINIT could go in one of two places. this is the second place.
+ $kexinit_payload_client = pack('Ca*Na*Na*Na*Na*Na*Na*Na*Na*Na*Na*CN',
+ NET_SSH2_MSG_KEXINIT, $client_cookie, strlen($str_kex_algorithms), $str_kex_algorithms,
+ strlen($str_server_host_key_algorithms), $str_server_host_key_algorithms, strlen($encryption_algorithms_client_to_server),
+ $encryption_algorithms_client_to_server, strlen($encryption_algorithms_server_to_client), $encryption_algorithms_server_to_client,
+ strlen($mac_algorithms_client_to_server), $mac_algorithms_client_to_server, strlen($mac_algorithms_server_to_client),
+ $mac_algorithms_server_to_client, strlen($compression_algorithms_client_to_server), $compression_algorithms_client_to_server,
+ strlen($compression_algorithms_server_to_client), $compression_algorithms_server_to_client, 0, '', 0, '',
+ 0, 0
+ );
+
+ if (!$this->_send_binary_packet($kexinit_payload_client)) {
+ return false;
+ }
+ // here ends the second place.
+
+ // we need to decide upon the symmetric encryption algorithms before we do the diffie-hellman key exchange
+ for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_server_to_client); $i++);
+ if ($i == count($encryption_algorithms)) {
+ user_error('No compatible server to client encryption algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ // we don't initialize any crypto-objects, yet - we do that, later. for now, we need the lengths to make the
+ // diffie-hellman key exchange as fast as possible
+ $decrypt = $encryption_algorithms[$i];
+ switch ($decrypt) {
+ case '3des-cbc':
+ case '3des-ctr':
+ $decryptKeyLength = 24; // eg. 192 / 8
+ break;
+ case 'aes256-cbc':
+ case 'aes256-ctr':
+ $decryptKeyLength = 32; // eg. 256 / 8
+ break;
+ case 'aes192-cbc':
+ case 'aes192-ctr':
+ $decryptKeyLength = 24; // eg. 192 / 8
+ break;
+ case 'aes128-cbc':
+ case 'aes128-ctr':
+ $decryptKeyLength = 16; // eg. 128 / 8
+ break;
+ case 'arcfour':
+ case 'arcfour128':
+ $decryptKeyLength = 16; // eg. 128 / 8
+ break;
+ case 'arcfour256':
+ $decryptKeyLength = 32; // eg. 128 / 8
+ break;
+ case 'none';
+ $decryptKeyLength = 0;
+ }
+
+ for ($i = 0; $i < count($encryption_algorithms) && !in_array($encryption_algorithms[$i], $this->encryption_algorithms_client_to_server); $i++);
+ if ($i == count($encryption_algorithms)) {
+ user_error('No compatible client to server encryption algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $encrypt = $encryption_algorithms[$i];
+ switch ($encrypt) {
+ case '3des-cbc':
+ case '3des-ctr':
+ $encryptKeyLength = 24;
+ break;
+ case 'aes256-cbc':
+ case 'aes256-ctr':
+ $encryptKeyLength = 32;
+ break;
+ case 'aes192-cbc':
+ case 'aes192-ctr':
+ $encryptKeyLength = 24;
+ break;
+ case 'aes128-cbc':
+ case 'aes128-ctr':
+ $encryptKeyLength = 16;
+ break;
+ case 'arcfour':
+ case 'arcfour128':
+ $encryptKeyLength = 16;
+ break;
+ case 'arcfour256':
+ $encryptKeyLength = 32;
+ break;
+ case 'none';
+ $encryptKeyLength = 0;
+ }
+
+ $keyLength = $decryptKeyLength > $encryptKeyLength ? $decryptKeyLength : $encryptKeyLength;
+
+ // through diffie-hellman key exchange a symmetric key is obtained
+ for ($i = 0; $i < count($kex_algorithms) && !in_array($kex_algorithms[$i], $this->kex_algorithms); $i++);
+ if ($i == count($kex_algorithms)) {
+ user_error('No compatible key exchange algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ switch ($kex_algorithms[$i]) {
+ // see http://tools.ietf.org/html/rfc2409#section-6.2 and
+ // http://tools.ietf.org/html/rfc2412, appendex E
+ case 'diffie-hellman-group1-sha1':
+ $p = pack('H256', 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' .
+ '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' .
+ '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' .
+ 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF');
+ $keyLength = $keyLength < 160 ? $keyLength : 160;
+ $hash = 'sha1';
+ break;
+ // see http://tools.ietf.org/html/rfc3526#section-3
+ case 'diffie-hellman-group14-sha1':
+ $p = pack('H512', 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' .
+ '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' .
+ '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' .
+ 'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF05' .
+ '98DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB' .
+ '9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B' .
+ 'E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718' .
+ '3995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF');
+ $keyLength = $keyLength < 160 ? $keyLength : 160;
+ $hash = 'sha1';
+ }
+
+ $p = new Math_BigInteger($p, 256);
+ //$q = $p->bitwise_rightShift(1);
+
+ /* To increase the speed of the key exchange, both client and server may
+ reduce the size of their private exponents. It should be at least
+ twice as long as the key material that is generated from the shared
+ secret. For more details, see the paper by van Oorschot and Wiener
+ [VAN-OORSCHOT].
+
+ -- http://tools.ietf.org/html/rfc4419#section-6.2 */
+ $q = new Math_BigInteger(1);
+ $q = $q->bitwise_leftShift(2 * $keyLength);
+ $q = $q->subtract(new Math_BigInteger(1));
+
+ $g = new Math_BigInteger(2);
+ $x = new Math_BigInteger();
+ $x = $x->random(new Math_BigInteger(1), $q);
+ $e = $g->modPow($x, $p);
+
+ $eBytes = $e->toBytes(true);
+ $data = pack('CNa*', NET_SSH2_MSG_KEXDH_INIT, strlen($eBytes), $eBytes);
+
+ if (!$this->_send_binary_packet($data)) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ if ($type != NET_SSH2_MSG_KEXDH_REPLY) {
+ user_error('Expected SSH_MSG_KEXDH_REPLY');
+ return false;
+ }
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->server_public_host_key = $server_public_host_key = $this->_string_shift($response, $temp['length']);
+
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $public_key_format = $this->_string_shift($server_public_host_key, $temp['length']);
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $fBytes = $this->_string_shift($response, $temp['length']);
+ $f = new Math_BigInteger($fBytes, -256);
+
+ $temp = unpack('Nlength', $this->_string_shift($response, 4));
+ $this->signature = $this->_string_shift($response, $temp['length']);
+
+ $temp = unpack('Nlength', $this->_string_shift($this->signature, 4));
+ $this->signature_format = $this->_string_shift($this->signature, $temp['length']);
+
+ $key = $f->modPow($x, $p);
+ $keyBytes = $key->toBytes(true);
+
+ $this->exchange_hash = pack('Na*Na*Na*Na*Na*Na*Na*Na*',
+ strlen($this->identifier), $this->identifier, strlen($this->server_identifier), $this->server_identifier,
+ strlen($kexinit_payload_client), $kexinit_payload_client, strlen($kexinit_payload_server),
+ $kexinit_payload_server, strlen($this->server_public_host_key), $this->server_public_host_key, strlen($eBytes),
+ $eBytes, strlen($fBytes), $fBytes, strlen($keyBytes), $keyBytes
+ );
+
+ $this->exchange_hash = pack('H*', $hash($this->exchange_hash));
+
+ if ($this->session_id === false) {
+ $this->session_id = $this->exchange_hash;
+ }
+
+ for ($i = 0; $i < count($server_host_key_algorithms) && !in_array($server_host_key_algorithms[$i], $this->server_host_key_algorithms); $i++);
+ if ($i == count($server_host_key_algorithms)) {
+ user_error('No compatible server host key algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ if ($public_key_format != $server_host_key_algorithms[$i] || $this->signature_format != $server_host_key_algorithms[$i]) {
+ user_error('Sever Host Key Algorithm Mismatch');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $packet = pack('C',
+ NET_SSH2_MSG_NEWKEYS
+ );
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ if ($type != NET_SSH2_MSG_NEWKEYS) {
+ user_error('Expected SSH_MSG_NEWKEYS');
+ return false;
+ }
+
+ switch ($encrypt) {
+ case '3des-cbc':
+ $this->encrypt = new Crypt_TripleDES();
+ // $this->encrypt_block_size = 64 / 8 == the default
+ break;
+ case '3des-ctr':
+ $this->encrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
+ // $this->encrypt_block_size = 64 / 8 == the default
+ break;
+ case 'aes256-cbc':
+ case 'aes192-cbc':
+ case 'aes128-cbc':
+ $this->encrypt = new Crypt_AES();
+ $this->encrypt_block_size = 16; // eg. 128 / 8
+ break;
+ case 'aes256-ctr':
+ case 'aes192-ctr':
+ case 'aes128-ctr':
+ $this->encrypt = new Crypt_AES(CRYPT_AES_MODE_CTR);
+ $this->encrypt_block_size = 16; // eg. 128 / 8
+ break;
+ case 'arcfour':
+ case 'arcfour128':
+ case 'arcfour256':
+ $this->encrypt = new Crypt_RC4();
+ break;
+ case 'none';
+ //$this->encrypt = new Crypt_Null();
+ }
+
+ switch ($decrypt) {
+ case '3des-cbc':
+ $this->decrypt = new Crypt_TripleDES();
+ break;
+ case '3des-ctr':
+ $this->decrypt = new Crypt_TripleDES(CRYPT_DES_MODE_CTR);
+ break;
+ case 'aes256-cbc':
+ case 'aes192-cbc':
+ case 'aes128-cbc':
+ $this->decrypt = new Crypt_AES();
+ $this->decrypt_block_size = 16;
+ break;
+ case 'aes256-ctr':
+ case 'aes192-ctr':
+ case 'aes128-ctr':
+ $this->decrypt = new Crypt_AES(CRYPT_AES_MODE_CTR);
+ $this->decrypt_block_size = 16;
+ break;
+ case 'arcfour':
+ case 'arcfour128':
+ case 'arcfour256':
+ $this->decrypt = new Crypt_RC4();
+ break;
+ case 'none';
+ //$this->decrypt = new Crypt_Null();
+ }
+
+ $keyBytes = pack('Na*', strlen($keyBytes), $keyBytes);
+
+ if ($this->encrypt) {
+ $this->encrypt->enableContinuousBuffer();
+ $this->encrypt->disablePadding();
+
+ $iv = pack('H*', $hash($keyBytes . $this->exchange_hash . 'A' . $this->session_id));
+ while ($this->encrypt_block_size > strlen($iv)) {
+ $iv.= pack('H*', $hash($keyBytes . $this->exchange_hash . $iv));
+ }
+ $this->encrypt->setIV(substr($iv, 0, $this->encrypt_block_size));
+
+ $key = pack('H*', $hash($keyBytes . $this->exchange_hash . 'C' . $this->session_id));
+ while ($encryptKeyLength > strlen($key)) {
+ $key.= pack('H*', $hash($keyBytes . $this->exchange_hash . $key));
+ }
+ $this->encrypt->setKey(substr($key, 0, $encryptKeyLength));
+ }
+
+ if ($this->decrypt) {
+ $this->decrypt->enableContinuousBuffer();
+ $this->decrypt->disablePadding();
+
+ $iv = pack('H*', $hash($keyBytes . $this->exchange_hash . 'B' . $this->session_id));
+ while ($this->decrypt_block_size > strlen($iv)) {
+ $iv.= pack('H*', $hash($keyBytes . $this->exchange_hash . $iv));
+ }
+ $this->decrypt->setIV(substr($iv, 0, $this->decrypt_block_size));
+
+ $key = pack('H*', $hash($keyBytes . $this->exchange_hash . 'D' . $this->session_id));
+ while ($decryptKeyLength > strlen($key)) {
+ $key.= pack('H*', $hash($keyBytes . $this->exchange_hash . $key));
+ }
+ $this->decrypt->setKey(substr($key, 0, $decryptKeyLength));
+ }
+
+ /* The "arcfour128" algorithm is the RC4 cipher, as described in
+ [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream
+ generated by the cipher MUST be discarded, and the first byte of the
+ first encrypted packet MUST be encrypted using the 1537th byte of
+ keystream.
+
+ -- http://tools.ietf.org/html/rfc4345#section-4 */
+ if ($encrypt == 'arcfour128' || $encrypt == 'arcfour256') {
+ $this->encrypt->encrypt(str_repeat("\0", 1536));
+ }
+ if ($decrypt == 'arcfour128' || $decrypt == 'arcfour256') {
+ $this->decrypt->decrypt(str_repeat("\0", 1536));
+ }
+
+ for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_client_to_server); $i++);
+ if ($i == count($mac_algorithms)) {
+ user_error('No compatible client to server message authentication algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $createKeyLength = 0; // ie. $mac_algorithms[$i] == 'none'
+ switch ($mac_algorithms[$i]) {
+ case 'hmac-sha1':
+ $this->hmac_create = new Crypt_Hash('sha1');
+ $createKeyLength = 20;
+ break;
+ case 'hmac-sha1-96':
+ $this->hmac_create = new Crypt_Hash('sha1-96');
+ $createKeyLength = 20;
+ break;
+ case 'hmac-md5':
+ $this->hmac_create = new Crypt_Hash('md5');
+ $createKeyLength = 16;
+ break;
+ case 'hmac-md5-96':
+ $this->hmac_create = new Crypt_Hash('md5-96');
+ $createKeyLength = 16;
+ }
+
+ for ($i = 0; $i < count($mac_algorithms) && !in_array($mac_algorithms[$i], $this->mac_algorithms_server_to_client); $i++);
+ if ($i == count($mac_algorithms)) {
+ user_error('No compatible server to client message authentication algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $checkKeyLength = 0;
+ $this->hmac_size = 0;
+ switch ($mac_algorithms[$i]) {
+ case 'hmac-sha1':
+ $this->hmac_check = new Crypt_Hash('sha1');
+ $checkKeyLength = 20;
+ $this->hmac_size = 20;
+ break;
+ case 'hmac-sha1-96':
+ $this->hmac_check = new Crypt_Hash('sha1-96');
+ $checkKeyLength = 20;
+ $this->hmac_size = 12;
+ break;
+ case 'hmac-md5':
+ $this->hmac_check = new Crypt_Hash('md5');
+ $checkKeyLength = 16;
+ $this->hmac_size = 16;
+ break;
+ case 'hmac-md5-96':
+ $this->hmac_check = new Crypt_Hash('md5-96');
+ $checkKeyLength = 16;
+ $this->hmac_size = 12;
+ }
+
+ $key = pack('H*', $hash($keyBytes . $this->exchange_hash . 'E' . $this->session_id));
+ while ($createKeyLength > strlen($key)) {
+ $key.= pack('H*', $hash($keyBytes . $this->exchange_hash . $key));
+ }
+ $this->hmac_create->setKey(substr($key, 0, $createKeyLength));
+
+ $key = pack('H*', $hash($keyBytes . $this->exchange_hash . 'F' . $this->session_id));
+ while ($checkKeyLength > strlen($key)) {
+ $key.= pack('H*', $hash($keyBytes . $this->exchange_hash . $key));
+ }
+ $this->hmac_check->setKey(substr($key, 0, $checkKeyLength));
+
+ for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_server_to_client); $i++);
+ if ($i == count($compression_algorithms)) {
+ user_error('No compatible server to client compression algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+ $this->decompress = $compression_algorithms[$i] == 'zlib';
+
+ for ($i = 0; $i < count($compression_algorithms) && !in_array($compression_algorithms[$i], $this->compression_algorithms_client_to_server); $i++);
+ if ($i == count($compression_algorithms)) {
+ user_error('No compatible client to server compression algorithms found');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+ $this->compress = $compression_algorithms[$i] == 'zlib';
+
+ return true;
+ }
+
+ /**
+ * Login
+ *
+ * The $password parameter can be a plaintext password or a Crypt_RSA object.
+ *
+ * @param String $username
+ * @param optional String $password
+ * @return Boolean
+ * @access public
+ * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis}
+ * by sending dummy SSH_MSG_IGNORE messages.
+ */
+ function login($username, $password = null)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR)) {
+ return false;
+ }
+
+ $packet = pack('CNa*',
+ NET_SSH2_MSG_SERVICE_REQUEST, strlen('ssh-userauth'), 'ssh-userauth'
+ );
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ if ($type != NET_SSH2_MSG_SERVICE_ACCEPT) {
+ user_error('Expected SSH_MSG_SERVICE_ACCEPT');
+ return false;
+ }
+
+ // although PHP5's get_class() preserves the case, PHP4's does not
+ if (is_object($password) && strtolower(get_class($password)) == 'crypt_rsa') {
+ return $this->_privatekey_login($username, $password);
+ }
+
+ if (!isset($password)) {
+ $packet = pack('CNa*Na*Na*',
+ NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
+ strlen('none'), 'none'
+ );
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ switch ($type) {
+ case NET_SSH2_MSG_USERAUTH_SUCCESS:
+ $this->bitmap |= NET_SSH2_MASK_LOGIN;
+ return true;
+ //case NET_SSH2_MSG_USERAUTH_FAILURE:
+ default:
+ return false;
+ }
+ }
+
+ $packet = pack('CNa*Na*Na*CNa*',
+ NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
+ strlen('password'), 'password', 0, strlen($password), $password
+ );
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ // remove the username and password from the last logged packet
+ if (defined('NET_SSH2_LOGGING') && NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX) {
+ $packet = pack('CNa*Na*Na*CNa*',
+ NET_SSH2_MSG_USERAUTH_REQUEST, strlen('username'), 'username', strlen('ssh-connection'), 'ssh-connection',
+ strlen('password'), 'password', 0, strlen('password'), 'password'
+ );
+ $this->message_log[count($this->message_log) - 1] = $packet;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ switch ($type) {
+ case NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ: // in theory, the password can be changed
+ if (defined('NET_SSH2_LOGGING')) {
+ $this->message_number_log[count($this->message_number_log) - 1] = 'NET_SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ';
+ }
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->errors[] = 'SSH_MSG_USERAUTH_PASSWD_CHANGEREQ: ' . utf8_decode($this->_string_shift($response, $length));
+ return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
+ case NET_SSH2_MSG_USERAUTH_FAILURE:
+ // can we use keyboard-interactive authentication? if not then either the login is bad or the server employees
+ // multi-factor authentication
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $auth_methods = explode(',', $this->_string_shift($response, $length));
+ if (in_array('keyboard-interactive', $auth_methods)) {
+ if ($this->_keyboard_interactive_login($username, $password)) {
+ $this->bitmap |= NET_SSH2_MASK_LOGIN;
+ return true;
+ }
+ return false;
+ }
+ return false;
+ case NET_SSH2_MSG_USERAUTH_SUCCESS:
+ $this->bitmap |= NET_SSH2_MASK_LOGIN;
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Login via keyboard-interactive authentication
+ *
+ * See {@link http://tools.ietf.org/html/rfc4256 RFC4256} for details. This is not a full-featured keyboard-interactive authenticator.
+ *
+ * @param String $username
+ * @param String $password
+ * @return Boolean
+ * @access private
+ */
+ function _keyboard_interactive_login($username, $password)
+ {
+ $packet = pack('CNa*Na*Na*Na*Na*',
+ NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
+ strlen('keyboard-interactive'), 'keyboard-interactive', 0, '', 0, ''
+ );
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ return $this->_keyboard_interactive_process($password);
+ }
+
+ /**
+ * Handle the keyboard-interactive requests / responses.
+ *
+ * @param String $responses...
+ * @return Boolean
+ * @access private
+ */
+ function _keyboard_interactive_process()
+ {
+ $responses = func_get_args();
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ switch ($type) {
+ case NET_SSH2_MSG_USERAUTH_INFO_REQUEST:
+ // see http://tools.ietf.org/html/rfc4256#section-3.2
+ if (defined('NET_SSH2_LOGGING')) {
+ $this->message_number_log[count($this->message_number_log) - 1] = str_replace(
+ 'UNKNOWN',
+ 'NET_SSH2_MSG_USERAUTH_INFO_REQUEST',
+ $this->message_number_log[count($this->message_number_log) - 1]
+ );
+ }
+
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->_string_shift($response, $length); // name; may be empty
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->_string_shift($response, $length); // instruction; may be empty
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->_string_shift($response, $length); // language tag; may be empty
+ extract(unpack('Nnum_prompts', $this->_string_shift($response, 4)));
+ /*
+ for ($i = 0; $i < $num_prompts; $i++) {
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ // prompt - ie. "Password: "; must not be empty
+ $this->_string_shift($response, $length);
+ $echo = $this->_string_shift($response) != chr(0);
+ }
+ */
+
+ /*
+ After obtaining the requested information from the user, the client
+ MUST respond with an SSH_MSG_USERAUTH_INFO_RESPONSE message.
+ */
+ // see http://tools.ietf.org/html/rfc4256#section-3.4
+ $packet = $logged = pack('CN', NET_SSH2_MSG_USERAUTH_INFO_RESPONSE, count($responses));
+ for ($i = 0; $i < count($responses); $i++) {
+ $packet.= pack('Na*', strlen($responses[$i]), $responses[$i]);
+ $logged.= pack('Na*', strlen('dummy-answer'), 'dummy-answer');
+ }
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ if (defined('NET_SSH2_LOGGING')) {
+ $this->message_number_log[count($this->message_number_log) - 1] = str_replace(
+ 'UNKNOWN',
+ 'NET_SSH2_MSG_USERAUTH_INFO_RESPONSE',
+ $this->message_number_log[count($this->message_number_log) - 1]
+ );
+ $this->message_log[count($this->message_log) - 1] = $logged;
+ }
+
+ /*
+ After receiving the response, the server MUST send either an
+ SSH_MSG_USERAUTH_SUCCESS, SSH_MSG_USERAUTH_FAILURE, or another
+ SSH_MSG_USERAUTH_INFO_REQUEST message.
+ */
+ // maybe phpseclib should force close the connection after x request / responses? unless something like that is done
+ // there could be an infinite loop of request / responses.
+ return $this->_keyboard_interactive_process();
+ case NET_SSH2_MSG_USERAUTH_SUCCESS:
+ return true;
+ case NET_SSH2_MSG_USERAUTH_FAILURE:
+ return false;
+ }
+
+ return false;
+ }
+
+ /**
+ * Login with an RSA private key
+ *
+ * @param String $username
+ * @param Crypt_RSA $password
+ * @return Boolean
+ * @access private
+ * @internal It might be worthwhile, at some point, to protect against {@link http://tools.ietf.org/html/rfc4251#section-9.3.9 traffic analysis}
+ * by sending dummy SSH_MSG_IGNORE messages.
+ */
+ function _privatekey_login($username, $privatekey)
+ {
+ // see http://tools.ietf.org/html/rfc4253#page-15
+ $publickey = $privatekey->getPublicKey(CRYPT_RSA_PUBLIC_FORMAT_RAW);
+ if ($publickey === false) {
+ return false;
+ }
+
+ $publickey = array(
+ 'e' => $publickey['e']->toBytes(true),
+ 'n' => $publickey['n']->toBytes(true)
+ );
+ $publickey = pack('Na*Na*Na*',
+ strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey['e']), $publickey['e'], strlen($publickey['n']), $publickey['n']
+ );
+
+ $part1 = pack('CNa*Na*Na*',
+ NET_SSH2_MSG_USERAUTH_REQUEST, strlen($username), $username, strlen('ssh-connection'), 'ssh-connection',
+ strlen('publickey'), 'publickey'
+ );
+ $part2 = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($publickey), $publickey);
+
+ $packet = $part1 . chr(0) . $part2;
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ switch ($type) {
+ case NET_SSH2_MSG_USERAUTH_FAILURE:
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->errors[] = 'SSH_MSG_USERAUTH_FAILURE: ' . $this->_string_shift($response, $length);
+ return $this->_disconnect(NET_SSH2_DISCONNECT_AUTH_CANCELLED_BY_USER);
+ case NET_SSH2_MSG_USERAUTH_PK_OK:
+ // we'll just take it on faith that the public key blob and the public key algorithm name are as
+ // they should be
+ if (defined('NET_SSH2_LOGGING')) {
+ $this->message_number_log[count($this->message_number_log) - 1] = str_replace(
+ 'UNKNOWN',
+ 'NET_SSH2_MSG_USERAUTH_PK_OK',
+ $this->message_number_log[count($this->message_number_log) - 1]
+ );
+ }
+ }
+
+ $packet = $part1 . chr(1) . $part2;
+ $privatekey->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
+ $signature = $privatekey->sign(pack('Na*a*', strlen($this->session_id), $this->session_id, $packet));
+ $signature = pack('Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($signature), $signature);
+ $packet.= pack('Na*', strlen($signature), $signature);
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ extract(unpack('Ctype', $this->_string_shift($response, 1)));
+
+ switch ($type) {
+ case NET_SSH2_MSG_USERAUTH_FAILURE:
+ // either the login is bad or the server employs multi-factor authentication
+ return false;
+ case NET_SSH2_MSG_USERAUTH_SUCCESS:
+ $this->bitmap |= NET_SSH2_MASK_LOGIN;
+ return true;
+ }
+
+ return false;
+ }
+
+ /**
+ * Set Timeout
+ *
+ * $ssh->exec('ping 127.0.0.1'); on a Linux host will never return and will run indefinitely. setTimeout() makes it so it'll timeout.
+ * Setting $timeout to false or 0 will mean there is no timeout.
+ *
+ * @param Mixed $timeout
+ */
+ function setTimeout($timeout)
+ {
+ $this->timeout = $this->curTimeout = $timeout;
+ }
+
+ /**
+ * Execute Command
+ *
+ * If $block is set to false then Net_SSH2::_get_channel_packet(NET_SSH2_CHANNEL_EXEC) will need to be called manually.
+ * In all likelihood, this is not a feature you want to be taking advantage of.
+ *
+ * @param String $command
+ * @param optional Boolean $block
+ * @return String
+ * @access public
+ */
+ function exec($command, $block = true)
+ {
+ $this->curTimeout = $this->timeout;
+
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ return false;
+ }
+
+ // RFC4254 defines the (client) window size as "bytes the other party can send before it must wait for the window to
+ // be adjusted". 0x7FFFFFFF is, at 4GB, the max size. technically, it should probably be decremented, but,
+ // honestly, if you're transfering more than 4GB, you probably shouldn't be using phpseclib, anyway.
+ // see http://tools.ietf.org/html/rfc4254#section-5.2 for more info
+ $this->window_size_client_to_server[NET_SSH2_CHANNEL_EXEC] = 0x7FFFFFFF;
+ // 0x8000 is the maximum max packet size, per http://tools.ietf.org/html/rfc4253#section-6.1, although since PuTTy
+ // uses 0x4000, that's what will be used here, as well.
+ $packet_size = 0x4000;
+
+ $packet = pack('CNa*N3',
+ NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_EXEC, $this->window_size_client_to_server[NET_SSH2_CHANNEL_EXEC], $packet_size);
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_OPEN;
+
+ $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC);
+ if ($response === false) {
+ return false;
+ }
+
+ // sending a pty-req SSH_MSG_CHANNEL_REQUEST message is unnecessary and, in fact, in most cases, slows things
+ // down. the one place where it might be desirable is if you're doing something like Net_SSH2::exec('ping localhost &').
+ // with a pty-req SSH_MSG_CHANNEL_REQUEST, exec() will return immediately and the ping process will then
+ // then immediately terminate. without such a request exec() will loop indefinitely. the ping process won't end but
+ // neither will your script.
+
+ // although, in theory, the size of SSH_MSG_CHANNEL_REQUEST could exceed the maximum packet size established by
+ // SSH_MSG_CHANNEL_OPEN_CONFIRMATION, RFC4254#section-5.1 states that the "maximum packet size" refers to the
+ // "maximum size of an individual data packet". ie. SSH_MSG_CHANNEL_DATA. RFC4254#section-5.2 corroborates.
+ $packet = pack('CNNa*CNa*',
+ NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_EXEC], strlen('exec'), 'exec', 1, strlen($command), $command);
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_REQUEST;
+
+ $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC);
+ if ($response === false) {
+ return false;
+ }
+
+ $this->channel_status[NET_SSH2_CHANNEL_EXEC] = NET_SSH2_MSG_CHANNEL_DATA;
+
+ if (!$block) {
+ return true;
+ }
+
+ $output = '';
+ while (true) {
+ $temp = $this->_get_channel_packet(NET_SSH2_CHANNEL_EXEC);
+ switch (true) {
+ case $temp === true:
+ return $output;
+ case $temp === false:
+ return false;
+ default:
+ $output.= $temp;
+ }
+ }
+ }
+
+ /**
+ * Creates an interactive shell
+ *
+ * @see Net_SSH2::read()
+ * @see Net_SSH2::write()
+ * @return Boolean
+ * @access private
+ */
+ function _initShell()
+ {
+ $this->window_size_client_to_server[NET_SSH2_CHANNEL_SHELL] = 0x7FFFFFFF;
+ $packet_size = 0x4000;
+
+ $packet = pack('CNa*N3',
+ NET_SSH2_MSG_CHANNEL_OPEN, strlen('session'), 'session', NET_SSH2_CHANNEL_SHELL, $this->window_size_client_to_server[NET_SSH2_CHANNEL_SHELL], $packet_size);
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $this->channel_status[NET_SSH2_CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_OPEN;
+
+ $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SHELL);
+ if ($response === false) {
+ return false;
+ }
+
+ $terminal_modes = pack('C', NET_SSH2_TTY_OP_END);
+ $packet = pack('CNNa*CNa*N5a*',
+ NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SHELL], strlen('pty-req'), 'pty-req', 1, strlen('vt100'), 'vt100',
+ 80, 24, 0, 0, strlen($terminal_modes), $terminal_modes);
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ list(, $type) = unpack('C', $this->_string_shift($response, 1));
+
+ switch ($type) {
+ case NET_SSH2_MSG_CHANNEL_SUCCESS:
+ break;
+ case NET_SSH2_MSG_CHANNEL_FAILURE:
+ default:
+ user_error('Unable to request pseudo-terminal');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ }
+
+ $packet = pack('CNNa*C',
+ NET_SSH2_MSG_CHANNEL_REQUEST, $this->server_channels[NET_SSH2_CHANNEL_SHELL], strlen('shell'), 'shell', 1);
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+
+ $this->channel_status[NET_SSH2_CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_REQUEST;
+
+ $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SHELL);
+ if ($response === false) {
+ return false;
+ }
+
+ $this->channel_status[NET_SSH2_CHANNEL_SHELL] = NET_SSH2_MSG_CHANNEL_DATA;
+
+ $this->bitmap |= NET_SSH2_MASK_SHELL;
+
+ return true;
+ }
+
+ /**
+ * Returns the output of an interactive shell
+ *
+ * Returns when there's a match for $expect, which can take the form of a string literal or,
+ * if $mode == NET_SSH2_READ_REGEX, a regular expression.
+ *
+ * @see Net_SSH2::read()
+ * @param String $expect
+ * @param Integer $mode
+ * @return String
+ * @access public
+ */
+ function read($expect = '', $mode = NET_SSH2_READ_SIMPLE)
+ {
+ $this->curTimeout = $this->timeout;
+
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ user_error('Operation disallowed prior to login()');
+ return false;
+ }
+
+ if (!($this->bitmap & NET_SSH2_MASK_SHELL) && !$this->_initShell()) {
+ user_error('Unable to initiate an interactive shell session');
+ return false;
+ }
+
+ $match = $expect;
+ while (true) {
+ if ($mode == NET_SSH2_READ_REGEX) {
+ preg_match($expect, $this->interactiveBuffer, $matches);
+ $match = isset($matches[0]) ? $matches[0] : '';
+ }
+ $pos = strlen($match) ? strpos($this->interactiveBuffer, $match) : false;
+ if ($pos !== false) {
+ return $this->_string_shift($this->interactiveBuffer, $pos + strlen($match));
+ }
+ $response = $this->_get_channel_packet(NET_SSH2_CHANNEL_SHELL);
+ if (is_bool($response)) {
+ return $response ? $this->_string_shift($this->interactiveBuffer, strlen($this->interactiveBuffer)) : false;
+ }
+
+ $this->interactiveBuffer.= $response;
+ }
+ }
+
+ /**
+ * Inputs a command into an interactive shell.
+ *
+ * @see Net_SSH1::interactiveWrite()
+ * @param String $cmd
+ * @return Boolean
+ * @access public
+ */
+ function write($cmd)
+ {
+ if (!($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ user_error('Operation disallowed prior to login()');
+ return false;
+ }
+
+ if (!($this->bitmap & NET_SSH2_MASK_SHELL) && !$this->_initShell()) {
+ user_error('Unable to initiate an interactive shell session');
+ return false;
+ }
+
+ return $this->_send_channel_packet(NET_SSH2_CHANNEL_SHELL, $cmd);
+ }
+
+ /**
+ * Disconnect
+ *
+ * @access public
+ */
+ function disconnect()
+ {
+ $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ if (isset($this->realtime_log_file) && is_resource($this->realtime_log_file)) {
+ fclose($this->realtime_log_file);
+ }
+ }
+
+ /**
+ * Destructor.
+ *
+ * Will be called, automatically, if you're supporting just PHP5. If you're supporting PHP4, you'll need to call
+ * disconnect().
+ *
+ * @access public
+ */
+ function __destruct()
+ {
+ $this->disconnect();
+ }
+
+ /**
+ * Gets Binary Packets
+ *
+ * See '6. Binary Packet Protocol' of rfc4253 for more info.
+ *
+ * @see Net_SSH2::_send_binary_packet()
+ * @return String
+ * @access private
+ */
+ function _get_binary_packet()
+ {
+ if (!is_resource($this->fsock) || feof($this->fsock)) {
+ user_error('Connection closed prematurely');
+ $this->bitmask = 0;
+ return false;
+ }
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $raw = fread($this->fsock, $this->decrypt_block_size);
+
+ if (!strlen($raw)) {
+ return '';
+ }
+
+ if ($this->decrypt !== false) {
+ $raw = $this->decrypt->decrypt($raw);
+ }
+ if ($raw === false) {
+ user_error('Unable to decrypt content');
+ return false;
+ }
+
+ extract(unpack('Npacket_length/Cpadding_length', $this->_string_shift($raw, 5)));
+
+ $remaining_length = $packet_length + 4 - $this->decrypt_block_size;
+
+ // quoting <http://tools.ietf.org/html/rfc4253#section-6.1>,
+ // "implementations SHOULD check that the packet length is reasonable"
+ // PuTTY uses 0x9000 as the actual max packet size and so to shall we
+ if ($remaining_length < -$this->decrypt_block_size || $remaining_length > 0x9000 || $remaining_length % $this->decrypt_block_size != 0) {
+ user_error('Invalid size');
+ return false;
+ }
+
+ $buffer = '';
+ while ($remaining_length > 0) {
+ $temp = fread($this->fsock, $remaining_length);
+ $buffer.= $temp;
+ $remaining_length-= strlen($temp);
+ }
+ $stop = strtok(microtime(), ' ') + strtok('');
+ if (strlen($buffer)) {
+ $raw.= $this->decrypt !== false ? $this->decrypt->decrypt($buffer) : $buffer;
+ }
+
+ $payload = $this->_string_shift($raw, $packet_length - $padding_length - 1);
+ $padding = $this->_string_shift($raw, $padding_length); // should leave $raw empty
+
+ if ($this->hmac_check !== false) {
+ $hmac = fread($this->fsock, $this->hmac_size);
+ if ($hmac != $this->hmac_check->hash(pack('NNCa*', $this->get_seq_no, $packet_length, $padding_length, $payload . $padding))) {
+ user_error('Invalid HMAC');
+ return false;
+ }
+ }
+
+ //if ($this->decompress) {
+ // $payload = gzinflate(substr($payload, 2));
+ //}
+
+ $this->get_seq_no++;
+
+ if (defined('NET_SSH2_LOGGING')) {
+ $current = strtok(microtime(), ' ') + strtok('');
+ $message_number = isset($this->message_numbers[ord($payload[0])]) ? $this->message_numbers[ord($payload[0])] : 'UNKNOWN (' . ord($payload[0]) . ')';
+ $message_number = '<- ' . $message_number .
+ ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)';
+ $this->_append_log($message_number, $payload);
+ $this->last_packet = $current;
+ }
+
+ return $this->_filter($payload);
+ }
+
+ /**
+ * Filter Binary Packets
+ *
+ * Because some binary packets need to be ignored...
+ *
+ * @see Net_SSH2::_get_binary_packet()
+ * @return String
+ * @access private
+ */
+ function _filter($payload)
+ {
+ switch (ord($payload[0])) {
+ case NET_SSH2_MSG_DISCONNECT:
+ $this->_string_shift($payload, 1);
+ extract(unpack('Nreason_code/Nlength', $this->_string_shift($payload, 8)));
+ $this->errors[] = 'SSH_MSG_DISCONNECT: ' . $this->disconnect_reasons[$reason_code] . "\r\n" . utf8_decode($this->_string_shift($payload, $length));
+ $this->bitmask = 0;
+ return false;
+ case NET_SSH2_MSG_IGNORE:
+ $payload = $this->_get_binary_packet();
+ break;
+ case NET_SSH2_MSG_DEBUG:
+ $this->_string_shift($payload, 2);
+ extract(unpack('Nlength', $this->_string_shift($payload, 4)));
+ $this->errors[] = 'SSH_MSG_DEBUG: ' . utf8_decode($this->_string_shift($payload, $length));
+ $payload = $this->_get_binary_packet();
+ break;
+ case NET_SSH2_MSG_UNIMPLEMENTED:
+ return false;
+ case NET_SSH2_MSG_KEXINIT:
+ if ($this->session_id !== false) {
+ if (!$this->_key_exchange($payload)) {
+ $this->bitmask = 0;
+ return false;
+ }
+ $payload = $this->_get_binary_packet();
+ }
+ }
+
+ // see http://tools.ietf.org/html/rfc4252#section-5.4; only called when the encryption has been activated and when we haven't already logged in
+ if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && !($this->bitmap & NET_SSH2_MASK_LOGIN) && ord($payload[0]) == NET_SSH2_MSG_USERAUTH_BANNER) {
+ $this->_string_shift($payload, 1);
+ extract(unpack('Nlength', $this->_string_shift($payload, 4)));
+ $this->errors[] = 'SSH_MSG_USERAUTH_BANNER: ' . utf8_decode($this->_string_shift($payload, $length));
+ $payload = $this->_get_binary_packet();
+ }
+
+ // only called when we've already logged in
+ if (($this->bitmap & NET_SSH2_MASK_CONSTRUCTOR) && ($this->bitmap & NET_SSH2_MASK_LOGIN)) {
+ switch (ord($payload[0])) {
+ case NET_SSH2_MSG_GLOBAL_REQUEST: // see http://tools.ietf.org/html/rfc4254#section-4
+ $this->_string_shift($payload, 1);
+ extract(unpack('Nlength', $this->_string_shift($payload)));
+ $this->errors[] = 'SSH_MSG_GLOBAL_REQUEST: ' . utf8_decode($this->_string_shift($payload, $length));
+
+ if (!$this->_send_binary_packet(pack('C', NET_SSH2_MSG_REQUEST_FAILURE))) {
+ return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ }
+
+ $payload = $this->_get_binary_packet();
+ break;
+ case NET_SSH2_MSG_CHANNEL_OPEN: // see http://tools.ietf.org/html/rfc4254#section-5.1
+ $this->_string_shift($payload, 1);
+ extract(unpack('N', $this->_string_shift($payload, 4)));
+ $this->errors[] = 'SSH_MSG_CHANNEL_OPEN: ' . utf8_decode($this->_string_shift($payload, $length));
+
+ $this->_string_shift($payload, 4); // skip over client channel
+ extract(unpack('Nserver_channel', $this->_string_shift($payload, 4)));
+
+ $packet = pack('CN3a*Na*',
+ NET_SSH2_MSG_REQUEST_FAILURE, $server_channel, NET_SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED, 0, '', 0, '');
+
+ if (!$this->_send_binary_packet($packet)) {
+ return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ }
+
+ $payload = $this->_get_binary_packet();
+ break;
+ case NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST:
+ $payload = $this->_get_binary_packet();
+ }
+ }
+
+ return $payload;
+ }
+
+ /**
+ * Enable Quiet Mode
+ *
+ * Suppress stderr from output
+ *
+ * @access public
+ */
+ function enableQuietMode()
+ {
+ $this->quiet_mode = true;
+ }
+
+ /**
+ * Disable Quiet Mode
+ *
+ * Show stderr in output
+ *
+ * @access public
+ */
+ function disableQuietMode()
+ {
+ $this->quiet_mode = false;
+ }
+
+ /**
+ * Gets channel data
+ *
+ * Returns the data as a string if it's available and false if not.
+ *
+ * @param $client_channel
+ * @return Mixed
+ * @access private
+ */
+ function _get_channel_packet($client_channel, $skip_extended = false)
+ {
+ if (!empty($this->channel_buffers[$client_channel])) {
+ return array_shift($this->channel_buffers[$client_channel]);
+ }
+
+ while (true) {
+ if ($this->curTimeout) {
+ $read = array($this->fsock);
+ $write = $except = NULL;
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $sec = floor($this->curTimeout);
+ $usec = 1000000 * ($this->curTimeout - $sec);
+ // on windows this returns a "Warning: Invalid CRT parameters detected" error
+ if (!@stream_select($read, $write, $except, $sec, $usec) && !count($read)) {
+ $this->_close_channel($client_channel);
+ return true;
+ }
+ $elapsed = strtok(microtime(), ' ') + strtok('') - $start;
+ $this->curTimeout-= $elapsed;
+ }
+
+ $response = $this->_get_binary_packet();
+ if ($response === false) {
+ user_error('Connection closed by server');
+ return false;
+ }
+
+ if (!strlen($response)) {
+ return '';
+ }
+
+ extract(unpack('Ctype/Nchannel', $this->_string_shift($response, 5)));
+
+ switch ($this->channel_status[$channel]) {
+ case NET_SSH2_MSG_CHANNEL_OPEN:
+ switch ($type) {
+ case NET_SSH2_MSG_CHANNEL_OPEN_CONFIRMATION:
+ extract(unpack('Nserver_channel', $this->_string_shift($response, 4)));
+ $this->server_channels[$channel] = $server_channel;
+ $this->_string_shift($response, 4); // skip over (server) window size
+ $temp = unpack('Npacket_size_client_to_server', $this->_string_shift($response, 4));
+ $this->packet_size_client_to_server[$channel] = $temp['packet_size_client_to_server'];
+ return $client_channel == $channel ? true : $this->_get_channel_packet($client_channel, $skip_extended);
+ //case NET_SSH2_MSG_CHANNEL_OPEN_FAILURE:
+ default:
+ user_error('Unable to open channel');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ }
+ break;
+ case NET_SSH2_MSG_CHANNEL_REQUEST:
+ switch ($type) {
+ case NET_SSH2_MSG_CHANNEL_SUCCESS:
+ return true;
+ //case NET_SSH2_MSG_CHANNEL_FAILURE:
+ default:
+ user_error('Unable to request pseudo-terminal');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ }
+ case NET_SSH2_MSG_CHANNEL_CLOSE:
+ return $type == NET_SSH2_MSG_CHANNEL_CLOSE ? true : $this->_get_channel_packet($client_channel, $skip_extended);
+ }
+
+ switch ($type) {
+ case NET_SSH2_MSG_CHANNEL_DATA:
+ /*
+ if ($client_channel == NET_SSH2_CHANNEL_EXEC) {
+ // SCP requires null packets, such as this, be sent. further, in the case of the ssh.com SSH server
+ // this actually seems to make things twice as fast. more to the point, the message right after
+ // SSH_MSG_CHANNEL_DATA (usually SSH_MSG_IGNORE) won't block for as long as it would have otherwise.
+ // in OpenSSH it slows things down but only by a couple thousandths of a second.
+ $this->_send_channel_packet($client_channel, chr(0));
+ }
+ */
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $data = $this->_string_shift($response, $length);
+ if ($client_channel == $channel) {
+ return $data;
+ }
+ if (!isset($this->channel_buffers[$client_channel])) {
+ $this->channel_buffers[$client_channel] = array();
+ }
+ $this->channel_buffers[$client_channel][] = $data;
+ break;
+ case NET_SSH2_MSG_CHANNEL_EXTENDED_DATA:
+ if ($skip_extended || $this->quiet_mode) {
+ break;
+ }
+ /*
+ if ($client_channel == NET_SSH2_CHANNEL_EXEC) {
+ $this->_send_channel_packet($client_channel, chr(0));
+ }
+ */
+ // currently, there's only one possible value for $data_type_code: NET_SSH2_EXTENDED_DATA_STDERR
+ extract(unpack('Ndata_type_code/Nlength', $this->_string_shift($response, 8)));
+ $data = $this->_string_shift($response, $length);
+ if ($client_channel == $channel) {
+ return $data;
+ }
+ if (!isset($this->channel_buffers[$client_channel])) {
+ $this->channel_buffers[$client_channel] = array();
+ }
+ $this->channel_buffers[$client_channel][] = $data;
+ break;
+ case NET_SSH2_MSG_CHANNEL_REQUEST:
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $value = $this->_string_shift($response, $length);
+ switch ($value) {
+ case 'exit-signal':
+ $this->_string_shift($response, 1);
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ $this->errors[] = 'SSH_MSG_CHANNEL_REQUEST (exit-signal): ' . $this->_string_shift($response, $length);
+ $this->_string_shift($response, 1);
+ extract(unpack('Nlength', $this->_string_shift($response, 4)));
+ if ($length) {
+ $this->errors[count($this->errors)].= "\r\n" . $this->_string_shift($response, $length);
+ }
+ case 'exit-status':
+ extract(unpack('Cfalse/Nexit_status', $this->_string_shift($response, 5)));
+ $this->exit_status = $exit_status;
+ // "The channel needs to be closed with SSH_MSG_CHANNEL_CLOSE after this message."
+ // -- http://tools.ietf.org/html/rfc4254#section-6.10
+ $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel]));
+ $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel]));
+
+ $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_EOF;
+ default:
+ // "Some systems may not implement signals, in which case they SHOULD ignore this message."
+ // -- http://tools.ietf.org/html/rfc4254#section-6.9
+ break;
+ }
+ break;
+ case NET_SSH2_MSG_CHANNEL_CLOSE:
+ $this->curTimeout = 0;
+
+ if ($this->bitmap & NET_SSH2_MASK_SHELL) {
+ $this->bitmap&= ~NET_SSH2_MASK_SHELL;
+ }
+ if ($this->channel_status[$channel] != NET_SSH2_MSG_CHANNEL_EOF) {
+ $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$channel]));
+ }
+
+ $this->channel_status[$channel] = NET_SSH2_MSG_CHANNEL_CLOSE;
+ return true;
+ case NET_SSH2_MSG_CHANNEL_EOF:
+ break;
+ default:
+ user_error('Error reading channel data');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_BY_APPLICATION);
+ }
+ }
+ }
+
+ /**
+ * Sends Binary Packets
+ *
+ * See '6. Binary Packet Protocol' of rfc4253 for more info.
+ *
+ * @param String $data
+ * @see Net_SSH2::_get_binary_packet()
+ * @return Boolean
+ * @access private
+ */
+ function _send_binary_packet($data)
+ {
+ if (!is_resource($this->fsock) || feof($this->fsock)) {
+ user_error('Connection closed prematurely');
+ $this->bitmask = 0;
+ return false;
+ }
+
+ //if ($this->compress) {
+ // // the -4 removes the checksum:
+ // // http://php.net/function.gzcompress#57710
+ // $data = substr(gzcompress($data), 0, -4);
+ //}
+
+ // 4 (packet length) + 1 (padding length) + 4 (minimal padding amount) == 9
+ $packet_length = strlen($data) + 9;
+ // round up to the nearest $this->encrypt_block_size
+ $packet_length+= (($this->encrypt_block_size - 1) * $packet_length) % $this->encrypt_block_size;
+ // subtracting strlen($data) is obvious - subtracting 5 is necessary because of packet_length and padding_length
+ $padding_length = $packet_length - strlen($data) - 5;
+ $padding = crypt_random_string($padding_length);
+
+ // we subtract 4 from packet_length because the packet_length field isn't supposed to include itself
+ $packet = pack('NCa*', $packet_length - 4, $padding_length, $data . $padding);
+
+ $hmac = $this->hmac_create !== false ? $this->hmac_create->hash(pack('Na*', $this->send_seq_no, $packet)) : '';
+ $this->send_seq_no++;
+
+ if ($this->encrypt !== false) {
+ $packet = $this->encrypt->encrypt($packet);
+ }
+
+ $packet.= $hmac;
+
+ $start = strtok(microtime(), ' ') + strtok(''); // http://php.net/microtime#61838
+ $result = strlen($packet) == fputs($this->fsock, $packet);
+ $stop = strtok(microtime(), ' ') + strtok('');
+
+ if (defined('NET_SSH2_LOGGING')) {
+ $current = strtok(microtime(), ' ') + strtok('');
+ $message_number = isset($this->message_numbers[ord($data[0])]) ? $this->message_numbers[ord($data[0])] : 'UNKNOWN (' . ord($data[0]) . ')';
+ $message_number = '-> ' . $message_number .
+ ' (since last: ' . round($current - $this->last_packet, 4) . ', network: ' . round($stop - $start, 4) . 's)';
+ $this->_append_log($message_number, $data);
+ $this->last_packet = $current;
+ }
+
+ return $result;
+ }
+
+ /**
+ * Logs data packets
+ *
+ * Makes sure that only the last 1MB worth of packets will be logged
+ *
+ * @param String $data
+ * @access private
+ */
+ function _append_log($message_number, $message)
+ {
+ switch (NET_SSH2_LOGGING) {
+ // useful for benchmarks
+ case NET_SSH2_LOG_SIMPLE:
+ $this->message_number_log[] = $message_number;
+ break;
+ // the most useful log for SSH2
+ case NET_SSH2_LOG_COMPLEX:
+ $this->message_number_log[] = $message_number;
+ $this->_string_shift($message);
+ $this->log_size+= strlen($message);
+ $this->message_log[] = $message;
+ while ($this->log_size > NET_SSH2_LOG_MAX_SIZE) {
+ $this->log_size-= strlen(array_shift($this->message_log));
+ array_shift($this->message_number_log);
+ }
+ break;
+ // dump the output out realtime; packets may be interspersed with non packets,
+ // passwords won't be filtered out and select other packets may not be correctly
+ // identified
+ case NET_SSH2_LOG_REALTIME:
+ echo "<pre>\r\n" . $this->_format_log(array($message), array($message_number)) . "\r\n</pre>\r\n";
+ @flush();
+ @ob_flush();
+ break;
+ // basically the same thing as NET_SSH2_LOG_REALTIME with the caveat that NET_SSH2_LOG_REALTIME_FILE
+ // needs to be defined and that the resultant log file will be capped out at NET_SSH2_LOG_MAX_SIZE.
+ // the earliest part of the log file is denoted by the first <<< START >>> and is not going to necessarily
+ // at the beginning of the file
+ case NET_SSH2_LOG_REALTIME_FILE:
+ if (!isset($this->realtime_log_file)) {
+ // PHP doesn't seem to like using constants in fopen()
+ $filename = NET_SSH2_LOG_REALTIME_FILE;
+ $fp = fopen($filename, 'w');
+ $this->realtime_log_file = $fp;
+ }
+ if (!is_resource($this->realtime_log_file)) {
+ break;
+ }
+ $entry = $this->_format_log(array($message), array($message_number));
+ if ($this->realtime_log_wrap) {
+ $temp = "<<< START >>>\r\n";
+ $entry.= $temp;
+ fseek($this->realtime_log_file, ftell($this->realtime_log_file) - strlen($temp));
+ }
+ $this->realtime_log_size+= strlen($entry);
+ if ($this->realtime_log_size > NET_SSH2_LOG_MAX_SIZE) {
+ fseek($this->realtime_log_file, 0);
+ $this->realtime_log_size = strlen($entry);
+ $this->realtime_log_wrap = true;
+ }
+ fputs($this->realtime_log_file, $entry);
+ }
+ }
+
+ /**
+ * Sends channel data
+ *
+ * Spans multiple SSH_MSG_CHANNEL_DATAs if appropriate
+ *
+ * @param Integer $client_channel
+ * @param String $data
+ * @return Boolean
+ * @access private
+ */
+ function _send_channel_packet($client_channel, $data)
+ {
+ while (strlen($data) > $this->packet_size_client_to_server[$client_channel]) {
+ // resize the window, if appropriate
+ $this->window_size_client_to_server[$client_channel]-= $this->packet_size_client_to_server[$client_channel];
+ if ($this->window_size_client_to_server[$client_channel] < 0) {
+ $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$client_channel], $this->window_size);
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+ $this->window_size_client_to_server[$client_channel]+= $this->window_size;
+ }
+
+ $packet = pack('CN2a*',
+ NET_SSH2_MSG_CHANNEL_DATA,
+ $this->server_channels[$client_channel],
+ $this->packet_size_client_to_server[$client_channel],
+ $this->_string_shift($data, $this->packet_size_client_to_server[$client_channel])
+ );
+
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+ }
+
+ // resize the window, if appropriate
+ $this->window_size_client_to_server[$client_channel]-= strlen($data);
+ if ($this->window_size_client_to_server[$client_channel] < 0) {
+ $packet = pack('CNN', NET_SSH2_MSG_CHANNEL_WINDOW_ADJUST, $this->server_channels[$client_channel], $this->window_size);
+ if (!$this->_send_binary_packet($packet)) {
+ return false;
+ }
+ $this->window_size_client_to_server[$client_channel]+= $this->window_size;
+ }
+
+ return $this->_send_binary_packet(pack('CN2a*',
+ NET_SSH2_MSG_CHANNEL_DATA,
+ $this->server_channels[$client_channel],
+ strlen($data),
+ $data));
+ }
+
+ /**
+ * Closes and flushes a channel
+ *
+ * Net_SSH2 doesn't properly close most channels. For exec() channels are normally closed by the server
+ * and for SFTP channels are presumably closed when the client disconnects. This functions is intended
+ * for SCP more than anything.
+ *
+ * @param Integer $client_channel
+ * @return Boolean
+ * @access private
+ */
+ function _close_channel($client_channel)
+ {
+ // see http://tools.ietf.org/html/rfc4254#section-5.3
+
+ $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_EOF, $this->server_channels[$client_channel]));
+
+ $this->_send_binary_packet(pack('CN', NET_SSH2_MSG_CHANNEL_CLOSE, $this->server_channels[$client_channel]));
+
+ $this->channel_status[$client_channel] = NET_SSH2_MSG_CHANNEL_CLOSE;
+
+ $this->curTimeout = 0;
+
+ while (!is_bool($this->_get_channel_packet($client_channel)));
+
+ if ($this->bitmap & NET_SSH2_MASK_SHELL) {
+ $this->bitmap&= ~NET_SSH2_MASK_SHELL;
+ }
+ }
+
+ /**
+ * Disconnect
+ *
+ * @param Integer $reason
+ * @return Boolean
+ * @access private
+ */
+ function _disconnect($reason)
+ {
+ if ($this->bitmap) {
+ $data = pack('CNNa*Na*', NET_SSH2_MSG_DISCONNECT, $reason, 0, '', 0, '');
+ $this->_send_binary_packet($data);
+ $this->bitmap = 0;
+ fclose($this->fsock);
+ return false;
+ }
+ }
+
+ /**
+ * String Shift
+ *
+ * Inspired by array_shift
+ *
+ * @param String $string
+ * @param optional Integer $index
+ * @return String
+ * @access private
+ */
+ function _string_shift(&$string, $index = 1)
+ {
+ $substr = substr($string, 0, $index);
+ $string = substr($string, $index);
+ return $substr;
+ }
+
+ /**
+ * Define Array
+ *
+ * Takes any number of arrays whose indices are integers and whose values are strings and defines a bunch of
+ * named constants from it, using the value as the name of the constant and the index as the value of the constant.
+ * If any of the constants that would be defined already exists, none of the constants will be defined.
+ *
+ * @param Array $array
+ * @access private
+ */
+ function _define_array()
+ {
+ $args = func_get_args();
+ foreach ($args as $arg) {
+ foreach ($arg as $key=>$value) {
+ if (!defined($value)) {
+ define($value, $key);
+ } else {
+ break 2;
+ }
+ }
+ }
+ }
+
+ /**
+ * Returns a log of the packets that have been sent and received.
+ *
+ * Returns a string if NET_SSH2_LOGGING == NET_SSH2_LOG_COMPLEX, an array if NET_SSH2_LOGGING == NET_SSH2_LOG_SIMPLE and false if !defined('NET_SSH2_LOGGING')
+ *
+ * @access public
+ * @return String or Array
+ */
+ function getLog()
+ {
+ if (!defined('NET_SSH2_LOGGING')) {
+ return false;
+ }
+
+ switch (NET_SSH2_LOGGING) {
+ case NET_SSH2_LOG_SIMPLE:
+ return $this->message_number_log;
+ break;
+ case NET_SSH2_LOG_COMPLEX:
+ return $this->_format_log($this->message_log, $this->message_number_log);
+ break;
+ default:
+ return false;
+ }
+ }
+
+ /**
+ * Formats a log for printing
+ *
+ * @param Array $message_log
+ * @param Array $message_number_log
+ * @access private
+ * @return String
+ */
+ function _format_log($message_log, $message_number_log)
+ {
+ static $boundary = ':', $long_width = 65, $short_width = 16;
+
+ $output = '';
+ for ($i = 0; $i < count($message_log); $i++) {
+ $output.= $message_number_log[$i] . "\r\n";
+ $current_log = $message_log[$i];
+ $j = 0;
+ do {
+ if (strlen($current_log)) {
+ $output.= str_pad(dechex($j), 7, '0', STR_PAD_LEFT) . '0 ';
+ }
+ $fragment = $this->_string_shift($current_log, $short_width);
+ $hex = substr(
+ preg_replace(
+ '#(.)#es',
+ '"' . $boundary . '" . str_pad(dechex(ord(substr("\\1", -1))), 2, "0", STR_PAD_LEFT)',
+ $fragment),
+ strlen($boundary)
+ );
+ // replace non ASCII printable characters with dots
+ // http://en.wikipedia.org/wiki/ASCII#ASCII_printable_characters
+ // also replace < with a . since < messes up the output on web browsers
+ $raw = preg_replace('#[^\x20-\x7E]|<#', '.', $fragment);
+ $output.= str_pad($hex, $long_width - $short_width, ' ') . $raw . "\r\n";
+ $j++;
+ } while (strlen($current_log));
+ $output.= "\r\n";
+ }
+
+ return $output;
+ }
+
+ /**
+ * Returns all errors
+ *
+ * @return String
+ * @access public
+ */
+ function getErrors()
+ {
+ return $this->errors;
+ }
+
+ /**
+ * Returns the last error
+ *
+ * @return String
+ * @access public
+ */
+ function getLastError()
+ {
+ return $this->errors[count($this->errors) - 1];
+ }
+
+ /**
+ * Return the server identification.
+ *
+ * @return String
+ * @access public
+ */
+ function getServerIdentification()
+ {
+ return $this->server_identifier;
+ }
+
+ /**
+ * Return a list of the key exchange algorithms the server supports.
+ *
+ * @return Array
+ * @access public
+ */
+ function getKexAlgorithms()
+ {
+ return $this->kex_algorithms;
+ }
+
+ /**
+ * Return a list of the host key (public key) algorithms the server supports.
+ *
+ * @return Array
+ * @access public
+ */
+ function getServerHostKeyAlgorithms()
+ {
+ return $this->server_host_key_algorithms;
+ }
+
+ /**
+ * Return a list of the (symmetric key) encryption algorithms the server supports, when receiving stuff from the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getEncryptionAlgorithmsClient2Server()
+ {
+ return $this->encryption_algorithms_client_to_server;
+ }
+
+ /**
+ * Return a list of the (symmetric key) encryption algorithms the server supports, when sending stuff to the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getEncryptionAlgorithmsServer2Client()
+ {
+ return $this->encryption_algorithms_server_to_client;
+ }
+
+ /**
+ * Return a list of the MAC algorithms the server supports, when receiving stuff from the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getMACAlgorithmsClient2Server()
+ {
+ return $this->mac_algorithms_client_to_server;
+ }
+
+ /**
+ * Return a list of the MAC algorithms the server supports, when sending stuff to the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getMACAlgorithmsServer2Client()
+ {
+ return $this->mac_algorithms_server_to_client;
+ }
+
+ /**
+ * Return a list of the compression algorithms the server supports, when receiving stuff from the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getCompressionAlgorithmsClient2Server()
+ {
+ return $this->compression_algorithms_client_to_server;
+ }
+
+ /**
+ * Return a list of the compression algorithms the server supports, when sending stuff to the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getCompressionAlgorithmsServer2Client()
+ {
+ return $this->compression_algorithms_server_to_client;
+ }
+
+ /**
+ * Return a list of the languages the server supports, when sending stuff to the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getLanguagesServer2Client()
+ {
+ return $this->languages_server_to_client;
+ }
+
+ /**
+ * Return a list of the languages the server supports, when receiving stuff from the client.
+ *
+ * @return Array
+ * @access public
+ */
+ function getLanguagesClient2Server()
+ {
+ return $this->languages_client_to_server;
+ }
+
+ /**
+ * Returns the server public host key.
+ *
+ * Caching this the first time you connect to a server and checking the result on subsequent connections
+ * is recommended. Returns false if the server signature is not signed correctly with the public host key.
+ *
+ * @return Mixed
+ * @access public
+ */
+ function getServerPublicHostKey()
+ {
+ $signature = $this->signature;
+ $server_public_host_key = $this->server_public_host_key;
+
+ extract(unpack('Nlength', $this->_string_shift($server_public_host_key, 4)));
+ $this->_string_shift($server_public_host_key, $length);
+
+ if ($this->signature_validated) {
+ return $this->bitmap ?
+ $this->signature_format . ' ' . base64_encode($this->server_public_host_key) :
+ false;
+ }
+
+ $this->signature_validated = true;
+
+ switch ($this->signature_format) {
+ case 'ssh-dss':
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $p = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
+
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $q = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
+
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $g = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
+
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $y = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
+
+ /* The value for 'dss_signature_blob' is encoded as a string containing
+ r, followed by s (which are 160-bit integers, without lengths or
+ padding, unsigned, and in network byte order). */
+ $temp = unpack('Nlength', $this->_string_shift($signature, 4));
+ if ($temp['length'] != 40) {
+ user_error('Invalid signature');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $r = new Math_BigInteger($this->_string_shift($signature, 20), 256);
+ $s = new Math_BigInteger($this->_string_shift($signature, 20), 256);
+
+ if ($r->compare($q) >= 0 || $s->compare($q) >= 0) {
+ user_error('Invalid signature');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $w = $s->modInverse($q);
+
+ $u1 = $w->multiply(new Math_BigInteger(sha1($this->exchange_hash), 16));
+ list(, $u1) = $u1->divide($q);
+
+ $u2 = $w->multiply($r);
+ list(, $u2) = $u2->divide($q);
+
+ $g = $g->modPow($u1, $p);
+ $y = $y->modPow($u2, $p);
+
+ $v = $g->multiply($y);
+ list(, $v) = $v->divide($p);
+ list(, $v) = $v->divide($q);
+
+ if (!$v->equals($r)) {
+ user_error('Bad server signature');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
+ }
+
+ break;
+ case 'ssh-rsa':
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $e = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
+
+ $temp = unpack('Nlength', $this->_string_shift($server_public_host_key, 4));
+ $n = new Math_BigInteger($this->_string_shift($server_public_host_key, $temp['length']), -256);
+ $nLength = $temp['length'];
+
+ /*
+ $temp = unpack('Nlength', $this->_string_shift($signature, 4));
+ $signature = $this->_string_shift($signature, $temp['length']);
+
+ if (!class_exists('Crypt_RSA')) {
+ require_once('Crypt/RSA.php');
+ }
+
+ $rsa = new Crypt_RSA();
+ $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
+ $rsa->loadKey(array('e' => $e, 'n' => $n), CRYPT_RSA_PUBLIC_FORMAT_RAW);
+ if (!$rsa->verify($this->exchange_hash, $signature)) {
+ user_error('Bad server signature');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
+ }
+ */
+
+ $temp = unpack('Nlength', $this->_string_shift($signature, 4));
+ $s = new Math_BigInteger($this->_string_shift($signature, $temp['length']), 256);
+
+ // validate an RSA signature per "8.2 RSASSA-PKCS1-v1_5", "5.2.2 RSAVP1", and "9.1 EMSA-PSS" in the
+ // following URL:
+ // ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
+
+ // also, see SSHRSA.c (rsa2_verifysig) in PuTTy's source.
+
+ if ($s->compare(new Math_BigInteger()) < 0 || $s->compare($n->subtract(new Math_BigInteger(1))) > 0) {
+ user_error('Invalid signature');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_KEY_EXCHANGE_FAILED);
+ }
+
+ $s = $s->modPow($e, $n);
+ $s = $s->toBytes();
+
+ $h = pack('N4H*', 0x00302130, 0x0906052B, 0x0E03021A, 0x05000414, sha1($this->exchange_hash));
+ $h = chr(0x01) . str_repeat(chr(0xFF), $nLength - 3 - strlen($h)) . $h;
+
+ if ($s != $h) {
+ user_error('Bad server signature');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
+ }
+ break;
+ default:
+ user_error('Unsupported signature format');
+ return $this->_disconnect(NET_SSH2_DISCONNECT_HOST_KEY_NOT_VERIFIABLE);
+ }
+
+ return $this->signature_format . ' ' . base64_encode($this->server_public_host_key);
+ }
+
+ /**
+ * Returns the exit status of an SSH command or false.
+ *
+ * @return Integer or false
+ * @access public
+ */
+ function getExitStatus()
+ {
+ if (is_null($this->exit_status)) {
+ return false;
+ }
+ return $this->exit_status;
+ }
+}
diff --git a/apps/files_external/3rdparty/phpseclib/phpseclib/openssl.cnf b/apps/files_external/3rdparty/phpseclib/phpseclib/openssl.cnf
new file mode 100644
index 00000000000..6baa566102c
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpseclib/openssl.cnf
@@ -0,0 +1,6 @@
+# minimalist openssl.cnf file for use with phpseclib
+
+HOME = .
+RANDFILE = $ENV::HOME/.rnd
+
+[ v3_ca ] \ No newline at end of file
diff --git a/apps/files_external/3rdparty/phpseclib/phpunit.xml.dist b/apps/files_external/3rdparty/phpseclib/phpunit.xml.dist
new file mode 100644
index 00000000000..f579ab4fd27
--- /dev/null
+++ b/apps/files_external/3rdparty/phpseclib/phpunit.xml.dist
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<phpunit bootstrap="tests/bootstrap.php"
+ colors="true"
+>
+ <testsuites>
+ <testsuite name="phpseclib Test Suite">
+ <directory>./tests/</directory>
+ </testsuite>
+ </testsuites>
+
+ <!-- Code Coverage -->
+ <filter>
+ <whitelist>
+ <directory>./phpseclib/</directory>
+ </whitelist>
+ </filter>
+</phpunit>
diff --git a/apps/files_external/ajax/addMountPoint.php b/apps/files_external/ajax/addMountPoint.php
index e08f805942f..fed2ddfcf3d 100644
--- a/apps/files_external/ajax/addMountPoint.php
+++ b/apps/files_external/ajax/addMountPoint.php
@@ -10,4 +10,10 @@ if ($_POST['isPersonal'] == 'true') {
OCP\JSON::checkAdminUser();
$isPersonal = false;
}
-OC_Mount_Config::addMountPoint($_POST['mountPoint'], $_POST['class'], $_POST['classOptions'], $_POST['mountType'], $_POST['applicable'], $isPersonal);
+$status = OC_Mount_Config::addMountPoint($_POST['mountPoint'],
+ $_POST['class'],
+ $_POST['classOptions'],
+ $_POST['mountType'],
+ $_POST['applicable'],
+ $isPersonal);
+OCP\JSON::success(array('data' => array('message' => $status))); \ No newline at end of file
diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php
index e0a0239c954..43fd6752c4a 100644
--- a/apps/files_external/ajax/addRootCertificate.php
+++ b/apps/files_external/ajax/addRootCertificate.php
@@ -1,25 +1,28 @@
<?php
OCP\JSON::checkAppEnabled('files_external');
+OCP\JSON::callCheck();
-if ( !($filename = $_FILES['rootcert_import']['name']) ) {
- header("Location: settings/personal.php");
+if ( ! ($filename = $_FILES['rootcert_import']['name']) ) {
+ header("Location: settings/personal.php");
exit;
}
-$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
-$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
+$fh = fopen($_FILES['rootcert_import']['tmp_name'], 'r');
+$data = fread($fh, filesize($_FILES['rootcert_import']['tmp_name']));
fclose($fh);
$filename = $_FILES['rootcert_import']['name'];
-
-$view = new \OC_FilesystemView('/'.\OCP\User::getUser().'/files_external/uploads');
-if (!$view->file_exists('')) $view->mkdir('');
+
+$view = new \OC\Files\View('/'.\OCP\User::getUser().'/files_external/uploads');
+if (!$view->file_exists('')) {
+ $view->mkdir('');
+}
$isValid = openssl_pkey_get_public($data);
//maybe it was just the wrong file format, try to convert it...
if ($isValid == false) {
- $data = chunk_split(base64_encode($data), 64, "\n");
+ $data = chunk_split(base64_encode($data), 64, "\n");
$data = "-----BEGIN CERTIFICATE-----\n".$data."-----END CERTIFICATE-----\n";
$isValid = openssl_pkey_get_public($data);
}
@@ -29,8 +32,10 @@ if ( $isValid ) {
$view->file_put_contents($filename, $data);
OC_Mount_Config::createCertificateBundle();
} else {
- OCP\Util::writeLog("files_external", "Couldn't import SSL root certificate ($filename), allowed formats: PEM and DER", OCP\Util::WARN);
+ OCP\Util::writeLog('files_external',
+ 'Couldn\'t import SSL root certificate ('.$filename.'), allowed formats: PEM and DER',
+ OCP\Util::WARN);
}
-header("Location: settings/personal.php");
+header('Location:' . OCP\Util::linkToRoute( "settings_personal" ));
exit;
diff --git a/apps/files_external/ajax/dropbox.php b/apps/files_external/ajax/dropbox.php
index f5923940dc9..bc9821c62ec 100644
--- a/apps/files_external/ajax/dropbox.php
+++ b/apps/files_external/ajax/dropbox.php
@@ -4,6 +4,8 @@ require_once 'Dropbox/autoload.php';
OCP\JSON::checkAppEnabled('files_external');
OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
$oauth = new Dropbox_OAuth_Curl($_POST['app_key'], $_POST['app_secret']);
if (isset($_POST['step'])) {
@@ -16,9 +18,13 @@ if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
$callback = null;
}
$token = $oauth->getRequestToken();
- OCP\JSON::success(array('data' => array('url' => $oauth->getAuthorizeUrl($callback), 'request_token' => $token['token'], 'request_token_secret' => $token['token_secret'])));
+ OCP\JSON::success(array('data' => array('url' => $oauth->getAuthorizeUrl($callback),
+ 'request_token' => $token['token'],
+ 'request_token_secret' => $token['token_secret'])));
} catch (Exception $exception) {
- OCP\JSON::error(array('data' => array('message' => 'Fetching request tokens failed. Verify that your Dropbox app key and secret are correct.')));
+ OCP\JSON::error(array('data' => array('message' =>
+ 'Fetching request tokens failed. Verify that your Dropbox app key and secret are correct.')
+ ));
}
break;
case 2:
@@ -26,9 +32,12 @@ if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
try {
$oauth->setToken($_POST['request_token'], $_POST['request_token_secret']);
$token = $oauth->getAccessToken();
- OCP\JSON::success(array('access_token' => $token['token'], 'access_token_secret' => $token['token_secret']));
+ OCP\JSON::success(array('access_token' => $token['token'],
+ 'access_token_secret' => $token['token_secret']));
} catch (Exception $exception) {
- OCP\JSON::error(array('data' => array('message' => 'Fetching access tokens failed. Verify that your Dropbox app key and secret are correct.')));
+ OCP\JSON::error(array('data' => array('message' =>
+ 'Fetching access tokens failed. Verify that your Dropbox app key and secret are correct.')
+ ));
}
}
break;
diff --git a/apps/files_external/ajax/google.php b/apps/files_external/ajax/google.php
index 4cd01c06cc9..70adcb2c2ad 100644
--- a/apps/files_external/ajax/google.php
+++ b/apps/files_external/ajax/google.php
@@ -4,6 +4,8 @@ require_once 'Google/common.inc.php';
OCP\JSON::checkAppEnabled('files_external');
OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
$consumer = new OAuthConsumer('anonymous', 'anonymous');
$sigMethod = new OAuthSignatureMethod_HMAC_SHA1();
if (isset($_POST['step'])) {
@@ -14,7 +16,9 @@ if (isset($_POST['step'])) {
} else {
$callback = null;
}
- $scope = 'https://docs.google.com/feeds/ https://docs.googleusercontent.com/ https://spreadsheets.google.com/feeds/';
+ $scope = 'https://docs.google.com/feeds/'
+ .' https://docs.googleusercontent.com/'
+ .' https://spreadsheets.google.com/feeds/';
$url = 'https://www.google.com/accounts/OAuthGetRequestToken?scope='.urlencode($scope);
$params = array('scope' => $scope, 'oauth_callback' => $callback);
$request = OAuthRequest::from_consumer_and_token($consumer, null, 'GET', $url, $params);
@@ -24,24 +28,35 @@ if (isset($_POST['step'])) {
parse_str($response, $token);
if (isset($token['oauth_token']) && isset($token['oauth_token_secret'])) {
$authUrl = 'https://www.google.com/accounts/OAuthAuthorizeToken?oauth_token='.$token['oauth_token'];
- OCP\JSON::success(array('data' => array('url' => $authUrl, 'request_token' => $token['oauth_token'], 'request_token_secret' => $token['oauth_token_secret'])));
+ OCP\JSON::success(array('data' => array('url' => $authUrl,
+ 'request_token' => $token['oauth_token'],
+ 'request_token_secret' => $token['oauth_token_secret'])));
} else {
- OCP\JSON::error(array('data' => array('message' => 'Fetching request tokens failed. Error: '.$response)));
+ OCP\JSON::error(array('data' => array(
+ 'message' => 'Fetching request tokens failed. Error: '.$response
+ )));
}
break;
case 2:
- if (isset($_POST['oauth_verifier']) && isset($_POST['request_token']) && isset($_POST['request_token_secret'])) {
+ if (isset($_POST['oauth_verifier'])
+ && isset($_POST['request_token'])
+ && isset($_POST['request_token_secret'])
+ ) {
$token = new OAuthToken($_POST['request_token'], $_POST['request_token_secret']);
$url = 'https://www.google.com/accounts/OAuthGetAccessToken';
- $request = OAuthRequest::from_consumer_and_token($consumer, $token, 'GET', $url, array('oauth_verifier' => $_POST['oauth_verifier']));
+ $request = OAuthRequest::from_consumer_and_token($consumer, $token, 'GET', $url,
+ array('oauth_verifier' => $_POST['oauth_verifier']));
$request->sign_request($sigMethod, $consumer, $token);
$response = send_signed_request('GET', $url, array($request->to_header()), null, false);
$token = array();
parse_str($response, $token);
if (isset($token['oauth_token']) && isset($token['oauth_token_secret'])) {
- OCP\JSON::success(array('access_token' => $token['oauth_token'], 'access_token_secret' => $token['oauth_token_secret']));
+ OCP\JSON::success(array('access_token' => $token['oauth_token'],
+ 'access_token_secret' => $token['oauth_token_secret']));
} else {
- OCP\JSON::error(array('data' => array('message' => 'Fetching access tokens failed. Error: '.$response)));
+ OCP\JSON::error(array('data' => array(
+ 'message' => 'Fetching access tokens failed. Error: '.$response
+ )));
}
}
break;
diff --git a/apps/files_external/ajax/removeMountPoint.php b/apps/files_external/ajax/removeMountPoint.php
index aa446426202..2f5dbcfdbac 100644
--- a/apps/files_external/ajax/removeMountPoint.php
+++ b/apps/files_external/ajax/removeMountPoint.php
@@ -3,6 +3,15 @@
OCP\JSON::checkAppEnabled('files_external');
OCP\JSON::callCheck();
+if (!isset($_POST['isPersonal']))
+ return;
+if (!isset($_POST['mountPoint']))
+ return;
+if (!isset($_POST['mountType']))
+ return;
+if (!isset($_POST['applicable']))
+ return;
+
if ($_POST['isPersonal'] == 'true') {
OCP\JSON::checkLoggedIn();
$isPersonal = true;
@@ -10,4 +19,5 @@ if ($_POST['isPersonal'] == 'true') {
OCP\JSON::checkAdminUser();
$isPersonal = false;
}
+
OC_Mount_Config::removeMountPoint($_POST['mountPoint'], $_POST['mountType'], $_POST['applicable'], $isPersonal);
diff --git a/apps/files_external/ajax/removeRootCertificate.php b/apps/files_external/ajax/removeRootCertificate.php
index 6871b0fd1d4..664b3937e97 100644
--- a/apps/files_external/ajax/removeRootCertificate.php
+++ b/apps/files_external/ajax/removeRootCertificate.php
@@ -11,4 +11,3 @@ if ( $view->file_exists($file) ) {
$view->unlink($file);
OC_Mount_Config::createCertificateBundle();
}
-
diff --git a/apps/files_external/appinfo/app.php b/apps/files_external/appinfo/app.php
index 837d35c9c63..d786c6c7a2a 100644
--- a/apps/files_external/appinfo/app.php
+++ b/apps/files_external/appinfo/app.php
@@ -6,15 +6,16 @@
* See the COPYING-README file.
*/
-OC::$CLASSPATH['OC_FileStorage_StreamWrapper']='apps/files_external/lib/streamwrapper.php';
-OC::$CLASSPATH['OC_Filestorage_FTP']='apps/files_external/lib/ftp.php';
-OC::$CLASSPATH['OC_Filestorage_DAV']='apps/files_external/lib/webdav.php';
-OC::$CLASSPATH['OC_Filestorage_Google']='apps/files_external/lib/google.php';
-OC::$CLASSPATH['OC_Filestorage_SWIFT']='apps/files_external/lib/swift.php';
-OC::$CLASSPATH['OC_Filestorage_SMB']='apps/files_external/lib/smb.php';
-OC::$CLASSPATH['OC_Filestorage_AmazonS3']='apps/files_external/lib/amazons3.php';
-OC::$CLASSPATH['OC_Filestorage_Dropbox']='apps/files_external/lib/dropbox.php';
-OC::$CLASSPATH['OC_Mount_Config']='apps/files_external/lib/config.php';
+OC::$CLASSPATH['OC\Files\Storage\StreamWrapper'] = 'files_external/lib/streamwrapper.php';
+OC::$CLASSPATH['OC\Files\Storage\FTP'] = 'files_external/lib/ftp.php';
+OC::$CLASSPATH['OC\Files\Storage\DAV'] = 'files_external/lib/webdav.php';
+OC::$CLASSPATH['OC\Files\Storage\Google'] = 'files_external/lib/google.php';
+OC::$CLASSPATH['OC\Files\Storage\SWIFT'] = 'files_external/lib/swift.php';
+OC::$CLASSPATH['OC\Files\Storage\SMB'] = 'files_external/lib/smb.php';
+OC::$CLASSPATH['OC\Files\Storage\AmazonS3'] = 'files_external/lib/amazons3.php';
+OC::$CLASSPATH['OC\Files\Storage\Dropbox'] = 'files_external/lib/dropbox.php';
+OC::$CLASSPATH['OC\Files\Storage\SFTP'] = 'files_external/lib/sftp.php';
+OC::$CLASSPATH['OC_Mount_Config'] = 'files_external/lib/config.php';
OCP\App::registerAdmin('files_external', 'settings');
if (OCP\Config::getAppValue('files_external', 'allow_user_mounting', 'yes') == 'yes') {
diff --git a/apps/files_external/appinfo/info.xml b/apps/files_external/appinfo/info.xml
index 3da1913c5fc..0542b7b10a7 100644
--- a/apps/files_external/appinfo/info.xml
+++ b/apps/files_external/appinfo/info.xml
@@ -5,7 +5,7 @@
<description>Mount external storage sources</description>
<licence>AGPL</licence>
<author>Robin Appelman, Michael Gapczynski</author>
- <require>4.9</require>
+ <require>4.93</require>
<shipped>true</shipped>
<types>
<filesystem/>
diff --git a/apps/files_external/css/settings.css b/apps/files_external/css/settings.css
index ca4b1c3ba89..94b453793b1 100644
--- a/apps/files_external/css/settings.css
+++ b/apps/files_external/css/settings.css
@@ -1,4 +1,7 @@
-.error { color: #FF3B3B; }
+td.status>span { display:inline-block; height:16px; width:16px; }
+span.success { background-image: url('../img/success.png'); background-repeat:no-repeat; }
+span.error { background-image: url('../img/error.png'); background-repeat:no-repeat; }
+span.waiting { background-image: url('../img/waiting.png'); background-repeat:no-repeat; }
td.mountPoint, td.backend { width:10em; }
td.remove>img { visibility:hidden; padding-top:0.8em; }
tr:hover>td.remove>img { visibility:visible; cursor:pointer; }
diff --git a/apps/files_external/img/error.png b/apps/files_external/img/error.png
new file mode 100644
index 00000000000..e8cf45e7a41
--- /dev/null
+++ b/apps/files_external/img/error.png
Binary files differ
diff --git a/apps/files_external/img/success.png b/apps/files_external/img/success.png
new file mode 100644
index 00000000000..6f7022ee7f5
--- /dev/null
+++ b/apps/files_external/img/success.png
Binary files differ
diff --git a/apps/files_external/img/waiting.png b/apps/files_external/img/waiting.png
new file mode 100644
index 00000000000..02a8cbff0da
--- /dev/null
+++ b/apps/files_external/img/waiting.png
Binary files differ
diff --git a/apps/files_external/js/dropbox.js b/apps/files_external/js/dropbox.js
index c1e38640708..957daeb4d1f 100644
--- a/apps/files_external/js/dropbox.js
+++ b/apps/files_external/js/dropbox.js
@@ -1,6 +1,6 @@
$(document).ready(function() {
- $('#externalStorage tbody tr.OC_Filestorage_Dropbox').each(function() {
+ $('#externalStorage tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Dropbox').each(function() {
var configured = $(this).find('[data-parameter="configured"]');
if ($(configured).val() == 'true') {
$(this).find('.configuration input').attr('disabled', 'disabled');
@@ -15,6 +15,9 @@ $(document).ready(function() {
if (pos != -1 && window.location.search.substr(pos, $(token).val().length) == $(token).val()) {
var token_secret = $(this).find('.configuration [data-parameter="token_secret"]');
var tr = $(this);
+ var statusSpan = $(tr).find('.status span');
+ statusSpan.removeClass();
+ statusSpan.addClass('waiting');
$.post(OC.filePath('files_external', 'ajax', 'dropbox.php'), { step: 2, app_key: app_key, app_secret: app_secret, request_token: $(token).val(), request_token_secret: $(token_secret).val() }, function(result) {
if (result && result.status == 'success') {
$(token).val(result.access_token);
@@ -24,23 +27,40 @@ $(document).ready(function() {
$(tr).find('.configuration input').attr('disabled', 'disabled');
$(tr).find('.configuration').append('<span id="access" style="padding-left:0.5em;">'+t('files_external', 'Access granted')+'</span>');
} else {
- OC.dialogs.alert(result.data.message,
- t('files_external', 'Error configuring Dropbox storage')
- );
+ OC.dialogs.alert(result.data.message, t('files_external', 'Error configuring Dropbox storage'));
}
});
}
- } else if ($(this).find('.mountPoint input').val() != '' && $(config).find('[data-parameter="app_key"]').val() != '' && $(config).find('[data-parameter="app_secret"]').val() != '' && $(this).find('.dropbox').length == 0) {
- $(this).find('.configuration').append('<a class="button dropbox">'+t('files_external', 'Grant access')+'</a>');
+ } else {
+ onDropboxInputsChange($(this));
}
}
});
- $('#externalStorage tbody tr input').live('keyup', function() {
- var tr = $(this).parent().parent();
- if ($(tr).hasClass('OC_Filestorage_Dropbox') && $(tr).find('[data-parameter="configured"]').val() != 'true') {
+ $('#externalStorage').on('paste', 'tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Dropbox td', function() {
+ var tr = $(this).parent();
+ setTimeout(function() {
+ onDropboxInputsChange(tr);
+ }, 20);
+ });
+
+ $('#externalStorage').on('keyup', 'tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Dropbox td', function() {
+ onDropboxInputsChange($(this).parent());
+ });
+
+ $('#externalStorage').on('change', 'tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Dropbox .chzn-select', function() {
+ onDropboxInputsChange($(this).parent().parent());
+ });
+
+ function onDropboxInputsChange(tr) {
+ if ($(tr).find('[data-parameter="configured"]').val() != 'true') {
var config = $(tr).find('.configuration');
- if ($(tr).find('.mountPoint input').val() != '' && $(config).find('[data-parameter="app_key"]').val() != '' && $(config).find('[data-parameter="app_secret"]').val() != '') {
+ if ($(tr).find('.mountPoint input').val() != ''
+ && $(config).find('[data-parameter="app_key"]').val() != ''
+ && $(config).find('[data-parameter="app_secret"]').val() != ''
+ && ($(tr).find('.chzn-select').length == 0
+ || $(tr).find('.chzn-select').val() != null))
+ {
if ($(tr).find('.dropbox').length == 0) {
$(config).append('<a class="button dropbox">'+t('files_external', 'Grant access')+'</a>');
} else {
@@ -50,41 +70,37 @@ $(document).ready(function() {
$(tr).find('.dropbox').hide();
}
}
- });
+ }
- $('.dropbox').live('click', function(event) {
+ $('#externalStorage').on('click', '.dropbox', function(event) {
event.preventDefault();
+ var tr = $(this).parent().parent();
var app_key = $(this).parent().find('[data-parameter="app_key"]').val();
var app_secret = $(this).parent().find('[data-parameter="app_secret"]').val();
+ var statusSpan = $(tr).find('.status span');
if (app_key != '' && app_secret != '') {
var tr = $(this).parent().parent();
var configured = $(this).parent().find('[data-parameter="configured"]');
var token = $(this).parent().find('[data-parameter="token"]');
var token_secret = $(this).parent().find('[data-parameter="token_secret"]');
- $.post(OC.filePath('files_external', 'ajax', 'dropbox.php'), { step: 1, app_key: app_key, app_secret: app_secret, callback: window.location.href }, function(result) {
+ $.post(OC.filePath('files_external', 'ajax', 'dropbox.php'), { step: 1, app_key: app_key, app_secret: app_secret, callback: location.protocol + '//' + location.host + location.pathname }, function(result) {
if (result && result.status == 'success') {
$(configured).val('false');
$(token).val(result.data.request_token);
$(token_secret).val(result.data.request_token_secret);
- if (OC.MountConfig.saveStorage(tr)) {
- window.location = result.data.url;
- } else {
- OC.dialogs.alert(
- t('files_external', 'Fill out all required fields'),
- t('files_external', 'Error configuring Dropbox storage')
- );
- }
+ OC.MountConfig.saveStorage(tr);
+ statusSpan.removeClass();
+ statusSpan.addClass('waiting');
+ window.location = result.data.url;
} else {
- OC.dialogs.alert(result.data.message,
- t('files_external', 'Error configuring Dropbox storage')
- );
+ OC.dialogs.alert(result.data.message, t('files_external', 'Error configuring Dropbox storage'));
}
});
} else {
OC.dialogs.alert(
- t('files_external', 'Please provide a valid Dropbox app key and secret.'),
- t('files_external', 'Error configuring Dropbox storage')
- );
+ t('files_external', 'Please provide a valid Dropbox app key and secret.'),
+ t('files_external', 'Error configuring Dropbox storage')
+ );
}
});
diff --git a/apps/files_external/js/google.js b/apps/files_external/js/google.js
index 0b3c314eb5d..7be1b338e90 100644
--- a/apps/files_external/js/google.js
+++ b/apps/files_external/js/google.js
@@ -1,19 +1,30 @@
$(document).ready(function() {
- $('#externalStorage tbody tr.OC_Filestorage_Google').each(function() {
- var configured = $(this).find('[data-parameter="configured"]');
+ $('#externalStorage tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Google').each(function(index, tr) {
+ setupGoogleRow(tr);
+ });
+
+ $('#externalStorage').on('change', '#selectBackend', function() {
+ if ($(this).val() == '\\OC\\Files\\Storage\\Google') {
+ setupGoogleRow($('#externalStorage tbody>tr:last').prev('tr'));
+ }
+ });
+
+ function setupGoogleRow(tr) {
+ var configured = $(tr).find('[data-parameter="configured"]');
if ($(configured).val() == 'true') {
- $(this).find('.configuration')
- .append('<span id="access" style="padding-left:0.5em;">'+t('files_external', 'Access granted')+'</span>');
+ $(tr).find('.configuration').append('<span id="access" style="padding-left:0.5em;">'+t('files_external', 'Access granted')+'</span>');
} else {
- var token = $(this).find('[data-parameter="token"]');
- var token_secret = $(this).find('[data-parameter="token_secret"]');
+ var token = $(tr).find('[data-parameter="token"]');
+ var token_secret = $(tr).find('[data-parameter="token_secret"]');
var params = {};
window.location.href.replace(/[?&]+([^=&]+)=([^&]*)/gi, function(m, key, value) {
params[key] = value;
});
if (params['oauth_token'] !== undefined && params['oauth_verifier'] !== undefined && decodeURIComponent(params['oauth_token']) == $(token).val()) {
- var tr = $(this);
+ var statusSpan = $(tr).find('.status span');
+ statusSpan.removeClass();
+ statusSpan.addClass('waiting');
$.post(OC.filePath('files_external', 'ajax', 'google.php'), { step: 2, oauth_verifier: params['oauth_verifier'], request_token: $(token).val(), request_token_secret: $(token_secret).val() }, function(result) {
if (result && result.status == 'success') {
$(token).val(result.access_token);
@@ -22,61 +33,64 @@ $(document).ready(function() {
OC.MountConfig.saveStorage(tr);
$(tr).find('.configuration').append('<span id="access" style="padding-left:0.5em;">'+t('files_external', 'Access granted')+'</span>');
} else {
- OC.dialogs.alert(result.data.message,
- t('files_external', 'Error configuring Google Drive storage')
- );
+ OC.dialogs.alert(result.data.message, t('files_external', 'Error configuring Google Drive storage'));
+ onGoogleInputsChange(tr);
}
});
- } else if ($(this).find('.google').length == 0) {
- $(this).find('.configuration').append('<a class="button google">'+t('files_external', 'Grant access')+'</a>');
+ } else {
+ onGoogleInputsChange(tr);
}
}
+ }
+
+ $('#externalStorage').on('paste', 'tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Google td', function() {
+ var tr = $(this).parent();
+ setTimeout(function() {
+ onGoogleInputsChange(tr);
+ }, 20);
});
- $('#externalStorage tbody tr').live('change', function() {
- if ($(this).hasClass('OC_Filestorage_Google') && $(this).find('[data-parameter="configured"]').val() != 'true') {
- if ($(this).find('.mountPoint input').val() != '') {
- if ($(this).find('.google').length == 0) {
- $(this).find('.configuration').append('<a class="button google">'+t('files_external', 'Grant access')+'</a>');
- }
- }
- }
+ $('#externalStorage').on('keyup', 'tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Google td', function() {
+ onGoogleInputsChange($(this).parent());
});
- $('#externalStorage tbody tr .mountPoint input').live('keyup', function() {
- var tr = $(this).parent().parent();
- if ($(tr).hasClass('OC_Filestorage_Google') && $(tr).find('[data-parameter="configured"]').val() != 'true' && $(tr).find('.google').length > 0) {
- if ($(this).val() != '') {
- $(tr).find('.google').show();
- } else {
+ $('#externalStorage').on('change', 'tbody tr.\\\\OC\\\\Files\\\\Storage\\\\Google .chzn-select', function() {
+ onGoogleInputsChange($(this).parent().parent());
+ });
+
+ function onGoogleInputsChange(tr) {
+ if ($(tr).find('[data-parameter="configured"]').val() != 'true') {
+ var config = $(tr).find('.configuration');
+ if ($(tr).find('.mountPoint input').val() != '' && ($(tr).find('.chzn-select').length == 0 || $(tr).find('.chzn-select').val() != null)) {
+ if ($(tr).find('.google').length == 0) {
+ $(config).append('<a class="button google">'+t('files_external', 'Grant access')+'</a>');
+ } else {
+ $(tr).find('.google').show();
+ }
+ } else if ($(tr).find('.google').length > 0) {
$(tr).find('.google').hide();
}
}
- });
+ }
- $('.google').live('click', function(event) {
+ $('#externalStorage').on('click', '.google', function(event) {
event.preventDefault();
var tr = $(this).parent().parent();
var configured = $(this).parent().find('[data-parameter="configured"]');
var token = $(this).parent().find('[data-parameter="token"]');
var token_secret = $(this).parent().find('[data-parameter="token_secret"]');
- $.post(OC.filePath('files_external', 'ajax', 'google.php'), { step: 1, callback: window.location.href }, function(result) {
+ var statusSpan = $(tr).find('.status span');
+ $.post(OC.filePath('files_external', 'ajax', 'google.php'), { step: 1, callback: location.protocol + '//' + location.host + location.pathname }, function(result) {
if (result && result.status == 'success') {
$(configured).val('false');
$(token).val(result.data.request_token);
$(token_secret).val(result.data.request_token_secret);
- if (OC.MountConfig.saveStorage(tr)) {
- window.location = result.data.url;
- } else {
- OC.dialogs.alert(
- t('files_external', 'Fill out all required fields'),
- t('files_external', 'Error configuring Google Drive storage')
- );
- }
+ OC.MountConfig.saveStorage(tr);
+ statusSpan.removeClass();
+ statusSpan.addClass('waiting');
+ window.location = result.data.url;
} else {
- OC.dialogs.alert(result.data.message,
- t('files_external', 'Error configuring Google Drive storage')
- );
+ OC.dialogs.alert(result.data.message, t('files_external', 'Error configuring Google Drive storage'));
}
});
});
diff --git a/apps/files_external/js/settings.js b/apps/files_external/js/settings.js
index 89f346574e2..ac408786ff6 100644
--- a/apps/files_external/js/settings.js
+++ b/apps/files_external/js/settings.js
@@ -4,6 +4,7 @@ OC.MountConfig={
if (mountPoint == '') {
return false;
}
+ var statusSpan = $(tr).find('.status span');
var backendClass = $(tr).find('.backend').data('class');
var configuration = $(tr).find('.configuration input');
var addMountPoint = true;
@@ -26,12 +27,20 @@ OC.MountConfig={
classOptions[$(input).data('parameter')] = $(input).val();
}
});
+ if ($('#externalStorage').data('admin') === true) {
+ var multiselect = $(tr).find('.chzn-select').val();
+ if (multiselect == null) {
+ return false;
+ }
+ }
if (addMountPoint) {
+ var status = false;
if ($('#externalStorage').data('admin') === true) {
var isPersonal = false;
- var multiselect = $(tr).find('.chzn-select').val();
var oldGroups = $(tr).find('.applicable').data('applicable-groups');
var oldUsers = $(tr).find('.applicable').data('applicable-users');
+ var groups = [];
+ var users = [];
$.each(multiselect, function(index, value) {
var pos = value.indexOf('(group)');
if (pos != -1) {
@@ -40,30 +49,96 @@ OC.MountConfig={
if ($.inArray(applicable, oldGroups) != -1) {
oldGroups.splice($.inArray(applicable, oldGroups), 1);
}
+ groups.push(applicable);
} else {
var mountType = 'user';
var applicable = value;
if ($.inArray(applicable, oldUsers) != -1) {
oldUsers.splice($.inArray(applicable, oldUsers), 1);
}
+ users.push(applicable);
}
- $.post(OC.filePath('files_external', 'ajax', 'addMountPoint.php'), { mountPoint: mountPoint, class: backendClass, classOptions: classOptions, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
+ $.ajax({type: 'POST',
+ url: OC.filePath('files_external', 'ajax', 'addMountPoint.php'),
+ data: {
+ mountPoint: mountPoint,
+ 'class': backendClass,
+ classOptions: classOptions,
+ mountType: mountType,
+ applicable: applicable,
+ isPersonal: isPersonal
+ },
+ async: false,
+ success: function(result) {
+ statusSpan.removeClass();
+ if (result && result.status == 'success' && result.data.message) {
+ status = true;
+ statusSpan.addClass('success');
+ } else {
+ statusSpan.addClass('error');
+ }
+ }
+ });
});
+ $(tr).find('.applicable').data('applicable-groups', groups);
+ $(tr).find('.applicable').data('applicable-users', users);
var mountType = 'group';
$.each(oldGroups, function(index, applicable) {
- $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
+ $.ajax({type: 'POST',
+ url: OC.filePath('files_external', 'ajax', 'removeMountPoint.php'),
+ data: {
+ mountPoint: mountPoint,
+ class: backendClass,
+ classOptions: classOptions,
+ mountType: mountType,
+ applicable: applicable,
+ isPersonal: isPersonal
+ },
+ async: false
+ });
});
var mountType = 'user';
$.each(oldUsers, function(index, applicable) {
- $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
+ $.ajax({type: 'POST',
+ url: OC.filePath('files_external', 'ajax', 'removeMountPoint.php'),
+ data: {
+ mountPoint: mountPoint,
+ class: backendClass,
+ classOptions: classOptions,
+ mountType: mountType,
+ applicable: applicable,
+ isPersonal: isPersonal
+ },
+ async: false
+ });
});
} else {
var isPersonal = true;
var mountType = 'user';
var applicable = OC.currentUser;
- $.post(OC.filePath('files_external', 'ajax', 'addMountPoint.php'), { mountPoint: mountPoint, class: backendClass, classOptions: classOptions, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
+ $.ajax({type: 'POST',
+ url: OC.filePath('files_external', 'ajax', 'addMountPoint.php'),
+ data: {
+ mountPoint: mountPoint,
+ 'class': backendClass,
+ classOptions: classOptions,
+ mountType: mountType,
+ applicable: applicable,
+ isPersonal: isPersonal
+ },
+ async: false,
+ success: function(result) {
+ statusSpan.removeClass();
+ if (result && result.status == 'success' && result.data.message) {
+ status = true;
+ statusSpan.addClass('success');
+ } else {
+ statusSpan.addClass('error');
+ }
+ }
+ });
}
- return true;
+ return status;
}
}
};
@@ -71,7 +146,7 @@ OC.MountConfig={
$(document).ready(function() {
$('.chzn-select').chosen();
- $('#selectBackend').live('change', function() {
+ $('#externalStorage').on('change', '#selectBackend', function() {
var tr = $(this).parent().parent();
$('#externalStorage tbody').append($(tr).clone());
$('#externalStorage tbody tr').last().find('.mountPoint input').val('');
@@ -79,9 +154,10 @@ $(document).ready(function() {
var backendClass = $(this).val();
$(this).parent().text(selected);
if ($(tr).find('.mountPoint input').val() == '') {
- $(tr).find('.mountPoint input').val(suggestMountPoint(selected.replace(/\s+/g, '')));
+ $(tr).find('.mountPoint input').val(suggestMountPoint(selected));
}
$(tr).addClass(backendClass);
+ $(tr).find('.status').append('<span class="waiting"></span>');
$(tr).find('.backend').data('class', backendClass);
var configurations = $(this).data('configurations');
var td = $(tr).find('td.configuration');
@@ -100,13 +176,17 @@ $(document).ready(function() {
td.append('<input type="text" data-parameter="'+parameter+'" placeholder="'+placeholder+'" />');
}
});
- if (parameters['custom'] && $('#externalStorage tbody tr.'+backendClass).length == 1) {
+ if (parameters['custom'] && $('#externalStorage tbody tr.'+backendClass.replace(/\\/g, '\\\\')).length == 1) {
OC.addScript('files_external', parameters['custom']);
}
return false;
}
});
- $('.chz-select').chosen();
+ // Reset chosen
+ var chosen = $(tr).find('.applicable select');
+ chosen.parent().find('div').remove();
+ chosen.removeAttr('id').removeClass('chzn-done').css({display:'inline-block'});
+ chosen.chosen();
$(tr).find('td').last().attr('class', 'remove');
$(tr).find('td').last().removeAttr('style');
$(tr).removeAttr('id');
@@ -114,6 +194,11 @@ $(document).ready(function() {
});
function suggestMountPoint(defaultMountPoint) {
+ var pos = defaultMountPoint.indexOf('/');
+ if (pos !== -1) {
+ defaultMountPoint = defaultMountPoint.substring(0, pos);
+ }
+ defaultMountPoint = defaultMountPoint.replace(/\s+/g, '');
var i = 1;
var append = '';
var match = true;
@@ -135,14 +220,37 @@ $(document).ready(function() {
return defaultMountPoint+append;
}
- $('#externalStorage td').live('change', function() {
- OC.MountConfig.saveStorage($(this).parent());
+ $('#externalStorage').on('paste', 'td', function() {
+ var tr = $(this).parent();
+ setTimeout(function() {
+ OC.MountConfig.saveStorage(tr);
+ }, 20);
});
- $('td.remove>img').live('click', function() {
+ var timer;
+
+ $('#externalStorage').on('keyup', 'td input', function() {
+ clearTimeout(timer);
+ var tr = $(this).parent().parent();
+ if ($(this).val) {
+ timer = setTimeout(function() {
+ OC.MountConfig.saveStorage(tr);
+ }, 2000);
+ }
+ });
+
+ $('#externalStorage').on('change', 'td input:checkbox', function() {
+ OC.MountConfig.saveStorage($(this).parent().parent().parent());
+ });
+
+ $('#externalStorage').on('change', '.applicable .chzn-select', function() {
+ OC.MountConfig.saveStorage($(this).parent().parent());
+ });
+
+ $('#externalStorage').on('click', 'td.remove>img', function() {
var tr = $(this).parent().parent();
var mountPoint = $(tr).find('.mountPoint input').val();
- if (!mountPoint) {
+ if ( ! mountPoint) {
var row=this.parentNode.parentNode;
$.post(OC.filePath('files_external', 'ajax', 'removeRootCertificate.php'), { cert: row.id });
$(tr).remove();
@@ -151,23 +259,25 @@ $(document).ready(function() {
if ($('#externalStorage').data('admin') === true) {
var isPersonal = false;
var multiselect = $(tr).find('.chzn-select').val();
- $.each(multiselect, function(index, value) {
- var pos = value.indexOf('(group)');
- if (pos != -1) {
- var mountType = 'group';
- var applicable = value.substr(0, pos);
- } else {
- var mountType = 'user';
- var applicable = value;
- }
- $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
- });
+ if (multiselect != null) {
+ $.each(multiselect, function(index, value) {
+ var pos = value.indexOf('(group)');
+ if (pos != -1) {
+ var mountType = 'group';
+ var applicable = value.substr(0, pos);
+ } else {
+ var mountType = 'user';
+ var applicable = value;
+ }
+ $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
+ });
+ }
} else {
var mountType = 'user';
var applicable = OC.currentUser;
var isPersonal = true;
+ $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
}
- $.post(OC.filePath('files_external', 'ajax', 'removeMountPoint.php'), { mountPoint: mountPoint, mountType: mountType, applicable: applicable, isPersonal: isPersonal });
$(tr).remove();
});
diff --git a/apps/files_external/l10n/af_ZA.php b/apps/files_external/l10n/af_ZA.php
new file mode 100644
index 00000000000..cf9b951828d
--- /dev/null
+++ b/apps/files_external/l10n/af_ZA.php
@@ -0,0 +1,3 @@
+<?php $TRANSLATIONS = array(
+"Users" => "Gebruikers"
+);
diff --git a/apps/files_external/l10n/ar.php b/apps/files_external/l10n/ar.php
new file mode 100644
index 00000000000..06837d5085c
--- /dev/null
+++ b/apps/files_external/l10n/ar.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "مجموعات",
+"Users" => "المستخدمين",
+"Delete" => "حذف"
+);
diff --git a/apps/files_external/l10n/bg_BG.php b/apps/files_external/l10n/bg_BG.php
new file mode 100644
index 00000000000..66ad4a879d4
--- /dev/null
+++ b/apps/files_external/l10n/bg_BG.php
@@ -0,0 +1,17 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Достъпът е даден",
+"Grant access" => "Даване на достъп",
+"External Storage" => "Външно хранилище",
+"Configuration" => "Конфигурация",
+"Options" => "Опции",
+"Applicable" => "Приложимо",
+"None set" => "Няма избрано",
+"All Users" => "Всички потребители",
+"Groups" => "Групи",
+"Users" => "Потребители",
+"Delete" => "Изтриване",
+"Enable User External Storage" => "Вкл. на поддръжка за външно потр. хранилище",
+"Allow users to mount their own external storage" => "Позволено е на потребителите да ползват тяхно лично външно хранилище",
+"SSL root certificates" => "SSL основни сертификати",
+"Import Root Certificate" => "Импортиране на основен сертификат"
+);
diff --git a/apps/files_external/l10n/bn_BD.php b/apps/files_external/l10n/bn_BD.php
new file mode 100644
index 00000000000..07ccd500746
--- /dev/null
+++ b/apps/files_external/l10n/bn_BD.php
@@ -0,0 +1,20 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "অধিগমনের অনুমতি প্রদান করা হলো",
+"Error configuring Dropbox storage" => "Dropbox সংরক্ষণাগার নির্ধারণ করতে সমস্যা ",
+"Grant access" => "অধিগমনের অনুমতি প্রদান কর",
+"Please provide a valid Dropbox app key and secret." => "দয়া করে সঠিক এবং বৈধ Dropbox app key and secret প্রদান করুন।",
+"Error configuring Google Drive storage" => "Google Drive সংরক্ষণাগার নির্ধারণ করতে সমস্যা ",
+"External Storage" => "বাহ্যিক সংরক্ষণাগার",
+"Configuration" => "কনফিগারেসন",
+"Options" => "বিকল্পসমূহ",
+"Applicable" => "প্রযোজ্য",
+"None set" => "কোনটিই নির্ধারণ করা হয় নি",
+"All Users" => "সমস্ত ব্যবহারকারী",
+"Groups" => "গোষ্ঠীসমূহ",
+"Users" => "ব্যবহারকারী",
+"Delete" => "মুছে ফেল",
+"Enable User External Storage" => "ব্যবহারকারীর বাহ্যিক সংরক্ষণাগার সক্রিয় কর",
+"Allow users to mount their own external storage" => "ব্যবহারকারীদেরকে তাদের নিজস্ব বাহ্যিক সংরক্ষনাগার সাউন্ট করতে অনুমোদন দাও",
+"SSL root certificates" => "SSL রুট সনদপত্র",
+"Import Root Certificate" => "রুট সনদপত্রটি আমদানি করুন"
+);
diff --git a/apps/files_external/l10n/ca.php b/apps/files_external/l10n/ca.php
index fc6706381b7..aa9304d3301 100644
--- a/apps/files_external/l10n/ca.php
+++ b/apps/files_external/l10n/ca.php
@@ -2,16 +2,17 @@
"Access granted" => "S'ha concedit l'accés",
"Error configuring Dropbox storage" => "Error en configurar l'emmagatzemament Dropbox",
"Grant access" => "Concedeix accés",
-"Fill out all required fields" => "Ompliu els camps requerits",
"Please provide a valid Dropbox app key and secret." => "Proporcioneu una clau d'aplicació i secret vàlids per a Dropbox",
"Error configuring Google Drive storage" => "Error en configurar l'emmagatzemament Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Avís:</b> \"smbclient\" no està instal·lat. No es pot muntar la compartició CIFS/SMB. Demaneu a l'administrador del sistema que l'instal·li.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Avís:</b> El suport FTP per PHP no està activat o no està instal·lat. No es pot muntar la compartició FTP. Demaneu a l'administrador del sistema que l'instal·li.",
"External Storage" => "Emmagatzemament extern",
-"Mount point" => "Punt de muntatge",
-"Backend" => "Dorsal",
+"Folder name" => "Nom de la carpeta",
+"External storage" => "Emmagatzemament extern",
"Configuration" => "Configuració",
"Options" => "Options",
"Applicable" => "Aplicable",
-"Add mount point" => "Afegeix punt de muntatge",
+"Add storage" => "Afegeix emmagatzemament",
"None set" => "Cap d'establert",
"All Users" => "Tots els usuaris",
"Groups" => "Grups",
diff --git a/apps/files_external/l10n/cs_CZ.php b/apps/files_external/l10n/cs_CZ.php
index 51951c19bfd..20bbe8acbaa 100644
--- a/apps/files_external/l10n/cs_CZ.php
+++ b/apps/files_external/l10n/cs_CZ.php
@@ -2,16 +2,17 @@
"Access granted" => "Přístup povolen",
"Error configuring Dropbox storage" => "Chyba při nastavení úložiště Dropbox",
"Grant access" => "Povolit přístup",
-"Fill out all required fields" => "Vyplňte všechna povinná pole",
"Please provide a valid Dropbox app key and secret." => "Zadejte, prosím, platný klíč a bezpečnostní frázi aplikace Dropbox.",
"Error configuring Google Drive storage" => "Chyba při nastavení úložiště Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Varování:</b> není nainstalován program \"smbclient\". Není možné připojení oddílů CIFS/SMB. Prosím požádejte svého správce systému ať jej nainstaluje.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Varování:</b> není nainstalována, nebo povolena, podpora FTP v PHP. Není možné připojení oddílů FTP. Prosím požádejte svého správce systému ať ji nainstaluje.",
"External Storage" => "Externí úložiště",
-"Mount point" => "Přípojný bod",
-"Backend" => "Podpůrná vrstva",
+"Folder name" => "Název složky",
+"External storage" => "Externí úložiště",
"Configuration" => "Nastavení",
"Options" => "Možnosti",
-"Applicable" => "Platný",
-"Add mount point" => "Přidat bod připojení",
+"Applicable" => "Přístupný pro",
+"Add storage" => "Přidat úložiště",
"None set" => "Nenastaveno",
"All Users" => "Všichni uživatelé",
"Groups" => "Skupiny",
diff --git a/apps/files_external/l10n/da.php b/apps/files_external/l10n/da.php
index 00a81f3da16..0c9c6c39044 100644
--- a/apps/files_external/l10n/da.php
+++ b/apps/files_external/l10n/da.php
@@ -2,16 +2,15 @@
"Access granted" => "Adgang godkendt",
"Error configuring Dropbox storage" => "Fejl ved konfiguration af Dropbox plads",
"Grant access" => "Godkend adgang",
-"Fill out all required fields" => "Udfyld alle nødvendige felter",
"Please provide a valid Dropbox app key and secret." => "Angiv venligst en valid Dropbox app nøgle og hemmelighed",
"Error configuring Google Drive storage" => "Fejl ved konfiguration af Google Drive plads",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b> Advarsel: </ b> \"smbclient\" ikke er installeret. Montering af CIFS / SMB delinger er ikke muligt. Spørg din systemadministrator om at installere det.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b> Advarsel: </ b> FTP-understøttelse i PHP ikke er aktiveret eller installeret. Montering af FTP delinger er ikke muligt. Spørg din systemadministrator om at installere det.",
"External Storage" => "Ekstern opbevaring",
-"Mount point" => "Monteringspunkt",
-"Backend" => "Backend",
+"Folder name" => "Mappenavn",
"Configuration" => "Opsætning",
"Options" => "Valgmuligheder",
"Applicable" => "Kan anvendes",
-"Add mount point" => "Tilføj monteringspunkt",
"None set" => "Ingen sat",
"All Users" => "Alle brugere",
"Groups" => "Grupper",
diff --git a/apps/files_external/l10n/de.php b/apps/files_external/l10n/de.php
index 5d57e5e4598..24183772217 100644
--- a/apps/files_external/l10n/de.php
+++ b/apps/files_external/l10n/de.php
@@ -2,16 +2,17 @@
"Access granted" => "Zugriff gestattet",
"Error configuring Dropbox storage" => "Fehler beim Einrichten von Dropbox",
"Grant access" => "Zugriff gestatten",
-"Fill out all required fields" => "Bitte alle notwendigen Felder füllen",
"Please provide a valid Dropbox app key and secret." => "Bitte trage einen gültigen Dropbox-App-Key mit Secret ein.",
"Error configuring Google Drive storage" => "Fehler beim Einrichten von Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Warnung:</b> \"smbclient\" ist nicht installiert. Das Einhängen von CIFS/SMB-Freigaben ist nicht möglich. Bitte Deinen System-Administrator, dies zu installieren.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Warnung::</b> Die FTP Unterstützung von PHP ist nicht aktiviert oder installiert. Bitte wende Dich an Deinen Systemadministrator.",
"External Storage" => "Externer Speicher",
-"Mount point" => "Mount-Point",
-"Backend" => "Backend",
+"Folder name" => "Ordnername",
+"External storage" => "Externer Speicher",
"Configuration" => "Konfiguration",
"Options" => "Optionen",
"Applicable" => "Zutreffend",
-"Add mount point" => "Mount-Point hinzufügen",
+"Add storage" => "Speicher hinzufügen",
"None set" => "Nicht definiert",
"All Users" => "Alle Benutzer",
"Groups" => "Gruppen",
diff --git a/apps/files_external/l10n/de_DE.php b/apps/files_external/l10n/de_DE.php
new file mode 100644
index 00000000000..d55c0c6909d
--- /dev/null
+++ b/apps/files_external/l10n/de_DE.php
@@ -0,0 +1,25 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Zugriff gestattet",
+"Error configuring Dropbox storage" => "Fehler beim Einrichten von Dropbox",
+"Grant access" => "Zugriff gestatten",
+"Please provide a valid Dropbox app key and secret." => "Bitte tragen Sie einen gültigen Dropbox-App-Key mit Secret ein.",
+"Error configuring Google Drive storage" => "Fehler beim Einrichten von Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Warnung:</b> \"smbclient\" ist nicht installiert. Das Einhängen von CIFS/SMB-Freigaben ist nicht möglich. Bitten Sie Ihren Systemadministrator, dies zu installieren.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Warnung::</b> Die FTP Unterstützung von PHP ist nicht aktiviert oder installiert. Bitte wenden Sie sich an Ihren Systemadministrator.",
+"External Storage" => "Externer Speicher",
+"Folder name" => "Ordnername",
+"External storage" => "Externer Speicher",
+"Configuration" => "Konfiguration",
+"Options" => "Optionen",
+"Applicable" => "Zutreffend",
+"Add storage" => "Speicher hinzufügen",
+"None set" => "Nicht definiert",
+"All Users" => "Alle Benutzer",
+"Groups" => "Gruppen",
+"Users" => "Benutzer",
+"Delete" => "Löschen",
+"Enable User External Storage" => "Externen Speicher für Benutzer aktivieren",
+"Allow users to mount their own external storage" => "Erlaubt Benutzern ihre eigenen externen Speicher einzubinden",
+"SSL root certificates" => "SSL-Root-Zertifikate",
+"Import Root Certificate" => "Root-Zertifikate importieren"
+);
diff --git a/apps/files_external/l10n/el.php b/apps/files_external/l10n/el.php
index a1dae9d4888..38b5a098f62 100644
--- a/apps/files_external/l10n/el.php
+++ b/apps/files_external/l10n/el.php
@@ -2,16 +2,15 @@
"Access granted" => "Προσβαση παρασχέθηκε",
"Error configuring Dropbox storage" => "Σφάλμα ρυθμίζωντας αποθήκευση Dropbox ",
"Grant access" => "Παροχή πρόσβασης",
-"Fill out all required fields" => "Συμπληρώστε όλα τα απαιτούμενα πεδία",
"Please provide a valid Dropbox app key and secret." => "Παρακαλούμε δώστε έγκυρο κλειδί Dropbox και μυστικό.",
"Error configuring Google Drive storage" => "Σφάλμα ρυθμίζωντας αποθήκευση Google Drive ",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Προσοχή:</b> Ο \"smbclient\" δεν εγκαταστάθηκε. Δεν είναι δυνατή η προσάρτηση CIFS/SMB. Παρακαλώ ενημερώστε τον διαχειριστή συστήματος να το εγκαταστήσει.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Προσοχή:</b> Η υποστήριξη FTP στην PHP δεν ενεργοποιήθηκε ή εγκαταστάθηκε. Δεν είναι δυνατή η προσάρτηση FTP. Παρακαλώ ενημερώστε τον διαχειριστή συστήματος να το εγκαταστήσει.",
"External Storage" => "Εξωτερικό Αποθηκευτικό Μέσο",
-"Mount point" => "Σημείο προσάρτησης",
-"Backend" => "Σύστημα υποστήριξης",
+"Folder name" => "Όνομα φακέλου",
"Configuration" => "Ρυθμίσεις",
"Options" => "Επιλογές",
"Applicable" => "Εφαρμόσιμο",
-"Add mount point" => "Προσθήκη σημείου προσάρτησης",
"None set" => "Κανένα επιλεγμένο",
"All Users" => "Όλοι οι Χρήστες",
"Groups" => "Ομάδες",
diff --git a/apps/files_external/l10n/eo.php b/apps/files_external/l10n/eo.php
index 97453aafedb..b0afb77498f 100644
--- a/apps/files_external/l10n/eo.php
+++ b/apps/files_external/l10n/eo.php
@@ -2,16 +2,13 @@
"Access granted" => "Alirpermeso donita",
"Error configuring Dropbox storage" => "Eraro dum agordado de la memorservo Dropbox",
"Grant access" => "Doni alirpermeson",
-"Fill out all required fields" => "Plenigu ĉiujn neprajn kampojn",
"Please provide a valid Dropbox app key and secret." => "Bonvolu provizi ŝlosilon de la aplikaĵo Dropbox validan kaj sekretan.",
"Error configuring Google Drive storage" => "Eraro dum agordado de la memorservo Google Drive",
"External Storage" => "Malena memorilo",
-"Mount point" => "Surmetingo",
-"Backend" => "Motoro",
+"Folder name" => "Dosierujnomo",
"Configuration" => "Agordo",
"Options" => "Malneproj",
"Applicable" => "Aplikebla",
-"Add mount point" => "Aldoni surmetingon",
"None set" => "Nenio agordita",
"All Users" => "Ĉiuj uzantoj",
"Groups" => "Grupoj",
diff --git a/apps/files_external/l10n/es.php b/apps/files_external/l10n/es.php
index 32a0d896874..da22f410320 100644
--- a/apps/files_external/l10n/es.php
+++ b/apps/files_external/l10n/es.php
@@ -2,16 +2,17 @@
"Access granted" => "Acceso garantizado",
"Error configuring Dropbox storage" => "Error configurando el almacenamiento de Dropbox",
"Grant access" => "Garantizar acceso",
-"Fill out all required fields" => "Rellenar todos los campos requeridos",
"Please provide a valid Dropbox app key and secret." => "Por favor , proporcione un secreto y una contraseña válida de la app Dropbox.",
"Error configuring Google Drive storage" => "Error configurando el almacenamiento de Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Advertencia:</b> El cliente smb (smbclient) no se encuentra instalado. El montado de archivos o ficheros CIFS/SMB no es posible. Por favor pida al administrador de su sistema que lo instale.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Advertencia:</b> El soporte de FTP en PHP no se encuentra instalado. El montado de archivos o ficheros FTP no es posible. Por favor pida al administrador de su sistema que lo instale.",
"External Storage" => "Almacenamiento externo",
-"Mount point" => "Punto de montaje",
-"Backend" => "Motor",
+"Folder name" => "Nombre de la carpeta",
+"External storage" => "Almacenamiento externo",
"Configuration" => "Configuración",
"Options" => "Opciones",
"Applicable" => "Aplicable",
-"Add mount point" => "Añadir punto de montaje",
+"Add storage" => "Añadir almacenamiento",
"None set" => "No se ha configurado",
"All Users" => "Todos los usuarios",
"Groups" => "Grupos",
diff --git a/apps/files_external/l10n/es_AR.php b/apps/files_external/l10n/es_AR.php
index 055fbe782e7..6706aa43a31 100644
--- a/apps/files_external/l10n/es_AR.php
+++ b/apps/files_external/l10n/es_AR.php
@@ -2,16 +2,17 @@
"Access granted" => "Acceso permitido",
"Error configuring Dropbox storage" => "Error al configurar el almacenamiento de Dropbox",
"Grant access" => "Permitir acceso",
-"Fill out all required fields" => "Rellenar todos los campos requeridos",
"Please provide a valid Dropbox app key and secret." => "Por favor, proporcioná un secreto y una contraseña válida para la aplicación Dropbox.",
"Error configuring Google Drive storage" => "Error al configurar el almacenamiento de Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Advertencia:</b> El cliente smb (smbclient) no se encuentra instalado. El montado de archivos o ficheros CIFS/SMB no es posible. Por favor pida al administrador de su sistema que lo instale.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Advertencia:</b> El soporte de FTP en PHP no se encuentra instalado. El montado de archivos o ficheros FTP no es posible. Por favor pida al administrador de su sistema que lo instale.",
"External Storage" => "Almacenamiento externo",
-"Mount point" => "Punto de montaje",
-"Backend" => "Motor",
+"Folder name" => "Nombre de la carpeta",
+"External storage" => "Almacenamiento externo",
"Configuration" => "Configuración",
"Options" => "Opciones",
"Applicable" => "Aplicable",
-"Add mount point" => "Añadir punto de montaje",
+"Add storage" => "Añadir almacenamiento",
"None set" => "No fue configurado",
"All Users" => "Todos los usuarios",
"Groups" => "Grupos",
diff --git a/apps/files_external/l10n/et_EE.php b/apps/files_external/l10n/et_EE.php
index 280e2664336..fd0cdefd347 100644
--- a/apps/files_external/l10n/et_EE.php
+++ b/apps/files_external/l10n/et_EE.php
@@ -1,11 +1,14 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Ligipääs on antud",
+"Error configuring Dropbox storage" => "Viga Dropboxi salvestusruumi seadistamisel",
+"Grant access" => "Anna ligipääs",
+"Please provide a valid Dropbox app key and secret." => "Palun sisesta korrektne Dropboxi rakenduse võti ja salasõna.",
+"Error configuring Google Drive storage" => "Viga Google Drive'i salvestusruumi seadistamisel",
"External Storage" => "Väline salvestuskoht",
-"Mount point" => "Ühenduspunkt",
-"Backend" => "Admin",
+"Folder name" => "Kausta nimi",
"Configuration" => "Seadistamine",
"Options" => "Valikud",
"Applicable" => "Rakendatav",
-"Add mount point" => "Lisa ühenduspunkt",
"None set" => "Pole määratud",
"All Users" => "Kõik kasutajad",
"Groups" => "Grupid",
diff --git a/apps/files_external/l10n/eu.php b/apps/files_external/l10n/eu.php
index dccd377b119..83be50deb00 100644
--- a/apps/files_external/l10n/eu.php
+++ b/apps/files_external/l10n/eu.php
@@ -2,16 +2,17 @@
"Access granted" => "Sarrera baimendua",
"Error configuring Dropbox storage" => "Errore bat egon da Dropbox biltegiratzea konfiguratzean",
"Grant access" => "Baimendu sarrera",
-"Fill out all required fields" => "Bete eskatutako eremu guztiak",
"Please provide a valid Dropbox app key and secret." => "Mesedez eman baliozkoa den Dropbox app giltza eta sekretua",
"Error configuring Google Drive storage" => "Errore bat egon da Google Drive biltegiratzea konfiguratzean",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Abisua:</b> \"smbclient\" ez dago instalatuta. CIFS/SMB partekatutako karpetak montatzea ez da posible. Mesedez eskatu zure sistema kudeatzaileari instalatzea.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Abisua:</b> PHPren FTP modulua ez dago instalatuta edo gaitua. FTP partekatutako karpetak montatzea ez da posible. Mesedez eskatu zure sistema kudeatzaileari instalatzea.",
"External Storage" => "Kanpoko Biltegiratzea",
-"Mount point" => "Montatze puntua",
-"Backend" => "Motorra",
+"Folder name" => "Karpetaren izena",
+"External storage" => "Kanpoko biltegiratzea",
"Configuration" => "Konfigurazioa",
"Options" => "Aukerak",
"Applicable" => "Aplikagarria",
-"Add mount point" => "Gehitu muntatze puntua",
+"Add storage" => "Gehitu biltegiratzea",
"None set" => "Ezarri gabe",
"All Users" => "Erabiltzaile guztiak",
"Groups" => "Taldeak",
diff --git a/apps/files_external/l10n/fa.php b/apps/files_external/l10n/fa.php
new file mode 100644
index 00000000000..a7eac596b04
--- /dev/null
+++ b/apps/files_external/l10n/fa.php
@@ -0,0 +1,11 @@
+<?php $TRANSLATIONS = array(
+"External Storage" => "حافظه خارجی",
+"Configuration" => "پیکربندی",
+"Options" => "تنظیمات",
+"Applicable" => "قابل اجرا",
+"All Users" => "تمام کاربران",
+"Groups" => "گروه ها",
+"Users" => "کاربران",
+"Delete" => "حذف",
+"Enable User External Storage" => "فعال سازی حافظه خارجی کاربر"
+);
diff --git a/apps/files_external/l10n/fi_FI.php b/apps/files_external/l10n/fi_FI.php
index d7b16e0d3ee..4cf97f2fc35 100644
--- a/apps/files_external/l10n/fi_FI.php
+++ b/apps/files_external/l10n/fi_FI.php
@@ -2,15 +2,15 @@
"Access granted" => "Pääsy sallittu",
"Error configuring Dropbox storage" => "Virhe Dropbox levyn asetuksia tehtäessä",
"Grant access" => "Salli pääsy",
-"Fill out all required fields" => "Täytä kaikki vaaditut kentät",
+"Please provide a valid Dropbox app key and secret." => "Anna kelvollinen Dropbox-sovellusavain ja salainen vastaus.",
"Error configuring Google Drive storage" => "Virhe Google Drive levyn asetuksia tehtäessä",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Varoitus:</b> \"smbclient\" ei ole asennettuna. CIFS-/SMB-jakojen liittäminen ei ole mahdollista. Pyydä järjestelmän ylläpitäjää asentamaan smbclient.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Varoitus:</b> PHP:n FTP-tuki ei ole käytössä tai sitä ei ole asennettu. FTP-jakojen liittäminen ei ole mahdollista. Pyydä järjestelmän ylläpitäjää ottamaan FTP-tuki käyttöön.",
"External Storage" => "Erillinen tallennusväline",
-"Mount point" => "Liitospiste",
-"Backend" => "Taustaosa",
+"Folder name" => "Kansion nimi",
"Configuration" => "Asetukset",
"Options" => "Valinnat",
"Applicable" => "Sovellettavissa",
-"Add mount point" => "Lisää liitospiste",
"None set" => "Ei asetettu",
"All Users" => "Kaikki käyttäjät",
"Groups" => "Ryhmät",
diff --git a/apps/files_external/l10n/fr.php b/apps/files_external/l10n/fr.php
index 90007aafaaf..c42c89f8572 100644
--- a/apps/files_external/l10n/fr.php
+++ b/apps/files_external/l10n/fr.php
@@ -2,16 +2,17 @@
"Access granted" => "Accès autorisé",
"Error configuring Dropbox storage" => "Erreur lors de la configuration du support de stockage Dropbox",
"Grant access" => "Autoriser l'accès",
-"Fill out all required fields" => "Veuillez remplir tous les champs requis",
"Please provide a valid Dropbox app key and secret." => "Veuillez fournir une clé d'application (app key) ainsi qu'un mot de passe valides.",
"Error configuring Google Drive storage" => "Erreur lors de la configuration du support de stockage Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Attention : </b> \"smbclient\" n'est pas installé. Le montage des partages CIFS/SMB n'est pas disponible. Contactez votre administrateur système pour l'installer.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Attention : </b> Le support FTP de PHP n'est pas activé ou installé. Le montage des partages FTP n'est pas disponible. Contactez votre administrateur système pour l'installer.",
"External Storage" => "Stockage externe",
-"Mount point" => "Point de montage",
-"Backend" => "Infrastructure",
+"Folder name" => "Nom du dossier",
+"External storage" => "Stockage externe",
"Configuration" => "Configuration",
"Options" => "Options",
"Applicable" => "Disponible",
-"Add mount point" => "Ajouter un point de montage",
+"Add storage" => "Ajouter un support de stockage",
"None set" => "Aucun spécifié",
"All Users" => "Tous les utilisateurs",
"Groups" => "Groupes",
diff --git a/apps/files_external/l10n/gl.php b/apps/files_external/l10n/gl.php
index 3830efb70bf..715417e25a0 100644
--- a/apps/files_external/l10n/gl.php
+++ b/apps/files_external/l10n/gl.php
@@ -1,18 +1,25 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Concedeuse acceso",
+"Error configuring Dropbox storage" => "Produciuse un erro ao configurar o almacenamento en Dropbox",
+"Grant access" => "Permitir o acceso",
+"Please provide a valid Dropbox app key and secret." => "Forneza unha chave correcta e segreda do Dropbox.",
+"Error configuring Google Drive storage" => "Produciuse un erro ao configurar o almacenamento en Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Aviso:</b> «smbclient» non está instalado. Non é posibel a montaxe de comparticións CIFS/SMB. Consulte co administrador do sistema para instalalo.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Aviso:</b> A compatibilidade de FTP en PHP non está activada ou instalada. Non é posibel a montaxe de comparticións FTP. Consulte co administrador do sistema para instalalo.",
"External Storage" => "Almacenamento externo",
-"Mount point" => "Punto de montaxe",
-"Backend" => "Almacén",
+"Folder name" => "Nome do cartafol",
+"External storage" => "Almacenamento externo",
"Configuration" => "Configuración",
"Options" => "Opcións",
-"Applicable" => "Aplicable",
-"Add mount point" => "Engadir punto de montaxe",
-"None set" => "Non establecido",
-"All Users" => "Tódolos usuarios",
+"Applicable" => "Aplicábel",
+"Add storage" => "Engadir almacenamento",
+"None set" => "Ningún definido",
+"All Users" => "Todos os usuarios",
"Groups" => "Grupos",
"Users" => "Usuarios",
"Delete" => "Eliminar",
-"Enable User External Storage" => "Habilitar almacenamento externo do usuario",
+"Enable User External Storage" => "Activar o almacenamento externo do usuario",
"Allow users to mount their own external storage" => "Permitir aos usuarios montar os seus propios almacenamentos externos",
-"SSL root certificates" => "Certificados raíz SSL",
-"Import Root Certificate" => "Importar Certificado Raíz"
+"SSL root certificates" => "Certificados SSL root",
+"Import Root Certificate" => "Importar o certificado root"
);
diff --git a/apps/files_external/l10n/he.php b/apps/files_external/l10n/he.php
index 12dfa62e7c8..9cba045d1ea 100644
--- a/apps/files_external/l10n/he.php
+++ b/apps/files_external/l10n/he.php
@@ -1,7 +1,15 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "הוענקה גישה",
+"Error configuring Dropbox storage" => "אירעה שגיאה בעת הגדרת אחסון ב־Dropbox",
+"Grant access" => "הענקת גישה",
+"Please provide a valid Dropbox app key and secret." => "נא לספק קוד יישום וסוד תקניים של Dropbox.",
+"Error configuring Google Drive storage" => "אירעה שגיאה בעת הגדרת אחסון ב־Google Drive",
"External Storage" => "אחסון חיצוני",
+"Folder name" => "שם התיקייה",
"Configuration" => "הגדרות",
"Options" => "אפשרויות",
+"Applicable" => "ניתן ליישום",
+"None set" => "לא הוגדרה",
"All Users" => "כל המשתמשים",
"Groups" => "קבוצות",
"Users" => "משתמשים",
diff --git a/apps/files_external/l10n/hi.php b/apps/files_external/l10n/hi.php
new file mode 100644
index 00000000000..0482efc4b23
--- /dev/null
+++ b/apps/files_external/l10n/hi.php
@@ -0,0 +1,3 @@
+<?php $TRANSLATIONS = array(
+"Users" => "उपयोगकर्ता"
+);
diff --git a/apps/files_external/l10n/hr.php b/apps/files_external/l10n/hr.php
new file mode 100644
index 00000000000..24f27ddf81b
--- /dev/null
+++ b/apps/files_external/l10n/hr.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Grupe",
+"Users" => "Korisnici",
+"Delete" => "Obriši"
+);
diff --git a/apps/files_external/l10n/hu_HU.php b/apps/files_external/l10n/hu_HU.php
new file mode 100644
index 00000000000..9ecd2d1088b
--- /dev/null
+++ b/apps/files_external/l10n/hu_HU.php
@@ -0,0 +1,25 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Érvényes hozzáférés",
+"Error configuring Dropbox storage" => "A Dropbox tárolót nem sikerült beállítani",
+"Grant access" => "Megadom a hozzáférést",
+"Please provide a valid Dropbox app key and secret." => "Adjon meg egy érvényes Dropbox app key-t és secretet!",
+"Error configuring Google Drive storage" => "A Google Drive tárolót nem sikerült beállítani",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Figyelem:</b> az \"smbclient\" nincs telepítve a kiszolgálón. Emiatt nem lehet CIFS/SMB megosztásokat fölcsatolni. Kérje meg a rendszergazdát, hogy telepítse a szükséges programot.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Figyelem:</b> a PHP FTP támogatása vagy nincs telepítve, vagy nincs engedélyezve a kiszolgálón. Emiatt nem lehetséges FTP-tárolókat fölcsatolni. Kérje meg a rendszergazdát, hogy telepítse a szükséges programot.",
+"External Storage" => "Külső tárolási szolgáltatások becsatolása",
+"Folder name" => "Mappanév",
+"External storage" => "Külső tárolók",
+"Configuration" => "Beállítások",
+"Options" => "Opciók",
+"Applicable" => "Érvényességi kör",
+"Add storage" => "Tároló becsatolása",
+"None set" => "Nincs beállítva",
+"All Users" => "Az összes felhasználó",
+"Groups" => "Csoportok",
+"Users" => "Felhasználók",
+"Delete" => "Törlés",
+"Enable User External Storage" => "Külső tárolók engedélyezése a felhasználók részére",
+"Allow users to mount their own external storage" => "Lehetővé teszi, hogy a felhasználók külső tárolási szolgáltatásokat csatoljanak be a saját területükre",
+"SSL root certificates" => "SSL tanúsítványok",
+"Import Root Certificate" => "SSL tanúsítványok importálása"
+);
diff --git a/apps/files_external/l10n/hy.php b/apps/files_external/l10n/hy.php
new file mode 100644
index 00000000000..3b80487278a
--- /dev/null
+++ b/apps/files_external/l10n/hy.php
@@ -0,0 +1,3 @@
+<?php $TRANSLATIONS = array(
+"Delete" => "Ջնջել"
+);
diff --git a/apps/files_external/l10n/ia.php b/apps/files_external/l10n/ia.php
new file mode 100644
index 00000000000..f57f96688bf
--- /dev/null
+++ b/apps/files_external/l10n/ia.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Gruppos",
+"Users" => "Usatores",
+"Delete" => "Deler"
+);
diff --git a/apps/files_external/l10n/id.php b/apps/files_external/l10n/id.php
new file mode 100644
index 00000000000..647220706ba
--- /dev/null
+++ b/apps/files_external/l10n/id.php
@@ -0,0 +1,22 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Akses diberikan",
+"Error configuring Dropbox storage" => "Kesalahan dalam mengkonfigurasi penyimpanan Dropbox",
+"Grant access" => "Berikan hak akses",
+"Please provide a valid Dropbox app key and secret." => "Masukkan kunci dan sandi aplikasi Dropbox yang benar.",
+"Error configuring Google Drive storage" => "Kesalahan dalam mengkonfigurasi penyimpanan Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Peringatan:</b> \"smbclient\" tidak terpasang. Mount direktori CIFS/SMB tidak dapat dilakukan. Silakan minta administrator sistem untuk memasangnya.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Peringatan:</b> Dukungan FTP di PHP tidak aktif atau tidak terpasang. Mount direktori FTP tidak dapat dilakukan. Silakan minta administrator sistem untuk memasangnya.",
+"External Storage" => "Penyimpanan Eksternal",
+"Configuration" => "Konfigurasi",
+"Options" => "Pilihan",
+"Applicable" => "Berlaku",
+"None set" => "Tidak satupun di set",
+"All Users" => "Semua Pengguna",
+"Groups" => "Grup",
+"Users" => "Pengguna",
+"Delete" => "Hapus",
+"Enable User External Storage" => "Aktifkan Penyimpanan Eksternal Pengguna",
+"Allow users to mount their own external storage" => "Ijinkan pengguna untuk me-mount penyimpanan eksternal mereka",
+"SSL root certificates" => "Sertifikat root SSL",
+"Import Root Certificate" => "Impor Sertifikat Root"
+);
diff --git a/apps/files_external/l10n/is.php b/apps/files_external/l10n/is.php
new file mode 100644
index 00000000000..6af53096fac
--- /dev/null
+++ b/apps/files_external/l10n/is.php
@@ -0,0 +1,23 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Aðgengi veitt",
+"Error configuring Dropbox storage" => "Villa við að setja upp Dropbox gagnasvæði",
+"Grant access" => "Veita aðgengi",
+"Please provide a valid Dropbox app key and secret." => "Gefðu upp virkan Dropbox lykil og leynikóða",
+"Error configuring Google Drive storage" => "Villa kom upp við að setja upp Google Drive gagnasvæði",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Aðvörun:</b> \"smbclient\" er ekki uppsettur. Uppsetning á CIFS/SMB gagnasvæðum er ekki möguleg. Hafðu samband við kerfisstjóra til að fá hann uppsettan.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Aðvörun:</b> FTP stuðningur í PHP er ekki virkur. Uppsetning á FTP gagnasvæðum er ekki möguleg. Hafðu samband við kerfisstjóra til að fá hann uppsettan.",
+"External Storage" => "Ytri gagnageymsla",
+"Folder name" => "Nafn möppu",
+"Configuration" => "Uppsetning",
+"Options" => "Stillingar",
+"Applicable" => "Gilt",
+"None set" => "Ekkert sett",
+"All Users" => "Allir notendur",
+"Groups" => "Hópar",
+"Users" => "Notendur",
+"Delete" => "Eyða",
+"Enable User External Storage" => "Virkja ytra gagnasvæði notenda",
+"Allow users to mount their own external storage" => "Leyfa notendum að bæta við sínum eigin ytri gagnasvæðum",
+"SSL root certificates" => "SSL rótar skilríki",
+"Import Root Certificate" => "Flytja inn rótar skilríki"
+);
diff --git a/apps/files_external/l10n/it.php b/apps/files_external/l10n/it.php
index 49effebdfc3..d7e0c81a0b0 100644
--- a/apps/files_external/l10n/it.php
+++ b/apps/files_external/l10n/it.php
@@ -2,16 +2,17 @@
"Access granted" => "Accesso consentito",
"Error configuring Dropbox storage" => "Errore durante la configurazione dell'archivio Dropbox",
"Grant access" => "Concedi l'accesso",
-"Fill out all required fields" => "Compila tutti i campi richiesti",
"Please provide a valid Dropbox app key and secret." => "Fornisci chiave di applicazione e segreto di Dropbox validi.",
"Error configuring Google Drive storage" => "Errore durante la configurazione dell'archivio Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Avviso:</b> \"smbclient\" non è installato. Impossibile montare condivisioni CIFS/SMB. Chiedi all'amministratore di sistema di installarlo.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Avviso:</b> il supporto FTP di PHP non è abilitato o non è installato. Impossibile montare condivisioni FTP. Chiedi all'amministratore di sistema di installarlo.",
"External Storage" => "Archiviazione esterna",
-"Mount point" => "Punto di mount",
-"Backend" => "Motore",
+"Folder name" => "Nome della cartella",
+"External storage" => "Archiviazione esterna",
"Configuration" => "Configurazione",
"Options" => "Opzioni",
"Applicable" => "Applicabile",
-"Add mount point" => "Aggiungi punto di mount",
+"Add storage" => "Aggiungi archiviazione",
"None set" => "Nessuna impostazione",
"All Users" => "Tutti gli utenti",
"Groups" => "Gruppi",
diff --git a/apps/files_external/l10n/ja_JP.php b/apps/files_external/l10n/ja_JP.php
index 92f74ce9f72..12a0b30938a 100644
--- a/apps/files_external/l10n/ja_JP.php
+++ b/apps/files_external/l10n/ja_JP.php
@@ -2,16 +2,17 @@
"Access granted" => "アクセスは許可されました",
"Error configuring Dropbox storage" => "Dropboxストレージの設定エラー",
"Grant access" => "アクセスを許可",
-"Fill out all required fields" => "すべての必須フィールドを埋めて下さい",
"Please provide a valid Dropbox app key and secret." => "有効なDropboxアプリのキーとパスワードを入力して下さい。",
"Error configuring Google Drive storage" => "Googleドライブストレージの設定エラー",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>警告:</b> \"smbclient\" はインストールされていません。CIFS/SMB 共有のマウントはできません。システム管理者にインストールをお願いして下さい。",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>警告:</b> PHPのFTPサポートは無効もしくはインストールされていません。FTP共有のマウントはできません。システム管理者にインストールをお願いして下さい。",
"External Storage" => "外部ストレージ",
-"Mount point" => "マウントポイント",
-"Backend" => "バックエンド",
+"Folder name" => "フォルダ名",
+"External storage" => "外部ストレージ",
"Configuration" => "設定",
"Options" => "オプション",
"Applicable" => "適用範囲",
-"Add mount point" => "マウントポイントを追加",
+"Add storage" => "ストレージを追加",
"None set" => "未設定",
"All Users" => "すべてのユーザ",
"Groups" => "グループ",
diff --git a/apps/files_external/l10n/ka.php b/apps/files_external/l10n/ka.php
new file mode 100644
index 00000000000..14c0625e1f2
--- /dev/null
+++ b/apps/files_external/l10n/ka.php
@@ -0,0 +1,3 @@
+<?php $TRANSLATIONS = array(
+"Users" => "მომხმარებლები"
+);
diff --git a/apps/files_external/l10n/ka_GE.php b/apps/files_external/l10n/ka_GE.php
new file mode 100644
index 00000000000..efccca9fd78
--- /dev/null
+++ b/apps/files_external/l10n/ka_GE.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "ჯგუფები",
+"Users" => "მომხმარებელი",
+"Delete" => "წაშლა"
+);
diff --git a/apps/files_external/l10n/ko.php b/apps/files_external/l10n/ko.php
new file mode 100644
index 00000000000..47de9aad5e0
--- /dev/null
+++ b/apps/files_external/l10n/ko.php
@@ -0,0 +1,23 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "접근 허가됨",
+"Error configuring Dropbox storage" => "Dropbox 저장소 설정 오류",
+"Grant access" => "접근 권한 부여",
+"Please provide a valid Dropbox app key and secret." => "올바른 Dropbox 앱 키와 암호를 입력하십시오.",
+"Error configuring Google Drive storage" => "Google 드라이브 저장소 설정 오류",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>경고:</b> \"smbclient\"가 설치되지 않았습니다. CIFS/SMB 공유 자원에 연결할 수 없습니다. 시스템 관리자에게 설치를 요청하십시오.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>경고:</b> PHP FTP 지원이 비활성화되어 있거나 설치되지 않았습니다. FTP 공유를 마운트할 수 없습니다. 시스템 관리자에게 설치를 요청하십시오.",
+"External Storage" => "외부 저장소",
+"Folder name" => "폴더 이름",
+"Configuration" => "설정",
+"Options" => "옵션",
+"Applicable" => "적용 가능",
+"None set" => "설정되지 않음",
+"All Users" => "모든 사용자",
+"Groups" => "그룹",
+"Users" => "사용자",
+"Delete" => "삭제",
+"Enable User External Storage" => "사용자 외부 저장소 사용",
+"Allow users to mount their own external storage" => "사용자별 외부 저장소 마운트 허용",
+"SSL root certificates" => "SSL 루트 인증서",
+"Import Root Certificate" => "루트 인증서 가져오기"
+);
diff --git a/apps/files_external/l10n/ku_IQ.php b/apps/files_external/l10n/ku_IQ.php
new file mode 100644
index 00000000000..59eabb36c9f
--- /dev/null
+++ b/apps/files_external/l10n/ku_IQ.php
@@ -0,0 +1,4 @@
+<?php $TRANSLATIONS = array(
+"Folder name" => "ناوی بوخچه",
+"Users" => "به‌كارهێنه‌ر"
+);
diff --git a/apps/files_external/l10n/lb.php b/apps/files_external/l10n/lb.php
new file mode 100644
index 00000000000..2a62cad3fe9
--- /dev/null
+++ b/apps/files_external/l10n/lb.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Folder name" => "Dossiers Numm:",
+"Groups" => "Gruppen",
+"Delete" => "Läschen"
+);
diff --git a/apps/files_external/l10n/lt_LT.php b/apps/files_external/l10n/lt_LT.php
index 00022aa3d38..f7dca99ef65 100644
--- a/apps/files_external/l10n/lt_LT.php
+++ b/apps/files_external/l10n/lt_LT.php
@@ -1,9 +1,21 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Priėjimas suteiktas",
+"Error configuring Dropbox storage" => "Klaida nustatinėjant Dropbox talpyklą",
+"Grant access" => "Suteikti priėjimą",
+"Please provide a valid Dropbox app key and secret." => "Prašome įvesti teisingus Dropbox \"app key\" ir \"secret\".",
+"Error configuring Google Drive storage" => "Klaida nustatinėjant Google Drive talpyklą",
+"External Storage" => "Išorinės saugyklos",
+"Folder name" => "Katalogo pavadinimas",
"Configuration" => "Konfigūracija",
"Options" => "Nustatymai",
+"Applicable" => "Pritaikyti",
"None set" => "Nieko nepasirinkta",
"All Users" => "Visi vartotojai",
"Groups" => "Grupės",
"Users" => "Vartotojai",
-"Delete" => "Ištrinti"
+"Delete" => "Ištrinti",
+"Enable User External Storage" => "Įjungti vartotojų išorines saugyklas",
+"Allow users to mount their own external storage" => "Leisti vartotojams pridėti savo išorines saugyklas",
+"SSL root certificates" => "SSL sertifikatas",
+"Import Root Certificate" => "Įkelti pagrindinį sertifikatą"
);
diff --git a/apps/files_external/l10n/lv.php b/apps/files_external/l10n/lv.php
new file mode 100644
index 00000000000..b37dbcbdc16
--- /dev/null
+++ b/apps/files_external/l10n/lv.php
@@ -0,0 +1,25 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Piešķirta pieeja",
+"Error configuring Dropbox storage" => "Kļūda, konfigurējot Dropbox krātuvi",
+"Grant access" => "Piešķirt pieeju",
+"Please provide a valid Dropbox app key and secret." => "Lūdzu, norādiet derīgu Dropbox lietotnes atslēgu un noslēpumu.",
+"Error configuring Google Drive storage" => "Kļūda, konfigurējot Google Drive krātuvi",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Brīdinājums:</b> nav uzinstalēts “smbclient”. Nevar montēt CIFS/SMB koplietojumus. Lūdzu, vaicājiet savam sistēmas administratoram, lai to uzinstalē.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Brīdinājums: </b> uz PHP nav aktivēts vai instalēts FTP atbalsts. Nevar montēt FTP koplietojumus. Lūdzu, vaicājiet savam sistēmas administratoram, lai to uzinstalē.",
+"External Storage" => "Ārējā krātuve",
+"Folder name" => "Mapes nosaukums",
+"External storage" => "Ārējā krātuve",
+"Configuration" => "Konfigurācija",
+"Options" => "Opcijas",
+"Applicable" => "Piemērojams",
+"Add storage" => "Pievienot krātuvi",
+"None set" => "Neviens nav iestatīts",
+"All Users" => "Visi lietotāji",
+"Groups" => "Grupas",
+"Users" => "Lietotāji",
+"Delete" => "Dzēst",
+"Enable User External Storage" => "Aktivēt lietotāja ārējo krātuvi",
+"Allow users to mount their own external storage" => "Ļaut lietotājiem montēt pašiem savu ārējo krātuvi",
+"SSL root certificates" => "SSL saknes sertifikāti",
+"Import Root Certificate" => "Importēt saknes sertifikātus"
+);
diff --git a/apps/files_external/l10n/mk.php b/apps/files_external/l10n/mk.php
new file mode 100644
index 00000000000..1f1a1c27831
--- /dev/null
+++ b/apps/files_external/l10n/mk.php
@@ -0,0 +1,23 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Пристапот е дозволен",
+"Error configuring Dropbox storage" => "Грешка при конфигурација на Dropbox",
+"Grant access" => "Дозволи пристап",
+"Please provide a valid Dropbox app key and secret." => "Ве молам доставите валиден Dropbox клуч и тајна лозинка.",
+"Error configuring Google Drive storage" => "Грешка при конфигурација на Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Внимание:</b> \"smbclient\" не е инсталиран. Не е можно монтирање на CIFS/SMB дискови. Замолете го Вашиот систем администратор да го инсталира.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Внимание:</b> Не е овозможена или инсталирани FTP подршка во PHP. Не е можно монтирање на FTP дискови. Замолете го Вашиот систем администратор да го инсталира.",
+"External Storage" => "Надворешно складиште",
+"Folder name" => "Име на папка",
+"Configuration" => "Конфигурација",
+"Options" => "Опции",
+"Applicable" => "Применливо",
+"None set" => "Ништо поставено",
+"All Users" => "Сите корисници",
+"Groups" => "Групи",
+"Users" => "Корисници",
+"Delete" => "Избриши",
+"Enable User External Storage" => "Овозможи надворешни за корисници",
+"Allow users to mount their own external storage" => "Дозволи им на корисниците да монтираат свои надворешни дискови",
+"SSL root certificates" => "SSL root сертификати",
+"Import Root Certificate" => "Увези"
+);
diff --git a/apps/files_external/l10n/ms_MY.php b/apps/files_external/l10n/ms_MY.php
new file mode 100644
index 00000000000..2fdb089ebc6
--- /dev/null
+++ b/apps/files_external/l10n/ms_MY.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Kumpulan",
+"Users" => "Pengguna",
+"Delete" => "Padam"
+);
diff --git a/apps/files_external/l10n/my_MM.php b/apps/files_external/l10n/my_MM.php
new file mode 100644
index 00000000000..5acfbb0321e
--- /dev/null
+++ b/apps/files_external/l10n/my_MM.php
@@ -0,0 +1,3 @@
+<?php $TRANSLATIONS = array(
+"Users" => "သုံးစွဲသူ"
+);
diff --git a/apps/files_external/l10n/nb_NO.php b/apps/files_external/l10n/nb_NO.php
index 273b40cf8ee..961ef2b1046 100644
--- a/apps/files_external/l10n/nb_NO.php
+++ b/apps/files_external/l10n/nb_NO.php
@@ -1,8 +1,21 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Tilgang innvilget",
+"Error configuring Dropbox storage" => "Feil ved konfigurering av Dropbox-lagring",
+"Grant access" => "Gi tilgang",
+"External Storage" => "Ekstern lagring",
+"Folder name" => "Mappenavn",
+"External storage" => "Ekstern lagringsplass",
"Configuration" => "Konfigurasjon",
"Options" => "Innstillinger",
+"Applicable" => "Anvendelig",
+"Add storage" => "Legg til lagringsplass",
+"None set" => "Ingen valgt",
"All Users" => "Alle brukere",
"Groups" => "Grupper",
"Users" => "Brukere",
-"Delete" => "Slett"
+"Delete" => "Slett",
+"Enable User External Storage" => "Aktiver ekstern lagring for bruker",
+"Allow users to mount their own external storage" => "Tillat brukere å koble til egne eksterne lagringsmedium",
+"SSL root certificates" => "SSL root-sertifikater",
+"Import Root Certificate" => "Importer root-sertifikat"
);
diff --git a/apps/files_external/l10n/nl.php b/apps/files_external/l10n/nl.php
index 87ab87cfc9f..ad3eda9747f 100644
--- a/apps/files_external/l10n/nl.php
+++ b/apps/files_external/l10n/nl.php
@@ -2,22 +2,23 @@
"Access granted" => "Toegang toegestaan",
"Error configuring Dropbox storage" => "Fout tijdens het configureren van Dropbox opslag",
"Grant access" => "Sta toegang toe",
-"Fill out all required fields" => "Vul alle verplichte in",
"Please provide a valid Dropbox app key and secret." => "Geef een geldige Dropbox key en secret.",
"Error configuring Google Drive storage" => "Fout tijdens het configureren van Google Drive opslag",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Waarschuwing:</b> \"smbclient\" is niet geïnstalleerd. Mounten van CIFS/SMB shares is niet mogelijk. Vraag uw beheerder om smbclient te installeren.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Waarschuwing:</b> FTP ondersteuning in PHP is niet geactiveerd of geïnstalleerd. Mounten van FTP shares is niet mogelijk. Vraag uw beheerder FTP ondersteuning te installeren.",
"External Storage" => "Externe opslag",
-"Mount point" => "Aankoppelpunt",
-"Backend" => "Backend",
+"Folder name" => "Mapnaam",
+"External storage" => "Externe opslag",
"Configuration" => "Configuratie",
"Options" => "Opties",
"Applicable" => "Van toepassing",
-"Add mount point" => "Voeg aankoppelpunt toe",
+"Add storage" => "Toevoegen opslag",
"None set" => "Niets ingesteld",
"All Users" => "Alle gebruikers",
"Groups" => "Groepen",
"Users" => "Gebruikers",
"Delete" => "Verwijder",
-"Enable User External Storage" => "Zet gebruiker's externe opslag aan",
+"Enable User External Storage" => "Externe opslag voor gebruikers activeren",
"Allow users to mount their own external storage" => "Sta gebruikers toe om hun eigen externe opslag aan te koppelen",
"SSL root certificates" => "SSL root certificaten",
"Import Root Certificate" => "Importeer root certificaat"
diff --git a/apps/files_external/l10n/nn_NO.php b/apps/files_external/l10n/nn_NO.php
new file mode 100644
index 00000000000..4b4b6167d88
--- /dev/null
+++ b/apps/files_external/l10n/nn_NO.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Grupper",
+"Users" => "Brukarar",
+"Delete" => "Slett"
+);
diff --git a/apps/files_external/l10n/oc.php b/apps/files_external/l10n/oc.php
new file mode 100644
index 00000000000..47db011473f
--- /dev/null
+++ b/apps/files_external/l10n/oc.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Grops",
+"Users" => "Usancièrs",
+"Delete" => "Escafa"
+);
diff --git a/apps/files_external/l10n/pl.php b/apps/files_external/l10n/pl.php
index 00514e59a5f..cd1b1fe84a1 100644
--- a/apps/files_external/l10n/pl.php
+++ b/apps/files_external/l10n/pl.php
@@ -2,16 +2,17 @@
"Access granted" => "Dostęp do",
"Error configuring Dropbox storage" => "Wystąpił błąd podczas konfigurowania zasobu Dropbox",
"Grant access" => "Udziel dostępu",
-"Fill out all required fields" => "Wypełnij wszystkie wymagane pola",
"Please provide a valid Dropbox app key and secret." => "Proszę podać prawidłowy klucz aplikacji Dropbox i klucz sekretny.",
"Error configuring Google Drive storage" => "Wystąpił błąd podczas konfigurowania zasobu Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Ostrzeżenie:</b> \"smbclient\" nie jest zainstalowany. Zamontowanie katalogów CIFS/SMB nie jest możliwe. Skontaktuj sie z administratorem w celu zainstalowania.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Ostrzeżenie:</b> Wsparcie dla FTP w PHP nie jest zainstalowane lub włączone. Skontaktuj sie z administratorem w celu zainstalowania lub włączenia go.",
"External Storage" => "Zewnętrzna zasoby dyskowe",
-"Mount point" => "Punkt montowania",
-"Backend" => "Zaplecze",
+"Folder name" => "Nazwa folderu",
+"External storage" => "Zewnętrzne zasoby dyskowe",
"Configuration" => "Konfiguracja",
"Options" => "Opcje",
"Applicable" => "Zastosowanie",
-"Add mount point" => "Dodaj punkt montowania",
+"Add storage" => "Dodaj zasoby dyskowe",
"None set" => "Nie ustawione",
"All Users" => "Wszyscy uzytkownicy",
"Groups" => "Grupy",
diff --git a/apps/files_external/l10n/pt_BR.php b/apps/files_external/l10n/pt_BR.php
index 26e927a423e..a358d569139 100644
--- a/apps/files_external/l10n/pt_BR.php
+++ b/apps/files_external/l10n/pt_BR.php
@@ -2,16 +2,17 @@
"Access granted" => "Acesso concedido",
"Error configuring Dropbox storage" => "Erro ao configurar armazenamento do Dropbox",
"Grant access" => "Permitir acesso",
-"Fill out all required fields" => "Preencha todos os campos obrigatórios",
"Please provide a valid Dropbox app key and secret." => "Por favor forneça um app key e secret válido do Dropbox",
"Error configuring Google Drive storage" => "Erro ao configurar armazenamento do Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Aviso:</b> \"smbclient\" não está instalado. Impossível montar compartilhamentos de CIFS/SMB. Por favor, peça ao seu administrador do sistema para instalá-lo.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Aviso:</b> O suporte para FTP do PHP não está ativado ou instalado. Impossível montar compartilhamentos FTP. Por favor, peça ao seu administrador do sistema para instalá-lo.",
"External Storage" => "Armazenamento Externo",
-"Mount point" => "Ponto de montagem",
-"Backend" => "Backend",
+"Folder name" => "Nome da pasta",
+"External storage" => "Armazenamento Externo",
"Configuration" => "Configuração",
"Options" => "Opções",
"Applicable" => "Aplicável",
-"Add mount point" => "Adicionar ponto de montagem",
+"Add storage" => "Adicionar Armazenamento",
"None set" => "Nenhum definido",
"All Users" => "Todos os Usuários",
"Groups" => "Grupos",
diff --git a/apps/files_external/l10n/pt_PT.php b/apps/files_external/l10n/pt_PT.php
index 4795a51a6b7..aac3c1c2ca0 100644
--- a/apps/files_external/l10n/pt_PT.php
+++ b/apps/files_external/l10n/pt_PT.php
@@ -2,21 +2,22 @@
"Access granted" => "Acesso autorizado",
"Error configuring Dropbox storage" => "Erro ao configurar o armazenamento do Dropbox",
"Grant access" => "Conceder acesso",
-"Fill out all required fields" => "Preencha todos os campos obrigatórios",
"Please provide a valid Dropbox app key and secret." => "Por favor forneça uma \"app key\" e \"secret\" do Dropbox válidas.",
"Error configuring Google Drive storage" => "Erro ao configurar o armazenamento do Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Atenção:</b> O cliente \"smbclient\" não está instalado. Não é possível montar as partilhas CIFS/SMB . Peça ao seu administrador para instalar.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Aviso:</b> O suporte FTP no PHP não está activate ou instalado. Não é possível montar as partilhas FTP. Peça ao seu administrador para instalar.",
"External Storage" => "Armazenamento Externo",
-"Mount point" => "Ponto de montagem",
-"Backend" => "Backend",
+"Folder name" => "Nome da pasta",
+"External storage" => "Armazenamento Externo",
"Configuration" => "Configuração",
"Options" => "Opções",
"Applicable" => "Aplicável",
-"Add mount point" => "Adicionar ponto de montagem",
-"None set" => "Nenhum configurado",
+"Add storage" => "Adicionar armazenamento",
+"None set" => "Não definido",
"All Users" => "Todos os utilizadores",
"Groups" => "Grupos",
"Users" => "Utilizadores",
-"Delete" => "Apagar",
+"Delete" => "Eliminar",
"Enable User External Storage" => "Activar Armazenamento Externo para o Utilizador",
"Allow users to mount their own external storage" => "Permitir que os utilizadores montem o seu próprio armazenamento externo",
"SSL root certificates" => "Certificados SSL de raiz",
diff --git a/apps/files_external/l10n/ro.php b/apps/files_external/l10n/ro.php
index 6a152786808..5747205dc05 100644
--- a/apps/files_external/l10n/ro.php
+++ b/apps/files_external/l10n/ro.php
@@ -1,11 +1,16 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Acces permis",
+"Error configuring Dropbox storage" => "Eroare la configurarea mediului de stocare Dropbox",
+"Grant access" => "Permite accesul",
+"Please provide a valid Dropbox app key and secret." => "Prezintă te rog o cheie de Dropbox validă și parola",
+"Error configuring Google Drive storage" => "Eroare la configurarea mediului de stocare Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Atenție:</b> \"smbclient\" nu este instalat. Montarea mediilor CIFS/SMB partajate nu este posibilă. Solicită administratorului sistemului tău să îl instaleaze.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Atenție:</b> suportul pentru FTP în PHP nu este activat sau instalat. Montarea mediilor FPT partajate nu este posibilă. Solicită administratorului sistemului tău să îl instaleze.",
"External Storage" => "Stocare externă",
-"Mount point" => "Punctul de montare",
-"Backend" => "Backend",
+"Folder name" => "Denumire director",
"Configuration" => "Configurație",
"Options" => "Opțiuni",
"Applicable" => "Aplicabil",
-"Add mount point" => "Adaugă punct de montare",
"None set" => "Niciunul",
"All Users" => "Toți utilizatorii",
"Groups" => "Grupuri",
diff --git a/apps/files_external/l10n/ru.php b/apps/files_external/l10n/ru.php
index eeef416a848..46b73a67f04 100644
--- a/apps/files_external/l10n/ru.php
+++ b/apps/files_external/l10n/ru.php
@@ -1,11 +1,18 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Доступ предоставлен",
+"Error configuring Dropbox storage" => "Ошибка при настройке хранилища Dropbox",
+"Grant access" => "Предоставление доступа",
+"Please provide a valid Dropbox app key and secret." => "Пожалуйста, предоставьте действующий ключ Dropbox и пароль.",
+"Error configuring Google Drive storage" => "Ошибка при настройке хранилища Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Внимание:</b> \"smbclient\" не установлен. Подключение по CIFS/SMB невозможно. Пожалуйста, обратитесь к системному администратору, чтобы установить его.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Внимание:</b> Поддержка FTP не включена в PHP. Подключение по FTP невозможно. Пожалуйста, обратитесь к системному администратору, чтобы включить.",
"External Storage" => "Внешний носитель",
-"Mount point" => "Точка монтирования",
-"Backend" => "Подсистема",
+"Folder name" => "Имя папки",
+"External storage" => "Внешний носитель данных",
"Configuration" => "Конфигурация",
"Options" => "Опции",
"Applicable" => "Применимый",
-"Add mount point" => "Добавить точку монтирования",
+"Add storage" => "Добавить носитель данных",
"None set" => "Не установлено",
"All Users" => "Все пользователи",
"Groups" => "Группы",
diff --git a/apps/files_external/l10n/ru_RU.php b/apps/files_external/l10n/ru_RU.php
index 493e3f5bee4..406e284b278 100644
--- a/apps/files_external/l10n/ru_RU.php
+++ b/apps/files_external/l10n/ru_RU.php
@@ -2,16 +2,15 @@
"Access granted" => "Доступ разрешен",
"Error configuring Dropbox storage" => "Ошибка при конфигурировании хранилища Dropbox",
"Grant access" => "Предоставить доступ",
-"Fill out all required fields" => "Заполните все требуемые поля",
"Please provide a valid Dropbox app key and secret." => "Пожалуйста представьте допустимый ключ приложения Dropbox и пароль.",
"Error configuring Google Drive storage" => "Ошибка настройки хранилища Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Предупреждение:</b> \"smbclient\" не установлен. Подключение общих папок CIFS/SMB невозможно. Пожалуйста, обратитесь к системному администратору, чтобы установить его.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Предупреждение:</b> Поддержка FTP в PHP не включена или не установлена. Подключение по FTP невозможно. Пожалуйста, обратитесь к системному администратору, чтобы установить ее.",
"External Storage" => "Внешние системы хранения данных",
-"Mount point" => "Точка монтирования",
-"Backend" => "Бэкэнд",
+"Folder name" => "Имя папки",
"Configuration" => "Конфигурация",
"Options" => "Опции",
"Applicable" => "Применимый",
-"Add mount point" => "Добавить точку монтирования",
"None set" => "Не задан",
"All Users" => "Все пользователи",
"Groups" => "Группы",
diff --git a/apps/files_external/l10n/si_LK.php b/apps/files_external/l10n/si_LK.php
new file mode 100644
index 00000000000..cc9cb9b9ce5
--- /dev/null
+++ b/apps/files_external/l10n/si_LK.php
@@ -0,0 +1,21 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "පිවිසීමට හැක",
+"Error configuring Dropbox storage" => "Dropbox ගබඩාව වින්‍යාස කිරීමේ දෝශයක් ඇත",
+"Grant access" => "පිවිසුම ලබාදෙන්න",
+"Please provide a valid Dropbox app key and secret." => "කරුණාකර වලංගු Dropbox යෙදුම් යතුරක් හා රහසක් ලබාදෙන්න.",
+"Error configuring Google Drive storage" => "Google Drive ගබඩාව වින්‍යාස කිරීමේ දෝශයක් ඇත",
+"External Storage" => "භාහිර ගබඩාව",
+"Folder name" => "ෆොල්ඩරයේ නම",
+"Configuration" => "වින්‍යාසය",
+"Options" => "විකල්පයන්",
+"Applicable" => "අදාළ",
+"None set" => "කිසිවක් නැත",
+"All Users" => "සියළු පරිශීලකයන්",
+"Groups" => "කණ්ඩායම්",
+"Users" => "පරිශීලකයන්",
+"Delete" => "මකා දමන්න",
+"Enable User External Storage" => "පරිශීලක භාහිර ගබඩාවන් සක්‍රිය කරන්න",
+"Allow users to mount their own external storage" => "පරිශීලකයන්ට තමාගේම භාහිර ගබඩාවන් මවුන්ට් කිරීමේ අයිතිය දෙන්න",
+"SSL root certificates" => "SSL මූල සහතිකයන්",
+"Import Root Certificate" => "මූල සහතිකය ආයාත කරන්න"
+);
diff --git a/apps/files_external/l10n/sk_SK.php b/apps/files_external/l10n/sk_SK.php
index 04257a80144..af6b7b4ae6e 100644
--- a/apps/files_external/l10n/sk_SK.php
+++ b/apps/files_external/l10n/sk_SK.php
@@ -1,23 +1,25 @@
<?php $TRANSLATIONS = array(
"Access granted" => "Prístup povolený",
+"Error configuring Dropbox storage" => "Chyba pri konfigurácii úložiska Dropbox",
"Grant access" => "Povoliť prístup",
-"Fill out all required fields" => "Vyplňte všetky vyžadované kolónky",
"Please provide a valid Dropbox app key and secret." => "Zadajte platný kľúč aplikácie a heslo Dropbox",
"Error configuring Google Drive storage" => "Chyba pri konfigurácii úložiska Google drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Upozornenie:</b> \"smbclient\" nie je nainštalovaný. Nie je možné pripojenie oddielov CIFS/SMB. Požiadajte administrátora systému, nech ho nainštaluje.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Upozornenie:</b> Podpora FTP v PHP nie je povolená alebo nainštalovaná. Nie je možné pripojenie oddielov FTP. Požiadajte administrátora systému, nech ho nainštaluje.",
"External Storage" => "Externé úložisko",
-"Mount point" => "Prípojný bod",
-"Backend" => "Backend",
+"Folder name" => "Meno priečinka",
+"External storage" => "Externé úložisko",
"Configuration" => "Nastavenia",
"Options" => "Možnosti",
"Applicable" => "Aplikovateľné",
-"Add mount point" => "Pridať prípojný bod",
+"Add storage" => "Pridať úložisko",
"None set" => "Žiadne nastavené",
-"All Users" => "Všetci užívatelia",
+"All Users" => "Všetci používatelia",
"Groups" => "Skupiny",
-"Users" => "Užívatelia",
+"Users" => "Používatelia",
"Delete" => "Odstrániť",
"Enable User External Storage" => "Povoliť externé úložisko",
-"Allow users to mount their own external storage" => "Povoliť užívateľom pripojiť ich vlastné externé úložisko",
+"Allow users to mount their own external storage" => "Povoliť používateľom pripojiť ich vlastné externé úložisko",
"SSL root certificates" => "Koreňové SSL certifikáty",
"Import Root Certificate" => "Importovať koreňový certifikát"
);
diff --git a/apps/files_external/l10n/sl.php b/apps/files_external/l10n/sl.php
index f455f8c56fa..4ff2eed3bf0 100644
--- a/apps/files_external/l10n/sl.php
+++ b/apps/files_external/l10n/sl.php
@@ -1,18 +1,25 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Dostop je odobren",
+"Error configuring Dropbox storage" => "Napaka nastavljanja shrambe Dropbox",
+"Grant access" => "Odobri dostop",
+"Please provide a valid Dropbox app key and secret." => "Vpisati je treba veljaven ključ programa in kodo za Dropbox",
+"Error configuring Google Drive storage" => "Napaka nastavljanja shrambe Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Opozorilo:</b> paket \"smbclient\" ni nameščen. Priklapljanje pogonov CIFS/SMB ne bo mogoče.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Opozorilo:</b> podpora FTP v PHP ni omogočena ali pa ni nameščena. Priklapljanje pogonov FTP zato ni mogoče.",
"External Storage" => "Zunanja podatkovna shramba",
-"Mount point" => "Priklopna točka",
-"Backend" => "Zaledje",
+"Folder name" => "Ime mape",
+"External storage" => "Zunanja shramba",
"Configuration" => "Nastavitve",
"Options" => "Možnosti",
"Applicable" => "Se uporablja",
-"Add mount point" => "Dodaj priklopno točko",
+"Add storage" => "Dodaj shrambo",
"None set" => "Ni nastavljeno",
"All Users" => "Vsi uporabniki",
"Groups" => "Skupine",
"Users" => "Uporabniki",
"Delete" => "Izbriši",
-"Enable User External Storage" => "Omogoči uporabo zunanje podatkovne shrambe za uporabnike",
+"Enable User External Storage" => "Omogoči uporabniško zunanjo podatkovno shrambo",
"Allow users to mount their own external storage" => "Dovoli uporabnikom priklop lastne zunanje podatkovne shrambe",
-"SSL root certificates" => "SSL korenski certifikati",
-"Import Root Certificate" => "Uvozi korenski certifikat"
+"SSL root certificates" => "Korenska potrdila SSL",
+"Import Root Certificate" => "Uvozi korensko potrdilo"
);
diff --git a/apps/files_external/l10n/sr.php b/apps/files_external/l10n/sr.php
new file mode 100644
index 00000000000..2554c498dda
--- /dev/null
+++ b/apps/files_external/l10n/sr.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Групе",
+"Users" => "Корисници",
+"Delete" => "Обриши"
+);
diff --git a/apps/files_external/l10n/sr@latin.php b/apps/files_external/l10n/sr@latin.php
new file mode 100644
index 00000000000..24f27ddf81b
--- /dev/null
+++ b/apps/files_external/l10n/sr@latin.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "Grupe",
+"Users" => "Korisnici",
+"Delete" => "Obriši"
+);
diff --git a/apps/files_external/l10n/sv.php b/apps/files_external/l10n/sv.php
index 0a5e1c66d99..45d3589228f 100644
--- a/apps/files_external/l10n/sv.php
+++ b/apps/files_external/l10n/sv.php
@@ -2,16 +2,17 @@
"Access granted" => "Åtkomst beviljad",
"Error configuring Dropbox storage" => "Fel vid konfigurering av Dropbox",
"Grant access" => "Bevilja åtkomst",
-"Fill out all required fields" => "Fyll i alla obligatoriska fält",
"Please provide a valid Dropbox app key and secret." => "Ange en giltig Dropbox nyckel och hemlighet.",
"Error configuring Google Drive storage" => "Fel vid konfigurering av Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Varning:</b> \"smb-klienten\" är inte installerad. Montering av CIFS/SMB delningar är inte möjligt. Kontakta din systemadministratör för att få den installerad.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Varning:</b> Stöd för FTP i PHP är inte aktiverat eller installerat. Montering av FTP-delningar är inte möjligt. Kontakta din systemadministratör för att få det installerat.",
"External Storage" => "Extern lagring",
-"Mount point" => "Monteringspunkt",
-"Backend" => "Källa",
+"Folder name" => "Mappnamn",
+"External storage" => "Extern lagring",
"Configuration" => "Konfiguration",
"Options" => "Alternativ",
"Applicable" => "Tillämplig",
-"Add mount point" => "Lägg till monteringspunkt",
+"Add storage" => "Lägg till lagring",
"None set" => "Ingen angiven",
"All Users" => "Alla användare",
"Groups" => "Grupper",
diff --git a/apps/files_external/l10n/ta_LK.php b/apps/files_external/l10n/ta_LK.php
new file mode 100644
index 00000000000..cee3b6edb8a
--- /dev/null
+++ b/apps/files_external/l10n/ta_LK.php
@@ -0,0 +1,21 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "அனுமதி வழங்கப்பட்டது",
+"Error configuring Dropbox storage" => "Dropbox சேமிப்பை தகவமைப்பதில் வழு",
+"Grant access" => "அனுமதியை வழங்கல்",
+"Please provide a valid Dropbox app key and secret." => "தயவுசெய்து ஒரு செல்லுபடியான Dropbox செயலி சாவி மற்றும் இரகசியத்தை வழங்குக. ",
+"Error configuring Google Drive storage" => "Google இயக்க சேமிப்பகத்தை தகமைப்பதில் வழு",
+"External Storage" => "வெளி சேமிப்பு",
+"Folder name" => "கோப்புறை பெயர்",
+"Configuration" => "தகவமைப்பு",
+"Options" => "தெரிவுகள்",
+"Applicable" => "பயன்படத்தக்க",
+"None set" => "தொகுப்பில்லா",
+"All Users" => "பயனாளர்கள் எல்லாம்",
+"Groups" => "குழுக்கள்",
+"Users" => "பயனாளர்",
+"Delete" => "நீக்குக",
+"Enable User External Storage" => "பயனாளர் வெளி சேமிப்பை இயலுமைப்படுத்துக",
+"Allow users to mount their own external storage" => "பயனாளர் அவர்களுடைய சொந்த வெளியக சேமிப்பை ஏற்ற அனுமதிக்க",
+"SSL root certificates" => "SSL வேர் சான்றிதழ்கள்",
+"Import Root Certificate" => "வேர் சான்றிதழை இறக்குமதி செய்க"
+);
diff --git a/apps/files_external/l10n/th_TH.php b/apps/files_external/l10n/th_TH.php
index 70ab8d33485..2f733eab9e8 100644
--- a/apps/files_external/l10n/th_TH.php
+++ b/apps/files_external/l10n/th_TH.php
@@ -2,16 +2,15 @@
"Access granted" => "การเข้าถึงได้รับอนุญาตแล้ว",
"Error configuring Dropbox storage" => "เกิดข้อผิดพลาดในการกำหนดค่าพื้นที่จัดเก็บข้อมูล Dropbox",
"Grant access" => "อนุญาตให้เข้าถึงได้",
-"Fill out all required fields" => "กรอกข้อมูลในช่องข้อมูลที่จำเป็นต้องกรอกทั้งหมด",
"Please provide a valid Dropbox app key and secret." => "กรุณากรอกรหัส app key ของ Dropbox และรหัสลับ",
"Error configuring Google Drive storage" => "เกิดข้อผิดพลาดในการกำหนดค่าการจัดเก็บข้อมูลในพื้นที่ของ Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>คำเตือน:</b> \"smbclient\" ยังไม่ได้ถูกติดตั้ง. การชี้ CIFS/SMB เพื่อแชร์ข้อมูลไม่สามารถกระทำได้ กรุณาสอบถามข้อมูลเพิ่มเติมจากผู้ดูแลระบบเพื่อติดตั้ง.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>คำเตือน:</b> การสนับสนุนการใช้งาน FTP ในภาษา PHP ยังไม่ได้ถูกเปิดใช้งานหรือถูกติดตั้ง. การชี้ FTP เพื่อแชร์ข้อมูลไม่สามารถดำเนินการได้ กรุณาสอบถามข้อมูลเพิ่มเติมจากผู้ดูแลระบบเพื่อติดตั้ง",
"External Storage" => "พื้นทีจัดเก็บข้อมูลจากภายนอก",
-"Mount point" => "จุดชี้ตำแหน่ง",
-"Backend" => "ด้านหลังระบบ",
+"Folder name" => "ชื่อโฟลเดอร์",
"Configuration" => "การกำหนดค่า",
"Options" => "ตัวเลือก",
"Applicable" => "สามารถใช้งานได้",
-"Add mount point" => "เพิ่มจุดชี้ตำแหน่ง",
"None set" => "ยังไม่มีการกำหนด",
"All Users" => "ผู้ใช้งานทั้งหมด",
"Groups" => "กลุ่ม",
diff --git a/apps/files_external/l10n/tr.php b/apps/files_external/l10n/tr.php
new file mode 100644
index 00000000000..cddb2b35e03
--- /dev/null
+++ b/apps/files_external/l10n/tr.php
@@ -0,0 +1,19 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "Giriş kabul edildi",
+"Grant access" => "Erişim sağlandı",
+"Please provide a valid Dropbox app key and secret." => "Lütfen Dropbox app key ve secret temin ediniz",
+"External Storage" => "Harici Depolama",
+"Folder name" => "Dizin ismi",
+"Configuration" => "Yapılandırma",
+"Options" => "Seçenekler",
+"Applicable" => "Uygulanabilir",
+"None set" => "Hiçbiri",
+"All Users" => "Tüm Kullanıcılar",
+"Groups" => "Gruplar",
+"Users" => "Kullanıcılar",
+"Delete" => "Sil",
+"Enable User External Storage" => "Kullanıcılar için Harici Depolamayı Etkinleştir",
+"Allow users to mount their own external storage" => "Kullanıcıların kendi harici depolamalarını bağlamalarına izin ver",
+"SSL root certificates" => "SSL kök sertifikaları",
+"Import Root Certificate" => "Kök Sertifikalarını İçe Aktar"
+);
diff --git a/apps/files_external/l10n/uk.php b/apps/files_external/l10n/uk.php
index 79920b9014a..34d19af0ee9 100644
--- a/apps/files_external/l10n/uk.php
+++ b/apps/files_external/l10n/uk.php
@@ -1,5 +1,25 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Доступ дозволено",
+"Error configuring Dropbox storage" => "Помилка при налаштуванні сховища Dropbox",
+"Grant access" => "Дозволити доступ",
+"Please provide a valid Dropbox app key and secret." => "Будь ласка, надайте дійсний ключ та пароль Dropbox.",
+"Error configuring Google Drive storage" => "Помилка при налаштуванні сховища Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Попередження:</b> Клієнт \"smbclient\" не встановлено. Під'єднанатися до CIFS/SMB тек неможливо. Попрохайте системного адміністратора встановити його.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Попередження:</b> Підтримка FTP в PHP не увімкнута чи не встановлена. Під'єднанатися до FTP тек неможливо. Попрохайте системного адміністратора встановити її.",
+"External Storage" => "Зовнішні сховища",
+"Folder name" => "Ім'я теки",
+"External storage" => "Зовнішнє сховище",
+"Configuration" => "Налаштування",
+"Options" => "Опції",
+"Applicable" => "Придатний",
+"Add storage" => "Додати сховище",
+"None set" => "Не встановлено",
+"All Users" => "Усі користувачі",
"Groups" => "Групи",
"Users" => "Користувачі",
-"Delete" => "Видалити"
+"Delete" => "Видалити",
+"Enable User External Storage" => "Активувати користувацькі зовнішні сховища",
+"Allow users to mount their own external storage" => "Дозволити користувачам монтувати власні зовнішні сховища",
+"SSL root certificates" => "SSL корневі сертифікати",
+"Import Root Certificate" => "Імпортувати корневі сертифікати"
);
diff --git a/apps/files_external/l10n/ur_PK.php b/apps/files_external/l10n/ur_PK.php
new file mode 100644
index 00000000000..278357b4d68
--- /dev/null
+++ b/apps/files_external/l10n/ur_PK.php
@@ -0,0 +1,3 @@
+<?php $TRANSLATIONS = array(
+"Users" => "یوزرز"
+);
diff --git a/apps/files_external/l10n/vi.php b/apps/files_external/l10n/vi.php
index dd616e91153..84f31e88924 100644
--- a/apps/files_external/l10n/vi.php
+++ b/apps/files_external/l10n/vi.php
@@ -1,11 +1,16 @@
<?php $TRANSLATIONS = array(
+"Access granted" => "Đã cấp quyền truy cập",
+"Error configuring Dropbox storage" => "Lỗi cấu hình lưu trữ Dropbox ",
+"Grant access" => "Cấp quyền truy cập",
+"Please provide a valid Dropbox app key and secret." => "Xin vui lòng cung cấp một ứng dụng Dropbox hợp lệ và mã bí mật.",
+"Error configuring Google Drive storage" => "Lỗi cấu hình lưu trữ Google Drive",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>Cảnh báo:</b> \"smbclient\" chưa được cài đặt. Mount CIFS/SMB shares là không thể thực hiện được. Hãy hỏi người quản trị hệ thống để cài đặt nó.",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>Cảnh báo:</b> FTP trong PHP chưa được cài đặt hoặc chưa được mở. Mount FTP shares là không thể. Xin hãy yêu cầu quản trị hệ thống của bạn cài đặt nó.",
"External Storage" => "Lưu trữ ngoài",
-"Mount point" => "Điểm gắn",
-"Backend" => "phụ trợ",
+"Folder name" => "Tên thư mục",
"Configuration" => "Cấu hình",
"Options" => "Tùy chọn",
"Applicable" => "Áp dụng",
-"Add mount point" => "Thêm điểm lắp",
"None set" => "không",
"All Users" => "Tất cả người dùng",
"Groups" => "Nhóm",
diff --git a/apps/files_external/l10n/zh_CN.GB2312.php b/apps/files_external/l10n/zh_CN.GB2312.php
index 47983d3d7d4..74b9e3cad81 100644
--- a/apps/files_external/l10n/zh_CN.GB2312.php
+++ b/apps/files_external/l10n/zh_CN.GB2312.php
@@ -2,16 +2,13 @@
"Access granted" => "已授予权限",
"Error configuring Dropbox storage" => "配置 Dropbox 存储出错",
"Grant access" => "授予权限",
-"Fill out all required fields" => "填充全部必填字段",
"Please provide a valid Dropbox app key and secret." => "请提供一个有效的 Dropbox app key 和 secret。",
"Error configuring Google Drive storage" => "配置 Google Drive 存储失败",
"External Storage" => "外部存储",
-"Mount point" => "挂载点",
-"Backend" => "后端",
+"Folder name" => "文件夹名",
"Configuration" => "配置",
"Options" => "选项",
"Applicable" => "可应用",
-"Add mount point" => "添加挂载点",
"None set" => "未设置",
"All Users" => "所有用户",
"Groups" => "群组",
diff --git a/apps/files_external/l10n/zh_CN.php b/apps/files_external/l10n/zh_CN.php
new file mode 100644
index 00000000000..1860b6f70d7
--- /dev/null
+++ b/apps/files_external/l10n/zh_CN.php
@@ -0,0 +1,23 @@
+<?php $TRANSLATIONS = array(
+"Access granted" => "权限已授予。",
+"Error configuring Dropbox storage" => "配置Dropbox存储时出错",
+"Grant access" => "授权",
+"Please provide a valid Dropbox app key and secret." => "请提供有效的Dropbox应用key和secret",
+"Error configuring Google Drive storage" => "配置Google Drive存储时出错",
+"<b>Warning:</b> \"smbclient\" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it." => "<b>警告:</b>“smbclient” 尚未安装。CIFS/SMB 分享挂载无法实现。请咨询系统管理员进行安装。",
+"<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it." => "<b>警告:</b>PHP中尚未启用或安装FTP。FTP 分享挂载无法实现。请咨询系统管理员进行安装。",
+"External Storage" => "外部存储",
+"Folder name" => "目录名称",
+"Configuration" => "配置",
+"Options" => "选项",
+"Applicable" => "适用的",
+"None set" => "未设置",
+"All Users" => "所有用户",
+"Groups" => "组",
+"Users" => "用户",
+"Delete" => "删除",
+"Enable User External Storage" => "启用用户外部存储",
+"Allow users to mount their own external storage" => "允许用户挂载自有外部存储",
+"SSL root certificates" => "SSL根证书",
+"Import Root Certificate" => "导入根证书"
+);
diff --git a/apps/files_external/l10n/zh_HK.php b/apps/files_external/l10n/zh_HK.php
new file mode 100644
index 00000000000..a85b5a03b8a
--- /dev/null
+++ b/apps/files_external/l10n/zh_HK.php
@@ -0,0 +1,5 @@
+<?php $TRANSLATIONS = array(
+"Groups" => "群組",
+"Users" => "用戶",
+"Delete" => "刪除"
+);
diff --git a/apps/files_external/l10n/zh_TW.php b/apps/files_external/l10n/zh_TW.php
new file mode 100644
index 00000000000..512a151a3c8
--- /dev/null
+++ b/apps/files_external/l10n/zh_TW.php
@@ -0,0 +1,10 @@
+<?php $TRANSLATIONS = array(
+"External Storage" => "外部儲存裝置",
+"Folder name" => "資料夾名稱",
+"None set" => "尚未設定",
+"All Users" => "所有使用者",
+"Groups" => "群組",
+"Users" => "使用者",
+"Delete" => "刪除",
+"Import Root Certificate" => "匯入根憑證"
+);
diff --git a/apps/files_external/lib/amazons3.php b/apps/files_external/lib/amazons3.php
index 41ec3c70b45..7bcefd4176c 100644
--- a/apps/files_external/lib/amazons3.php
+++ b/apps/files_external/lib/amazons3.php
@@ -1,40 +1,48 @@
<?php
/**
-* ownCloud
-*
-* @author Michael Gapczynski
-* @copyright 2012 Michael Gapczynski mtgap@owncloud.com
-*
-* This library is free software; you can redistribute it and/or
-* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
-* License as published by the Free Software Foundation; either
-* version 3 of the License, or any later version.
-*
-* This library is distributed in the hope that it will be useful,
-* but WITHOUT ANY WARRANTY; without even the implied warranty of
-* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
-*
-* You should have received a copy of the GNU Affero General Public
-* License along with this library. If not, see <http://www.gnu.org/licenses/>.
-*/
+ * ownCloud
+ *
+ * @author Michael Gapczynski
+ * @copyright 2012 Michael Gapczynski mtgap@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace OC\Files\Storage;
require_once 'aws-sdk/sdk.class.php';
-class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
+class AmazonS3 extends \OC\Files\Storage\Common {
private $s3;
private $bucket;
private $objects = array();
+ private $id;
private static $tempFiles = array();
- // TODO options: storage class, encryption server side, encrypt before upload?
+ // TODO Update to new AWS SDK
public function __construct($params) {
- $this->s3 = new AmazonS3(array('key' => $params['key'], 'secret' => $params['secret']));
- $this->bucket = $params['bucket'];
+ if (isset($params['key']) && isset($params['secret']) && isset($params['bucket'])) {
+ $this->id = 'amazon::' . $params['key'] . md5($params['secret']);
+ $this->s3 = new \AmazonS3(array('key' => $params['key'], 'secret' => $params['secret']));
+ $this->bucket = $params['bucket'];
+ } else {
+ throw new \Exception();
+ }
}
private function getObject($path) {
@@ -45,9 +53,9 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
if ($response) {
$this->objects[$path] = $response;
return $response;
- // This object could be a folder, a '/' must be at the end of the path
+ // This object could be a folder, a '/' must be at the end of the path
} else if (substr($path, -1) != '/') {
- $response = $this->s3->get_object_metadata($this->bucket, $path.'/');
+ $response = $this->s3->get_object_metadata($this->bucket, $path . '/');
if ($response) {
$this->objects[$path] = $response;
return $response;
@@ -57,6 +65,10 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
return false;
}
+ public function getId() {
+ return $this->id;
+ }
+
public function mkdir($path) {
// Folders in Amazon S3 are 0 byte objects with a '/' at the end of the name
if (substr($path, -1) != '/') {
@@ -96,8 +108,8 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
foreach ($response->body->CommonPrefixes as $object) {
$files[] = basename($object->Prefix);
}
- OC_FakeDirStream::$dirs['amazons3'.$path] = $files;
- return opendir('fakedir://amazons3'.$path);
+ \OC\Files\Stream\Dir::register('amazons3' . $path, $files);
+ return opendir('fakedir://amazons3' . $path);
}
return false;
}
@@ -107,12 +119,10 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
$stat['size'] = $this->s3->get_bucket_filesize($this->bucket);
$stat['atime'] = time();
$stat['mtime'] = $stat['atime'];
- $stat['ctime'] = $stat['atime'];
} else if ($object = $this->getObject($path)) {
$stat['size'] = $object['Size'];
$stat['atime'] = time();
$stat['mtime'] = strtotime($object['LastModified']);
- $stat['ctime'] = $stat['mtime'];
}
if (isset($stat)) {
return $stat;
@@ -123,12 +133,15 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
public function filetype($path) {
if ($path == '' || $path == '/') {
return 'dir';
- } else if ($object = $this->getObject($path)) {
- // Amazon S3 doesn't have typical folders, this is an alternative method to detect a folder
- if (substr($object['Key'], -1) == '/' && $object['Size'] == 0) {
- return 'dir';
- } else {
- return 'file';
+ } else {
+ $object = $this->getObject($path);
+ if ($object) {
+ // Amazon S3 doesn't have typical folders, this is an alternative method to detect a folder
+ if (substr($object['Key'], -1) == '/' && $object['Size'] == 0) {
+ return 'dir';
+ } else {
+ return 'file';
+ }
}
}
return false;
@@ -160,7 +173,7 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
switch ($mode) {
case 'r':
case 'rb':
- $tmpFile = OC_Helper::tmpFile();
+ $tmpFile = \OC_Helper::tmpFile();
$handle = fopen($tmpFile, 'w');
$response = $this->s3->get_object($this->bucket, $path, array('fileDownload' => $handle));
if ($response->isOK()) {
@@ -184,14 +197,14 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
} else {
$ext = '';
}
- $tmpFile = OC_Helper::tmpFile($ext);
- OC_CloseStreamWrapper::$callBacks[$tmpFile] = array($this, 'writeBack');
+ $tmpFile = \OC_Helper::tmpFile($ext);
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
if ($this->file_exists($path)) {
$source = $this->fopen($path, 'r');
file_put_contents($tmpFile, $source);
}
self::$tempFiles[$tmpFile] = $path;
- return fopen('close://'.$tmpFile, $mode);
+ return fopen('close://' . $tmpFile, $mode);
}
return false;
}
@@ -199,7 +212,9 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
public function writeBack($tmpFile) {
if (isset(self::$tempFiles[$tmpFile])) {
$handle = fopen($tmpFile, 'r');
- $response = $this->s3->create_object($this->bucket, self::$tempFiles[$tmpFile], array('fileUpload' => $handle));
+ $response = $this->s3->create_object($this->bucket,
+ self::$tempFiles[$tmpFile],
+ array('fileUpload' => $handle));
if ($response->isOK()) {
unlink($tmpFile);
}
@@ -209,17 +224,15 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
public function getMimeType($path) {
if ($this->filetype($path) == 'dir') {
return 'httpd/unix-directory';
- } else if ($object = $this->getObject($path)) {
- return $object['ContentType'];
+ } else {
+ $object = $this->getObject($path);
+ if ($object) {
+ return $object['ContentType'];
+ }
}
return false;
}
- public function free_space($path) {
- // Infinite?
- return false;
- }
-
public function touch($path, $mtime = null) {
if (is_null($mtime)) {
$mtime = time();
@@ -231,4 +244,12 @@ class OC_Filestorage_AmazonS3 extends OC_Filestorage_Common {
return $response->isOK();
}
+ public function test() {
+ $test = $this->s3->get_canonical_user_id();
+ if (isset($test['id']) && $test['id'] != '') {
+ return true;
+ }
+ return false;
+ }
+
}
diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php
index 0a576f06f1f..11d24045fd9 100755
--- a/apps/files_external/lib/config.php
+++ b/apps/files_external/lib/config.php
@@ -38,16 +38,82 @@ class OC_Mount_Config {
* @return array
*/
public static function getBackends() {
- return array(
- 'OC_Filestorage_Local' => array('backend' => 'Local', 'configuration' => array('datadir' => 'Location')),
- 'OC_Filestorage_AmazonS3' => array('backend' => 'Amazon S3', 'configuration' => array('key' => 'Key', 'secret' => '*Secret', 'bucket' => 'Bucket')),
- 'OC_Filestorage_Dropbox' => array('backend' => 'Dropbox', 'configuration' => array('configured' => '#configured','app_key' => 'App key', 'app_secret' => 'App secret', 'token' => '#token', 'token_secret' => '#token_secret'), 'custom' => 'dropbox'),
- 'OC_Filestorage_FTP' => array('backend' => 'FTP', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root', 'secure' => '!Secure ftps://')),
- 'OC_Filestorage_Google' => array('backend' => 'Google Drive', 'configuration' => array('configured' => '#configured', 'token' => '#token', 'token_secret' => '#token secret'), 'custom' => 'google'),
- 'OC_Filestorage_SWIFT' => array('backend' => 'OpenStack Swift', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'token' => '*Token', 'root' => '&Root', 'secure' => '!Secure ftps://')),
- 'OC_Filestorage_SMB' => array('backend' => 'SMB', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'share' => 'Share', 'root' => '&Root')),
- 'OC_Filestorage_DAV' => array('backend' => 'WebDAV', 'configuration' => array('host' => 'URL', 'user' => 'Username', 'password' => '*Password', 'root' => '&Root', 'secure' => '!Secure https://'))
- );
+
+ $backends['\OC\Files\Storage\Local']=array(
+ 'backend' => 'Local',
+ 'configuration' => array(
+ 'datadir' => 'Location'));
+
+ $backends['\OC\Files\Storage\AmazonS3']=array(
+ 'backend' => 'Amazon S3',
+ 'configuration' => array(
+ 'key' => 'Key',
+ 'secret' => '*Secret',
+ 'bucket' => 'Bucket'));
+
+ $backends['\OC\Files\Storage\Dropbox']=array(
+ 'backend' => 'Dropbox',
+ 'configuration' => array(
+ 'configured' => '#configured',
+ 'app_key' => 'App key',
+ 'app_secret' => 'App secret',
+ 'token' => '#token',
+ 'token_secret' => '#token_secret'),
+ 'custom' => 'dropbox');
+
+ if(OC_Mount_Config::checkphpftp()) $backends['\OC\Files\Storage\FTP']=array(
+ 'backend' => 'FTP',
+ 'configuration' => array(
+ 'host' => 'URL',
+ 'user' => 'Username',
+ 'password' => '*Password',
+ 'root' => '&Root',
+ 'secure' => '!Secure ftps://'));
+
+ $backends['\OC\Files\Storage\Google']=array(
+ 'backend' => 'Google Drive',
+ 'configuration' => array(
+ 'configured' => '#configured',
+ 'token' => '#token',
+ 'token_secret' => '#token secret'),
+ 'custom' => 'google');
+
+ $backends['\OC\Files\Storage\SWIFT']=array(
+ 'backend' => 'OpenStack Swift',
+ 'configuration' => array(
+ 'host' => 'URL',
+ 'user' => 'Username',
+ 'token' => '*Token',
+ 'root' => '&Root',
+ 'secure' => '!Secure ftps://'));
+
+ if(OC_Mount_Config::checksmbclient()) $backends['\OC\Files\Storage\SMB']=array(
+ 'backend' => 'SMB / CIFS',
+ 'configuration' => array(
+ 'host' => 'URL',
+ 'user' => 'Username',
+ 'password' => '*Password',
+ 'share' => 'Share',
+ 'root' => '&Root'));
+
+ $backends['\OC\Files\Storage\DAV']=array(
+ 'backend' => 'ownCloud / WebDAV',
+ 'configuration' => array(
+ 'host' => 'URL',
+ 'user' => 'Username',
+ 'password' => '*Password',
+ 'root' => '&Root',
+ 'secure' => '!Secure https://'));
+
+ $backends['\OC\Files\Storage\SFTP']=array(
+ 'backend' => 'SFTP',
+ 'configuration' => array(
+ 'host' => 'URL',
+ 'user' => 'Username',
+ 'password' => '*Password',
+ 'root' => '&Root'));
+
+ return($backends);
}
/**
@@ -62,13 +128,24 @@ class OC_Mount_Config {
if (isset($mountPoints[self::MOUNT_TYPE_GROUP])) {
foreach ($mountPoints[self::MOUNT_TYPE_GROUP] as $group => $mounts) {
foreach ($mounts as $mountPoint => $mount) {
+ // Update old classes to new namespace
+ if (strpos($mount['class'], 'OC_Filestorage_') !== false) {
+ $mount['class'] = '\OC\Files\Storage\\'.substr($mount['class'], 15);
+ }
// Remove '/$user/files/' from mount point
$mountPoint = substr($mountPoint, 13);
// Merge the mount point into the current mount points
if (isset($system[$mountPoint]) && $system[$mountPoint]['configuration'] == $mount['options']) {
- $system[$mountPoint]['applicable']['groups'] = array_merge($system[$mountPoint]['applicable']['groups'], array($group));
+ $system[$mountPoint]['applicable']['groups']
+ = array_merge($system[$mountPoint]['applicable']['groups'], array($group));
} else {
- $system[$mountPoint] = array('class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'applicable' => array('groups' => array($group), 'users' => array()));
+ $system[$mountPoint] = array(
+ 'class' => $mount['class'],
+ 'backend' => $backends[$mount['class']]['backend'],
+ 'configuration' => $mount['options'],
+ 'applicable' => array('groups' => array($group), 'users' => array()),
+ 'status' => self::getBackendStatus($mount['class'], $mount['options'])
+ );
}
}
}
@@ -76,13 +153,24 @@ class OC_Mount_Config {
if (isset($mountPoints[self::MOUNT_TYPE_USER])) {
foreach ($mountPoints[self::MOUNT_TYPE_USER] as $user => $mounts) {
foreach ($mounts as $mountPoint => $mount) {
+ // Update old classes to new namespace
+ if (strpos($mount['class'], 'OC_Filestorage_') !== false) {
+ $mount['class'] = '\OC\Files\Storage\\'.substr($mount['class'], 15);
+ }
// Remove '/$user/files/' from mount point
$mountPoint = substr($mountPoint, 13);
// Merge the mount point into the current mount points
if (isset($system[$mountPoint]) && $system[$mountPoint]['configuration'] == $mount['options']) {
- $system[$mountPoint]['applicable']['users'] = array_merge($system[$mountPoint]['applicable']['users'], array($user));
+ $system[$mountPoint]['applicable']['users']
+ = array_merge($system[$mountPoint]['applicable']['users'], array($user));
} else {
- $system[$mountPoint] = array('class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options'], 'applicable' => array('groups' => array(), 'users' => array($user)));
+ $system[$mountPoint] = array(
+ 'class' => $mount['class'],
+ 'backend' => $backends[$mount['class']]['backend'],
+ 'configuration' => $mount['options'],
+ 'applicable' => array('groups' => array(), 'users' => array($user)),
+ 'status' => self::getBackendStatus($mount['class'], $mount['options'])
+ );
}
}
}
@@ -102,28 +190,36 @@ class OC_Mount_Config {
$personal = array();
if (isset($mountPoints[self::MOUNT_TYPE_USER][$uid])) {
foreach ($mountPoints[self::MOUNT_TYPE_USER][$uid] as $mountPoint => $mount) {
+ // Update old classes to new namespace
+ if (strpos($mount['class'], 'OC_Filestorage_') !== false) {
+ $mount['class'] = '\OC\Files\Storage\\'.substr($mount['class'], 15);
+ }
// Remove '/uid/files/' from mount point
- $personal[substr($mountPoint, strlen($uid) + 8)] = array('class' => $mount['class'], 'backend' => $backends[$mount['class']]['backend'], 'configuration' => $mount['options']);
+ $personal[substr($mountPoint, strlen($uid) + 8)] = array(
+ 'class' => $mount['class'],
+ 'backend' => $backends[$mount['class']]['backend'],
+ 'configuration' => $mount['options'],
+ 'status' => self::getBackendStatus($mount['class'], $mount['options'])
+ );
}
}
return $personal;
}
- /**
- * Add directory for mount point to the filesystem
- * @param OC_Fileview instance $view
- * @param string path to mount point
- */
- private static function addMountPointDirectory($view, $path) {
- $dir = '';
- foreach ( explode('/', $path) as $pathPart) {
- $dir = $dir.'/'.$pathPart;
- if ( !$view->file_exists($dir)) {
- $view->mkdir($dir);
- }
+ private static function getBackendStatus($class, $options) {
+ foreach ($options as &$option) {
+ $option = str_replace('$user', OCP\User::getUser(), $option);
+ }
+ if (class_exists($class)) {
+ try {
+ $storage = new $class($options);
+ return $storage->test();
+ } catch (Exception $exception) {
+ return false;
+ }
}
+ return false;
}
-
/**
* Add a mount point to the filesystem
@@ -135,40 +231,20 @@ class OC_Mount_Config {
* @param bool Personal or system mount point i.e. is this being called from the personal or admin page
* @return bool
*/
- public static function addMountPoint($mountPoint, $class, $classOptions, $mountType, $applicable, $isPersonal = false) {
+ public static function addMountPoint($mountPoint,
+ $class,
+ $classOptions,
+ $mountType,
+ $applicable,
+ $isPersonal = false) {
if ($isPersonal) {
// Verify that the mount point applies for the current user
// Prevent non-admin users from mounting local storage
- if ($applicable != OCP\User::getUser() || $class == 'OC_Filestorage_Local') {
+ if ($applicable != OCP\User::getUser() || $class == '\OC\Files\Storage\Local') {
return false;
}
- $view = new OC_FilesystemView('/'.OCP\User::getUser().'/files');
- self::addMountPointDirectory($view, ltrim($mountPoint, '/'));
$mountPoint = '/'.$applicable.'/files/'.ltrim($mountPoint, '/');
} else {
- $view = new OC_FilesystemView('/');
- switch ($mountType) {
- case 'user':
- if ($applicable == "all") {
- $users = OCP\User::getUsers();
- foreach ( $users as $user ) {
- $path = $user.'/files/'.ltrim($mountPoint, '/');
- self::addMountPointDirectory($view, $path);
- }
- } else {
- $path = $applicable.'/files/'.ltrim($mountPoint, '/');
- self::addMountPointDirectory($view, $path);
- }
- break;
- case 'group' :
- $groupMembers = OC_Group::usersInGroups(array($applicable));
- foreach ( $groupMembers as $user ) {
- $path = $user.'/files/'.ltrim($mountPoint, '/');
- self::addMountPointDirectory($view, $path);
- }
- break;
- }
-
$mountPoint = '/$user/files/'.ltrim($mountPoint, '/');
}
$mount = array($applicable => array($mountPoint => array('class' => $class, 'options' => $classOptions)));
@@ -176,7 +252,8 @@ class OC_Mount_Config {
// Merge the new mount point into the current mount points
if (isset($mountPoints[$mountType])) {
if (isset($mountPoints[$mountType][$applicable])) {
- $mountPoints[$mountType][$applicable] = array_merge($mountPoints[$mountType][$applicable], $mount[$applicable]);
+ $mountPoints[$mountType][$applicable]
+ = array_merge($mountPoints[$mountType][$applicable], $mount[$applicable]);
} else {
$mountPoints[$mountType] = array_merge($mountPoints[$mountType], $mount);
}
@@ -184,7 +261,7 @@ class OC_Mount_Config {
$mountPoints[$mountType] = $mount;
}
self::writeData($isPersonal, $mountPoints);
- return true;
+ return self::getBackendStatus($class, $classOptions);
}
/**
@@ -225,13 +302,22 @@ class OC_Mount_Config {
* @return array
*/
private static function readData($isPersonal) {
+ $parser = new \OC\ArrayParser();
if ($isPersonal) {
- $file = OC_User::getHome(OCP\User::getUser()).'/mount.php';
+ $phpFile = OC_User::getHome(OCP\User::getUser()).'/mount.php';
+ $jsonFile = OC_User::getHome(OCP\User::getUser()).'/mount.json';
} else {
- $file = OC::$SERVERROOT.'/config/mount.php';
+ $datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data");
+ $phpFile = OC::$SERVERROOT.'/config/mount.php';
+ $jsonFile = $datadir . '/mount.json';
}
- if (is_file($file)) {
- $mountPoints = include($file);
+ if (is_file($jsonFile)) {
+ $mountPoints = json_decode(file_get_contents($jsonFile), true);
+ if (is_array($mountPoints)) {
+ return $mountPoints;
+ }
+ } elseif (is_file($phpFile)) {
+ $mountPoints = $parser->parsePHP(file_get_contents($phpFile));
if (is_array($mountPoints)) {
return $mountPoints;
}
@@ -246,35 +332,12 @@ class OC_Mount_Config {
*/
private static function writeData($isPersonal, $data) {
if ($isPersonal) {
- $file = OC_User::getHome(OCP\User::getUser()).'/mount.php';
+ $file = OC_User::getHome(OCP\User::getUser()).'/mount.json';
} else {
- $file = OC::$SERVERROOT.'/config/mount.php';
+ $datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data");
+ $file = $datadir . '/mount.json';
}
- $content = "<?php return array (\n";
- if (isset($data[self::MOUNT_TYPE_GROUP])) {
- $content .= "\t'group' => array (\n";
- foreach ($data[self::MOUNT_TYPE_GROUP] as $group => $mounts) {
- $content .= "\t\t'".$group."' => array (\n";
- foreach ($mounts as $mountPoint => $mount) {
- $content .= "\t\t\t'".$mountPoint."' => ".str_replace("\n", '', var_export($mount, true)).",\n";
-
- }
- $content .= "\t\t),\n";
- }
- $content .= "\t),\n";
- }
- if (isset($data[self::MOUNT_TYPE_USER])) {
- $content .= "\t'user' => array (\n";
- foreach ($data[self::MOUNT_TYPE_USER] as $user => $mounts) {
- $content .= "\t\t'".$user."' => array (\n";
- foreach ($mounts as $mountPoint => $mount) {
- $content .= "\t\t\t'".$mountPoint."' => ".str_replace("\n", '', var_export($mount, true)).",\n";
- }
- $content .= "\t\t),\n";
- }
- $content .= "\t),\n";
- }
- $content .= ");\n?>";
+ $content = json_encode($data);
@file_put_contents($file, $content);
}
@@ -285,14 +348,19 @@ class OC_Mount_Config {
public static function getCertificates() {
$view = \OCP\Files::getStorage('files_external');
$path=\OCP\Config::getSystemValue('datadirectory').$view->getAbsolutePath("").'uploads/';
- if (!is_dir($path)) mkdir($path);
+ \OCP\Util::writeLog('files_external', 'checking path '.$path, \OCP\Util::INFO);
+ if ( ! is_dir($path)) {
+ //path might not exist (e.g. non-standard OC_User::getHome() value)
+ //in this case create full path using 3rd (recursive=true) parameter.
+ mkdir($path, 0777, true);
+ }
$result = array();
$handle = opendir($path);
- if (!$handle) {
+ if ( ! $handle) {
return array();
}
while (false !== ($file = readdir($handle))) {
- if($file != '.' && $file != '..') $result[] = $file;
+ if ($file != '.' && $file != '..') $result[] = $file;
}
return $result;
}
@@ -322,4 +390,42 @@ class OC_Mount_Config {
return true;
}
+ /**
+ * check if smbclient is installed
+ */
+ public static function checksmbclient() {
+ if(function_exists('shell_exec')) {
+ $output=shell_exec('which smbclient');
+ return (empty($output)?false:true);
+ }else{
+ return(false);
+ }
+ }
+
+ /**
+ * check if php-ftp is installed
+ */
+ public static function checkphpftp() {
+ if(function_exists('ftp_login')) {
+ return(true);
+ }else{
+ return(false);
+ }
+ }
+
+ /**
+ * check dependencies
+ */
+ public static function checkDependencies() {
+ $l= new OC_L10N('files_external');
+ $txt='';
+ if(!OC_Mount_Config::checksmbclient()) {
+ $txt.=$l->t('<b>Warning:</b> "smbclient" is not installed. Mounting of CIFS/SMB shares is not possible. Please ask your system administrator to install it.').'<br />';
+ }
+ if(!OC_Mount_Config::checkphpftp()) {
+ $txt.=$l->t('<b>Warning:</b> The FTP support in PHP is not enabled or installed. Mounting of FTP shares is not possible. Please ask your system administrator to install it.').'<br />';
+ }
+
+ return($txt);
+ }
}
diff --git a/apps/files_external/lib/dropbox.php b/apps/files_external/lib/dropbox.php
index c8220832702..cb04e557f8a 100755
--- a/apps/files_external/lib/dropbox.php
+++ b/apps/files_external/lib/dropbox.php
@@ -20,38 +20,47 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
+namespace OC\Files\Storage;
+
require_once 'Dropbox/autoload.php';
-class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
+class Dropbox extends \OC\Files\Storage\Common {
private $dropbox;
private $root;
+ private $id;
private $metaData = array();
private static $tempFiles = array();
public function __construct($params) {
- if (isset($params['configured']) && $params['configured'] == 'true' && isset($params['app_key']) && isset($params['app_secret']) && isset($params['token']) && isset($params['token_secret'])) {
- $this->root=isset($params['root'])?$params['root']:'';
- $oauth = new Dropbox_OAuth_Curl($params['app_key'], $params['app_secret']);
+ if (isset($params['configured']) && $params['configured'] == 'true'
+ && isset($params['app_key'])
+ && isset($params['app_secret'])
+ && isset($params['token'])
+ && isset($params['token_secret'])
+ ) {
+ $this->root = isset($params['root']) ? $params['root'] : '';
+ $this->id = 'dropbox::'.$params['app_key'] . $params['token']. '/' . $this->root;
+ $oauth = new \Dropbox_OAuth_Curl($params['app_key'], $params['app_secret']);
$oauth->setToken($params['token'], $params['token_secret']);
- $this->dropbox = new Dropbox_API($oauth, 'dropbox');
+ $this->dropbox = new \Dropbox_API($oauth, 'dropbox');
$this->mkdir('');
} else {
- throw new Exception('Creating OC_Filestorage_Dropbox storage failed');
+ throw new \Exception('Creating \OC\Files\Storage\Dropbox storage failed');
}
}
private function getMetaData($path, $list = false) {
$path = $this->root.$path;
- if (!$list && isset($this->metaData[$path])) {
+ if ( ! $list && isset($this->metaData[$path])) {
return $this->metaData[$path];
} else {
if ($list) {
try {
$response = $this->dropbox->getMetaData($path);
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
if ($response && isset($response['contents'])) {
@@ -71,21 +80,25 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
$response = $this->dropbox->getMetaData($path, 'false');
$this->metaData[$path] = $response;
return $response;
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
}
}
}
+ public function getId(){
+ return $this->id;
+ }
+
public function mkdir($path) {
$path = $this->root.$path;
try {
$this->dropbox->createFolder($path);
return true;
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
}
@@ -95,23 +108,24 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
}
public function opendir($path) {
- if ($contents = $this->getMetaData($path, true)) {
+ $contents = $this->getMetaData($path, true);
+ if ($contents) {
$files = array();
foreach ($contents as $file) {
$files[] = basename($file['path']);
}
- OC_FakeDirStream::$dirs['dropbox'.$path] = $files;
+ \OC\Files\Stream\Dir::register('dropbox'.$path, $files);
return opendir('fakedir://dropbox'.$path);
}
return false;
}
public function stat($path) {
- if ($metaData = $this->getMetaData($path)) {
+ $metaData = $this->getMetaData($path);
+ if ($metaData) {
$stat['size'] = $metaData['bytes'];
$stat['atime'] = time();
$stat['mtime'] = (isset($metaData['modified'])) ? strtotime($metaData['modified']) : time();
- $stat['ctime'] = $stat['mtime'];
return $stat;
}
return false;
@@ -120,11 +134,14 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
public function filetype($path) {
if ($path == '' || $path == '/') {
return 'dir';
- } else if ($metaData = $this->getMetaData($path)) {
- if ($metaData['is_dir'] == 'true') {
- return 'dir';
- } else {
- return 'file';
+ } else {
+ $metaData = $this->getMetaData($path);
+ if ($metaData) {
+ if ($metaData['is_dir'] == 'true') {
+ return 'dir';
+ } else {
+ return 'file';
+ }
}
}
return false;
@@ -153,8 +170,8 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
try {
$this->dropbox->delete($path);
return true;
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
}
@@ -165,8 +182,8 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
try {
$this->dropbox->move($path1, $path2);
return true;
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
}
@@ -177,8 +194,8 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
try {
$this->dropbox->copy($path1, $path2);
return true;
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
}
@@ -188,13 +205,13 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
switch ($mode) {
case 'r':
case 'rb':
- $tmpFile = OC_Helper::tmpFile();
+ $tmpFile = \OC_Helper::tmpFile();
try {
$data = $this->dropbox->getFile($path);
file_put_contents($tmpFile, $data);
return fopen($tmpFile, 'r');
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
case 'w':
@@ -214,8 +231,8 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
} else {
$ext = '';
}
- $tmpFile = OC_Helper::tmpFile($ext);
- OC_CloseStreamWrapper::$callBacks[$tmpFile] = array($this, 'writeBack');
+ $tmpFile = \OC_Helper::tmpFile($ext);
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
if ($this->file_exists($path)) {
$source = $this->fopen($path, 'r');
file_put_contents($tmpFile, $source);
@@ -232,8 +249,8 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
try {
$this->dropbox->putFile(self::$tempFiles[$tmpFile], $handle);
unlink($tmpFile);
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
}
}
}
@@ -241,8 +258,11 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
public function getMimeType($path) {
if ($this->filetype($path) == 'dir') {
return 'httpd/unix-directory';
- } else if ($metaData = $this->getMetaData($path)) {
- return $metaData['mime_type'];
+ } else {
+ $metaData = $this->getMetaData($path);
+ if ($metaData) {
+ return $metaData['mime_type'];
+ }
}
return false;
}
@@ -251,8 +271,8 @@ class OC_Filestorage_Dropbox extends OC_Filestorage_Common {
try {
$info = $this->dropbox->getAccountInfo();
return $info['quota_info']['quota'] - $info['quota_info']['normal'];
- } catch (Exception $exception) {
- OCP\Util::writeLog('files_external', $exception->getMessage(), OCP\Util::ERROR);
+ } catch (\Exception $exception) {
+ \OCP\Util::writeLog('files_external', $exception->getMessage(), \OCP\Util::ERROR);
return false;
}
}
diff --git a/apps/files_external/lib/ftp.php b/apps/files_external/lib/ftp.php
index 261141455cc..8a7375ebe38 100644
--- a/apps/files_external/lib/ftp.php
+++ b/apps/files_external/lib/ftp.php
@@ -6,7 +6,9 @@
* See the COPYING-README file.
*/
-class OC_FileStorage_FTP extends OC_FileStorage_StreamWrapper{
+namespace OC\Files\Storage;
+
+class FTP extends \OC\Files\Storage\StreamWrapper{
private $password;
private $user;
private $host;
@@ -16,34 +18,52 @@ class OC_FileStorage_FTP extends OC_FileStorage_StreamWrapper{
private static $tempFiles=array();
public function __construct($params) {
- $this->host=$params['host'];
- $this->user=$params['user'];
- $this->password=$params['password'];
- $this->secure=isset($params['secure'])?(bool)$params['secure']:false;
- $this->root=isset($params['root'])?$params['root']:'/';
- if(!$this->root || $this->root[0]!='/') {
- $this->root='/'.$this->root;
- }
- //create the root folder if necesary
- if (!$this->is_dir('')) {
- $this->mkdir('');
+ if (isset($params['host']) && isset($params['user']) && isset($params['password'])) {
+ $this->host=$params['host'];
+ $this->user=$params['user'];
+ $this->password=$params['password'];
+ if (isset($params['secure'])) {
+ if (is_string($params['secure'])) {
+ $this->secure = ($params['secure'] === 'true');
+ } else {
+ $this->secure = (bool)$params['secure'];
+ }
+ } else {
+ $this->secure = false;
+ }
+ $this->root=isset($params['root'])?$params['root']:'/';
+ if ( ! $this->root || $this->root[0]!='/') {
+ $this->root='/'.$this->root;
+ }
+ //create the root folder if necessary
+ if ( ! $this->is_dir('')) {
+ $this->mkdir('');
+ }
+ } else {
+ throw new \Exception();
}
+
+ }
+
+ public function getId(){
+ return 'ftp::' . $this->user . '@' . $this->host . '/' . $this->root;
}
/**
* construct the ftp url
- * @param string path
+ * @param string $path
* @return string
*/
public function constructUrl($path) {
$url='ftp';
- if($this->secure) {
+ if ($this->secure) {
$url.='s';
}
$url.='://'.$this->user.':'.$this->password.'@'.$this->host.$this->root.$path;
return $url;
}
public function fopen($path,$mode) {
+ $this->init();
switch($mode) {
case 'r':
case 'rb':
@@ -53,7 +73,7 @@ class OC_FileStorage_FTP extends OC_FileStorage_StreamWrapper{
case 'ab':
//these are supported by the wrapper
$context = stream_context_create(array('ftp' => array('overwrite' => true)));
- return fopen($this->constructUrl($path),$mode,false,$context);
+ return fopen($this->constructUrl($path), $mode, false, $context);
case 'r+':
case 'w+':
case 'wb+':
@@ -63,24 +83,26 @@ class OC_FileStorage_FTP extends OC_FileStorage_StreamWrapper{
case 'c':
case 'c+':
//emulate these
- if(strrpos($path,'.')!==false) {
- $ext=substr($path,strrpos($path,'.'));
- }else{
+ if (strrpos($path, '.')!==false) {
+ $ext=substr($path, strrpos($path, '.'));
+ } else {
$ext='';
}
- $tmpFile=OCP\Files::tmpFile($ext);
- OC_CloseStreamWrapper::$callBacks[$tmpFile]=array($this,'writeBack');
- if($this->file_exists($path)) {
- $this->getFile($path,$tmpFile);
+ $tmpFile=\OCP\Files::tmpFile($ext);
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
+ if ($this->file_exists($path)) {
+ $this->getFile($path, $tmpFile);
}
self::$tempFiles[$tmpFile]=$path;
- return fopen('close://'.$tmpFile,$mode);
+ return fopen('close://'.$tmpFile, $mode);
}
+ return false;
}
public function writeBack($tmpFile) {
- if(isset(self::$tempFiles[$tmpFile])) {
- $this->uploadFile($tmpFile,self::$tempFiles[$tmpFile]);
+ $this->init();
+ if (isset(self::$tempFiles[$tmpFile])) {
+ $this->uploadFile($tmpFile, self::$tempFiles[$tmpFile]);
unlink($tmpFile);
}
}
diff --git a/apps/files_external/lib/google.php b/apps/files_external/lib/google.php
index 9b83dcee537..ec7de3f3570 100644
--- a/apps/files_external/lib/google.php
+++ b/apps/files_external/lib/google.php
@@ -20,31 +20,45 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
+namespace OC\Files\Storage;
+
require_once 'Google/common.inc.php';
-class OC_Filestorage_Google extends OC_Filestorage_Common {
+class Google extends \OC\Files\Storage\Common {
private $consumer;
private $oauth_token;
private $sig_method;
private $entries;
+ private $id;
private static $tempFiles = array();
public function __construct($params) {
- if (isset($params['configured']) && $params['configured'] == 'true' && isset($params['token']) && isset($params['token_secret'])) {
+ if (isset($params['configured']) && $params['configured'] == 'true'
+ && isset($params['token'])
+ && isset($params['token_secret'])
+ ) {
$consumer_key = isset($params['consumer_key']) ? $params['consumer_key'] : 'anonymous';
$consumer_secret = isset($params['consumer_secret']) ? $params['consumer_secret'] : 'anonymous';
- $this->consumer = new OAuthConsumer($consumer_key, $consumer_secret);
- $this->oauth_token = new OAuthToken($params['token'], $params['token_secret']);
- $this->sig_method = new OAuthSignatureMethod_HMAC_SHA1();
+ $this->id = 'google::' . $params['token'];
+ $this->consumer = new \OAuthConsumer($consumer_key, $consumer_secret);
+ $this->oauth_token = new \OAuthToken($params['token'], $params['token_secret']);
+ $this->sig_method = new \OAuthSignatureMethod_HMAC_SHA1();
$this->entries = array();
} else {
- throw new Exception('Creating OC_Filestorage_Google storage failed');
+ throw new \Exception('Creating \OC\Files\Storage\Google storage failed');
}
}
- private function sendRequest($uri, $httpMethod, $postData = null, $extraHeaders = null, $isDownload = false, $returnHeaders = false, $isContentXML = true, $returnHTTPCode = false) {
+ private function sendRequest($uri,
+ $httpMethod,
+ $postData = null,
+ $extraHeaders = null,
+ $isDownload = false,
+ $returnHeaders = false,
+ $isContentXML = true,
+ $returnHTTPCode = false) {
$uri = trim($uri);
// create an associative array from each key/value url query param pair.
$params = array();
@@ -58,7 +72,11 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
$tempStr .= '&' . urlencode($key) . '=' . urlencode($value);
}
$uri = preg_replace('/&/', '?', $tempStr, 1);
- $request = OAuthRequest::from_consumer_and_token($this->consumer, $this->oauth_token, $httpMethod, $uri, $params);
+ $request = \OAuthRequest::from_consumer_and_token($this->consumer,
+ $this->oauth_token,
+ $httpMethod,
+ $uri,
+ $params);
$request->sign_request($this->sig_method, $this->consumer, $this->oauth_token);
$auth_header = $request->to_header();
$headers = array($auth_header, 'GData-Version: 3.0');
@@ -96,7 +114,7 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
}
if ($isDownload) {
- $tmpFile = OC_Helper::tmpFile();
+ $tmpFile = \OC_Helper::tmpFile();
$handle = fopen($tmpFile, 'w');
curl_setopt($curl, CURLOPT_FILE, $handle);
}
@@ -125,13 +143,18 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
private function getFeed($feedUri, $httpMethod, $postData = null) {
$result = $this->sendRequest($feedUri, $httpMethod, $postData);
if ($result) {
- $dom = new DOMDocument();
+ $dom = new \DOMDocument();
$dom->loadXML($result);
return $dom;
}
return false;
}
+ /**
+ * Base url for google docs feeds
+ */
+ const BASE_URI='https://docs.google.com/feeds';
+
private function getResource($path) {
$file = basename($path);
if (array_key_exists($file, $this->entries)) {
@@ -140,14 +163,14 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
// Strip the file extension; file could be a native Google Docs resource
if ($pos = strpos($file, '.')) {
$title = substr($file, 0, $pos);
- $dom = $this->getFeed('https://docs.google.com/feeds/default/private/full?showfolders=true&title='.$title, 'GET');
+ $dom = $this->getFeed(self::BASE_URI.'/default/private/full?showfolders=true&title='.$title, 'GET');
// Check if request was successful and entry exists
if ($dom && $entry = $dom->getElementsByTagName('entry')->item(0)) {
$this->entries[$file] = $entry;
return $entry;
}
}
- $dom = $this->getFeed('https://docs.google.com/feeds/default/private/full?showfolders=true&title='.$file, 'GET');
+ $dom = $this->getFeed(self::BASE_URI.'/default/private/full?showfolders=true&title='.$file, 'GET');
// Check if request was successful and entry exists
if ($dom && $entry = $dom->getElementsByTagName('entry')->item(0)) {
$this->entries[$file] = $entry;
@@ -175,25 +198,33 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
}
+ public function getId(){
+ return $this->id;
+ }
public function mkdir($path) {
$collection = dirname($path);
// Check if path parent is root directory
if ($collection == '/' || $collection == '\.' || $collection == '.') {
- $uri = 'https://docs.google.com/feeds/default/private/full';
- // Get parent content link
- } else if ($dom = $this->getResource(basename($collection))) {
- $uri = $dom->getElementsByTagName('content')->item(0)->getAttribute('src');
+ $uri = self::BASE_URI.'/default/private/full';
+ } else {
+ // Get parent content link
+ $dom = $this->getResource(basename($collection));
+ if ($dom) {
+ $uri = $dom->getElementsByTagName('content')->item(0)->getAttribute('src');
+ }
}
if (isset($uri)) {
$title = basename($path);
// Construct post data
$postData = '<?xml version="1.0" encoding="UTF-8"?>';
$postData .= '<entry xmlns="http://www.w3.org/2005/Atom">';
- $postData .= '<category scheme="http://schemas.google.com/g/2005#kind" term="http://schemas.google.com/docs/2007#folder"/>';
+ $postData .= '<category scheme="http://schemas.google.com/g/2005#kind"';
+ $postData .= ' term="http://schemas.google.com/docs/2007#folder"/>';
$postData .= '<title>'.$title.'</title>';
$postData .= '</entry>';
- if ($dom = $this->sendRequest($uri, 'POST', $postData)) {
+ $dom = $this->sendRequest($uri, 'POST', $postData);
+ if ($dom) {
return true;
}
}
@@ -206,9 +237,10 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
public function opendir($path) {
if ($path == '' || $path == '/') {
- $next = 'https://docs.google.com/feeds/default/private/full/folder%3Aroot/contents';
+ $next = self::BASE_URI.'/default/private/full/folder%3Aroot/contents';
} else {
- if ($entry = $this->getResource($path)) {
+ $entry = $this->getResource($path);
+ if ($entry) {
$next = $entry->getElementsByTagName('content')->item(0)->getAttribute('src');
} else {
return false;
@@ -230,18 +262,18 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
foreach ($entries as $entry) {
$name = $entry->getElementsByTagName('title')->item(0)->nodeValue;
// Google Docs resources don't always include extensions in title
- if (!strpos($name, '.')) {
+ if ( ! strpos($name, '.')) {
$extension = $this->getExtension($entry);
if ($extension != '') {
$name .= '.'.$extension;
}
}
- $files[] = $name;
+ $files[] = basename($name);
// Cache entry for future use
$this->entries[$name] = $entry;
}
}
- OC_FakeDirStream::$dirs['google'.$path] = $files;
+ \OC\Files\Stream\Dir::register('google'.$path, $files);
return opendir('fakedir://google'.$path);
}
@@ -251,13 +283,18 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
$stat['atime'] = time();
$stat['mtime'] = time();
$stat['ctime'] = time();
- } else if ($entry = $this->getResource($path)) {
- // NOTE: Native resources don't have a file size
- $stat['size'] = $entry->getElementsByTagNameNS('http://schemas.google.com/g/2005', 'quotaBytesUsed')->item(0)->nodeValue;
-// if (isset($atime = $entry->getElementsByTagNameNS('http://schemas.google.com/g/2005', 'lastViewed')->item(0)->nodeValue))
-// $stat['atime'] = strtotime($entry->getElementsByTagNameNS('http://schemas.google.com/g/2005', 'lastViewed')->item(0)->nodeValue);
- $stat['mtime'] = strtotime($entry->getElementsByTagName('updated')->item(0)->nodeValue);
- $stat['ctime'] = strtotime($entry->getElementsByTagName('published')->item(0)->nodeValue);
+ } else {
+ $entry = $this->getResource($path);
+ if ($entry) {
+ // NOTE: Native resources don't have a file size
+ $stat['size'] = $entry->getElementsByTagNameNS('http://schemas.google.com/g/2005',
+ 'quotaBytesUsed')->item(0)->nodeValue;
+ //if (isset($atime = $entry->getElementsByTagNameNS('http://schemas.google.com/g/2005',
+ // 'lastViewed')->item(0)->nodeValue))
+ //$stat['atime'] = strtotime($entry->getElementsByTagNameNS('http://schemas.google.com/g/2005',
+ // 'lastViewed')->item(0)->nodeValue);
+ $stat['mtime'] = strtotime($entry->getElementsByTagName('updated')->item(0)->nodeValue);
+ }
}
if (isset($stat)) {
return $stat;
@@ -268,15 +305,18 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
public function filetype($path) {
if ($path == '' || $path == '/') {
return 'dir';
- } else if ($entry = $this->getResource($path)) {
- $categories = $entry->getElementsByTagName('category');
- foreach ($categories as $category) {
- if ($category->getAttribute('scheme') == 'http://schemas.google.com/g/2005#kind') {
- $type = $category->getAttribute('label');
- if (strlen(strstr($type, 'folder')) > 0) {
- return 'dir';
- } else {
- return 'file';
+ } else {
+ $entry = $this->getResource($path);
+ if ($entry) {
+ $categories = $entry->getElementsByTagName('category');
+ foreach ($categories as $category) {
+ if ($category->getAttribute('scheme') == 'http://schemas.google.com/g/2005#kind') {
+ $type = $category->getAttribute('label');
+ if (strlen(strstr($type, 'folder')) > 0) {
+ return 'dir';
+ } else {
+ return 'file';
+ }
}
}
}
@@ -291,14 +331,17 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
public function isUpdatable($path) {
if ($path == '' || $path == '/') {
return true;
- } else if ($entry = $this->getResource($path)) {
- // Check if edit or edit-media links exist
- $links = $entry->getElementsByTagName('link');
- foreach ($links as $link) {
- if ($link->getAttribute('rel') == 'edit') {
- return true;
- } else if ($link->getAttribute('rel') == 'edit-media') {
- return true;
+ } else {
+ $entry = $this->getResource($path);
+ if ($entry) {
+ // Check if edit or edit-media links exist
+ $links = $entry->getElementsByTagName('link');
+ foreach ($links as $link) {
+ if ($link->getAttribute('rel') == 'edit') {
+ return true;
+ } else if ($link->getAttribute('rel') == 'edit-media') {
+ return true;
+ }
}
}
}
@@ -316,7 +359,8 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
public function unlink($path) {
// Get resource self link to trash resource
- if ($entry = $this->getResource($path)) {
+ $entry = $this->getResource($path);
+ if ($entry) {
$links = $entry->getElementsByTagName('link');
foreach ($links as $link) {
if ($link->getAttribute('rel') == 'self') {
@@ -333,7 +377,8 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
public function rename($path1, $path2) {
- if ($entry = $this->getResource($path1)) {
+ $entry = $this->getResource($path1);
+ if ($entry) {
$collection = dirname($path2);
if (dirname($path1) == $collection) {
// Get resource edit link to rename resource
@@ -348,14 +393,18 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
$title = basename($path2);
// Construct post data
$postData = '<?xml version="1.0" encoding="UTF-8"?>';
- $postData .= '<entry xmlns="http://www.w3.org/2005/Atom" xmlns:docs="http://schemas.google.com/docs/2007" xmlns:gd="http://schemas.google.com/g/2005" gd:etag='.$etag.'>';
+ $postData .= '<entry xmlns="http://www.w3.org/2005/Atom"';
+ $postData .= ' xmlns:docs="http://schemas.google.com/docs/2007"';
+ $postData .= ' xmlns:gd="http://schemas.google.com/g/2005"';
+ $postData .= ' gd:etag='.$etag.'>';
$postData .= '<title>'.$title.'</title>';
$postData .= '</entry>';
$this->sendRequest($uri, 'PUT', $postData);
return true;
} else {
// Move to different collection
- if ($collectionEntry = $this->getResource($collection)) {
+ $collectionEntry = $this->getResource($collection);
+ if ($collectionEntry) {
$feedUri = $collectionEntry->getElementsByTagName('content')->item(0)->getAttribute('src');
// Construct post data
$postData = '<?xml version="1.0" encoding="UTF-8"?>';
@@ -374,7 +423,8 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
switch ($mode) {
case 'r':
case 'rb':
- if ($entry = $this->getResource($path)) {
+ $entry = $this->getResource($path);
+ if ($entry) {
$extension = $this->getExtension($entry);
$downloadUri = $entry->getElementsByTagName('content')->item(0)->getAttribute('src');
// TODO Non-native documents don't need these additional parameters
@@ -394,13 +444,13 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
case 'x+':
case 'c':
case 'c+':
- if (strrpos($path,'.') !== false) {
- $ext = substr($path,strrpos($path,'.'));
+ if (strrpos($path, '.') !== false) {
+ $ext = substr($path, strrpos($path, '.'));
} else {
$ext = '';
}
- $tmpFile = OC_Helper::tmpFile($ext);
- OC_CloseStreamWrapper::$callBacks[$tmpFile] = array($this, 'writeBack');
+ $tmpFile = \OC_Helper::tmpFile($ext);
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
if ($this->file_exists($path)) {
$source = $this->fopen($path, 'r');
file_put_contents($tmpFile, $source);
@@ -420,14 +470,14 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
private function uploadFile($path, $target) {
$entry = $this->getResource($target);
- if (!$entry) {
+ if ( ! $entry) {
if (dirname($target) == '.' || dirname($target) == '/') {
- $uploadUri = 'https://docs.google.com/feeds/upload/create-session/default/private/full/folder%3Aroot/contents';
+ $uploadUri = self::BASE_URI.'/upload/create-session/default/private/full/folder%3Aroot/contents';
} else {
$entry = $this->getResource(dirname($target));
}
}
- if (!isset($uploadUri) && $entry) {
+ if ( ! isset($uploadUri) && $entry) {
$links = $entry->getElementsByTagName('link');
foreach ($links as $link) {
if ($link->getAttribute('rel') == 'http://schemas.google.com/g/2005#resumable-create-media') {
@@ -438,7 +488,7 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
if (isset($uploadUri) && $handle = fopen($path, 'r')) {
$uploadUri .= '?convert=false';
- $mimetype = OC_Helper::getMimeType($path);
+ $mimetype = \OC_Helper::getMimeType($path);
$size = filesize($path);
$headers = array('X-Upload-Content-Type: ' => $mimetype, 'X-Upload-Content-Length: ' => $size);
$postData = '<?xml version="1.0" encoding="UTF-8"?>';
@@ -466,7 +516,9 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
}
$end = $i + $chunkSize - 1;
- $headers = array('Content-Length: '.$chunkSize, 'Content-Type: '.$mimetype, 'Content-Range: bytes '.$i.'-'.$end.'/'.$size);
+ $headers = array('Content-Length: '.$chunkSize,
+ 'Content-Type: '.$mimetype,
+ 'Content-Range: bytes '.$i.'-'.$end.'/'.$size);
$postData = fread($handle, $chunkSize);
$result = $this->sendRequest($uploadUri, 'PUT', $postData, $headers, false, true, false, true);
if ($result['code'] == '308') {
@@ -484,7 +536,8 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
public function getMimeType($path, $entry = null) {
- // Entry can be passed, because extension is required for opendir and the entry can't be cached without the extension
+ // Entry can be passed, because extension is required for opendir
+ // and the entry can't be cached without the extension
if ($entry == null) {
if ($path == '' || $path == '/') {
return 'httpd/unix-directory';
@@ -494,8 +547,10 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
if ($entry) {
$mimetype = $entry->getElementsByTagName('content')->item(0)->getAttribute('type');
- // Native Google Docs resources often default to text/html, but it may be more useful to default to a corresponding ODF mimetype
- // Collections get reported as application/atom+xml, make sure it actually is a folder and fix the mimetype
+ // Native Google Docs resources often default to text/html,
+ // but it may be more useful to default to a corresponding ODF mimetype
+ // Collections get reported as application/atom+xml,
+ // make sure it actually is a folder and fix the mimetype
if ($mimetype == 'text/html' || $mimetype == 'application/atom+xml;type=feed') {
$categories = $entry->getElementsByTagName('category');
foreach ($categories as $category) {
@@ -512,7 +567,8 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
} else if (strlen(strstr($type, 'drawing')) > 0) {
return 'application/vnd.oasis.opendocument.graphics';
} else {
- // If nothing matches return text/html, all native Google Docs resources can be exported as text/html
+ // If nothing matches return text/html,
+ // all native Google Docs resources can be exported as text/html
return 'text/html';
}
}
@@ -524,10 +580,13 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
public function free_space($path) {
- if ($dom = $this->getFeed('https://docs.google.com/feeds/metadata/default', 'GET')) {
+ $dom = $this->getFeed(self::BASE_URI.'/metadata/default', 'GET');
+ if ($dom) {
// NOTE: Native Google Docs resources don't count towards quota
- $total = $dom->getElementsByTagNameNS('http://schemas.google.com/g/2005', 'quotaBytesTotal')->item(0)->nodeValue;
- $used = $dom->getElementsByTagNameNS('http://schemas.google.com/g/2005', 'quotaBytesUsed')->item(0)->nodeValue;
+ $total = $dom->getElementsByTagNameNS('http://schemas.google.com/g/2005',
+ 'quotaBytesTotal')->item(0)->nodeValue;
+ $used = $dom->getElementsByTagNameNS('http://schemas.google.com/g/2005',
+ 'quotaBytesUsed')->item(0)->nodeValue;
return $total - $used;
}
return false;
@@ -537,4 +596,11 @@ class OC_Filestorage_Google extends OC_Filestorage_Common {
}
-} \ No newline at end of file
+ public function test() {
+ if ($this->free_space('')) {
+ return true;
+ }
+ return false;
+ }
+
+}
diff --git a/apps/files_external/lib/sftp.php b/apps/files_external/lib/sftp.php
new file mode 100644
index 00000000000..ede6c251fd9
--- /dev/null
+++ b/apps/files_external/lib/sftp.php
@@ -0,0 +1,288 @@
+<?php
+/**
+ * Copyright (c) 2012 Henrik Kjölhede <hkjolhede@gmail.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+namespace OC\Files\Storage;
+
+set_include_path(get_include_path() . PATH_SEPARATOR .
+ \OC_App::getAppPath('files_external') . '/3rdparty/phpseclib/phpseclib');
+require 'Net/SFTP.php';
+
+class SFTP extends \OC\Files\Storage\Common {
+ private $host;
+ private $user;
+ private $password;
+ private $root;
+
+ private $client;
+
+ private static $tempFiles = array();
+
+ public function __construct($params) {
+ $this->host = $params['host'];
+ $proto = strpos($this->host, '://');
+ if ($proto != false) {
+ $this->host = substr($this->host, $proto+3);
+ }
+ $this->user = $params['user'];
+ $this->password = $params['password'];
+ $this->root = isset($params['root']) ? $this->cleanPath($params['root']) : '/';
+ if ($this->root[0] != '/') $this->root = '/' . $this->root;
+ if (substr($this->root, -1, 1) != '/') $this->root .= '/';
+
+ $host_keys = $this->read_host_keys();
+
+ $this->client = new \Net_SFTP($this->host);
+ if (!$this->client->login($this->user, $this->password)) {
+ throw new \Exception('Login failed');
+ }
+
+ $current_host_key = $this->client->getServerPublicHostKey();
+
+ if (array_key_exists($this->host, $host_keys)) {
+ if ($host_keys[$this->host] != $current_host_key) {
+ throw new \Exception('Host public key does not match known key');
+ }
+ } else {
+ $host_keys[$this->host] = $current_host_key;
+ $this->write_host_keys($host_keys);
+ }
+
+ if(!$this->file_exists('')){
+ $this->mkdir('');
+ }
+ }
+
+ public function test() {
+ if (!isset($params['host']) || !isset($params['user']) || !isset($params['password'])) {
+ throw new \Exception("Required parameters not set");
+ }
+ }
+
+ public function getId(){
+ return 'sftp::' . $this->user . '@' . $this->host . '/' . $this->root;
+ }
+
+ private function abs_path($path) {
+ return $this->root . $this->cleanPath($path);
+ }
+
+ private function host_keys_path() {
+ try {
+ $storage_view = \OCP\Files::getStorage('files_external');
+ if ($storage_view) {
+ return \OCP\Config::getSystemValue('datadirectory') .
+ $storage_view->getAbsolutePath('') .
+ 'ssh_host_keys';
+ }
+ } catch (\Exception $e) {
+ }
+ return false;
+ }
+
+ private function write_host_keys($keys) {
+ try {
+ $key_path = $this->host_keys_path();
+ $fp = fopen($key_path, 'w');
+ foreach ($keys as $host => $key) {
+ fwrite($fp, $host . '::' . $key . "\n");
+ }
+ fclose($fp);
+ return true;
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ private function read_host_keys() {
+ try {
+ $key_path = $this->host_keys_path();
+ if (file_exists($key_path)) {
+ $hosts = array();
+ $keys = array();
+ $lines = file($key_path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
+ if ($lines) {
+ foreach ($lines as $line) {
+ $host_key_arr = explode("::", $line, 2);
+ if (count($host_key_arr) == 2) {
+ $hosts[] = $host_key_arr[0];
+ $keys[] = $host_key_arr[1];
+ }
+ }
+ return array_combine($hosts, $keys);
+ }
+ }
+ } catch (\Exception $e) {
+ }
+ return array();
+ }
+
+ public function mkdir($path) {
+ try {
+ return $this->client->mkdir($this->abs_path($path));
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ public function rmdir($path) {
+ try {
+ return $this->client->delete($this->abs_path($path), true);
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ public function opendir($path) {
+ try {
+ $list = $this->client->nlist($this->abs_path($path));
+
+ $id = md5('sftp:' . $path);
+ $dir_stream = array();
+ foreach($list as $file) {
+ if ($file != '.' && $file != '..') {
+ $dir_stream[] = $file;
+ }
+ }
+ \OC\Files\Stream\Dir::register($id, $dir_stream);
+ return opendir('fakedir://' . $id);
+ } catch(\Exception $e) {
+ return false;
+ }
+ }
+
+ public function filetype($path) {
+ try {
+ $stat = $this->client->stat($this->abs_path($path));
+ if ($stat['type'] == NET_SFTP_TYPE_REGULAR) return 'file';
+ if ($stat['type'] == NET_SFTP_TYPE_DIRECTORY) return 'dir';
+ } catch (\Exeption $e) {
+ }
+ return false;
+ }
+
+ public function isReadable($path) {
+ return true;
+ }
+
+ public function isUpdatable($path) {
+ return true;
+ }
+
+ public function file_exists($path) {
+ try {
+ return $this->client->stat($this->abs_path($path)) === false ? false : true;
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ public function unlink($path) {
+ try {
+ return $this->client->delete($this->abs_path($path), true);
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ public function fopen($path, $mode) {
+ try {
+ $abs_path = $this->abs_path($path);
+ switch($mode) {
+ case 'r':
+ case 'rb':
+ if ( !$this->file_exists($path)) return false;
+ if (strrpos($path, '.')!==false) {
+ $ext=substr($path, strrpos($path, '.'));
+ } else {
+ $ext='';
+ }
+ $tmp = \OC_Helper::tmpFile($ext);
+ $this->getFile($abs_path, $tmp);
+ return fopen($tmp, $mode);
+
+ case 'w':
+ case 'wb':
+ case 'a':
+ case 'ab':
+ case 'r+':
+ case 'w+':
+ case 'wb+':
+ case 'a+':
+ case 'x':
+ case 'x+':
+ case 'c':
+ case 'c+':
+ if (strrpos($path, '.')!==false) {
+ $ext=substr($path, strrpos($path, '.'));
+ } else {
+ $ext='';
+ }
+ $tmpFile=\OC_Helper::tmpFile($ext);
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
+ if ($this->file_exists($path)) {
+ $this->getFile($abs_path, $tmpFile);
+ }
+ self::$tempFiles[$tmpFile]=$abs_path;
+ return fopen('close://'.$tmpFile, $mode);
+ }
+ } catch (\Exception $e) {
+ }
+ return false;
+ }
+
+ public function writeBack($tmpFile) {
+ if (array_key_exists($tmpFile, self::$tempFiles)) {
+ $this->uploadFile($tmpFile, self::$tempFiles[$tmpFile]);
+ unlink($tmpFile);
+ unset(self::$tempFiles[$tmpFile]);
+ }
+ }
+
+ public function touch($path, $mtime=null) {
+ try {
+ if (!is_null($mtime)) return false;
+ if (!$this->file_exists($path)) {
+ $this->client->put($this->abs_path($path), '');
+ } else {
+ return false;
+ }
+ } catch (\Exception $e) {
+ return false;
+ }
+ return true;
+ }
+
+ public function getFile($path, $target) {
+ $this->client->get($path, $target);
+ }
+
+ public function uploadFile($path, $target) {
+ $this->client->put($target, $path, NET_SFTP_LOCAL_FILE);
+ }
+
+ public function rename($source, $target) {
+ try {
+ return $this->client->rename($this->abs_path($source), $this->abs_path($target));
+ } catch (\Exception $e) {
+ return false;
+ }
+ }
+
+ public function stat($path) {
+ try {
+ $stat = $this->client->stat($this->abs_path($path));
+
+ $mtime = $stat ? $stat['mtime'] : -1;
+ $size = $stat ? $stat['size'] : 0;
+
+ return array('mtime' => $mtime, 'size' => $size, 'ctime' => -1);
+ } catch (\Exception $e) {
+ return false;
+ }
+
+ }
+}
diff --git a/apps/files_external/lib/smb.php b/apps/files_external/lib/smb.php
index eed2582dc99..961efb1a50a 100644
--- a/apps/files_external/lib/smb.php
+++ b/apps/files_external/lib/smb.php
@@ -6,9 +6,11 @@
* See the COPYING-README file.
*/
+namespace OC\Files\Storage;
+
require_once 'smb4php/smb.php';
-class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{
+class SMB extends \OC\Files\Storage\StreamWrapper{
private $password;
private $user;
private $host;
@@ -16,62 +18,67 @@ class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{
private $share;
public function __construct($params) {
- $this->host=$params['host'];
- $this->user=$params['user'];
- $this->password=$params['password'];
- $this->share=$params['share'];
- $this->root=isset($params['root'])?$params['root']:'/';
- if(!$this->root || $this->root[0]!='/') {
- $this->root='/'.$this->root;
- }
- if(substr($this->root,-1,1)!='/') {
- $this->root.='/';
- }
- if(!$this->share || $this->share[0]!='/') {
- $this->share='/'.$this->share;
- }
- if(substr($this->share,-1,1)=='/') {
- $this->share=substr($this->share,0,-1);
+ if (isset($params['host']) && isset($params['user']) && isset($params['password']) && isset($params['share'])) {
+ $this->host=$params['host'];
+ $this->user=$params['user'];
+ $this->password=$params['password'];
+ $this->share=$params['share'];
+ $this->root=isset($params['root'])?$params['root']:'/';
+ if ( ! $this->root || $this->root[0]!='/') {
+ $this->root='/'.$this->root;
+ }
+ if (substr($this->root, -1, 1)!='/') {
+ $this->root.='/';
+ }
+ if ( ! $this->share || $this->share[0]!='/') {
+ $this->share='/'.$this->share;
+ }
+ if (substr($this->share, -1, 1)=='/') {
+ $this->share = substr($this->share, 0, -1);
+ }
+ } else {
+ throw new \Exception();
}
+ }
- //create the root folder if necesary
- if(!$this->is_dir('')) {
- $this->mkdir('');
- }
+ public function getId(){
+ return 'smb::' . $this->user . '@' . $this->host . '/' . $this->share . '/' . $this->root;
}
public function constructUrl($path) {
- if(substr($path,-1)=='/') {
- $path=substr($path,0,-1);
+ if (substr($path, -1)=='/') {
+ $path=substr($path, 0, -1);
}
- return 'smb://'.$this->user.':'.$this->password.'@'.$this->host.$this->share.$this->root.$path;
+ $path = urlencode($path);
+ $user = urlencode($this->user);
+ $pass = urlencode($this->password);
+ return 'smb://'.$user.':'.$pass.'@'.$this->host.$this->share.$this->root.$path;
}
public function stat($path) {
- if(!$path and $this->root=='/') {//mtime doesn't work for shares
+ if ( ! $path and $this->root=='/') {//mtime doesn't work for shares
$mtime=$this->shareMTime();
$stat=stat($this->constructUrl($path));
$stat['mtime']=$mtime;
return $stat;
- }else{
+ } else {
return stat($this->constructUrl($path));
}
}
- public function filetype($path) {
- return (bool)@$this->opendir($path) ? 'dir' : 'file';//using opendir causes the same amount of requests and caches the content of the folder in one go
- }
-
/**
* check if a file or folder has been updated since $time
+ * @param string $path
* @param int $time
* @return bool
*/
public function hasUpdated($path,$time) {
+ $this->init();
if(!$path and $this->root=='/') {
- //mtime doesn't work for shares, but giving the nature of the backend, doing a full update is still just fast enough
+ // mtime doesn't work for shares, but giving the nature of the backend,
+ // doing a full update is still just fast enough
return true;
- }else{
+ } else {
$actualTime=$this->filemtime($path);
return $actualTime>$time;
}
@@ -84,9 +91,9 @@ class OC_FileStorage_SMB extends OC_FileStorage_StreamWrapper{
$dh=$this->opendir('');
$lastCtime=0;
while($file=readdir($dh)) {
- if($file!='.' and $file!='..') {
+ if ($file!='.' and $file!='..') {
$ctime=$this->filemtime($file);
- if($ctime>$lastCtime) {
+ if ($ctime>$lastCtime) {
$lastCtime=$ctime;
}
}
diff --git a/apps/files_external/lib/streamwrapper.php b/apps/files_external/lib/streamwrapper.php
index 7263ef23253..4685877f26b 100644
--- a/apps/files_external/lib/streamwrapper.php
+++ b/apps/files_external/lib/streamwrapper.php
@@ -6,29 +6,48 @@
* See the COPYING-README file.
*/
+namespace OC\Files\Storage;
+
+abstract class StreamWrapper extends \OC\Files\Storage\Common{
+ private $ready = false;
+
+ protected function init(){
+ if($this->ready) {
+ return;
+ }
+ $this->ready = true;
+
+ //create the root folder if necesary
+ if(!$this->is_dir('')) {
+ $this->mkdir('');
+ }
+ }
-abstract class OC_FileStorage_StreamWrapper extends OC_Filestorage_Common{
abstract public function constructUrl($path);
public function mkdir($path) {
+ $this->init();
return mkdir($this->constructUrl($path));
}
public function rmdir($path) {
+ $this->init();
if($this->file_exists($path)) {
- $succes=rmdir($this->constructUrl($path));
+ $succes = rmdir($this->constructUrl($path));
clearstatcache();
return $succes;
- }else{
+ } else {
return false;
}
}
public function opendir($path) {
+ $this->init();
return opendir($this->constructUrl($path));
}
public function filetype($path) {
+ $this->init();
return filetype($this->constructUrl($path));
}
@@ -41,49 +60,51 @@ abstract class OC_FileStorage_StreamWrapper extends OC_Filestorage_Common{
}
public function file_exists($path) {
+ $this->init();
return file_exists($this->constructUrl($path));
}
public function unlink($path) {
- $succes=unlink($this->constructUrl($path));
+ $this->init();
+ $succes = unlink($this->constructUrl($path));
clearstatcache();
return $succes;
}
- public function fopen($path,$mode) {
- return fopen($this->constructUrl($path),$mode);
- }
-
- public function free_space($path) {
- return 0;
+ public function fopen($path, $mode) {
+ $this->init();
+ return fopen($this->constructUrl($path), $mode);
}
- public function touch($path,$mtime=null) {
+ public function touch($path, $mtime=null) {
+ $this->init();
if(is_null($mtime)) {
- $fh=$this->fopen($path,'a');
- fwrite($fh,'');
+ $fh = $this->fopen($path, 'a');
+ fwrite($fh, '');
fclose($fh);
- }else{
+ } else {
return false;//not supported
}
}
- public function getFile($path,$target) {
- return copy($this->constructUrl($path),$target);
+ public function getFile($path, $target) {
+ $this->init();
+ return copy($this->constructUrl($path), $target);
}
- public function uploadFile($path,$target) {
- return copy($path,$this->constructUrl($target));
+ public function uploadFile($path, $target) {
+ $this->init();
+ return copy($path, $this->constructUrl($target));
}
- public function rename($path1,$path2) {
- return rename($this->constructUrl($path1),$this->constructUrl($path2));
+ public function rename($path1, $path2) {
+ $this->init();
+ return rename($this->constructUrl($path1), $this->constructUrl($path2));
}
public function stat($path) {
+ $this->init();
return stat($this->constructUrl($path));
}
-
-
}
diff --git a/apps/files_external/lib/swift.php b/apps/files_external/lib/swift.php
index 4b0b8c25fda..68c4b48f17c 100644
--- a/apps/files_external/lib/swift.php
+++ b/apps/files_external/lib/swift.php
@@ -6,24 +6,28 @@
* See the COPYING-README file.
*/
+namespace OC\Files\Storage;
+
require_once 'php-cloudfiles/cloudfiles.php';
-class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
+class SWIFT extends \OC\Files\Storage\Common{
+ private $id;
private $host;
private $root;
private $user;
private $token;
private $secure;
+ private $ready = false;
/**
- * @var CF_Authentication auth
+ * @var \CF_Authentication auth
*/
private $auth;
/**
- * @var CF_Connection conn
+ * @var \CF_Connection conn
*/
private $conn;
/**
- * @var CF_Container rootContainer
+ * @var \CF_Container rootContainer
*/
private $rootContainer;
@@ -35,79 +39,79 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* translate directory path to container name
- * @param string path
+ * @param string $path
* @return string
*/
private function getContainerName($path) {
- $path=trim(trim($this->root,'/')."/".$path,'/.');
- return str_replace('/','\\',$path);
+ $path=trim(trim($this->root, '/') . "/".$path, '/.');
+ return str_replace('/', '\\', $path);
}
/**
* get container by path
- * @param string path
- * @return CF_Container
+ * @param string $path
+ * @return \CF_Container
*/
private function getContainer($path) {
- if($path=='' or $path=='/') {
+ if ($path=='' or $path=='/') {
return $this->rootContainer;
}
- if(isset($this->containers[$path])) {
+ if (isset($this->containers[$path])) {
return $this->containers[$path];
}
- try{
+ try {
$container=$this->conn->get_container($this->getContainerName($path));
$this->containers[$path]=$container;
return $container;
- }catch(NoSuchContainerException $e) {
+ } catch(\NoSuchContainerException $e) {
return null;
}
}
/**
* create container
- * @param string path
- * @return CF_Container
+ * @param string $path
+ * @return \CF_Container
*/
private function createContainer($path) {
- if($path=='' or $path=='/' or $path=='.') {
+ if ($path=='' or $path=='/' or $path=='.') {
return $this->conn->create_container($this->getContainerName($path));
}
$parent=dirname($path);
- if($parent=='' or $parent=='/' or $parent=='.') {
+ if ($parent=='' or $parent=='/' or $parent=='.') {
$parentContainer=$this->rootContainer;
- }else{
- if(!$this->containerExists($parent)) {
+ } else {
+ if ( ! $this->containerExists($parent)) {
$parentContainer=$this->createContainer($parent);
- }else{
+ } else {
$parentContainer=$this->getContainer($parent);
}
}
- $this->addSubContainer($parentContainer,basename($path));
+ $this->addSubContainer($parentContainer, basename($path));
return $this->conn->create_container($this->getContainerName($path));
}
/**
* get object by path
- * @param string path
- * @return CF_Object
+ * @param string $path
+ * @return \CF_Object
*/
private function getObject($path) {
- if(isset($this->objects[$path])) {
+ if (isset($this->objects[$path])) {
return $this->objects[$path];
}
$container=$this->getContainer(dirname($path));
- if(is_null($container)) {
+ if (is_null($container)) {
return null;
- }else{
+ } else {
if ($path=="/" or $path=='') {
return null;
}
- try{
+ try {
$obj=$container->get_object(basename($path));
$this->objects[$path]=$obj;
return $obj;
- }catch(NoSuchObjectException $e) {
+ } catch(\NoSuchObjectException $e) {
return null;
}
}
@@ -119,11 +123,11 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
* @return array
*/
private function getObjects($container) {
- if(is_null($container)) {
+ if (is_null($container)) {
return array();
- }else{
+ } else {
$files=$container->get_objects();
- foreach($files as &$file) {
+ foreach ($files as &$file) {
$file=$file->name;
}
return $files;
@@ -132,12 +136,12 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* create object
- * @param string path
- * @return CF_Object
+ * @param string $path
+ * @return \CF_Object
*/
private function createObject($path) {
$container=$this->getContainer(dirname($path));
- if(!is_null($container)) {
+ if ( ! is_null($container)) {
$container=$this->createContainer(dirname($path));
}
return $container->create_object(basename($path));
@@ -154,7 +158,7 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* check if container for path exists
- * @param string path
+ * @param string $path
* @return bool
*/
private function containerExists($path) {
@@ -163,21 +167,21 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* get the list of emulated sub containers
- * @param CF_Container container
+ * @param \CF_Container $container
* @return array
*/
private function getSubContainers($container) {
- $tmpFile=OCP\Files::tmpFile();
+ $tmpFile=\OCP\Files::tmpFile();
$obj=$this->getSubContainerFile($container);
- try{
+ try {
$obj->save_to_filename($tmpFile);
- }catch(Exception $e) {
+ } catch(\Exception $e) {
return array();
}
$obj->save_to_filename($tmpFile);
$containers=file($tmpFile);
unlink($tmpFile);
- foreach($containers as &$sub) {
+ foreach ($containers as &$sub) {
$sub=trim($sub);
}
return $containers;
@@ -185,32 +189,31 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* add an emulated sub container
- * @param CF_Container container
- * @param string name
+ * @param \CF_Container $container
+ * @param string $name
* @return bool
*/
- private function addSubContainer($container,$name) {
- if(!$name) {
+ private function addSubContainer($container, $name) {
+ if ( ! $name) {
return false;
}
- $tmpFile=OCP\Files::tmpFile();
+ $tmpFile=\OCP\Files::tmpFile();
$obj=$this->getSubContainerFile($container);
- try{
+ try {
$obj->save_to_filename($tmpFile);
$containers=file($tmpFile);
- foreach($containers as &$sub) {
+ foreach ($containers as &$sub) {
$sub=trim($sub);
}
- if(array_search($name,$containers)!==false) {
+ if(array_search($name, $containers) !== false) {
unlink($tmpFile);
return false;
- }else{
- $fh=fopen($tmpFile,'a');
- fwrite($fh,$name."\n");
+ } else {
+ $fh=fopen($tmpFile, 'a');
+ fwrite($fh, $name . "\n");
}
- }catch(Exception $e) {
- $containers=array();
- file_put_contents($tmpFile,$name."\n");
+ } catch(\Exception $e) {
+ file_put_contents($tmpFile, $name . "\n");
}
$obj->load_from_filename($tmpFile);
@@ -220,32 +223,32 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* remove an emulated sub container
- * @param CF_Container container
- * @param string name
+ * @param \CF_Container $container
+ * @param string $name
* @return bool
*/
- private function removeSubContainer($container,$name) {
- if(!$name) {
+ private function removeSubContainer($container, $name) {
+ if ( ! $name) {
return false;
}
- $tmpFile=OCP\Files::tmpFile();
+ $tmpFile=\OCP\Files::tmpFile();
$obj=$this->getSubContainerFile($container);
- try{
+ try {
$obj->save_to_filename($tmpFile);
$containers=file($tmpFile);
- }catch(Exception $e) {
+ } catch (\Exception $e) {
return false;
}
- foreach($containers as &$sub) {
+ foreach ($containers as &$sub) {
$sub=trim($sub);
}
- $i=array_search($name,$containers);
- if($i===false) {
+ $i=array_search($name, $containers);
+ if ($i===false) {
unlink($tmpFile);
return false;
- }else{
+ } else {
unset($containers[$i]);
- file_put_contents($tmpFile,implode("\n",$containers)."\n");
+ file_put_contents($tmpFile, implode("\n", $containers)."\n");
}
$obj->load_from_filename($tmpFile);
@@ -255,56 +258,83 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* ensure a subcontainer file exists and return it's object
- * @param CF_Container container
- * @return CF_Object
+ * @param \CF_Container $container
+ * @return \CF_Object
*/
private function getSubContainerFile($container) {
- try{
+ try {
return $container->get_object(self::SUBCONTAINER_FILE);
- }catch(NoSuchObjectException $e) {
+ } catch(\NoSuchObjectException $e) {
return $container->create_object(self::SUBCONTAINER_FILE);
}
}
public function __construct($params) {
- $this->token=$params['token'];
- $this->host=$params['host'];
- $this->user=$params['user'];
- $this->root=isset($params['root'])?$params['root']:'/';
- $this->secure=isset($params['secure'])?(bool)$params['secure']:true;
- if(!$this->root || $this->root[0]!='/') {
- $this->root='/'.$this->root;
- }
- $this->auth = new CF_Authentication($this->user, $this->token, null, $this->host);
+ if (isset($params['token']) && isset($params['host']) && isset($params['user'])) {
+ $this->token=$params['token'];
+ $this->host=$params['host'];
+ $this->user=$params['user'];
+ $this->root=isset($params['root'])?$params['root']:'/';
+ if (isset($params['secure'])) {
+ if (is_string($params['secure'])) {
+ $this->secure = ($params['secure'] === 'true');
+ } else {
+ $this->secure = (bool)$params['secure'];
+ }
+ } else {
+ $this->secure = false;
+ }
+ if ( ! $this->root || $this->root[0]!='/') {
+ $this->root='/'.$this->root;
+ }
+ } else {
+ throw new \Exception();
+ }
+
+ }
+
+ private function init(){
+ if($this->ready) {
+ return;
+ }
+ $this->ready = true;
+
+ $this->auth = new \CF_Authentication($this->user, $this->token, null, $this->host);
$this->auth->authenticate();
- $this->conn = new CF_Connection($this->auth);
+ $this->conn = new \CF_Connection($this->auth);
- if(!$this->containerExists('/')) {
+ if ( ! $this->containerExists('/')) {
$this->rootContainer=$this->createContainer('/');
- }else{
+ } else {
$this->rootContainer=$this->getContainer('/');
}
}
+ public function getId(){
+ return $this->id;
+ }
+
public function mkdir($path) {
- if($this->containerExists($path)) {
+ $this->init();
+ if ($this->containerExists($path)) {
return false;
- }else{
+ } else {
$this->createContainer($path);
return true;
}
}
public function rmdir($path) {
- if(!$this->containerExists($path)) {
+ $this->init();
+ if (!$this->containerExists($path)) {
return false;
- }else{
+ } else {
$this->emptyContainer($path);
- if($path!='' and $path!='/') {
+ if ($path!='' and $path!='/') {
$parentContainer=$this->getContainer(dirname($path));
- $this->removeSubContainer($parentContainer,basename($path));
+ $this->removeSubContainer($parentContainer, basename($path));
}
$this->conn->delete_container($this->getContainerName($path));
@@ -315,12 +345,12 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
private function emptyContainer($path) {
$container=$this->getContainer($path);
- if(is_null($container)) {
+ if (is_null($container)) {
return;
}
$subContainers=$this->getSubContainers($container);
- foreach($subContainers as $sub) {
- if($sub) {
+ foreach ($subContainers as $sub) {
+ if ($sub) {
$this->emptyContainer($path.'/'.$sub);
$this->conn->delete_container($this->getContainerName($path.'/'.$sub));
unset($this->containers[$path.'/'.$sub]);
@@ -328,30 +358,32 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
}
$objects=$this->getObjects($container);
- foreach($objects as $object) {
+ foreach ($objects as $object) {
$container->delete_object($object);
unset($this->objects[$path.'/'.$object]);
}
}
public function opendir($path) {
+ $this->init();
$container=$this->getContainer($path);
$files=$this->getObjects($container);
- $i=array_search(self::SUBCONTAINER_FILE,$files);
- if($i!==false) {
+ $i=array_search(self::SUBCONTAINER_FILE, $files);
+ if ($i!==false) {
unset($files[$i]);
}
$subContainers=$this->getSubContainers($container);
- $files=array_merge($files,$subContainers);
+ $files=array_merge($files, $subContainers);
$id=$this->getContainerName($path);
- OC_FakeDirStream::$dirs[$id]=$files;
+ \OC\Files\Stream\Dir::register($id, $files);
return opendir('fakedir://'.$id);
}
public function filetype($path) {
- if($this->containerExists($path)) {
+ $this->init();
+ if ($this->containerExists($path)) {
return 'dir';
- }else{
+ } else {
return 'file';
}
}
@@ -365,26 +397,29 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
}
public function file_exists($path) {
- if($this->is_dir($path)) {
+ $this->init();
+ if ($this->is_dir($path)) {
return true;
- }else{
+ } else {
return $this->objectExists($path);
}
}
public function file_get_contents($path) {
+ $this->init();
$obj=$this->getObject($path);
- if(is_null($obj)) {
+ if (is_null($obj)) {
return false;
}
return $obj->read();
}
- public function file_put_contents($path,$content) {
+ public function file_put_contents($path, $content) {
+ $this->init();
$obj=$this->getObject($path);
- if(is_null($obj)) {
+ if (is_null($obj)) {
$container=$this->getContainer(dirname($path));
- if(is_null($container)) {
+ if (is_null($container)) {
return false;
}
$obj=$container->create_object(basename($path));
@@ -394,19 +429,21 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
}
public function unlink($path) {
- if($this->containerExists($path)) {
+ $this->init();
+ if ($this->containerExists($path)) {
return $this->rmdir($path);
}
- if($this->objectExists($path)) {
+ if ($this->objectExists($path)) {
$container=$this->getContainer(dirname($path));
$container->delete_object(basename($path));
unset($this->objects[$path]);
- }else{
+ } else {
return false;
}
}
- public function fopen($path,$mode) {
+ public function fopen($path, $mode) {
+ $this->init();
switch($mode) {
case 'r':
case 'rb':
@@ -432,29 +469,26 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
case 'c':
case 'c+':
$tmpFile=$this->getTmpFile($path);
- OC_CloseStreamWrapper::$callBacks[$tmpFile]=array($this,'writeBack');
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
self::$tempFiles[$tmpFile]=$path;
- return fopen('close://'.$tmpFile,$mode);
+ return fopen('close://'.$tmpFile, $mode);
}
}
public function writeBack($tmpFile) {
- if(isset(self::$tempFiles[$tmpFile])) {
- $this->fromTmpFile($tmpFile,self::$tempFiles[$tmpFile]);
+ if (isset(self::$tempFiles[$tmpFile])) {
+ $this->fromTmpFile($tmpFile, self::$tempFiles[$tmpFile]);
unlink($tmpFile);
}
}
- public function free_space($path) {
- return 1024*1024*1024*8;
- }
-
- public function touch($path,$mtime=null) {
+ public function touch($path, $mtime=null) {
+ $this->init();
$obj=$this->getObject($path);
- if(is_null($obj)) {
+ if (is_null($obj)) {
return false;
}
- if(is_null($mtime)) {
+ if (is_null($mtime)) {
$mtime=time();
}
@@ -463,23 +497,25 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
$obj->sync_metadata();
}
- public function rename($path1,$path2) {
+ public function rename($path1, $path2) {
+ $this->init();
$sourceContainer=$this->getContainer(dirname($path1));
$targetContainer=$this->getContainer(dirname($path2));
- $result=$sourceContainer->move_object_to(basename($path1),$targetContainer,basename($path2));
+ $result=$sourceContainer->move_object_to(basename($path1), $targetContainer, basename($path2));
unset($this->objects[$path1]);
- if($result) {
+ if ($result) {
$targetObj=$this->getObject($path2);
$this->resetMTime($targetObj);
}
return $result;
}
- public function copy($path1,$path2) {
+ public function copy($path1, $path2) {
+ $this->init();
$sourceContainer=$this->getContainer(dirname($path1));
$targetContainer=$this->getContainer(dirname($path2));
- $result=$sourceContainer->copy_object_to(basename($path1),$targetContainer,basename($path2));
- if($result) {
+ $result=$sourceContainer->copy_object_to(basename($path1), $targetContainer, basename($path2));
+ if ($result) {
$targetObj=$this->getObject($path2);
$this->resetMTime($targetObj);
}
@@ -487,8 +523,9 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
}
public function stat($path) {
+ $this->init();
$container=$this->getContainer($path);
- if (!is_null($container)) {
+ if ( ! is_null($container)) {
return array(
'mtime'=>-1,
'size'=>$container->bytes_used,
@@ -498,13 +535,13 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
$obj=$this->getObject($path);
- if(is_null($obj)) {
+ if (is_null($obj)) {
return false;
}
- if(isset($obj->metadata['Mtime']) and $obj->metadata['Mtime']>-1) {
+ if (isset($obj->metadata['Mtime']) and $obj->metadata['Mtime']>-1) {
$mtime=$obj->metadata['Mtime'];
- }else{
+ } else {
$mtime=strtotime($obj->last_modified);
}
return array(
@@ -515,19 +552,21 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
}
private function getTmpFile($path) {
+ $this->init();
$obj=$this->getObject($path);
- if(!is_null($obj)) {
- $tmpFile=OCP\Files::tmpFile();
+ if ( ! is_null($obj)) {
+ $tmpFile=\OCP\Files::tmpFile();
$obj->save_to_filename($tmpFile);
return $tmpFile;
- }else{
- return OCP\Files::tmpFile();
+ } else {
+ return \OCP\Files::tmpFile();
}
}
- private function fromTmpFile($tmpFile,$path) {
+ private function fromTmpFile($tmpFile, $path) {
+ $this->init();
$obj=$this->getObject($path);
- if(is_null($obj)) {
+ if (is_null($obj)) {
$obj=$this->createObject($path);
}
$obj->load_from_filename($tmpFile);
@@ -536,10 +575,10 @@ class OC_FileStorage_SWIFT extends OC_Filestorage_Common{
/**
* remove custom mtime metadata
- * @param CF_Object obj
+ * @param \CF_Object $obj
*/
private function resetMTime($obj) {
- if(isset($obj->metadata['Mtime'])) {
+ if (isset($obj->metadata['Mtime'])) {
$obj->metadata['Mtime']=-1;
$obj->sync_metadata();
}
diff --git a/apps/files_external/lib/webdav.php b/apps/files_external/lib/webdav.php
index 5e185839158..3ba7c48cd57 100644
--- a/apps/files_external/lib/webdav.php
+++ b/apps/files_external/lib/webdav.php
@@ -6,57 +6,84 @@
* See the COPYING-README file.
*/
-class OC_FileStorage_DAV extends OC_Filestorage_Common{
+namespace OC\Files\Storage;
+
+class DAV extends \OC\Files\Storage\Common{
private $password;
private $user;
private $host;
private $secure;
private $root;
+ private $ready;
/**
- * @var Sabre_DAV_Client
+ * @var \Sabre_DAV_Client
*/
private $client;
private static $tempFiles=array();
public function __construct($params) {
- $host = $params['host'];
- //remove leading http[s], will be generated in createBaseUri()
- if (substr($host,0,8) == "https://") $host = substr($host, 8);
- else if (substr($host,0,7) == "http://") $host = substr($host, 7);
- $this->host=$host;
- $this->user=$params['user'];
- $this->password=$params['password'];
- $this->secure=(isset($params['secure']) && $params['secure'] == 'true')?true:false;
- $this->root=isset($params['root'])?$params['root']:'/';
- if(!$this->root || $this->root[0]!='/') {
- $this->root='/'.$this->root;
+ if (isset($params['host']) && isset($params['user']) && isset($params['password'])) {
+ $host = $params['host'];
+ //remove leading http[s], will be generated in createBaseUri()
+ if (substr($host, 0, 8) == "https://") $host = substr($host, 8);
+ else if (substr($host, 0, 7) == "http://") $host = substr($host, 7);
+ $this->host=$host;
+ $this->user=$params['user'];
+ $this->password=$params['password'];
+ if (isset($params['secure'])) {
+ if (is_string($params['secure'])) {
+ $this->secure = ($params['secure'] === 'true');
+ } else {
+ $this->secure = (bool)$params['secure'];
+ }
+ } else {
+ $this->secure = false;
+ }
+ $this->root=isset($params['root'])?$params['root']:'/';
+ if ( ! $this->root || $this->root[0]!='/') {
+ $this->root='/'.$this->root;
+ }
+ if (substr($this->root, -1, 1)!='/') {
+ $this->root.='/';
+ }
+ } else {
+ throw new \Exception();
}
- if(substr($this->root,-1,1)!='/') {
- $this->root.='/';
+ }
+
+ private function init(){
+ if($this->ready) {
+ return;
}
+ $this->ready = true;
- $settings = array(
- 'baseUri' => $this->createBaseUri(),
- 'userName' => $this->user,
- 'password' => $this->password,
- );
+ $settings = array(
+ 'baseUri' => $this->createBaseUri(),
+ 'userName' => $this->user,
+ 'password' => $this->password,
+ );
- $this->client = new OC_Connector_Sabre_Client($settings);
+ $this->client = new \Sabre_DAV_Client($settings);
- if($caview = \OCP\Files::getStorage('files_external')) {
+ $caview = \OCP\Files::getStorage('files_external');
+ if ($caview) {
$certPath=\OCP\Config::getSystemValue('datadirectory').$caview->getAbsolutePath("").'rootcerts.crt';
- if (file_exists($certPath)) {
+ if (file_exists($certPath)) {
$this->client->addTrustedCertificates($certPath);
}
}
- //create the root folder if necesary
+ //create the root folder if necessary
$this->mkdir('');
}
+ public function getId(){
+ return 'webdav::' . $this->user . '@' . $this->host . '/' . $this->root;
+ }
+
private function createBaseUri() {
$baseUri='http';
- if($this->secure) {
+ if ($this->secure) {
$baseUri.='s';
}
$baseUri.='://'.$this->host.$this->root;
@@ -64,40 +91,45 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
}
public function mkdir($path) {
+ $this->init();
$path=$this->cleanPath($path);
- return $this->simpleResponse('MKCOL',$path,null,201);
+ return $this->simpleResponse('MKCOL', $path, null, 201);
}
public function rmdir($path) {
+ $this->init();
$path=$this->cleanPath($path);
- return $this->simpleResponse('DELETE',$path,null,204);
+ return $this->simpleResponse('DELETE', $path, null, 204);
}
public function opendir($path) {
+ $this->init();
$path=$this->cleanPath($path);
- try{
- $response=$this->client->propfind($path, array(),1);
+ try {
+ $response=$this->client->propfind($path, array(), 1);
$id=md5('webdav'.$this->root.$path);
- OC_FakeDirStream::$dirs[$id]=array();
+ $content = array();
$files=array_keys($response);
array_shift($files);//the first entry is the current directory
- foreach($files as $file) {
+ foreach ($files as $file) {
$file = urldecode(basename($file));
- OC_FakeDirStream::$dirs[$id][]=$file;
+ $content[]=$file;
}
+ \OC\Files\Stream\Dir::register($id, $content);
return opendir('fakedir://'.$id);
- }catch(Exception $e) {
+ } catch(\Exception $e) {
return false;
}
}
public function filetype($path) {
+ $this->init();
$path=$this->cleanPath($path);
- try{
+ try {
$response=$this->client->propfind($path, array('{DAV:}resourcetype'));
$responseType=$response["{DAV:}resourcetype"]->resourceType;
return (count($responseType)>0 and $responseType[0]=="{DAV:}collection")?'dir':'file';
- }catch(Exception $e) {
+ } catch(\Exception $e) {
error_log($e->getMessage());
\OCP\Util::writeLog("webdav client", \OCP\Util::sanitizeHTML($e->getMessage()), \OCP\Util::ERROR);
return false;
@@ -113,31 +145,34 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
}
public function file_exists($path) {
+ $this->init();
$path=$this->cleanPath($path);
- try{
+ try {
$this->client->propfind($path, array('{DAV:}resourcetype'));
return true;//no 404 exception
- }catch(Exception $e) {
+ } catch(\Exception $e) {
return false;
}
}
public function unlink($path) {
- return $this->simpleResponse('DELETE',$path,null,204);
+ $this->init();
+ return $this->simpleResponse('DELETE', $path, null, 204);
}
- public function fopen($path,$mode) {
+ public function fopen($path, $mode) {
+ $this->init();
$path=$this->cleanPath($path);
switch($mode) {
case 'r':
case 'rb':
- if(!$this->file_exists($path)) {
+ if ( ! $this->file_exists($path)) {
return false;
}
//straight up curl instead of sabredav here, sabredav put's the entire get result in memory
$curl = curl_init();
$fp = fopen('php://temp', 'r+');
- curl_setopt($curl,CURLOPT_USERPWD,$this->user.':'.$this->password);
+ curl_setopt($curl, CURLOPT_USERPWD, $this->user.':'.$this->password);
curl_setopt($curl, CURLOPT_URL, $this->createBaseUri().$path);
curl_setopt($curl, CURLOPT_FILE, $fp);
@@ -158,60 +193,64 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
case 'c':
case 'c+':
//emulate these
- if(strrpos($path,'.')!==false) {
- $ext=substr($path,strrpos($path,'.'));
- }else{
+ if (strrpos($path, '.')!==false) {
+ $ext=substr($path, strrpos($path, '.'));
+ } else {
$ext='';
}
- $tmpFile=OCP\Files::tmpFile($ext);
- OC_CloseStreamWrapper::$callBacks[$tmpFile]=array($this,'writeBack');
+ $tmpFile = \OCP\Files::tmpFile($ext);
+ \OC\Files\Stream\Close::registerCallback($tmpFile, array($this, 'writeBack'));
if($this->file_exists($path)) {
- $this->getFile($path,$tmpFile);
+ $this->getFile($path, $tmpFile);
}
self::$tempFiles[$tmpFile]=$path;
- return fopen('close://'.$tmpFile,$mode);
+ return fopen('close://'.$tmpFile, $mode);
}
}
public function writeBack($tmpFile) {
- if(isset(self::$tempFiles[$tmpFile])) {
- $this->uploadFile($tmpFile,self::$tempFiles[$tmpFile]);
+ if (isset(self::$tempFiles[$tmpFile])) {
+ $this->uploadFile($tmpFile, self::$tempFiles[$tmpFile]);
unlink($tmpFile);
}
}
public function free_space($path) {
+ $this->init();
$path=$this->cleanPath($path);
- try{
+ try {
$response=$this->client->propfind($path, array('{DAV:}quota-available-bytes'));
- if(isset($response['{DAV:}quota-available-bytes'])) {
+ if (isset($response['{DAV:}quota-available-bytes'])) {
return (int)$response['{DAV:}quota-available-bytes'];
- }else{
+ } else {
return 0;
}
- }catch(Exception $e) {
- return 0;
+ } catch(\Exception $e) {
+ return \OC\Files\FREE_SPACE_UNKNOWN;
}
}
- public function touch($path,$mtime=null) {
- if(is_null($mtime)) {
+ public function touch($path, $mtime=null) {
+ $this->init();
+ if (is_null($mtime)) {
$mtime=time();
}
$path=$this->cleanPath($path);
$this->client->proppatch($path, array('{DAV:}lastmodified' => $mtime));
}
- public function getFile($path,$target) {
- $source=$this->fopen($path,'r');
- file_put_contents($target,$source);
+ public function getFile($path, $target) {
+ $this->init();
+ $source=$this->fopen($path, 'r');
+ file_put_contents($target, $source);
}
- public function uploadFile($path,$target) {
- $source=fopen($path,'r');
+ public function uploadFile($path, $target) {
+ $this->init();
+ $source=fopen($path, 'r');
$curl = curl_init();
- curl_setopt($curl,CURLOPT_USERPWD,$this->user.':'.$this->password);
+ curl_setopt($curl, CURLOPT_USERPWD, $this->user.':'.$this->password);
curl_setopt($curl, CURLOPT_URL, $this->createBaseUri().$target);
curl_setopt($curl, CURLOPT_BINARYTRANSFER, true);
curl_setopt($curl, CURLOPT_INFILE, $source); // file pointer
@@ -221,80 +260,77 @@ class OC_FileStorage_DAV extends OC_Filestorage_Common{
curl_close ($curl);
}
- public function rename($path1,$path2) {
+ public function rename($path1, $path2) {
+ $this->init();
$path1=$this->cleanPath($path1);
$path2=$this->root.$this->cleanPath($path2);
- try{
- $response=$this->client->request('MOVE',$path1,null,array('Destination'=>$path2));
+ try {
+ $this->client->request('MOVE', $path1, null, array('Destination'=>$path2));
return true;
- }catch(Exception $e) {
- echo $e;
- echo 'fail';
- var_dump($response);
+ } catch(\Exception $e) {
return false;
}
}
- public function copy($path1,$path2) {
+ public function copy($path1, $path2) {
+ $this->init();
$path1=$this->cleanPath($path1);
$path2=$this->root.$this->cleanPath($path2);
- try{
- $response=$this->client->request('COPY',$path1,null,array('Destination'=>$path2));
+ try {
+ $this->client->request('COPY', $path1, null, array('Destination'=>$path2));
return true;
- }catch(Exception $e) {
- echo $e;
- echo 'fail';
- var_dump($response);
+ } catch(\Exception $e) {
return false;
}
}
public function stat($path) {
+ $this->init();
$path=$this->cleanPath($path);
- try{
- $response=$this->client->propfind($path, array('{DAV:}getlastmodified','{DAV:}getcontentlength'));
+ try {
+ $response=$this->client->propfind($path, array('{DAV:}getlastmodified', '{DAV:}getcontentlength'));
return array(
'mtime'=>strtotime($response['{DAV:}getlastmodified']),
'size'=>(int)isset($response['{DAV:}getcontentlength']) ? $response['{DAV:}getcontentlength'] : 0,
- 'ctime'=>-1,
);
- }catch(Exception $e) {
+ } catch(\Exception $e) {
return array();
}
}
public function getMimeType($path) {
+ $this->init();
$path=$this->cleanPath($path);
- try{
- $response=$this->client->propfind($path, array('{DAV:}getcontenttype','{DAV:}resourcetype'));
+ try {
+ $response=$this->client->propfind($path, array('{DAV:}getcontenttype', '{DAV:}resourcetype'));
$responseType=$response["{DAV:}resourcetype"]->resourceType;
$type=(count($responseType)>0 and $responseType[0]=="{DAV:}collection")?'dir':'file';
- if($type=='dir') {
+ if ($type=='dir') {
return 'httpd/unix-directory';
- }elseif(isset($response['{DAV:}getcontenttype'])) {
+ } elseif (isset($response['{DAV:}getcontenttype'])) {
return $response['{DAV:}getcontenttype'];
- }else{
+ } else {
return false;
}
- }catch(Exception $e) {
+ } catch(\Exception $e) {
return false;
}
}
- private function cleanPath($path) {
- if(!$path || $path[0]=='/') {
- return substr($path,1);
- }else{
+ public function cleanPath($path) {
+ if ( ! $path || $path[0]=='/') {
+ return substr($path, 1);
+ } else {
return $path;
}
}
- private function simpleResponse($method,$path,$body,$expected) {
+ private function simpleResponse($method, $path, $body, $expected) {
$path=$this->cleanPath($path);
- try{
- $response=$this->client->request($method,$path,$body);
+ try {
+ $response=$this->client->request($method, $path, $body);
return $response['statusCode']==$expected;
- }catch(Exception $e) {
+ } catch(\Exception $e) {
return false;
}
}
diff --git a/apps/files_external/personal.php b/apps/files_external/personal.php
index f0d76460f54..90f5e159535 100755
--- a/apps/files_external/personal.php
+++ b/apps/files_external/personal.php
@@ -24,10 +24,11 @@ OCP\Util::addScript('files_external', 'settings');
OCP\Util::addStyle('files_external', 'settings');
$backends = OC_Mount_Config::getBackends();
// Remove local storage
-unset($backends['OC_Filestorage_Local']);
+unset($backends['\OC\Files\Storage\Local']);
$tmpl = new OCP\Template('files_external', 'settings');
-$tmpl->assign('isAdminPage', false, false);
+$tmpl->assign('isAdminPage', false);
$tmpl->assign('mounts', OC_Mount_Config::getPersonalMountPoints());
$tmpl->assign('certs', OC_Mount_Config::getCertificates());
+$tmpl->assign('dependencies', OC_Mount_Config::checkDependencies());
$tmpl->assign('backends', $backends);
return $tmpl->fetchPage();
diff --git a/apps/files_external/settings.php b/apps/files_external/settings.php
index d2be21b7116..1a39affe2e6 100644
--- a/apps/files_external/settings.php
+++ b/apps/files_external/settings.php
@@ -20,15 +20,18 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
+OC_Util::checkAdminUser();
+
OCP\Util::addScript('files_external', 'settings');
OCP\Util::addscript('3rdparty', 'chosen/chosen.jquery.min');
OCP\Util::addStyle('files_external', 'settings');
OCP\Util::addStyle('3rdparty', 'chosen/chosen');
$tmpl = new OCP\Template('files_external', 'settings');
-$tmpl->assign('isAdminPage', true, false);
+$tmpl->assign('isAdminPage', true);
$tmpl->assign('mounts', OC_Mount_Config::getSystemMountPoints());
$tmpl->assign('backends', OC_Mount_Config::getBackends());
$tmpl->assign('groups', OC_Group::getGroups());
$tmpl->assign('users', OCP\User::getUsers());
+$tmpl->assign('dependencies', OC_Mount_Config::checkDependencies());
$tmpl->assign('allowUserMounting', OCP\Config::getAppValue('files_external', 'allow_user_mounting', 'yes'));
return $tmpl->fetchPage();
diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php
index 5a7b25d59a9..b3b94a1dafd 100644
--- a/apps/files_external/templates/settings.php
+++ b/apps/files_external/templates/settings.php
@@ -1,33 +1,44 @@
<form id="files_external">
<fieldset class="personalblock">
- <legend><strong><?php echo $l->t('External Storage'); ?></strong></legend>
- <table id="externalStorage" data-admin='<?php echo json_encode($_['isAdminPage']); ?>'>
+ <legend><strong><?php p($l->t('External Storage')); ?></strong></legend>
+ <?php if (isset($_['dependencies']) and ($_['dependencies']<>'')) print_unescaped(''.$_['dependencies'].''); ?>
+ <table id="externalStorage" data-admin='<?php print_unescaped(json_encode($_['isAdminPage'])); ?>'>
<thead>
<tr>
- <th><?php echo $l->t('Mount point'); ?></th>
- <th><?php echo $l->t('Backend'); ?></th>
- <th><?php echo $l->t('Configuration'); ?></th>
- <!--<th><?php echo $l->t('Options'); ?></th> -->
- <?php if ($_['isAdminPage']) echo '<th>'.$l->t('Applicable').'</th>'; ?>
+ <th></th>
+ <th><?php p($l->t('Folder name')); ?></th>
+ <th><?php p($l->t('External storage')); ?></th>
+ <th><?php p($l->t('Configuration')); ?></th>
+ <!--<th><?php p($l->t('Options')); ?></th> -->
+ <?php if ($_['isAdminPage']) print_unescaped('<th>'.$l->t('Applicable').'</th>'); ?>
<th>&nbsp;</th>
</tr>
</thead>
<tbody width="100%">
<?php $_['mounts'] = array_merge($_['mounts'], array('' => array())); ?>
<?php foreach ($_['mounts'] as $mountPoint => $mount): ?>
- <tr <?php echo ($mountPoint != '') ? 'class="'.$mount['class'].'"' : 'id="addMountPoint"'; ?>>
- <td class="mountPoint"><input type="text" name="mountPoint" value="<?php echo $mountPoint; ?>" placeholder="<?php echo $l->t('Mount point'); ?>" /></td>
+ <tr <?php print_unescaped(($mountPoint != '') ? 'class="'.OC_Util::sanitizeHTML($mount['class']).'"' : 'id="addMountPoint"'); ?>>
+ <td class="status">
+ <?php if (isset($mount['status'])): ?>
+ <span class="<?php p(($mount['status']) ? 'success' : 'error'); ?>"></span>
+ <?php endif; ?>
+ </td>
+ <td class="mountPoint"><input type="text" name="mountPoint"
+ value="<?php p($mountPoint); ?>"
+ placeholder="<?php p($l->t('Folder name')); ?>" /></td>
<?php if ($mountPoint == ''): ?>
<td class="backend">
- <select id="selectBackend" data-configurations='<?php echo json_encode($_['backends']); ?>'>
- <option value="" disabled selected style="display:none;"><?php echo $l->t('Add mount point'); ?></option>
+ <select id="selectBackend" data-configurations='<?php print_unescaped(json_encode($_['backends'])); ?>'>
+ <option value="" disabled selected
+ style="display:none;"><?php p($l->t('Add storage')); ?></option>
<?php foreach ($_['backends'] as $class => $backend): ?>
- <option value="<?php echo $class; ?>"><?php echo $backend['backend']; ?></option>
+ <option value="<?php p($class); ?>"><?php p($backend['backend']); ?></option>
<?php endforeach; ?>
</select>
</td>
<?php else: ?>
- <td class="backend" data-class="<?php echo $mount['class']; ?>"><?php echo $mount['backend']; ?></td>
+ <td class="backend"
+ data-class="<?php p($mount['class']); ?>"><?php p($mount['backend']); ?></td>
<?php endif; ?>
<td class ="configuration" width="100%">
<?php if (isset($mount['configuration'])): ?>
@@ -35,46 +46,74 @@
<?php if (isset($_['backends'][$mount['class']]['configuration'][$parameter])): ?>
<?php $placeholder = $_['backends'][$mount['class']]['configuration'][$parameter]; ?>
<?php if (strpos($placeholder, '*') !== false): ?>
- <input type="password" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" placeholder="<?php echo substr($placeholder, 1); ?>" />
- <?php elseif(strpos($placeholder, '!') !== false): ?>
- <label><input type="checkbox" data-parameter="<?php echo $parameter; ?>" <?php if ($value == 'true') echo ' checked="checked"'; ?> /><?php echo substr($placeholder, 1); ?></label>
+ <input type="password"
+ data-parameter="<?php p($parameter); ?>"
+ value="<?php p($value); ?>"
+ placeholder="<?php p(substr($placeholder, 1)); ?>" />
+ <?php elseif (strpos($placeholder, '!') !== false): ?>
+ <label><input type="checkbox"
+ data-parameter="<?php p($parameter); ?>"
+ <?php if ($value == 'true'): ?> checked="checked"<?php endif; ?>
+ /><?php p(substr($placeholder, 1)); ?></label>
<?php elseif (strpos($placeholder, '&') !== false): ?>
- <input type="text" class="optional" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" placeholder="<?php echo substr($placeholder, 5); ?>" />
+ <input type="text"
+ class="optional"
+ data-parameter="<?php p($parameter); ?>"
+ value="<?php p($value); ?>"
+ placeholder="<?php p(substr($placeholder, 5)); ?>" />
<?php elseif (strpos($placeholder, '#') !== false): ?>
- <input type="hidden" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" />
+ <input type="hidden"
+ data-parameter="<?php p($parameter); ?>"
+ value="<?php p($value); ?>" />
<?php else: ?>
- <input type="text" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" placeholder="<?php echo $placeholder; ?>" />
+ <input type="text"
+ data-parameter="<?php p($parameter); ?>"
+ value="<?php p($value); ?>"
+ placeholder="<?php p($placeholder); ?>" />
<?php endif; ?>
<?php endif; ?>
<?php endforeach; ?>
- <?php if (isset($_['backends'][$mount['class']]['custom'])) OCP\Util::addScript('files_external', $_['backends'][$mount['class']]['custom']); ?>
+ <?php if (isset($_['backends'][$mount['class']]['custom']) && !in_array('files_external/js/'.$_['backends'][$mount['class']]['custom'], \OC_Util::$scripts)): ?>
+ <?php OCP\Util::addScript('files_external', $_['backends'][$mount['class']]['custom']); ?>
+ <?php endif; ?>
<?php endif; ?>
</td>
- <!--<td class="options">
- <select class="selectOptions" title="<?php echo $l->t('None set')?>" multiple="multiple" disabled>
- <?php if (OCP\App::isEnabled('files_encryption')) echo '<option value="Encrypt">Encrypt</option>'; ?>
- <?php if (OCP\App::isEnabled('files_versions')) echo '<option value="Version control">Version control</option>'; ?>
- <?php if (OCP\App::isEnabled('files_sharing')) echo '<option value="Allow sharing">Allow sharing</option>'; ?>
- </select>
- </td>-->
<?php if ($_['isAdminPage']): ?>
- <td class="applicable" align="right" data-applicable-groups='<?php if (isset($mount['applicable']['groups'])) echo json_encode($mount['applicable']['groups']); ?>' data-applicable-users='<?php if (isset($mount['applicable']['users'])) echo json_encode($mount['applicable']['users']); ?>'>
- <select class="chzn-select" multiple style="width:20em;" data-placeholder="<?php echo $l->t('None set'); ?>">
- <option value="all"><?php echo $l->t('All Users'); ?></option>
- <optgroup label="<?php echo $l->t('Groups'); ?>">
- <?php foreach ($_['groups'] as $group): ?>
- <option value="<?php echo $group; ?>(group)" <?php if (isset($mount['applicable']['groups']) && in_array($group, $mount['applicable']['groups'])) echo 'selected="selected"'; ?>><?php echo $group; ?></option>
- <?php endforeach; ?>
+ <td class="applicable"
+ align="right"
+ data-applicable-groups='<?php if (isset($mount['applicable']['groups']))
+ print_unescaped(json_encode($mount['applicable']['groups'])); ?>'
+ data-applicable-users='<?php if (isset($mount['applicable']['users']))
+ print_unescaped(json_encode($mount['applicable']['users'])); ?>'>
+ <select class="chzn-select"
+ multiple style="width:20em;"
+ data-placeholder="<?php p($l->t('None set')); ?>">
+ <option value="all" <?php if (isset($mount['applicable']['users']) && in_array('all', $mount['applicable']['users'])) print_unescaped('selected="selected"');?> ><?php p($l->t('All Users')); ?></option>
+ <optgroup label="<?php p($l->t('Groups')); ?>">
+ <?php foreach ($_['groups'] as $group): ?>
+ <option value="<?php p($group); ?>(group)"
+ <?php if (isset($mount['applicable']['groups']) && in_array($group, $mount['applicable']['groups'])): ?>
+ selected="selected"
+ <?php endif; ?>><?php p($group); ?></option>
+ <?php endforeach; ?>
</optgroup>
- <optgroup label="<?php echo $l->t('Users'); ?>">
- <?php foreach ($_['users'] as $user): ?>
- <option value="<?php echo $user; ?>" <?php if (isset($mount['applicable']['users']) && in_array($user, $mount['applicable']['users'])) echo 'selected="selected"'; ?>"><?php echo $user; ?></option>
- <?php endforeach; ?>
+ <optgroup label="<?php p($l->t('Users')); ?>">
+ <?php foreach ($_['users'] as $user): ?>
+ <option value="<?php p($user); ?>"
+ <?php if (isset($mount['applicable']['users']) && in_array($user, $mount['applicable']['users'])): ?>
+ selected="selected"
+ <?php endif; ?>><?php p($user); ?></option>
+ <?php endforeach; ?>
</optgroup>
</select>
</td>
<?php endif; ?>
- <td <?php echo ($mountPoint != '') ? 'class="remove"' : 'style="visibility:hidden;"'; ?>><img alt="<?php echo $l->t('Delete'); ?>" title="<?php echo $l->t('Delete'); ?>" class="svg action" src="<?php echo image_path('core', 'actions/delete.svg'); ?>" /></td>
+ <td <?php if ($mountPoint != ''): ?>class="remove"
+ <?php else: ?>style="visibility:hidden;"
+ <?php endif ?>><img alt="<?php p($l->t('Delete')); ?>"
+ title="<?php p($l->t('Delete')); ?>"
+ class="svg action"
+ src="<?php print_unescaped(image_path('core', 'actions/delete.svg')); ?>" /></td>
</tr>
<?php endforeach; ?>
</tbody>
@@ -83,34 +122,41 @@
<?php if ($_['isAdminPage']): ?>
<br />
- <input type="checkbox" name="allowUserMounting" id="allowUserMounting" value="1" <?php if ($_['allowUserMounting'] == 'yes') echo ' checked="checked"'; ?> />
- <label for="allowUserMounting"><?php echo $l->t('Enable User External Storage'); ?></label><br/>
- <em><?php echo $l->t('Allow users to mount their own external storage'); ?></em>
+ <input type="checkbox"
+ name="allowUserMounting"
+ id="allowUserMounting"
+ value="1" <?php if ($_['allowUserMounting'] == 'yes') print_unescaped(' checked="checked"'); ?> />
+ <label for="allowUserMounting"><?php p($l->t('Enable User External Storage')); ?></label><br/>
+ <em><?php p($l->t('Allow users to mount their own external storage')); ?></em>
<?php endif; ?>
</fieldset>
</form>
-<form id="files_external" method="post" enctype="multipart/form-data" action="<?php echo OCP\Util::linkTo('files_external', 'ajax/addRootCertificate.php'); ?>">
+<?php if ( ! $_['isAdminPage']): ?>
+<form id="files_external"
+ method="post"
+ enctype="multipart/form-data"
+ action="<?php p(OCP\Util::linkTo('files_external', 'ajax/addRootCertificate.php')); ?>">
<fieldset class="personalblock">
-<?php if (!$_['isAdminPage']): ?>
- <table id="sslCertificate" data-admin='<?php echo json_encode($_['isAdminPage']); ?>'>
- <thead>
- <tr>
- <th><?php echo $l->t('SSL root certificates'); ?></th>
- <th>&nbsp;</th>
- </tr>
- </thead>
+ <legend><strong><?php p($l->t('SSL root certificates'));?></strong></legend>
+ <table id="sslCertificate" data-admin='<?php print_unescaped(json_encode($_['isAdminPage'])); ?>'>
<tbody width="100%">
<?php foreach ($_['certs'] as $rootCert): ?>
- <tr id="<?php echo $rootCert ?>">
- <td class="rootCert"><?php echo $rootCert ?></td>
- <td <?php echo ($rootCert != '') ? 'class="remove"' : 'style="visibility:hidden;"'; ?>><img alt="<?php echo $l->t('Delete'); ?>" title="<?php echo $l->t('Delete'); ?>" class="svg action" src="<?php echo image_path('core', 'actions/delete.svg'); ?>" /></td>
+ <tr id="<?php p($rootCert) ?>">
+ <td class="rootCert"><?php p($rootCert) ?></td>
+ <td <?php if ($rootCert != ''): ?>class="remove"
+ <?php else: ?>style="visibility:hidden;"
+ <?php endif; ?>><img alt="<?php p($l->t('Delete')); ?>"
+ title="<?php p($l->t('Delete')); ?>"
+ class="svg action"
+ src="<?php print_unescaped(image_path('core', 'actions/delete.svg')); ?>" /></td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
- <input type="file" id="rootcert_import" name="rootcert_import">
- <input type="submit" name="cert_import" value="<?php echo $l->t('Import Root Certificate'); ?>" />
- <?php endif; ?>
+ <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']); ?>">
+ <input type="file" id="rootcert_import" name="rootcert_import">
+ <input type="submit" name="cert_import" value="<?php p($l->t('Import Root Certificate')); ?>" />
</fieldset>
</form>
+<?php endif; ?>
diff --git a/apps/files_external/tests/amazons3.php b/apps/files_external/tests/amazons3.php
index 725f4ba05da..6b3a942b5ba 100644
--- a/apps/files_external/tests/amazons3.php
+++ b/apps/files_external/tests/amazons3.php
@@ -20,7 +20,9 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
-class Test_Filestorage_AmazonS3 extends Test_FileStorage {
+namespace Test\Files\Storage;
+
+class AmazonS3 extends Storage {
private $config;
private $id;
@@ -28,16 +30,17 @@ class Test_Filestorage_AmazonS3 extends Test_FileStorage {
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['amazons3']) or !$this->config['amazons3']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['amazons3']) or ! $this->config['amazons3']['run']) {
$this->markTestSkipped('AmazonS3 backend not configured');
}
$this->config['amazons3']['bucket'] = $id; // Make sure we have a new empty bucket to work in
- $this->instance = new OC_Filestorage_AmazonS3($this->config['amazons3']);
+ $this->instance = new \OC\Files\Storage\AmazonS3($this->config['amazons3']);
}
public function tearDown() {
if ($this->instance) {
- $s3 = new AmazonS3(array('key' => $this->config['amazons3']['key'], 'secret' => $this->config['amazons3']['secret']));
+ $s3 = new \AmazonS3(array('key' => $this->config['amazons3']['key'],
+ 'secret' => $this->config['amazons3']['secret']));
if ($s3->delete_all_objects($this->id)) {
$s3->delete_bucket($this->id);
}
diff --git a/apps/files_external/tests/config.php b/apps/files_external/tests/config.php
index ff16b1c1d8a..1d4f30c713d 100644
--- a/apps/files_external/tests/config.php
+++ b/apps/files_external/tests/config.php
@@ -51,5 +51,12 @@ return array(
'app_secret' => '',
'token' => '',
'token_secret' => ''
+ ),
+ 'sftp' => array (
+ 'run'=>false,
+ 'host'=>'localhost',
+ 'user'=>'test',
+ 'password'=>'test',
+ 'root'=>'/test'
)
);
diff --git a/apps/files_external/tests/dropbox.php b/apps/files_external/tests/dropbox.php
index 56319b9f5d7..e4e598b06b0 100644
--- a/apps/files_external/tests/dropbox.php
+++ b/apps/files_external/tests/dropbox.php
@@ -6,17 +6,19 @@
* See the COPYING-README file.
*/
-class Test_Filestorage_Dropbox extends Test_FileStorage {
+namespace Test\Files\Storage;
+
+class Dropbox extends Storage {
private $config;
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['dropbox']) or !$this->config['dropbox']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['dropbox']) or ! $this->config['dropbox']['run']) {
$this->markTestSkipped('Dropbox backend not configured');
}
$this->config['dropbox']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
- $this->instance = new OC_Filestorage_Dropbox($this->config['dropbox']);
+ $this->instance = new \OC\Files\Storage\Dropbox($this->config['dropbox']);
}
public function tearDown() {
diff --git a/apps/files_external/tests/ftp.php b/apps/files_external/tests/ftp.php
index 4549c420410..923b5e39681 100644
--- a/apps/files_external/tests/ftp.php
+++ b/apps/files_external/tests/ftp.php
@@ -6,22 +6,46 @@
* See the COPYING-README file.
*/
-class Test_Filestorage_FTP extends Test_FileStorage {
+namespace Test\Files\Storage;
+
+class FTP extends Storage {
private $config;
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['ftp']) or !$this->config['ftp']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['ftp']) or ! $this->config['ftp']['run']) {
$this->markTestSkipped('FTP backend not configured');
}
$this->config['ftp']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
- $this->instance = new OC_Filestorage_FTP($this->config['ftp']);
+ $this->instance = new \OC\Files\Storage\FTP($this->config['ftp']);
}
public function tearDown() {
if ($this->instance) {
- OCP\Files::rmdirr($this->instance->constructUrl(''));
+ \OCP\Files::rmdirr($this->instance->constructUrl(''));
}
}
+
+ public function testConstructUrl(){
+ $config = array ( 'host' => 'localhost',
+ 'user' => 'ftp',
+ 'password' => 'ftp',
+ 'root' => '/',
+ 'secure' => false );
+ $instance = new OC_Filestorage_FTP($config);
+ $this->assertEquals('ftp://ftp:ftp@localhost/', $instance->constructUrl(''));
+
+ $config['secure'] = true;
+ $instance = new OC_Filestorage_FTP($config);
+ $this->assertEquals('ftps://ftp:ftp@localhost/', $instance->constructUrl(''));
+
+ $config['secure'] = 'false';
+ $instance = new OC_Filestorage_FTP($config);
+ $this->assertEquals('ftp://ftp:ftp@localhost/', $instance->constructUrl(''));
+
+ $config['secure'] = 'true';
+ $instance = new OC_Filestorage_FTP($config);
+ $this->assertEquals('ftps://ftp:ftp@localhost/', $instance->constructUrl(''));
+ }
}
diff --git a/apps/files_external/tests/google.php b/apps/files_external/tests/google.php
index 46e622cc180..f344163a8b9 100644
--- a/apps/files_external/tests/google.php
+++ b/apps/files_external/tests/google.php
@@ -20,18 +20,19 @@
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*/
-class Test_Filestorage_Google extends Test_FileStorage {
+namespace Test\Files\Storage;
+class Google extends Storage {
private $config;
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['google']) or !$this->config['google']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['google']) or ! $this->config['google']['run']) {
$this->markTestSkipped('Google backend not configured');
}
$this->config['google']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
- $this->instance = new OC_Filestorage_Google($this->config['google']);
+ $this->instance = new \OC\Files\Storage\Google($this->config['google']);
}
public function tearDown() {
diff --git a/apps/files_external/tests/sftp.php b/apps/files_external/tests/sftp.php
new file mode 100644
index 00000000000..16964e20878
--- /dev/null
+++ b/apps/files_external/tests/sftp.php
@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * ownCloud
+ *
+ * @author Henrik Kjölhede
+ * @copyright 2013 Henrik Kjölhede hkjolhede@gmail.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+namespace Test\Files\Storage;
+
+class SFTP extends Storage {
+ private $config;
+
+ public function setUp() {
+ $id = uniqid();
+ $this->config = include('files_external/tests/config.php');
+ if ( ! is_array($this->config) or ! isset($this->config['sftp']) or ! $this->config['sftp']['run']) {
+ $this->markTestSkipped('SFTP backend not configured');
+ }
+ $this->config['sftp']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
+ $this->instance = new \OC\Files\Storage\SFTP($this->config['sftp']);
+ }
+
+ public function tearDown() {
+ if ($this->instance) {
+ $this->instance->rmdir('/');
+ }
+ }
+} \ No newline at end of file
diff --git a/apps/files_external/tests/smb.php b/apps/files_external/tests/smb.php
index 2c03ef5dbd0..be3ea5a8308 100644
--- a/apps/files_external/tests/smb.php
+++ b/apps/files_external/tests/smb.php
@@ -6,22 +6,25 @@
* See the COPYING-README file.
*/
-class Test_Filestorage_SMB extends Test_FileStorage {
+namespace Test\Files\Storage;
+
+class SMB extends Storage {
+
private $config;
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['smb']) or !$this->config['smb']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['smb']) or ! $this->config['smb']['run']) {
$this->markTestSkipped('Samba backend not configured');
}
$this->config['smb']['root'] .= $id; //make sure we have an new empty folder to work in
- $this->instance = new OC_Filestorage_SMB($this->config['smb']);
+ $this->instance = new \OC\Files\Storage\SMB($this->config['smb']);
}
public function tearDown() {
if ($this->instance) {
- OCP\Files::rmdirr($this->instance->constructUrl(''));
+ \OCP\Files::rmdirr($this->instance->constructUrl(''));
}
}
}
diff --git a/apps/files_external/tests/swift.php b/apps/files_external/tests/swift.php
index 8cf2a3abc76..5c782840246 100644
--- a/apps/files_external/tests/swift.php
+++ b/apps/files_external/tests/swift.php
@@ -6,17 +6,19 @@
* See the COPYING-README file.
*/
-class Test_Filestorage_SWIFT extends Test_FileStorage {
+namespace Test\Files\Storage;
+
+class SWIFT extends Storage {
private $config;
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['swift']) or !$this->config['swift']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['swift']) or ! $this->config['swift']['run']) {
$this->markTestSkipped('OpenStack SWIFT backend not configured');
}
$this->config['swift']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
- $this->instance = new OC_Filestorage_SWIFT($this->config['swift']);
+ $this->instance = new \OC\Files\Storage\SWIFT($this->config['swift']);
}
diff --git a/apps/files_external/tests/webdav.php b/apps/files_external/tests/webdav.php
index 2da88f63edd..1702898045e 100644
--- a/apps/files_external/tests/webdav.php
+++ b/apps/files_external/tests/webdav.php
@@ -6,17 +6,20 @@
* See the COPYING-README file.
*/
-class Test_Filestorage_DAV extends Test_FileStorage {
+namespace Test\Files\Storage;
+
+class DAV extends Storage {
+
private $config;
public function setUp() {
$id = uniqid();
$this->config = include('files_external/tests/config.php');
- if (!is_array($this->config) or !isset($this->config['webdav']) or !$this->config['webdav']['run']) {
+ if ( ! is_array($this->config) or ! isset($this->config['webdav']) or ! $this->config['webdav']['run']) {
$this->markTestSkipped('WebDAV backend not configured');
}
$this->config['webdav']['root'] .= '/' . $id; //make sure we have an new empty folder to work in
- $this->instance = new OC_Filestorage_DAV($this->config['webdav']);
+ $this->instance = new \OC\Files\Storage\DAV($this->config['webdav']);
}
public function tearDown() {
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-29 15:25:18 +0000